Sujet Précédent Sujet Suivant

Oh là là

Fermé
marri Messages postés 7 Statut Membre -  
Xplode Messages postés 9212 Statut Contributeur sécurité -
Bonjour,pouvez-vous m'aider pour cette vérif anti troyan ? Merci

Logfile of random's system information tool 1.06 (written by random/random)
Run by chantou at 2009-10-26 10:16:01
Microsoft® Windows Vista™ Édition Familiale Premium Service Pack 2
System drive C: has 99 GB (67%) free of 149 GB
Total RAM: 1791 MB (60% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:16:11, on 26/10/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Users\chantou\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\EoRezo\EoEngine.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Users\chantou\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\chantou\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\chantou\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\chantou\Documents\Downloads\RSIT (1).exe
C:\Program Files\Trend Micro\HijackThis\chantou.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://y.lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trooner.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://y.lo.st
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9415/tudouva.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\RunOnce: [SoftwareHelper] C:\Users\chantou\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe -runonce
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE -Update -1103471 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; GTB6; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; InfoPath.1; FDM; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.5.30729; .NET CLR 3.0.30618)" -"http://jeux-flash.jeu-gratuit.net/jeux_sport/king-putt_572.html"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\Microsoft Office\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\Microsoft Office\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Google Desktop Manager 5.7.805.16405 (GoogleDesktopManager-051608-133132) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: RelevantKnowledge - TMRG, Inc. - C:\Program Files\RelevantKnowledge\rlservice.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe (file missing)
O23 - Service: SPAMfighter Update Service - Unknown owner - C:\Program Files\SPAMfighter\sfus.exe (file missing)

--
End of file - 9123 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3729905468-2247682993-1319102383-1000.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3729905468-2247682993-1319102383-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3729905468-2247682993-1319102383-1000UA.job
C:\Windows\tasks\Norton Security Scan for chantou.job
C:\Windows\tasks\User_Feed_Synchronization-{C6158C1D-6A41-415C-8824-1D4D2D5D7784}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-10 256112]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-09-10 761840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}]
EoBHO Class - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll [2008-11-18 42792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll [2009-09-10 458736]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-11-12 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2006-11-16 151552]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2009-09-10 256112]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-08-17 81000]
"EoEngine"=C:\Program Files\EoRezo\EoEngine.exe [2009-02-23 472872]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SoftwareHelper"=C:\Users\chantou\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe [2008-12-09 368224]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"????r"= []
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"=C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~1.EXE [2008-12-05 460216]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acer Empowering Technology Monitor]
C:\Windows\system32\SysMonitor.exe [2006-11-23 319488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2009-09-04 935288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-10-03 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Creative WebCam Tray]
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE [2004-07-30 245760]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eDataSecurity Loader]
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2006-11-17 453120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray.exe]
C:\Windows\ehome\ehTray.exe [2008-01-19 125952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EoEngine]
C:\Program Files\EoRezo\EoEngine.exe [2009-02-23 472872]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-07-11 29744]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\chantou\AppData\Local\Google\Update\GoogleUpdate.exe [2009-02-09 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-08-11 249856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-09-10 289576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\Windows\system32\NvCpl.dll [2008-06-20 13535776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\Windows\system32\NvMcTray.dll [2008-06-20 92704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Windows\RtHDVCpl.exe [2006-11-09 3784704]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
C:\Program Files\Skype\Phone\Skype.exe [2009-02-04 23975720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SPAMfighter Agent]
C:\Program Files\SPAMfighter\SFAgent.exe update delay 60 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-07-28 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WarReg_PopUp]
C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Mobile-based device management]
C:\Windows\WindowsMobile\wmdSync.exe [2006-11-02 215552]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^VersionTrackerPro.lnk]
C:\PROGRA~1\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^chantou^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Notification de cadeaux MSN.lnk]
C:\Users\chantou\AppData\Roaming\MICROS~1\Notification de cadeaux MSN\lsnfier.exe [2009-04-11 135680]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^chantou^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 - Capture d'écran et lancement.lnk]
C:\PROGRA~1\Microsoft Office\Office12\ONENOTEM.EXE [2008-10-25 98696]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe"="C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\Acer\Empowering Technology\eDataSecurity\encryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption"
"C:\Acer\Empowering Technology\eDataSecurity\decryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{89ae3039-4d77-11dd-ab2f-806e6f6e6963}]
shell\AutoRun\command - E:\ShelExec.exe open.htm

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 2 months======

2009-10-25 04:42:14 ----DC---- C:\ancien_ordinateur
2009-10-25 04:25:47 ----D---- C:\Windows\pss
2009-10-23 09:53:27 ----DC---- C:\rsit
2009-10-23 09:34:20 ----D---- C:\Program Files\Trend Micro
2009-10-23 04:23:39 ----D---- C:\Program Files\Microsoft Corporation
2009-10-14 05:27:51 ----A---- C:\Windows\system32\msv1_0.dll
2009-10-14 05:27:29 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-10-14 05:27:28 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-10-14 05:26:39 ----A---- C:\Windows\system32\mshtml.dll
2009-10-14 05:26:37 ----A---- C:\Windows\system32\ieframe.dll
2009-10-14 05:26:36 ----A---- C:\Windows\system32\urlmon.dll
2009-10-14 05:26:36 ----A---- C:\Windows\system32\iertutil.dll
2009-10-14 05:26:35 ----A---- C:\Windows\system32\wininet.dll
2009-10-14 05:26:35 ----A---- C:\Windows\system32\msfeeds.dll
2009-10-14 05:26:34 ----A---- C:\Windows\system32\occache.dll
2009-10-14 05:26:34 ----A---- C:\Windows\system32\iedkcs32.dll
2009-10-14 05:26:33 ----A---- C:\Windows\system32\ieUnatt.exe
2009-10-14 05:26:33 ----A---- C:\Windows\system32\ieui.dll
2009-10-14 05:26:33 ----A---- C:\Windows\system32\iepeers.dll
2009-10-14 05:26:32 ----A---- C:\Windows\system32\msfeedssync.exe
2009-10-14 05:26:32 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-10-14 05:26:32 ----A---- C:\Windows\system32\jsproxy.dll
2009-10-14 05:26:32 ----A---- C:\Windows\system32\iesysprep.dll
2009-10-14 05:26:32 ----A---- C:\Windows\system32\iesetup.dll
2009-10-14 05:26:32 ----A---- C:\Windows\system32\iernonce.dll
2009-10-14 05:26:32 ----A---- C:\Windows\system32\ie4uinit.exe
2009-10-14 05:25:36 ----A---- C:\Windows\system32\msasn1.dll
2009-10-14 05:25:28 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2009-10-13 19:26:27 ----D---- C:\Program Files\PC Drivers HeadQuarters
2009-10-06 16:52:20 ----A---- C:\Windows\system32\wups2.dll
2009-10-06 16:52:20 ----A---- C:\Windows\system32\wucltux.dll
2009-10-06 16:52:20 ----A---- C:\Windows\system32\wuauclt.exe
2009-10-06 16:52:19 ----A---- C:\Windows\system32\wuaueng.dll
2009-10-06 16:52:03 ----A---- C:\Windows\system32\wups.dll
2009-10-06 16:52:02 ----A---- C:\Windows\system32\wudriver.dll
2009-10-06 16:52:02 ----A---- C:\Windows\system32\wuapi.dll
2009-10-06 16:51:53 ----A---- C:\Windows\system32\wuwebv.dll
2009-10-06 16:51:53 ----A---- C:\Windows\system32\wuapp.exe
2009-10-03 02:01:52 ----N---- C:\Windows\system32\MpSigStub.exe
2009-09-14 10:10:42 ----D---- C:\ProgramData\Pige
2009-09-13 03:42:25 ----A---- C:\Windows\_MSRSTRT.EXE
2009-09-10 02:01:03 ----SHD---- C:\Windows\system32\%APPDATA%
2009-09-09 23:04:20 ----A---- C:\Windows\system32\jscript.dll
2009-09-09 23:04:09 ----A---- C:\Windows\system32\netiohlp.dll
2009-09-09 23:04:07 ----A---- C:\Windows\system32\TCPSVCS.EXE
2009-09-09 23:04:07 ----A---- C:\Windows\system32\ROUTE.EXE
2009-09-09 23:04:07 ----A---- C:\Windows\system32\NETSTAT.EXE
2009-09-09 23:04:07 ----A---- C:\Windows\system32\MRINFO.EXE
2009-09-09 23:04:07 ----A---- C:\Windows\system32\HOSTNAME.EXE
2009-09-09 23:04:07 ----A---- C:\Windows\system32\finger.exe
2009-09-09 23:04:07 ----A---- C:\Windows\system32\ARP.EXE
2009-09-09 23:04:06 ----A---- C:\Windows\system32\netevent.dll
2009-09-09 23:03:45 ----A---- C:\Windows\system32\wlanmsm.dll
2009-09-09 23:03:45 ----A---- C:\Windows\system32\L2SecHC.dll
2009-09-09 23:03:44 ----A---- C:\Windows\system32\wlansec.dll
2009-09-09 23:03:43 ----A---- C:\Windows\system32\wlansvc.dll
2009-09-09 23:03:43 ----A---- C:\Windows\system32\wlanapi.dll
2009-09-09 23:03:38 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-09-09 23:03:37 ----A---- C:\Windows\system32\mf.dll
2009-09-08 06:43:54 ----A---- C:\Windows\system32\msonpmon.dll
2009-09-08 06:38:27 ----RHDC---- C:\MSOCache
2009-09-07 14:24:56 ----A---- C:\Program Files\OPA11.BAK
2009-09-07 05:41:24 ----D---- C:\Program Files\Microsoft Office
2009-09-06 17:40:38 ----D---- C:\Program Files\Microsoft Works
2009-09-06 17:37:42 ----D---- C:\ProgramData\Microsoft Help
2009-09-06 16:28:57 ----D---- C:\Users\chantou\AppData\Roaming\Download Manager
2009-09-02 23:07:34 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-09-02 23:07:33 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-09-02 11:15:56 ----A---- C:\Windows\system32\javaws.exe
2009-09-02 11:15:56 ----A---- C:\Windows\system32\javaw.exe
2009-09-02 11:15:56 ----A---- C:\Windows\system32\java.exe
2009-09-01 03:38:10 ----DC---- C:\inetpub
2009-08-31 05:13:49 ----D---- C:\Program Files\MSN Toolbar
2009-08-31 05:11:18 ----D---- C:\Program Files\MSN Toolbar Installer
2009-08-27 02:01:10 ----A---- C:\Windows\system32\tzres.dll

======List of files/folders modified in the last 2 months======

2009-10-26 10:16:05 ----D---- C:\Windows\Temp
2009-10-26 09:13:41 ----D---- C:\Users\chantou\AppData\Roaming\EoRezo
2009-10-26 07:17:32 ----D---- C:\Windows\System32
2009-10-26 07:17:32 ----D---- C:\Windows\inf
2009-10-26 07:17:32 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-10-26 07:15:23 ----D---- C:\Windows\Tasks
2009-10-26 05:24:42 ----SHD---- C:\Windows\Installer
2009-10-26 05:24:27 ----SHD---- C:\System Volume Information
2009-10-26 05:23:46 ----D---- C:\Users\chantou\AppData\Roaming\Free Download Manager
2009-10-26 05:10:08 ----D---- C:\Users\chantou\AppData\Roaming\Skype
2009-10-26 04:32:18 ----D---- C:\Windows\tracing
2009-10-26 01:00:47 ----D---- C:\ProgramData\Google Updater
2009-10-26 01:00:12 ----D---- C:\Users\chantou\AppData\Roaming\skypePM
2009-10-25 20:11:25 ----D---- C:\Users\chantou\AppData\Roaming\gtk-2.0
2009-10-25 18:20:36 ----D---- C:\Windows\system32\Tasks
2009-10-25 17:50:33 ----D---- C:\Program Files\EoRezo
2009-10-25 17:48:00 ----D---- C:\ProgramData\Skype
2009-10-25 17:23:14 ----D---- C:\Windows\Prefetch
2009-10-25 13:59:14 ----D---- C:\Windows\system32\catroot2
2009-10-25 04:38:55 ----D---- C:\Windows\registration
2009-10-25 04:38:54 ----D---- C:\Windows
2009-10-25 04:35:51 ----D---- C:\Windows\system32\migwiz
2009-10-25 04:09:06 ----A---- C:\Windows\ntbtlog.txt
2009-10-24 20:19:25 ----D---- C:\Windows\system32\Msdtc
2009-10-24 20:19:23 ----D---- C:\Windows\system32\wbem
2009-10-24 20:18:41 ----D---- C:\Windows\system32\config
2009-10-24 20:18:25 ----D---- C:\Windows\system32\spool
2009-10-24 20:18:25 ----D---- C:\Windows\system32\drivers
2009-10-24 20:18:24 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-10-23 09:34:20 ----RD---- C:\Program Files
2009-10-22 11:57:02 ----D---- C:\ProgramData\NVIDIA
2009-10-21 14:57:18 ----DC---- C:\Downloads
2009-10-21 10:24:21 ----D---- C:\Program Files\KeenfinderSrch
2009-10-21 10:20:13 ----D---- C:\Program Files\Crcle Developement
2009-10-19 18:23:13 ----D---- C:\Windows\system32\catroot
2009-10-19 04:26:44 ----D---- C:\ProgramData\Adobe
2009-10-19 04:24:52 ----HD---- C:\ProgramData
2009-10-18 19:33:11 ----D---- C:\Program Files\Common Files\Adobe
2009-10-14 23:13:24 ----D---- C:\Windows\winsxs
2009-10-14 23:11:19 ----D---- C:\Windows\Microsoft.NET
2009-10-14 23:11:10 ----RSD---- C:\Windows\assembly
2009-10-14 23:00:42 ----D---- C:\Windows\ehome
2009-10-14 23:00:42 ----D---- C:\Program Files\Windows Mail
2009-10-14 23:00:40 ----D---- C:\Windows\system32\migration
2009-10-14 23:00:39 ----D---- C:\Program Files\Internet Explorer
2009-10-13 20:36:59 ----D---- C:\Windows\Minidump
2009-10-07 04:52:48 ----RSD---- C:\Windows\Fonts
2009-10-07 04:52:48 ----D---- C:\Windows\system32\CodeIntegrity
2009-10-07 04:52:48 ----D---- C:\Windows\ShellNew
2009-10-07 04:52:37 ----D---- C:\Program Files\Common Files\microsoft shared
2009-10-07 04:52:36 ----D---- C:\Program Files\Common Files\DESIGNER
2009-10-07 03:35:10 ----SD---- C:\Users\chantou\AppData\Roaming\Microsoft
2009-10-06 23:18:04 ----D---- C:\Windows\rescache
2009-10-06 23:00:36 ----D---- C:\Windows\system32\fr-FR
2009-10-02 19:01:57 ----A---- C:\Windows\system32\mrt.exe
2009-09-23 07:35:16 ----D---- C:\Windows\WindowsMobile
2009-09-22 23:00:33 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-09-19 08:46:27 ----D---- C:\ProgramData\WLInstaller
2009-09-13 03:42:26 ----D---- C:\Program Files\myBabylon_English
2009-09-12 13:58:13 ----D---- C:\Program Files\ManyCam 2.3
2009-09-12 02:42:54 ----SD---- C:\Windows\Downloaded Program Files
2009-09-09 20:08:51 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2009-09-03 02:02:55 ----D---- C:\Windows\AppPatch
2009-09-02 11:15:37 ----D---- C:\Program Files\Java
2009-09-01 03:41:28 ----D---- C:\Windows\system32\XPSViewer
2009-09-01 03:41:28 ----D---- C:\Program Files\Windows Journal
2009-09-01 03:41:28 ----D---- C:\Program Files\Windows Collaboration
2009-09-01 03:41:21 ----D---- C:\Windows\system32\en-US
2009-09-01 03:41:18 ----D---- C:\Windows\Help
2009-09-01 03:38:33 ----D---- C:\Windows\system32\inetsrv
2009-09-01 03:38:33 ----D---- C:\Windows\system32\040C
2009-08-28 01:35:53 ----D---- C:\Program Files\Registry_Doktor 4.1

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-08-17 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-08-17 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-08-17 51376]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-08-17 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-08-17 53328]
R2 DiCapi;Dialogic CAPI 2.0 Driver; C:\Windows\system32\DRIVERS\disdn\dicapi.sys [2009-07-17 362496]
R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 76584]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-11-08 1647976]
R3 msloop;Pilote de carte de bouclage Microsoft; C:\Windows\system32\DRIVERS\loop.sys [2008-01-19 6656]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2006-01-06 6144]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-06-20 7468128]
R3 StillCam;Pilote d'appareil photo numérique série; C:\Windows\system32\DRIVERS\serscan.sys [2008-01-19 9216]
R3 V0090VID;Creative WebCam Vista Plus; C:\Windows\system32\DRIVERS\V0090Vid.sys [2005-04-14 138112]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 298496]
S3 ac97intc;Service d'installation du pilote audio Intel(r) 82801 (WDM); C:\Windows\system32\drivers\ac97intc.sys [2006-11-02 108032]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-19 179712]
S3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11; C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 464384]
S3 bcm4sbxp;Pilote XP du contrôleur intégré Broadcom 440x 10/100; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-02 45056]
S3 BthEnum;Service d'énumérateur Bluetooth; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 DiCowanSrv;Dialogic Connection Oriented Driver for all Diva Media Boards; C:\Windows\system32\DRIVERS\disdn\dicowans.sys [2009-08-27 928256]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 E100B;Pilote de carte Intel (R) PRO; C:\Windows\system32\DRIVERS\e100b325.sys [2008-01-19 159744]
S3 FETNDIS;Service de pilote de carte VIA famille Rhine 10/100Mo Fast Ethernet; C:\Windows\system32\DRIVERS\fetnd5.sys [2006-11-02 45568]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-02-06 55280]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-19 1380864]
S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2006-11-02 52608]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw2v32;Pilote de connexion réseau PRO/Sans fil 2200BG Intel(R) pour Windows Vista; C:\Windows\system32\DRIVERS\NETw2v32.sys [2006-11-02 2589184]
S3 NVENETFD;Pilote du contrôleur de réseau NVIDIA nForce; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 RFCOMM;Périphérique Bluetooth (TDI protocole RFCOMM); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 S3G700;S3G700; C:\Windows\system32\DRIVERS\S3GKModeDX32.sys [2006-10-01 956928]
S3 USB_RNDIS;Point d'acces Inventel; C:\Windows\system32\DRIVERS\usb8023.sys [2009-04-11 15872]
S3 usb_rndisx;Carte RNDIS USB; C:\Windows\system32\DRIVERS\usb8023x.sys [2009-04-11 15872]
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 usbvideo;Périphérique vidéo USB (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2006-11-02 132352]
S3 WinUsb;Pilote WinUsb; C:\Windows\system32\DRIVERS\WinUSB.SYS [2008-01-19 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcerMemUsageCheckService;ePerformance Service; C:\Acer\Empowering Technology\ePerformance\MemCheck.exe [2006-11-12 24576]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-08-17 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-08-17 138680]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2006-12-08 45056]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-06-20 118784]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 RelevantKnowledge;RelevantKnowledge; C:\Program Files\RelevantKnowledge\rlservice.exe [2008-10-28 45056]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-08-17 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-08-17 352920]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-23 183280]
S2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe []
S2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe []
S2 SPAMfighter Update Service;SPAMfighter Update Service; C:\Program Files\SPAMfighter\sfus.exe []
S3 fsssvc;Windows Live Contrôle parental; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 GoogleDesktopManager-051608-133132;Google Desktop Manager 5.7.805.16405; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-07-11 29744]
S3 iPod Service;Service de l’iPod; C:\Program Files\iPod\bin\iPodService.exe [2008-09-10 536872]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------
Configuration: Windows Vista, google Chrome, IE 8

6 réponses

Réponse 1 / 6
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
Salut, tu es infectée ( eoRezo, rogue registry doktor, infection USB )

-+-+-+-> AD-Remover <-+-+-+-

[x] Télécharge Ad-remover (de C_XX) sur ton bureau.

[x] Lance l'installation avec les paramètres par défaut..

▶ Déconnecte toi et ferme toutes applications en cours !

[x] Double-clique sur le raccourci Ad-Remover sur ton Bureau. (Clic droit -> "Exécuter en tant qu'administrateur". ( Pour Vista))

[x] Séléctionne l'option F pour français

[x] A la fenêtre qui s'affiche clique sur " oui "

[x] Séléctionne l'option L

[x] Laisse l'outil travailler.

[x] Une fois le scan fini, appuie sur une touche, le rapport s'ouvre

[x] Copie/colle le dans ton prochain post

------------------

-+-+-+-> USBfix <-+-+-+-

[x] Télécharge USBfix à cette adresse : https://www.androidworld.fr/

[x] Un tutoriel est disponible ici : https://www.malekal.com/usbfix-supprimer-virus-usb/

[x] Installe le

[x] Branche tout tes médias amovibles ( clés USB, DD externe )

[x] Lance USBfix en cliquant sur l'icône qui est sur ton bureau ( Clique droit -> Executer en tant qu'administrateur pour vista )

[x] Choisis l'option F ( pour français ) et valide en appuyant sur entrée.

[x] Au menu principal, choisi l'option 2

[x] Laisse l'outil travailler puis poste le rapport dans ton prochain message

---------------------

-+-+-+-> Malwarebyte's Anti-Malware <-+-+-+-

[x] Télécharge Malwarebyte's anti-malware (MBAM) à cette adresse : http://www.malwarebytes.org/mbam/program/mbam-setup.exe

[x] Installe le.

[x] Met le à jour.

[x] Lance un scan complet !

[x] Coche bien tout les éléments trouvés et supprime les !

[x] Un tutoriel pour son utilisation est disponible ici : https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

[x] Suis les indications données sur le lien précédent puis copie/colle le rapport généré dans ton prochain message
1
Réponse 2 / 6
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
Il faut relancer AD-Remover avec l'option L ( suppression )

poste le rapport de suppression et fait la suite
1
marri
 
Merci, je fais repartir la bête Eugène
0
marri Messages postés 7 Statut Membre
 
ok c'est fait !
======= RAPPORT D'AD-REMOVER 1.1.4.6_A | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 18.10.2009 à 19:05
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 13:24:30, 26/10/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows Vista™ Home Premium Service Pack 2 v6.0.6002
Nom du PC: EUGÔNE | Utilisateur actuel: chantou
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.
Service: RelevantKnowledge

HKCU\Software\EoRezo
HKLM\Software\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
HKLM\Software\Classes\AppID\EoRezoBHO.DLL
HKLM\Software\Classes\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\Software\Classes\EoRezoBHO.EoBho
HKLM\Software\Classes\EoRezoBHO.EoBho.1
HKLM\Software\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
HKLM\Software\EoRezo
HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\EoEngine
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
HKU\S-1-5-21-3729905468-2247682993-1319102383-1000\Software\Binary Noise\mPlayer\kiwee_toolbar_installer.exe
HKU\S-1-5-21-3729905468-2247682993-1319102383-1000\Software\Eorezo
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\EoEngine
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SoftwareHelper
.
C:\Users\chantou\AppData\Roaming\EoRezo
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\RelevantKnowledge
C:\Users\chantou\AppData\LocalLow\Kiwee Toolbar
C:\Program Files\EoRezo
C:\Program Files\RelevantKnowledge
C:\Users\chantou\AppData\Local\Temp\is-OM3OS.tmp\EoRezo
C:\Windows\Prefetch\SETUP_EOENGINE.EXE-47046A93.pf
C:\Windows\Prefetch\SETUP_EOENGINE.EXE-7652D892.pf
C:\Windows\Prefetch\SETUP_EOSOFTWAREUPDATE_1_0.EX-47DC944E.pf
C:\Windows\Prefetch\SETUP_EOSOFTWAREUPDATE_1_0.TM-0193AD33.pf
C:\Windows\Prefetch\SOFTWAREUPDATEHP.EXE-3E092303.pf
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@ads.eorezo[2].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@ads.eorezo[3].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@ads.eorezo[4].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@ads.eorezo[5].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@ads.eorezo[6].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@ask[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@ask[2].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@eorezo[10].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@eorezo[11].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@eorezo[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@eorezo[2].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@eorezo[3].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@eorezo[4].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@eorezo[5].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@eorezo[6].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@eorezo[7].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@eorezo[8].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@eorezo[9].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@kiwee[2].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@kiwee[3].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@kiwee[4].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@kiwee[5].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@mir0.eorezo[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@mir1.eorezo[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@simyo[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@www1.kiwee[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@www1.kiwee[2].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@www1.kiwee[3].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@ads.eorezo[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@ads.eorezo[8].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@ads.eorezo[9].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@ask[3].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@casino770[2].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@iminent[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@iminent[3].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@kiwee[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@pub.iminent[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@pub.iminent[3].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@search.conduit[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@search.conduit[2].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@search.conduit[3].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@search.conduit[4].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@search.sweetim[2].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@simyo[3].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@sweetim[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@www.sweetim[2].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@www.sweetim[3].txt

(!) -- Fichiers temporaires supprimés.

.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.0.13 [fr] *
.
Nom du profil: yxx38i6x.default (chantou)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "MyStart Rechercher");
(Prefs.js) user_pref("browser.search.selectedEngine", "MyStart Rechercher");
(Prefs.js) user_pref("browser.search.selectedEngine", "Live Search");f("print.printer_HP_Deskjet_D2300_series.print_edge_right", 0);
(Prefs.js) user_pref("browser.search.selectedEngine", "Bing");user_pref("Øú print.printer_MicrosØú oft_Office_Document_Øú°Image_Writer.print_hØú eaderleft", "&T");
(Prefs.js) user_pref("browser.search.selectedEngine", "Live Search");f("print.printer_HP_Deskjet_D2300_series.print_edge_right", 0);
(Prefs.js) user_pref("browser.search.selectedEngine", "Bing");user_pref("Øú print.printer_MicrosØú oft_Office_Document_Øú°Image_Writer.print_hØú eaderleft", "&T");
(Prefs.js) user_pref("browser.search.selectedEngine", "Live Search");f("print.printer_HP_Deskjet_D2300_series.print_edge_right", 0);
(Prefs.js) user_pref("browser.search.selectedEngine", "Bing");user_pref("Øú print.printer_MicrosØú oft_Office_Document_Øú°Image_Writer.print_hØú eaderleft", "&T");
(Prefs.js) user_pref("browser.search.selectedEngine", "Live Search");f("print.printer_HP_Deskjet_D2300_series.print_edge_right", 0);
(Prefs.js) user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://y.lo.st");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.8");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://fr.msn.com/");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://fr.msn.com/");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://fr.msn.com/");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://fr.msn.com/");
(Invalidprefs.js) user_pref("browser.search.defaultenginename", "MyStart Search");
(Invalidprefs.js) user_pref("browser.search.selectedEngine", "Google");
(Invalidprefs.js) user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=");
(Invalidprefs.js) user_pref("browser.startup.homepage", "hxxp://y.lo.st");
(Invalidprefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.8");
.
(Invalidprefs.js) EFFACÉ: user_pref("browser.startup.homepage", "hxxp://y.lo.st");
(prefs.js) EFFACÉ: user_pref("browser.startup.homepage", "hxxp://y.lo.st");
.
* Internet Explorer Version 8.0.6001.18828 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
SEARCH PAGE: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
Start Page Redirect Cache_TIMESTAMP: NARY 6a384fb169bac901
Start Page Redirect Cache AcceptLangs: fr
Search Bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
===================================
.
9829 Octet(s) - C:\Ad-Report-CLEAN[1].log
11744 Octet(s) - C:\Ad-Report-SCAN[1].log
.
61 Fichier(s) - C:\Users\chantou\AppData\Local\Temp
349 Fichier(s) - C:\Windows\Temp
.
22 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
122 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 13:48:22 | 26/10/2009 - CLEAN[1]
.
============== E.O.F ==============
.
0
Réponse 3 / 6
ssssssssssssssss
 
Télécharge GenProc sur ton bureau afin de voir ce qu'il à ton pc.

Double-clique sur GenProc.exe

et poste le contenu du rapport qui s'ouvre à la suite de la question êtes vous aider par quelqu'un, répondre oui. Merci.

Si pas de rapport .txt, regarder sur le bureau, il doit y avoir une icône Genproc qui renvoie sur internet avec la procédure.

Voir comment utiliser GenProc

IMPORTANT : Poste la procédure Genproc et ne fais rien d'autre pour l'instant ( souvent il faut ajouter des consignes à la manipe indiquée pour que cela fonctionne parfaitement )
0
Réponse 4 / 6
marri Messages postés 7 Statut Membre
 
Merci, jusqu'à présent, il me semble que ça se passe bien. Voici le log

======= RAPPORT D'AD-REMOVER 1.1.4.6_A | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 18.10.2009 à 19:05
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 12:31:32, 26/10/2009 | Mode Normal | Option: SCAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows Vista™ Home Premium Service Pack 2 v6.0.6002
Nom du PC: EUGÔNE | Utilisateur actuel: chantou
.
============== ÉLÉMENT(S) TROUVÉ(S) ==============
.
Service: RelevantKnowledge

HKCU\Software\EoRezo
HKLM\Software\Classes\AppID\{362A53B2-2913-4F8A-82F5-7E0A23FDC6F9}
HKLM\Software\Classes\AppID\EoRezoBHO.DLL
HKLM\Software\Classes\CLSID\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\Software\Classes\EoRezoBHO.EoBho
HKLM\Software\Classes\EoRezoBHO.EoBho.1
HKLM\Software\Classes\TypeLib\{B6ACB3F1-6A83-432C-B854-3E1056F87F4E}
HKLM\Software\EoRezo
HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\EoEngine
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\eoEngine_is1
HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdate_is1
HKLM\SYSTEM\CurrentControlSet\Services\RelevantKnowledge
HKU\S-1-5-21-3729905468-2247682993-1319102383-1000\Software\Binary Noise\mPlayer\kiwee_toolbar_installer.exe
HKU\S-1-5-21-3729905468-2247682993-1319102383-1000\Software\Eorezo
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\EoEngine
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SoftwareHelper
.
C:\Users\chantou\AppData\Roaming\EoRezo
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\RelevantKnowledge
C:\Users\chantou\AppData\LocalLow\Kiwee Toolbar
C:\Program Files\EoRezo
C:\Program Files\RelevantKnowledge
C:\Users\chantou\AppData\Local\Temp\is-OM3OS.tmp\EoRezo
C:\Windows\Prefetch\SETUP_EOENGINE.EXE-47046A93.pf
C:\Windows\Prefetch\SETUP_EOENGINE.EXE-7652D892.pf
C:\Windows\Prefetch\SETUP_EOSOFTWAREUPDATE_1_0.EX-47DC944E.pf
C:\Windows\Prefetch\SETUP_EOSOFTWAREUPDATE_1_0.TM-0193AD33.pf
C:\Windows\Prefetch\SOFTWAREUPDATEHP.EXE-3E092303.pf
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@ads.eorezo[2].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@ads.eorezo[3].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@ads.eorezo[4].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@ads.eorezo[5].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@ads.eorezo[6].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@ask[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@ask[2].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@eorezo[10].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@eorezo[11].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@eorezo[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@eorezo[2].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@eorezo[3].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@eorezo[4].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@eorezo[5].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@eorezo[6].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@eorezo[7].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@eorezo[8].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@eorezo[9].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@kiwee[2].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@kiwee[3].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@kiwee[4].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@kiwee[5].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@mir0.eorezo[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@mir1.eorezo[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@simyo[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@www1.kiwee[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@www1.kiwee[2].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\chantou@www1.kiwee[3].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@ads.eorezo[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@ads.eorezo[2].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@ads.eorezo[3].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@ads.eorezo[4].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@ads.eorezo[5].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@ads.eorezo[6].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@ads.eorezo[8].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@ads.eorezo[9].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@ask[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@ask[3].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@casino770[2].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@eorezo[10].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@eorezo[11].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@eorezo[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@eorezo[2].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@eorezo[3].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@eorezo[4].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@eorezo[5].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@eorezo[6].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@eorezo[7].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@eorezo[8].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@eorezo[9].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@iminent[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@iminent[3].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@kiwee[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@mir1.eorezo[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@pub.iminent[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@pub.iminent[3].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@search.conduit[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@search.conduit[2].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@search.conduit[3].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@search.conduit[4].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@search.sweetim[2].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@simyo[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@simyo[3].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@sweetim[1].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@www.sweetim[2].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@www.sweetim[3].txt
C:\Users\chantou\AppData\Roaming\MICROS~1\Windows\Cookies\Low\chantou@www1.kiwee[1].txt
.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.0.13 [fr] *
.
Nom du profil: yxx38i6x.default (chantou)
.
(Prefs.js) user_pref("browser.search.defaultenginename", "MyStart Rechercher");
(Prefs.js) user_pref("browser.search.selectedEngine", "MyStart Rechercher");
(Prefs.js) user_pref("browser.search.selectedEngine", "Live Search");f("print.printer_HP_Deskjet_D2300_series.print_edge_right", 0);
(Prefs.js) user_pref("browser.search.selectedEngine", "Bing");user_pref("Øú print.printer_MicrosØú oft_Office_Document_Øú°Image_Writer.print_hØú eaderleft", "&T");
(Prefs.js) user_pref("browser.search.selectedEngine", "Live Search");f("print.printer_HP_Deskjet_D2300_series.print_edge_right", 0);
(Prefs.js) user_pref("browser.search.selectedEngine", "Bing");user_pref("Øú print.printer_MicrosØú oft_Office_Document_Øú°Image_Writer.print_hØú eaderleft", "&T");
(Prefs.js) user_pref("browser.search.selectedEngine", "Live Search");f("print.printer_HP_Deskjet_D2300_series.print_edge_right", 0);
(Prefs.js) user_pref("browser.search.selectedEngine", "Bing");user_pref("Øú print.printer_MicrosØú oft_Office_Document_Øú°Image_Writer.print_hØú eaderleft", "&T");
(Prefs.js) user_pref("browser.search.selectedEngine", "Live Search");f("print.printer_HP_Deskjet_D2300_series.print_edge_right", 0);
(Prefs.js) user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://y.lo.st");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.8");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://fr.msn.com/");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://fr.msn.com/");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://fr.msn.com/");
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://fr.msn.com/");
(Invalidprefs.js) user_pref("browser.search.defaultenginename", "MyStart Search");
(Invalidprefs.js) user_pref("browser.search.selectedEngine", "Google");
(Invalidprefs.js) user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=");
(Invalidprefs.js) user_pref("browser.startup.homepage", "hxxp://y.lo.st");
(Invalidprefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.0.8");
.
(Invalidprefs.js) TROUVÉ: user_pref("browser.startup.homepage", "hxxp://y.lo.st");
(prefs.js) TROUVÉ: user_pref("browser.startup.homepage", "hxxp://y.lo.st");
.
* Internet Explorer Version 8.0.6001.18828 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: hxxp://y.lo.st
SEARCH PAGE: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_Page_URL: hxxp://go.microsoft.com/fwlink/?LinkId=69157
Start Page Redirect Cache: hxxp://fr.msn.com/?ocid=iehp
Start Page Redirect Cache_TIMESTAMP: NARY 6a384fb169bac901
Start Page Redirect Cache AcceptLangs: fr
Search Bar: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
First Home Page: hxxp://y.lo.st
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Start Page: hxxp://www.trooner.com/
Default_Page_URL: hxxp://fr.fr.acer.yahoo.com
Default_Search_URL: hxxp://go.microsoft.com/fwlink/?LinkId=54896
Search Page:
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: hxxp://y.lo.st
.
===================================
.
11411 Octet(s) - C:\Ad-Report-SCAN[1].log
.
142 Fichier(s) - C:\Users\chantou\AppData\Local\Temp
534 Fichier(s) - C:\Windows\Temp
.
0 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
0 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 12:53:49 | 26/10/2009 - SCAN[1]
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 6
^^Marie^^ Messages postés 41884 Date d'inscription   Statut Membre Dernière intervention   3 280
 
Lu

Doublon
0
Réponse 6 / 6
Xplode Messages postés 9212 Statut Contributeur sécurité 726
 
Fais la suite maintenant
0

Discussions similaires

titre chanson brasil
toto06 -
toto06 -

2 réponses
Chanson avec "ho ho ho hoooo"
Ciseur -
Elias137 -

27 réponses
Musique reggae !
SkyDream45 -
Chopstick'' -

17 réponses
Recherche le titre d'une chanson qui fait "oh oh oh ..."
manu530 -
Blondie -

13 réponses
YU-GI-OH THE FORBIDDEN MEMORIES
exodia05 -
tyhone2 -

14 réponses