pop up
Forum Sécurité - Virus : pop up
bonjour,
depuis que mes cousins on utilisé mon portable, jai de nombreuses pop up qui ne saissent de s'ouvrir
je suis sous vista
jai scanner a avg anti-spyware, spybot et online scan avec bitdefender
voici mon log de hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:23:47, on 2008-03-25
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Acer\OrbiCam10\OrbiCam.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Acer\Empowering Technology\eDSMSNfix.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
D:\itunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\myriam\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe
C:\Users\myriam\Desktop\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.ca.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.ca.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [AcerOrbicamRibbon] "C:\Program Files\Acer\OrbiCam10\OrbiCam.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [eDSMSNfix] C:\Acer\Empowering Technology\eDSMSNfix.exe
O4 - HKLM\..\Run: [Acer Product Registration] "C:\Program Files\Acer Registration\ACE1.exe" /startup
O4 - HKLM\..\Run: [Acer Assist Launcher] C:\Program Files\Acer Assist\launcher.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\itunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Mp3 Ref] "C:\ProgramData\show once once.3p3hqu"
O4 - HKCU\..\Run: [warn default inter for] "C:\ProgramData\Keep Hole Ooze.70hmpp"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr [...] dfr-ca.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-C [...] E_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/re [...] oscan8.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/control [...] loader.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1 [...] 586-jc.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
--
End of file - 13745 bytes
merci!!
Hello ,
C'est du Lop
Désactive tes protections résidentes ( Antivirus , ... ) tu les réactivera après le scan
Télécharge Lop S&D ![[:eric_71:22]](http://img.infos-du-net.com/forum/images/perso/22/eric_71.gif "[:eric_71:22]")
< ici
Double-clique dessus pour lancer l'installation
Puis double-clique sur le raccourci Lop S&D présent sur ton bureau
Séléctionne la langue souhaitée , puis choisis l'Option 1 ( Recherche )
Patiente jusqu'à la fin du scan
Poste le rapport généré ( C:\lopR.txt )
( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )
- Mode Sans Echec -
Répondre à Eric_71
salut
voici le rapport
-----------------------[ Lop S&D 4.1.0-1 XP/Vista ]---------------------
[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : myriam ] [ "C:\Lop SD" ]
[ 2008-03-25 | 21:56:08,51 ] [ PC : PC-DE-MYRIAM ]
[ MAJ : 24-03-2008 | 18:42 ]
[ UAC => 0 ]
-------------[ Listing des dossiers dans Application Data ]------------
[2008-03-25|18:50] C:\Users\myriam\AppData\Roaming\Acer\Acer Assist
[2007-08-31|09:06] C:\Users\myriam\AppData\Roaming\Acer\..
[2007-08-31|09:06] C:\Users\myriam\AppData\Roaming\Acer\.
[2007-09-06|20:47] C:\Users\myriam\AppData\Roaming\Adobe\Linguistics
[2007-09-06|20:47] C:\Users\myriam\AppData\Roaming\Adobe\..
[2007-09-06|20:47] C:\Users\myriam\AppData\Roaming\Adobe\.
[2007-09-06|20:46] C:\Users\myriam\AppData\Roaming\Adobe\Acrobat
[2008-03-25|12:26] C:\Users\myriam\AppData\Roaming\Apple Computer\iTunes
[2007-09-02|19:16] C:\Users\myriam\AppData\Roaming\Apple Computer\..
[2007-09-02|19:16] C:\Users\myriam\AppData\Roaming\Apple Computer\.
[2007-09-16|11:12] C:\Users\myriam\AppData\Roaming\CyberLink\..
[2007-09-16|11:12] C:\Users\myriam\AppData\Roaming\CyberLink\.
[2007-09-16|11:12] C:\Users\myriam\AppData\Roaming\CyberLink\MediaCache
[2007-09-16|11:12] C:\Users\myriam\AppData\Roaming\CyberLink\PowerProducer
[2007-09-16|11:12] C:\Users\myriam\AppData\Roaming\CyberLink\PowerCinema
[2007-09-16|11:12] C:\Users\myriam\AppData\Roaming\CyberLink\PowerDVD
[2008-03-09|15:44] C:\Users\myriam\AppData\Roaming\Google\Local Search History
[2007-09-04|22:27] C:\Users\myriam\AppData\Roaming\Google\..
[2007-09-04|22:27] C:\Users\myriam\AppData\Roaming\Google\.
[2008-03-25|14:16] C:\Users\myriam\AppData\Roaming\Grisoft\AVG Antispyware 7.5
[2008-03-25|14:15] C:\Users\myriam\AppData\Roaming\Grisoft\..
[2008-03-25|14:15] C:\Users\myriam\AppData\Roaming\Grisoft\.
[2008-02-20|23:39] C:\Users\myriam\AppData\Roaming\HP\Digital Imaging
[2008-02-20|23:39] C:\Users\myriam\AppData\Roaming\HP\..
[2008-02-20|23:39] C:\Users\myriam\AppData\Roaming\HP\.
[2008-01-29|23:03] C:\Users\myriam\AppData\Roaming\HP\ScLogs
[2008-01-20|23:04] C:\Users\myriam\AppData\Roaming\HPAppData\..
[2008-01-20|23:04] C:\Users\myriam\AppData\Roaming\HPAppData\.
[2007-03-02|14:10] C:\Users\myriam\AppData\Roaming\HPAppData\RegClean.dll
[2007-08-31|09:06] C:\Users\myriam\AppData\Roaming\Identities\..
[2007-08-31|09:06] C:\Users\myriam\AppData\Roaming\Identities\{9314CC2C-B50B-440A-90EC-26ABCD18C3B3}
[2007-08-31|09:06] C:\Users\myriam\AppData\Roaming\Identities\.
[2007-11-27|22:12] C:\Users\myriam\AppData\Roaming\LANCITE\EPhoto
[2007-11-27|22:12] C:\Users\myriam\AppData\Roaming\LANCITE\..
[2007-11-27|22:12] C:\Users\myriam\AppData\Roaming\LANCITE\.
[2007-08-31|22:38] C:\Users\myriam\AppData\Roaming\Leadertech\PowerRegister
[2007-08-31|09:06] C:\Users\myriam\AppData\Roaming\Leadertech\..
[2007-08-31|09:06] C:\Users\myriam\AppData\Roaming\Leadertech\.
[2008-03-25|17:58] C:\Users\myriam\AppData\Roaming\Macromedia\Flash Player
[2007-08-31|09:05] C:\Users\myriam\AppData\Roaming\Macromedia\..
[2007-08-31|09:05] C:\Users\myriam\AppData\Roaming\Macromedia\.
[2006-11-02|09:37] C:\Users\myriam\AppData\Roaming\Media Center Programs\..
[2006-11-02|09:37] C:\Users\myriam\AppData\Roaming\Media Center Programs\.
[2008-03-25|11:09] C:\Users\myriam\AppData\Roaming\Microsoft\Templates
[2008-03-25|07:49] C:\Users\myriam\AppData\Roaming\Microsoft\Word
[2008-03-14|18:19] C:\Users\myriam\AppData\Roaming\Microsoft\..
[2008-03-14|18:19] C:\Users\myriam\AppData\Roaming\Microsoft\.
[2008-03-12|23:06] C:\Users\myriam\AppData\Roaming\Microsoft\Office
[2008-03-12|15:53] C:\Users\myriam\AppData\Roaming\Microsoft\Excel
[2008-03-05|01:21] C:\Users\myriam\AppData\Roaming\Microsoft\CLR Security Config
[2008-02-27|13:24] C:\Users\myriam\AppData\Roaming\Microsoft\MSN Messenger
[2008-02-23|17:31] C:\Users\myriam\AppData\Roaming\Microsoft\CLView
[2008-02-20|16:35] C:\Users\myriam\AppData\Roaming\Microsoft\UProof
[2008-02-13|22:43] C:\Users\myriam\AppData\Roaming\Microsoft\Document Building Blocks
[2008-02-13|14:50] C:\Users\myriam\AppData\Roaming\Microsoft\Proof
[2008-02-08|17:24] C:\Users\myriam\AppData\Roaming\Microsoft\MMC
[2007-12-31|12:21] C:\Users\myriam\AppData\Roaming\Microsoft\Internet Explorer
[2007-10-26|15:05] C:\Users\myriam\AppData\Roaming\Microsoft\Windows Live Photo Gallery
[2007-10-13|23:58] C:\Users\myriam\AppData\Roaming\Microsoft\eHome
[2007-09-28|23:27] C:\Users\myriam\AppData\Roaming\Microsoft\OIS
[2007-09-16|11:08] C:\Users\myriam\AppData\Roaming\Microsoft\AddIns
[2007-09-09|22:31] C:\Users\myriam\AppData\Roaming\Microsoft\Windows Photo Gallery
[2007-09-06|14:17] C:\Users\myriam\AppData\Roaming\Microsoft\IdentityCRL
[2007-09-02|19:06] C:\Users\myriam\AppData\Roaming\Microsoft\HTML Help
[2007-09-02|18:34] C:\Users\myriam\AppData\Roaming\Microsoft\Crypto
[2007-08-31|12:26] C:\Users\myriam\AppData\Roaming\Microsoft\WLTB Custom Buttons
[2007-08-31|09:07] C:\Users\myriam\AppData\Roaming\Microsoft\SystemCertificates
[2007-08-31|09:05] C:\Users\myriam\AppData\Roaming\Microsoft\Protect
[2007-08-31|09:05] C:\Users\myriam\AppData\Roaming\Microsoft\Credentials
[2006-11-02|08:18] C:\Users\myriam\AppData\Roaming\Microsoft\Windows
[2008-03-25|21:52] C:\Users\myriam\AppData\Roaming\Skype\..
[2008-03-25|21:52] C:\Users\myriam\AppData\Roaming\Skype\.
[2008-03-25|21:52] C:\Users\myriam\AppData\Roaming\Skype\shared.xml
[2008-03-25|21:52] C:\Users\myriam\AppData\Roaming\Skype\myriam.moore
[2007-12-21|01:08] C:\Users\myriam\AppData\Roaming\Skype\Pictures
[2007-10-20|23:25] C:\Users\myriam\AppData\Roaming\Skype\Content
[2007-10-17|07:20] C:\Users\myriam\AppData\Roaming\Skype\shared.lck
[2007-09-03|18:57] C:\Users\myriam\AppData\Roaming\Sun\..
[2007-09-03|18:57] C:\Users\myriam\AppData\Roaming\Sun\Java
[2007-09-03|18:57] C:\Users\myriam\AppData\Roaming\Sun\.
[2008-01-13|09:11] C:\Users\myriam\AppData\Roaming\ZoomBrowser EX\ZB20080113080429001.xml
[2008-01-13|09:11] C:\Users\myriam\AppData\Roaming\ZoomBrowser EX\..
[2008-01-13|09:11] C:\Users\myriam\AppData\Roaming\ZoomBrowser EX\.
----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------
[2008-03-25 15:39][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{61E2CDC5-E20B-4836-9AE6-0F0FF29FEE78}.job
[2008-03-14 21:38][--a------] C:\Windows\tasks\Norton Internet Security - Analyse systŠme complŠte - myriam.job
[2008-03-25 21:55][--ah-----] C:\Windows\tasks\SA.DAT
[2008-03-25 21:54][--a------] C:\Windows\tasks\SCHEDLGU.TXT
------[ Listing des dossiers dans C:\ProgramData ]------
[2008-03-25|14:14] C:\ProgramData\.
[2008-03-25|14:14] C:\ProgramData\..
[2008-03-13|14:36] C:\ProgramData\Adobe
[2007-09-02|18:56] C:\ProgramData\Apple
[2007-09-02|19:16] C:\ProgramData\Apple Computer
[2006-11-02|10:02] C:\ProgramData\Application Data
[2007-08-31|08:53] C:\ProgramData\Bureau
[2008-02-27|16:10] C:\ProgramData\closemultimedia
[2007-09-16|11:12] C:\ProgramData\CyberLink
[2006-11-02|10:02] C:\ProgramData\Desktop
[2006-11-02|10:02] C:\ProgramData\Documents
[2007-08-31|08:53] C:\ProgramData\Favoris
[2006-11-02|10:02] C:\ProgramData\Favorites
[2008-03-09|15:44] C:\ProgramData\Google
[2008-03-25|14:14] C:\ProgramData\Grisoft
[2008-01-20|23:07] C:\ProgramData\Hewlett-Packard
[2008-01-20|23:11] C:\ProgramData\HP
[2008-01-20|23:00] C:\ProgramData\HP Product Assistant
[2008-01-20|23:04] C:\ProgramData\HPSSUPPLY
[2008-03-12|13:19] C:\ProgramData\hpzinstall.log
[2007-08-31|09:06] C:\ProgramData\InstallShield
[2008-02-27|16:10] C:\ProgramData\Keep Hole Ooze.70hmpp
[2008-03-25|18:14] C:\ProgramData\Lavasoft
[2008-01-30|08:42] C:\ProgramData\LightScribe
[2007-08-31|08:53] C:\ProgramData\Menu D‚marrer
[2008-03-12|22:33] C:\ProgramData\Messenger Plus!
[2008-03-14|18:28] C:\ProgramData\Microsoft
[2008-03-12|23:23] C:\ProgramData\Microsoft Help
[2007-08-31|08:53] C:\ProgramData\ModŠles
[2007-07-13|00:08] C:\ProgramData\QMI
[2008-02-27|16:10] C:\ProgramData\show once once.3p3hqu
[2008-02-27|16:10] C:\ProgramData\show once once.8bb8q5a
[2007-10-16|19:42] C:\ProgramData\Skype
[2008-03-25|13:42] C:\ProgramData\Spybot - Search & Destroy
[2006-11-02|10:02] C:\ProgramData\Start Menu
[2008-03-25|19:04] C:\ProgramData\Symantec
[2008-03-14|18:23] C:\ProgramData\TEMP
[2006-11-02|10:02] C:\ProgramData\Templates
[2008-02-27|16:10] C:\ProgramData\Time Dead Warn Default
[2008-01-20|23:10] C:\ProgramData\WEBREG
[2008-02-27|13:57] C:\ProgramData\WLInstaller
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[2008-03-25|18:19] C:\Program Files\.
[2008-03-25|18:19] C:\Program Files\..
[2007-07-13|00:19] C:\Program Files\Acer
[2004-11-18|09:00] C:\Program Files\Acer Arcade Deluxe
[2007-08-31|09:05] C:\Program Files\Acer Assist
[2007-08-31|09:05] C:\Program Files\Acer Inc
[2007-08-31|09:05] C:\Program Files\Acer Registration
[2008-03-13|14:35] C:\Program Files\Adobe
[2007-10-07|22:24] C:\Program Files\Apple Software Update
[2008-01-02|14:46] C:\Program Files\Canon
[2008-03-25|14:05] C:\Program Files\CCleaner
[2008-02-27|16:09] C:\Program Files\Circle Developement
[2008-03-25|18:14] C:\Program Files\Common Files
[2004-11-18|09:02] C:\Program Files\CyberLink
[2007-09-01|22:34] C:\Program Files\desktop.ini
[2007-08-31|08:53] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[2008-03-10|07:38] C:\Program Files\Google
[2008-03-25|14:14] C:\Program Files\Grisoft
[2008-01-20|22:59] C:\Program Files\Hewlett-Packard
[2008-01-20|23:04] C:\Program Files\HP
[2007-10-04|12:40] C:\Program Files\InstallShield Installation Information
[2008-02-13|23:19] C:\Program Files\Internet Explorer
[2008-03-04|22:04] C:\Program Files\iPod
[2007-11-27|21:44] C:\Program Files\Java
[2008-02-27|16:09] C:\Program Files\Messenger Plus! Live
[2007-09-01|13:08] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2006-11-02|09:37] C:\Program Files\Microsoft Games
[2007-12-08|19:51] C:\Program Files\Microsoft Office
[2007-10-11|17:06] C:\Program Files\Microsoft SQL Server Compact Edition
[2008-02-13|15:41] C:\Program Files\Microsoft Visual Studio
[2008-02-13|15:33] C:\Program Files\Microsoft Visual Studio 8
[2008-02-13|15:42] C:\Program Files\Microsoft Works
[2008-02-13|15:40] C:\Program Files\Microsoft.NET
[2006-11-02|09:42] C:\Program Files\Movie Maker
[2008-02-13|15:41] C:\Program Files\MSBuild
[2007-12-08|19:50] C:\Program Files\MSECache
[2006-11-02|09:37] C:\Program Files\MSN
[2007-10-12|09:54] C:\Program Files\MSN Messenger
[2007-09-01|13:00] C:\Program Files\MSXML 4.0
[2004-11-18|09:05] C:\Program Files\NewTech Infosystems
[2008-02-01|13:52] C:\Program Files\Norton Internet Security
[2008-03-04|22:02] C:\Program Files\QuickTime
[2007-07-13|00:16] C:\Program Files\Realtek
[2006-11-02|09:37] C:\Program Files\Reference Assemblies
[2007-10-16|19:42] C:\Program Files\Skype
[2008-03-25|13:25] C:\Program Files\Spybot - Search & Destroy
[2008-02-01|10:37] C:\Program Files\Symantec
[2004-11-18|08:35] C:\Program Files\Synaptics
[2006-11-02|10:01] C:\Program Files\Uninstall Information
[2007-09-01|22:32] C:\Program Files\Windows Calendar
[2006-11-02|09:42] C:\Program Files\Windows Collaboration
[2007-09-01|22:32] C:\Program Files\Windows Defender
[2006-11-02|09:42] C:\Program Files\Windows Journal
[2008-02-28|07:40] C:\Program Files\Windows Live
[2007-09-06|15:12] C:\Program Files\Windows Live Toolbar
[2007-11-14|23:13] C:\Program Files\Windows Mail
[2007-11-15|00:16] C:\Program Files\Windows Media Player
[2007-08-31|08:53] C:\Program Files\Windows NT
[2006-11-02|09:42] C:\Program Files\Windows Photo Gallery
[2008-01-10|00:30] C:\Program Files\Windows Sidebar
[2007-09-16|10:36] C:\Program Files\WinISO
[2008-03-11|11:28] C:\Program Files\Yahoo!
------[ Listing des dossiers dans C:\Program Files\Common Files ]------
[2008-03-25|18:14] C:\Program Files\Common Files\.
[2008-03-25|18:14] C:\Program Files\Common Files\..
[2007-07-13|00:20] C:\Program Files\Common Files\Acer
[2008-03-13|14:36] C:\Program Files\Common Files\Adobe
[2007-09-02|18:56] C:\Program Files\Common Files\Apple
[2008-01-02|14:39] C:\Program Files\Common Files\Canon
[2008-02-13|15:41] C:\Program Files\Common Files\DESIGNER
[2008-01-20|22:59] C:\Program Files\Common Files\Hewlett-Packard
[2008-01-20|23:00] C:\Program Files\Common Files\HP
[2007-08-31|09:05] C:\Program Files\Common Files\InstallShield
[2007-11-27|21:42] C:\Program Files\Common Files\Java
[2004-11-18|09:05] C:\Program Files\Common Files\LightScribe
[2007-07-13|00:20] C:\Program Files\Common Files\Logitech
[2008-02-27|14:04] C:\Program Files\Common Files\microsoft shared
[2004-11-18|09:04] C:\Program Files\Common Files\muvee Technologies
[2004-11-18|09:05] C:\Program Files\Common Files\NewTech Infosystems
[2006-11-02|08:18] C:\Program Files\Common Files\Services
[2007-10-16|19:42] C:\Program Files\Common Files\Skype
[2006-11-02|08:18] C:\Program Files\Common Files\SpeechEngines
[2008-02-28|15:15] C:\Program Files\Common Files\Symantec Shared
[2008-02-13|15:47] C:\Program Files\Common Files\System
[2008-02-27|14:02] C:\Program Files\Common Files\WindowsLiveInstaller
----------------------[ Recherche avec S_Lop ]---------------------
C:\ProgramData\Keep Hole Ooze.70hmpp
C:\ProgramData\show once once.3p3hqu
C:\ProgramData\show once once.8bb8q5a
C:\ProgramData\Keep Hole Ooze.70hmpp
C:\ProgramData\show once once.8bb8q5a
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
C:\ProgramData\Time Dead Warn Default
C:\ProgramData\Time Dead Warn Default\Pop wipe.exe
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
----------------------[ Verification du Registre ]----------------------
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-25 21:59:47
Windows 6.0.6000 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:702][Doss:16] C:\Users\myriam\AppData\Local\Temp
/!\ [Fich:66][Doss:1] C:\Users\myriam\AppData\Roaming\MICROS~1\Windows\Cookies
/!\ [Fich:54][Doss:5] C:\Users\myriam\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[ UAC => 1 ]
--------------------[ Fin du rapport a 22:00:04,59 ]----------------------
Ok ,
Relance Lop S&D
Choisis cette fois ci l'Option 2 ( Suppression )
Ne ferme pas la fenêtre lors de la suppression !
Poste le rapport généré ( C:\lopR.txt )
( Si le Bureau ne réapparaît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide )
C:\ProgramData\closemultimedia <- Supprime ce dossier
ok,
voila le nouveau rapport
-----------------------[ Lop S&D 4.1.0-1 XP/Vista ]---------------------
[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : myriam ] [ "C:\Lop SD" ]
[ 2008-03-26 | 10:57:50,62 ] [ PC : PC-DE-MYRIAM ]
[ MAJ : 24-03-2008 | 18:42 ]
[ UAC => 0 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////
Supprimé! - C:\ProgramData\Time Dead Warn Default\Pop wipe.exe
Supprimé! - C:\Program Files\Circle Developement\Uninstall.exe
Supprimé! - C:\ProgramData\Keep Hole Ooze.70hmpp
Supprimé! - C:\ProgramData\show once once.3p3hqu
Supprimé! - C:\ProgramData\show once once.8bb8q5a
Supprimé! - C:\ProgramData\Time Dead Warn Default
Supprimé! - C:\Program Files\Circle Developement
Restauré! - Fichier Hosts
//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
-------------[ Listing des dossiers dans Application Data ]------------
[2008-03-25|18:50] C:\Users\myriam\AppData\Roaming\Acer\Acer Assist
[2007-08-31|09:06] C:\Users\myriam\AppData\Roaming\Acer\..
[2007-08-31|09:06] C:\Users\myriam\AppData\Roaming\Acer\.
[2007-09-06|20:47] C:\Users\myriam\AppData\Roaming\Adobe\Linguistics
[2007-09-06|20:47] C:\Users\myriam\AppData\Roaming\Adobe\..
[2007-09-06|20:47] C:\Users\myriam\AppData\Roaming\Adobe\.
[2007-09-06|20:46] C:\Users\myriam\AppData\Roaming\Adobe\Acrobat
[2008-03-25|12:26] C:\Users\myriam\AppData\Roaming\Apple Computer\iTunes
[2007-09-02|19:16] C:\Users\myriam\AppData\Roaming\Apple Computer\..
[2007-09-02|19:16] C:\Users\myriam\AppData\Roaming\Apple Computer\.
[2007-09-16|11:12] C:\Users\myriam\AppData\Roaming\CyberLink\..
[2007-09-16|11:12] C:\Users\myriam\AppData\Roaming\CyberLink\.
[2007-09-16|11:12] C:\Users\myriam\AppData\Roaming\CyberLink\MediaCache
[2007-09-16|11:12] C:\Users\myriam\AppData\Roaming\CyberLink\PowerProducer
[2007-09-16|11:12] C:\Users\myriam\AppData\Roaming\CyberLink\PowerCinema
[2007-09-16|11:12] C:\Users\myriam\AppData\Roaming\CyberLink\PowerDVD
[2008-03-09|15:44] C:\Users\myriam\AppData\Roaming\Google\Local Search History
[2007-09-04|22:27] C:\Users\myriam\AppData\Roaming\Google\..
[2007-09-04|22:27] C:\Users\myriam\AppData\Roaming\Google\.
[2008-03-25|14:16] C:\Users\myriam\AppData\Roaming\Grisoft\AVG Antispyware 7.5
[2008-03-25|14:15] C:\Users\myriam\AppData\Roaming\Grisoft\..
[2008-03-25|14:15] C:\Users\myriam\AppData\Roaming\Grisoft\.
[2008-02-20|23:39] C:\Users\myriam\AppData\Roaming\HP\Digital Imaging
[2008-02-20|23:39] C:\Users\myriam\AppData\Roaming\HP\..
[2008-02-20|23:39] C:\Users\myriam\AppData\Roaming\HP\.
[2008-01-29|23:03] C:\Users\myriam\AppData\Roaming\HP\ScLogs
[2008-01-20|23:04] C:\Users\myriam\AppData\Roaming\HPAppData\..
[2008-01-20|23:04] C:\Users\myriam\AppData\Roaming\HPAppData\.
[2007-03-02|14:10] C:\Users\myriam\AppData\Roaming\HPAppData\RegClean.dll
[2007-08-31|09:06] C:\Users\myriam\AppData\Roaming\Identities\..
[2007-08-31|09:06] C:\Users\myriam\AppData\Roaming\Identities\{9314CC2C-B50B-440A-90EC-26ABCD18C3B3}
[2007-08-31|09:06] C:\Users\myriam\AppData\Roaming\Identities\.
[2007-11-27|22:12] C:\Users\myriam\AppData\Roaming\LANCITE\EPhoto
[2007-11-27|22:12] C:\Users\myriam\AppData\Roaming\LANCITE\..
[2007-11-27|22:12] C:\Users\myriam\AppData\Roaming\LANCITE\.
[2007-08-31|22:38] C:\Users\myriam\AppData\Roaming\Leadertech\PowerRegister
[2007-08-31|09:06] C:\Users\myriam\AppData\Roaming\Leadertech\..
[2007-08-31|09:06] C:\Users\myriam\AppData\Roaming\Leadertech\.
[2008-03-25|17:58] C:\Users\myriam\AppData\Roaming\Macromedia\Flash Player
[2007-08-31|09:05] C:\Users\myriam\AppData\Roaming\Macromedia\..
[2007-08-31|09:05] C:\Users\myriam\AppData\Roaming\Macromedia\.
[2006-11-02|09:37] C:\Users\myriam\AppData\Roaming\Media Center Programs\..
[2006-11-02|09:37] C:\Users\myriam\AppData\Roaming\Media Center Programs\.
[2008-03-25|11:09] C:\Users\myriam\AppData\Roaming\Microsoft\Templates
[2008-03-25|07:49] C:\Users\myriam\AppData\Roaming\Microsoft\Word
[2008-03-14|18:19] C:\Users\myriam\AppData\Roaming\Microsoft\..
[2008-03-14|18:19] C:\Users\myriam\AppData\Roaming\Microsoft\.
[2008-03-12|23:06] C:\Users\myriam\AppData\Roaming\Microsoft\Office
[2008-03-12|15:53] C:\Users\myriam\AppData\Roaming\Microsoft\Excel
[2008-03-05|01:21] C:\Users\myriam\AppData\Roaming\Microsoft\CLR Security Config
[2008-02-27|13:24] C:\Users\myriam\AppData\Roaming\Microsoft\MSN Messenger
[2008-02-23|17:31] C:\Users\myriam\AppData\Roaming\Microsoft\CLView
[2008-02-20|16:35] C:\Users\myriam\AppData\Roaming\Microsoft\UProof
[2008-02-13|22:43] C:\Users\myriam\AppData\Roaming\Microsoft\Document Building Blocks
[2008-02-13|14:50] C:\Users\myriam\AppData\Roaming\Microsoft\Proof
[2008-02-08|17:24] C:\Users\myriam\AppData\Roaming\Microsoft\MMC
[2007-12-31|12:21] C:\Users\myriam\AppData\Roaming\Microsoft\Internet Explorer
[2007-10-26|15:05] C:\Users\myriam\AppData\Roaming\Microsoft\Windows Live Photo Gallery
[2007-10-13|23:58] C:\Users\myriam\AppData\Roaming\Microsoft\eHome
[2007-09-28|23:27] C:\Users\myriam\AppData\Roaming\Microsoft\OIS
[2007-09-16|11:08] C:\Users\myriam\AppData\Roaming\Microsoft\AddIns
[2007-09-09|22:31] C:\Users\myriam\AppData\Roaming\Microsoft\Windows Photo Gallery
[2007-09-06|14:17] C:\Users\myriam\AppData\Roaming\Microsoft\IdentityCRL
[2007-09-02|19:06] C:\Users\myriam\AppData\Roaming\Microsoft\HTML Help
[2007-09-02|18:34] C:\Users\myriam\AppData\Roaming\Microsoft\Crypto
[2007-08-31|12:26] C:\Users\myriam\AppData\Roaming\Microsoft\WLTB Custom Buttons
[2007-08-31|09:07] C:\Users\myriam\AppData\Roaming\Microsoft\SystemCertificates
[2007-08-31|09:05] C:\Users\myriam\AppData\Roaming\Microsoft\Protect
[2007-08-31|09:05] C:\Users\myriam\AppData\Roaming\Microsoft\Credentials
[2006-11-02|08:18] C:\Users\myriam\AppData\Roaming\Microsoft\Windows
[2008-03-26|10:58] C:\Users\myriam\AppData\Roaming\Skype\..
[2008-03-26|10:58] C:\Users\myriam\AppData\Roaming\Skype\.
[2008-03-26|10:58] C:\Users\myriam\AppData\Roaming\Skype\shared.xml
[2008-03-26|10:58] C:\Users\myriam\AppData\Roaming\Skype\myriam.moore
[2007-12-21|01:08] C:\Users\myriam\AppData\Roaming\Skype\Pictures
[2007-10-20|23:25] C:\Users\myriam\AppData\Roaming\Skype\Content
[2007-10-17|07:20] C:\Users\myriam\AppData\Roaming\Skype\shared.lck
[2007-09-03|18:57] C:\Users\myriam\AppData\Roaming\Sun\..
[2007-09-03|18:57] C:\Users\myriam\AppData\Roaming\Sun\Java
[2007-09-03|18:57] C:\Users\myriam\AppData\Roaming\Sun\.
[2008-01-13|09:11] C:\Users\myriam\AppData\Roaming\ZoomBrowser EX\ZB20080113080429001.xml
[2008-01-13|09:11] C:\Users\myriam\AppData\Roaming\ZoomBrowser EX\..
[2008-01-13|09:11] C:\Users\myriam\AppData\Roaming\ZoomBrowser EX\.
----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------
[2008-03-25 15:39][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{61E2CDC5-E20B-4836-9AE6-0F0FF29FEE78}.job
[2008-03-14 21:38][--a------] C:\Windows\tasks\Norton Internet Security - Analyse systŠme complŠte - myriam.job
[2008-03-26 10:56][--ah-----] C:\Windows\tasks\SA.DAT
[2008-03-26 10:55][--a------] C:\Windows\tasks\SCHEDLGU.TXT
------[ Listing des dossiers dans C:\ProgramData ]------
[2008-03-26|10:58] C:\ProgramData\.
[2008-03-26|10:58] C:\ProgramData\..
[2008-03-13|14:36] C:\ProgramData\Adobe
[2007-09-02|18:56] C:\ProgramData\Apple
[2007-09-02|19:16] C:\ProgramData\Apple Computer
[2006-11-02|10:02] C:\ProgramData\Application Data
[2007-08-31|08:53] C:\ProgramData\Bureau
[2008-02-27|16:10] C:\ProgramData\closemultimedia
[2007-09-16|11:12] C:\ProgramData\CyberLink
[2006-11-02|10:02] C:\ProgramData\Desktop
[2006-11-02|10:02] C:\ProgramData\Documents
[2007-08-31|08:53] C:\ProgramData\Favoris
[2006-11-02|10:02] C:\ProgramData\Favorites
[2008-03-09|15:44] C:\ProgramData\Google
[2008-03-25|14:14] C:\ProgramData\Grisoft
[2008-01-20|23:07] C:\ProgramData\Hewlett-Packard
[2008-01-20|23:11] C:\ProgramData\HP
[2008-01-20|23:00] C:\ProgramData\HP Product Assistant
[2008-01-20|23:04] C:\ProgramData\HPSSUPPLY
[2008-03-12|13:19] C:\ProgramData\hpzinstall.log
[2007-08-31|09:06] C:\ProgramData\InstallShield
[2008-03-25|18:14] C:\ProgramData\Lavasoft
[2008-01-30|08:42] C:\ProgramData\LightScribe
[2007-08-31|08:53] C:\ProgramData\Menu D‚marrer
[2008-03-12|22:33] C:\ProgramData\Messenger Plus!
[2008-03-14|18:28] C:\ProgramData\Microsoft
[2008-03-12|23:23] C:\ProgramData\Microsoft Help
[2007-08-31|08:53] C:\ProgramData\ModŠles
[2007-07-13|00:08] C:\ProgramData\QMI
[2007-10-16|19:42] C:\ProgramData\Skype
[2008-03-25|13:42] C:\ProgramData\Spybot - Search & Destroy
[2006-11-02|10:02] C:\ProgramData\Start Menu
[2008-03-25|22:03] C:\ProgramData\Symantec
[2008-03-14|18:23] C:\ProgramData\TEMP
[2006-11-02|10:02] C:\ProgramData\Templates
[2008-01-20|23:10] C:\ProgramData\WEBREG
[2008-02-27|13:57] C:\ProgramData\WLInstaller
---------------[ Listing des dossiers dans C:\Program Files ]--------------
[2008-03-26|10:58] C:\Program Files\.
[2008-03-26|10:58] C:\Program Files\..
[2007-07-13|00:19] C:\Program Files\Acer
[2004-11-18|09:00] C:\Program Files\Acer Arcade Deluxe
[2007-08-31|09:05] C:\Program Files\Acer Assist
[2007-08-31|09:05] C:\Program Files\Acer Inc
[2007-08-31|09:05] C:\Program Files\Acer Registration
[2008-03-13|14:35] C:\Program Files\Adobe
[2007-10-07|22:24] C:\Program Files\Apple Software Update
[2008-01-02|14:46] C:\Program Files\Canon
[2008-03-25|14:05] C:\Program Files\CCleaner
[2008-03-25|18:14] C:\Program Files\Common Files
[2004-11-18|09:02] C:\Program Files\CyberLink
[2007-09-01|22:34] C:\Program Files\desktop.ini
[2007-08-31|08:53] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[2008-03-10|07:38] C:\Program Files\Google
[2008-03-25|14:14] C:\Program Files\Grisoft
[2008-01-20|22:59] C:\Program Files\Hewlett-Packard
[2008-01-20|23:04] C:\Program Files\HP
[2007-10-04|12:40] C:\Program Files\InstallShield Installation Information
[2008-02-13|23:19] C:\Program Files\Internet Explorer
[2008-03-04|22:04] C:\Program Files\iPod
[2007-11-27|21:44] C:\Program Files\Java
[2008-02-27|16:09] C:\Program Files\Messenger Plus! Live
[2007-09-01|13:08] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2006-11-02|09:37] C:\Program Files\Microsoft Games
[2007-12-08|19:51] C:\Program Files\Microsoft Office
[2007-10-11|17:06] C:\Program Files\Microsoft SQL Server Compact Edition
[2008-02-13|15:41] C:\Program Files\Microsoft Visual Studio
[2008-02-13|15:33] C:\Program Files\Microsoft Visual Studio 8
[2008-02-13|15:42] C:\Program Files\Microsoft Works
[2008-02-13|15:40] C:\Program Files\Microsoft.NET
[2006-11-02|09:42] C:\Program Files\Movie Maker
[2008-02-13|15:41] C:\Program Files\MSBuild
[2007-12-08|19:50] C:\Program Files\MSECache
[2006-11-02|09:37] C:\Program Files\MSN
[2007-10-12|09:54] C:\Program Files\MSN Messenger
[2007-09-01|13:00] C:\Program Files\MSXML 4.0
[2004-11-18|09:05] C:\Program Files\NewTech Infosystems
[2008-02-01|13:52] C:\Program Files\Norton Internet Security
[2008-03-04|22:02] C:\Program Files\QuickTime
[2007-07-13|00:16] C:\Program Files\Realtek
[2006-11-02|09:37] C:\Program Files\Reference Assemblies
[2007-10-16|19:42] C:\Program Files\Skype
[2008-03-25|13:25] C:\Program Files\Spybot - Search & Destroy
[2008-02-01|10:37] C:\Program Files\Symantec
[2004-11-18|08:35] C:\Program Files\Synaptics
[2006-11-02|10:01] C:\Program Files\Uninstall Information
[2007-09-01|22:32] C:\Program Files\Windows Calendar
[2006-11-02|09:42] C:\Program Files\Windows Collaboration
[2007-09-01|22:32] C:\Program Files\Windows Defender
[2006-11-02|09:42] C:\Program Files\Windows Journal
[2008-02-28|07:40] C:\Program Files\Windows Live
[2007-09-06|15:12] C:\Program Files\Windows Live Toolbar
[2007-11-14|23:13] C:\Program Files\Windows Mail
[2007-11-15|00:16] C:\Program Files\Windows Media Player
[2007-08-31|08:53] C:\Program Files\Windows NT
[2006-11-02|09:42] C:\Program Files\Windows Photo Gallery
[2008-01-10|00:30] C:\Program Files\Windows Sidebar
[2007-09-16|10:36] C:\Program Files\WinISO
[2008-03-11|11:28] C:\Program Files\Yahoo!
------[ Listing des dossiers dans C:\Program Files\Common Files ]------
[2008-03-25|18:14] C:\Program Files\Common Files\.
[2008-03-25|18:14] C:\Program Files\Common Files\..
[2007-07-13|00:20] C:\Program Files\Common Files\Acer
[2008-03-13|14:36] C:\Program Files\Common Files\Adobe
[2007-09-02|18:56] C:\Program Files\Common Files\Apple
[2008-01-02|14:39] C:\Program Files\Common Files\Canon
[2008-02-13|15:41] C:\Program Files\Common Files\DESIGNER
[2008-01-20|22:59] C:\Program Files\Common Files\Hewlett-Packard
[2008-01-20|23:00] C:\Program Files\Common Files\HP
[2007-08-31|09:05] C:\Program Files\Common Files\InstallShield
[2007-11-27|21:42] C:\Program Files\Common Files\Java
[2004-11-18|09:05] C:\Program Files\Common Files\LightScribe
[2007-07-13|00:20] C:\Program Files\Common Files\Logitech
[2008-02-27|14:04] C:\Program Files\Common Files\microsoft shared
[2004-11-18|09:04] C:\Program Files\Common Files\muvee Technologies
[2004-11-18|09:05] C:\Program Files\Common Files\NewTech Infosystems
[2006-11-02|08:18] C:\Program Files\Common Files\Services
[2007-10-16|19:42] C:\Program Files\Common Files\Skype
[2006-11-02|08:18] C:\Program Files\Common Files\SpeechEngines
[2008-02-28|15:15] C:\Program Files\Common Files\Symantec Shared
[2008-02-13|15:47] C:\Program Files\Common Files\System
[2008-02-27|14:02] C:\Program Files\Common Files\WindowsLiveInstaller
----------------------[ Recherche avec S_Lop ]---------------------
Aucun fichier / dossier Lop trouvé !
-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------
Aucun fichier / dossier Lop trouvé !
----------------------[ Verification du Registre ]----------------------
..... OK !
--------------------[ Verification du fichier Hosts ]---------------------
Fichier Hosts PROPRE
----------------[ Recherche de fichiers avec Catchme ]-----------------
catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-26 10:59:24
Windows 6.0.6000 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
/!\ [Fich:705][Doss:16] C:\Users\myriam\AppData\Local\Temp
/!\ [Fich:79][Doss:1] C:\Users\myriam\AppData\Roaming\MICROS~1\Windows\Cookies
/!\ [Fich:272][Doss:5] C:\Users\myriam\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[ UAC => 1 ]
--------------------[ Fin du rapport a 10:59:46,81 ]----------------------
encore merci!!
Bien ,
Tu as supprimé le dossier closemultimedia ?
Reposte un HiJackThis
bonjour,
oui je l'ai supprimé après le nettoyage
voici le rapport hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:37:12, on 2008-03-26
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Acer\OrbiCam10\OrbiCam.exe
C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe
C:\Acer\Empowering Technology\eDSMSNfix.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
D:\itunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Users\myriam\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Windows\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Users\myriam\Desktop\HiJackThis.exe
C:\Windows\system32\msfeedssync.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.ca.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.ca.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [AcerOrbicamRibbon] "C:\Program Files\Acer\OrbiCam10\OrbiCam.exe" /hide
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [eDSMSNfix] C:\Acer\Empowering Technology\eDSMSNfix.exe
O4 - HKLM\..\Run: [Acer Product Registration] "C:\Program Files\Acer Registration\ACE1.exe" /startup
O4 - HKLM\..\Run: [Acer Assist Launcher] C:\Program Files\Acer Assist\launcher.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\itunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\RunOnce: [MessengerPlusLiveUninstall] "C:\Users\myriam\AppData\Local\Temp\MsgPlusUninstall.exe" /Cleanup
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Mp3 Ref] "C:\ProgramData\show once once.3p3hqu"
O4 - HKCU\..\Run: [warn default inter for] "C:\ProgramData\Keep Hole Ooze.70hmpp"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Livre de reliures HP - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Sélection intelligente HP - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr [...] dfr-ca.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-C [...] E_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/re [...] oscan8.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/control [...] loader.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1 [...] 586-jc.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
--
End of file - 13376 bytes
Re ,
Relance HiJackThis par clique droit / executer en tant qu'administrateur
clique cette fois sur [do a system scan only]
coche dans les cases à gauche les lignes suivantes ( et uniquement celles-ci ) :
O4 - HKCU\..\Run: [Mp3 Ref] "C:\ProgramData\show once once.3p3hqu"
|
et clique sur [Fix checked] ( en bas à gauche )
A la demande de confirmation , répond Oui
---------------------------------------------------------
Désactive l'UAC lors du scan
Fais un scan en ligne Kaspersky ![[:eric_71:19]](http://img.infos-du-net.com/forum/images/perso/19/eric_71.gif "[:eric_71:19]")
< ici avec Internet Explorer !
Clique sur Demarrer Online-Scanner ( en bas à droite )
Clique sur J'accepte , si necessaire valide l'installation des ActiveX
laisse installer les Mises à jour , choisis l'analyse du Poste de travail
à la fin de l'analyse , Sauvegarde le rapport puis colle le dans ta réponse
Si tu vois ce message : La licence de Kaspersky On-line Scanner est périmée
vas dans Ajout / Suppression de programmes et désinstalle On-Line Scanner
retourne sur le site et retente le scan
- Mode Sans Echec -
Répondre à Eric_71
Il y a 2052 utilisateurs connus et inconnus. Pour voir la liste des connectés connus, cliquez ici.
