Pubs intempestives

Bonsoir,
Ma copine a télécharger openoffice, et depuis des pubs s'ouvrent sans qu'on le demande.
Ces pubs sont "omment devenir proprietaire en payant seulement 250 euros par mois".
Elle a un ordinateur portable et est sous vista.
Si vous voulez plus d'information demandez moi.
Merci d'avance

Salut OursoN78


On va vérifier cela, télécharge RSIT (de random/random) sur le bureau ici :
http://images.malwareremoval.com/random/RSIT.exe

- Double clique sur RSIT.exe qui est sur le bureau
- Clique sur Continue dans la fenêtre
- RSIT téléchargera HijackThis si il n’est pas présent où détecté, alors il faudra accepter la licence
- Poste le contenue des deux rapports, log.txt et info.txt(réduit dans la barre des tâches) à la fin de l’analyse

Les rapports sont dans le dossier ici C:\rsit


@++

et bien, je ne pensais pas avoir une réponse aussi rapidement.
Voici les rapports

log

Logfile of random's system information tool 1.06 (written by random/random)
Run by TyTy at 2009-10-07 01:45:51
Microsoft® Windows Vista™ Édition Familiale Premium
System drive C: has 35 GB (48%) free of 73 GB
Total RAM: 1022 MB (11% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:52:36, on 07/10/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16890)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Users\costinha\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Program Files\Acer\OrbiCam10\OrbiCam.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Symantec\LiveUpdate\ALUNOTIFY.EXE
C:\Program Files\EoRezo\EoEngine.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATIBEE.EXE
C:\Windows\System32\rundll32.exe
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Users\costinha\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\OpenOffice.org 3\program\swriter.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Users\costinha\Downloads\RSIT.exe
C:\Program Files\trend micro\costinha.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*http://fr.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://y.lo.st
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://y.lo.st
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O2 - BHO: EoBHO - {C7B76B90-3455-4AE6-A752-EAC4D19689E5} - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\pdfforge Toolbar\SearchSettings.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [AcerOrbicamRibbon] "C:\Program Files\Acer\OrbiCam10\OrbiCam.exe" /hide
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\pdfforge Toolbar\SearchSettings.exe
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\EoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [SoftwareHelper] C:\Users\costinha\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe -runonce
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [EPSON Stylus DX4000 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\Users\costinha\AppData\Local\Temp\E_S890E.tmp" /EF "HKCU"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OpenOffice.org 3.1.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O13 - Gopher Prefix:
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10948 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Norton Internet Security - Analyse système complète - costinha.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll [2006-11-21 96984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll [2009-07-31 698880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C7B76B90-3455-4AE6-A752-EAC4D19689E5}]
EoBHO Class - C:\Program Files\EoRezo\EoAdv\EoRezoBHO.dll [2008-11-18 42792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-07 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
C:\Program Files\pdfforge Toolbar\SearchSettings.dll [2009-07-29 1153024]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{90222687-F593-4738-B738-FBEE9C7B26DF} - Show Norton Toolbar - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll [2006-11-21 565960]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar avec bloqueur de fenêtres pop-up - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2006-11-29 436288]
{5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - Acer eDataSecurity Management - C:\Windows\system32\eDStoolbar.dll [2006-11-16 151552]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\pdfforgeToolbarIE.dll [2009-07-31 698880]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2009-09-16 1006264]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2006-12-01 4186112]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2006-10-23 815104]
"Acer Tour"= []
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2006-11-21 107112]
"osCheck"=C:\Program Files\Norton Internet Security\osCheck.exe [2006-11-21 22696]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2006-11-22 90191]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2006-11-22 7757824]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2006-11-22 81920]
"LManager"=C:\PROGRA~1\LAUNCH~1\LManager.exe [2006-12-08 614400]
"WarReg_PopUp"=C:\Acer\WR_PopUp\WarReg_PopUp.exe [2006-11-05 57344]
"LogitechCommunicationsManager"=C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe [2006-10-31 304664]
"LVCOMSX"=C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe [2006-11-20 244512]
"AcerOrbicamRibbon"=C:\Program Files\Acer\OrbiCam10\OrbiCam.exe [2006-11-20 754712]
"eDataSecurity Loader"=C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [2006-11-17 453120]
"eRecoveryService"= []
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"ALUAlert"=C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe [2006-11-21 112320]
"SearchSettings"=C:\Program Files\pdfforge Toolbar\SearchSettings.exe [2009-07-29 1024512]
"EoEngine"=C:\Program Files\EoRezo\EoEngine.exe [2009-02-23 472872]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-07 149280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SoftwareHelper"=C:\Users\costinha\AppData\Roaming\eoRezo\SoftwareUpdate\SoftwareUpdateHP.exe [2008-12-09 368224]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-09-15 1232896]
"????r"= []
"?????????"=??????????????e []
"EPSON Stylus DX4000 Series"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE [2006-09-21 139264]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe

C:\Users\costinha\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.1.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe"="C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu"
"C:\Acer\Empowering Technology\eDataSecurity\encryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption"
"C:\Acer\Empowering Technology\eDataSecurity\decryption.exe"="C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 1 months======

2009-10-07 01:45:54 ----D---- C:\Program Files\trend micro
2009-10-07 01:45:51 ----D---- C:\rsit
2009-10-07 00:44:46 ----D---- C:\Users\costinha\AppData\Roaming\OpenOffice.org
2009-10-07 00:31:33 ----D---- C:\Program Files\JRE
2009-10-07 00:30:00 ----D---- C:\Program Files\OpenOffice.org 3
2009-10-07 00:28:21 ----A---- C:\Windows\system32\javaws.exe
2009-10-07 00:28:21 ----A---- C:\Windows\system32\deploytk.dll
2009-10-07 00:28:19 ----A---- C:\Windows\system32\javaw.exe
2009-10-07 00:28:10 ----A---- C:\Windows\system32\java.exe
2009-10-06 11:56:35 ----A---- C:\Windows\system32\wups2.dll
2009-10-06 11:56:34 ----A---- C:\Windows\system32\wuauclt.exe
2009-10-06 11:56:33 ----A---- C:\Windows\system32\wucltux.dll
2009-10-06 11:56:33 ----A---- C:\Windows\system32\wuaueng.dll
2009-10-06 11:53:26 ----A---- C:\Windows\system32\wups.dll
2009-10-06 11:53:24 ----A---- C:\Windows\system32\wudriver.dll
2009-10-06 11:53:22 ----A---- C:\Windows\system32\wuapi.dll
2009-10-06 11:51:18 ----A---- C:\Windows\system32\wuwebv.dll
2009-10-06 11:51:17 ----A---- C:\Windows\system32\wuapp.exe
2009-10-01 00:47:52 ----D---- C:\Users\costinha\AppData\Roaming\dvdcss
2009-09-30 18:36:43 ----D---- C:\Program Files\Java
2009-09-30 18:30:23 ----D---- C:\Users\costinha\AppData\Roaming\EoRezo
2009-09-30 18:30:14 ----D---- C:\Program Files\EoRezo
2009-09-27 02:00:11 ----D---- C:\HiTRUSTDrive
2009-09-22 13:09:41 ----D---- C:\Users\costinha\AppData\Roaming\AdobeUM
2009-09-22 11:27:35 ----D---- C:\Program Files\pdfforge Toolbar
2009-09-22 11:26:27 ----A---- C:\Windows\system32\pdfcmnnt.dll
2009-09-22 11:26:23 ----A---- C:\Windows\system32\VB6FR.DLL
2009-09-22 11:26:23 ----A---- C:\Windows\system32\MSMPIDE.DLL
2009-09-22 11:26:23 ----A---- C:\Windows\system32\MSCMCFR.DLL
2009-09-22 11:26:23 ----A---- C:\Windows\system32\MSCC2FR.DLL
2009-09-22 11:26:22 ----D---- C:\Program Files\PDFCreator
2009-09-21 15:52:45 ----A---- C:\Windows\system32\E_DCINST.DLL
2009-09-21 15:52:34 ----A---- C:\Windows\system32\E_FLBBEE.DLL
2009-09-21 15:52:31 ----A---- C:\Windows\system32\E_FD4BBEE.DLL
2009-09-21 15:50:57 ----D---- C:\ProgramData\EPSON
2009-09-21 15:45:07 ----D---- C:\Program Files\epson
2009-09-21 15:45:01 ----A---- C:\Windows\system32\escwiad.dll
2009-09-21 15:45:01 ----A---- C:\Windows\system32\escimgd.dll
2009-09-21 15:45:01 ----A---- C:\Windows\system32\esccmd.dll
2009-09-17 20:56:59 ----D---- C:\Users\costinha\AppData\Roaming\Intel
2009-09-17 20:56:31 ----D---- C:\ProgramData\Roaming
2009-09-17 20:52:17 ----D---- C:\Program Files\Cisco
2009-09-17 20:52:05 ----D---- C:\Program Files\Common Files\Intel
2009-09-17 20:52:01 ----D---- C:\ProgramData\Intel
2009-09-17 20:45:11 ----A---- C:\Windows\system32\msshsq.dll
2009-09-17 00:34:51 ----D---- C:\Users\costinha\AppData\Roaming\vlc
2009-09-16 15:37:02 ----A---- C:\Windows\system32\wdigest.dll
2009-09-16 15:37:02 ----A---- C:\Windows\system32\msv1_0.dll
2009-09-16 15:37:02 ----A---- C:\Windows\system32\kerberos.dll
2009-09-16 15:37:01 ----A---- C:\Windows\system32\secur32.dll
2009-09-16 15:37:01 ----A---- C:\Windows\system32\lsass.exe
2009-09-16 15:37:01 ----A---- C:\Windows\system32\lsasrv.dll
2009-09-16 15:36:59 ----A---- C:\Windows\system32\schannel.dll
2009-09-16 14:39:45 ----A---- C:\Windows\system32\tzres.dll
2009-09-16 14:34:15 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-09-16 14:34:14 ----A---- C:\Windows\system32\winipsec.dll
2009-09-16 14:34:13 ----A---- C:\Windows\system32\polstore.dll
2009-09-16 14:34:13 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-09-16 14:32:06 ----A---- C:\Windows\system32\riched32.dll
2009-09-16 14:32:06 ----A---- C:\Windows\system32\riched20.dll
2009-09-16 14:32:02 ----A---- C:\Windows\system32\rasser.dll
2009-09-16 14:32:02 ----A---- C:\Windows\system32\rasmxs.dll
2009-09-16 14:32:02 ----A---- C:\Windows\system32\rasdiag.dll
2009-09-16 14:32:02 ----A---- C:\Windows\system32\rascfg.dll
2009-09-16 14:32:01 ----A---- C:\Windows\system32\netcfgx.dll
2009-09-16 14:32:01 ----A---- C:\Windows\system32\msftedit.dll
2009-09-16 14:32:00 ----A---- C:\Windows\system32\ipnathlp.dll
2009-09-16 14:32:00 ----A---- C:\Windows\system32\icsunattend.exe
2009-09-16 14:31:59 ----A---- C:\Windows\system32\wshqos.dll
2009-09-16 14:31:58 ----A---- C:\Windows\system32\traffic.dll
2009-09-16 14:31:57 ----A---- C:\Windows\system32\pacerprf.dll
2009-09-16 14:31:56 ----A---- C:\Windows\system32\dps.dll
2009-09-16 14:31:56 ----A---- C:\Windows\system32\cdd.dll
2009-09-16 14:30:49 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-09-16 14:30:49 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-09-16 14:30:48 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-09-16 14:28:51 ----A---- C:\Windows\system32\mcmde.dll
2009-09-16 14:28:50 ----A---- C:\Windows\system32\EncDec.dll
2009-09-16 14:28:49 ----A---- C:\Windows\system32\psisdecd.dll
2009-09-16 14:26:57 ----A---- C:\Windows\system32\msoert2.dll
2009-09-16 14:26:57 ----A---- C:\Windows\system32\msoeacct.dll
2009-09-16 14:26:57 ----A---- C:\Windows\system32\ACCTRES.dll
2009-09-16 14:25:00 ----A---- C:\Windows\system32\TCPSVCS.EXE
2009-09-16 14:25:00 ----A---- C:\Windows\system32\ROUTE.EXE
2009-09-16 14:25:00 ----A---- C:\Windows\system32\NETSTAT.EXE
2009-09-16 14:25:00 ----A---- C:\Windows\system32\netiohlp.dll
2009-09-16 14:25:00 ----A---- C:\Windows\system32\netevent.dll
2009-09-16 14:25:00 ----A---- C:\Windows\system32\MRINFO.EXE
2009-09-16 14:25:00 ----A---- C:\Windows\system32\HOSTNAME.EXE
2009-09-16 14:25:00 ----A---- C:\Windows\system32\finger.exe
2009-09-16 14:25:00 ----A---- C:\Windows\system32\ARP.EXE
2009-09-16 14:24:56 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-09-16 14:24:56 ----A---- C:\Windows\system32\netiougc.exe
2009-09-16 14:22:52 ----A---- C:\Windows\system32\wtsapi32.dll
2009-09-16 14:22:46 ----A---- C:\Windows\system32\sysmain.dll
2009-09-16 14:21:46 ----A---- C:\Windows\system32\WebClnt.dll
2009-09-16 14:20:37 ----A---- C:\Windows\system32\L2SecHC.dll
2009-09-16 14:20:36 ----A---- C:\Windows\system32\wlanmsm.dll
2009-09-16 14:20:36 ----A---- C:\Windows\system32\wlanhlp.dll
2009-09-16 14:20:36 ----A---- C:\Windows\system32\wlanapi.dll
2009-09-16 14:20:35 ----A---- C:\Windows\system32\wlansvc.dll
2009-09-16 14:20:35 ----A---- C:\Windows\system32\wlansec.dll
2009-09-16 14:17:33 ----A---- C:\Windows\system32\t2embed.dll
2009-09-16 14:17:33 ----A---- C:\Windows\system32\lpk.dll
2009-09-16 14:17:33 ----A---- C:\Windows\system32\dciman32.dll
2009-09-16 14:17:33 ----A---- C:\Windows\system32\atmlib.dll
2009-09-16 14:17:33 ----A---- C:\Windows\system32\atmfd.dll
2009-09-16 14:17:32 ----A---- C:\Windows\system32\fontsub.dll
2009-09-16 14:16:04 ----A---- C:\Windows\system32\csrsrv.dll
2009-09-16 14:16:03 ----A---- C:\Windows\system32\winsrv.dll
2009-09-16 14:14:56 ----A---- C:\Windows\system32\rrinstaller.exe
2009-09-16 14:14:56 ----A---- C:\Windows\system32\mfps.dll
2009-09-16 14:14:56 ----A---- C:\Windows\system32\mfpmp.exe
2009-09-16 14:14:56 ----A---- C:\Windows\system32\mferror.dll
2009-09-16 14:14:56 ----A---- C:\Windows\system32\mf.dll
2009-09-16 14:14:54 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-09-16 12:16:55 ----A---- C:\Windows\system32\winhttp.dll
2009-09-16 12:15:40 ----A---- C:\Windows\system32\atl.dll
2009-09-16 12:13:38 ----A---- C:\Windows\system32\gdi32.dll
2009-09-16 12:09:24 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-09-16 12:07:32 ----A---- C:\Windows\system32\msdtcprx.dll
2009-09-16 12:07:31 ----A---- C:\Windows\system32\xolehlp.dll
2009-09-16 12:05:56 ----A---- C:\Windows\system32\wkssvc.dll
2009-09-16 12:04:09 ----A---- C:\Windows\system32\tsgqec.dll
2009-09-16 12:04:09 ----A---- C:\Windows\system32\aaclient.dll
2009-09-16 12:04:08 ----A---- C:\Windows\system32\mstscax.dll
2009-09-16 12:02:09 ----A---- C:\Windows\system32\es.dll
2009-09-16 12:00:33 ----A---- C:\Windows\system32\wmpeffects.dll
2009-09-16 11:58:57 ----A---- C:\Windows\system32\msxml3r.dll
2009-09-16 11:58:57 ----A---- C:\Windows\system32\msxml3.dll
2009-09-16 11:57:23 ----A---- C:\Windows\system32\msscp.dll
2009-09-16 11:56:00 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-09-16 11:55:01 ----A---- C:\Windows\system32\FirewallAPI.dll
2009-09-16 11:55:00 ----A---- C:\Windows\system32\wfapigp.dll
2009-09-16 11:55:00 ----A---- C:\Windows\system32\MPSSVC.dll
2009-09-16 11:55:00 ----A---- C:\Windows\system32\icfupgd.dll
2009-09-16 11:54:59 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-09-16 11:54:59 ----A---- C:\Windows\system32\cmifw.dll
2009-09-16 11:53:55 ----A---- C:\Windows\system32\netapi32.dll
2009-09-16 11:51:24 ----A---- C:\Windows\system32\shell32.dll
2009-09-16 11:50:32 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-09-16 11:49:47 ----A---- C:\Windows\system32\localspl.dll
2009-09-16 11:48:42 ----A---- C:\Windows\system32\msvidc32.dll
2009-09-16 11:48:42 ----A---- C:\Windows\system32\msvfw32.dll
2009-09-16 11:48:42 ----A---- C:\Windows\system32\msrle32.dll
2009-09-16 11:48:42 ----A---- C:\Windows\system32\mciavi32.dll
2009-09-16 11:48:42 ----A---- C:\Windows\system32\avifil32.dll
2009-09-16 11:48:42 ----A---- C:\Windows\system32\avicap32.dll
2009-09-16 11:45:18 ----A---- C:\Windows\system32\DWWIN.EXE
2009-09-16 11:44:27 ----A---- C:\Windows\explorer.exe
2009-09-16 11:42:00 ----A---- C:\Windows\system32\netcfg.exe
2009-09-16 11:39:36 ----A---- C:\Windows\system32\NlsLexicons0046.dll
2009-09-16 11:39:36 ----A---- C:\Windows\system32\NlsLexicons0045.dll
2009-09-16 11:39:35 ----A---- C:\Windows\system32\NlsLexicons0049.dll
2009-09-16 11:39:35 ----A---- C:\Windows\system32\NlsLexicons0047.dll
2009-09-16 11:39:34 ----A---- C:\Windows\system32\NlsLexicons0020.dll
2009-09-16 11:39:33 ----A---- C:\Windows\system32\NlsLexicons0039.dll
2009-09-16 11:39:32 ----A---- C:\Windows\system32\NlsLexicons0021.dll
2009-09-16 11:39:29 ----A---- C:\Windows\system32\NlsLexicons0022.dll
2009-09-16 11:39:28 ----A---- C:\Windows\system32\NlsLexicons0024.dll
2009-09-16 11:39:26 ----A---- C:\Windows\system32\NlsLexicons0026.dll
2009-09-16 11:39:25 ----A---- C:\Windows\system32\NlsLexicons0027.dll
2009-09-16 11:39:23 ----A---- C:\Windows\system32\NlsLexicons0010.dll
2009-09-16 11:39:22 ----A---- C:\Windows\system32\NlsLexicons0011.dll
2009-09-16 11:39:19 ----A---- C:\Windows\system32\NlsLexicons0013.dll
2009-09-16 11:39:17 ----A---- C:\Windows\system32\NlsLexicons0018.dll
2009-09-16 11:39:12 ----A---- C:\Windows\system32\NlsLexicons0019.dll
2009-09-16 11:39:04 ----A---- C:\Windows\system32\NlsLexicons0001.dll
2009-09-16 11:39:02 ----A---- C:\Windows\system32\NlsLexicons0002.dll
2009-09-16 11:39:00 ----A---- C:\Windows\system32\NlsLexicons0003.dll
2009-09-16 11:38:59 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-09-16 11:38:58 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-09-16 11:38:56 ----A---- C:\Windows\system32\NlsLexicons004a.dll
2009-09-16 11:38:55 ----A---- C:\Windows\system32\NlsLexicons004c.dll
2009-09-16 11:38:55 ----A---- C:\Windows\system32\NlsLexicons004b.dll
2009-09-16 11:38:54 ----A---- C:\Windows\system32\NlsLexicons004e.dll
2009-09-16 11:38:54 ----A---- C:\Windows\system32\NlsLexicons003e.dll
2009-09-16 11:38:54 ----A---- C:\Windows\system32\NlsLexicons002a.dll
2009-09-16 11:38:52 ----A---- C:\Windows\system32\NlsLexicons001a.dll
2009-09-16 11:38:51 ----A---- C:\Windows\system32\NlsLexicons001b.dll
2009-09-16 11:38:48 ----A---- C:\Windows\system32\NlsLexicons001d.dll
2009-09-16 11:38:47 ----A---- C:\Windows\system32\NlsLexicons000c.dll
2009-09-16 11:38:47 ----A---- C:\Windows\system32\NlsLexicons000a.dll
2009-09-16 11:38:46 ----A---- C:\Windows\system32\NlsLexicons000d.dll
2009-09-16 11:38:44 ----A---- C:\Windows\system32\NlsLexicons000f.dll
2009-09-16 11:38:43 ----A---- C:\Windows\system32\NlsLexicons0414.dll
2009-09-16 11:38:42 ----A---- C:\Windows\system32\NlsLexicons0416.dll
2009-09-16 11:38:41 ----A---- C:\Windows\system32\NlsLexicons0816.dll
2009-09-16 11:38:40 ----A---- C:\Windows\system32\NlsLexicons081a.dll
2009-09-16 11:38:39 ----A---- C:\Windows\system32\NlsModels0011.dll
2009-09-16 11:38:36 ----A---- C:\Windows\system32\NlsData0045.dll
2009-09-16 11:38:35 ----A---- C:\Windows\system32\NlsData0046.dll
2009-09-16 11:38:34 ----A---- C:\Windows\system32\NlsData0047.dll
2009-09-16 11:38:33 ----A---- C:\Windows\system32\NlsData0049.dll
2009-09-16 11:38:33 ----A---- C:\Windows\system32\NlsData0039.dll
2009-09-16 11:38:31 ----A---- C:\Windows\system32\NlsData0021.dll
2009-09-16 11:38:31 ----A---- C:\Windows\system32\NlsData0020.dll
2009-09-16 11:38:30 ----A---- C:\Windows\system32\NlsData0022.dll
2009-09-16 11:38:29 ----A---- C:\Windows\system32\NlsData0026.dll
2009-09-16 11:38:29 ----A---- C:\Windows\system32\NlsData0024.dll
2009-09-16 11:38:28 ----A---- C:\Windows\system32\NlsData0027.dll
2009-09-16 11:38:27 ----A---- C:\Windows\system32\NlsData0010.dll
2009-09-16 11:38:26 ----A---- C:\Windows\system32\NlsData0013.dll
2009-09-16 11:38:26 ----A---- C:\Windows\system32\NlsData0011.dll
2009-09-16 11:38:25 ----A---- C:\Windows\system32\NlsData0018.dll
2009-09-16 11:38:24 ----A---- C:\Windows\system32\NlsData0000.dll
2009-09-16 11:38:23 ----A---- C:\Windows\system32\NlsData0019.dll
2009-09-16 11:38:23 ----A---- C:\Windows\system32\NlsData0001.dll
2009-09-16 11:38:22 ----A---- C:\Windows\system32\NlsData0007.dll
2009-09-16 11:38:22 ----A---- C:\Windows\system32\NlsData0003.dll
2009-09-16 11:38:22 ----A---- C:\Windows\system32\NlsData0002.dll
2009-09-16 11:38:21 ----A---- C:\Windows\system32\NlsData0009.dll
2009-09-16 11:38:20 ----A---- C:\Windows\system32\NlsData004a.dll
2009-09-16 11:38:19 ----A---- C:\Windows\system32\NlsData004c.dll
2009-09-16 11:38:19 ----A---- C:\Windows\system32\NlsData004b.dll
2009-09-16 11:38:18 ----A---- C:\Windows\system32\NlsData004e.dll
2009-09-16 11:38:18 ----A---- C:\Windows\system32\NlsData003e.dll
2009-09-16 11:38:18 ----A---- C:\Windows\system32\NlsData002a.dll
2009-09-16 11:38:18 ----A---- C:\Windows\system32\NlsData001a.dll
2009-09-16 11:38:17 ----A---- C:\Windows\system32\NlsData001b.dll
2009-09-16 11:38:14 ----A---- C:\Windows\system32\NlsData001d.dll
2009-09-16 11:38:13 ----A---- C:\Windows\system32\NlsData000a.dll
2009-09-16 11:38:12 ----A---- C:\Windows\system32\NlsData000c.dll
2009-09-16 11:38:11 ----A---- C:\Windows\system32\NlsData000d.dll
2009-09-16 11:38:10 ----A---- C:\Windows\system32\NlsData000f.dll
2009-09-16 11:38:09 ----A---- C:\Windows\system32\NlsData0414.dll
2009-09-16 11:38:08 ----A---- C:\Windows\system32\NlsData0416.dll
2009-09-16 11:38:08 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-09-16 11:38:07 ----A---- C:\Windows\system32\NlsData081a.dll
2009-09-16 11:38:07 ----A---- C:\Windows\system32\NlsData0816.dll
2009-09-16 11:38:06 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll
2009-09-16 11:38:06 ----A---- C:\Windows\system32\NlsData0c1a.dll
2009-09-16 11:29:27 ----A---- C:\Windows\system32\setupapi.dll
2009-09-16 11:28:24 ----A---- C:\Windows\system32\srdelayed.exe
2009-09-16 11:28:24 ----A---- C:\Windows\system32\srcore.dll
2009-09-16 11:28:24 ----A---- C:\Windows\system32\srclient.dll
2009-09-16 11:28:24 ----A---- C:\Windows\system32\rstrui.exe
2009-09-16 11:28:23 ----A---- C:\Windows\system32\wpd_ci.dll
2009-09-16 11:28:22 ----A---- C:\Windows\system32\kd1394.dll
2009-09-16 11:28:21 ----A---- C:\Windows\system32\winresume.exe
2009-09-16 11:28:21 ----A---- C:\Windows\system32\winload.exe
2009-09-16 11:28:21 ----A---- C:\Windows\system32\ci.dll
2009-09-16 11:28:20 ----A---- C:\Windows\system32\cfgmgr32.dll
2009-09-16 11:28:19 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-09-16 11:28:19 ----A---- C:\Windows\system32\drvinst.exe
2009-09-16 11:28:19 ----A---- C:\Windows\system32\dpx.dll
2009-09-16 11:28:18 ----A---- C:\Windows\system32\oleaut32.dll
2009-09-16 11:28:18 ----A---- C:\Windows\system32\nshhttp.dll
2009-09-16 11:28:18 ----A---- C:\Windows\system32\kbd106n.dll
2009-09-16 11:28:17 ----A---- C:\Windows\system32\unlodctr.exe
2009-09-16 11:28:17 ----A---- C:\Windows\system32\prflbmsg.dll
2009-09-16 11:28:17 ----A---- C:\Windows\system32\lodctr.exe
2009-09-16 11:28:17 ----A---- C:\Windows\system32\loadperf.dll
2009-09-16 11:28:15 ----A---- C:\Windows\system32\schedsvc.dll
2009-09-16 11:28:14 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-09-16 11:28:13 ----A---- C:\Windows\system32\dispci.dll
2009-09-16 11:28:13 ----A---- C:\Windows\system32\batt.dll
2009-09-16 11:24:11 ----A---- C:\Windows\system32\rpcss.dll
2009-09-16 11:24:10 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-09-16 11:24:10 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-09-16 11:24:09 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-09-16 11:24:08 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-09-16 11:24:06 ----A---- C:\Windows\system32\iasads.dll
2009-09-16 11:24:05 ----A---- C:\Windows\system32\sdohlp.dll
2009-09-16 11:24:05 ----A---- C:\Windows\system32\iasrecst.dll
2009-09-16 11:24:05 ----A---- C:\Windows\system32\iasdatastore.dll
2009-09-16 11:22:41 ----A---- C:\Windows\system32\jscript.dll
2009-09-16 11:20:16 ----A---- C:\Windows\system32\WMASF.DLL
2009-09-16 11:20:16 ----A---- C:\Windows\system32\LAPRXY.DLL
2009-09-16 11:20:16 ----A---- C:\Windows\system32\asferror.dll
2009-09-16 11:19:29 ----A---- C:\Windows\system32\kernel32.dll
2009-09-16 11:19:26 ----A---- C:\Windows\system32\apilogen.dll
2009-09-16 11:19:26 ----A---- C:\Windows\system32\amxread.dll
2009-09-16 11:18:13 ----A---- C:\Windows\system32\SLC.dll
2009-09-16 11:18:12 ----A---- C:\Windows\system32\slwmi.dll
2009-09-16 11:18:12 ----A---- C:\Windows\system32\mcbuilder.exe
2009-09-16 11:18:11 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-09-16 11:18:10 ----A---- C:\Windows\system32\SLUINotify.dll
2009-09-16 11:18:10 ----A---- C:\Windows\system32\SLUI.exe
2009-09-16 11:18:10 ----A---- C:\Windows\system32\SLLUA.exe
2009-09-16 11:18:08 ----A---- C:\Windows\system32\SLsvc.exe
2009-09-16 11:18:08 ----A---- C:\Windows\system32\slcinst.dll
2009-09-16 11:17:07 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-09-16 11:17:06 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-09-16 11:17:05 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-09-16 11:13:41 ----A---- C:\Windows\system32\advpack.dll
2009-09-16 11:13:40 ----A---- C:\Windows\system32\iedkcs32.dll
2009-09-16 11:13:40 ----A---- C:\Windows\system32\admparse.dll
2009-09-16 11:13:39 ----A---- C:\Windows\system32\ieakui.dll
2009-09-16 11:13:39 ----A---- C:\Windows\system32\ieaksie.dll
2009-09-16 11:13:38 ----A---- C:\Windows\system32\ieapfltr.dll
2009-09-16 11:13:37 ----A---- C:\Windows\system32\wininet.dll
2009-09-16 11:13:37 ----A---- C:\Windows\system32\jsproxy.dll
2009-09-16 11:13:36 ----A---- C:\Windows\system32\dxtrans.dll
2009-09-16 11:13:36 ----A---- C:\Windows\system32\dxtmsft.dll
2009-09-16 11:13:35 ----A---- C:\Windows\system32\msfeeds.dll
2009-09-16 11:13:34 ----A---- C:\Windows\system32\ieui.dll
2009-09-16 11:13:32 ----A---- C:\Windows\system32\ieframe.dll
2009-09-16 11:13:28 ----A---- C:\Windows\system32\mshtmler.dll
2009-09-16 11:13:28 ----A---- C:\Windows\system32\mshtmled.dll
2009-09-16 11:13:28 ----A---- C:\Windows\system32\ieencode.dll
2009-09-16 11:13:27 ----A---- C:\Windows\system32\mshtml.dll
2009-09-16 11:13:24 ----A---- C:\Windows\system32\mstime.dll
2009-09-16 11:13:23 ----A---- C:\Windows\system32\icardie.dll
2009-09-16 11:13:19 ----A---- C:\Windows\system32\ieUnatt.exe
2009-09-16 11:13:17 ----A---- C:\Windows\system32\urlmon.dll
2009-09-16 11:13:17 ----A---- C:\Windows\system32\occache.dll
2009-09-16 11:13:16 ----A---- C:\Windows\system32\pngfilt.dll
2009-09-16 11:13:16 ----A---- C:\Windows\system32\iertutil.dll
2009-09-16 11:13:15 ----A---- C:\Windows\system32\iesetup.dll
2009-09-16 11:13:15 ----A---- C:\Windows\system32\iernonce.dll
2009-09-16 11:13:15 ----A---- C:\Windows\system32\ie4uinit.exe
2009-09-15 23:37:26 ----D---- C:\Users\costinha\AppData\Roaming\Adobe
2009-09-15 23:27:18 ----D---- C:\Users\costinha\AppData\Roaming\Mozilla
2009-09-15 23:26:39 ----D---- C:\Program Files\Mozilla Firefox
2009-09-15 23:19:38 ----D---- C:\Program Files\VideoLAN
2009-09-15 22:49:32 ----D---- C:\ProgramData\Avira
2009-09-15 22:49:32 ----D---- C:\Program Files\Avira
2009-09-15 09:42:22 ----D---- C:\ProgramData\Messenger Plus!
2009-09-15 03:48:03 ----A---- C:\Windows\CLEANUP.INI
2009-09-15 03:48:03 ----A---- C:\Windows\CLEANUP.CMD
2009-09-15 01:42:00 ----A---- C:\Windows\system32\ntprint.exe
2009-09-15 01:42:00 ----A---- C:\Windows\system32\ntprint.dll
2009-09-15 01:41:58 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-09-15 01:41:58 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-09-15 01:41:58 ----A---- C:\Windows\system32\dhcpcmonitor.dll
2009-09-15 01:41:56 ----A---- C:\Windows\system32\authui.dll
2009-09-15 01:41:54 ----A---- C:\Windows\system32\sendmail.dll
2009-09-15 01:40:13 ----A---- C:\Windows\system32\win32spl.dll
2009-09-15 01:40:13 ----A---- C:\Windows\system32\printcom.dll
2009-09-15 01:38:43 ----A---- C:\Windows\system32\wshrm.dll
2009-09-15 01:37:04 ----A---- C:\Windows\system32\wmploc.DLL
2009-09-15 01:37:02 ----A---- C:\Windows\system32\wmp.dll
2009-09-15 01:37:01 ----A---- C:\Windows\system32\spwmp.dll
2009-09-15 01:37:01 ----A---- C:\Windows\system32\dxmasf.dll
2009-09-15 01:36:53 ----A---- C:\Windows\system32\wmpdxm.dll
2009-09-15 01:34:47 ----A---- C:\Windows\system32\sbunattend.exe
2009-09-15 01:31:14 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-09-15 01:31:14 ----A---- C:\Windows\system32\dnscacheugc.exe
2009-09-15 01:31:14 ----A---- C:\Windows\system32\dnsapi.dll
2009-09-15 01:06:05 ----A---- C:\Windows\system32\infocardapi.dll
2009-09-15 01:06:05 ----A---- C:\Windows\system32\icardres.dll
2009-09-15 01:06:05 ----A---- C:\Windows\system32\icardagt.exe
2009-09-15 01:05:55 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-09-15 01:05:51 ----A---- C:\Windows\system32\PresentationHost.exe
2009-09-15 01:05:50 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-09-15 01:05:49 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-09-15 00:30:16 ----A---- C:\Windows\system32\netfxperf.dll
2009-09-15 00:30:16 ----A---- C:\Windows\system32\dfshim.dll
2009-09-15 00:30:13 ----A---- C:\Windows\system32\mscoree.dll
2009-09-15 00:30:12 ----A---- C:\Windows\system32\mscories.dll
2009-09-15 00:30:12 ----A---- C:\Windows\system32\mscorier.dll
2009-09-14 23:59:16 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-09-14 23:59:10 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-09-14 23:59:09 ----A---- C:\Windows\system32\gameux.dll
2009-09-14 23:57:27 ----A---- C:\Windows\system32\logagent.exe
2009-09-14 23:57:26 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-09-14 23:55:46 ----A---- C:\Windows\system32\INETRES.dll
2009-09-14 23:55:46 ----A---- C:\Windows\system32\inetcomm.dll
2009-09-14 23:55:00 ----A---- C:\Windows\system32\connect.dll
2009-09-14 23:54:21 ----A---- C:\Windows\system32\wmi.dll
2009-09-14 23:54:21 ----A---- C:\Windows\system32\imagehlp.dll
2009-09-14 23:53:41 ----A---- C:\Windows\system32\rpcrt4.dll
2009-09-14 23:52:49 ----A---- C:\Windows\system32\quartz.dll
2009-09-14 23:52:18 ----A---- C:\Windows\system32\crypt32.dll
2009-09-14 23:51:40 ----D---- C:\Program Files\MSXML 4.0
2009-09-14 23:50:58 ----A---- C:\Windows\system32\user32.dll
2009-09-14 23:50:24 ----A---- C:\Windows\system32\msxml6r.dll
2009-09-14 23:50:24 ----A---- C:\Windows\system32\msxml6.dll
2009-09-14 23:48:17 ----A---- C:\Windows\system32\qmgr.dll
2009-09-14 23:15:41 ----D---- C:\ProgramData\Yahoo! Companion
2009-09-14 21:06:56 ----D---- C:\Windows\SoftwareDistribution
2009-09-14 20:38:18 ----D---- C:\Program Files\Messenger Plus! Live
2009-09-14 20:20:03 ----D---- C:\Program Files\Microsoft
2009-09-14 20:19:36 ----D---- C:\Program Files\Windows Live SkyDrive
2009-09-14 20:19:13 ----D---- C:\Program Files\Windows Live
2009-09-14 20:18:44 ----D---- C:\Windows\PCHEALTH
2009-09-14 20:15:57 ----D---- C:\Program Files\Common Files\Windows Live
2009-09-14 19:54:15 ----A---- C:\Windows\system32\Remove_eRecovery.exe
2009-09-14 19:54:15 ----A---- C:\Windows\system32\LauncheRyAgentUser.exe
2009-09-14 19:54:15 ----A---- C:\Windows\system32\ERUpdateHidden.EXE
2009-09-14 19:54:15 ----A---- C:\Windows\system32\ClearEvent.exe
2009-09-14 19:54:15 ----A---- C:\Windows\system32\Acer EULA.txt
2009-09-14 19:54:14 ----A---- C:\Windows\system32\CheckD2DSystem.exe
2009-09-14 19:51:55 ----A---- C:\Windows\system32\NATTraversal.dll
2009-09-14 19:45:52 ----A---- C:\Windows\system32\acpimof.dll
2009-09-14 19:44:26 ----D---- C:\Windows\system32\i386
2009-09-14 19:43:44 ----D---- C:\Program Files\Common Files\Logitech
2009-09-14 19:43:44 ----D---- C:\Program Files\Acer
2009-09-14 19:41:10 ----D---- C:\Windows\Options
2009-09-14 19:41:10 ----D---- C:\Program Files\Atheros
2009-09-14 19:40:39 ----D---- C:\temp
2009-09-14 19:37:22 ----A---- C:\Windows\system32\RtkCoInst.dll
2009-09-14 19:37:17 ----A---- C:\Windows\RtHDVCpl.exe
2009-09-14 19:35:55 ----D---- C:\Program Files\Launch Manager
2009-09-14 19:34:17 ----SHD---- C:\$RECYCLE.BIN
2009-09-14 19:33:52 ----D---- C:\Users\costinha\AppData\Roaming\Identities
2009-09-14 19:33:17 ----D---- C:\Program Files\Yahoo!
2009-09-14 19:32:38 ----D---- C:\Windows\system32\Macromed
2009-09-14 19:32:36 ----D---- C:\ProgramData\InstallShield
2009-09-14 19:32:33 ----D---- C:\Users\costinha\AppData\Roaming\Macromedia
2009-09-14 19:32:23 ----D---- C:\Program Files\Acer Inc
2009-09-14 19:32:23 ----A---- C:\Windows\Acer.ini
2009-09-14 19:32:21 ----D---- C:\Windows\Acer
2009-09-14 19:30:24 ----SD---- C:\Users\costinha\AppData\Roaming\Microsoft
2009-09-14 19:30:24 ----D---- C:\Users\costinha\AppData\Roaming\Media Center Programs
2009-09-14 19:26:39 ----SHD---- C:\ProgramData\Modèles
2009-09-14 19:26:39 ----SHD---- C:\ProgramData\Menu Démarrer
2009-09-14 19:26:39 ----SHD---- C:\ProgramData\Favoris
2009-09-14 19:26:39 ----SHD---- C:\ProgramData\Bureau
2009-09-14 19:26:39 ----SHD---- C:\Program Files\Fichiers communs

======List of files/folders modified in the last 1 months======

2009-10-07 01:46:13 ----D---- C:\Windows\Temp
2009-10-07 01:45:54 ----RD---- C:\Program Files
2009-10-07 00:37:15 ----SHD---- C:\Windows\Installer
2009-10-07 00:36:16 ----RSD---- C:\Windows\assembly
2009-10-07 00:32:29 ----RSD---- C:\Windows\Fonts
2009-10-07 00:29:06 ----SHD---- C:\System Volume Information
2009-10-07 00:28:21 ----D---- C:\Windows\System32
2009-10-07 00:03:37 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-10-07 00:03:36 ----D---- C:\Windows\inf
2009-10-06 22:49:01 ----SD---- C:\ProgramData\Microsoft
2009-10-06 18:22:25 ----D---- C:\Windows\system32\fr-FR
2009-10-06 14:54:13 ----D---- C:\Windows\winsxs
2009-10-06 12:03:45 ----D---- C:\Windows\system32\catroot
2009-10-04 18:31:18 ----D---- C:\Windows\system32\catroot2
2009-10-04 00:15:13 ----D---- C:\Windows\system32\WDI
2009-09-30 20:31:14 ----D---- C:\ProgramData\Symantec
2009-09-28 19:40:18 ----D---- C:\Windows\LiveKernelReports
2009-09-21 16:44:02 ----D---- C:\Windows\system32\drivers
2009-09-21 16:07:13 ----D---- C:\Windows
2009-09-21 15:50:57 ----HD---- C:\ProgramData
2009-09-21 15:45:01 ----D---- C:\Windows\twain_32
2009-09-19 03:01:33 ----D---- C:\Program Files\Norton Internet Security
2009-09-19 03:01:33 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-09-18 21:34:40 ----D---- C:\Windows\Tasks
2009-09-18 21:34:40 ----D---- C:\Windows\system32\Tasks
2009-09-18 11:26:44 ----D---- C:\Windows\servicing
2009-09-17 20:52:05 ----D---- C:\Program Files\Common Files
2009-09-17 20:51:53 ----D---- C:\Program Files\Intel
2009-09-17 20:47:20 ----D---- C:\Windows\Debug
2009-09-17 18:07:39 ----D---- C:\Windows\rescache
2009-09-16 16:16:06 ----D---- C:\Windows\Microsoft.NET
2009-09-16 15:59:44 ----D---- C:\Windows\system32\NDF
2009-09-16 15:14:44 ----ASH---- C:\Program Files\desktop.ini
2009-09-16 14:46:02 ----D---- C:\Program Files\Windows Calendar
2009-09-16 14:46:00 ----D---- C:\Windows\system32\ras
2009-09-16 14:45:58 ----D---- C:\Windows\system32\icsxml
2009-09-16 14:45:40 ----D---- C:\Windows\ehome
2009-09-16 14:45:27 ----D---- C:\Program Files\Windows Mail
2009-09-16 14:45:26 ----D---- C:\Program Files\Common Files\System
2009-09-16 14:45:22 ----D---- C:\Windows\system32\migration
2009-09-16 14:45:15 ----D---- C:\Windows\system32\wbem
2009-09-16 14:44:45 ----D---- C:\Program Files\Windows Defender
2009-09-16 14:42:56 ----D---- C:\Windows\system32\manifeststore
2009-09-16 14:42:52 ----D---- C:\Windows\AppPatch
2009-09-16 14:42:48 ----D---- C:\Windows\system32\SLUI
2009-09-16 14:42:37 ----D---- C:\Program Files\Internet Explorer
2009-09-15 19:06:08 ----D---- C:\Windows\system32\spool
2009-09-15 19:06:07 ----D---- C:\Windows\system32\OEM
2009-09-15 19:06:07 ----D---- C:\Windows\system32\CodeIntegrity
2009-09-15 15:37:56 ----D---- C:\Windows\Prefetch
2009-09-15 09:26:51 ----D---- C:\Program Files\Windows Media Player
2009-09-15 09:26:48 ----D---- C:\Program Files\Windows Sidebar
2009-09-15 09:26:30 ----D---- C:\Windows\system32\XPSViewer
2009-09-15 09:26:30 ----D---- C:\Windows\system32\en-US
2009-09-15 03:48:35 ----D---- C:\DRV
2009-09-14 21:29:38 ----D---- C:\Windows\Logs
2009-09-14 21:19:12 ----D---- C:\Windows\Panther
2009-09-14 21:17:56 ----D---- C:\Program Files\Acer Arcade Deluxe
2009-09-14 21:09:43 ----D---- C:\Windows\system
2009-09-14 20:19:44 ----D---- C:\Program Files\Common Files\microsoft shared
2009-09-14 20:07:19 ----A---- C:\Windows\Alaunch.ini
2009-09-14 19:53:06 ----HD---- C:\Program Files\InstallShield Installation Information
2009-09-14 19:42:57 ----D---- C:\Acer
2009-09-14 19:39:00 ----D---- C:\Windows\system32\RTCOM
2009-09-14 19:37:32 ----A---- C:\Windows\DIFxAPI.dll
2009-09-14 19:37:12 ----D---- C:\Program Files\Realtek
2009-09-14 19:32:18 ----SD---- C:\Windows\Downloaded Program Files
2009-09-14 19:32:14 ----D---- C:\Program Files\Common Files\InstallShield
2009-09-14 19:31:40 ----D---- C:\Windows\system32\restore
2009-09-14 19:30:23 ----RD---- C:\Users
2009-09-14 19:26:39 ----D---- C:\Program Files\Windows NT

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 DritekPortIO;Dritek General Port I/O; \??\C:\PROGRA~1\LAUNCH~1\DPortIO.sys [2006-11-02 20112]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2009-09-17 371248]
R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20090923.001\IDSvix86.sys [2009-08-26 272432]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2006-11-21 406672]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2006-11-21 24184]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-09-15 28520]
R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2006-11-21 185744]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-09-15 55656]
R2 int15;int15; \??\C:\Acer\Empowering Technology\eRecovery\int15.sys [2005-01-13 69632]
R2 irda;Protocole IrDA; C:\Windows\system32\DRIVERS\irda.sys [2006-11-02 95744]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-04 8192]
R3 bcm4sbxp;Pilote XP du contrôleur intégré Broadcom 440x 10/100; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-02 45056]
R3 CmBatt;Pilote pour Batterie à méthode de contrôle ACPI Microsoft; C:\Windows\system32\DRIVERS\CmBatt.sys [2009-09-16 14208]
R3 DKbFltr;Dritek Keyboard Filter Driver; C:\Windows\system32\DRIVERS\DKbFltr.sys [2006-11-02 21264]
R3 EMSCR;EMSCR; C:\Windows\system32\DRIVERS\EMS7SK.sys [2006-10-25 62208]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-09-17 102448]
R3 ESDCR;ESDCR; C:\Windows\system32\DRIVERS\ESD7SK.sys [2006-10-25 42240]
R3 ESMCR;ESMCR; C:\Windows\system32\DRIVERS\ESM7SK.sys [2006-10-25 76928]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-10-18 986624]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-10-18 206848]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2006-12-01 1655464]
R3 lv321av;Logitech USB PC Camera (VC0321); C:\Windows\system32\DRIVERS\lv321av.sys [2006-11-20 847392]
R3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20091006.005\NAVENG.SYS [2009-09-17 84912]
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20091006.005\NAVEX15.SYS [2009-09-17 1323568]
R3 NETw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-11-17 3668480]
R3 NTIDrvr;Upper Class Filter Driver; C:\Windows\system32\DRIVERS\NTIDrvr.sys [2006-12-05 6144]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2006-11-22 4455264]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-09-16 82432]
R3 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2006-11-21 245880]
R3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [2006-11-21 11792]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2006-12-05 109744]
R3 SYMFW;SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [2006-11-21 144784]
R3 SYMIDS;SYMIDS; C:\Windows\System32\Drivers\SYMIDS.SYS [2006-11-21 38928]
R3 SYMNDISV;SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [2006-11-21 37008]
R3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2006-11-21 26384]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2006-10-23 179896]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-10-18 659968]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2009-09-16 11264]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2006-11-02 167936]
S3 drmkaud;Filtre de décodeur DRM (Noyau Microsoft); C:\Windows\system32\drivers\drmkaud.sys [2006-11-02 5632]
S3 HdAudAddService;Pilote de fonction UAA 1.1 Microsoft pour le service High Definition Audio; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 MSKSSRV;Proxy de service de répartition Microsoft; C:\Windows\system32\drivers\MSKSSRV.sys [2006-11-02 8192]
S3 MSPCLOCK;Proxy d'horloge de répartition Microsoft; C:\Windows\system32\drivers\MSPCLOCK.sys [2006-11-02 5888]
S3 MSPQM;Proxy de gestion de qualité de répartition Microsoft; C:\Windows\system32\drivers\MSPQM.sys [2006-11-02 5504]
S3 MSTEE;Convertisseur en T/site-à-site de répartition Microsoft; C:\Windows\system32\drivers\MSTEE.sys [2006-11-02 6016]
S3 NETw3v32;Pilote de carte réseau Intel(R) PRO/Wireless 3945ABG pour Windows Vista 32 bits; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-10-30 1786880]
S3 SMSCIRDA;SMSC Infrared Device Driver; C:\Windows\system32\DRIVERS\SMSCirda.sys [2006-10-18 31232]
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2006-11-21 275576]
S3 UIUSys;Conexant Setup API; C:\Windows\system32\DRIVERS\UIUSYS.SYS []
S3 usbscan;Pilote de scanneur USB; C:\Windows\system32\DRIVERS\usbscan.sys [2006-11-02 35328]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2006-11-02 82560]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-09-15 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-09-15 185089]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-11-21 107624]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-11-21 107624]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-11-21 107624]
R2 eLockService;eLock Service; C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe [2006-11-30 24576]
R2 eNet Service;eNet Service; C:\Acer\Empowering Technology\eNet\eNet Service.exe [2006-11-20 118784]
R2 eRecoveryService;eRecovery Service; C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe [2006-11-16 45056]
R2 eSettingsService;eSettings Service; C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2006-11-13 24576]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-10-16 860160]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2006-11-02 22016]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-10-19 61440]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2006-11-21 107624]
R2 MobilityService;MobilityService; C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 107008]
R2 Planificateur LiveUpdate automatique;Planificateur LiveUpdate automatique; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2006-11-21 194240]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-10-16 466944]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-07-19 262247]
R2 SymAppCore;Symantec AppCore Service; C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [2006-11-21 46736]
R2 WMIService;ePower Service; C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2006-12-01 131072]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-04 386560]
R3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2006-12-05 1174152]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S3 comHost;COM Host; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [2006-11-21 49296]
S3 ISPwdSvc;Validation de mot de passe Symantec IS; C:\Program Files\Norton Internet Security\isPwdSvc.exe [2006-11-21 80552]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-11-21 2541248]

-----------------EOF-----------------


info

info.txt logfile of random's system information tool 1.06 2009-10-07 01:52:45

======Uninstall list======

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B145EC69-66F5-11D8-9D75-000129760D75}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B804C424-B66D-447A-84BD-C6B88C392C3A}\setup.exe" -uninstall
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F79A208D-D929-11D9-9D77-000129760D75}\setup.exe" -uninstall
Acer Arcade Deluxe-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EFBDC2B0-FAA8-4B78-8DE1-AEBE7958FA37}\setup.exe" -uninstall
Acer eDataSecurity Management-->C:\Acer\Empowering Technology\eDataSecurity\eDSnstHelper.exe -Operation UNINSTALL
Acer eLock Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{116FF17B-1A30-4FC2-9B01-5BC5BD46B0B3}\setup.exe" -l0x40c -removeonly
Acer Empowering Technology-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB6097D9-D722-4987-BD9E-A076E2848EE2}\setup.exe" -l0x40c -removeonly
Acer eNet Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C06554A1-2C1E-4D20-B613-EE62C79927CC}\setup.exe" -l0x40c -removeonly
Acer ePower Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{58E5844B-7CE2-413D-83D1-99294BF6C74F}\setup.exe" -l0x40c -removeonly
Acer ePresentation Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BF839132-BD43-4056-ACBF-4377F4A88E2A}\setup.exe" -l0x40c -removeonly
Acer eSettings Management-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE65A9A0-9686-45C6-9098-3C9543A412F0}\setup.exe" -l0x40c -removeonly
Acer GridVista-->C:\Windows\UnInst32.exe GridV.UNI
Acer Mobility Center Plug-In-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{11316260-6666-467B-AC34-183FCB5D4335}\setup.exe" -l0x40c -removeonly
Acer OrbiCam Application-->MsiExec.exe /X{0F79C1B2-36B2-4B62-8221-42721CF54638}
Acer ScreenSaver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{79DD56FC-DB8B-47F5-9C80-78B62E05F9BC}\setup.exe" -l0x9 -removeonly
Acer Tour-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{94389919-B0AA-4882-9BE8-9F0B004ECA35}\setup.exe" -l0x40c -removeonly
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Flash Player 9 ActiveX-->C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Reader 7.0-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
AppCore-->MsiExec.exe /I{EFB5B3B5-A280-4E25-BE1C-634EEFE32C1B}
Assistant de connexion Windows Live-->MsiExec.exe /I{DCE8CD14-FBF5-4464-B9A4-E18E473546C7}
AV-->MsiExec.exe /I{F4DB525F-A986-4249-B98B-42A8066251CA}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
ccCommon-->MsiExec.exe /I{3CCAD2EF-CFF2-4637-82AA-AABF370282D3}
eoEngine 9.1-->"C:\Program Files\EoRezo\unins000.exe"
EPSON Logiciel imprimante-->C:\Windows\system32\spool\DRIVERS\W32X86\3\EPUPDATE.EXE /R
EPSON Scan-->C:\Program Files\epson\escndv\setup\setup.exe /r
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFAOR2C06_118\HXFSETUP.EXE -U -IAcrSUN32z.inf
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe
Installation Windows Live-->MsiExec.exe /I{46ABBC54-1872-4AA3-95E2-F2C063A63F31}
Intel PROSet Wireless-->Intel PROSet Wireless
Java(TM) 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Launch Manager-->C:\Windows\UnInst32.exe LManager.UNI
LiveUpdate 3.2 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Notice (Symantec Corporation)-->MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Messenger Plus! Live-->"C:\Program Files\Messenger Plus! Live\Uninstall.exe"
Microsoft .NET Framework 3.5 Language Pack SP1 - fra-->MsiExec.exe /I{3E31821C-7917-367E-938E-E65FC413EA31}
Microsoft .NET Framework 3.5 SP1-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Module linguistique Microsoft .NET Framework 3.5 SP1- fra-->C:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 Language Pack SP1 - fra\setup.exe
Mozilla Firefox (3.5.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSRedist-->MsiExec.exe /I{B7C61755-DB48-4003-948F-3D34DB8EAF69}
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Norton AntiVirus-->MsiExec.exe /X{830D8CBD-C668-49e2-A969-C2C2106332E0}
Norton Confidential Browser Component-->MsiExec.exe /I{4843B611-8FCB-4428-8C23-31D0A5EAE164}
Norton Confidential Web Protection Component-->MsiExec.exe /I{D353CC51-430D-4C6F-9B7E-52003DA1E05A}
Norton Internet Security (Symantec Corporation)-->"C:\Program Files\Common Files\Symantec Shared\SymSetup\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}_10_1_0_26\{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}.exe" /X
Norton Internet Security-->MsiExec.exe /I{3672B097-EA69-4bfe-B92F-29AE6D9D2B34}
Norton Internet Security-->MsiExec.exe /I{48185814-A224-447A-81DA-71BD20580E1B}
Norton Internet Security-->MsiExec.exe /I{5AA2CD16-706F-41f3-87C5-2B5A031F2B3B}
Norton Internet Security-->MsiExec.exe /I{E3EFA461-EB83-4C3B-9C47-2C1D58A01555}
Norton Internet Security-->MsiExec.exe /I{E5EE9939-259F-4DE2-8023-5C49E16A4F43}
Norton Protection Center-->Ms

Salut OursoN78

Télécharge AD-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

Déconnecte-toi et ferme toutes applications en cours

Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).

Double-clique sur l'icône AD-Remover située sur ton Bureau.

Au menu principal, choisis l'option L.

Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report(date).log)

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure

Aide : http://commentcestfait.forumactif.net/tutos-securite-f31/tutorielad-remover-t(...)


@++

Bonsoir,
elle a un petit problème, voici ce qui se passe
http://www.casimages.com/img.php?i=091007081758201495.jpg

Salut OursoN78


Effectivement pour Vista :

Désactive le contrôle des comptes utilisateurs UAC (tu le réactiveras après le scan):

- Va dans démarrer puis panneau de configuration
- Double Clique sur l'icône "Comptes d'utilisateurs"
- Clique ensuite sur désactiver et valide.

Télécharge AD-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

Déconnecte-toi et ferme toutes applications en cours

Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).

Faire un clique droit sur l'icône AD-Remover située sur ton Bureau et choisir exécuter en tant qu'administrateur.

Au menu principal, choisis l'option L.

Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report(date).log)

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure

Aide : http://commentcestfait.forumactif.net/tutos-securite-f31/tutorielad-remover-t(...)


@++

Bonsoir,
Voici le rapport demandé

.
======= RAPPORT D'AD-REMOVER 1.1.4.5_X | UNIQUEMENT XP/VISTA/7 =======
.
Mit à jour par C_XX le 07.10.2009 à 18:54
Contact: AdRemover.contact@gmail.com
Site web: http://pagesperso-orange.fr/NosTools/ad_remover.html
.
Lancé à: 22:14:37, 08/10/2009 | Mode Normal | Option: CLEAN
Exécuté de: C:\Program Files\Ad-Remover\
Système d'exploitation: Microsoft® Windows Vista™ Home Premium v6.0.6000
Nom du PC: PC-DE-... | Utilisateur actuel: ...
.
============== ÉLÉMENT(S) NEUTRALISÉ(S) ==============
.

HKU\S-1-5-21-2143254248-2168038327-2016686245-1000\Software\Eorezo
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SearchSettings
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\EoEngine
HKLM\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SoftwareHelper
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
HKLM\Software\Microsoft\Internet Explorer\Toolbar\\{B922D405-6D13-4A2B-AE89-08A030DA4402}
HKLM\Software\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}
HKLM\Software\Classes\CLSID\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}
.
C:\Windows\Installer\2b01cb.msi
C:\Users\costinha\AppData\Local\Temp\is-T98OT.tmp\EoRezo
C:\Users\costinha\AppData\Roaming\Microsoft\Windows\Cookies\costinha@eorezo[1].txt
C:\Users\costinha\AppData\Roaming\Microsoft\Windows\Cookies\Low\costinha@ads.eorezo[2].txt
C:\Users\costinha\AppData\Roaming\Microsoft\Windows\Cookies\Low\costinha@eorezo[2].txt

(!) -- Fichiers temporaires supprimés.

.
============== Scan additionnel ==============
.
.
* Mozilla FireFox Version 3.5.3 [fr] *
.
Nom du profil: 2mcrac67.default (costinha)
.
(Prefs.js) user_pref("browser.startup.homepage", "hxxp://y.lo.st");
(Prefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.1.3");
(Invalidprefs.js) user_pref("browser.startup.homepage", "hxxp://y.lo.st");
(Invalidprefs.js) user_pref("browser.startup.homepage_override.mstone", "rv:1.9.1.3");
.
(Invalidprefs.js) EFFACÉ: user_pref("browser.startup.homepage", "hxxp://y.lo.st");
(prefs.js) EFFACÉ: user_pref("browser.startup.homepage", "hxxp://y.lo.st");
.
* Internet Explorer Version 7.0.6000.16890 *
.
[HKEY_CURRENT_USER\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
SEARCH PAGE: hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*hxxp://fr.yahoo.com
Default_search_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Default_page_url: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Search bar: hxxp://go.microsoft.com/fwlink/?linkid=54896
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\Main]
.
Start Page: hxxp://fr.msn.com/
Default_Page_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
Default_Search_URL: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search Page: hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Search bar: hxxp://search.msn.com/spbasic.htm
.
[HKEY_LOCAL_MACHINE\..\Internet Explorer\ABOUTURLS]
.
Tabs: res://ieframe.dll/tabswelcome.htm
.
============== Suspect (Cracks, Serials ... ) ==============
.
C:\Users\All Users\Symantec\LiveUpdate\Downloads\1209776195jtun_hbpatch07.x00.full.zip
.
===================================
.
3524 Octet(s) - C:\Ad-Report-CLEAN[1].log
.
381 Fichier(s) - C:\Users\costinha\AppData\Local\Temp
66 Fichier(s) - C:\Windows\Temp
.
20 Fichier(s) - C:\Program Files\Ad-Remover\BACKUP
4 Fichier(s) - C:\Program Files\Ad-Remover\QUARANTINE
.
Fin à: 22:58:01 | 08/10/2009 - CLEAN[1]
.
============== E.O.F ==============
.

Salut OursoN78


-Télécharge et installe MalwareByte's Anti-Malware
http://www.malwarebytes.org/mbam/program/mbam-setup.exe

- Mets le à jour

---

- Redémarre en mode sans échec :

Au redémarrage de ton PC tapote sur la touche F8 ou F5, sur l'écran suivant déplace toi avec les flèches de direction et choisis Mode sans échec. Choisis ta session habituelle et non la session Administrateur

---

- Double clique sur le raccourci de MalwareByte's Anti-Malware qui est sur le bureau.
- Sélectionne Exécuter un examen complet si ce n'est pas déjà fait
- clique sur Rechercher

- Une fois le scan terminé, une fenêtre s'ouvre, clique sur sur Ok

- Si MalwareByte's n'a rien détecté, clique sur Ok Un rapport va apparaître ferme-le.

- Si MalwareByte's a détecté des infections, clique sur Afficher les résultats ensuite sur Supprimer la sélection

- Enregistre le rapport sur ton Bureau comme cela il sera plus facile à retrouver, poste ensuite ce rapport.

Note : Si MalwareByte's a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok

Tutoriel pour MalwareByte's ici :
http://www.malekal.com/tutorial_MalwareBytes_AntiMalware.php


@++

Bonsoir,

Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2931
Windows 6.0.6000 (Safe Mode)

09/10/2009 20:43:52
mbam-log-2009-10-09 (20-43-52).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 184518
Temps écoulé: 38 minute(s), 40 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 5

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\EoRezo (Rogue.Eorezo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\softwarehelper (Rogue.Eorezo) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Users\costinha\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdateHP.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\$RECYCLE.BIN\S-1-5-21-2143254248-2168038327-2016686245-1000\$RFCKWVE\EoEngine.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\$RECYCLE.BIN\S-1-5-21-2143254248-2168038327-2016686245-1000\$RFCKWVE\EoAdv\EoAdv.dll (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\$RECYCLE.BIN\S-1-5-21-2143254248-2168038327-2016686245-1000\$RFCKWVE\EoAdv\EoRezoBHO.dll (Rogue.Eorezo) -> Quarantined and deleted successfully.
C:\Users\costinha\AppData\Roaming\EoRezo\SoftwareUpdate\SoftwareUpdate.exe (Rogue.Eorezo) -> Quarantined and deleted successfully.

Salut OursoN78

Télécharge AD-Remover (de Cyrildu17 / C_XX) sur ton Bureau.

Déconnecte-toi et ferme toutes applications en cours

Double-clique sur le programme d'installation, installe-le dans son emplacement par défaut (C:\Program files).

Double-clique sur l'icône AD-Remover située sur ton Bureau.

Au menu principal, choisis l'option L.

Poste le rapport qui apparaît à la fin.

(Le rapport est sauvegardé aussi sous C:\Ad-report(date).log)

(CTRL+A pour tout sélectionner, CTRL+C pour copier et CTRL+V pour coller)

Note : "Process.exe", une composante de l'outil, est détecté par certains antivirus comme une infection, ne pas en tenir compte, il s'agit d'un faux positif, continue la procédure

Aide : http://commentcestfait.forumactif.net/tutos-securite-f31/tutorielad-remover-t(...)


@++