Sujet Précédent Sujet Suivant

Infection fenêtres publicitaires

Résolu/Fermé
sebmanzo - 12 juin 2007 à 15:02
 boomrang - 17 mars 2008 à 19:29
Bonjour à tous,

depuis quelques jours je suis agressé par des fenêtre publicitaires de tous genres et je commence à craquer. Je viens d'acheter un portable avec Vista et voila le remerciement....
Je joins un rapport de hijackthis.
Merci de votre aide. Séb.

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 11:30:11, on 12/06/2007
Platform: Windows Vista (WinNT 6.00.1904)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\System32\ASUSTPE.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\ASScrPro.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9c.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\User\Desktop\HiJackThis_v2.exe
C:\Windows\system32\msfeedssync.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (BthServ) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcsvc.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\emdmgmt.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprof.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
O23 - Service: @%SystemRoot%\system32\SLUINotify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe

23 réponses

  • 1
  • 2
Réponse 1 / 23
Utilisateur anonyme
12 juin 2007 à 19:09
Bonjour

Qu'as-tu comme anti-spywares mis à part Windows Defender ?
0
sebmanzo
12 juin 2007 à 19:29
J'ai spybot et adware. Merci pour ton aide
0
Réponse 2 / 23
Utilisateur anonyme
12 juin 2007 à 21:07
Télécharge ComboScan sur ton Bureau.
---> http://www.techsupportforum.com/sectools/Deckard/dss.exe
Ferme toutes les applications en cours ; antivirus, pare-feu, etc ..
Double-clic sur comboscan.exe A la fenêtre qui s'affiche, clic sur OK.
Soit patient ..
Le rapport Comboscan.txt s'affichera, copie et colle le contenu de ce fichier ici.
Attention, il peut avoir deux, trois rapports mets les tous ici stp
0
Réponse 3 / 23
sebmanzo
12 juin 2007 à 22:20
voila le premier scan.
Deckard's System Scanner v20070611.50
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft® Windows Vista™ Édition Familiale Premium (build 6000)
Architecture: X86; Language: French

CPU 0: Intel(R) Core(TM) Duo CPU T2350 @ 1.86GHz
Percentage of Memory in Use: 72%
Physical Memory (total/avail): 894.63 MiB / 247.8 MiB
Pagefile Memory (total/avail): 2047.64 MiB / 967.23 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1940.91 MiB

C: is Fixed (NTFS) - 67.07 GiB total, 40.84 GiB free.
D: is Fixed (NTFS) - 39.83 GiB total, 38.38 GiB free.
E: is Removable (No Media)
F: is CDROM (No Media)


-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.

AV: avast! antivirus 4.7.1001 [VPS 000748-4] v4.7.1001 (ALWIL Software) [COLOR=RED]Disabled[/COLOR]
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\User\AppData\Roaming
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=ORDIDESEBETSIB
ComSpec=C:\Windows\system32\cmd.exe
configsetroot=C:\Windows\ConfigSetRoot
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\User
LOCALAPPDATA=C:\Users\User\AppData\Local
LOGONSERVER=\\ORDIDESEBETSIB
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 14 Stepping 12, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0e0c
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\User\AppData\Local\Temp
TMP=C:\Users\User\AppData\Local\Temp
USERDOMAIN=ORDIDESEBETSIB
USERNAME=User
USERPROFILE=C:\Users\User
windir=C:\Windows


-- User Profiles ---------------------------------------------------------------

User
Sibille


-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
--> C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\Windows\UNNeroBackItUp.exe /UNINSTALL
--> C:\Windows\UNRecode.exe /UNINSTALL
--> MsiExec.exe /I{977FBE6C-AE9A-4429-B249-814F0B3A4CB1}
Ad-Aware SE Personal --> MsiExec.exe /X{78CC3BAB-DE2A-4FB4-8FBB-E4DADDC26747}
Adobe Flash Player 9 ActiveX --> C:\Windows\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Reader 7.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
ASUS InstantFun --> MsiExec.exe /I{57B15AD4-8C9D-4164-82BB-E33D8644E757}
ASUS Live Update --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E657B243-9AD4-4ECC-BE81-4CCF8D667FD0}\setup.exe" -l0x9
ASUS Splendid Video Enhancement Technology --> C:\Program Files\InstallShield Installation Information\{C0FC1C14-4824-4A73-87A6-9E888C9C3102}\SETUP.exe -runfromtemp -l0x0009 -removeonly
ASUS Touch Pad Extra --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DB891739-2EB3-45A8-9CBD-941C255CECD4}\SETUP.EXE" -l0x9
Asus_Camera_ScreenSaver --> "C:\Windows\ASUS Camera ScreenSaver Uninstaller.exe"
ATI Uninstaller --> C:\Program Files\ATI\CIM\Bin\Atisetup.exe -uninstall all
ATK Hotkey --> C:\Program Files\InstallShield Installation Information\{3912D529-02BC-4CA8-B5ED-0D0C20EB6003}\SETUP.exe -runfromtemp -l0x0009 -removeonly
ATK Media --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{139B0FFA-187E-4BA1-BCA6-6B56B2B6AB8C}\SETUP.EXE" -l0x9
ATKOSD2 --> C:\Program Files\InstallShield Installation Information\{5C1DB4ED-E9B4-402D-BB14-D75D97D6C1A6}\SETUP.exe -runfromtemp -l0x0009 -removeonly
Attansic Giga Ethernet Utility --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1F698102-5739-441E-96F0-74F4EA540F06}\SETUP.EXE" -l0x9
avast! Antivirus --> rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,RunSetup
DivX Codec --> C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Converter --> C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Empereur : L'Empire du Milieu --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{821DABD6-26F2-49E5-AE55-40A589ADBE6D}\setup.exe" -l0x40c
eMule --> "C:\Program Files\eMule\Uninstall.exe"
HijackThis 1.99.1 --> C:\PROGRA~1\HIJACK~1\HijackThis.exe /uninstall
Language pack for Ad-Aware SE --> C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\Plugins\Langs\INSTALL.LOG
LifeFrame2 --> MsiExec.exe /I{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Motorola SM56 Speakerphone Modem --> rundll32.exe sm56co6a.dll,SM56UnInstaller
MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
NB Probe --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6324A1EF-CEF4-43E3-8BCD-9EF3F67317FD}\SETUP.EXE" -l0x9
Nero 7 Essentials --> MsiExec.exe /X{8A8C4EAC-9AB7-45FA-9480-5716FD261036}
Net4Switch --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D6D7811-43B3-463C-BC79-5D1755269989}\setup.exe" -l0x9
OpenOffice.org 2.2 --> MsiExec.exe /I{7FD7F10E-0666-4C9F-A0A8-422EA5E31C4C}
Outil de mise à jour Google --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Power4Gear eXtreme --> C:\Program Files\InstallShield Installation Information\{8CFEBE9C-F29F-4C49-80E0-7106970F8734}\setup.exe -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\SETUP.exe" -l0x9 -removeonly
Realtek USB 2.0 Card Reader --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\SETUP.exe" -l0x9 -removeonly
Spybot - Search & Destroy 1.4 --> "C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
USB2.0 1.3M WebCam --> C:\Windows\StkUnist.exe
Windows Live Messenger --> MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}
Windows Live OneCare safety scanner --> MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
WinFlash --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE10AB76-4756-4913-BE25-55D1C1051F9A}\setup.exe" -l0x9
Wireless Console 2 --> C:\Program Files\InstallShield Installation Information\{83F73CB1-7705-49D1-9852-84D839CA2A45}\SETUP.exe -runfromtemp -l0x0009 -removeonly
XnView 1.91 --> "C:\Program Files\XnView\unins000.exe"


-- End of Deckard's System Scanner: finished at 2007-06-12 at 22:16:52 ---------
0
Réponse 4 / 23
sebmanzo
12 juin 2007 à 22:22
Et voila le deuxieme.
C'est un peu du chinois tout ca.
A plus. Séb
Deckard's System Scanner v20070611.50
Run by User on 2007-06-12 at 22:13:33
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- Last 5 Restore Point(s) --
9: 2007-06-12 09:13:12 UTC - RP69 - Removed Google Toolbar for Internet Explorer
8: 2007-06-12 09:05:16 UTC - RP68 - Windows Update
7: 2007-06-05 10:43:01 UTC - RP67 - Point de contrôle planifié
6: 2007-06-04 19:49:19 UTC - RP66 - Point de contrôle planifié
5: 2007-06-01 09:14:23 UTC - RP65 - Installation du package de pilote logiciel : Pilotes d'imprimante à jet d'encre Lexmark Imprimantes


-- First Restore Point --
1: 2007-05-30 06:33:32 UTC - RP60 - Registre nettoyé à l'aide du scanner de sécurité Windows Live OneCare


Backed up registry hives.

Performed disk cleanup.


-- HijackThis (run as User.exe) ------------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 22:16:17, on 12/06/2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)

Running processes:
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\System32\ASUSTPE.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\ASScrPro.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\qlgceakfac.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Users\User\Desktop\dss.exe
C:\Windows\system32\conime.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\SearchFilterHost.exe
C:\PROGRA~1\HIJACK~1\User.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [qlgceakfac] c:\windows\system32\qlgceakfac.exe qlgceakfac
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)


-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

All drivers whitelisted.


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 ASLDRService (ASLDR Service) - c:\program files\atk hotkey\asldrsrv.exe <Not Verified; ; ADSMSrv>

S2 CLTNetCnService (Symantec Lic NetConnect service) - "c:\program files\common files\symantec shared\ccsvchst.exe" /h cccommon (file missing)
S3 NBService - c:\program files\nero\nero 7\nero backitup\nbservice.exe
S3 NMIndexingService - "c:\program files\common files\ahead\lib\nmindexingservice.exe" <Not Verified; Nero AG; Nero Home>


-- Scheduled Tasks -------------------------------------------------------------

2007-06-12 22:15:11 422 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{8CF64691-30F5-4CEB-9EDD-6A83A4E1F961}.job
2007-06-12 22:15:10 416 --ah----- C:\Windows\Tasks\User_Feed_Synchronization-{1F6319C2-1091-416F-8E2A-87183F35BF06}.job


-- Files created between 2007-05-12 and 2007-06-12 -----------------------------

2007-06-03 23:36:38 0 d-------- C:\Windows\pss
2007-06-01 11:07:59 49152 --a------ C:\Windows\system32\Lexunst1.exe <Not Verified; Lexmark; Lexmark UNST>
2007-06-01 11:07:58 190464 --a------ C:\Windows\system32\LXBOlmpm.dll <Not Verified; Lexmark International, Inc.; MarkVision for Windows (32 bit)>
2007-06-01 11:07:58 102400 --a------ C:\Windows\system32\lxbobce.dll
2007-06-01 11:06:13 298496 --a------ C:\Windows\unin040c.exe <Not Verified; InstallShield Corporation, Inc.; InstallShield Deinstaller>
2007-06-01 11:05:56 0 -rahs---- C:\MSDOS.SYS
2007-06-01 11:05:56 0 -rahs---- C:\IO.SYS
2007-06-01 11:03:27 33792 --a------ C:\Windows\system32\LXBOUSCI.EXE <Not Verified; Lexmark International; Lexmark International USB Custom Installer>
2007-06-01 11:03:27 4672 --a------ C:\Windows\system32\LXBOUSCI.DLL
2007-05-30 20:54:34 0 d-------- C:\Program Files\Navilog1
2007-05-30 16:18:20 0 d-------- C:\Program Files\Spyware Doctor
2007-05-29 23:32:57 0 d-------- C:\Program Files\Windows Live Safety Center
2007-05-29 23:16:18 0 d-------- C:\Program Files\RegCure
2007-05-29 22:07:26 0 d-------- C:\Program Files\Lavasoft
2007-05-29 22:06:01 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-05-27 21:12:00 0 d-------- C:\Sierra
2007-05-27 15:43:38 0 d-------- C:\Program Files\XnView
2007-05-26 17:30:22 0 d--h----- C:\Program Files\BSX view
2007-05-24 23:24:12 259113 --a------ C:\Windows\system32\qlgceakfac_nav.dat
2007-05-24 23:23:41 332 --a------ C:\Windows\system32\qlgceakfac_navps.dat
2007-05-24 23:23:36 4531 --a------ C:\Windows\system32\qlgceakfac.dat
2007-05-24 23:23:34 361472 --a------ C:\Windows\system32\qlgceakfac.exe
2007-05-22 23:21:34 0 dr------- C:\Users\Sibille\Searches
2007-05-22 23:21:17 0 dr------- C:\Users\Sibille\Contacts
2007-05-22 23:19:50 0 d--hs---- C:\Users\Sibille\Voisinage réseau
2007-05-22 23:19:50 0 d--hs---- C:\Users\Sibille\Voisinage d'impression
2007-05-22 23:19:50 0 d--hs---- C:\Users\Sibille\SendTo
2007-05-22 23:19:50 0 d--hs---- C:\Users\Sibille\Recent
2007-05-22 23:19:50 0 d--hs---- C:\Users\Sibille\Modèles
2007-05-22 23:19:50 0 d--hs---- C:\Users\Sibille\Mes documents
2007-05-22 23:19:50 0 d--hs---- C:\Users\Sibille\Menu Démarrer
2007-05-22 23:19:50 0 d--hs---- C:\Users\Sibille\Local Settings
2007-05-22 23:19:50 0 d--hs---- C:\Users\Sibille\Cookies
2007-05-22 23:19:50 0 d--hs---- C:\Users\Sibille\Application Data
2007-05-22 23:19:47 0 dr------- C:\Users\Sibille\Videos
2007-05-22 23:19:47 0 dr------- C:\Users\Sibille\Saved Games
2007-05-22 23:19:47 0 dr------- C:\Users\Sibille\Pictures
2007-05-22 23:19:47 1048576 --ahs---- C:\Users\Sibille\NTUSER.DAT
2007-05-22 23:19:47 0 dr------- C:\Users\Sibille\Music
2007-05-22 23:19:47 0 dr------- C:\Users\Sibille\Links
2007-05-22 23:19:47 0 dr------- C:\Users\Sibille\Favorites
2007-05-22 23:19:47 0 dr------- C:\Users\Sibille\Downloads
2007-05-22 23:19:47 0 dr------- C:\Users\Sibille\Documents
2007-05-22 23:19:47 0 dr------- C:\Users\Sibille\Desktop
2007-05-22 23:19:47 0 d--h----- C:\Users\Sibille\AppData
2007-05-22 20:34:48 0 d-------- C:\Users\User\SEB
2007-05-22 20:32:06 0 d-------- C:\Program Files\eMule
2007-05-22 19:01:36 0 d-------- C:\Program Files\Google
2007-05-22 16:13:56 0 d-------- C:\Program Files\OpenOffice.org 2.2
2007-05-22 16:10:12 0 d-------- C:\Windows\PCHEALTH
2007-05-22 16:10:12 0 d-------- C:\Program Files\MSN Messenger
2007-05-22 16:07:57 0 d-------- C:\Program Files\DivX
2007-05-22 15:45:27 0 d-------- C:\Program Files\Common Files\LightScribe
2007-05-22 15:39:19 0 d-------- C:\Program Files\Nero
2007-05-22 15:39:19 0 d-------- C:\Program Files\Common Files\Ahead
2007-05-22 15:26:32 0 d-------- C:\Program Files\Alwil Software
2007-05-22 15:19:25 546 --a------ C:\Windows\system32\ABF5R.DAT
2007-05-22 15:07:09 0 dr------- C:\Users\User\Searches
2007-05-22 15:06:56 0 dr------- C:\Users\User\Contacts
2007-05-22 15:05:59 45056 --a------ C:\Windows\system32\acovcnt.exe
2007-05-22 15:05:46 0 d--hs---- C:\Users\User\Voisinage réseau
2007-05-22 15:05:46 0 d--hs---- C:\Users\User\Voisinage d'impression
2007-05-22 15:05:46 0 d--hs---- C:\Users\User\SendTo
2007-05-22 15:05:46 0 d--hs---- C:\Users\User\Recent
2007-05-22 15:05:46 0 d--hs---- C:\Users\User\Modèles
2007-05-22 15:05:46 0 d--hs---- C:\Users\User\Mes documents
2007-05-22 15:05:46 0 d--hs---- C:\Users\User\Menu Démarrer
2007-05-22 15:05:46 0 d--hs---- C:\Users\User\Local Settings
2007-05-22 15:05:46 0 d--hs---- C:\Users\User\Cookies
2007-05-22 15:05:46 0 d--hs---- C:\Users\User\Application Data
2007-05-22 15:05:45 0 dr------- C:\Users\User\Videos
2007-05-22 15:05:45 0 dr------- C:\Users\User\Saved Games
2007-05-22 15:05:45 0 dr------- C:\Users\User\Pictures
2007-05-22 15:05:45 2097152 --ahs---- C:\Users\User\NTUSER.DAT
2007-05-22 15:05:45 0 dr------- C:\Users\User\Music
2007-05-22 15:05:45 0 dr------- C:\Users\User\Links
2007-05-22 15:05:45 0 dr------- C:\Users\User\Favorites
2007-05-22 15:05:45 0 dr------- C:\Users\User\Downloads
2007-05-22 15:05:45 0 dr------- C:\Users\User\Documents
2007-05-22 15:05:45 0 dr------- C:\Users\User\Desktop
2007-05-22 15:05:45 0 d--h----- C:\Users\User\AppData


-- Find3M Report ---------------------------------------------------------------

2007-06-12 22:01:00 12 --a------ C:\Windows\bthservsdp.dat
2007-06-12 20:06:59 0 d-------- C:\Users\User\AppData\Roaming\OpenOffice.org2
2007-06-03 20:23:42 690832 --a------ C:\Windows\system32\perfh00C.dat
2007-06-03 20:23:42 117572 --a------ C:\Windows\system32\perfc00C.dat
2007-06-01 10:56:48 0 d-------- C:\Users\User\AppData\Roaming\U3
2007-05-31 17:01:25 0 d-------- C:\Program Files\PowerForPhone
2007-05-31 13:48:50 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-05-29 22:12:19 0 d-------- C:\Users\User\AppData\Roaming\Lavasoft
2007-05-27 15:51:29 0 d-------- C:\Users\User\AppData\Roaming\XnView
2007-05-25 13:06:22 0 d-------- C:\Users\User\AppData\Roaming\AdobeUM
2007-05-24 19:51:11 0 d-------- C:\Users\User\AppData\Roaming\DivX
2007-05-22 19:08:36 0 d-------- C:\Users\User\AppData\Roaming\Adobe
2007-05-22 19:03:35 0 d-------- C:\Users\User\AppData\Roaming\Google
2007-05-22 15:49:00 0 d-------- C:\Program Files\Windows Mail
2007-05-22 15:49:00 0 d-------- C:\Program Files\Windows Defender
2007-05-22 15:42:40 0 d-------- C:\Users\User\AppData\Roaming\Ahead
2007-05-22 15:18:18 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-05-22 15:09:03 0 d-------- C:\Users\User\AppData\Roaming\ATI
2007-05-22 15:08:07 0 d-------- C:\Users\User\AppData\Roaming\Macromedia
2007-05-22 15:06:59 0 d-------- C:\Users\User\AppData\Roaming\Identities
2007-05-22 15:05:57 0 d-------- C:\Users\User\AppData\Roaming\InstallShield
2007-05-11 06:37:15 802816 --a------ C:\Windows\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2007-05-11 06:37:15 823296 --a------ C:\Windows\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2007-05-11 06:37:15 823296 --a------ C:\Windows\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2007-05-11 06:37:15 740442 --a------ C:\Windows\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2007-04-28 07:15:30 0 d-------- C:\Program Files\ATI Technologies
2007-04-28 07:13:08 0 d-------- C:\Program Files\ATI
2007-04-28 06:55:26 0 d-------- C:\Program Files\Common Files\Adobe
2007-04-28 06:46:51 0 d-------- C:\Program Files\ASUS
2007-04-28 06:45:53 0 d-------- C:\Program Files\P4G
2007-04-28 06:45:14 4499453 --a------ C:\Windows\ASUS Camera ScreenSaver.exe <Not Verified; Macromedia, Inc.; Shockwave Flash>
2007-04-28 06:45:13 503808 --a------ C:\Windows\Asus_Camera_ScreenSaver.scr <Not Verified; ScreenTime Media; ScreenTime For Flash>
2007-04-28 06:45:12 12288 --a------ C:\Windows\impborl.dll
2007-04-28 06:45:12 606848 --a------ C:\Windows\flashax.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(R) Operating System>
2007-04-28 06:42:47 0 d-------- C:\Program Files\Synaptics
2007-04-28 06:37:34 0 d-------- C:\Program Files\Common Files\InstallShield
2007-04-28 06:37:01 0 d-------- C:\Program Files\Wireless Console 2
2007-04-28 06:35:48 0 d-------- C:\Program Files\Motorola
2007-04-28 06:34:05 0 d-------- C:\Program Files\Realtek
2007-04-28 06:33:36 0 d-------- C:\Program Files\Attansic
2007-04-28 06:33:09 0 d-------- C:\Program Files\ATKOSD2
2007-04-28 06:32:39 0 d-------- C:\Program Files\ATK Hotkey
2007-04-23 02:15:29 3596288 --a------ C:\Windows\system32\qt-dx331.dll
2007-04-23 02:02:34 196608 --a------ C:\Windows\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2007-04-23 02:02:34 73728 --a------ C:\Windows\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2007-04-23 02:01:47 12288 --a------ C:\Windows\system32\DivXWMPExtType.dll


-- Registry Dump ---------------------------------------------------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
{53707962-6F74-2D53-2644-206D7942484F} C:\PROGRA~1\SPYBOT~1\SDHelper.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Windows Defender"=hex(2):25,50,72,6f,67,72,61,6d,46,69,6c,65,73,25,5c,57,69,\
"RtHDVCpl"="RtHDVCpl.exe"
"SMSERIAL"="C:\\Program Files\\Motorola\\SMSERIAL\\sm56hlpr.exe"
"ATKMEDIA"="C:\\Program Files\\ASUS\\ATK Media\\DMEDIA.EXE"
"ASUSTPE"="C:\\Windows\\system32\\ASUSTPE.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"ASUS Camera ScreenSaver"="C:\\Windows\\ASScrProlog.exe"
"ASUS Screen Saver Protector"="C:\\Windows\\ASScrPro.exe"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"qlgceakfac"="c:\\windows\\system32\\qlgceakfac.exe qlgceakfac"
"MSConfig"="\"C:\\Windows\\system32\\msconfig.exe\" /auto"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"Sidebar"="C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun"
@=""
"StartCCC"="C:\\Program Files\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe"
"ehTray.exe"="C:\\Windows\\ehome\\ehTray.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=dword:00000002
"ConsentPromptBehaviorUser"=dword:00000001
"EnableInstallerDetection"=dword:00000001
"EnableLUA"=dword:00000001
"EnableSecureUIAPaths"=dword:00000001
"EnableVirtualization"=dword:00000001
"PromptOnSecureDesktop"=dword:00000001
"ValidateAdminCodeSignatures"=dword:00000000
"scforceoption"=dword:00000000
"FilterAdministratorToken"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system\UIPI]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system\UIPI\Clipboard]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system\UIPI\Clipboard\ExceptionFormats]
"CF_TEXT"=dword:00000001
"CF_BITMAP"=dword:00000002
"CF_OEMTEXT"=dword:00000007
"CF_DIB"=dword:00000008
"CF_PALETTE"=dword:00000009
"CF_UNICODETEXT"=dword:0000000d
"CF_DIBV5"=dword:00000011

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="credssp.dll"

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Notification Packages REG_MULTI_SZ scecli\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0tspkg\0\0
Authentication Packages REG_MULTI_SZ msv1_0\0\0

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AppInfo
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\KeyIso
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\NTDS
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\ProfSvc
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sacsvr
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\SWPRV
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\TabletInputService
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\TBS
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\TrustedInstaller
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\volmgr.sys
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\volmgrx.sys
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Adobe Reader Speed Launch.lnk"
"backup"="C:\\Windows\\pss\\Adobe Reader Speed Launch.lnk.CommonStartup"
"location"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~1\\Adobe\\ACROBA~1.0\\Reader\\READER~1.EXE "
"item"="Adobe Reader Speed Launch"
"YEAR"=dword:000007d7
"MONTH"=dword:00000006
"DAY"=dword:00000003
"HOUR"=dword:00000017
"MINUTE"=dword:00000024
"SECOND"=dword:00000026

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Outil de mise à jour Google.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Outil de mise à jour Google.lnk"
"backup"="C:\\Windows\\pss\\Outil de mise à jour Google.lnk.CommonStartup"
"location"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~1\\Google\\GOOGLE~1\\GOOGLE~1.EXE -systray -startup"
"item"="Outil de mise à jour Google"
"YEAR"=dword:000007d7
"MONTH"=dword:00000006
"DAY"=dword:00000003
"HOUR"=dword:00000017
"MINUTE"=dword:00000024
"SECOND"=dword:00000026

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.2.lnk]
"path"="C:\\Users\\User\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OpenOffice.org 2.2.lnk"
"backup"="C:\\Windows\\pss\\OpenOffice.org 2.2.lnk.Startup"
"location"="C:\\Users\\User\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~1\\OPENOF~1.2\\program\\QUICKS~1.EXE "
"item"="OpenOffice.org 2.2"
"YEAR"=dword:000007d7
"MONTH"=dword:00000006
"DAY"=dword:00000003
"HOUR"=dword:00000017
"MINUTE"=dword:00000024
"SECOND"=dword:00000026

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X84-X85 Button Manager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Lexmark X84-X85 Button Manager"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\LEXMAR~1\\AcBtnMgr_X84-X85.exe"
"inimapping"="0"
"YEAR"=dword:000007d7
"MONTH"=dword:00000006
"DAY"=dword:00000003
"HOUR"=dword:00000017
"MINUTE"=dword:00000024
"SECOND"=dword:00000026

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X84-X85 Button Monitor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Lexmark X84-X85 Button Monitor"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\LEXMAR~1\\ACMonitor_X84-X85.exe"
"inimapping"="0"
"YEAR"=dword:000007d7
"MONTH"=dword:00000006
"DAY"=dword:00000003
"HOUR"=dword:00000017
"MINUTE"=dword:00000024
"SECOND"=dword:00000026

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroFilterCheck"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"inimapping"="0"
"YEAR"=dword:000007d7
"MONTH"=dword:00000006
"DAY"=dword:00000003
"HOUR"=dword:00000017
"MINUTE"=dword:00000024
"SECOND"=dword:00000026

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrinTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PrinTray"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\spool\\DRIVERS\\W32X86\\3\\printray.exe"
"inimapping"="0"
"YEAR"=dword:000007d7
"MONTH"=dword:00000006
"DAY"=dword:00000003
"HOUR"=dword:00000017
"MINUTE"=dword:00000024
"SECOND"=dword:00000026

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="swg"
"hkey"="HKCU"
"command"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"
"inimapping"="0"
"YEAR"=dword:000007d7
"MONTH"=dword:00000006
"DAY"=dword:00000003
"HOUR"=dword:00000017
"MINUTE"=dword:00000024
"SECOND"=dword:00000026

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ nsi\0lltdsvc\0SSDPSRV\0upnphost\0SCardSvr\0w32time\0EventSystem\0RemoteRegistry\0WinHttpAutoProxySvc\0lanmanworkstation\0TBS\0SLUINotify\0THREADORDER\0fdrespub\0netprofm\0fdphost\0wcncsvc\0QWAVE\0Mcx2Svc\0WebClient\0\0
LocalSystemNetworkRestricted REG_MULTI_SZ hidserv\0UxSms\0WdiSystemHost\0Netman\0trkwks\0AudioEndpointBuilder\0WUDFSvc\0irmon\0sysmain\0IPBusEnum\0dot3svc\0PcaSvc\0EMDMgmt\0TabletInputService\0wlansvc\0WPDBusEnum\0\0
NetworkServiceNetworkRestricted REG_MULTI_SZ PolicyAgent\0\0
LocalServiceNoNetwork REG_MULTI_SZ PLA\0DPS\0BFE\0mpssvc\0ehstart\0\0
NetworkService REG_MULTI_SZ CryptSvc\0DHCP\0TermService\0KtmRm\0DNSCache\0NapAgent\0nlasvc\0WinRM\0WECSVC\0Tapisrv\0\0
termsvcs REG_MULTI_SZ TermService\0\0
WerSvcGroup REG_MULTI_SZ wersvc\0\0
swprv REG_MULTI_SZ swprv\0\0
LocalServiceNetworkRestricted REG_MULTI_SZ DHCP\0eventlog\0AudioSrv\0LmHosts\0wscsvc\0p2pimsvc\0PNRPSvc\0p2psvc\0WPCSvc\0PnrpAutoReg\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
regsvc REG_MULTI_SZ RemoteRegistry\0\0
wcssvc REG_MULTI_SZ WcsPlugInService\0\0
DcomLaunch REG_MULTI_SZ PlugPlay\0DcomLaunch\0\0
wdisvc REG_MULTI_SZ WdiServiceHost\0\0
sdrsvc REG_MULTI_SZ sdrsvc\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
secsvcs REG_MULTI_SZ WinDefend\0\0
bthsvcs REG_MULTI_SZ BthServ\0\0

hklm\software\Microsoft\Windows NT\CurrentVersion\Svchost *netsvcs*
AeLookupSvc
wercplsupport
CertPropSvc
SCPolicySvc
gpsvc
IKEEXT
LogonHours
PCAudit
iphlpsvc
AppInfo
msiscsi
MMCSS
ProfSvc
EapHost
SessionEnv
hkmsvc


[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8944ad7e-100a-11dc-a60f-001bfc3dd75d}]
shell\AutoRun\command H:\LaunchU3.exe -a


-- End of Deckard's System Scanner: finished at 2007-06-12 at 22:16:52 ---------
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 23
Utilisateur anonyme
13 juin 2007 à 02:05
Télécharges Blacklight et sauvegarde le sur ton bureau.
https://www.f-secure.com/en
Double cliques sur " blbeta.exe " et acceptes la licence; clic sur "Scan" puis "Next"

Un rapport, va se créer sur ton bureau "fslb-....."
Copies et colles le contenu de ce rapport ici.

Ne touche à rien d'autre!


Lance Blacklight en double cliquant sur blbeta.exe et accepte la licence.
Clique sur Scan pour lancer l'analyse.
Une fois fait, selectionnes chaques fichiers trouvés et clic sur "RENAME"
Puis valide.
Réponds oui aux messages d'avertissements et te demandant si tu autorises le reboot du pc.

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-

Après le reboot du pc, les fichiers ci-dessous devraient être visible et pouvoir être supprimés sans aucuns soucis.
:

C:\Windows\system32\qlgceakfac_nav.dat
C:\Windows\system32\qlgceakfac_navps.dat
C:\Windows\system32\qlgceakfac.dat
C:\Windows\system32\qlgceakfac.exe
0
Réponse 6 / 23
seb1248
13 juin 2007 à 12:50
Voici le rapport f-secure. En espérant que ce soit le bon.
Merci . Séb

06/13/07 11:48:03 [Info]: BlackLight Engine 1.0.61 initialized
06/13/07 11:48:03 [Info]: OS: 6.0 build 6000 ()
06/13/07 11:48:03 [Note]: 7019 4
06/13/07 11:48:03 [Note]: 7005 0
06/13/07 11:48:07 [Note]: 7006 0
06/13/07 11:48:08 [Note]: 7027 1
06/13/07 11:48:08 [Note]: 7027 0
06/13/07 11:48:08 [Note]: 7026 0
06/13/07 11:48:08 [Note]: 7026 0
06/13/07 11:48:11 [Note]: FSRAW library version 1.7.1021
06/13/07 11:52:11 [Error]: 6023 5
06/13/07 12:11:13 [Note]: 7007 0
0
Réponse 7 / 23
Utilisateur anonyme
13 juin 2007 à 13:14
Tu peux jeter blacklight 'est ok.


Rends toi sur se site
http://www.virustotal.com/en/virustotalx.html


En haut à droite clic sur "choisir"
Tu vas dans C:, windows, system32 tu cherches le processus ci-dessous et tu clic sur "ouvrir"

C:\Windows\system32\ABF5R.DAT

dès que c'est fait, clic sur "send"
Tu attends un peu qu'il analyse ton fichier ça peut duré plusieurs minutes et colle le rapport ici une fois qu'il a terminé stp

Fais la même chose avec celui-ci

C:\Windows\system32\acovcnt.exe
0
Réponse 8 / 23
seb1248
13 juin 2007 à 14:02
Voila le premier. Ca a l'air clair.

Séb
Complete scanning result of "ABF5R.DAT", received in VirusTotal at 06.13.2007, 13:55:21 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.6.12.2 06.13.2007 no virus found
AntiVir 7.4.0.32 06.13.2007 no virus found
Authentium 4.93.8 06.12.2007 no virus found
Avast 4.7.997.0 06.12.2007 no virus found
AVG 7.5.0.467 06.13.2007 no virus found
BitDefender 7.2 06.13.2007 no virus found
CAT-QuickHeal 9.00 06.12.2007 no virus found
ClamAV devel-20070416 06.12.2007 no virus found
DrWeb 4.33 06.13.2007 no virus found
eSafe 7.0.15.0 06.12.2007 no virus found
eTrust-Vet 30.7.3715 06.13.2007 no virus found
Ewido 4.0 06.13.2007 no virus found
FileAdvisor 1 06.13.2007 no virus found
Fortinet 2.85.0.0 06.13.2007 no virus found
F-Prot 4.3.2.48 06.12.2007 no virus found
F-Secure 6.70.13030.0 06.13.2007 no virus found
Ikarus T3.1.1.8 06.13.2007 no virus found
Kaspersky 4.0.2.24 06.13.2007 no virus found
McAfee 5051 06.12.2007 no virus found
Microsoft 1.2503 06.13.2007 no virus found
NOD32v2 2326 06.13.2007 no virus found
Norman 5.80.02 06.12.2007 no virus found
Panda 9.0.0.4 06.13.2007 no virus found
Prevx1 V2 06.13.2007 no virus found
Sophos 4.18.0 06.12.2007 no virus found
Sunbelt 2.2.907.0 06.09.2007 no virus found
Symantec 10 06.13.2007 no virus found
TheHacker 6.1.6.132 06.11.2007 no virus found
VBA32 3.12.0.1 06.12.2007 no virus found
VirusBuster 4.3.23:9 06.12.2007 no virus found
Webwasher-Gateway 6.0.1 06.13.2007 no virus found


Aditional Information
0
Réponse 9 / 23
seb1248
13 juin 2007 à 14:11
Et voila le deuxième. Séb.

Complete scanning result of "acovcnt.exe", received in VirusTotal at 06.13.2007, 14:03:27 (CET).

Antivirus Version Update Result
AhnLab-V3 2007.6.12.2 06.13.2007 no virus found
AntiVir 7.4.0.32 06.13.2007 no virus found
Authentium 4.93.8 06.12.2007 no virus found
Avast 4.7.997.0 06.12.2007 no virus found
AVG 7.5.0.467 06.13.2007 no virus found
BitDefender 7.2 06.13.2007 no virus found
CAT-QuickHeal 9.00 06.12.2007 no virus found
ClamAV devel-20070416 06.12.2007 no virus found
DrWeb 4.33 06.13.2007 no virus found
eSafe 7.0.15.0 06.12.2007 no virus found
eTrust-Vet 30.7.3715 06.13.2007 no virus found
Ewido 4.0 06.13.2007 no virus found
FileAdvisor 1 06.13.2007 No threat detected
Fortinet 2.85.0.0 06.13.2007 no virus found
F-Prot 4.3.2.48 06.12.2007 no virus found
F-Secure 6.70.13030.0 06.13.2007 no virus found
Ikarus T3.1.1.8 06.13.2007 no virus found
Kaspersky 4.0.2.24 06.13.2007 no virus found
McAfee 5051 06.12.2007 no virus found
Microsoft 1.2503 06.13.2007 no virus found
NOD32v2 2326 06.13.2007 no virus found
Norman 5.80.02 06.12.2007 no virus found
Panda 9.0.0.4 06.13.2007 no virus found
Prevx1 V2 06.13.2007 no virus found
Sophos 4.18.0 06.12.2007 no virus found
Sunbelt 2.2.907.0 06.09.2007 no virus found
Symantec 10 06.13.2007 no virus found
TheHacker 6.1.6.132 06.11.2007 no virus found
VBA32 3.12.0.1 06.12.2007 no virus found
VirusBuster 4.3.23:9 06.12.2007 no virus found
Webwasher-Gateway 6.0.1 06.13.2007 no virus found


Aditional Information
File size: 45056 bytes
MD5: 6bcaf46e2b7fa9ace92b4d39f3037c5c
SHA1: 6d5a81e3cf59832d73f28d6e87f51d073c3e4095
Bit9 info: http://fileadvisor.bit9.com/services/extinfo.aspx?md5=6bcaf46e2b7fa9ace92b4d39f3037c5c
0
Réponse 10 / 23
seb1248
13 juin 2007 à 23:12
Je reste coincé avec ces fenêtres qui s'ouvrent de manière intempestive....
J'ai fait des premiers scans avec l'aide de boulepate62.
Mais cela ne suffit pas. Please HELP.
Séb
0
Réponse 11 / 23
seb1248
14 juin 2007 à 10:30
SVP, conseillez moi. Merci....
0
Réponse 12 / 23
Utilisateur anonyme
14 juin 2007 à 19:27
Bonjour

Peux tu remettre un rapport comboscan stp.
Recommence aussi blacklight pour vérifier
0
Réponse 13 / 23
seb1248
14 juin 2007 à 20:57
Bonsoir,

voici le rapport de dss, je suppose que c'est la même chose, je n'ai pas trouvé comboscan
Deckard's System Scanner v20070611.50
Run by User on 2007-06-14 at 20:54:35
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as User.exe) ------------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 20:54:56, on 14/06/2007
Platform: Unknown Windows (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Windows\System32\ASUSTPE.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\ASScrPro.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\qlgceakfac.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3JGD1Y8O\dss[1].exe
C:\Windows\system32\SearchFilterHost.exe
C:\PROGRA~1\HIJACK~1\User.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.asus.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [ASUSTPE] C:\Windows\system32\ASUSTPE.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [qlgceakfac] c:\windows\system32\qlgceakfac.exe qlgceakfac
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\system32\msconfig.exe" /auto
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll
O11 - Options group: [INTERNATIONAL] International*
O13 - Gopher Prefix:
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} - http://cdn.scan.onecare.live.com/resource/download/scanner/fr-FR/wlscctrl2.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)


-- Files created between 2007-05-14 and 2007-06-14 -----------------------------

2007-06-14 15:40:43 298104 --a------ C:\Windows\system32\imon.dll <Not Verified; Eset; NOD32 Antivirus System>
2007-06-03 23:36:38 0 d-------- C:\Windows\pss
2007-06-01 11:07:59 49152 --a------ C:\Windows\system32\Lexunst1.exe <Not Verified; Lexmark; Lexmark UNST>
2007-06-01 11:07:58 190464 --a------ C:\Windows\system32\LXBOlmpm.dll <Not Verified; Lexmark International, Inc.; MarkVision for Windows (32 bit)>
2007-06-01 11:07:58 102400 --a------ C:\Windows\system32\lxbobce.dll
2007-06-01 11:06:13 298496 --a------ C:\Windows\unin040c.exe <Not Verified; InstallShield Corporation, Inc.; InstallShield Deinstaller>
2007-06-01 11:05:56 0 -rahs---- C:\MSDOS.SYS
2007-06-01 11:05:56 0 -rahs---- C:\IO.SYS
2007-06-01 11:03:27 33792 --a------ C:\Windows\system32\LXBOUSCI.EXE <Not Verified; Lexmark International; Lexmark International USB Custom Installer>
2007-06-01 11:03:27 4672 --a------ C:\Windows\system32\LXBOUSCI.DLL
2007-05-30 20:54:34 0 d-------- C:\Program Files\Navilog1
2007-05-30 16:18:20 0 d-------- C:\Program Files\Spyware Doctor
2007-05-29 23:32:57 0 d-------- C:\Program Files\Windows Live Safety Center
2007-05-29 23:16:18 0 d-------- C:\Program Files\RegCure
2007-05-29 22:07:26 0 d-------- C:\Program Files\Lavasoft
2007-05-29 22:06:01 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-05-27 21:12:00 0 d-------- C:\Sierra
2007-05-27 15:43:38 0 d-------- C:\Program Files\XnView
2007-05-26 17:30:22 0 d--h----- C:\Program Files\BSX view
2007-05-24 23:24:12 259113 --a------ C:\Windows\system32\qlgceakfac_nav.dat
2007-05-24 23:23:41 332 --a------ C:\Windows\system32\qlgceakfac_navps.dat
2007-05-24 23:23:36 4531 --a------ C:\Windows\system32\qlgceakfac.dat
2007-05-24 23:23:34 361472 --a------ C:\Windows\system32\qlgceakfac.exe
2007-05-22 23:21:34 0 dr------- C:\Users\Sibille\Searches
2007-05-22 23:21:17 0 dr------- C:\Users\Sibille\Contacts
2007-05-22 23:19:50 0 d--hs---- C:\Users\Sibille\Voisinage réseau <VOISIN~1>
2007-05-22 23:19:50 0 d--hs---- C:\Users\Sibille\Voisinage d'impression <VOISIN~2>
2007-05-22 23:19:50 0 d--hs---- C:\Users\Sibille\SendTo
2007-05-22 23:19:50 0 d--hs---- C:\Users\Sibille\Recent
2007-05-22 23:19:50 0 d--hs---- C:\Users\Sibille\Modèles <MODLES~1>
2007-05-22 23:19:50 0 d--hs---- C:\Users\Sibille\Mes documents <MESDOC~1>
2007-05-22 23:19:50 0 d--hs---- C:\Users\Sibille\Menu Démarrer <MENUDM~1>
2007-05-22 23:19:50 0 d--hs---- C:\Users\Sibille\Local Settings <LOCALS~1>
2007-05-22 23:19:50 0 d--hs---- C:\Users\Sibille\Cookies
2007-05-22 23:19:50 0 d--hs---- C:\Users\Sibille\Application Data <APPLIC~1>
2007-05-22 23:19:47 0 dr------- C:\Users\Sibille\Videos
2007-05-22 23:19:47 0 dr------- C:\Users\Sibille\Saved Games <SAVEDG~1>
2007-05-22 23:19:47 0 dr------- C:\Users\Sibille\Pictures
2007-05-22 23:19:47 1048576 --ahs---- C:\Users\Sibille\NTUSER.DAT
2007-05-22 23:19:47 0 dr------- C:\Users\Sibille\Music
2007-05-22 23:19:47 0 dr------- C:\Users\Sibille\Links
2007-05-22 23:19:47 0 dr------- C:\Users\Sibille\Favorites <FAVORI~1>
2007-05-22 23:19:47 0 dr------- C:\Users\Sibille\Downloads <DOWNLO~1>
2007-05-22 23:19:47 0 dr------- C:\Users\Sibille\Documents <DOCUME~1>
2007-05-22 23:19:47 0 dr------- C:\Users\Sibille\Desktop
2007-05-22 23:19:47 0 d--h----- C:\Users\Sibille\AppData
2007-05-22 20:34:48 0 d-------- C:\Users\User\SEB
2007-05-22 20:32:06 0 d-------- C:\Program Files\eMule
2007-05-22 19:01:36 0 d-------- C:\Program Files\Google
2007-05-22 16:13:56 0 d-------- C:\Program Files\OpenOffice.org 2.2
2007-05-22 16:10:12 0 d-------- C:\Windows\PCHEALTH
2007-05-22 16:10:12 0 d-------- C:\Program Files\MSN Messenger
2007-05-22 16:07:57 0 d-------- C:\Program Files\DivX
2007-05-22 15:45:27 0 d-------- C:\Program Files\Common Files\LightScribe
2007-05-22 15:39:19 0 d-------- C:\Program Files\Nero
2007-05-22 15:39:19 0 d-------- C:\Program Files\Common Files\Ahead
2007-05-22 15:26:32 0 d-------- C:\Program Files\Alwil Software
2007-05-22 15:19:25 546 --a------ C:\Windows\system32\ABF5R.DAT
2007-05-22 15:07:09 0 dr------- C:\Users\User\Searches
2007-05-22 15:06:56 0 dr------- C:\Users\User\Contacts
2007-05-22 15:05:59 45056 --a------ C:\Windows\system32\acovcnt.exe
2007-05-22 15:05:46 0 d--hs---- C:\Users\User\Voisinage réseau <VOISIN~1>
2007-05-22 15:05:46 0 d--hs---- C:\Users\User\Voisinage d'impression <VOISIN~2>
2007-05-22 15:05:46 0 d--hs---- C:\Users\User\SendTo
2007-05-22 15:05:46 0 d--hs---- C:\Users\User\Recent
2007-05-22 15:05:46 0 d--hs---- C:\Users\User\Modèles <MODLES~1>
2007-05-22 15:05:46 0 d--hs---- C:\Users\User\Mes documents <MESDOC~1>
2007-05-22 15:05:46 0 d--hs---- C:\Users\User\Menu Démarrer <MENUDM~1>
2007-05-22 15:05:46 0 d--hs---- C:\Users\User\Local Settings <LOCALS~1>
2007-05-22 15:05:46 0 d--hs---- C:\Users\User\Cookies
2007-05-22 15:05:46 0 d--hs---- C:\Users\User\Application Data <APPLIC~1>
2007-05-22 15:05:45 0 dr------- C:\Users\User\Videos
2007-05-22 15:05:45 0 dr------- C:\Users\User\Saved Games <SAVEDG~1>
2007-05-22 15:05:45 0 dr------- C:\Users\User\Pictures
2007-05-22 15:05:45 2097152 --ahs---- C:\Users\User\NTUSER.DAT
2007-05-22 15:05:45 0 dr------- C:\Users\User\Music
2007-05-22 15:05:45 0 dr------- C:\Users\User\Links
2007-05-22 15:05:45 0 dr------- C:\Users\User\Favorites <FAVORI~1>
2007-05-22 15:05:45 0 dr------- C:\Users\User\Downloads <DOWNLO~1>
2007-05-22 15:05:45 0 dr------- C:\Users\User\Documents <DOCUME~1>
2007-05-22 15:05:45 0 dr------- C:\Users\User\Desktop
2007-05-22 15:05:45 0 d--h----- C:\Users\User\AppData


-- Find3M Report ---------------------------------------------------------------

2007-06-14 15:41:54 12 --a------ C:\Windows\bthservsdp.dat
2007-06-14 10:56:28 690832 --a------ C:\Windows\system32\perfh00C.dat
2007-06-14 10:56:28 117572 --a------ C:\Windows\system32\perfc00C.dat
2007-06-13 23:45:03 0 d-------- C:\Users\User\AppData\Roaming\OpenOffice.org2
2007-06-13 16:43:54 0 d-------- C:\Program Files\Windows Mail
2007-06-01 10:56:48 0 d-------- C:\Users\User\AppData\Roaming\U3
2007-05-31 17:01:25 0 d-------- C:\Program Files\PowerForPhone
2007-05-31 13:48:50 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-05-29 22:12:19 0 d-------- C:\Users\User\AppData\Roaming\Lavasoft
2007-05-27 15:51:29 0 d-------- C:\Users\User\AppData\Roaming\XnView
2007-05-25 13:06:22 0 d-------- C:\Users\User\AppData\Roaming\AdobeUM
2007-05-24 19:51:11 0 d-------- C:\Users\User\AppData\Roaming\DivX
2007-05-22 19:08:36 0 d-------- C:\Users\User\AppData\Roaming\Adobe
2007-05-22 19:03:35 0 d-------- C:\Users\User\AppData\Roaming\Google
2007-05-22 15:49:00 0 d-------- C:\Program Files\Windows Defender
2007-05-22 15:42:40 0 d-------- C:\Users\User\AppData\Roaming\Ahead
2007-05-22 15:18:18 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-05-22 15:09:03 0 d-------- C:\Users\User\AppData\Roaming\ATI
2007-05-22 15:08:07 0 d-------- C:\Users\User\AppData\Roaming\Macromedia
2007-05-22 15:06:59 0 d-------- C:\Users\User\AppData\Roaming\Identities
2007-05-22 15:05:57 0 d-------- C:\Users\User\AppData\Roaming\InstallShield
2007-05-11 06:37:15 802816 --a------ C:\Windows\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2007-05-11 06:37:15 823296 --a------ C:\Windows\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2007-05-11 06:37:15 823296 --a------ C:\Windows\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2007-05-11 06:37:15 740442 --a------ C:\Windows\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2007-04-28 07:15:30 0 d-------- C:\Program Files\ATI Technologies
2007-04-28 07:13:08 0 d-------- C:\Program Files\ATI
2007-04-28 06:55:26 0 d-------- C:\Program Files\Common Files\Adobe
2007-04-28 06:46:51 0 d-------- C:\Program Files\ASUS
2007-04-28 06:45:53 0 d-------- C:\Program Files\P4G
2007-04-28 06:45:14 4499453 --a------ C:\Windows\ASUS Camera ScreenSaver.exe <Not Verified; Macromedia, Inc.; Shockwave Flash>
2007-04-28 06:45:13 503808 --a------ C:\Windows\Asus_Camera_ScreenSaver.scr <Not Verified; ScreenTime Media; ScreenTime For Flash>
2007-04-28 06:45:12 12288 --a------ C:\Windows\impborl.dll
2007-04-28 06:45:12 606848 --a------ C:\Windows\flashax.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows NT(R) Operating System>
2007-04-28 06:42:47 0 d-------- C:\Program Files\Synaptics
2007-04-28 06:37:34 0 d-------- C:\Program Files\Common Files\InstallShield
2007-04-28 06:37:01 0 d-------- C:\Program Files\Wireless Console 2
2007-04-28 06:35:48 0 d-------- C:\Program Files\Motorola
2007-04-28 06:34:05 0 d-------- C:\Program Files\Realtek
2007-04-28 06:33:36 0 d-------- C:\Program Files\Attansic
2007-04-28 06:33:09 0 d-------- C:\Program Files\ATKOSD2
2007-04-28 06:32:39 0 d-------- C:\Program Files\ATK Hotkey
2007-04-23 02:15:29 3596288 --a------ C:\Windows\system32\qt-dx331.dll
2007-04-23 02:02:34 196608 --a------ C:\Windows\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2007-04-23 02:02:34 73728 --a------ C:\Windows\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2007-04-23 02:01:47 12288 --a------ C:\Windows\system32\DivXWMPExtType.dll


-- Registry Dump ---------------------------------------------------------------

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
{53707962-6F74-2D53-2644-206D7942484F} C:\PROGRA~1\SPYBOT~1\SDHelper.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Windows Defender"=hex(2):25,50,72,6f,67,72,61,6d,46,69,6c,65,73,25,5c,57,69,\
"RtHDVCpl"="RtHDVCpl.exe"
"SMSERIAL"="C:\\Program Files\\Motorola\\SMSERIAL\\sm56hlpr.exe"
"ATKMEDIA"="C:\\Program Files\\ASUS\\ATK Media\\DMEDIA.EXE"
"ASUSTPE"="C:\\Windows\\system32\\ASUSTPE.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"ASUS Camera ScreenSaver"="C:\\Windows\\ASScrProlog.exe"
"ASUS Screen Saver Protector"="C:\\Windows\\ASScrPro.exe"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"qlgceakfac"="c:\\windows\\system32\\qlgceakfac.exe qlgceakfac"
"MSConfig"="\"C:\\Windows\\system32\\msconfig.exe\" /auto"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"Sidebar"="C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun"
@=""
"StartCCC"="C:\\Program Files\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe"
"ehTray.exe"="C:\\Windows\\ehome\\ehTray.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"=dword:00000002
"ConsentPromptBehaviorUser"=dword:00000001
"EnableInstallerDetection"=dword:00000001
"EnableLUA"=dword:00000001
"EnableSecureUIAPaths"=dword:00000001
"EnableVirtualization"=dword:00000001
"PromptOnSecureDesktop"=dword:00000001
"ValidateAdminCodeSignatures"=dword:00000000
"scforceoption"=dword:00000000
"FilterAdministratorToken"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system\UIPI]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system\UIPI\Clipboard]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system\UIPI\Clipboard\ExceptionFormats]
"CF_TEXT"=dword:00000001
"CF_BITMAP"=dword:00000002
"CF_OEMTEXT"=dword:00000007
"CF_DIB"=dword:00000008
"CF_PALETTE"=dword:00000009
"CF_UNICODETEXT"=dword:0000000d
"CF_DIBV5"=dword:00000011

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="credssp.dll"

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Notification Packages REG_MULTI_SZ scecli\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0tspkg\0\0
Authentication Packages REG_MULTI_SZ msv1_0\0\0

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AppInfo
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\KeyIso
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\NTDS
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\ProfSvc
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sacsvr
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\SWPRV
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\TabletInputService
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\TBS
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\TrustedInstaller
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\volmgr.sys
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\volmgrx.sys
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Adobe Reader Speed Launch.lnk"
"backup"="C:\\Windows\\pss\\Adobe Reader Speed Launch.lnk.CommonStartup"
"location"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~1\\Adobe\\ACROBA~1.0\\Reader\\READER~1.EXE "
"item"="Adobe Reader Speed Launch"
"YEAR"=dword:000007d7
"MONTH"=dword:00000006
"DAY"=dword:00000003
"HOUR"=dword:00000017
"MINUTE"=dword:00000024
"SECOND"=dword:00000026

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Outil de mise à jour Google.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Outil de mise à jour Google.lnk"
"backup"="C:\\Windows\\pss\\Outil de mise à jour Google.lnk.CommonStartup"
"location"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~1\\Google\\GOOGLE~1\\GOOGLE~1.EXE -systray -startup"
"item"="Outil de mise à jour Google"
"YEAR"=dword:000007d7
"MONTH"=dword:00000006
"DAY"=dword:00000003
"HOUR"=dword:00000017
"MINUTE"=dword:00000024
"SECOND"=dword:00000026

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 2.2.lnk]
"path"="C:\\Users\\User\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OpenOffice.org 2.2.lnk"
"backup"="C:\\Windows\\pss\\OpenOffice.org 2.2.lnk.Startup"
"location"="C:\\Users\\User\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~1\\OPENOF~1.2\\program\\QUICKS~1.EXE "
"item"="OpenOffice.org 2.2"
"YEAR"=dword:000007d7
"MONTH"=dword:00000006
"DAY"=dword:00000003
"HOUR"=dword:00000017
"MINUTE"=dword:00000024
"SECOND"=dword:00000026

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X84-X85 Button Manager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Lexmark X84-X85 Button Manager"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\LEXMAR~1\\AcBtnMgr_X84-X85.exe"
"inimapping"="0"
"YEAR"=dword:000007d7
"MONTH"=dword:00000006
"DAY"=dword:00000003
"HOUR"=dword:00000017
"MINUTE"=dword:00000024
"SECOND"=dword:00000026

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Lexmark X84-X85 Button Monitor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Lexmark X84-X85 Button Monitor"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\LEXMAR~1\\ACMonitor_X84-X85.exe"
"inimapping"="0"
"YEAR"=dword:000007d7
"MONTH"=dword:00000006
"DAY"=dword:00000003
"HOUR"=dword:00000017
"MINUTE"=dword:00000024
"SECOND"=dword:00000026

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NeroFilterCheck"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"inimapping"="0"
"YEAR"=dword:000007d7
"MONTH"=dword:00000006
"DAY"=dword:00000003
"HOUR"=dword:00000017
"MINUTE"=dword:00000024
"SECOND"=dword:00000026

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PrinTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PrinTray"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\spool\\DRIVERS\\W32X86\\3\\printray.exe"
"inimapping"="0"
"YEAR"=dword:000007d7
"MONTH"=dword:00000006
"DAY"=dword:00000003
"HOUR"=dword:00000017
"MINUTE"=dword:00000024
"SECOND"=dword:00000026

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="swg"
"hkey"="HKCU"
"command"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"
"inimapping"="0"
"YEAR"=dword:000007d7
"MONTH"=dword:00000006
"DAY"=dword:00000003
"HOUR"=dword:00000017
"MINUTE"=dword:00000024
"SECOND"=dword:00000026

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ nsi\0lltdsvc\0SSDPSRV\0upnphost\0SCardSvr\0w32time\0EventSystem\0RemoteRegistry\0WinHttpAutoProxySvc\0lanmanworkstation\0TBS\0SLUINotify\0THREADORDER\0fdrespub\0netprofm\0fdphost\0wcncsvc\0QWAVE\0Mcx2Svc\0WebClient\0\0
LocalSystemNetworkRestricted REG_MULTI_SZ hidserv\0UxSms\0WdiSystemHost\0Netman\0trkwks\0AudioEndpointBuilder\0WUDFSvc\0irmon\0sysmain\0IPBusEnum\0dot3svc\0PcaSvc\0EMDMgmt\0TabletInputService\0wlansvc\0WPDBusEnum\0\0
NetworkServiceNetworkRestricted REG_MULTI_SZ PolicyAgent\0\0
LocalServiceNoNetwork REG_MULTI_SZ PLA\0DPS\0BFE\0mpssvc\0ehstart\0\0
NetworkService REG_MULTI_SZ CryptSvc\0DHCP\0TermService\0KtmRm\0DNSCache\0NapAgent\0nlasvc\0WinRM\0WECSVC\0Tapisrv\0\0
termsvcs REG_MULTI_SZ TermService\0\0
WerSvcGroup REG_MULTI_SZ wersvc\0\0
swprv REG_MULTI_SZ swprv\0\0
LocalServiceNetworkRestricted REG_MULTI_SZ DHCP\0eventlog\0AudioSrv\0LmHosts\0wscsvc\0p2pimsvc\0PNRPSvc\0p2psvc\0WPCSvc\0PnrpAutoReg\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
regsvc REG_MULTI_SZ RemoteRegistry\0\0
wcssvc REG_MULTI_SZ WcsPlugInService\0\0
DcomLaunch REG_MULTI_SZ PlugPlay\0DcomLaunch\0\0
wdisvc REG_MULTI_SZ WdiServiceHost\0\0
sdrsvc REG_MULTI_SZ sdrsvc\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
secsvcs REG_MULTI_SZ WinDefend\0\0
bthsvcs REG_MULTI_SZ BthServ\0\0

hklm\software\Microsoft\Windows NT\CurrentVersion\Svchost *netsvcs*
AeLookupSvc
wercplsupport
CertPropSvc
SCPolicySvc
gpsvc
IKEEXT
LogonHours
PCAudit
iphlpsvc
AppInfo
msiscsi
MMCSS
ProfSvc
EapHost
SessionEnv
hkmsvc


[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{8944ad7e-100a-11dc-a60f-001bfc3dd75d}]
shell\AutoRun\command H:\LaunchU3.exe -a
*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_NOD32DRV


-- End of Deckard's System Scanner: finished at 2007-06-14 at 20:55:18 ---------
0
Réponse 14 / 23
Utilisateur anonyme
14 juin 2007 à 21:02
Les bestioles sont encore là, tu es sûr d'avoir fait renommé avec blackligt et ensuite supprimé les fichiers ? !

C:\Windows\system32\qlgceakfac_nav.dat
C:\Windows\system32\qlgceakfac_navps.dat
C:\Windows\system32\qlgceakfac.dat
C:\Windows\system32\qlgceakfac.exe
0
Réponse 15 / 23
seb1248
14 juin 2007 à 21:06
et le rapport de blacklight. Séb.

06/14/07 21:00:21 [Info]: BlackLight Engine 1.0.61 initialized
06/14/07 21:00:21 [Info]: OS: 6.0 build 6000 ()
06/14/07 21:00:21 [Note]: 7019 4
06/14/07 21:00:21 [Note]: 7005 0
06/14/07 21:00:22 [Note]: 7006 0
06/14/07 21:00:22 [Note]: 7027 1
06/14/07 21:00:22 [Note]: 7027 0
06/14/07 21:00:23 [Note]: 7026 0
06/14/07 21:00:23 [Note]: 7026 0
06/14/07 21:00:28 [Note]: FSRAW library version 1.7.1021
06/14/07 21:04:30 [Error]: 6023 5
06/14/07 21:04:30 [Note]: 7007 0
0
Réponse 16 / 23
seb1248
17 juin 2007 à 19:43
Bonsoir,
J'ai réellement besoin de votre aide. Ces fenêtres deviennent invivables.
En fait lorsque je surfe, une page avec pour première adresse
em-pc-on-internet apparait et me réorient vers d'autrs sites.
Merci. Séb
0
Réponse 17 / 23
Utilisateur anonyme
17 juin 2007 à 19:51
Je t'ai répondu au message <15> que les bestioles étaient encore dans le PC
0
Réponse 18 / 23
seb1248
17 juin 2007 à 22:44
Bonsoir
En fait j'ai de nuveau scanné avec blacklight mais il ne détecte rien.
merci. Séb
0
Réponse 19 / 23
Utilisateur anonyme
18 juin 2007 à 01:33
Tu as regardé après les fichiers dans ton PC ? les as-tu supprimés ?
0
Réponse 20 / 23
seb1248
18 juin 2007 à 12:59
Bonjour,
j'ai cherché dans la racine les fichiers indiqués et je ne les trouve pas.
C:\Windows\system32\qlgceakfac_nav.dat
C:\Windows\system32\qlgceakfac_navps.dat
C:\Windows\system32\qlgceakfac.dat
C:\Windows\system32\qlgceakfac.exe
Séb
0

Discussions similaires

Problème de clavier, des fenêtre s'ouvrent !!
Lyon691D -
tanteelise -

5 réponses
p0robleme outlook
ghis2000 -
Panth33ra -

1 réponse
Mon pc ouvre des fenetres tout seul
ilvyans -
bugiuglg -

25 réponses
Afficher deux fenêtres côte à côte
ptitchinoise -
pistouri -

11 réponses
Clavier ouvre raccourcis
angellee -
bebou -

9 réponses