Probleme: Pub Pop-up exaspérant [résolu]
Dernière réponse : dans Sécurité
Bonjour à tous,
Depuis quelques semaines, ma navigation internet est constamment pertubée par l'ouverture de publicité intempestive.
J'ai parcouru le forum, et je vois que ce problème est très récurrent.
Alors j'ai suivi les étapes souvent redemandées aux utilisateurs, les voici:
Ad-Remover:
http://www.sendspace.com/file/5691iw
OTL
http://www.sendspace.com/file/9pqhbt
http://www.sendspace.com/file/5f5be9
Malwarebytes Anti-Malware n'a détecté aucun problème.
SecurityCheck:
Results of screen317's Security Check version 0.99.12
Windows 7 (UAC is enabled)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
MVPS Hosts File
Malwarebytes' Anti-Malware
Adobe Flash Player 10.3.181.14
Adobe Reader X (10.0.1) - Français
Mozilla Firefox (x86 fr..)
````````````````````````````````
Process Check:
objlist.exe by Laurent
Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbam.exe
``````````End of Log````````````
Merci à tous pour votre aide!
Depuis quelques semaines, ma navigation internet est constamment pertubée par l'ouverture de publicité intempestive.
J'ai parcouru le forum, et je vois que ce problème est très récurrent.
Alors j'ai suivi les étapes souvent redemandées aux utilisateurs, les voici:
Ad-Remover:
http://www.sendspace.com/file/5691iw
OTL
http://www.sendspace.com/file/9pqhbt
http://www.sendspace.com/file/5f5be9
Malwarebytes Anti-Malware n'a détecté aucun problème.
SecurityCheck:
Results of screen317's Security Check version 0.99.12
Windows 7 (UAC is enabled)
Internet Explorer 8
``````````````````````````````
Antivirus/Firewall Check:
WMI entry may not exist for antivirus; attempting automatic update.
```````````````````````````````
Anti-malware/Other Utilities Check:
MVPS Hosts File
Malwarebytes' Anti-Malware
Adobe Flash Player 10.3.181.14
Adobe Reader X (10.0.1) - Français
Mozilla Firefox (x86 fr..)
````````````````````````````````
Process Check:
objlist.exe by Laurent
Malwarebytes' Anti-Malware mbamservice.exe
Malwarebytes' Anti-Malware mbamgui.exe
Malwarebytes' Anti-Malware mbam.exe
``````````End of Log````````````
Merci à tous pour votre aide!
Autres pages sur : probleme pub pop exasperant resolu
Lassé par la pub ? Créez un compte
Bonsoir
1
/!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\
Double-clique sur AD-R situé sur ton Bureau pour le lancer.
(Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
Choisis la langue F pour français.
Au menu principal, choisis l'option Nettoyer.
/!\ Laisse travailler l'outil /!\
Poste le rapport qui apparaît à la fin (C:\Ad-Report-CLEAN.log).
/!\ Pense à réactiver ton antivirus /!\
2
Télécharge![]()
DDS et sauvegarde-le sur ton bureau.
Désactive tout script bloquant, tels qu'un antivirus, un logiciel comme ad-block, noscript etc.
Double-clique sur dds.scr pour lancer l'outil.
Une fois le scan fini, un document texte, DDS.txt, va s'ouvrir .
Clique Oui à la prochaine invite Optional Scan.
Sauvegarde les deux rapports sur ton bureau et poste-moi uniquement le DDS.txt.
1
/!\ Déconnecte-toi, désactive ton anti-virus et ferme toutes applications en cours /!\
(Sous Vista/Seven, il faut cliquer droit sur AD-R et choisir Exécuter en tant qu'administrateur)
/!\ Laisse travailler l'outil /!\
/!\ Pense à réactiver ton antivirus /!\
2
Télécharge
DDS et sauvegarde-le sur ton bureau.Bonjour,
Mon ordinateur ne semble plus afficher la publicité depuis, mais je poste cependant ce que vous me suggérer de faire, on n'est jamais sur de rien.
========================================
**** Google Chrome Version [11.0.696.71] ****
-- C:\Users\Anvin\AppData\Local\Google\Chrome\User Data\Default --
Preferences - default_search_provider: "Google" (Activé: true) (?)
Preferences - homepage: hxxp://www.google.com
Preferences - homepage_is_newtabpage: true
Plugin - Chrome NaCl (Activé: false) (C:\Users\Anvin\AppData\Local\Google\Chrome\Application\11.0.696.71\ppGoogleNaClPluginChrome.dll)
Plugin - Windows Live\u0099 Photo Gallery (Activé: true) (C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll)
Plugin - "Silverlight" (Activé: true)
Plugin - "Chrome NaCl" (Activé: false)
Plugin - "Windows Live\u0099 Photo Gallery" (Activé: true)
========================================
**** Internet Explorer Version [9.0.8112.16421] ****
HKCU_Main|Default_Page_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnh...
HKCU_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU_Main|Search bar - hxxp://go.microsoft.com/fwlink/?linkid=54896
HKCU_Main|Start Page - hxxp://fr.msn.com/
HKLM_Main|Default_Page_URL - hxxp://go.microsoft.com/fwlink/?LinkId=54896
HKLM_Main|Default_Search_URL - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Search bar - hxxp://search.msn.com/spbasic.htm
HKLM_Main|Search Page - hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM_Main|Start Page - hxxp://fr.msn.com/
HKCU_URLSearchHooks|{a65e491f-a436-4952-b49a-b24ed99a0f67} (x)
HKLM_ElevationPolicy\{07d873dc-b9b9-44f5-af0b-fb59fa54fb7a} - C:\Windows\SysWOW64\wpcer.exe (x)
HKLM_ElevationPolicy\{0a402d70-1f10-4ae7-bec9-286a98240695} - C:\Windows\SysWOW64\winfxdocobj.exe (x)
HKLM_ElevationPolicy\{6A7C9604-8A57-4B28-821B-BDEDF0E04788} - C:\Program Files\Microsoft Office\Office14\winproj.exe (x)
HKLM_ElevationPolicy\{70f641fd-9ffc-4d5b-a4dc-962af4ed7999} - C:\Program Files (x86)\Internet Explorer\iedw.exe (x)
HKLM_ElevationPolicy\{A6E2003F-95C5-4591-BA9A-0093080FDB5C} - C:\Program Files (x86)\Common Files\Oberon Media\OberonBroker\1.0.0.63\OberonBroker.exe (?)
HKLM_ElevationPolicy\{B43A0C1E-B63F-4691-B68F-CD807A45DA01} - C:\Windows\system32\TSWbPrxy.exe (x)
BHO\{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - "FlashGetBHO" (C:\Users\Anvin\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll)
BHO\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - "Google Dictionary Compression sdch" () (x)
========================================
C:\Program Files (x86)\Ad-Remover\Quarantine: 0 Fichier(s)
C:\Program Files (x86)\Ad-Remover\Backup: 16 Fichier(s)
C:\Ad-Report-CLEAN[1].txt - 05/06/2011 10:57:44 (4314 Octet(s))
C:\Ad-Report-CLEAN[2].txt - 05/06/2011 11:01:27 (3645 Octet(s))
C:\Ad-Report-SCAN[1].txt - 03/06/2011 14:50:33 (7590 Octet(s))
Fin à: 11:02:27, 05/06/2011
============== E.O.F ==============
DDS
http://www.sendspace.com/file/insg11
Merci beaucoup pour votre aide et votre spontanéité!
.
DDS (Ver_2011-06-03.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Anvin at 11:06:52 on 2011-06-05
Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.33.1036.18.3764.2175 [GMT 2:00]
.
AV: ESET Smart Security 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Pare-feu personnel d'ESET *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Anvin\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uWindow Title =
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
BHO: Programme d'aide de l'Assistant de connexion Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: FlashGetBHO: {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Anvin\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - Google Dictionary Compression sdch
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\Users\Anvin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Anvin\AppData\Roaming\Dropbox\bin\Dropbox.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: ????3??
IE: ????3??????
IE: Download all by FlashGet3 - C:\Users\Anvin\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - C:\Users\Anvin\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: ????3?? - C:\Users\Anvin\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - C:\Users\Anvin\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
TCP: DhcpNameServer = 212.27.40.241 212.27.40.240
TCP: Interfaces\{47AA9BE7-82D4-4D7B-9C23-EAAA3234A9F6} : DhcpNameServer = 10.1.0.1
TCP: Interfaces\{77A19877-A0D4-4C5B-928C-68BDE226BF49} : DhcpNameServer = 212.27.40.241 212.27.40.240
TCP: Interfaces\{77A19877-A0D4-4C5B-928C-68BDE226BF49}\3425F45535D2A45535D224144564D2544555449414E445 : DhcpNameServer = 10.36.100.4
TCP: Interfaces\{77A19877-A0D4-4C5B-928C-68BDE226BF49}\6427565675966696 : DhcpNameServer = 212.27.40.241 212.27.40.242
TCP: Interfaces\{DFEE2242-366F-42A9-B3DE-C4273AB1F84C} : DhcpNameServer = 172.16.0.98 172.16.0.26 194.167.143.2
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
IFEO: perfectdisk.exe - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}
{B4F3A835-0E21-4959-BA22-42B3008E02FF}
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook
IFEO-X64: perfectdisk.exe - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Anvin\AppData\Roaming\Mozilla\Firefox\Profiles\3oqpq7xj.default\
FF - prefs.js: browser.startup.homepage - google.fr
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Anvin\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-1-14 325200]
R2 eamonm;eamonm;C:\Windows\system32\DRIVERS\eamonm.sys --> C:\Windows\system32\DRIVERS\eamonm.sys [?]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-1-12 810144]
R2 epfwwfp;epfwwfp;C:\Windows\system32\DRIVERS\epfwwfp.sys --> C:\Windows\system32\DRIVERS\epfwwfp.sys [?]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2010-6-1 820768]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-5-13 13336]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-6-3 366640]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-3-9 250368]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-6 144640]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-5-20 2026304]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-6-1 2314240]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-5-14 243232]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 intelkmd;intelkmd;C:\Windows\system32\DRIVERS\igdpmd64.sys --> C:\Windows\system32\DRIVERS\igdpmd64.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2011-4-26 11856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Service Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-3-28 135664]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 51456888]
S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-4-17 305520]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-6 50432]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 VBoxUSB;VirtualBox USB;C:\Windows\system32\Drivers\VBoxUSB.sys --> C:\Windows\system32\Drivers\VBoxUSB.sys [?]
S3 WatAdminSvc;Service Windows Activation Technologies;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 MSSQLServerADHelper100;Service SQL Active Directory Helper;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-21 61976]
S4 RsFx0103;RsFx0103 Driver;C:\Windows\system32\DRIVERS\RsFx0103.sys --> C:\Windows\system32\DRIVERS\RsFx0103.sys [?]
S4 SQLAgent$SQLEXPRESS;Agent SQL Server (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880]
.
=============== Created Last 30 ================
.
2011-06-04 09:27:04 34624 ----a-w- C:\Windows\System32\TURegOpt.exe
2011-06-04 09:27:02 36160 ----a-w- C:\Windows\System32\uxtuneup.dll
2011-06-04 09:27:02 29504 ----a-w- C:\Windows\SysWow64\uxtuneup.dll
2011-06-04 09:27:02 25920 ----a-w- C:\Windows\System32\authuitu.dll
2011-06-04 09:27:01 21312 ----a-w- C:\Windows\SysWow64\authuitu.dll
2011-06-04 09:19:21 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 2011
2011-06-04 08:27:46 -------- d-----w- C:\Users\Anvin\AppData\Local\{65DCFF1D-334C-4E6C-8B3E-353291DC2816}
2011-06-03 13:00:39 -------- d-----w- C:\Users\Anvin\AppData\Roaming\Malwarebytes
2011-06-03 13:00:34 39984 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-06-03 13:00:34 -------- d-----w- C:\ProgramData\Malwarebytes
2011-06-03 13:00:30 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-06-03 13:00:30 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-06-03 12:50:25 -------- d-----w- C:\Program Files (x86)\Ad-Remover
2011-06-03 12:43:54 8718160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5EDCE11E-F421-4139-B3A2-A9D5BC0BAFC2}\mpengine.dll
2011-06-03 12:33:37 -------- d-----w- C:\Users\Anvin\AppData\Local\{B661250B-C1D0-4A05-A5BA-728517600A58}
2011-06-01 21:33:49 -------- d-----w- C:\Users\Anvin\AppData\Local\{A8640FFB-9E7E-4A73-B659-AA0B8F87D839}
2011-06-01 09:33:14 -------- d-----w- C:\Users\Anvin\AppData\Local\{1100BEF2-C6F7-447D-8A03-659E0F74C7B8}
2011-05-31 21:31:24 -------- d-----w- C:\Users\Anvin\AppData\Local\{EA3A4A75-A490-4B67-B128-D5BE3B56E28F}
2011-05-31 09:30:47 -------- d-----w- C:\Users\Anvin\AppData\Local\{E1F3EFC2-BF0D-4033-96AE-05D1C25564DE}
2011-05-30 21:30:29 -------- d-----w- C:\Users\Anvin\AppData\Local\{32EA2F3E-E851-4AA0-AC5B-DDA3B565BC67}
2011-05-30 09:29:56 -------- d-----w- C:\Users\Anvin\AppData\Local\{2D5FB70B-0465-44AC-A4CC-9920546DB15E}
2011-05-29 09:29:42 -------- d-----w- C:\Users\Anvin\AppData\Local\{94B8CDF5-0EEF-4C5F-8BF4-0D85588F3A3B}
2011-05-28 23:01:11 -------- d-----w- C:\Users\Anvin\AppData\Local\{83B667C9-9FFB-42FE-9E1F-CC404ABD4D58}
2011-05-28 16:10:13 -------- d-----w- C:\Users\Anvin\AppData\Local\{3EACAFAD-6855-48A7-BF45-46BAA85F3D60}
2011-05-28 08:33:29 -------- d-----w- C:\Users\Anvin\AppData\Local\{EC9C4792-E099-4C75-AA85-DE1BABF186AA}
2011-05-27 07:43:22 -------- d-----w- C:\Users\Anvin\AppData\Local\{86B52CEC-1E81-4AA6-817B-D63E96022CC4}
2011-05-27 05:43:41 -------- d-----w- C:\Users\Anvin\AppData\Local\{DFED1B57-7CD9-4822-9B63-56A02D21A5FC}
2011-05-26 09:10:14 -------- d-----w- C:\Users\Anvin\AppData\Local\{011F6851-86BF-4A48-99AD-CA10037B472C}
2011-05-25 18:31:21 -------- d-----w- C:\Users\Anvin\AppData\Local\{D9466548-804C-472A-9F7A-B5CF9916B1DF}
2011-05-25 11:22:37 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2011-05-25 09:40:20 -------- d-----w- C:\Program Files (x86)\pgfplots
2011-05-25 09:33:14 -------- d-----w- C:\Users\Anvin\AppData\Roaming\xm1
2011-05-25 09:31:36 -------- d-----w- C:\Users\Anvin\AppData\Roaming\MiKTeX
2011-05-25 09:31:31 -------- d-----w- C:\Users\Anvin\AppData\Local\MiKTeX
2011-05-25 09:27:46 -------- d-----w- C:\ProgramData\MiKTeX
2011-05-25 09:23:02 -------- d-----w- C:\Program Files (x86)\MiKTeX 2.9
2011-05-25 09:15:01 -------- d-----w- C:\Program Files (x86)\Texmaker
2011-05-25 08:23:51 -------- d-----w- C:\Users\Anvin\AppData\Local\{93752E8F-324F-44D9-8D46-268E0BE63ABA}
2011-05-25 06:19:15 -------- d-----w- C:\Users\Anvin\AppData\Local\{B7A48F27-C2F4-495C-8EC6-3E19BEA83559}
2011-05-24 09:03:40 -------- d-----w- C:\Users\Anvin\AppData\Local\{FF102298-5052-4976-8542-C4545373D111}
2011-05-23 08:26:32 -------- d-----w- C:\Users\Anvin\AppData\Local\{A3C95D88-DE33-465D-BA05-591341A45C75}
2011-05-22 14:22:38 -------- d-----w- C:\Users\Anvin\AppData\Local\{2C06A8FC-5E8A-4DEF-A6F2-D0C5C3849D53}
2011-05-22 08:56:55 -------- d-----w- C:\Users\Anvin\AppData\Local\{99BD2E07-3860-4DDD-9643-FC670D85B456}
2011-05-22 00:20:32 -------- d-----w- C:\Users\Anvin\AppData\Local\{05586D4A-B8E7-4C1A-A89C-A52F533666E2}
2011-05-21 09:11:48 -------- d-----w- C:\Users\Anvin\AppData\Local\{ED911C6C-EEB3-4AE1-83BF-1792074F7055}
2011-05-20 20:30:59 -------- d-----w- C:\Users\Anvin\AppData\Local\{12010D6E-97C5-4E8E-8F56-117A031A1800}
2011-05-20 12:26:30 -------- d-----w- C:\Users\Anvin\AppData\Roaming\Liteon
2011-05-20 08:26:36 -------- d-----w- C:\Users\Anvin\AppData\Local\{F4ADCD40-2907-4D73-AB53-E5623DEA1511}
2011-05-19 08:17:39 -------- d-----w- C:\Users\Anvin\AppData\Local\{15F3BE0A-07A8-4FD6-862C-312DA1AB4E04}
2011-05-18 09:36:48 -------- d-----w- C:\Users\Anvin\AppData\Local\{0B0EC558-A439-4F3E-B34E-FCC06381D932}
2011-05-17 11:01:39 -------- d-----w- C:\Users\Anvin\AppData\Local\{76471166-43FF-4314-8132-CB02D3BD1A67}
2011-05-16 20:33:46 -------- d-----w- C:\Users\Anvin\AppData\Local\{A79CF36E-AFD8-40CA-84BE-193731B537E1}
2011-05-16 08:35:59 142336 ----a-w- C:\Windows\System32\poqexec.exe
2011-05-16 08:35:59 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2011-05-16 08:30:25 -------- d-----w- C:\Users\Anvin\AppData\Local\{861C7274-CF17-4EA7-A003-DE177BF71DB6}
2011-05-16 08:27:55 69152 ----a-w- C:\Windows\System32\drivers\Lbd.sys
2011-05-16 08:27:53 49752 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
2011-05-16 08:27:01 -------- d-----w- C:\Users\Anvin\AppData\Local\Sunbelt Software
2011-05-16 08:23:49 -------- d-----w- C:\Program Files (x86)\Lavasoft
2011-05-16 08:10:41 -------- d-----w- C:\Program Files (x86)\VideoLAN
2011-05-16 07:58:55 -------- d-----w- C:\Program Files\CCleaner
2011-05-16 07:51:58 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2011-05-16 07:51:58 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-05-16 07:41:51 -------- d-----w- C:\Users\Anvin\AppData\Local\{120BEA23-7D02-42D1-882E-D01010331B8D}
2011-05-15 15:44:01 -------- d-----w- C:\Users\Anvin\AppData\Local\{489D6944-B3DB-460F-9EF1-25C933360F93}
2011-05-15 10:30:19 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-15 01:13:47 -------- d-----w- C:\Users\Anvin\AppData\Local\{21382081-A26C-4FC2-B6C9-C1D5423EB93E}
2011-05-14 17:15:49 -------- d-----w- C:\Users\Anvin\AppData\Local\{854BE4EF-26CF-42EA-B84E-0A65B447F5AC}
2011-05-14 09:16:36 -------- d-----w- C:\Users\Anvin\AppData\Local\{93DA425E-20EC-494A-BC3B-38927E053D49}
2011-05-13 22:29:58 -------- d-----w- C:\Users\Anvin\AppData\Local\{BE0448C1-9E21-430E-BCAC-74A7C607ED18}
2011-05-13 14:59:10 -------- d-----w- C:\Users\Anvin\AppData\Local\{A37216B7-F330-4E12-9913-ED4BF0604B68}
2011-05-13 11:31:08 -------- d-----w- C:\Users\Anvin\AppData\Local\{DBF01617-8C56-427F-8EB1-8F567CFA8272}
2011-05-12 06:48:38 -------- d-----w- C:\Users\Anvin\AppData\Local\{C4EE541B-08A0-47DB-AD25-BCCEF8C5B535}
2011-05-11 22:09:26 5509504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-05-11 22:09:22 3957632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-05-11 22:09:22 3901824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-05-11 22:07:55 52224 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2011-05-11 22:07:55 324608 ----a-w- C:\Windows\System32\drivers\usbport.sys
2011-05-11 22:07:54 99328 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2011-05-11 22:07:54 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2011-05-11 22:07:54 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2011-05-11 22:07:54 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2011-05-11 22:07:54 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2011-05-11 21:56:39 -------- d-----w- C:\Users\Anvin\AppData\Local\{F4EDE727-8DF5-482B-8505-60D6F51AFDB5}
2011-05-11 06:10:34 -------- d-----w- C:\Users\Anvin\AppData\Local\{BFB69EF4-7CEA-45AD-A20F-2D101AE8F544}
2011-05-11 00:17:07 -------- d-----w- C:\Users\Anvin\AppData\Local\{0240F6B5-A1A8-4C2F-A3A1-FFF3145FFCDE}
2011-05-09 23:59:18 -------- d-----w- C:\Users\Anvin\AppData\Local\{F03735B0-59AB-4BF0-9E01-5E5030DB9F5F}
2011-05-09 08:12:28 -------- d-----w- C:\Users\Anvin\AppData\Local\{BB7C660B-B610-4075-82D1-6037478E3718}
2011-05-08 08:47:07 -------- d-----w- C:\Users\Anvin\AppData\Local\{5FCCA5F0-EF65-45A7-99EC-18179F251CE5}
2011-05-07 22:27:12 -------- d-----w- C:\Users\Anvin\AppData\Local\{411C4F8B-2BCF-4F83-8408-6D67781433AE}
2011-05-07 11:31:33 -------- d-----w- C:\Users\Anvin\AppData\Local\{BF56484C-DA3A-4CC5-A518-114A189FBA2A}
2011-05-07 10:03:15 -------- d-----w- C:\Users\Anvin\AppData\Local\{FF5D8588-1A68-409E-A078-9925B8AE4111}
2011-05-07 08:12:49 -------- d-----w- C:\Users\Anvin\AppData\Local\{7292327A-E459-4C91-8485-55B94B654A1F}
.
==================== Find3M ====================
.
2011-04-09 16:55:44 15453336 ----a-w- C:\Windows\SysWow64\xlive.dll
2011-04-09 16:55:42 13642904 ----a-w- C:\Windows\SysWow64\xlivefnt.dll
2011-03-28 09:13:31 254528 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2011-03-12 12:03:46 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-03-12 11:31:58 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-03-11 06:23:13 187264 ----a-w- C:\Windows\System32\drivers\storport.sys
2011-03-11 06:23:06 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2011-03-11 06:23:06 1657216 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2011-03-11 06:23:06 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2011-03-11 06:23:00 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2011-03-11 06:22:41 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2011-03-11 06:22:40 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2011-03-11 06:19:26 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2011-03-11 06:19:26 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2011-03-11 06:18:20 2566144 ----a-w- C:\Windows\System32\esent.dll
2011-03-11 06:15:54 96768 ----a-w- C:\Windows\System32\fsutil.exe
2011-03-11 05:40:24 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-03-11 05:40:24 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-03-11 05:39:35 1686016 ----a-w- C:\Windows\SysWow64\esent.dll
2011-03-11 05:37:34 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2011-03-08 06:14:30 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-03-08 05:38:13 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
.
============= FINISH: 11:07:49,87 ===============
DDS (Ver_2011-06-03.01) - NTFSAMD64
Internet Explorer: 9.0.8112.16421
Run by Anvin at 11:06:52 on 2011-06-05
Microsoft Windows 7 Édition Familiale Premium 6.1.7600.0.1252.33.1036.18.3764.2175 [GMT 2:00]
.
AV: ESET Smart Security 4.2 *Disabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET Smart Security 4.2 *Disabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Pare-feu personnel d'ESET *Enabled* {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Launch Manager\dsiwmis.exe
C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files (x86)\Cyberlink\Shared files\RichVideo.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesApp64.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\Anvin\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
C:\Program Files (x86)\Launch Manager\LMworker.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\DllHost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\system32\conhost.exe
C:\Windows\SysWOW64\cscript.exe
.
============== Pseudo HJT Report ===============
.
uWindow Title =
uURLSearchHooks: H - No File
mWinlogon: Userinit=userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
BHO: Programme d'aide de l'Assistant de connexion Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: FlashGetBHO: {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\Anvin\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~3\Office14\URLREDIR.DLL
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - Google Dictionary Compression sdch
TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
StartupFolder: C:\Users\Anvin\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Anvin\AppData\Roaming\Dropbox\bin\Dropbox.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: ????3??
IE: ????3??????
IE: Download all by FlashGet3 - C:\Users\Anvin\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: Download by FlashGet3 - C:\Users\Anvin\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Google Sidewiki... - C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_6CE5017F567343CA.dll/cmsidewiki.html
IE: ????3?? - C:\Users\Anvin\AppData\Roaming\FlashGetBHO\GetUrl.htm
IE: ????3?????? - C:\Users\Anvin\AppData\Roaming\FlashGetBHO\GetAllUrl.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
TCP: DhcpNameServer = 212.27.40.241 212.27.40.240
TCP: Interfaces\{47AA9BE7-82D4-4D7B-9C23-EAAA3234A9F6} : DhcpNameServer = 10.1.0.1
TCP: Interfaces\{77A19877-A0D4-4C5B-928C-68BDE226BF49} : DhcpNameServer = 212.27.40.241 212.27.40.240
TCP: Interfaces\{77A19877-A0D4-4C5B-928C-68BDE226BF49}\3425F45535D2A45535D224144564D2544555449414E445 : DhcpNameServer = 10.36.100.4
TCP: Interfaces\{77A19877-A0D4-4C5B-928C-68BDE226BF49}\6427565675966696 : DhcpNameServer = 212.27.40.241 212.27.40.242
TCP: Interfaces\{DFEE2242-366F-42A9-B3DE-C4273AB1F84C} : DhcpNameServer = 172.16.0.98 172.16.0.26 194.167.143.2
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~3\Office14\GROOVEEX.DLL
IFEO: perfectdisk.exe - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
{18DF081C-E8AD-4283-A596-FA578C2EBDC3}
{72853161-30C5-4D22-B7F9-0BBC1D38A37E}
{9030D464-4C02-4ABF-8ECC-5164760863C6}
{AA58ED58-01DD-4d91-8333-CF10577473F7}
{b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0}
{B4F3A835-0E21-4959-BA22-42B3008E02FF}
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}
{2318C2B1-4965-11d4-9B18-009027A5CD4F}
mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe
mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
SEH-X64: {B5A7F190-DDA6-4420-B3BA-52453494E6CD}: Groove GFS Stub Execution Hook
IFEO-X64: perfectdisk.exe - "C:\Program Files (x86)\TuneUp Utilities 2011\TUAutoReactivator64.exe"
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Anvin\AppData\Roaming\Mozilla\Firefox\Profiles\3oqpq7xj.default\
FF - prefs.js: browser.startup.homepage - google.fr
FF - prefs.js: network.proxy.type - 0
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Update\1.2.183.39\npGoogleOneClick8.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Anvin\AppData\Local\Google\Update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll
.
============= SERVICES / DRIVERS ===============
.
R0 Lbd;Lbd;C:\Windows\system32\DRIVERS\Lbd.sys --> C:\Windows\system32\DRIVERS\Lbd.sys [?]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]
R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?]
R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?]
R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?]
R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]
R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-1-14 325200]
R2 eamonm;eamonm;C:\Windows\system32\DRIVERS\eamonm.sys --> C:\Windows\system32\DRIVERS\eamonm.sys [?]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [2011-1-12 810144]
R2 epfwwfp;epfwwfp;C:\Windows\system32\DRIVERS\epfwwfp.sys --> C:\Windows\system32\DRIVERS\epfwwfp.sys [?]
R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2010-6-1 820768]
R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-5-13 13336]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-6-3 366640]
R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-3-9 250368]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-11-6 144640]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesService64.exe [2011-5-20 2026304]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2010-6-1 2314240]
R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-5-14 243232]
R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atipmdag.sys --> C:\Windows\system32\DRIVERS\atipmdag.sys [?]
R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]
R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]
R3 intelkmd;intelkmd;C:\Windows\system32\DRIVERS\igdpmd64.sys --> C:\Windows\system32\DRIVERS\igdpmd64.sys [?]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\Windows\system32\DRIVERS\L1C62x64.sys --> C:\Windows\system32\DRIVERS\L1C62x64.sys [?]
R3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2011\TuneUpUtilitiesDriver64.sys [2011-4-26 11856]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]
S2 gupdate;Service Google Update (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-3-28 135664]
S3 AmUStor;AM USB Stroage Driver;C:\Windows\system32\drivers\AmUStor.SYS --> C:\Windows\system32\drivers\AmUStor.SYS [?]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2010-3-25 51456888]
S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-4-17 305520]
S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-11-6 50432]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184]
S3 VBoxUSB;VirtualBox USB;C:\Windows\system32\Drivers\VBoxUSB.sys --> C:\Windows\system32\Drivers\VBoxUSB.sys [?]
S3 WatAdminSvc;Service Windows Activation Technologies;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?]
S4 MSSQLServerADHelper100;Service SQL Active Directory Helper;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-21 61976]
S4 RsFx0103;RsFx0103 Driver;C:\Windows\system32\DRIVERS\RsFx0103.sys --> C:\Windows\system32\DRIVERS\RsFx0103.sys [?]
S4 SQLAgent$SQLEXPRESS;Agent SQL Server (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880]
.
=============== Created Last 30 ================
.
2011-06-04 09:27:04 34624 ----a-w- C:\Windows\System32\TURegOpt.exe
2011-06-04 09:27:02 36160 ----a-w- C:\Windows\System32\uxtuneup.dll
2011-06-04 09:27:02 29504 ----a-w- C:\Windows\SysWow64\uxtuneup.dll
2011-06-04 09:27:02 25920 ----a-w- C:\Windows\System32\authuitu.dll
2011-06-04 09:27:01 21312 ----a-w- C:\Windows\SysWow64\authuitu.dll
2011-06-04 09:19:21 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 2011
2011-06-04 08:27:46 -------- d-----w- C:\Users\Anvin\AppData\Local\{65DCFF1D-334C-4E6C-8B3E-353291DC2816}
2011-06-03 13:00:39 -------- d-----w- C:\Users\Anvin\AppData\Roaming\Malwarebytes
2011-06-03 13:00:34 39984 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys
2011-06-03 13:00:34 -------- d-----w- C:\ProgramData\Malwarebytes
2011-06-03 13:00:30 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys
2011-06-03 13:00:30 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware
2011-06-03 12:50:25 -------- d-----w- C:\Program Files (x86)\Ad-Remover
2011-06-03 12:43:54 8718160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5EDCE11E-F421-4139-B3A2-A9D5BC0BAFC2}\mpengine.dll
2011-06-03 12:33:37 -------- d-----w- C:\Users\Anvin\AppData\Local\{B661250B-C1D0-4A05-A5BA-728517600A58}
2011-06-01 21:33:49 -------- d-----w- C:\Users\Anvin\AppData\Local\{A8640FFB-9E7E-4A73-B659-AA0B8F87D839}
2011-06-01 09:33:14 -------- d-----w- C:\Users\Anvin\AppData\Local\{1100BEF2-C6F7-447D-8A03-659E0F74C7B8}
2011-05-31 21:31:24 -------- d-----w- C:\Users\Anvin\AppData\Local\{EA3A4A75-A490-4B67-B128-D5BE3B56E28F}
2011-05-31 09:30:47 -------- d-----w- C:\Users\Anvin\AppData\Local\{E1F3EFC2-BF0D-4033-96AE-05D1C25564DE}
2011-05-30 21:30:29 -------- d-----w- C:\Users\Anvin\AppData\Local\{32EA2F3E-E851-4AA0-AC5B-DDA3B565BC67}
2011-05-30 09:29:56 -------- d-----w- C:\Users\Anvin\AppData\Local\{2D5FB70B-0465-44AC-A4CC-9920546DB15E}
2011-05-29 09:29:42 -------- d-----w- C:\Users\Anvin\AppData\Local\{94B8CDF5-0EEF-4C5F-8BF4-0D85588F3A3B}
2011-05-28 23:01:11 -------- d-----w- C:\Users\Anvin\AppData\Local\{83B667C9-9FFB-42FE-9E1F-CC404ABD4D58}
2011-05-28 16:10:13 -------- d-----w- C:\Users\Anvin\AppData\Local\{3EACAFAD-6855-48A7-BF45-46BAA85F3D60}
2011-05-28 08:33:29 -------- d-----w- C:\Users\Anvin\AppData\Local\{EC9C4792-E099-4C75-AA85-DE1BABF186AA}
2011-05-27 07:43:22 -------- d-----w- C:\Users\Anvin\AppData\Local\{86B52CEC-1E81-4AA6-817B-D63E96022CC4}
2011-05-27 05:43:41 -------- d-----w- C:\Users\Anvin\AppData\Local\{DFED1B57-7CD9-4822-9B63-56A02D21A5FC}
2011-05-26 09:10:14 -------- d-----w- C:\Users\Anvin\AppData\Local\{011F6851-86BF-4A48-99AD-CA10037B472C}
2011-05-25 18:31:21 -------- d-----w- C:\Users\Anvin\AppData\Local\{D9466548-804C-472A-9F7A-B5CF9916B1DF}
2011-05-25 11:22:37 27008 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
2011-05-25 09:40:20 -------- d-----w- C:\Program Files (x86)\pgfplots
2011-05-25 09:33:14 -------- d-----w- C:\Users\Anvin\AppData\Roaming\xm1
2011-05-25 09:31:36 -------- d-----w- C:\Users\Anvin\AppData\Roaming\MiKTeX
2011-05-25 09:31:31 -------- d-----w- C:\Users\Anvin\AppData\Local\MiKTeX
2011-05-25 09:27:46 -------- d-----w- C:\ProgramData\MiKTeX
2011-05-25 09:23:02 -------- d-----w- C:\Program Files (x86)\MiKTeX 2.9
2011-05-25 09:15:01 -------- d-----w- C:\Program Files (x86)\Texmaker
2011-05-25 08:23:51 -------- d-----w- C:\Users\Anvin\AppData\Local\{93752E8F-324F-44D9-8D46-268E0BE63ABA}
2011-05-25 06:19:15 -------- d-----w- C:\Users\Anvin\AppData\Local\{B7A48F27-C2F4-495C-8EC6-3E19BEA83559}
2011-05-24 09:03:40 -------- d-----w- C:\Users\Anvin\AppData\Local\{FF102298-5052-4976-8542-C4545373D111}
2011-05-23 08:26:32 -------- d-----w- C:\Users\Anvin\AppData\Local\{A3C95D88-DE33-465D-BA05-591341A45C75}
2011-05-22 14:22:38 -------- d-----w- C:\Users\Anvin\AppData\Local\{2C06A8FC-5E8A-4DEF-A6F2-D0C5C3849D53}
2011-05-22 08:56:55 -------- d-----w- C:\Users\Anvin\AppData\Local\{99BD2E07-3860-4DDD-9643-FC670D85B456}
2011-05-22 00:20:32 -------- d-----w- C:\Users\Anvin\AppData\Local\{05586D4A-B8E7-4C1A-A89C-A52F533666E2}
2011-05-21 09:11:48 -------- d-----w- C:\Users\Anvin\AppData\Local\{ED911C6C-EEB3-4AE1-83BF-1792074F7055}
2011-05-20 20:30:59 -------- d-----w- C:\Users\Anvin\AppData\Local\{12010D6E-97C5-4E8E-8F56-117A031A1800}
2011-05-20 12:26:30 -------- d-----w- C:\Users\Anvin\AppData\Roaming\Liteon
2011-05-20 08:26:36 -------- d-----w- C:\Users\Anvin\AppData\Local\{F4ADCD40-2907-4D73-AB53-E5623DEA1511}
2011-05-19 08:17:39 -------- d-----w- C:\Users\Anvin\AppData\Local\{15F3BE0A-07A8-4FD6-862C-312DA1AB4E04}
2011-05-18 09:36:48 -------- d-----w- C:\Users\Anvin\AppData\Local\{0B0EC558-A439-4F3E-B34E-FCC06381D932}
2011-05-17 11:01:39 -------- d-----w- C:\Users\Anvin\AppData\Local\{76471166-43FF-4314-8132-CB02D3BD1A67}
2011-05-16 20:33:46 -------- d-----w- C:\Users\Anvin\AppData\Local\{A79CF36E-AFD8-40CA-84BE-193731B537E1}
2011-05-16 08:35:59 142336 ----a-w- C:\Windows\System32\poqexec.exe
2011-05-16 08:35:59 123904 ----a-w- C:\Windows\SysWow64\poqexec.exe
2011-05-16 08:30:25 -------- d-----w- C:\Users\Anvin\AppData\Local\{861C7274-CF17-4EA7-A003-DE177BF71DB6}
2011-05-16 08:27:55 69152 ----a-w- C:\Windows\System32\drivers\Lbd.sys
2011-05-16 08:27:53 49752 ----a-w- C:\Windows\System32\drivers\SBREDrv.sys
2011-05-16 08:27:01 -------- d-----w- C:\Users\Anvin\AppData\Local\Sunbelt Software
2011-05-16 08:23:49 -------- d-----w- C:\Program Files (x86)\Lavasoft
2011-05-16 08:10:41 -------- d-----w- C:\Program Files (x86)\VideoLAN
2011-05-16 07:58:55 -------- d-----w- C:\Program Files\CCleaner
2011-05-16 07:51:58 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2011-05-16 07:51:58 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy
2011-05-16 07:41:51 -------- d-----w- C:\Users\Anvin\AppData\Local\{120BEA23-7D02-42D1-882E-D01010331B8D}
2011-05-15 15:44:01 -------- d-----w- C:\Users\Anvin\AppData\Local\{489D6944-B3DB-460F-9EF1-25C933360F93}
2011-05-15 10:30:19 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2011-05-15 01:13:47 -------- d-----w- C:\Users\Anvin\AppData\Local\{21382081-A26C-4FC2-B6C9-C1D5423EB93E}
2011-05-14 17:15:49 -------- d-----w- C:\Users\Anvin\AppData\Local\{854BE4EF-26CF-42EA-B84E-0A65B447F5AC}
2011-05-14 09:16:36 -------- d-----w- C:\Users\Anvin\AppData\Local\{93DA425E-20EC-494A-BC3B-38927E053D49}
2011-05-13 22:29:58 -------- d-----w- C:\Users\Anvin\AppData\Local\{BE0448C1-9E21-430E-BCAC-74A7C607ED18}
2011-05-13 14:59:10 -------- d-----w- C:\Users\Anvin\AppData\Local\{A37216B7-F330-4E12-9913-ED4BF0604B68}
2011-05-13 11:31:08 -------- d-----w- C:\Users\Anvin\AppData\Local\{DBF01617-8C56-427F-8EB1-8F567CFA8272}
2011-05-12 06:48:38 -------- d-----w- C:\Users\Anvin\AppData\Local\{C4EE541B-08A0-47DB-AD25-BCCEF8C5B535}
2011-05-11 22:09:26 5509504 ----a-w- C:\Windows\System32\ntoskrnl.exe
2011-05-11 22:09:22 3957632 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2011-05-11 22:09:22 3901824 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2011-05-11 22:07:55 52224 ----a-w- C:\Windows\System32\drivers\usbehci.sys
2011-05-11 22:07:55 324608 ----a-w- C:\Windows\System32\drivers\usbport.sys
2011-05-11 22:07:54 99328 ----a-w- C:\Windows\System32\drivers\usbccgp.sys
2011-05-11 22:07:54 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys
2011-05-11 22:07:54 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys
2011-05-11 22:07:54 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys
2011-05-11 22:07:54 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys
2011-05-11 21:56:39 -------- d-----w- C:\Users\Anvin\AppData\Local\{F4EDE727-8DF5-482B-8505-60D6F51AFDB5}
2011-05-11 06:10:34 -------- d-----w- C:\Users\Anvin\AppData\Local\{BFB69EF4-7CEA-45AD-A20F-2D101AE8F544}
2011-05-11 00:17:07 -------- d-----w- C:\Users\Anvin\AppData\Local\{0240F6B5-A1A8-4C2F-A3A1-FFF3145FFCDE}
2011-05-09 23:59:18 -------- d-----w- C:\Users\Anvin\AppData\Local\{F03735B0-59AB-4BF0-9E01-5E5030DB9F5F}
2011-05-09 08:12:28 -------- d-----w- C:\Users\Anvin\AppData\Local\{BB7C660B-B610-4075-82D1-6037478E3718}
2011-05-08 08:47:07 -------- d-----w- C:\Users\Anvin\AppData\Local\{5FCCA5F0-EF65-45A7-99EC-18179F251CE5}
2011-05-07 22:27:12 -------- d-----w- C:\Users\Anvin\AppData\Local\{411C4F8B-2BCF-4F83-8408-6D67781433AE}
2011-05-07 11:31:33 -------- d-----w- C:\Users\Anvin\AppData\Local\{BF56484C-DA3A-4CC5-A518-114A189FBA2A}
2011-05-07 10:03:15 -------- d-----w- C:\Users\Anvin\AppData\Local\{FF5D8588-1A68-409E-A078-9925B8AE4111}
2011-05-07 08:12:49 -------- d-----w- C:\Users\Anvin\AppData\Local\{7292327A-E459-4C91-8485-55B94B654A1F}
.
==================== Find3M ====================
.
2011-04-09 16:55:44 15453336 ----a-w- C:\Windows\SysWow64\xlive.dll
2011-04-09 16:55:42 13642904 ----a-w- C:\Windows\SysWow64\xlivefnt.dll
2011-03-28 09:13:31 254528 ----a-w- C:\Windows\System32\drivers\dtsoftbus01.sys
2011-03-12 12:03:46 662528 ----a-w- C:\Windows\System32\XpsPrint.dll
2011-03-12 11:31:58 442880 ----a-w- C:\Windows\SysWow64\XpsPrint.dll
2011-03-11 06:23:13 187264 ----a-w- C:\Windows\System32\drivers\storport.sys
2011-03-11 06:23:06 166272 ----a-w- C:\Windows\System32\drivers\nvstor.sys
2011-03-11 06:23:06 1657216 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2011-03-11 06:23:06 148352 ----a-w- C:\Windows\System32\drivers\nvraid.sys
2011-03-11 06:23:00 410496 ----a-w- C:\Windows\System32\drivers\iaStorV.sys
2011-03-11 06:22:41 107904 ----a-w- C:\Windows\System32\drivers\amdsata.sys
2011-03-11 06:22:40 27008 ----a-w- C:\Windows\System32\drivers\amdxata.sys
2011-03-11 06:19:26 1395712 ----a-w- C:\Windows\System32\mfc42.dll
2011-03-11 06:19:26 1359872 ----a-w- C:\Windows\System32\mfc42u.dll
2011-03-11 06:18:20 2566144 ----a-w- C:\Windows\System32\esent.dll
2011-03-11 06:15:54 96768 ----a-w- C:\Windows\System32\fsutil.exe
2011-03-11 05:40:24 1164288 ----a-w- C:\Windows\SysWow64\mfc42u.dll
2011-03-11 05:40:24 1137664 ----a-w- C:\Windows\SysWow64\mfc42.dll
2011-03-11 05:39:35 1686016 ----a-w- C:\Windows\SysWow64\esent.dll
2011-03-11 05:37:34 74240 ----a-w- C:\Windows\SysWow64\fsutil.exe
2011-03-08 06:14:30 976896 ----a-w- C:\Windows\System32\inetcomm.dll
2011-03-08 05:38:13 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll
.
============= FINISH: 11:07:49,87 ===============
Bonsoir
Supprime/Désinstalle tous les programmes utilisés pour la désinfection.
(mais garde Malwarebytes' Anti-Malware pour faire des scan réguliers (en n'omettant pas de le mettre à jour)
Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.
![]()
Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.
Si tu en as assez d'être assailli de publicités durant ta navigation, installe Firefox sécurisé avec les extensions noscript et AdBlock Plus.
Lire aussi:Antispyware gratuit : ça sert à rien!
~Clique, sur ton premier message, sur le bouton "Editer"![]()
et marque [résolu] dans le titre.
Clique ensuite sur "Valider votre message"
Si ton nom de session correspond à ton véritable nom, tu as la possibilité de le changer en éditant tes posts.
![:hello:]( ":hello:")
+++
Supprime/Désinstalle tous les programmes utilisés pour la désinfection.
(mais garde Malwarebytes' Anti-Malware pour faire des scan réguliers (en n'omettant pas de le mettre à jour)
Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.
Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.
Si tu en as assez d'être assailli de publicités durant ta navigation, installe Firefox sécurisé avec les extensions noscript et AdBlock Plus.
Lire aussi:
~Clique, sur ton premier message, sur le bouton "Editer"
et marque [résolu] dans le titre.Clique ensuite sur "Valider votre message"
Si ton nom de session correspond à ton véritable nom, tu as la possibilité de le changer en éditant tes posts.
+++
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumProbleme pop-up et spyware secure
- ForumProbleme avec pop-up winantivirus pro 2006
- ForumProbleme pop-up appele em-pc
- ForumPop-up. comment regler le probleme
- ForumDemande aide contre infection pop-up pub
- ForumPopup probleme de pop-up sous ie7
- ForumProbleme de pop-up ou virus
- ForumProbleme pop-up
- ForumProbleme drive clean, pop-up
- ForumProbleme de pop-up
- Voir plus
