[resolue]messages intempestifs, sites qui s'ouvre tout seul
Dernière réponse : dans Sécurité
alors depuis hier je suis super embêté, j'ai mon explorateur internet qui ouvre des onglets vers des sites de pubs pour la sécurité .
je pense avoir quelques malwares mais je ne sais pas comment les virer.
en plus maintenant , j'ai 2 fenêtres qui s'ouvrent au démarrage qui disent :
Erreur de chargement de C:\Users\"mon user"\AppData\Local\Temp\cbaaa.dll
Le module spécifié est introuvable.
et pareil pour fccdedc.dll
merci de votre aide
je pense avoir quelques malwares mais je ne sais pas comment les virer.
en plus maintenant , j'ai 2 fenêtres qui s'ouvrent au démarrage qui disent :
Erreur de chargement de C:\Users\"mon user"\AppData\Local\Temp\cbaaa.dll
Le module spécifié est introuvable.
et pareil pour fccdedc.dll
merci de votre aide
Autres pages sur : resolue messages intempestifs sites ouvre seul
Lassé par la pub ? Créez un compte
le rapport HijackThis
Logfile of HijackThis v1.99.1
Scan saved at 12:10:54, on 07/02/2008
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Running processes:
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\ProgramData\U3\U3Launcher\LaunchU3.exe
F:\MagicDisc\MagicDisc.exe
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\QuickZip4\QuickZip.exe
C:\Users\bevilea\AppData\Local\Temp\QZTEMP\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*http://fr.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\bevilea\AppData\Local\Temp\fccdedc.dll,#1
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\bevilea\AppData\Local\Temp\cbaaa.dll,c
O4 - Startup: ashDisp.exe - Raccourci.lnk = C:\Program Files\Alwil Software\Avast4\ashDisp.exe
O4 - Startup: LaunchU3.exe.lnk = ?
O4 - Startup: MagicDisc.lnk = F:\MagicDisc\MagicDisc.exe
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin...
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common...
O16 - DPF: {664088B0-6AF3-4514-AF9D-A0DC3A3DF24A} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols3beta/fscax.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Droppix Service - Droppix - C:\Program Files\Common Files\Droppix\DxService.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Moon Secure Antivirus Core (msav) - Unknown owner - C:\Program Files\Moon Secure Antivirus\msavcore.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
Logfile of HijackThis v1.99.1
Scan saved at 12:10:54, on 07/02/2008
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Running processes:
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\ProgramData\U3\U3Launcher\LaunchU3.exe
F:\MagicDisc\MagicDisc.exe
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\QuickZip4\QuickZip.exe
C:\Users\bevilea\AppData\Local\Temp\QZTEMP\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*http://fr.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\bevilea\AppData\Local\Temp\fccdedc.dll,#1
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\bevilea\AppData\Local\Temp\cbaaa.dll,c
O4 - Startup: ashDisp.exe - Raccourci.lnk = C:\Program Files\Alwil Software\Avast4\ashDisp.exe
O4 - Startup: LaunchU3.exe.lnk = ?
O4 - Startup: MagicDisc.lnk = F:\MagicDisc\MagicDisc.exe
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin...
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common...
O16 - DPF: {664088B0-6AF3-4514-AF9D-A0DC3A3DF24A} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols3beta/fscax.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Droppix Service - Droppix - C:\Program Files\Common Files\Droppix\DxService.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Moon Secure Antivirus Core (msav) - Unknown owner - C:\Program Files\Moon Secure Antivirus\msavcore.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
Un bonjour ?
[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]
Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.
Double clique sur combofix.exe afin de le lancer.
Tape sur la touche 1 (Yes) pour démarrer le scan.
Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]
le rapport
ComboFix 08-02.05.3 - bevilea 2008-02-07 13:10:47.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.201 [GMT 1:00]
Endroit: C:\Users\bevilea\Desktop\ComboFix.exe
* Création d'un nouveau point de restauration
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat
C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat
----- BITS: Possible sites infectés -----
hxxp://www.download.windowsupdate.com
.
((((((((((((((((((((((((((((( Fichiers créés 2008-01-07 to 2008-02-07 ))))))))))))))))))))))))))))))))))))
.
2008-02-07 12:32 . 2008-02-07 12:32 <REP> d-------- C:\Users\All Users\Avira
2008-02-07 12:32 . 2008-02-07 12:32 <REP> d-------- C:\ProgramData\Avira
2008-02-07 12:32 . 2008-02-07 12:32 <REP> d-------- C:\Program Files\Avira
2008-02-07 11:10 . 2008-01-07 14:29 352 --ah----- C:\Windows\nod32fixtemdono.reg
2008-02-07 11:09 . 2008-02-07 11:09 <REP> d-------- C:\Users\bevilea\AppData\Roaming\ESET
2008-02-07 11:08 . 2008-02-07 11:08 <REP> d-------- C:\Users\All Users\ESET
2008-02-07 11:08 . 2008-02-07 11:08 <REP> d-------- C:\ProgramData\ESET
2008-02-07 10:49 . 2008-02-07 10:49 <REP> d-------- C:\Users\All Users\Windows Genuine Advantage
2008-02-07 01:03 . 2008-02-07 11:12 <REP> d-------- C:\Program Files\Eset
2008-02-07 00:50 . 2008-02-07 11:16 <REP> d-------- C:\Program Files\Moon Secure Antivirus
2008-02-06 22:54 . 2008-02-07 01:44 <REP> d-------- C:\Program Files\a-squared Free
2008-02-06 01:44 . 2008-02-06 01:45 <REP> d-------- C:\Users\bevilea\.housecall6.6
2008-02-05 23:46 . 2008-02-05 23:46 <REP> d-------- C:\Windows\McAfee.com
2008-02-05 21:30 . 2008-02-05 21:30 <REP> d-------- C:\Windows\BDOSCAN8
2008-02-03 11:41 . 2008-02-03 11:41 <REP> d-------- C:\Users\All Users\LightScribe
2008-02-03 11:41 . 2008-02-03 11:41 <REP> d-------- C:\ProgramData\LightScribe
2008-01-31 17:59 . 2008-01-31 18:00 <REP> d-------- C:\Users\All Users\Adobe
2008-01-31 17:59 . 2008-01-31 18:00 <REP> d-------- C:\Program Files\Common Files\Adobe
2008-01-29 16:56 . 2008-01-29 16:56 <REP> d-------- C:\Users\bevilea\AppData\Roaming\Droppix
2008-01-29 16:56 . 2008-01-29 16:56 <REP> d-------- C:\Program Files\illiminable
2008-01-29 16:56 . 2005-11-09 09:00 1,012,736 --a------ C:\Windows\System32\vorbis.dll
2008-01-29 16:56 . 2004-06-05 19:33 139,264 --a------ C:\Windows\System32\RLAPEDec.ax
2008-01-29 16:56 . 2004-04-27 16:05 98,304 --a------ C:\Windows\System32\RLMPCDec.ax
2008-01-29 16:56 . 2005-11-09 09:00 12,800 --a------ C:\Windows\System32\ogg.dll
2008-01-29 16:54 . 2008-01-29 16:54 <REP> d-------- C:\Program Files\Droppix
2008-01-29 16:54 . 2008-01-29 16:56 <REP> d-------- C:\Program Files\Common Files\Droppix
2008-01-29 16:54 . 2005-11-09 09:00 487,424 --a-s---- C:\Windows\System32\msvcp70.dll
2008-01-29 16:53 . 2008-01-29 16:59 <REP> d-------- C:\Users\All Users\Droppix
2008-01-29 16:53 . 2008-01-29 16:59 <REP> d-------- C:\ProgramData\Droppix
2008-01-27 14:43 . 2008-01-27 14:43 <REP> d-------- C:\Users\bevilea\AppData\Roaming\eMule
2008-01-24 18:37 . 2008-01-24 18:37 <REP> d-------- C:\Users\bevilea\AppData\Roaming\dvdcss
2008-01-18 00:26 . 2008-01-18 00:26 60 --a------ C:\Windows\yesmessenger.ini
2008-01-18 00:23 . 2008-01-18 00:31 <REP> d-------- C:\Program Files\YesMessenger
2008-01-14 16:53 . 2008-01-14 16:53 <REP> d-------- C:\Program Files\Combined Community Codec Pack
2008-01-09 11:33 . 2006-10-07 17:43 502,784 --a------ C:\Windows\x2.64.exe
2008-01-09 11:33 . 2007-05-14 15:24 394,240 --a------ C:\Windows\System32\Smab.dll
2008-01-09 11:33 . 2005-02-28 13:16 240,128 --a------ C:\Windows\System32\x.264.exe
2008-01-09 11:33 . 2006-04-12 09:47 217,073 --a------ C:\Windows\meta4.exe
2008-01-09 11:33 . 2004-01-25 00:00 70,656 --a------ C:\Windows\System32\yv12vfw.dll
2008-01-09 11:33 . 2004-01-25 00:00 70,656 --a------ C:\Windows\System32\i420vfw.dll
2008-01-09 11:33 . 2006-04-05 08:09 66,560 --a------ C:\Windows\MOTA113.exe
2008-01-09 11:33 . 2005-07-14 12:31 27,648 --a------ C:\Windows\System32\AVSredirect.dll
2008-01-09 11:31 . 2005-02-12 23:00 186,880 -r-hs---- C:\Windows\System32\RLOgg.ax
2008-01-09 11:31 . 2005-01-17 23:26 179,200 -r-hs---- C:\Windows\System32\DiracSplitter.ax
2008-01-09 11:31 . 2006-08-16 14:53 175,104 -r-hs---- C:\Windows\System32\CoreAAC.ax
2008-01-09 11:31 . 2005-02-05 23:00 92,672 -r-hs---- C:\Windows\System32\RLVorbisDec.ax
2008-01-09 11:31 . 2005-02-22 16:55 81,920 -r-hs---- C:\Windows\System32\aac_parser.ax
2008-01-09 11:31 . 2005-02-12 23:00 67,584 -r-hs---- C:\Windows\System32\RLTheoraDec.ax
2008-01-09 11:31 . 2005-02-12 23:00 51,712 -r-hs---- C:\Windows\System32\RLSpeexDec.ax
2008-01-08 21:26 . 2008-01-08 21:26 802,816 --a------ C:\Windows\System32\drivers\tcpip.sys
2008-01-08 21:26 . 2008-01-08 21:26 216,760 --a------ C:\Windows\System32\drivers\netio.sys
2008-01-08 21:26 . 2008-01-08 21:26 167,424 --a------ C:\Windows\System32\tcpipcfg.dll
2008-01-08 21:26 . 2008-01-08 21:26 24,064 --a------ C:\Windows\System32\netcfg.exe
2008-01-08 21:26 . 2008-01-08 21:26 22,016 --a------ C:\Windows\System32\netiougc.exe
2008-01-08 21:25 . 2008-01-08 21:25 4,247,552 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-01-08 21:25 . 2008-01-08 21:25 1,686,016 --a------ C:\Windows\System32\gameux.dll
2008-01-08 21:25 . 2008-01-08 21:25 1,060,920 --a------ C:\Windows\System32\drivers\ntfs.sys
2008-01-08 21:25 . 2008-01-08 21:25 211,000 --a------ C:\Windows\System32\drivers\volsnap.sys
2008-01-08 21:25 . 2008-01-08 21:25 154,624 --a------ C:\Windows\System32\drivers\nwifi.sys
2008-01-08 21:25 . 2008-01-08 21:25 109,624 --a------ C:\Windows\System32\drivers\ataport.sys
2008-01-08 21:25 . 2008-01-08 21:25 45,112 --a------ C:\Windows\System32\drivers\pciidex.sys
2008-01-08 21:25 . 2008-01-08 21:25 21,560 --a------ C:\Windows\System32\drivers\atapi.sys
2008-01-08 21:25 . 2008-01-08 21:25 15,928 --a------ C:\Windows\System32\drivers\pciide.sys
2008-01-08 21:25 . 2008-01-08 21:25 11,776 --a------ C:\Windows\System32\sbunattend.exe
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-07 10:57 --------- d-----w C:\Users\bevilea\AppData\Roaming\OpenOffice.org2
2008-02-07 10:56 0 ----a-w C:\Windows\system32\drivers\lvuvc.hs
2008-02-07 07:50 --------- d-----w C:\Users\bevilea\AppData\Roaming\uTorrent
2008-02-06 23:38 --------- d---a-w C:\ProgramData\TEMP
2008-02-05 12:32 --------- d-----w C:\Program Files\Windows Live
2008-02-02 08:44 --------- d-----w C:\Program Files\DivX
2008-02-02 08:40 --------- d-----w C:\Program Files\Elaborate Bytes
2008-02-02 08:39 --------- d-----w C:\Program Files\OLYMPUS
2008-02-02 08:37 --------- d-----w C:\Program Files\Free Easy Burner
2008-01-27 13:43 --------- d-----w C:\Program Files\eMule
2008-01-27 08:09 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-19 15:33 --------- d-----w C:\Program Files\OpenOffice.org 2.3
2008-01-14 23:24 --------- d-----w C:\Users\bevilea\AppData\Roaming\Aegisub
2008-01-08 20:31 --------- d-----w C:\Program Files\Windows Sidebar
2008-01-08 20:31 --------- d-----w C:\Program Files\Windows Mail
2008-01-08 20:25 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-01-08 20:25 449,024 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-01-08 20:25 2,143,744 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-01-08 20:25 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-01-02 22:13 --------- d-----w C:\Program Files\Naevius YouTube Converter
2008-01-02 00:15 --------- d-----w C:\Program Files\AmitySource
2007-12-22 10:24 --------- d-----w C:\Program Files\VideoLAN
2007-12-14 11:40 --------- d-----w C:\Program Files\Mpeg2Decoder
2007-12-14 11:05 --------- d-----w C:\Users\bevilea\AppData\Roaming\Image Zone Express
2007-12-12 12:53 1,327,104 ----a-w C:\Windows\System32\quartz.dll
2007-12-12 12:52 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
2007-12-12 12:52 824,832 ----a-w C:\Windows\System32\wininet.dll
2007-12-12 12:52 56,320 ----a-w C:\Windows\System32\iesetup.dll
2007-12-12 12:52 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2007-12-12 12:52 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2007-12-12 12:52 223,232 ----a-w C:\Windows\System32\WMASF.DLL
2007-12-12 12:51 84,992 ----a-w C:\Windows\system32\drivers\srvnet.sys
2007-12-12 12:51 58,368 ----a-w C:\Windows\system32\drivers\mrxsmb20.sys
2007-12-12 12:51 130,048 ----a-w C:\Windows\system32\drivers\srv2.sys
2007-12-12 12:51 101,888 ----a-w C:\Windows\system32\drivers\mrxsmb.sys
2007-12-12 12:50 3,504,824 ----a-w C:\Windows\System32\ntkrnlpa.exe
2007-12-12 12:50 3,470,520 ----a-w C:\Windows\System32\ntoskrnl.exe
2007-12-11 22:35 524,288 ----a-w C:\Windows\System32\DivXsm.exe
2007-12-11 22:34 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
2007-12-11 22:34 200,704 ----a-w C:\Windows\System32\ssldivx.dll
2007-12-11 22:34 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
2007-12-11 22:33 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
2007-12-11 22:33 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
2007-12-11 22:33 81,920 ----a-w C:\Windows\System32\dpl100.dll
2007-12-11 22:33 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
2007-12-11 22:33 682,496 ----a-w C:\Windows\System32\DivX.dll
2007-12-11 22:33 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
2007-12-11 22:33 57,344 ----a-w C:\Windows\System32\dpv11.dll
2007-12-11 22:33 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll
2007-12-11 22:33 344,064 ----a-w C:\Windows\System32\dpus11.dll
2007-12-11 22:33 294,912 ----a-w C:\Windows\System32\dpu11.dll
2007-12-11 22:33 294,912 ----a-w C:\Windows\System32\dpu10.dll
2007-12-11 22:33 196,608 ----a-w C:\Windows\System32\dtu100.dll
2007-12-11 22:32 156,992 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe
2007-12-11 22:32 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll
2007-11-18 09:47 22,328 ----a-w C:\Users\bevilea\AppData\Roaming\PnkBstrK.sys
2007-11-17 15:11 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
2007-11-14 02:02 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
2007-11-14 02:02 67,584 ----a-w C:\Windows\System32\wlanhlp.dll
2007-11-14 02:02 542,720 ----a-w C:\Windows\System32\sysmain.dll
2007-11-14 02:02 502,784 ----a-w C:\Windows\System32\wlansvc.dll
2007-11-14 02:02 47,104 ----a-w C:\Windows\System32\wlanapi.dll
2007-11-14 02:02 297,984 ----a-w C:\Windows\System32\wlansec.dll
2007-11-14 02:02 290,816 ----a-w C:\Windows\System32\wlanmsm.dll
2007-11-14 02:02 24,064 ----a-w C:\Windows\System32\wtsapi32.dll
2007-11-14 02:02 2,923,520 ----a-w C:\Windows\explorer.exe
2007-11-14 02:02 2,027,008 ----a-w C:\Windows\System32\win32k.sys
2007-11-14 02:01 8,704 ----a-w C:\Windows\System32\hcrstco.dll
2007-11-14 02:01 8,704 ----a-w C:\Windows\System32\hccoin.dll
2007-11-09 10:36 36,864 ----a-w C:\Windows\System32\cdd.dll
2007-08-31 01:10 174 --sha-w C:\Program Files\desktop.ini
2007-05-28 19:25 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2007-05-28 19:25 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2007-05-28 19:25 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"????r"="" []
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 14:30 249856]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [ ]
"OM2_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [ ]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35 125440]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-08 21:25 1232896]
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 15:02 563984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 15:06 2027792]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-11-25 11:43 77824]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-07 12:33 249896]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2006-12-13 10:18:50 528384]
R0 AtiPcie;ATI PCI Express (3GIO) Filter;C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-08-24 12:32]
R0 PSDFilter;PSDFilter;C:\Windows\system32\DRIVERS\psdfilter.sys [2007-02-06 23:04]
R0 PSDNServ;PSDNSERVER;C:\Windows\system32\drivers\PSDNServ.sys [2007-02-06 23:04]
R0 psdvdisk;psdvdisk;C:\Windows\system32\drivers\psdvdisk.sys [2007-02-06 23:04]
R2 eDataSecurity Service;eDSService.exe;"C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe" [2007-02-06 23:04]
R2 int15;int15;C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 17:12]
R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-09-29 04:13]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 09:51]
S2 msav;Moon Secure Antivirus Core;C:\Program Files\Moon Secure Antivirus\msavcore.exe [2007-01-24 19:49]
S3 Droppix Service;Droppix Service;"C:\Program Files\Common Files\Droppix\DxService.exe" [2007-11-22 15:25]
S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-09-29 04:13]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
\shell\AutoRun\command - H:\LaunchU3.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0567c8bf-112c-11dc-a6c3-0019db5753a4}]
\shell\AutoRun\command - L:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{21b0f655-1b3c-11dc-bd77-0019db5753a4}]
\shell\AutoRun\command - N:\LaunchU3.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c6f0ea0b-0d52-11dc-84e0-0019db5753a4}]
\shell\AutoRun\command - N:\LaunchU3.exe
*Newly Created Service* - AVGIO
*Newly Created Service* - AVGNTFLT
*Newly Created Service* - AVIPBB
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-01 16:15:00 C:\Windows\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
"2008-02-07 04:33:08 C:\Windows\Tasks\User_Feed_Synchronization-{2E3D94BC-B3DC-4546-A266-49BDB06B27BB}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-07 13:12:50
Windows 6.0.6000 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-02-07 13:13:40
ComboFix-quarantined-files.txt 2008-02-07 12:13:38
.
2008-02-07 10:17:53 --- E O F ---
ComboFix 08-02.05.3 - bevilea 2008-02-07 13:10:47.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.201 [GMT 1:00]
Endroit: C:\Users\bevilea\Desktop\ComboFix.exe
* Création d'un nouveau point de restauration
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat
C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat
----- BITS: Possible sites infectés -----
hxxp://www.download.windowsupdate.com
.
((((((((((((((((((((((((((((( Fichiers créés 2008-01-07 to 2008-02-07 ))))))))))))))))))))))))))))))))))))
.
2008-02-07 12:32 . 2008-02-07 12:32 <REP> d-------- C:\Users\All Users\Avira
2008-02-07 12:32 . 2008-02-07 12:32 <REP> d-------- C:\ProgramData\Avira
2008-02-07 12:32 . 2008-02-07 12:32 <REP> d-------- C:\Program Files\Avira
2008-02-07 11:10 . 2008-01-07 14:29 352 --ah----- C:\Windows\nod32fixtemdono.reg
2008-02-07 11:09 . 2008-02-07 11:09 <REP> d-------- C:\Users\bevilea\AppData\Roaming\ESET
2008-02-07 11:08 . 2008-02-07 11:08 <REP> d-------- C:\Users\All Users\ESET
2008-02-07 11:08 . 2008-02-07 11:08 <REP> d-------- C:\ProgramData\ESET
2008-02-07 10:49 . 2008-02-07 10:49 <REP> d-------- C:\Users\All Users\Windows Genuine Advantage
2008-02-07 01:03 . 2008-02-07 11:12 <REP> d-------- C:\Program Files\Eset
2008-02-07 00:50 . 2008-02-07 11:16 <REP> d-------- C:\Program Files\Moon Secure Antivirus
2008-02-06 22:54 . 2008-02-07 01:44 <REP> d-------- C:\Program Files\a-squared Free
2008-02-06 01:44 . 2008-02-06 01:45 <REP> d-------- C:\Users\bevilea\.housecall6.6
2008-02-05 23:46 . 2008-02-05 23:46 <REP> d-------- C:\Windows\McAfee.com
2008-02-05 21:30 . 2008-02-05 21:30 <REP> d-------- C:\Windows\BDOSCAN8
2008-02-03 11:41 . 2008-02-03 11:41 <REP> d-------- C:\Users\All Users\LightScribe
2008-02-03 11:41 . 2008-02-03 11:41 <REP> d-------- C:\ProgramData\LightScribe
2008-01-31 17:59 . 2008-01-31 18:00 <REP> d-------- C:\Users\All Users\Adobe
2008-01-31 17:59 . 2008-01-31 18:00 <REP> d-------- C:\Program Files\Common Files\Adobe
2008-01-29 16:56 . 2008-01-29 16:56 <REP> d-------- C:\Users\bevilea\AppData\Roaming\Droppix
2008-01-29 16:56 . 2008-01-29 16:56 <REP> d-------- C:\Program Files\illiminable
2008-01-29 16:56 . 2005-11-09 09:00 1,012,736 --a------ C:\Windows\System32\vorbis.dll
2008-01-29 16:56 . 2004-06-05 19:33 139,264 --a------ C:\Windows\System32\RLAPEDec.ax
2008-01-29 16:56 . 2004-04-27 16:05 98,304 --a------ C:\Windows\System32\RLMPCDec.ax
2008-01-29 16:56 . 2005-11-09 09:00 12,800 --a------ C:\Windows\System32\ogg.dll
2008-01-29 16:54 . 2008-01-29 16:54 <REP> d-------- C:\Program Files\Droppix
2008-01-29 16:54 . 2008-01-29 16:56 <REP> d-------- C:\Program Files\Common Files\Droppix
2008-01-29 16:54 . 2005-11-09 09:00 487,424 --a-s---- C:\Windows\System32\msvcp70.dll
2008-01-29 16:53 . 2008-01-29 16:59 <REP> d-------- C:\Users\All Users\Droppix
2008-01-29 16:53 . 2008-01-29 16:59 <REP> d-------- C:\ProgramData\Droppix
2008-01-27 14:43 . 2008-01-27 14:43 <REP> d-------- C:\Users\bevilea\AppData\Roaming\eMule
2008-01-24 18:37 . 2008-01-24 18:37 <REP> d-------- C:\Users\bevilea\AppData\Roaming\dvdcss
2008-01-18 00:26 . 2008-01-18 00:26 60 --a------ C:\Windows\yesmessenger.ini
2008-01-18 00:23 . 2008-01-18 00:31 <REP> d-------- C:\Program Files\YesMessenger
2008-01-14 16:53 . 2008-01-14 16:53 <REP> d-------- C:\Program Files\Combined Community Codec Pack
2008-01-09 11:33 . 2006-10-07 17:43 502,784 --a------ C:\Windows\x2.64.exe
2008-01-09 11:33 . 2007-05-14 15:24 394,240 --a------ C:\Windows\System32\Smab.dll
2008-01-09 11:33 . 2005-02-28 13:16 240,128 --a------ C:\Windows\System32\x.264.exe
2008-01-09 11:33 . 2006-04-12 09:47 217,073 --a------ C:\Windows\meta4.exe
2008-01-09 11:33 . 2004-01-25 00:00 70,656 --a------ C:\Windows\System32\yv12vfw.dll
2008-01-09 11:33 . 2004-01-25 00:00 70,656 --a------ C:\Windows\System32\i420vfw.dll
2008-01-09 11:33 . 2006-04-05 08:09 66,560 --a------ C:\Windows\MOTA113.exe
2008-01-09 11:33 . 2005-07-14 12:31 27,648 --a------ C:\Windows\System32\AVSredirect.dll
2008-01-09 11:31 . 2005-02-12 23:00 186,880 -r-hs---- C:\Windows\System32\RLOgg.ax
2008-01-09 11:31 . 2005-01-17 23:26 179,200 -r-hs---- C:\Windows\System32\DiracSplitter.ax
2008-01-09 11:31 . 2006-08-16 14:53 175,104 -r-hs---- C:\Windows\System32\CoreAAC.ax
2008-01-09 11:31 . 2005-02-05 23:00 92,672 -r-hs---- C:\Windows\System32\RLVorbisDec.ax
2008-01-09 11:31 . 2005-02-22 16:55 81,920 -r-hs---- C:\Windows\System32\aac_parser.ax
2008-01-09 11:31 . 2005-02-12 23:00 67,584 -r-hs---- C:\Windows\System32\RLTheoraDec.ax
2008-01-09 11:31 . 2005-02-12 23:00 51,712 -r-hs---- C:\Windows\System32\RLSpeexDec.ax
2008-01-08 21:26 . 2008-01-08 21:26 802,816 --a------ C:\Windows\System32\drivers\tcpip.sys
2008-01-08 21:26 . 2008-01-08 21:26 216,760 --a------ C:\Windows\System32\drivers\netio.sys
2008-01-08 21:26 . 2008-01-08 21:26 167,424 --a------ C:\Windows\System32\tcpipcfg.dll
2008-01-08 21:26 . 2008-01-08 21:26 24,064 --a------ C:\Windows\System32\netcfg.exe
2008-01-08 21:26 . 2008-01-08 21:26 22,016 --a------ C:\Windows\System32\netiougc.exe
2008-01-08 21:25 . 2008-01-08 21:25 4,247,552 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-01-08 21:25 . 2008-01-08 21:25 1,686,016 --a------ C:\Windows\System32\gameux.dll
2008-01-08 21:25 . 2008-01-08 21:25 1,060,920 --a------ C:\Windows\System32\drivers\ntfs.sys
2008-01-08 21:25 . 2008-01-08 21:25 211,000 --a------ C:\Windows\System32\drivers\volsnap.sys
2008-01-08 21:25 . 2008-01-08 21:25 154,624 --a------ C:\Windows\System32\drivers\nwifi.sys
2008-01-08 21:25 . 2008-01-08 21:25 109,624 --a------ C:\Windows\System32\drivers\ataport.sys
2008-01-08 21:25 . 2008-01-08 21:25 45,112 --a------ C:\Windows\System32\drivers\pciidex.sys
2008-01-08 21:25 . 2008-01-08 21:25 21,560 --a------ C:\Windows\System32\drivers\atapi.sys
2008-01-08 21:25 . 2008-01-08 21:25 15,928 --a------ C:\Windows\System32\drivers\pciide.sys
2008-01-08 21:25 . 2008-01-08 21:25 11,776 --a------ C:\Windows\System32\sbunattend.exe
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-07 10:57 --------- d-----w C:\Users\bevilea\AppData\Roaming\OpenOffice.org2
2008-02-07 10:56 0 ----a-w C:\Windows\system32\drivers\lvuvc.hs
2008-02-07 07:50 --------- d-----w C:\Users\bevilea\AppData\Roaming\uTorrent
2008-02-06 23:38 --------- d---a-w C:\ProgramData\TEMP
2008-02-05 12:32 --------- d-----w C:\Program Files\Windows Live
2008-02-02 08:44 --------- d-----w C:\Program Files\DivX
2008-02-02 08:40 --------- d-----w C:\Program Files\Elaborate Bytes
2008-02-02 08:39 --------- d-----w C:\Program Files\OLYMPUS
2008-02-02 08:37 --------- d-----w C:\Program Files\Free Easy Burner
2008-01-27 13:43 --------- d-----w C:\Program Files\eMule
2008-01-27 08:09 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-19 15:33 --------- d-----w C:\Program Files\OpenOffice.org 2.3
2008-01-14 23:24 --------- d-----w C:\Users\bevilea\AppData\Roaming\Aegisub
2008-01-08 20:31 --------- d-----w C:\Program Files\Windows Sidebar
2008-01-08 20:31 --------- d-----w C:\Program Files\Windows Mail
2008-01-08 20:25 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-01-08 20:25 449,024 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-01-08 20:25 2,143,744 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-01-08 20:25 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-01-02 22:13 --------- d-----w C:\Program Files\Naevius YouTube Converter
2008-01-02 00:15 --------- d-----w C:\Program Files\AmitySource
2007-12-22 10:24 --------- d-----w C:\Program Files\VideoLAN
2007-12-14 11:40 --------- d-----w C:\Program Files\Mpeg2Decoder
2007-12-14 11:05 --------- d-----w C:\Users\bevilea\AppData\Roaming\Image Zone Express
2007-12-12 12:53 1,327,104 ----a-w C:\Windows\System32\quartz.dll
2007-12-12 12:52 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
2007-12-12 12:52 824,832 ----a-w C:\Windows\System32\wininet.dll
2007-12-12 12:52 56,320 ----a-w C:\Windows\System32\iesetup.dll
2007-12-12 12:52 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2007-12-12 12:52 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2007-12-12 12:52 223,232 ----a-w C:\Windows\System32\WMASF.DLL
2007-12-12 12:51 84,992 ----a-w C:\Windows\system32\drivers\srvnet.sys
2007-12-12 12:51 58,368 ----a-w C:\Windows\system32\drivers\mrxsmb20.sys
2007-12-12 12:51 130,048 ----a-w C:\Windows\system32\drivers\srv2.sys
2007-12-12 12:51 101,888 ----a-w C:\Windows\system32\drivers\mrxsmb.sys
2007-12-12 12:50 3,504,824 ----a-w C:\Windows\System32\ntkrnlpa.exe
2007-12-12 12:50 3,470,520 ----a-w C:\Windows\System32\ntoskrnl.exe
2007-12-11 22:35 524,288 ----a-w C:\Windows\System32\DivXsm.exe
2007-12-11 22:34 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
2007-12-11 22:34 200,704 ----a-w C:\Windows\System32\ssldivx.dll
2007-12-11 22:34 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
2007-12-11 22:33 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
2007-12-11 22:33 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
2007-12-11 22:33 81,920 ----a-w C:\Windows\System32\dpl100.dll
2007-12-11 22:33 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
2007-12-11 22:33 682,496 ----a-w C:\Windows\System32\DivX.dll
2007-12-11 22:33 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
2007-12-11 22:33 57,344 ----a-w C:\Windows\System32\dpv11.dll
2007-12-11 22:33 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll
2007-12-11 22:33 344,064 ----a-w C:\Windows\System32\dpus11.dll
2007-12-11 22:33 294,912 ----a-w C:\Windows\System32\dpu11.dll
2007-12-11 22:33 294,912 ----a-w C:\Windows\System32\dpu10.dll
2007-12-11 22:33 196,608 ----a-w C:\Windows\System32\dtu100.dll
2007-12-11 22:32 156,992 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe
2007-12-11 22:32 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll
2007-11-18 09:47 22,328 ----a-w C:\Users\bevilea\AppData\Roaming\PnkBstrK.sys
2007-11-17 15:11 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
2007-11-14 02:02 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
2007-11-14 02:02 67,584 ----a-w C:\Windows\System32\wlanhlp.dll
2007-11-14 02:02 542,720 ----a-w C:\Windows\System32\sysmain.dll
2007-11-14 02:02 502,784 ----a-w C:\Windows\System32\wlansvc.dll
2007-11-14 02:02 47,104 ----a-w C:\Windows\System32\wlanapi.dll
2007-11-14 02:02 297,984 ----a-w C:\Windows\System32\wlansec.dll
2007-11-14 02:02 290,816 ----a-w C:\Windows\System32\wlanmsm.dll
2007-11-14 02:02 24,064 ----a-w C:\Windows\System32\wtsapi32.dll
2007-11-14 02:02 2,923,520 ----a-w C:\Windows\explorer.exe
2007-11-14 02:02 2,027,008 ----a-w C:\Windows\System32\win32k.sys
2007-11-14 02:01 8,704 ----a-w C:\Windows\System32\hcrstco.dll
2007-11-14 02:01 8,704 ----a-w C:\Windows\System32\hccoin.dll
2007-11-09 10:36 36,864 ----a-w C:\Windows\System32\cdd.dll
2007-08-31 01:10 174 --sha-w C:\Program Files\desktop.ini
2007-05-28 19:25 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2007-05-28 19:25 32,768 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2007-05-28 19:25 16,384 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"????r"="" []
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 14:30 249856]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [ ]
"OM2_Monitor"="C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [ ]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35 125440]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-08 21:25 1232896]
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [ ]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 15:02 563984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 15:06 2027792]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-11-25 11:43 77824]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-07 12:33 249896]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2006-12-13 10:18:50 528384]
R0 AtiPcie;ATI PCI Express (3GIO) Filter;C:\Windows\system32\DRIVERS\AtiPcie.sys [2006-08-24 12:32]
R0 PSDFilter;PSDFilter;C:\Windows\system32\DRIVERS\psdfilter.sys [2007-02-06 23:04]
R0 PSDNServ;PSDNSERVER;C:\Windows\system32\drivers\PSDNServ.sys [2007-02-06 23:04]
R0 psdvdisk;psdvdisk;C:\Windows\system32\drivers\psdvdisk.sys [2007-02-06 23:04]
R2 eDataSecurity Service;eDSService.exe;"C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe" [2007-02-06 23:04]
R2 int15;int15;C:\Acer\Empowering Technology\eRecovery\int15.sys [2006-12-07 17:12]
R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-09-29 04:13]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 09:51]
S2 msav;Moon Secure Antivirus Core;C:\Program Files\Moon Secure Antivirus\msavcore.exe [2007-01-24 19:49]
S3 Droppix Service;Droppix Service;"C:\Program Files\Common Files\Droppix\DxService.exe" [2007-11-22 15:25]
S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-09-29 04:13]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
\shell\AutoRun\command - H:\LaunchU3.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0567c8bf-112c-11dc-a6c3-0019db5753a4}]
\shell\AutoRun\command - L:\setup.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{21b0f655-1b3c-11dc-bd77-0019db5753a4}]
\shell\AutoRun\command - N:\LaunchU3.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c6f0ea0b-0d52-11dc-84e0-0019db5753a4}]
\shell\AutoRun\command - N:\LaunchU3.exe
*Newly Created Service* - AVGIO
*Newly Created Service* - AVGNTFLT
*Newly Created Service* - AVIPBB
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-01 16:15:00 C:\Windows\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
"2008-02-07 04:33:08 C:\Windows\Tasks\User_Feed_Synchronization-{2E3D94BC-B3DC-4546-A266-49BDB06B27BB}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-07 13:12:50
Windows 6.0.6000 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-02-07 13:13:40
ComboFix-quarantined-files.txt 2008-02-07 12:13:38
.
2008-02-07 10:17:53 --- E O F ---
re salut, et excuse moi pour le bonjour de tout a l'heure
le rapport
Logfile of HijackThis v1.99.1
Scan saved at 21:57:50, on 07/02/2008
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Running processes:
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\ProgramData\U3\U3Launcher\LaunchU3.exe
F:\MagicDisc\MagicDisc.exe
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
F:\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - Startup: ashDisp.exe - Raccourci.lnk = C:\Program Files\Alwil Software\Avast4\ashDisp.exe
O4 - Startup: LaunchU3.exe.lnk = ?
O4 - Startup: MagicDisc.lnk = F:\MagicDisc\MagicDisc.exe
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin...
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common...
O16 - DPF: {664088B0-6AF3-4514-AF9D-A0DC3A3DF24A} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols3beta/fscax.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Droppix Service - Droppix - C:\Program Files\Common Files\Droppix\DxService.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Moon Secure Antivirus Core (msav) - Unknown owner - C:\Program Files\Moon Secure Antivirus\msavcore.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
le rapport
Logfile of HijackThis v1.99.1
Scan saved at 21:57:50, on 07/02/2008
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Running processes:
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\ProgramData\U3\U3Launcher\LaunchU3.exe
F:\MagicDisc\MagicDisc.exe
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
F:\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*http://fr.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - Startup: ashDisp.exe - Raccourci.lnk = C:\Program Files\Alwil Software\Avast4\ashDisp.exe
O4 - Startup: LaunchU3.exe.lnk = ?
O4 - Startup: MagicDisc.lnk = F:\MagicDisc\MagicDisc.exe
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://downloads.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin...
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common...
O16 - DPF: {664088B0-6AF3-4514-AF9D-A0DC3A3DF24A} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols3beta/fscax.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (a-squared Scanner) - http://ax.emsisoft.com/asquared.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Droppix Service - Droppix - C:\Program Files\Common Files\Droppix\DxService.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Moon Secure Antivirus Core (msav) - Unknown owner - C:\Program Files\Moon Secure Antivirus\msavcore.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)
Lassé par la pub ? Créez un compte
