bug.. virus je croix
Dernière réponse : dans Sécurité
bonjour a tous,
voila depuis quelque temps mon ordi bug en fin quand je ouvre un dossier ex.music ba y a la barre de zaches en bas qui disparait avec tous les incones apre 5 seconde sa revien mais sa ouvre pas le dossier
dite moi tout ce que vous pancer que sa soit
merci![:bounce:]( ":bounce:")
peace
voila depuis quelque temps mon ordi bug en fin quand je ouvre un dossier ex.music ba y a la barre de zaches en bas qui disparait avec tous les incones apre 5 seconde sa revien mais sa ouvre pas le dossier
dite moi tout ce que vous pancer que sa soit
merci
peace
Autres pages sur : bug virus croix
Lassé par la pub ? Créez un compte
Bonjour,
C'est effectivement bizarre.
Télécharge puis installe Hijackthis (Trend Micro).
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
C'est effectivement bizarre.
Télécharge puis installe Hijackthis (Trend Micro).
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
voila ![:D]( ":D")
j'espere que c'est ca ![:bounce:]( ":bounce:")
merci de m'aider ![:hello:]( ":hello:")
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:18:11, on 07.03.2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Common Files\Motive\MotiveBrowser.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Norton Security Scan\Nss.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Norton Security Scan\Nss.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.eazel.com/index.php?rvs=hompag
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBes1.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBes1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBes1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Windows\system32\SysMonitor.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [PCMService] "C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe"
O4 - HKLM\..\Run: [MotiveReportAgent] "C:\Program Files\Common Files\Motive\McciBootStrapper.exe" /url="-url=file://C:\Program Files\Common Files\Motive\ReportAgent.html" /browsertype=CustomMSIE /browserpath="C:\Program Files\Common Files\Motive\MotiveBrowser.exe" /hidden
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Way bits] "C:\ProgramData\save info info.xp0yz"
O4 - HKCU\..\Run: [Itch ford four knob] "C:\ProgramData\proxy less bash.48bqi"
O4 - HKCU\..\Run: [himem] "c:\windows\himem.exe" 3fff 8ffff
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [d85dbdf1] rundll32.exe "C:\Users\ado\AppData\Local\Temp\smnvxoqh.dll",b
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\ado\AppData\Local\Temp\jkkhi.dll,c
O4 - HKCU\..\Run: [BMdb6e8e6d] Rundll32.exe "C:\Users\ado\AppData\Local\Temp\alcrqkng.dll",s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 11123 bytes
j'espere que c'est ca merci de m'aider 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:18:11, on 07.03.2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Common Files\Motive\MotiveBrowser.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Norton Security Scan\Nss.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Norton Security Scan\Nss.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.eazel.com/index.php?rvs=hompag
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBes1.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBes1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBes1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Windows\system32\SysMonitor.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [PCMService] "C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe"
O4 - HKLM\..\Run: [MotiveReportAgent] "C:\Program Files\Common Files\Motive\McciBootStrapper.exe" /url="-url=file://C:\Program Files\Common Files\Motive\ReportAgent.html" /browsertype=CustomMSIE /browserpath="C:\Program Files\Common Files\Motive\MotiveBrowser.exe" /hidden
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Way bits] "C:\ProgramData\save info info.xp0yz"
O4 - HKCU\..\Run: [Itch ford four knob] "C:\ProgramData\proxy less bash.48bqi"
O4 - HKCU\..\Run: [himem] "c:\windows\himem.exe" 3fff 8ffff
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [d85dbdf1] rundll32.exe "C:\Users\ado\AppData\Local\Temp\smnvxoqh.dll",b
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\ado\AppData\Local\Temp\jkkhi.dll,c
O4 - HKCU\..\Run: [BMdb6e8e6d] Rundll32.exe "C:\Users\ado\AppData\Local\Temp\alcrqkng.dll",s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 11123 bytes
Re,
[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]
Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.
Double clique sur combofix.exe afin de le lancer.
Tape sur la touche 1 (Yes) pour démarrer le scan.
Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]
dsl si c'est faux mais j'arrive pas mieu le systeme bug trop... ![:fou:]( ":fou:")
j'en ai marre ![:(]( ":(")
ComboFix 08-03-07.3 - ado 2008-03-07 22:39:01.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6000.0.1252.1.1036.18.183 [GMT 1:00]
Endroit: C:\Users\ado\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4QGAEQUH\ComboFix[1].exe
* Création d'un nouveau point de restauration
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\Common Files\SystemDoctor
C:\Program Files\Common Files\SystemDoctor\err.log
C:\Program Files\Common Files\winantivirus pro 2007
C:\Program Files\Common Files\winantivirus pro 2007\err.log
C:\Users\ado\AppData\Roaming\inst.exe
C:\Users\ado\AppData\Roaming\WinAntiVirus Pro 2007
C:\Users\ado\AppData\Roaming\WinAntiVirus Pro 2007\avtasks.dat
C:\Users\ado\AppData\Roaming\WinAntiVirus Pro 2007\CookieList.dat
C:\Users\ado\AppData\Roaming\WinAntiVirus Pro 2007\history.db
C:\Users\ado\AppData\Roaming\WinAntiVirus Pro 2007\Logs\update.log
C:\Users\ado\AppData\Roaming\WinAntiVirus Pro 2007\Logs\wa7Support.log
C:\Users\ado\AppData\Roaming\WinAntiVirus Pro 2007\Logs\winav.log
C:\Users\ado\AppData\Roaming\WinAntiVirus Pro 2007\PGE.dat
C:\UWA7P
.
((((((((((((((((((((((((((((( Fichiers créés 2008-02-07 to 2008-03-07 ))))))))))))))))))))))))))))))))))))
.
Pas de nouveau fichier créé dans cet espace de temps
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-07 21:17 307,968 ----a-w C:\Windows\System32\TuneUpDefragService.exe
2008-03-07 21:17 --------- d-----w C:\Users\ado\AppData\Roaming\TuneUp Software
2008-03-07 21:17 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2008-03-07 21:17 --------- d-----w C:\PROGRA~2\TuneUp Software
2008-03-07 21:15 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-03-07 20:50 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-03-07 18:26 --------- d-----w C:\PROGRA~2\Lavasoft
2008-03-07 18:23 --------- d-----w C:\Program Files\Lavasoft
2008-03-07 18:16 --------- d-----w C:\Program Files\Trend Micro
2008-03-07 18:03 --------- d-----w C:\Program Files\Norton Security Scan
2008-03-07 17:51 --------- d-----w C:\Program Files\Nero
2008-03-07 17:18 --------- d-----w C:\Users\ado\AppData\Roaming\uTorrent
2008-03-07 16:56 --------- d-----w C:\Program Files\Common Files\Adobe
2008-03-07 16:17 --------- d-----w C:\Program Files\Navilog1
2008-03-07 12:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-06 21:33 5,048 ----a-w C:\Windows\System32\tmp.reg
2008-03-06 21:26 --------- d-----w C:\Program Files\Ares
2008-03-06 16:59 --------- d-----w C:\PROGRA~2\eMule
2008-03-06 16:58 --------- d-----w C:\Program Files\SababaDC
2008-03-05 21:29 82,432 ----a-w C:\Windows\System32\IEDFix.exe
2008-03-05 17:02 --------- d-----w C:\Program Files\TubeMaster
2008-03-02 17:08 --------- d-----w C:\Program Files\GTA3Mods
2008-03-02 12:17 --------- d-----w C:\Program Files\Rockstar Games
2008-03-02 09:26 --------- d-----w C:\Users\ado\AppData\Roaming\LimeWire
2008-03-01 22:12 86,016 ----a-w C:\Windows\System32\VACFix.exe
2008-02-29 11:31 --------- d-----w C:\Program Files\MSN Messenger
2008-02-29 11:30 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-02-29 11:29 --------- d-----w C:\Program Files\Windows Live
2008-02-29 11:28 --------- d-----w C:\PROGRA~2\WLInstaller
2008-02-27 13:33 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-02-27 12:15 28,416 ----a-w C:\Windows\System32\uxtuneup.dll
2008-02-27 12:15 16,640 ----a-w C:\Windows\System32\authuitu.dll
2008-02-23 19:51 --------- d-----w C:\Program Files\TVAnts
2008-02-21 20:37 --------- d-----w C:\Users\ado\AppData\Roaming\vlc
2008-02-21 20:36 --------- d-----w C:\Program Files\VideoLAN
2008-02-17 19:14 722 ---ha-w C:\os848618.bin
2008-02-17 19:02 --------- d-----w C:\Program Files\Common Files\Vbox
2008-02-17 18:09 --------- d-----w C:\Program Files\PhotoFiltre
2008-02-15 21:28 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-02-13 16:49 47,360 ----a-w C:\Users\ado\AppData\Roaming\pcouffin.sys
2008-02-13 16:49 --------- d-----w C:\Users\ado\AppData\Roaming\Vso
2008-02-13 10:26 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-02-13 10:26 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
2008-02-13 10:19 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-02-13 10:19 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-02-13 10:19 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-02-13 10:19 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-02-13 10:19 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-02-13 10:19 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-02-13 10:19 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
2008-02-13 10:19 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-02-13 10:19 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-02-13 10:19 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-02-13 10:19 15,928 ----a-w C:\Windows\system32\drivers\pciide.sys
2008-02-13 10:19 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-02-13 10:18 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-13 10:18 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-13 10:18 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-13 10:18 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-13 10:18 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-13 10:18 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-02-13 10:13 824,832 ----a-w C:\Windows\System32\wininet.dll
2008-02-13 10:13 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-13 10:13 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-13 10:13 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-11 19:12 47,360 ----a-w C:\Windows\system32\drivers\pcouffin.sys
2008-02-11 16:21 --------- d-----w C:\Program Files\DivX
2008-01-30 11:33 --------- d-----w C:\Program Files\SopCast
2008-01-18 20:42 --------- d-----w C:\PROGRA~2\Symantec
2008-01-14 20:07 --------- d-----w C:\Program Files\Brother
2008-01-14 20:05 --------- d-----w C:\Users\ado\AppData\Roaming\InstallShield
2008-01-14 20:04 --------- d-----w C:\Program Files\Nuance
2008-01-14 20:04 --------- d-----w C:\PROGRA~2\ScanSoft
2008-01-14 20:03 --------- d-----w C:\Program Files\Common Files\ScanSoft Shared
2008-01-14 20:02 --------- d-----w C:\Program Files\ScanSoft
2008-01-14 20:00 --------- d-----w C:\PROGRA~2\Brother
2008-01-09 12:22 --------- d-----w C:\Program Files\Windows Mail
2008-01-09 12:01 --------- d-----w C:\Program Files\Best_Security_Tips
2008-01-09 11:50 --------- d-----w C:\Program Files\Windows Sidebar
2008-01-09 11:48 1,060,920 ----a-w C:\Windows\system32\drivers\ntfs.sys
2008-01-09 11:47 211,000 ----a-w C:\Windows\system32\drivers\volsnap.sys
2008-01-09 11:47 11,776 ----a-w C:\Windows\System32\sbunattend.exe
2008-01-09 11:18 524,288 ----a-w C:\Windows\System32\DivXsm.exe
2008-01-09 11:18 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
2008-01-09 11:18 200,704 ----a-w C:\Windows\System32\ssldivx.dll
2008-01-09 11:18 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
2008-01-09 11:16 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
2008-01-09 11:16 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
2008-01-09 11:16 81,920 ----a-w C:\Windows\System32\dpl100.dll
2008-01-09 11:16 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
2008-01-09 11:16 682,496 ----a-w C:\Windows\System32\DivX.dll
2008-01-09 11:16 196,608 ----a-w C:\Windows\System32\dtu100.dll
2007-12-14 10:32 12,632 ----a-w C:\Windows\System32\lsdelete.exe
2007-12-13 13:38 73,216 ----a-w C:\Windows\ST6UNST.EXE
2007-12-13 13:38 249,856 ------w C:\Windows\Setup1.exe
2007-12-12 11:53 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
2007-12-12 11:53 223,232 ----a-w C:\Windows\System32\WMASF.DLL
2007-12-12 11:53 1,327,104 ----a-w C:\Windows\System32\quartz.dll
2007-12-11 19:44 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
2007-12-11 19:44 57,344 ----a-w C:\Windows\System32\dpv11.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{da30eff8-ccc6-4162-a20d-67402a26a215}]
2008-01-09 13:01 1502232 --a------ C:\Program Files\Best_Security_Tips\tbBes1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{DA30EFF8-CCC6-4162-A20D-67402A26A215}"= "C:\Program Files\Best_Security_Tips\tbBes1.dll" [2008-01-09 13:01 1502232]
[HKEY_CLASSES_ROOT\clsid\{da30eff8-ccc6-4162-a20d-67402a26a215}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{DA30EFF8-CCC6-4162-A20D-67402A26A215}"= C:\Program Files\Best_Security_Tips\tbBes1.dll [2008-01-09 13:01 1502232]
[HKEY_CLASSES_ROOT\clsid\{da30eff8-ccc6-4162-a20d-67402a26a215}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-09 12:47 1232896]
"WindowsWelcomeCenter"="oobefldr.dll" [2006-11-02 13:34 2159104 C:\Windows\System32\oobefldr.dll]
"????r"="" []
"?????????"="??????????????e" []
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"ares"="C:\Program Files\Ares\Ares.exe" [ ]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-10-20 16:02 171448]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46 1460560]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [ ]
"Way bits"="C:\ProgramData\save info info.xp0yz" [ ]
"Itch ford four knob"="C:\ProgramData\proxy less bash.48bqi" [ ]
"himem"="c:\windows\himem.exe" [ ]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 14:30 249856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-09-17 21:05 1006264]
"RtHDVCpl"="RtHDVCpl.exe" [2006-12-01 14:37 4186112 C:\Windows\RtHDVCpl.exe]
"Acer Tour"="" []
"Acer Empowering Technology Monitor"="C:\Windows\system32\SysMonitor.exe" [2006-11-23 15:24 319488]
"WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 20:48 57344]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-06 23:04 464168]
"eRecoveryService"="" []
"PCMService"="C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe" [2006-11-25 00:57 151552]
"MotiveReportAgent"="C:\Program Files\Common Files\Motive\McciBootStrapper.exe" [2005-12-16 12:40 202240]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 15:02 563984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 15:06 2027792]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"Lexmark 1200 Series"="C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe" [ ]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-09-12 05:28 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-09-12 05:28 8497696]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-09-12 05:28 81920]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 09:03 210472]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 21:12 30248]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-29 21:10 46632]
"PPort11reminder"="C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 13:46 255528]
"BrMfcWnd"="C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-12 14:51 663552]
"ControlCenter3"="C:\Program Files\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 15:58 65536]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06 29696]
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2006-12-26 00:18:20 528384]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{7555F09B-0754-413A-B4E7-5BBE15848606}"= UDP:C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe:CyberLink PowerCinema Resident Program
"{43E270A2-6FC2-4DD1-821B-EEE0BB1DEB8C}"= TCP:C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe:CyberLink PowerCinema Resident Program
"TCP Query User{1BBE969F-1738-4EDF-8D8F-D6B72EC50E00}C:\program files\ares\ares.exe"= UDP:C:\program files\ares\ares.exe:Ares p2p for windows|Desc=Ares p2p for windows
"UDP Query User{0F430538-EA2A-40A0-BBFD-EBDE735FD3BD}C:\program files\ares\ares.exe"= TCP:C:\program files\ares\ares.exe:Ares p2p for windows|Desc=Ares p2p for windows
"TCP Query User{B269698E-ECC0-4589-A756-98CA1FBD63D9}C:\program files\limewire\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire|Desc=LimeWire
"UDP Query User{01B467DA-CACB-4765-85CF-CBA83C848785}C:\program files\limewire\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire|Desc=LimeWire
"{B5033EC7-732F-40DE-BC62-F5047EE07866}"= UDP:C:\Program Files\utorrent\utorrent.exe:µTorrent
"{FB60646B-0B22-4562-987C-8AF7D058F3DD}"= TCP:C:\Program Files\utorrent\utorrent.exe:µTorrent
"TCP Query User{08F587D7-5A55-43CE-85C3-E820D7C6CA70}C:\program files\emule\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule|Desc=eMule
"UDP Query User{EDBA8E8B-D537-4527-B125-4834AC5DD3E0}C:\program files\emule\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule|Desc=eMule
"TCP Query User{478BD115-6302-4040-889E-DF078357D02F}C:\program files\sababadc\sababadc.exe"= UDP:C:\program files\sababadc\sababadc.exe:SababaDC|Desc=SababaDC
"UDP Query User{B1BC7FA1-C86F-4288-BC3D-90EA8685500F}C:\program files\sababadc\sababadc.exe"= TCP:C:\program files\sababadc\sababadc.exe:SababaDC|Desc=SababaDC
"TCP Query User{E883E491-8357-4522-B5E6-4EDD08064436}C:\users\ado\downloads\752469@samp01b-server\samp-server.exe"= UDP:C:\users\ado\downloads\752469@samp01b-server\samp-server.exe:samp-server.exe|Desc=samp-server.exe
"UDP Query User{051C309C-55A9-4ABC-81D3-F060D749FD5B}C:\users\ado\downloads\752469@samp01b-server\samp-server.exe"= TCP:C:\users\ado\downloads\752469@samp01b-server\samp-server.exe:samp-server.exe|Desc=samp-server.exe
"TCP Query User{2ADB3372-2901-45A1-90F0-C445C7356069}C:\program files\common files\nero\nero web\setupx.exe"= UDP:C:\program files\common files\nero\nero web\setupx.exe:Nero Installer|Desc=Nero Installer
"UDP Query User{2536DF90-7538-4A3C-B068-4E462FCB7900}C:\program files\common files\nero\nero web\setupx.exe"= TCP:C:\program files\common files\nero\nero web\setupx.exe:Nero Installer|Desc=Nero Installer
"TCP Query User{E107E0A8-4785-4BB6-813E-9341081895E1}C:\users\ado\appdata\local\temp\onlineupdate8\setupxu.exe"= UDP:C:\users\ado\appdata\local\temp\onlineupdate8\setupxu.exe:setupxu.exe|Desc=setupxu.exe
"UDP Query User{1D35970B-BC84-4957-9384-9A81608FC9F4}C:\users\ado\appdata\local\temp\onlineupdate8\setupxu.exe"= TCP:C:\users\ado\appdata\local\temp\onlineupdate8\setupxu.exe:setupxu.exe|Desc=setupxu.exe
"TCP Query User{E487518F-8DC9-44FD-AE88-E9ED3A7BD0A0}C:\program files\dc++\dcplusplus.exe"= UDP:C:\program files\dc++\dcplusplus.exe![:D]( ":D")
C++|Desc=DC++
"UDP Query User{A096AB6B-74C8-484B-ABC1-3BBB03788AAC}C:\program files\dc++\dcplusplus.exe"= TCP:C:\program files\dc++\dcplusplus.exe![:D]( ":D")
C++|Desc=DC++
"{57641C82-1D49-4FBC-81FD-A2A16411853A}"= UDP:C:\Windows\System32\lxczcoms.exe:Lexmark Communications System
"{1735046F-E435-4CC2-A8D5-C8762313B59A}"= TCP:C:\Windows\System32\lxczcoms.exe:Lexmark Communications System
"{95802521-6988-49BA-A186-B720F58EA33E}"= UDP:C:\Windows\System32\spool\drivers\w32x86\3\lxczpswx.exe![:p]( ":p")
rinter Status Window
"{0CA9FA8D-0C4A-4896-9D79-25863A04154D}"= TCP:C:\Windows\System32\spool\drivers\w32x86\3\lxczpswx.exe![:p]( ":p")
rinter Status Window
"TCP Query User{F4856A94-6B09-4838-B488-75F903E66009}C:\program files\sopcast\adv\sopadver.exe"= UDP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver|Desc=SopCast Adver
"UDP Query User{2BB3E653-F4BC-486D-AF80-C863C20559CF}C:\program files\sopcast\adv\sopadver.exe"= TCP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver|Desc=SopCast Adver
"TCP Query User{7F86D674-EF0E-4EDE-BD1E-98CB16034299}C:\program files\sopcast\sopcast.exe"= UDP:C:\program files\sopcast\sopcast.exe:SopCast Main Application|Desc=SopCast Main Application
"UDP Query User{9E7E9506-00F5-40E3-B920-889372F4C31E}C:\program files\sopcast\sopcast.exe"= TCP:C:\program files\sopcast\sopcast.exe:SopCast Main Application|Desc=SopCast Main Application
"TCP Query User{D641A350-211A-4192-80BF-BB506ECD2547}C:\program files\internet explorer\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer|Desc=Internet Explorer
"UDP Query User{470EEF7F-0563-4063-A179-4597F1878DE7}C:\program files\internet explorer\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer|Desc=Internet Explorer
"TCP Query User{839CE8C7-D49F-4863-B9C6-4D8BB9EADEB5}C:\program files\tvants\tvants.exe"= UDP:C:\program files\tvants\tvants.exe:TVAnts|Desc=TVAnts
"UDP Query User{B1128E75-6F1A-46B5-BAC5-AB2904CCFF14}C:\program files\tvants\tvants.exe"= TCP:C:\program files\tvants\tvants.exe:TVAnts|Desc=TVAnts
"{471A8741-363A-42F2-AE82-8DBB4687D5F1}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)|Edge=TRUE|
"TCP Query User{77EE5C7D-941B-4C46-B587-5E8AA116DF4E}C:\users\ado\appdata\local\microsoft\windows\temporary internet files\content.ie5\51nqzhz6\installer-13398-33-nero-general-clean-tool-french[1].exe"= UDP:C:\users\ado\appdata\local\microsoft\windows\temporary internet files\content.ie5\51nqzhz6\installer-13398-33-nero-general-clean-tool-french[1].exe:installer-13398-33-nero-general-clean-tool-french[1].exe|Desc=installer-13398-33-nero-general-clean-tool-french[1].exe
"UDP Query User{C950A8F6-CCE0-46EA-A533-E829E4A84C03}C:\users\ado\appdata\local\microsoft\windows\temporary internet files\content.ie5\51nqzhz6\installer-13398-33-nero-general-clean-tool-french[1].exe"= TCP:C:\users\ado\appdata\local\microsoft\windows\temporary internet files\content.ie5\51nqzhz6\installer-13398-33-nero-general-clean-tool-french[1].exe:installer-13398-33-nero-general-clean-tool-french[1].exe|Desc=installer-13398-33-nero-general-clean-tool-french[1].exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe"= C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu
"C:\Acer\Empowering Technology\eDataSecurity\encryption.exe"= C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption
"C:\Acer\Empowering Technology\eDataSecurity\decryption.exe"= C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled![:D]( ":D")
ecryption
R0 PSDFilter;PSDFilter;C:\Windows\system32\DRIVERS\psdfilter.sys [2007-02-06 23:04]
R0 PSDNServ;PSDNSERVER;C:\Windows\system32\drivers\PSDNServ.sys [2007-02-06 23:04]
R0 psdvdisk;psdvdisk;C:\Windows\system32\drivers\psdvdisk.sys [2006-11-08 15:11]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2007-12-04 15:52]
R2 eDataSecurity Service;eDSService.exe;"C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe" [2007-02-06 23:04]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2007-08-31 16:46]
R2 UxTuneUp;TuneUp Extension de thème;C:\Windows\System32\svchost.exe [2006-11-02 10:45]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 09:51]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.exe [2008-03-07 22:17]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5f93e3b2-651e-11dc-9aa9-806e6f6e6963}]
\shell\AutoRun\command - E:\setup.exe
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-07 21:22:23 C:\Windows\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
"2008-03-07 19:00:01 C:\Windows\Tasks\Norton Internet Security - Analyse système complète - ado.job"
- c:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeB/TASK:
"2008-03-07 17:00:15 C:\Windows\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
"2008-03-07 18:32:41 C:\Windows\Tasks\User_Feed_Synchronization-{89FF33B0-A040-4317-86A0-4CEDC49DA3A5}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-07 22:43:37
Windows 6.0.6000 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-03-07 22:45:23
ComboFix-quarantined-files.txt 2008-03-07 21:45:16
.
2008-03-07 11:31:39 --- E O F ---
j'en ai marre 
ComboFix 08-03-07.3 - ado 2008-03-07 22:39:01.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6000.0.1252.1.1036.18.183 [GMT 1:00]
Endroit: C:\Users\ado\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4QGAEQUH\ComboFix[1].exe
* Création d'un nouveau point de restauration
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\Common Files\SystemDoctor
C:\Program Files\Common Files\SystemDoctor\err.log
C:\Program Files\Common Files\winantivirus pro 2007
C:\Program Files\Common Files\winantivirus pro 2007\err.log
C:\Users\ado\AppData\Roaming\inst.exe
C:\Users\ado\AppData\Roaming\WinAntiVirus Pro 2007
C:\Users\ado\AppData\Roaming\WinAntiVirus Pro 2007\avtasks.dat
C:\Users\ado\AppData\Roaming\WinAntiVirus Pro 2007\CookieList.dat
C:\Users\ado\AppData\Roaming\WinAntiVirus Pro 2007\history.db
C:\Users\ado\AppData\Roaming\WinAntiVirus Pro 2007\Logs\update.log
C:\Users\ado\AppData\Roaming\WinAntiVirus Pro 2007\Logs\wa7Support.log
C:\Users\ado\AppData\Roaming\WinAntiVirus Pro 2007\Logs\winav.log
C:\Users\ado\AppData\Roaming\WinAntiVirus Pro 2007\PGE.dat
C:\UWA7P
.
((((((((((((((((((((((((((((( Fichiers créés 2008-02-07 to 2008-03-07 ))))))))))))))))))))))))))))))))))))
.
Pas de nouveau fichier créé dans cet espace de temps
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-07 21:17 307,968 ----a-w C:\Windows\System32\TuneUpDefragService.exe
2008-03-07 21:17 --------- d-----w C:\Users\ado\AppData\Roaming\TuneUp Software
2008-03-07 21:17 --------- d-----w C:\Program Files\TuneUp Utilities 2008
2008-03-07 21:17 --------- d-----w C:\PROGRA~2\TuneUp Software
2008-03-07 21:15 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
2008-03-07 20:50 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-03-07 18:26 --------- d-----w C:\PROGRA~2\Lavasoft
2008-03-07 18:23 --------- d-----w C:\Program Files\Lavasoft
2008-03-07 18:16 --------- d-----w C:\Program Files\Trend Micro
2008-03-07 18:03 --------- d-----w C:\Program Files\Norton Security Scan
2008-03-07 17:51 --------- d-----w C:\Program Files\Nero
2008-03-07 17:18 --------- d-----w C:\Users\ado\AppData\Roaming\uTorrent
2008-03-07 16:56 --------- d-----w C:\Program Files\Common Files\Adobe
2008-03-07 16:17 --------- d-----w C:\Program Files\Navilog1
2008-03-07 12:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-06 21:33 5,048 ----a-w C:\Windows\System32\tmp.reg
2008-03-06 21:26 --------- d-----w C:\Program Files\Ares
2008-03-06 16:59 --------- d-----w C:\PROGRA~2\eMule
2008-03-06 16:58 --------- d-----w C:\Program Files\SababaDC
2008-03-05 21:29 82,432 ----a-w C:\Windows\System32\IEDFix.exe
2008-03-05 17:02 --------- d-----w C:\Program Files\TubeMaster
2008-03-02 17:08 --------- d-----w C:\Program Files\GTA3Mods
2008-03-02 12:17 --------- d-----w C:\Program Files\Rockstar Games
2008-03-02 09:26 --------- d-----w C:\Users\ado\AppData\Roaming\LimeWire
2008-03-01 22:12 86,016 ----a-w C:\Windows\System32\VACFix.exe
2008-02-29 11:31 --------- d-----w C:\Program Files\MSN Messenger
2008-02-29 11:30 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-02-29 11:29 --------- d-----w C:\Program Files\Windows Live
2008-02-29 11:28 --------- d-----w C:\PROGRA~2\WLInstaller
2008-02-27 13:33 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-02-27 12:15 28,416 ----a-w C:\Windows\System32\uxtuneup.dll
2008-02-27 12:15 16,640 ----a-w C:\Windows\System32\authuitu.dll
2008-02-23 19:51 --------- d-----w C:\Program Files\TVAnts
2008-02-21 20:37 --------- d-----w C:\Users\ado\AppData\Roaming\vlc
2008-02-21 20:36 --------- d-----w C:\Program Files\VideoLAN
2008-02-17 19:14 722 ---ha-w C:\os848618.bin
2008-02-17 19:02 --------- d-----w C:\Program Files\Common Files\Vbox
2008-02-17 18:09 --------- d-----w C:\Program Files\PhotoFiltre
2008-02-15 21:28 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-02-13 16:49 47,360 ----a-w C:\Users\ado\AppData\Roaming\pcouffin.sys
2008-02-13 16:49 --------- d-----w C:\Users\ado\AppData\Roaming\Vso
2008-02-13 10:26 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-02-13 10:26 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
2008-02-13 10:19 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-02-13 10:19 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-02-13 10:19 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-02-13 10:19 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-02-13 10:19 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-02-13 10:19 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-02-13 10:19 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
2008-02-13 10:19 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-02-13 10:19 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-02-13 10:19 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-02-13 10:19 15,928 ----a-w C:\Windows\system32\drivers\pciide.sys
2008-02-13 10:19 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-02-13 10:18 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-13 10:18 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-13 10:18 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-13 10:18 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-13 10:18 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-13 10:18 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-02-13 10:13 824,832 ----a-w C:\Windows\System32\wininet.dll
2008-02-13 10:13 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-13 10:13 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-13 10:13 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-11 19:12 47,360 ----a-w C:\Windows\system32\drivers\pcouffin.sys
2008-02-11 16:21 --------- d-----w C:\Program Files\DivX
2008-01-30 11:33 --------- d-----w C:\Program Files\SopCast
2008-01-18 20:42 --------- d-----w C:\PROGRA~2\Symantec
2008-01-14 20:07 --------- d-----w C:\Program Files\Brother
2008-01-14 20:05 --------- d-----w C:\Users\ado\AppData\Roaming\InstallShield
2008-01-14 20:04 --------- d-----w C:\Program Files\Nuance
2008-01-14 20:04 --------- d-----w C:\PROGRA~2\ScanSoft
2008-01-14 20:03 --------- d-----w C:\Program Files\Common Files\ScanSoft Shared
2008-01-14 20:02 --------- d-----w C:\Program Files\ScanSoft
2008-01-14 20:00 --------- d-----w C:\PROGRA~2\Brother
2008-01-09 12:22 --------- d-----w C:\Program Files\Windows Mail
2008-01-09 12:01 --------- d-----w C:\Program Files\Best_Security_Tips
2008-01-09 11:50 --------- d-----w C:\Program Files\Windows Sidebar
2008-01-09 11:48 1,060,920 ----a-w C:\Windows\system32\drivers\ntfs.sys
2008-01-09 11:47 211,000 ----a-w C:\Windows\system32\drivers\volsnap.sys
2008-01-09 11:47 11,776 ----a-w C:\Windows\System32\sbunattend.exe
2008-01-09 11:18 524,288 ----a-w C:\Windows\System32\DivXsm.exe
2008-01-09 11:18 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
2008-01-09 11:18 200,704 ----a-w C:\Windows\System32\ssldivx.dll
2008-01-09 11:18 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
2008-01-09 11:16 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
2008-01-09 11:16 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
2008-01-09 11:16 81,920 ----a-w C:\Windows\System32\dpl100.dll
2008-01-09 11:16 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
2008-01-09 11:16 682,496 ----a-w C:\Windows\System32\DivX.dll
2008-01-09 11:16 196,608 ----a-w C:\Windows\System32\dtu100.dll
2007-12-14 10:32 12,632 ----a-w C:\Windows\System32\lsdelete.exe
2007-12-13 13:38 73,216 ----a-w C:\Windows\ST6UNST.EXE
2007-12-13 13:38 249,856 ------w C:\Windows\Setup1.exe
2007-12-12 11:53 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
2007-12-12 11:53 223,232 ----a-w C:\Windows\System32\WMASF.DLL
2007-12-12 11:53 1,327,104 ----a-w C:\Windows\System32\quartz.dll
2007-12-11 19:44 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
2007-12-11 19:44 57,344 ----a-w C:\Windows\System32\dpv11.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{da30eff8-ccc6-4162-a20d-67402a26a215}]
2008-01-09 13:01 1502232 --a------ C:\Program Files\Best_Security_Tips\tbBes1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{DA30EFF8-CCC6-4162-A20D-67402A26A215}"= "C:\Program Files\Best_Security_Tips\tbBes1.dll" [2008-01-09 13:01 1502232]
[HKEY_CLASSES_ROOT\clsid\{da30eff8-ccc6-4162-a20d-67402a26a215}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{DA30EFF8-CCC6-4162-A20D-67402A26A215}"= C:\Program Files\Best_Security_Tips\tbBes1.dll [2008-01-09 13:01 1502232]
[HKEY_CLASSES_ROOT\clsid\{da30eff8-ccc6-4162-a20d-67402a26a215}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-09 12:47 1232896]
"WindowsWelcomeCenter"="oobefldr.dll" [2006-11-02 13:34 2159104 C:\Windows\System32\oobefldr.dll]
"????r"="" []
"?????????"="??????????????e" []
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"ares"="C:\Program Files\Ares\Ares.exe" [ ]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-10-20 16:02 171448]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46 1460560]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [ ]
"Way bits"="C:\ProgramData\save info info.xp0yz" [ ]
"Itch ford four knob"="C:\ProgramData\proxy less bash.48bqi" [ ]
"himem"="c:\windows\himem.exe" [ ]
"ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 14:30 249856]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-09-17 21:05 1006264]
"RtHDVCpl"="RtHDVCpl.exe" [2006-12-01 14:37 4186112 C:\Windows\RtHDVCpl.exe]
"Acer Tour"="" []
"Acer Empowering Technology Monitor"="C:\Windows\system32\SysMonitor.exe" [2006-11-23 15:24 319488]
"WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 20:48 57344]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-06 23:04 464168]
"eRecoveryService"="" []
"PCMService"="C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe" [2006-11-25 00:57 151552]
"MotiveReportAgent"="C:\Program Files\Common Files\Motive\McciBootStrapper.exe" [2005-12-16 12:40 202240]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 15:02 563984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 15:06 2027792]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
"Lexmark 1200 Series"="C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe" [ ]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-09-12 05:28 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-09-12 05:28 8497696]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-09-12 05:28 81920]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 09:03 210472]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 21:12 30248]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-29 21:10 46632]
"PPort11reminder"="C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 13:46 255528]
"BrMfcWnd"="C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-12 14:51 663552]
"ControlCenter3"="C:\Program Files\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 15:58 65536]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06 29696]
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2006-12-26 00:18:20 528384]
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{7555F09B-0754-413A-B4E7-5BBE15848606}"= UDP:C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe:CyberLink PowerCinema Resident Program
"{43E270A2-6FC2-4DD1-821B-EEE0BB1DEB8C}"= TCP:C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe:CyberLink PowerCinema Resident Program
"TCP Query User{1BBE969F-1738-4EDF-8D8F-D6B72EC50E00}C:\program files\ares\ares.exe"= UDP:C:\program files\ares\ares.exe:Ares p2p for windows|Desc=Ares p2p for windows
"UDP Query User{0F430538-EA2A-40A0-BBFD-EBDE735FD3BD}C:\program files\ares\ares.exe"= TCP:C:\program files\ares\ares.exe:Ares p2p for windows|Desc=Ares p2p for windows
"TCP Query User{B269698E-ECC0-4589-A756-98CA1FBD63D9}C:\program files\limewire\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire|Desc=LimeWire
"UDP Query User{01B467DA-CACB-4765-85CF-CBA83C848785}C:\program files\limewire\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire|Desc=LimeWire
"{B5033EC7-732F-40DE-BC62-F5047EE07866}"= UDP:C:\Program Files\utorrent\utorrent.exe:µTorrent
"{FB60646B-0B22-4562-987C-8AF7D058F3DD}"= TCP:C:\Program Files\utorrent\utorrent.exe:µTorrent
"TCP Query User{08F587D7-5A55-43CE-85C3-E820D7C6CA70}C:\program files\emule\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule|Desc=eMule
"UDP Query User{EDBA8E8B-D537-4527-B125-4834AC5DD3E0}C:\program files\emule\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule|Desc=eMule
"TCP Query User{478BD115-6302-4040-889E-DF078357D02F}C:\program files\sababadc\sababadc.exe"= UDP:C:\program files\sababadc\sababadc.exe:SababaDC|Desc=SababaDC
"UDP Query User{B1BC7FA1-C86F-4288-BC3D-90EA8685500F}C:\program files\sababadc\sababadc.exe"= TCP:C:\program files\sababadc\sababadc.exe:SababaDC|Desc=SababaDC
"TCP Query User{E883E491-8357-4522-B5E6-4EDD08064436}C:\users\ado\downloads\752469@samp01b-server\samp-server.exe"= UDP:C:\users\ado\downloads\752469@samp01b-server\samp-server.exe:samp-server.exe|Desc=samp-server.exe
"UDP Query User{051C309C-55A9-4ABC-81D3-F060D749FD5B}C:\users\ado\downloads\752469@samp01b-server\samp-server.exe"= TCP:C:\users\ado\downloads\752469@samp01b-server\samp-server.exe:samp-server.exe|Desc=samp-server.exe
"TCP Query User{2ADB3372-2901-45A1-90F0-C445C7356069}C:\program files\common files\nero\nero web\setupx.exe"= UDP:C:\program files\common files\nero\nero web\setupx.exe:Nero Installer|Desc=Nero Installer
"UDP Query User{2536DF90-7538-4A3C-B068-4E462FCB7900}C:\program files\common files\nero\nero web\setupx.exe"= TCP:C:\program files\common files\nero\nero web\setupx.exe:Nero Installer|Desc=Nero Installer
"TCP Query User{E107E0A8-4785-4BB6-813E-9341081895E1}C:\users\ado\appdata\local\temp\onlineupdate8\setupxu.exe"= UDP:C:\users\ado\appdata\local\temp\onlineupdate8\setupxu.exe:setupxu.exe|Desc=setupxu.exe
"UDP Query User{1D35970B-BC84-4957-9384-9A81608FC9F4}C:\users\ado\appdata\local\temp\onlineupdate8\setupxu.exe"= TCP:C:\users\ado\appdata\local\temp\onlineupdate8\setupxu.exe:setupxu.exe|Desc=setupxu.exe
"TCP Query User{E487518F-8DC9-44FD-AE88-E9ED3A7BD0A0}C:\program files\dc++\dcplusplus.exe"= UDP:C:\program files\dc++\dcplusplus.exe
C++|Desc=DC++"UDP Query User{A096AB6B-74C8-484B-ABC1-3BBB03788AAC}C:\program files\dc++\dcplusplus.exe"= TCP:C:\program files\dc++\dcplusplus.exe
C++|Desc=DC++"{57641C82-1D49-4FBC-81FD-A2A16411853A}"= UDP:C:\Windows\System32\lxczcoms.exe:Lexmark Communications System
"{1735046F-E435-4CC2-A8D5-C8762313B59A}"= TCP:C:\Windows\System32\lxczcoms.exe:Lexmark Communications System
"{95802521-6988-49BA-A186-B720F58EA33E}"= UDP:C:\Windows\System32\spool\drivers\w32x86\3\lxczpswx.exe
rinter Status Window"{0CA9FA8D-0C4A-4896-9D79-25863A04154D}"= TCP:C:\Windows\System32\spool\drivers\w32x86\3\lxczpswx.exe
rinter Status Window"TCP Query User{F4856A94-6B09-4838-B488-75F903E66009}C:\program files\sopcast\adv\sopadver.exe"= UDP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver|Desc=SopCast Adver
"UDP Query User{2BB3E653-F4BC-486D-AF80-C863C20559CF}C:\program files\sopcast\adv\sopadver.exe"= TCP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver|Desc=SopCast Adver
"TCP Query User{7F86D674-EF0E-4EDE-BD1E-98CB16034299}C:\program files\sopcast\sopcast.exe"= UDP:C:\program files\sopcast\sopcast.exe:SopCast Main Application|Desc=SopCast Main Application
"UDP Query User{9E7E9506-00F5-40E3-B920-889372F4C31E}C:\program files\sopcast\sopcast.exe"= TCP:C:\program files\sopcast\sopcast.exe:SopCast Main Application|Desc=SopCast Main Application
"TCP Query User{D641A350-211A-4192-80BF-BB506ECD2547}C:\program files\internet explorer\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer|Desc=Internet Explorer
"UDP Query User{470EEF7F-0563-4063-A179-4597F1878DE7}C:\program files\internet explorer\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer|Desc=Internet Explorer
"TCP Query User{839CE8C7-D49F-4863-B9C6-4D8BB9EADEB5}C:\program files\tvants\tvants.exe"= UDP:C:\program files\tvants\tvants.exe:TVAnts|Desc=TVAnts
"UDP Query User{B1128E75-6F1A-46B5-BAC5-AB2904CCFF14}C:\program files\tvants\tvants.exe"= TCP:C:\program files\tvants\tvants.exe:TVAnts|Desc=TVAnts
"{471A8741-363A-42F2-AE82-8DBB4687D5F1}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)|Edge=TRUE|
"TCP Query User{77EE5C7D-941B-4C46-B587-5E8AA116DF4E}C:\users\ado\appdata\local\microsoft\windows\temporary internet files\content.ie5\51nqzhz6\installer-13398-33-nero-general-clean-tool-french[1].exe"= UDP:C:\users\ado\appdata\local\microsoft\windows\temporary internet files\content.ie5\51nqzhz6\installer-13398-33-nero-general-clean-tool-french[1].exe:installer-13398-33-nero-general-clean-tool-french[1].exe|Desc=installer-13398-33-nero-general-clean-tool-french[1].exe
"UDP Query User{C950A8F6-CCE0-46EA-A533-E829E4A84C03}C:\users\ado\appdata\local\microsoft\windows\temporary internet files\content.ie5\51nqzhz6\installer-13398-33-nero-general-clean-tool-french[1].exe"= TCP:C:\users\ado\appdata\local\microsoft\windows\temporary internet files\content.ie5\51nqzhz6\installer-13398-33-nero-general-clean-tool-french[1].exe:installer-13398-33-nero-general-clean-tool-french[1].exe|Desc=installer-13398-33-nero-general-clean-tool-french[1].exe
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe"= C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu
"C:\Acer\Empowering Technology\eDataSecurity\encryption.exe"= C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption
"C:\Acer\Empowering Technology\eDataSecurity\decryption.exe"= C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled
ecryptionR0 PSDFilter;PSDFilter;C:\Windows\system32\DRIVERS\psdfilter.sys [2007-02-06 23:04]
R0 PSDNServ;PSDNSERVER;C:\Windows\system32\drivers\PSDNServ.sys [2007-02-06 23:04]
R0 psdvdisk;psdvdisk;C:\Windows\system32\drivers\psdvdisk.sys [2006-11-08 15:11]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2007-12-04 15:52]
R2 eDataSecurity Service;eDSService.exe;"C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe" [2007-02-06 23:04]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2007-08-31 16:46]
R2 UxTuneUp;TuneUp Extension de thème;C:\Windows\System32\svchost.exe [2006-11-02 10:45]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 09:51]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.exe [2008-03-07 22:17]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5f93e3b2-651e-11dc-9aa9-806e6f6e6963}]
\shell\AutoRun\command - E:\setup.exe
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-03-07 21:22:23 C:\Windows\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
"2008-03-07 19:00:01 C:\Windows\Tasks\Norton Internet Security - Analyse système complète - ado.job"
- c:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeB/TASK:
"2008-03-07 17:00:15 C:\Windows\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
"2008-03-07 18:32:41 C:\Windows\Tasks\User_Feed_Synchronization-{89FF33B0-A040-4317-86A0-4CEDC49DA3A5}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-07 22:43:37
Windows 6.0.6000 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-03-07 22:45:23
ComboFix-quarantined-files.txt 2008-03-07 21:45:16
.
2008-03-07 11:31:39 --- E O F ---
voila ![:)]( ":)")
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:18:11, on 07.03.2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Common Files\Motive\MotiveBrowser.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Norton Security Scan\Nss.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Norton Security Scan\Nss.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.eazel.com/index.php?rvs=hompag
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBes1.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBes1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBes1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Windows\system32\SysMonitor.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [PCMService] "C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe"
O4 - HKLM\..\Run: [MotiveReportAgent] "C:\Program Files\Common Files\Motive\McciBootStrapper.exe" /url="-url=file://C:\Program Files\Common Files\Motive\ReportAgent.html" /browsertype=CustomMSIE /browserpath="C:\Program Files\Common Files\Motive\MotiveBrowser.exe" /hidden
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Way bits] "C:\ProgramData\save info info.xp0yz"
O4 - HKCU\..\Run: [Itch ford four knob] "C:\ProgramData\proxy less bash.48bqi"
O4 - HKCU\..\Run: [himem] "c:\windows\himem.exe" 3fff 8ffff
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [d85dbdf1] rundll32.exe "C:\Users\ado\AppData\Local\Temp\smnvxoqh.dll",b
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\ado\AppData\Local\Temp\jkkhi.dll,c
O4 - HKCU\..\Run: [BMdb6e8e6d] Rundll32.exe "C:\Users\ado\AppData\Local\Temp\alcrqkng.dll",s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 11123 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:18:11, on 07.03.2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Common Files\Motive\MotiveBrowser.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Norton Security Scan\Nss.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Norton Security Scan\Nss.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.eazel.com/index.php?rvs=hompag
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBes1.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBes1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBes1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Windows\system32\SysMonitor.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [PCMService] "C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe"
O4 - HKLM\..\Run: [MotiveReportAgent] "C:\Program Files\Common Files\Motive\McciBootStrapper.exe" /url="-url=file://C:\Program Files\Common Files\Motive\ReportAgent.html" /browsertype=CustomMSIE /browserpath="C:\Program Files\Common Files\Motive\MotiveBrowser.exe" /hidden
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Way bits] "C:\ProgramData\save info info.xp0yz"
O4 - HKCU\..\Run: [Itch ford four knob] "C:\ProgramData\proxy less bash.48bqi"
O4 - HKCU\..\Run: [himem] "c:\windows\himem.exe" 3fff 8ffff
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [d85dbdf1] rundll32.exe "C:\Users\ado\AppData\Local\Temp\smnvxoqh.dll",b
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\ado\AppData\Local\Temp\jkkhi.dll,c
O4 - HKCU\..\Run: [BMdb6e8e6d] Rundll32.exe "C:\Users\ado\AppData\Local\Temp\alcrqkng.dll",s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
--
End of file - 11123 bytes
Re,
Télécharge Lop S&D.exe sur ton Bureau.
Double-clique dessus pour lancer l'installation
Clic-droit sur le raccourci Lop S&D puis Exécuter en tant qu'administrateur
Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
Patiente jusqu'à la fin du scan
Poste le rapport généré (C:\lopR.txt)
(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
Télécharge Lop S&D.exe sur ton Bureau.
(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumVirus cercle rouge avec croix blanche
- ForumVirus spy sheriff croix blanche fond rouge
- ForumVirus seven bug fermeture fenetre
- ForumVirus remover 2008 bug a l'aide
- ForumMdm.exe virus bug ordi
- ForumMozilla firefox spyware virus bug
- ForumBug d'affichage menu ou virus
- ForumRalentissements et bugs repetes apres virus.
- ForumVirus trojans, worms, bugs des logiciels
- ForumVirus infecte et bug dans anti-virus
- Voir plus
