Rapport adaware
Résolu
didishnikov
Messages postés
1996
Date d'inscription
Statut
Membre
Dernière intervention
-
Smart91 Messages postés 29097 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Smart91 Messages postés 29097 Date d'inscription Statut Contributeur sécurité Dernière intervention -
Bonjour,
J'aurais besoin de votre aide pour un rapport adaware.le pc est-il infecté?
Merci d'avance.
Logfile created: 27/03/2011 18:10:28
Ad-Aware version: 9.0.2
Extended engine: 3
Extended engine version: 3.1.2770
User performing scan: Eden
*********************** Definitions database information ***********************
Lavasoft definition file: 150.341
Genotype definition file version: 2011/03/24 07:28:51
Extended engine definition file: 8832.0
******************************** Scan results: *********************************
Scan profile name: Analyse complète (ID: full)
Objects scanned: 231642
Objects detected: 29
Type Detected
==========================
Processes.......: 0
Registry entries: 0
Hostfile entries: 0
Files...........: 4
Folders.........: 0
LSPs............: 0
Cookies.........: 25
Browser hijacks.: 0
MRU objects.....: 0
Removed items:
Description: *atdmt* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408910 Family ID: 0
Description: *2o7* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408943 Family ID: 0
Description: *weborama* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408955 Family ID: 0
Description: *real* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408817 Family ID: 0
Description: *247realmedia* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408945 Family ID: 0
Description: *realmedia* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409139 Family ID: 0
Description: *ad.yieldmanager* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409172 Family ID: 0
Description: *adtech* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409018 Family ID: 0
Description: *adviva* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409016 Family ID: 0
Description: *weborama* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408955 Family ID: 0
Description: *apmebf* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409163 Family ID: 0
Description: *atdmt* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408910 Family ID: 0
Description: *doubleclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408875 Family ID: 0
Description: *estat* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408873 Family ID: 0
Description: *.comclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409086 Family ID: 0
Description: *mediaplex* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408991 Family ID: 0
Description: *serving-sys* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409130 Family ID: 0
Description: *adserver* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408737 Family ID: 0
Description: *adserv* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408921 Family ID: 0
Description: *adserve* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409020 Family ID: 0
Description: *specificclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408807 Family ID: 0
Description: *tradedoubler* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408964 Family ID: 0
Description: *atdmt* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408910 Family ID: 0
Description: *2o7* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408943 Family ID: 0
Description: *weborama* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408955 Family ID: 0
Quarantined items:
Description: c:\recoverybin\volume-74e9487f-b7e3-4a34-a232-1525cfbb5dc0\users\eden\music\ocean drive - some people(01ca315e56ae0914).wma Family Name: Trojan.ASF.Wimad (v) Engine: 3 Clean status: Success Item ID: 1 Family ID: 0 MD5: 1a471e710342936347ceae50b7b38fa5
Description: c:\recoverybin\volume-74e9487f-b7e3-4a34-a232-1525cfbb5dc0\users\eden\music\zik\renaud - miss maggie(01ca315d59f20839).wma Family Name: Trojan.ASF.Wimad (v) Engine: 3 Clean status: Success Item ID: 1 Family ID: 0 MD5: e90637e86c80a17504491fe039cdcaa4
Description: c:\recoverybin\volume-74e9487f-b7e3-4a34-a232-1525cfbb5dc0\users\eden\shared\ayo technology katherine(01ca316024df09bf).wma Family Name: Trojan.ASF.Wimad (v) Engine: 3 Clean status: Success Item ID: 1 Family ID: 0 MD5: e11229a854e9594179db84615ca48323
Description: d:\msgpluslive-460.exe Family Name: Win32.TrojanDropper.Delf Engine: 1 Clean status: Success Item ID: 0 Family ID: 1385 MD5: 896a2251209d0895bae278861b2cc193
Scan and cleaning complete: Finished correctly after 11209 seconds
*********************************** Settings ***********************************
Scan profile:
ID: full, enabled:1, value: Analyse complète
ID: folderstoscan, enabled:1, value: C:\,D:\
ID: useantivirus, enabled:1, value: true
ID: sections, enabled:1
ID: scancriticalareas, enabled:1, value: true
ID: scanrunningapps, enabled:1, value: true
ID: scanregistry, enabled:1, value: true
ID: scanlsp, enabled:1, value: true
ID: scanads, enabled:1, value: true
ID: scanhostsfile, enabled:1, value: true
ID: scanmru, enabled:1, value: true
ID: scanbrowserhijacks, enabled:1, value: true
ID: scantrackingcookies, enabled:1, value: true
ID: closebrowsers, enabled:1, value: false
ID: filescanningoptions, enabled:1
ID: archives, enabled:1, value: true
ID: onlyexecutables, enabled:1, value: false
ID: skiplargerthan, enabled:1, value: 20480
ID: scanrootkits, enabled:1, value: true
ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict
ID: usespywareheuristics, enabled:1, value: true
Scan global:
ID: global, enabled:1
ID: addtocontextmenu, enabled:1, value: true
ID: playsoundoninfection, enabled:1, value: false
ID: soundfile, enabled:0, value: N/A
Scheduled scan settings:
<Empty>
Update settings:
ID: updates, enabled:1
ID: launchthreatworksafterscan, enabled:1, value: off, domain: normal,off,silently
ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: schedules, enabled:1, value: true
ID: updatedaily1, enabled:1, value: Daily 1
ID: time, enabled:1, value: Sun Mar 27 17:54:00 2011
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily2, enabled:1, value: Daily 2
ID: time, enabled:1, value: Sun Mar 27 23:54:00 2011
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily3, enabled:1, value: Daily 3
ID: time, enabled:1, value: Sun Mar 27 05:54:00 2011
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily4, enabled:1, value: Daily 4
ID: time, enabled:1, value: Sun Mar 27 11:54:00 2011
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updateweekly1, enabled:1, value: Weekly
ID: time, enabled:1, value: Sun Mar 27 17:54:00 2011
ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: true
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: true
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
Appearance settings:
ID: appearance, enabled:1
ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource
ID: showtrayicon, enabled:1, value: true
ID: autoentertainmentmode, enabled:1, value: true
ID: guimode, enabled:1, value: mode_simple, domain: mode_advanced,mode_simple
ID: language, enabled:1, value: fr, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language
Realtime protection settings:
ID: realtime, enabled:1
ID: layers, enabled:1
ID: useantivirus, enabled:1, value: true
ID: usespywareheuristics, enabled:1, value: true
ID: maintainbackup, enabled:1, value: true
ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant
ID: modules, enabled:1
ID: processprotection, enabled:1, value: true
ID: onaccessprotection, enabled:1, value: true
ID: registryprotection, enabled:1, value: true
ID: networkprotection, enabled:1, value: true
****************************** System information ******************************
Computer name: PC-DE-EDEN
Processor name: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+
Processor identifier: x86 Family 15 Model 107 Stepping 1
Processor speed: ~2109MHZ
Raw info: processorarchitecture 0, processortype 586, processorlevel 15, processor revision 27393, number of processors 2, processor features: [MMX,SSE,SSE2,SSE3,3DNow]
Physical memory available: 1161654272 bytes
Physical memory total: 2079260672 bytes
Virtual memory available: 1826590720 bytes
Virtual memory total: 2147352576 bytes
Memory load: 44%
Microsoft Windows Vista Home Premium Edition, 32-bit (build 6000)
Windows startup mode:
Running processes:
PID: 444 name: C:\Windows\System32\smss.exe owner: SYSTEM domain: AUTORITE NT
PID: 516 name: C:\Windows\System32\csrss.exe owner: SYSTEM domain: AUTORITE NT
PID: 572 name: C:\Windows\System32\wininit.exe owner: SYSTEM domain: AUTORITE NT
PID: 584 name: C:\Windows\System32\csrss.exe owner: SYSTEM domain: AUTORITE NT
PID: 616 name: C:\Windows\System32\services.exe owner: SYSTEM domain: AUTORITE NT
PID: 628 name: C:\Windows\System32\lsass.exe owner: SYSTEM domain: AUTORITE NT
PID: 636 name: C:\Windows\System32\lsm.exe owner: SYSTEM domain: AUTORITE NT
PID: 748 name: C:\Windows\System32\winlogon.exe owner: SYSTEM domain: AUTORITE NT
PID: 824 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 900 name: C:\Windows\System32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
PID: 936 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 1016 name: C:\Windows\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 1052 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 1096 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 1228 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 1264 name: C:\Windows\System32\SLsvc.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
PID: 1292 name: C:\Windows\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 1536 name: C:\Windows\System32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
PID: 1736 name: C:\Program Files\Alwil Software\Avast5\AvastSvc.exe owner: SYSTEM domain: AUTORITE NT
PID: 1744 name: C:\Windows\System32\dwm.exe owner: Eden domain: PC-de-Eden
PID: 1776 name: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: AUTORITE NT
PID: 1792 name: C:\Windows\explorer.exe owner: Eden domain: PC-de-Eden
PID: 12 name: C:\Windows\System32\spoolsv.exe owner: SYSTEM domain: AUTORITE NT
PID: 720 name: C:\Windows\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 588 name: C:\Windows\System32\taskeng.exe owner: SYSTEM domain: AUTORITE NT
PID: 1592 name: C:\Program Files\Google\Update\GoogleUpdate.exe owner: SYSTEM domain: AUTORITE NT
PID: 1544 name: C:\Windows\System32\taskeng.exe owner: Eden domain: PC-de-Eden
PID: 2224 name: C:\Acer\Empowering Technology\ePerformance\MemCheck.exe owner: SYSTEM domain: AUTORITE NT
PID: 2272 name: C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe owner: SYSTEM domain: AUTORITE NT
PID: 2308 name: C:\Program Files\Bonjour\mDNSResponder.exe owner: SYSTEM domain: AUTORITE NT
PID: 2328 name: C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe owner: SYSTEM domain: AUTORITE NT
PID: 2440 name: C:\Program Files\Common Files\LightScribe\LSSrvc.exe owner: SYSTEM domain: AUTORITE NT
PID: 2492 name: C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe owner: SYSTEM domain: AUTORITE NT
PID: 2544 name: C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe owner: SYSTEM domain: AUTORITE NT
PID: 2584 name: C:\Windows\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 2616 name: C:\Windows\System32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
PID: 2636 name: C:\Windows\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 2664 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 2692 name: C:\Windows\System32\SearchIndexer.exe owner: SYSTEM domain: AUTORITE NT
PID: 2788 name: C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe owner: SYSTEM domain: AUTORITE NT
PID: 2860 name: C:\Windows\System32\WUDFHost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 3104 name: C:\Windows\System32\wbem\unsecapp.exe owner: SYSTEM domain: AUTORITE NT
PID: 3292 name: C:\Windows\System32\taskeng.exe owner: Eden domain: PC-de-Eden
PID: 3384 name: C:\Program Files\Windows Defender\MSASCui.exe owner: Eden domain: PC-de-Eden
PID: 3528 name: C:\Windows\System32\wbem\WmiPrvSE.exe owner: SYSTEM domain: AUTORITE NT
PID: 3660 name: C:\Windows\System32\wbem\WmiPrvSE.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
PID: 3684 name: C:\Windows\System32\rundll32.exe owner: Eden domain: PC-de-Eden
PID: 3808 name: C:\Windows\System32\rundll32.exe owner: Eden domain: PC-de-Eden
PID: 4024 name: C:\Windows\RtHDVCpl.exe owner: Eden domain: PC-de-Eden
PID: 4052 name: C:\Acer\Empowering Technology\SysMonitor.exe owner: Eden domain: PC-de-Eden
PID: 4064 name: C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe owner: Eden domain: PC-de-Eden
PID: 3080 name: C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe owner: Eden domain: PC-de-Eden
PID: 3412 name: C:\Program Files\iTunes\iTunesHelper.exe owner: Eden domain: PC-de-Eden
PID: 3868 name: C:\Program Files\Alwil Software\Avast5\AvastUI.exe owner: Eden domain: PC-de-Eden
PID: 3904 name: C:\Program Files\Common Files\Java\Java Update\jusched.exe owner: Eden domain: PC-de-Eden
PID: 2196 name: C:\Program Files\Windows Sidebar\sidebar.exe owner: Eden domain: PC-de-Eden
PID: 2756 name: C:\Windows\ehome\ehtray.exe owner: Eden domain: PC-de-Eden
PID: 2784 name: C:\Program Files\Windows Live\Messenger\msnmsgr.exe owner: Eden domain: PC-de-Eden
PID: 3320 name: C:\Windows\ehome\ehmsas.exe owner: Eden domain: PC-de-Eden
PID: 3036 name: C:\Windows\System32\wbem\unsecapp.exe owner: Eden domain: PC-de-Eden
PID: 1116 name: C:\Program Files\iPod\bin\iPodService.exe owner: SYSTEM domain: AUTORITE NT
PID: 3308 name: D:\Program Files\DAEMON Tools Lite\DTLite.exe owner: Eden domain: PC-de-Eden
PID: 3324 name: C:\Program Files\Windows Media Player\wmpnscfg.exe owner: Eden domain: PC-de-Eden
PID: 1236 name: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe owner: Eden domain: PC-de-Eden
PID: 1240 name: C:\Program Files\Windows Media Player\wmpnetwk.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
PID: 1080 name: C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe owner: Eden domain: PC-de-Eden
PID: 2208 name: C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe owner: Eden domain: PC-de-Eden
PID: 2712 name: C:\Acer\Empowering Technology\eRecovery\eRAgent.exe owner: Eden domain: PC-de-Eden
PID: 5856 name: C:\Windows\System32\wbem\WMIADAP.exe owner: SYSTEM domain: AUTORITE NT
PID: 6016 name: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe owner: Eden domain: PC-de-Eden
PID: 4308 name: C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE owner: SYSTEM domain: AUTORITE NT
Startup items:
Name: WebCheck
imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
Name: Windows Defender
imagepath: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
Name: NvSvc
imagepath: RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
Name: NvCplDaemon
imagepath: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
Name: NvMediaCenter
imagepath: RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
Name: RtHDVCpl
imagepath: RtHDVCpl.exe
Name: Acer Empowering Technology Monitor
imagepath: C:\Acer\Empowering Technology\SysMonitor.exe
Name: eDataSecurity Loader
imagepath: C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
Name: WarReg_PopUp
imagepath: C:\Acer\WR_PopUp\WarReg_PopUp.exe
Name: snpstd
imagepath: C:\Windows\vsnpstd.exe
Name: {8C7461EF-2B13-11d2-BE35-3078302C2030}
imagepath: Component Categories cache daemon
Name:
imagepath: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
Name:
location: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk
imagepath: C:\Acer\Empowering Technology\eAPLauncher.exe
Name:
location: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide d'Adobe Reader.lnk
imagepath: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Bootexecute items:
Name:
imagepath: autocheck autochk *
Running services:
Name: AcerMemUsageCheckService
displayname: ePerformance Service
Name: AeLookupSvc
displayname: Expérience d'application
Name: Apple Mobile Device
displayname: Apple Mobile Device
Name: AudioEndpointBuilder
displayname: Générateur de points de terminaison du service Audio Windows
Name: Audiosrv
displayname: Audio Windows
Name: avast! Antivirus
displayname: avast! Antivirus
Name: BFE
displayname: Moteur de filtrage de base
Name: BITS
displayname: Service de transfert intelligent en arrière-plan
Name: Bonjour Service
displayname: Service Bonjour
Name: Browser
displayname: Explorateur d'ordinateurs
Name: CryptSvc
displayname: Services de chiffrement
Name: DcomLaunch
displayname: Lanceur de processus serveur DCOM
Name: Dhcp
displayname: Client DHCP
Name: Dnscache
displayname: Client DNS
Name: DPS
displayname: Service de stratégie de diagnostic
Name: EapHost
displayname: Protocole EAP (Extensible Authentication Protocol)
Name: eDataSecurity Service
displayname: eDSService.exe
Name: EMDMgmt
displayname: Service ReadyBoost
Name: eRecoveryService
displayname: eRecovery Service
Name: Eventlog
displayname: Journal d'événements Windows
Name: EventSystem
displayname: Système d'événement COM+
Name: fdPHost
displayname: Hôte du fournisseur de découverte de fonctions
Name: FDResPub
displayname: Publication des ressources de découverte de fonctions
Name: gpsvc
displayname: Client de stratégie de groupe
Name: hidserv
displayname: Accès du périphérique d'interface utilisateur
Name: IKEEXT
displayname: Modules de génération de clés IKE et AuthIP
Name: iphlpsvc
displayname: Assistance IP
Name: iPod Service
displayname: Service de l'iPod
Name: KeyIso
displayname: Isolation de clé CNG
Name: KtmRm
displayname: Service KtmRm pour Distributed Transaction Coordinator
Name: LanmanServer
displayname: Serveur
Name: LanmanWorkstation
displayname: Station de travail
Name: Lavasoft Ad-Aware Service
displayname: Lavasoft Ad-Aware Service
Name: LightScribeService
displayname: LightScribeService Direct Disc Labeling Service
Name: LiveUpdate
displayname: LiveUpdate
Name: LiveUpdate Notice Service
displayname: LiveUpdate Notice Service
Name: lmhosts
displayname: Assistance NetBIOS sur TCP/IP
Name: MMCSS
displayname: Planificateur de classes multimédias
Name: MpsSvc
displayname: Pare-feu Windows
Name: Netman
displayname: Connexions réseau
Name: netprofm
displayname: Service Liste des réseaux
Name: NlaSvc
displayname: Connaissance des emplacements réseau
Name: nsi
displayname: Service Interface du magasin réseau
Name: PcaSvc
displayname: Service de l'Assistant Compatibilité des programmes
Name: Planificateur LiveUpdate automatique
displayname: Planificateur LiveUpdate automatique
Name: PlugPlay
displayname: Plug-and-Play
Name: Pml Driver HPZ12
displayname: Pml Driver HPZ12
Name: PolicyAgent
displayname: Agent de stratégie IPsec
Name: ProfSvc
displayname: Service de profil utilisateur
Name: RasMan
displayname: Gestionnaire de connexions d'accès distant
Name: RpcSs
displayname: Appel de procédure distante (RPC)
Name: SamSs
displayname: Gestionnaire de comptes de sécurité
Name: Schedule
displayname: Planificateur de tâches
Name: seclogon
displayname: Ouverture de session secondaire
Name: SENS
displayname: Service de notification d'événements système
Name: ShellHWDetection
displayname: Détection matériel noyau
Name: slsvc
displayname: Licence du logiciel
Name: Spooler
displayname: Spouleur d'impression
Name: SSDPSRV
displayname: Découverte SSDP
Name: stisvc
displayname: Acquisition d'image Windows (WIA)
Name: SysMain
displayname: Superfetch
Name: TabletInputService
displayname: Service Panneau de saisie Tablet PC
Name: TapiSrv
displayname: Téléphonie
Name: TermService
displayname: Services Terminal Server
Name: Themes
displayname: Thèmes
Name: TrkWks
displayname: Client de suivi de lien distribué
Name: upnphost
displayname: Hôte de périphérique UPnP
Name: UxSms
displayname: Gestionnaire de sessions du Gestionnaire de fenêtrage
Name: W32Time
displayname: Horloge Windows
Name: WdiSystemHost
displayname: Hôte système de diagnostics
Name: WebClient
displayname: WebClient
Name: WerSvc
displayname: Service de rapport d'erreurs Windows
Name: WinDefend
displayname: Windows Defender
Name: WinHttpAutoProxySvc
displayname: Service de découverte automatique de Proxy Web pour les services HTTP Windows
Name: Winmgmt
displayname: Infrastructure de gestion Windows
Name: Wlansvc
displayname: Service de configuration automatique WLAN
Name: WMPNetworkSvc
displayname: Service Partage réseau du Lecteur Windows Media
Name: WPDBusEnum
displayname: Service Énumérateur d'appareil mobile
Name: wscsvc
displayname: Centre de sécurité
Name: WSearch
displayname: Recherche Windows
Name: wuauserv
displayname: Windows Update
Name: wudfsvc
displayname: Windows Driver Foundation - Infrastructure de pilote mode-utilisateur
J'aurais besoin de votre aide pour un rapport adaware.le pc est-il infecté?
Merci d'avance.
Logfile created: 27/03/2011 18:10:28
Ad-Aware version: 9.0.2
Extended engine: 3
Extended engine version: 3.1.2770
User performing scan: Eden
*********************** Definitions database information ***********************
Lavasoft definition file: 150.341
Genotype definition file version: 2011/03/24 07:28:51
Extended engine definition file: 8832.0
******************************** Scan results: *********************************
Scan profile name: Analyse complète (ID: full)
Objects scanned: 231642
Objects detected: 29
Type Detected
==========================
Processes.......: 0
Registry entries: 0
Hostfile entries: 0
Files...........: 4
Folders.........: 0
LSPs............: 0
Cookies.........: 25
Browser hijacks.: 0
MRU objects.....: 0
Removed items:
Description: *atdmt* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408910 Family ID: 0
Description: *2o7* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408943 Family ID: 0
Description: *weborama* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408955 Family ID: 0
Description: *real* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408817 Family ID: 0
Description: *247realmedia* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408945 Family ID: 0
Description: *realmedia* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409139 Family ID: 0
Description: *ad.yieldmanager* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409172 Family ID: 0
Description: *adtech* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409018 Family ID: 0
Description: *adviva* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409016 Family ID: 0
Description: *weborama* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408955 Family ID: 0
Description: *apmebf* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409163 Family ID: 0
Description: *atdmt* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408910 Family ID: 0
Description: *doubleclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408875 Family ID: 0
Description: *estat* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408873 Family ID: 0
Description: *.comclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409086 Family ID: 0
Description: *mediaplex* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408991 Family ID: 0
Description: *serving-sys* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409130 Family ID: 0
Description: *adserver* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408737 Family ID: 0
Description: *adserv* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408921 Family ID: 0
Description: *adserve* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 409020 Family ID: 0
Description: *specificclick* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408807 Family ID: 0
Description: *tradedoubler* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408964 Family ID: 0
Description: *atdmt* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408910 Family ID: 0
Description: *2o7* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408943 Family ID: 0
Description: *weborama* Family Name: Cookies Engine: 1 Clean status: Success Item ID: 408955 Family ID: 0
Quarantined items:
Description: c:\recoverybin\volume-74e9487f-b7e3-4a34-a232-1525cfbb5dc0\users\eden\music\ocean drive - some people(01ca315e56ae0914).wma Family Name: Trojan.ASF.Wimad (v) Engine: 3 Clean status: Success Item ID: 1 Family ID: 0 MD5: 1a471e710342936347ceae50b7b38fa5
Description: c:\recoverybin\volume-74e9487f-b7e3-4a34-a232-1525cfbb5dc0\users\eden\music\zik\renaud - miss maggie(01ca315d59f20839).wma Family Name: Trojan.ASF.Wimad (v) Engine: 3 Clean status: Success Item ID: 1 Family ID: 0 MD5: e90637e86c80a17504491fe039cdcaa4
Description: c:\recoverybin\volume-74e9487f-b7e3-4a34-a232-1525cfbb5dc0\users\eden\shared\ayo technology katherine(01ca316024df09bf).wma Family Name: Trojan.ASF.Wimad (v) Engine: 3 Clean status: Success Item ID: 1 Family ID: 0 MD5: e11229a854e9594179db84615ca48323
Description: d:\msgpluslive-460.exe Family Name: Win32.TrojanDropper.Delf Engine: 1 Clean status: Success Item ID: 0 Family ID: 1385 MD5: 896a2251209d0895bae278861b2cc193
Scan and cleaning complete: Finished correctly after 11209 seconds
*********************************** Settings ***********************************
Scan profile:
ID: full, enabled:1, value: Analyse complète
ID: folderstoscan, enabled:1, value: C:\,D:\
ID: useantivirus, enabled:1, value: true
ID: sections, enabled:1
ID: scancriticalareas, enabled:1, value: true
ID: scanrunningapps, enabled:1, value: true
ID: scanregistry, enabled:1, value: true
ID: scanlsp, enabled:1, value: true
ID: scanads, enabled:1, value: true
ID: scanhostsfile, enabled:1, value: true
ID: scanmru, enabled:1, value: true
ID: scanbrowserhijacks, enabled:1, value: true
ID: scantrackingcookies, enabled:1, value: true
ID: closebrowsers, enabled:1, value: false
ID: filescanningoptions, enabled:1
ID: archives, enabled:1, value: true
ID: onlyexecutables, enabled:1, value: false
ID: skiplargerthan, enabled:1, value: 20480
ID: scanrootkits, enabled:1, value: true
ID: rootkitlevel, enabled:1, value: mild, domain: medium,mild,strict
ID: usespywareheuristics, enabled:1, value: true
Scan global:
ID: global, enabled:1
ID: addtocontextmenu, enabled:1, value: true
ID: playsoundoninfection, enabled:1, value: false
ID: soundfile, enabled:0, value: N/A
Scheduled scan settings:
<Empty>
Update settings:
ID: updates, enabled:1
ID: launchthreatworksafterscan, enabled:1, value: off, domain: normal,off,silently
ID: deffiles, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: licenseandinfo, enabled:1, value: downloadandinstall, domain: dontcheck,downloadandinstall
ID: schedules, enabled:1, value: true
ID: updatedaily1, enabled:1, value: Daily 1
ID: time, enabled:1, value: Sun Mar 27 17:54:00 2011
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily2, enabled:1, value: Daily 2
ID: time, enabled:1, value: Sun Mar 27 23:54:00 2011
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily3, enabled:1, value: Daily 3
ID: time, enabled:1, value: Sun Mar 27 05:54:00 2011
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updatedaily4, enabled:1, value: Daily 4
ID: time, enabled:1, value: Sun Mar 27 11:54:00 2011
ID: frequency, enabled:1, value: daily, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: false
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: false
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
ID: updateweekly1, enabled:1, value: Weekly
ID: time, enabled:1, value: Sun Mar 27 17:54:00 2011
ID: frequency, enabled:1, value: weekly, domain: daily,monthly,once,systemstart,weekly
ID: weekdays, enabled:1
ID: monday, enabled:1, value: false
ID: tuesday, enabled:1, value: false
ID: wednesday, enabled:1, value: true
ID: thursday, enabled:1, value: false
ID: friday, enabled:1, value: false
ID: saturday, enabled:1, value: false
ID: sunday, enabled:1, value: true
ID: monthly, enabled:1, value: 1, minvalue: 1, maxvalue: 31
ID: scanprofile, enabled:1, value:
ID: auto_deal_with_infections, enabled:1, value: false
Appearance settings:
ID: appearance, enabled:1
ID: skin, enabled:1, value: default.egl, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Resource
ID: showtrayicon, enabled:1, value: true
ID: autoentertainmentmode, enabled:1, value: true
ID: guimode, enabled:1, value: mode_simple, domain: mode_advanced,mode_simple
ID: language, enabled:1, value: fr, reglocation: HKEY_LOCAL_MACHINE\SOFTWARE\Lavasoft\Ad-Aware\Language
Realtime protection settings:
ID: realtime, enabled:1
ID: layers, enabled:1
ID: useantivirus, enabled:1, value: true
ID: usespywareheuristics, enabled:1, value: true
ID: maintainbackup, enabled:1, value: true
ID: infomessages, enabled:1, value: onlyimportant, domain: display,dontnotify,onlyimportant
ID: modules, enabled:1
ID: processprotection, enabled:1, value: true
ID: onaccessprotection, enabled:1, value: true
ID: registryprotection, enabled:1, value: true
ID: networkprotection, enabled:1, value: true
****************************** System information ******************************
Computer name: PC-DE-EDEN
Processor name: AMD Athlon(tm) 64 X2 Dual Core Processor 4000+
Processor identifier: x86 Family 15 Model 107 Stepping 1
Processor speed: ~2109MHZ
Raw info: processorarchitecture 0, processortype 586, processorlevel 15, processor revision 27393, number of processors 2, processor features: [MMX,SSE,SSE2,SSE3,3DNow]
Physical memory available: 1161654272 bytes
Physical memory total: 2079260672 bytes
Virtual memory available: 1826590720 bytes
Virtual memory total: 2147352576 bytes
Memory load: 44%
Microsoft Windows Vista Home Premium Edition, 32-bit (build 6000)
Windows startup mode:
Running processes:
PID: 444 name: C:\Windows\System32\smss.exe owner: SYSTEM domain: AUTORITE NT
PID: 516 name: C:\Windows\System32\csrss.exe owner: SYSTEM domain: AUTORITE NT
PID: 572 name: C:\Windows\System32\wininit.exe owner: SYSTEM domain: AUTORITE NT
PID: 584 name: C:\Windows\System32\csrss.exe owner: SYSTEM domain: AUTORITE NT
PID: 616 name: C:\Windows\System32\services.exe owner: SYSTEM domain: AUTORITE NT
PID: 628 name: C:\Windows\System32\lsass.exe owner: SYSTEM domain: AUTORITE NT
PID: 636 name: C:\Windows\System32\lsm.exe owner: SYSTEM domain: AUTORITE NT
PID: 748 name: C:\Windows\System32\winlogon.exe owner: SYSTEM domain: AUTORITE NT
PID: 824 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 900 name: C:\Windows\System32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
PID: 936 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 1016 name: C:\Windows\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 1052 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 1096 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 1228 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 1264 name: C:\Windows\System32\SLsvc.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
PID: 1292 name: C:\Windows\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 1536 name: C:\Windows\System32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
PID: 1736 name: C:\Program Files\Alwil Software\Avast5\AvastSvc.exe owner: SYSTEM domain: AUTORITE NT
PID: 1744 name: C:\Windows\System32\dwm.exe owner: Eden domain: PC-de-Eden
PID: 1776 name: C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe owner: SYSTEM domain: AUTORITE NT
PID: 1792 name: C:\Windows\explorer.exe owner: Eden domain: PC-de-Eden
PID: 12 name: C:\Windows\System32\spoolsv.exe owner: SYSTEM domain: AUTORITE NT
PID: 720 name: C:\Windows\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 588 name: C:\Windows\System32\taskeng.exe owner: SYSTEM domain: AUTORITE NT
PID: 1592 name: C:\Program Files\Google\Update\GoogleUpdate.exe owner: SYSTEM domain: AUTORITE NT
PID: 1544 name: C:\Windows\System32\taskeng.exe owner: Eden domain: PC-de-Eden
PID: 2224 name: C:\Acer\Empowering Technology\ePerformance\MemCheck.exe owner: SYSTEM domain: AUTORITE NT
PID: 2272 name: C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe owner: SYSTEM domain: AUTORITE NT
PID: 2308 name: C:\Program Files\Bonjour\mDNSResponder.exe owner: SYSTEM domain: AUTORITE NT
PID: 2328 name: C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe owner: SYSTEM domain: AUTORITE NT
PID: 2440 name: C:\Program Files\Common Files\LightScribe\LSSrvc.exe owner: SYSTEM domain: AUTORITE NT
PID: 2492 name: C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe owner: SYSTEM domain: AUTORITE NT
PID: 2544 name: C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe owner: SYSTEM domain: AUTORITE NT
PID: 2584 name: C:\Windows\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 2616 name: C:\Windows\System32\svchost.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
PID: 2636 name: C:\Windows\System32\svchost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 2664 name: C:\Windows\System32\svchost.exe owner: SYSTEM domain: AUTORITE NT
PID: 2692 name: C:\Windows\System32\SearchIndexer.exe owner: SYSTEM domain: AUTORITE NT
PID: 2788 name: C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe owner: SYSTEM domain: AUTORITE NT
PID: 2860 name: C:\Windows\System32\WUDFHost.exe owner: SERVICE LOCAL domain: AUTORITE NT
PID: 3104 name: C:\Windows\System32\wbem\unsecapp.exe owner: SYSTEM domain: AUTORITE NT
PID: 3292 name: C:\Windows\System32\taskeng.exe owner: Eden domain: PC-de-Eden
PID: 3384 name: C:\Program Files\Windows Defender\MSASCui.exe owner: Eden domain: PC-de-Eden
PID: 3528 name: C:\Windows\System32\wbem\WmiPrvSE.exe owner: SYSTEM domain: AUTORITE NT
PID: 3660 name: C:\Windows\System32\wbem\WmiPrvSE.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
PID: 3684 name: C:\Windows\System32\rundll32.exe owner: Eden domain: PC-de-Eden
PID: 3808 name: C:\Windows\System32\rundll32.exe owner: Eden domain: PC-de-Eden
PID: 4024 name: C:\Windows\RtHDVCpl.exe owner: Eden domain: PC-de-Eden
PID: 4052 name: C:\Acer\Empowering Technology\SysMonitor.exe owner: Eden domain: PC-de-Eden
PID: 4064 name: C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe owner: Eden domain: PC-de-Eden
PID: 3080 name: C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe owner: Eden domain: PC-de-Eden
PID: 3412 name: C:\Program Files\iTunes\iTunesHelper.exe owner: Eden domain: PC-de-Eden
PID: 3868 name: C:\Program Files\Alwil Software\Avast5\AvastUI.exe owner: Eden domain: PC-de-Eden
PID: 3904 name: C:\Program Files\Common Files\Java\Java Update\jusched.exe owner: Eden domain: PC-de-Eden
PID: 2196 name: C:\Program Files\Windows Sidebar\sidebar.exe owner: Eden domain: PC-de-Eden
PID: 2756 name: C:\Windows\ehome\ehtray.exe owner: Eden domain: PC-de-Eden
PID: 2784 name: C:\Program Files\Windows Live\Messenger\msnmsgr.exe owner: Eden domain: PC-de-Eden
PID: 3320 name: C:\Windows\ehome\ehmsas.exe owner: Eden domain: PC-de-Eden
PID: 3036 name: C:\Windows\System32\wbem\unsecapp.exe owner: Eden domain: PC-de-Eden
PID: 1116 name: C:\Program Files\iPod\bin\iPodService.exe owner: SYSTEM domain: AUTORITE NT
PID: 3308 name: D:\Program Files\DAEMON Tools Lite\DTLite.exe owner: Eden domain: PC-de-Eden
PID: 3324 name: C:\Program Files\Windows Media Player\wmpnscfg.exe owner: Eden domain: PC-de-Eden
PID: 1236 name: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe owner: Eden domain: PC-de-Eden
PID: 1240 name: C:\Program Files\Windows Media Player\wmpnetwk.exe owner: SERVICE RÉSEAU domain: AUTORITE NT
PID: 1080 name: C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe owner: Eden domain: PC-de-Eden
PID: 2208 name: C:\Acer\Empowering Technology\Acer.Empowering.Framework.Supervisor.exe owner: Eden domain: PC-de-Eden
PID: 2712 name: C:\Acer\Empowering Technology\eRecovery\eRAgent.exe owner: Eden domain: PC-de-Eden
PID: 5856 name: C:\Windows\System32\wbem\WMIADAP.exe owner: SYSTEM domain: AUTORITE NT
PID: 6016 name: C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe owner: Eden domain: PC-de-Eden
PID: 4308 name: C:\Program Files\Symantec\LiveUpdate\LuComServer_3_2.EXE owner: SYSTEM domain: AUTORITE NT
Startup items:
Name: WebCheck
imagepath: {E6FB5E20-DE35-11CF-9C87-00AA005127ED}
Name: Windows Defender
imagepath: %ProgramFiles%\Windows Defender\MSASCui.exe -hide
Name: NvSvc
imagepath: RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
Name: NvCplDaemon
imagepath: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
Name: NvMediaCenter
imagepath: RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
Name: RtHDVCpl
imagepath: RtHDVCpl.exe
Name: Acer Empowering Technology Monitor
imagepath: C:\Acer\Empowering Technology\SysMonitor.exe
Name: eDataSecurity Loader
imagepath: C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
Name: WarReg_PopUp
imagepath: C:\Acer\WR_PopUp\WarReg_PopUp.exe
Name: snpstd
imagepath: C:\Windows\vsnpstd.exe
Name: {8C7461EF-2B13-11d2-BE35-3078302C2030}
imagepath: Component Categories cache daemon
Name:
imagepath: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
Name:
location: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Empowering Technology Launcher.lnk
imagepath: C:\Acer\Empowering Technology\eAPLauncher.exe
Name:
location: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Lancement rapide d'Adobe Reader.lnk
imagepath: C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Bootexecute items:
Name:
imagepath: autocheck autochk *
Running services:
Name: AcerMemUsageCheckService
displayname: ePerformance Service
Name: AeLookupSvc
displayname: Expérience d'application
Name: Apple Mobile Device
displayname: Apple Mobile Device
Name: AudioEndpointBuilder
displayname: Générateur de points de terminaison du service Audio Windows
Name: Audiosrv
displayname: Audio Windows
Name: avast! Antivirus
displayname: avast! Antivirus
Name: BFE
displayname: Moteur de filtrage de base
Name: BITS
displayname: Service de transfert intelligent en arrière-plan
Name: Bonjour Service
displayname: Service Bonjour
Name: Browser
displayname: Explorateur d'ordinateurs
Name: CryptSvc
displayname: Services de chiffrement
Name: DcomLaunch
displayname: Lanceur de processus serveur DCOM
Name: Dhcp
displayname: Client DHCP
Name: Dnscache
displayname: Client DNS
Name: DPS
displayname: Service de stratégie de diagnostic
Name: EapHost
displayname: Protocole EAP (Extensible Authentication Protocol)
Name: eDataSecurity Service
displayname: eDSService.exe
Name: EMDMgmt
displayname: Service ReadyBoost
Name: eRecoveryService
displayname: eRecovery Service
Name: Eventlog
displayname: Journal d'événements Windows
Name: EventSystem
displayname: Système d'événement COM+
Name: fdPHost
displayname: Hôte du fournisseur de découverte de fonctions
Name: FDResPub
displayname: Publication des ressources de découverte de fonctions
Name: gpsvc
displayname: Client de stratégie de groupe
Name: hidserv
displayname: Accès du périphérique d'interface utilisateur
Name: IKEEXT
displayname: Modules de génération de clés IKE et AuthIP
Name: iphlpsvc
displayname: Assistance IP
Name: iPod Service
displayname: Service de l'iPod
Name: KeyIso
displayname: Isolation de clé CNG
Name: KtmRm
displayname: Service KtmRm pour Distributed Transaction Coordinator
Name: LanmanServer
displayname: Serveur
Name: LanmanWorkstation
displayname: Station de travail
Name: Lavasoft Ad-Aware Service
displayname: Lavasoft Ad-Aware Service
Name: LightScribeService
displayname: LightScribeService Direct Disc Labeling Service
Name: LiveUpdate
displayname: LiveUpdate
Name: LiveUpdate Notice Service
displayname: LiveUpdate Notice Service
Name: lmhosts
displayname: Assistance NetBIOS sur TCP/IP
Name: MMCSS
displayname: Planificateur de classes multimédias
Name: MpsSvc
displayname: Pare-feu Windows
Name: Netman
displayname: Connexions réseau
Name: netprofm
displayname: Service Liste des réseaux
Name: NlaSvc
displayname: Connaissance des emplacements réseau
Name: nsi
displayname: Service Interface du magasin réseau
Name: PcaSvc
displayname: Service de l'Assistant Compatibilité des programmes
Name: Planificateur LiveUpdate automatique
displayname: Planificateur LiveUpdate automatique
Name: PlugPlay
displayname: Plug-and-Play
Name: Pml Driver HPZ12
displayname: Pml Driver HPZ12
Name: PolicyAgent
displayname: Agent de stratégie IPsec
Name: ProfSvc
displayname: Service de profil utilisateur
Name: RasMan
displayname: Gestionnaire de connexions d'accès distant
Name: RpcSs
displayname: Appel de procédure distante (RPC)
Name: SamSs
displayname: Gestionnaire de comptes de sécurité
Name: Schedule
displayname: Planificateur de tâches
Name: seclogon
displayname: Ouverture de session secondaire
Name: SENS
displayname: Service de notification d'événements système
Name: ShellHWDetection
displayname: Détection matériel noyau
Name: slsvc
displayname: Licence du logiciel
Name: Spooler
displayname: Spouleur d'impression
Name: SSDPSRV
displayname: Découverte SSDP
Name: stisvc
displayname: Acquisition d'image Windows (WIA)
Name: SysMain
displayname: Superfetch
Name: TabletInputService
displayname: Service Panneau de saisie Tablet PC
Name: TapiSrv
displayname: Téléphonie
Name: TermService
displayname: Services Terminal Server
Name: Themes
displayname: Thèmes
Name: TrkWks
displayname: Client de suivi de lien distribué
Name: upnphost
displayname: Hôte de périphérique UPnP
Name: UxSms
displayname: Gestionnaire de sessions du Gestionnaire de fenêtrage
Name: W32Time
displayname: Horloge Windows
Name: WdiSystemHost
displayname: Hôte système de diagnostics
Name: WebClient
displayname: WebClient
Name: WerSvc
displayname: Service de rapport d'erreurs Windows
Name: WinDefend
displayname: Windows Defender
Name: WinHttpAutoProxySvc
displayname: Service de découverte automatique de Proxy Web pour les services HTTP Windows
Name: Winmgmt
displayname: Infrastructure de gestion Windows
Name: Wlansvc
displayname: Service de configuration automatique WLAN
Name: WMPNetworkSvc
displayname: Service Partage réseau du Lecteur Windows Media
Name: WPDBusEnum
displayname: Service Énumérateur d'appareil mobile
Name: wscsvc
displayname: Centre de sécurité
Name: WSearch
displayname: Recherche Windows
Name: wuauserv
displayname: Windows Update
Name: wudfsvc
displayname: Windows Driver Foundation - Infrastructure de pilote mode-utilisateur
A voir également:
- Rapport adaware
- Adaware - Télécharger - Sécurité
- Plan rapport de stage - Guide
- Rapport erreur windows - Guide
- Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport existant - Forum Excel
- Thème rapport de stage comptabilité - Forum Word
1 réponse
Bonjour
Si tu veux savoir si ton PC est infecté le mieux est de faire un diagnostic:
Télécharge ZHPDiag (de Nicolas Coolman) sur ton bureau
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Une fois le téléchargement achevé, double clique sur ZHPDiag.exe et suis les instructions.
/!\Utilisateurs de Vista et Windows 7 : Clique droit sur le logo de ZHPDiag.exe, « exécuter en tant qu'Administrateur »
N'oublie pas de cocher la case qui permet de mettre un raccourci sur le Bureau.
- Double clique sur le raccourci ZHPDiag sur ton Bureau pour le lancer.
(/!\L'outil a créé 2 icônes ZHPDiag et ZHPFix)
- Clique sur la loupe pour lancer l'analyse.
- Laisse l'outil travailler, il peut être assez long.
- Ferme ZHPDiag en fin d'analyse.
- Pour transmettre le rapport clique sur ce lien : http://www.cijoint.fr/
- Clique sur Parcourir et cherche le répertoire où est installé ZHPDiag (en général C:\Program Files\ZHPDiag).
- Sélectionne le fichier ZHPDiag.txt.
- Clique sur "Cliquez ici pour déposer le fichier".
- Un lien de cette forme : http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt est ajouté dans la page.
- Copie ce lien dans ta réponse.
Smart
"Si tu n'as pas d'ambitions, tu t'installes au bord de la chute" (Kundera)
Si tu veux savoir si ton PC est infecté le mieux est de faire un diagnostic:
Télécharge ZHPDiag (de Nicolas Coolman) sur ton bureau
https://www.zebulon.fr/telechargements/securite/systeme/zhpdiag.html
Une fois le téléchargement achevé, double clique sur ZHPDiag.exe et suis les instructions.
/!\Utilisateurs de Vista et Windows 7 : Clique droit sur le logo de ZHPDiag.exe, « exécuter en tant qu'Administrateur »
N'oublie pas de cocher la case qui permet de mettre un raccourci sur le Bureau.
- Double clique sur le raccourci ZHPDiag sur ton Bureau pour le lancer.
(/!\L'outil a créé 2 icônes ZHPDiag et ZHPFix)
- Clique sur la loupe pour lancer l'analyse.
- Laisse l'outil travailler, il peut être assez long.
- Ferme ZHPDiag en fin d'analyse.
- Pour transmettre le rapport clique sur ce lien : http://www.cijoint.fr/
- Clique sur Parcourir et cherche le répertoire où est installé ZHPDiag (en général C:\Program Files\ZHPDiag).
- Sélectionne le fichier ZHPDiag.txt.
- Clique sur "Cliquez ici pour déposer le fichier".
- Un lien de cette forme : http://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt est ajouté dans la page.
- Copie ce lien dans ta réponse.
Smart
"Si tu n'as pas d'ambitions, tu t'installes au bord de la chute" (Kundera)