Plein de pub!! - Page 2

Précédent
  • 1
  • 2
  1. Utilisateur anonyme
     
    1) Télécharge et installe Malwarebyte's Anti-Malware:

    http://www.malwarebytes.org/mbam/program/mbam-setup.exe

    A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée. >>> clique sur OK
    Lance Malwarebyte's Anti-Malware en double-cliquant sur l'icône sur ton Bureau.

    Au premier lancement, une fenêtre t'annonce que la version est Free >>> clique sur OK

    Laisse les Mises à jour se télécharger
    *** Referme le programme ***

    2) Redémarre en "Mode sans échec"

    Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
    Sélectionner "Mode sans échec" et appuie sur [Entrée]
    Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
    Regarde ici si besoin : https://www.malekal.com/demarrer-windows-mode-sans-echec/

    Ouvre le fichier texte sauvegardé sur le Bureau afin de suivre les instructions comme il faut.

    3) Scan avec Malwarebyte's Anti-Malware

    Lance Malwarebyte's Anti-Malware
    Onglet "Recherche" >>> coche Executer un exame complet >>> Rechercher sélectionne tes disques durs puis clique sur Lancer l’examen
    A la fin du scan >>> clique sur Afficher les résultats puis sur Enregistrer le rapport
    Suppression des éléments détectés >>>>
    supprime ce qu'il a trouvé vide également les éléments de la quarantaine
    S'il t'es demandé de redémarrer >>> clique sur "Yes"

    --> Un rapport de scan s'ouvre, enregistre sur ton Bureau et poste ce rapport en réponse.

    quand tu demande une analyse, demande en mode sans échec.

    Pourquoi en mode sans échec:

    *Car déjà l'analyse cherche plus de fichiers en mode sans échec que en mode normal.
    *Et aussi en mode normal les virus ( trojans, cheval de troie, vers, spywares , malwares et autres ... sont actif) donc ne se supprimes pas donc ils faut le faire en mode sans échec .1) Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.

    0
    1. liroi Messages postés 75 Date d'inscription   Statut Membre Dernière intervention  
       
      voila le rapport
      Malwarebytes' Anti-Malware 1.24
      Version de la base de données: 1030
      Windows 6.0.6001 Service Pack 1

      13:22:47 07.08.2008
      mbam-log-8-7-2008 (13-22-47).txt

      Type de recherche: Examen complet (C:\|D:\|)
      Eléments examinés: 121507
      Temps écoulé: 1 hour(s), 19 minute(s), 11 second(s)

      Processus mémoire infecté(s): 0
      Module(s) mémoire infecté(s): 0
      Clé(s) du Registre infectée(s): 1
      Valeur(s) du Registre infectée(s): 0
      Elément(s) de données du Registre infecté(s): 0
      Dossier(s) infecté(s): 1
      Fichier(s) infecté(s): 2

      Processus mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Module(s) mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Clé(s) du Registre infectée(s):
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\adzgalore (Adware.Agent) -> Quarantined and deleted successfully.

      Valeur(s) du Registre infectée(s):
      (Aucun élément nuisible détecté)

      Elément(s) de données du Registre infecté(s):
      (Aucun élément nuisible détecté)

      Dossier(s) infecté(s):
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware-Secure (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.

      Fichier(s) infecté(s):
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware-Secure\Spyware-Secure trial.lnk (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
      C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware-Secure\Website.lnk (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
      0
  2. Utilisateur anonyme
     
    ok

    reposte un log hijackthis stp
    0
    1. liroi Messages postés 75 Date d'inscription   Statut Membre Dernière intervention  
       
      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 13:33:07, on 07.08.2008
      Platform: Windows Vista SP1 (WinNT 6.00.1905)
      MSIE: Internet Explorer v7.00 (7.00.6001.18000)
      Boot mode: Normal

      Running processes:
      C:\Windows\system32\taskeng.exe
      C:\Windows\system32\Dwm.exe
      C:\Windows\Explorer.EXE
      C:\Program Files\Windows Defender\MSASCui.exe
      C:\Windows\System32\igfxtray.exe
      C:\Windows\System32\hkcmd.exe
      C:\Windows\System32\igfxpers.exe
      C:\Windows\RtHDVCpl.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
      C:\Acer\Empowering Technology\EDSMSNFIX.EXE
      C:\Program Files\Launch Manager\LManager.exe
      C:\Windows\vVX3000.exe
      C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
      C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
      C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
      C:\Program Files\Grisoft\AVG7\avgcc.exe
      C:\Program Files\MSN Messenger\msnmsgr.exe
      C:\Windows\ehome\ehtray.exe
      C:\Program Files\Picasa2\PicasaMediaDetector.exe
      C:\Program Files\Windows Sidebar\sidebar.exe
      C:\Windows\system32\wbem\unsecapp.exe
      C:\Program Files\Ares\Ares.exe
      C:\Program Files\Windows Media Player\wmpnscfg.exe
      C:\Program Files\Skype\Phone\Skype.exe
      C:\Program Files\Palm\Hotsync.exe
      C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
      C:\Windows\ehome\ehmsas.exe
      C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
      C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
      C:\Program Files\Sony Corporation\VirtualExpander\VirtualExpander.exe
      C:\Windows\system32\igfxext.exe
      C:\Windows\system32\igfxsrvc.exe
      C:\Users\MARIAJ~1\AppData\Local\Temp\RtkBtMnt.exe
      C:\Program Files\Windows Sidebar\sidebar.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Program Files\IncrediMail\bin\IMApp.exe
      C:\Windows\system32\SearchFilterHost.exe
      C:\Users\mariajose\Desktop\HijackThis.exe
      C:\Users\mariajose\Desktop\HijackThis.exe

      O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
      O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
      O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
      0
  3. Utilisateur anonyme
     
    le rapport est pas complet merci de le refaire
    0
    1. liroi Messages postés 75 Date d'inscription   Statut Membre Dernière intervention  
       
      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 13:57:07, on 07.08.2008
      Platform: Windows Vista SP1 (WinNT 6.00.1905)
      MSIE: Internet Explorer v7.00 (7.00.6001.18000)
      Boot mode: Normal

      Running processes:
      C:\Windows\system32\taskeng.exe
      C:\Windows\system32\Dwm.exe
      C:\Windows\Explorer.EXE
      C:\Program Files\Windows Defender\MSASCui.exe
      C:\Windows\System32\igfxtray.exe
      C:\Windows\System32\hkcmd.exe
      C:\Windows\System32\igfxpers.exe
      C:\Windows\RtHDVCpl.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
      C:\Acer\Empowering Technology\EDSMSNFIX.EXE
      C:\Program Files\Launch Manager\LManager.exe
      C:\Windows\vVX3000.exe
      C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
      C:\Windows\system32\wbem\unsecapp.exe
      C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
      C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
      C:\Program Files\Grisoft\AVG7\avgcc.exe
      C:\Program Files\MSN Messenger\msnmsgr.exe
      C:\Windows\ehome\ehtray.exe
      C:\Program Files\Picasa2\PicasaMediaDetector.exe
      C:\Program Files\Windows Sidebar\sidebar.exe
      C:\Program Files\Ares\Ares.exe
      C:\Program Files\Windows Media Player\wmpnscfg.exe
      C:\Program Files\Skype\Phone\Skype.exe
      C:\Program Files\Palm\Hotsync.exe
      C:\Windows\ehome\ehmsas.exe
      C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
      C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
      C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
      C:\Program Files\Sony Corporation\VirtualExpander\VirtualExpander.exe
      C:\Windows\system32\igfxext.exe
      C:\Windows\system32\igfxsrvc.exe
      C:\Program Files\IncrediMail\bin\IMApp.exe
      C:\Program Files\Windows Sidebar\sidebar.exe
      C:\Windows\system32\SearchFilterHost.exe
      C:\Users\mariajose\Desktop\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
      O1 - Hosts: ::1 localhost
      O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
      O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
      O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - (no file)
      O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
      O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
      O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
      O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
      O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
      O4 - HKLM\..\Run: [eDSMSNfix] C:\Acer\Empowering Technology\eDSMSNfix.exe
      O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
      O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
      O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
      O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
      O4 - HKLM\..\Run: [VX3000] C:\Windows\vVX3000.exe
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
      O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
      O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
      O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
      O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
      O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
      O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
      O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
      O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
      O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
      O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
      O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
      O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
      O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
      O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
      O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
      O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
      O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
      O4 - Startup: VirtualExpander.lnk = C:\Users\mariajose\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
      O4 - Global Startup: Empowering Technology Launcher.lnk = ?
      O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe
      O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
      O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
      O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
      O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O17 - HKLM\System\CCS\Services\Tcpip\..\{C8355408-E9C6-47BF-BAC6-0EE3A73BAE41}: NameServer = 195.186.1.111,195.186.4.111
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
      O20 - AppInit_DLLs: eNetHook.dll
      O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
      O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
      O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
      O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
      O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
      O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
      O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
      O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
      O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
      O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
      O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
      O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
      O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
      O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
      O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
      O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
      O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
      O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
      0
  4. Utilisateur anonyme
     
    il en reste encore

    prend ce lien

    https://sites.google.com/site/eric71mespages/lop.sd.exe

    et fait l'option 1 ensuite poste le rapport
    0
    1. liroi Messages postés 75 Date d'inscription   Statut Membre Dernière intervention  
       
      --------------------\\ Lop S&D 4.2.2-5 XP/Vista

      [ Windows VISTA (NT 6.0) Workstation Build 6001, Service Pack 1 ]
      [ USER : mariajose ] [ "C:\Lop SD" ] [ Selection : 1 ]
      [ 07.08.2008 | 18:33:27.20 ] [ PC : PC-DE-MARIAJOSE ]
      [ MAJ : 01-08-2008 | 01:40 ]
      [ UAC => 0 ]

      --------------------\\ Listing des dossiers dans Local

      [16.06.2008|10:31] C:\Users\MARIAJ~1\AppData\Local\ACD Systems
      [22.03.2008|00:02] C:\Users\MARIAJ~1\AppData\Local\acer eNM
      [06.07.2008|23:40] C:\Users\MARIAJ~1\AppData\Local\Adobe
      [05.05.2008|19:18] C:\Users\MARIAJ~1\AppData\Local\Ahead
      [03.01.2008|15:30] C:\Users\MARIAJ~1\AppData\Local\Apple
      [16.07.2008|08:24] C:\Users\MARIAJ~1\AppData\Local\Apple Computer
      [18.12.2007|21:53] C:\Users\MARIAJ~1\AppData\Local\Application Data
      [24.06.2008|09:06] C:\Users\MARIAJ~1\AppData\Local\Ares
      [15.02.2008|13:18] C:\Users\MARIAJ~1\AppData\Local\Corel Photo Album
      [21.06.2008|16:00] C:\Users\MARIAJ~1\AppData\Local\d3d9caps.dat
      [03.08.2008|14:12] C:\Users\MARIAJ~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [19.07.2008|16:49] C:\Users\MARIAJ~1\AppData\Local\Downloaded Installations
      [19.01.2008|20:19] C:\Users\MARIAJ~1\AppData\Local\DownloadLog.txt
      [02.08.2008|10:37] C:\Users\MARIAJ~1\AppData\Local\eMule
      [07.06.2008|19:09] C:\Users\MARIAJ~1\AppData\Local\GDIPFONTCACHEV1.DAT
      [19.01.2008|12:46] C:\Users\MARIAJ~1\AppData\Local\Google
      [07.01.2008|23:14] C:\Users\MARIAJ~1\AppData\Local\HaCon
      [18.12.2007|21:53] C:\Users\MARIAJ~1\AppData\Local\Historique
      [07.08.2008|17:59] C:\Users\MARIAJ~1\AppData\Local\IconCache.db
      [03.02.2008|19:26] C:\Users\MARIAJ~1\AppData\Local\IM
      [06.08.2008|17:38] C:\Users\MARIAJ~1\AppData\Local\ircpaaf.bat
      [07.06.2008|19:09] C:\Users\MARIAJ~1\AppData\Local\Logiciel de commande Fujicolor
      [01.01.2008|14:29] C:\Users\MARIAJ~1\AppData\Local\Magentic
      [02.03.2008|19:50] C:\Users\MARIAJ~1\AppData\Local\MCE Deluxe Suite
      [06.08.2008|18:48] C:\Users\MARIAJ~1\AppData\Local\Microsoft
      [09.03.2008|23:03] C:\Users\MARIAJ~1\AppData\Local\Microsoft Games
      [05.07.2008|19:59] C:\Users\MARIAJ~1\AppData\Local\Microsoft Help
      [19.12.2007|00:18] C:\Users\MARIAJ~1\AppData\Local\Mozilla
      [23.03.2008|23:51] C:\Users\MARIAJ~1\AppData\Local\Octoshape
      [20.02.2008|21:53] C:\Users\MARIAJ~1\AppData\Local\OLYMPUS
      [07.07.2008|11:46] C:\Users\MARIAJ~1\AppData\Local\piratrax
      [02.03.2008|19:50] C:\Users\MARIAJ~1\AppData\Local\PowerCinema
      [22.03.2008|11:52] C:\Users\MARIAJ~1\AppData\Local\RapidSolution
      [14.05.2008|10:36] C:\Users\MARIAJ~1\AppData\Local\Shareaza
      [23.01.2008|11:03] C:\Users\MARIAJ~1\AppData\Local\Sony Corporation
      [07.08.2008|18:32] C:\Users\MARIAJ~1\AppData\Local\Temp
      [18.12.2007|21:53] C:\Users\MARIAJ~1\AppData\Local\Temporary Internet Files
      [03.05.2008|20:39] C:\Users\MARIAJ~1\AppData\Local\TVU Networks
      [19.12.2007|19:13] C:\Users\MARIAJ~1\AppData\Local\VirtualStore
      [06.01.2008|14:39] C:\Users\MARIAJ~1\AppData\Local\Xara
      [28.07.2008|21:40] C:\Users\MARIAJ~1\AppData\Local\Zattoo
      [10.06.2008|15:44] C:\Users\MARIAJ~1\AppData\Local\ZattooPlayer

      --------------------\\ Tâches planifiées dans C:\Windows\tasks

      [07.08.2008 10:36][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{54F5BB1E-258E-4285-86DE-AE544FA29283}.job
      [20.12.2007 13:55][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
      [07.08.2008 18:01][--ah-----] C:\Windows\tasks\SA.DAT
      [07.08.2008 18:00][--a------] C:\Windows\tasks\SCHEDLGU.TXT

      --------------------\\ Listing des dossiers dans C:\ProgramData

      [27.03.2007|14:37] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
      [16.06.2008|10:24] C:\ProgramData\ACD Systems
      [10.02.2008|18:29] C:\ProgramData\Adobe
      [05.05.2008|18:12] C:\ProgramData\Ahead
      [03.01.2008|15:30] C:\ProgramData\Apple
      [12.06.2008|12:05] C:\ProgramData\Apple Computer
      [02.11.2006|15:02] C:\ProgramData\Application Data
      [05.08.2008|22:50] C:\ProgramData\avg7
      [18.12.2007|21:49] C:\ProgramData\Bureau
      [25.03.2008|20:43] C:\ProgramData\CheckPoint
      [05.05.2008|17:34] C:\ProgramData\CyberLink
      [02.11.2006|15:02] C:\ProgramData\Desktop
      [02.11.2006|15:02] C:\ProgramData\Documents
      [12.02.2008|17:03] C:\ProgramData\Downloaded Installations
      [22.02.2008|20:17] C:\ProgramData\Emjysoft
      [02.08.2008|10:38] C:\ProgramData\eMule
      [04.06.2008|22:27] C:\ProgramData\ezsidmv.dat
      [18.12.2007|21:49] C:\ProgramData\Favoris
      [02.11.2006|15:02] C:\ProgramData\Favorites
      [04.01.2008|17:00] C:\ProgramData\Gogii
      [21.12.2007|13:59] C:\ProgramData\Google
      [07.08.2008|15:39] C:\ProgramData\Google Updater
      [19.05.2008|11:21] C:\ProgramData\Grisoft
      [07.01.2008|23:14] C:\ProgramData\HaCon
      [15.03.2008|12:01] C:\ProgramData\HotSync
      [20.05.2008|09:25] C:\ProgramData\IM
      [19.12.2007|17:58] C:\ProgramData\IncrediMail
      [12.02.2008|16:58] C:\ProgramData\Installations
      [18.12.2007|21:54] C:\ProgramData\InstallShield
      [07.08.2008|11:54] C:\ProgramData\Malwarebytes
      [18.12.2007|21:49] C:\ProgramData\Menu D‚marrer
      [28.02.2008|21:49] C:\ProgramData\Microsoft
      [23.07.2008|09:28] C:\ProgramData\Microsoft Help
      [18.12.2007|21:49] C:\ProgramData\ModŠles
      [12.02.2008|16:53] C:\ProgramData\NCCD.log
      [12.02.2008|17:42] C:\ProgramData\PC Suite
      [04.06.2008|22:25] C:\ProgramData\Skype
      [19.02.2008|23:17] C:\ProgramData\Spybot - Search & Destroy
      [02.11.2006|15:02] C:\ProgramData\Start Menu
      [25.03.2008|20:25] C:\ProgramData\Symantec
      [22.03.2008|10:05] C:\ProgramData\TEMP
      [02.11.2006|15:02] C:\ProgramData\Templates
      [11.05.2008|18:54] C:\ProgramData\TVU Networks
      [18.06.2008|13:17] C:\ProgramData\WindowsSearch
      [24.07.2008|13:28] C:\ProgramData\WLInstaller
      [19.12.2007|19:11] C:\ProgramData\Yahoo! Companion
      [19.01.2008|20:24] C:\ProgramData\Zylom

      --------------------\\ Listing des dossiers dans C:\Program Files

      [23.03.2008|16:59] C:\Program Files\21cn
      [21.12.2007|22:24] C:\Program Files\7-Zip
      [16.06.2008|10:24] C:\Program Files\ACD Systems
      [27.03.2007|14:14] C:\Program Files\Acer Arcade Deluxe
      [18.12.2007|22:06] C:\Program Files\Acer Inc
      [27.03.2007|14:37] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
      [14.07.2008|16:53] C:\Program Files\Adobe
      [18.02.2008|01:40] C:\Program Files\adslTV
      [05.05.2008|19:19] C:\Program Files\Ahead
      [15.07.2008|19:35] C:\Program Files\Apple Software Update
      [07.07.2008|14:09] C:\Program Files\Ares
      [04.07.2008|18:18] C:\Program Files\BitTorrent
      [19.06.2008|12:04] C:\Program Files\Bonjour
      [15.02.2008|22:43] C:\Program Files\CCleaner
      [17.06.2008|20:31] C:\Program Files\Common Files
      [27.03.2007|13:36] C:\Program Files\CONEXANT
      [12.02.2008|18:28] C:\Program Files\Corel
      [27.03.2007|13:51] C:\Program Files\CyberLink
      [02.08.2008|10:28] C:\Program Files\Decalage
      [12.06.2008|19:59] C:\Program Files\desktop.ini
      [12.02.2008|17:42] C:\Program Files\DIFX
      [10.06.2008|09:54] C:\Program Files\Digitalway
      [09.02.2008|16:47] C:\Program Files\DreamMail4
      [02.08.2008|10:37] C:\Program Files\eMule
      [18.12.2007|21:49] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
      [04.03.2008|00:20] C:\Program Files\Free Audio Pack
      [15.07.2008|10:46] C:\Program Files\Google
      [05.08.2008|23:09] C:\Program Files\Grisoft
      [24.07.2008|11:54] C:\Program Files\IncrediMail
      [08.06.2008|15:30] C:\Program Files\InstallShield Installation Information
      [27.03.2007|13:15] C:\Program Files\Intel
      [12.06.2008|19:43] C:\Program Files\Internet Explorer
      [20.07.2008|12:45] C:\Program Files\Java
      [22.03.2008|21:13] C:\Program Files\JLC's Software
      [18.12.2007|21:56] C:\Program Files\Launch Manager
      [10.07.2008|18:31] C:\Program Files\LimeWire
      [03.03.2008|16:33] C:\Program Files\Macrogaming
      [02.11.2006|14:37] C:\Program Files\Microsoft Games
      [13.01.2008|13:13] C:\Program Files\Microsoft LifeCam
      [21.12.2007|12:29] C:\Program Files\Microsoft Office
      [02.01.2008|19:47] C:\Program Files\Microsoft SQL Server Compact Edition
      [08.03.2008|12:49] C:\Program Files\Microsoft Visual Studio
      [21.12.2007|12:24] C:\Program Files\Microsoft Visual Studio 8
      [22.03.2008|00:02] C:\Program Files\Microsoft Works
      [21.12.2007|12:28] C:\Program Files\Microsoft.NET
      [12.06.2008|19:43] C:\Program Files\Movie Maker
      [17.07.2008|09:05] C:\Program Files\Mozilla Firefox
      [08.03.2008|12:49] C:\Program Files\MSBuild
      [24.07.2008|12:56] C:\Program Files\MSN Messenger
      [19.12.2007|20:16] C:\Program Files\MSXML 4.0
      [07.08.2008|14:18] C:\Program Files\Navilog1
      [27.03.2007|13:49] C:\Program Files\NewTech Infosystems
      [20.02.2008|21:31] C:\Program Files\OLYMPUS
      [22.03.2008|00:02] C:\Program Files\Palm
      [03.07.2008|20:16] C:\Program Files\PhotoFiltre
      [20.05.2008|12:26] C:\Program Files\Picasa2
      [10.07.2008|10:56] C:\Program Files\Piratrax
      [12.06.2008|12:06] C:\Program Files\QuickTime
      [08.06.2008|15:35] C:\Program Files\Real
      [08.06.2008|15:34] C:\Program Files\Real Alternative
      [27.03.2007|13:26] C:\Program Files\Realtek
      [02.11.2006|14:37] C:\Program Files\Reference Assemblies
      [03.03.2008|16:33] C:\Program Files\RegCleaner
      [04.01.2008|16:55] C:\Program Files\RngInterstitial.dll
      [21.05.2008|11:12] C:\Program Files\Simnor World Clock Version 1.0
      [04.06.2008|22:25] C:\Program Files\Skype
      [27.03.2007|13:47] C:\Program Files\SMSC
      [23.01.2008|11:04] C:\Program Files\Sony Corporation
      [19.02.2008|23:21] C:\Program Files\Spybot - Search & Destroy
      [20.07.2008|12:46] C:\Program Files\Sun
      [27.03.2007|13:30] C:\Program Files\Synaptics
      [15.02.2008|21:55] C:\Program Files\ToniArts
      [07.01.2008|22:47] C:\Program Files\TWIXTEL
      [02.11.2006|15:01] C:\Program Files\Uninstall Information
      [12.06.2008|19:43] C:\Program Files\Windows Calendar
      [12.06.2008|19:43] C:\Program Files\Windows Collaboration
      [12.06.2008|19:42] C:\Program Files\Windows Defender
      [12.06.2008|19:43] C:\Program Files\Windows Journal
      [02.01.2008|19:49] C:\Program Files\Windows Live
      [20.12.2007|13:54] C:\Program Files\Windows Live Favorites
      [20.12.2007|13:55] C:\Program Files\Windows Live Toolbar
      [12.06.2008|19:43] C:\Program Files\Windows Mail
      [12.06.2008|19:43] C:\Program Files\Windows Media Player
      [18.12.2007|21:49] C:\Program Files\Windows NT
      [12.06.2008|19:42] C:\Program Files\Windows Photo Gallery
      [12.06.2008|19:43] C:\Program Files\Windows Sidebar
      [14.03.2008|21:11] C:\Program Files\WinRAR
      [03.03.2008|16:33] C:\Program Files\worldTVRT
      [06.01.2008|14:37] C:\Program Files\Xara
      [18.12.2007|21:54] C:\Program Files\Yahoo!
      [28.07.2008|21:38] C:\Program Files\Zattoo
      [25.03.2008|20:43] C:\Program Files\Zone Labs

      --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

      [16.06.2008|10:24] C:\Program Files\Common Files\ACD Systems
      [14.07.2008|16:53] C:\Program Files\Common Files\Adobe
      [05.05.2008|19:19] C:\Program Files\Common Files\Ahead
      [12.06.2008|12:00] C:\Program Files\Common Files\Apple
      [17.06.2008|20:32] C:\Program Files\Common Files\Corel
      [08.03.2008|12:49] C:\Program Files\Common Files\DESIGNER
      [18.12.2007|21:54] C:\Program Files\Common Files\InstallShield
      [18.02.2008|12:14] C:\Program Files\Common Files\Java
      [27.03.2007|13:49] C:\Program Files\Common Files\LightScribe
      [18.07.2008|14:19] C:\Program Files\Common Files\microsoft shared
      [27.03.2007|13:48] C:\Program Files\Common Files\muvee Technologies
      [05.05.2008|19:12] C:\Program Files\Common Files\Nero
      [27.03.2007|13:49] C:\Program Files\Common Files\NewTech Infosystems
      [25.02.2008|00:07] C:\Program Files\Common Files\Real
      [02.11.2006|13:18] C:\Program Files\Common Files\Services
      [04.06.2008|22:25] C:\Program Files\Common Files\Skype
      [02.11.2006|13:18] C:\Program Files\Common Files\SpeechEngines
      [25.03.2008|20:30] C:\Program Files\Common Files\Symantec Shared
      [23.03.2008|16:59] C:\Program Files\Common Files\Synacast
      [12.06.2008|19:42] C:\Program Files\Common Files\System
      [24.07.2008|09:25] C:\Program Files\Common Files\WindowsLiveInstaller
      [17.01.2008|14:50] C:\Program Files\Common Files\Wise Installation Wizard
      [06.01.2008|14:37] C:\Program Files\Common Files\Xara
      [25.02.2008|00:07] C:\Program Files\Common Files\xing shared

      --------------------\\ Process

      ( 91 Processus )

      ... OK !

      --------------------\\ Recherche avec S_Lop

      Aucun fichier / dossier Lop trouvé !

      --------------------\\ Recherche de Fichiers / Dossiers Lop

      Aucun fichier / dossier Lop trouvé !

      --------------------\\ Verification du Registre

      ..... OK !

      --------------------\\ Verification du fichier Hosts

      Fichier Hosts PROPRE


      --------------------\\ Recherche de fichiers avec Catchme

      catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-08-07 18:33:39
      Windows 6.0.6001 Service Pack 1 NTFS
      scanning hidden processes ...
      scanning hidden files ...
      scan completed successfully
      hidden processes: 0
      hidden files: 3

      --------------------\\ Recherche d'autres infections

      --------------------\\ Cracks & Keygens ..

      => C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\ACDSee.9.Photo.Manager.9.0.55.Multi.Spanish.+.Crack.by.EVCDGroup.WwW.EliteVCD.CoM (2).lnk
      => C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\ACDSee.9.Photo.Manager.9.0.55.Multi.Spanish.+.Crack.by.EVCDGroup.WwW.EliteVCD.CoM.lnk
      => C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\Corel Paint Shop Pro Photo XI v.11.0 Multilanguaje + extras + keygen.rar.lnk
      => C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\incredimail xe premium 5 0 0 build 2206 crack spanish espa¤ol 1 02 06 by paranoico.lnk
      => C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\IncrediMail.Xe.Premium.5.0.0.Build.2206.Crack.Spanish.Espa¤ol.1.02.06.By.PaRaNoiCo (2).lnk
      => C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\IncrediMail.Xe.Premium.5.0.0.Build.2206.Crack.Spanish.Espa¤ol.1.02.06.By.PaRaNoiCo.lnk
      => C:\Users\MARIAJ~1\Downloads\eMule\Incoming\AcdSee 10 + crack Fr.zip


      [F:162][D:15]-> C:\Users\MARIAJ~1\AppData\Local\Temp
      [F:7][D:1]-> C:\Users\MARIAJ~1\AppData\Roaming\MICROS~1\Windows\Cookies
      [F:62][D:4]-> C:\Users\MARIAJ~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
      [F:70][D:2]-> C:\$Recycle.Bin

      --------------------\\ Fin du rapport a 18:35:32.27
      [ UAC => 1 ]
      0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. Utilisateur anonyme
     
    relance lop sd et fait option 2 ensuite poste le rapport
    0
  7. Michael-75 Messages postés 200 Statut Membre 20
     
    Salut,

    1. Tu paies Norton ou c’est en essaie?
    2. Ouvre une page Internet et dans (outils->option internet), dans le cadre tu vire toutes les adresses. Tu tape www.google.fr, tu valide tu sors.(si tu les veux ces pages tu les met dans favoris).
    3. Via panneau de configuration dans « ajout/suppression de programmes », tu désinstalle « Yahoo toolbar » et « Ask toolbar ».
    4. Tu as un logiciel de téléchargement sur ton pc (si oui lequel ?)? Tu l’as installé toi-même ?(le virus est entré par là).
    En pratique si tu désinstalle ce logiciel et un autre qui l’accompagne tu résolut le problème. Mais si tu veux à tout prix le garder on va essayer. En sachant que ton pc risque à tout moment de s’infecter. Est ce que tu veux le garder?

    Une fois que tu as fait ces opérations tu redémarre ton pc. Relance « hijack this » et poste le nouveau rapport.

    A+.
    0
    1. Utilisateur anonyme
       
      bonjour

      4. Tu as un logiciel de téléchargement sur ton pc (si oui lequel ?)? Tu l’as installé toi-même ?(le virus est entré par là).

      je voudrais pas d'offenser mais si tu regarde bien le rapport il y a emule et bittorrent
      0
      1. liroi Messages postés 75 Date d'inscription   Statut Membre Dernière intervention   > Utilisateur anonyme
         
        oui tu as raison, je viens de le voir, je ne me suis pas aperçu avant, je pense que il devait etre installee quand je l'ai achetér, car je l'ai pris en ocassion. j'ai supprimer e-mule mais l'autre programme je n'arrive pas. ici je t'envoi le rapport.
        Logfile of Trend Micro HijackThis v2.0.2
        Scan saved at 15:28:07, on 08.08.2008
        Platform: Windows Vista SP1 (WinNT 6.00.1905)
        MSIE: Internet Explorer v7.00 (7.00.6001.18000)
        Boot mode: Normal

        Running processes:
        C:\Windows\system32\taskeng.exe
        C:\Windows\system32\Dwm.exe
        C:\Windows\Explorer.EXE
        C:\Program Files\Windows Defender\MSASCui.exe
        C:\Windows\System32\igfxtray.exe
        C:\Windows\System32\hkcmd.exe
        C:\Windows\System32\igfxpers.exe
        C:\Windows\RtHDVCpl.exe
        C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
        C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
        C:\Acer\Empowering Technology\EDSMSNFIX.EXE
        C:\Program Files\Launch Manager\LManager.exe
        C:\Windows\vVX3000.exe
        C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
        C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
        C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
        C:\Program Files\Grisoft\AVG7\avgcc.exe
        C:\Program Files\MSN Messenger\msnmsgr.exe
        C:\Windows\ehome\ehtray.exe
        C:\Program Files\Picasa2\PicasaMediaDetector.exe
        C:\Program Files\Windows Sidebar\sidebar.exe
        C:\Windows\ehome\ehmsas.exe
        C:\Program Files\Ares\Ares.exe
        C:\Program Files\Windows Media Player\wmpnscfg.exe
        C:\Program Files\Skype\Phone\Skype.exe
        C:\Program Files\Palm\Hotsync.exe
        C:\Users\mariajose\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
        C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
        C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
        C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
        C:\Windows\system32\wbem\unsecapp.exe
        C:\Windows\system32\igfxext.exe
        C:\Windows\system32\igfxsrvc.exe
        C:\Users\MARIAJ~1\AppData\Local\Temp\RtkBtMnt.exe
        C:\Program Files\IncrediMail\bin\IMApp.exe
        C:\Program Files\Windows Sidebar\sidebar.exe
        C:\Program Files\Mozilla Firefox\firefox.exe
        C:\Users\mariajose\Desktop\HijackThis.exe
        C:\Users\mariajose\Desktop\HijackThis.exe
        C:\Windows\system32\rundll32.exe

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
        R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
        R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
        R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
        R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
        R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
        O1 - Hosts: ::1 localhost
        O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
        O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
        O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
        O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
        O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
        O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
        O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
        O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
        O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
        O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
        O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - (no file)
        O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
        O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
        O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
        O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
        O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
        O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
        O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
        O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
        O4 - HKLM\..\Run: [eDSMSNfix] C:\Acer\Empowering Technology\eDSMSNfix.exe
        O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
        O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
        O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
        O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
        O4 - HKLM\..\Run: [VX3000] C:\Windows\vVX3000.exe
        O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
        O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
        O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
        O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
        O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
        O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
        O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
        O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
        O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
        O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
        O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
        O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
        O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
        O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
        O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
        O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
        O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
        O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
        O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
        O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
        O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
        O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
        O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
        O4 - Startup: VirtualExpander.lnk = C:\Users\mariajose\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
        O4 - Global Startup: Empowering Technology Launcher.lnk = ?
        O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe
        O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
        O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
        O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
        O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
        O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
        O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
        O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
        O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
        O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
        O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
        O17 - HKLM\System\CCS\Services\Tcpip\..\{C8355408-E9C6-47BF-BAC6-0EE3A73BAE41}: NameServer = 195.186.1.111,195.186.4.111
        O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
        O20 - AppInit_DLLs: eNetHook.dll
        O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
        O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
        O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
        O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
        O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
        O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
        O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
        O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
        O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
        O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
        O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
        O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
        O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
        O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
        O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
        O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
        O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
        O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
        O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
        O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
        O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
        O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
        O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
        0
  8. Michael-75 Messages postés 200 Statut Membre 20
     
    Exact!
    0
  9. Utilisateur anonyme
     
    poste le rapport de lop sd stp

    as tu virer tes cracks ?

    C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\ACDSee.9.Photo.Manager.9.0.55.Multi.Spanish.+.Crack.by.EVCDGroup.WwW.EliteVCD.CoM (2).lnk
    => C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\ACDSee.9.Photo.Manager.9.0.55.Multi.Spanish.+.Crack.by.EVCDGroup.WwW.EliteVCD.CoM.lnk
    => C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\Corel Paint Shop Pro Photo XI v.11.0 Multilanguaje + extras + keygen.rar.lnk
    => C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\incredimail xe premium 5 0 0 build 2206 crack spanish espa¤ol 1 02 06 by paranoico.lnk
    => C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\IncrediMail.Xe.Premium.5.0.0.Build.2206.Crack.Spanish.Espa¤ol.1.02.06.By.PaRaNoiCo (2).lnk
    => C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\IncrediMail.Xe.Premium.5.0.0.Build.2206.Crack.Spanish.Espa¤ol.1.02.06.By.PaRaNoiCo.lnk
    => C:\Users\MARIAJ~1\Downloads\eMule\Incoming\AcdSee 10 + crack Fr.zip

    0
    1. liroi Messages postés 75 Date d'inscription   Statut Membre Dernière intervention  
       
      Je ne sais pas comment virer les cracks
      --------------------\\ Lop S&D 4.2.2-5 XP/Vista

      [ Windows VISTA (NT 6.0) Workstation Build 6001, Service Pack 1 ]
      [ USER : mariajose ] [ "C:\Lop SD" ] [ Selection : 1 ]
      [ 08.08.2008 | 16:02:34.74 ] [ PC : PC-DE-MARIAJOSE ]
      [ MAJ : 01-08-2008 | 01:40 ]
      [ UAC => 0 ]

      --------------------\\ Listing des dossiers dans Local

      [16.06.2008|10:31] C:\Users\MARIAJ~1\AppData\Local\ACD Systems
      [22.03.2008|00:02] C:\Users\MARIAJ~1\AppData\Local\acer eNM
      [06.07.2008|23:40] C:\Users\MARIAJ~1\AppData\Local\Adobe
      [05.05.2008|19:18] C:\Users\MARIAJ~1\AppData\Local\Ahead
      [03.01.2008|15:30] C:\Users\MARIAJ~1\AppData\Local\Apple
      [16.07.2008|08:24] C:\Users\MARIAJ~1\AppData\Local\Apple Computer
      [18.12.2007|21:53] C:\Users\MARIAJ~1\AppData\Local\Application Data
      [24.06.2008|09:06] C:\Users\MARIAJ~1\AppData\Local\Ares
      [15.02.2008|13:18] C:\Users\MARIAJ~1\AppData\Local\Corel Photo Album
      [08.08.2008|14:13] C:\Users\MARIAJ~1\AppData\Local\d3d9caps.dat
      [03.08.2008|14:12] C:\Users\MARIAJ~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [19.07.2008|16:49] C:\Users\MARIAJ~1\AppData\Local\Downloaded Installations
      [19.01.2008|20:19] C:\Users\MARIAJ~1\AppData\Local\DownloadLog.txt
      [07.06.2008|19:09] C:\Users\MARIAJ~1\AppData\Local\GDIPFONTCACHEV1.DAT
      [19.01.2008|12:46] C:\Users\MARIAJ~1\AppData\Local\Google
      [07.01.2008|23:14] C:\Users\MARIAJ~1\AppData\Local\HaCon
      [18.12.2007|21:53] C:\Users\MARIAJ~1\AppData\Local\Historique
      [08.08.2008|15:57] C:\Users\MARIAJ~1\AppData\Local\IconCache.db
      [03.02.2008|19:26] C:\Users\MARIAJ~1\AppData\Local\IM
      [06.08.2008|17:38] C:\Users\MARIAJ~1\AppData\Local\ircpaaf.bat
      [07.06.2008|19:09] C:\Users\MARIAJ~1\AppData\Local\Logiciel de commande Fujicolor
      [01.01.2008|14:29] C:\Users\MARIAJ~1\AppData\Local\Magentic
      [02.03.2008|19:50] C:\Users\MARIAJ~1\AppData\Local\MCE Deluxe Suite
      [06.08.2008|18:48] C:\Users\MARIAJ~1\AppData\Local\Microsoft
      [09.03.2008|23:03] C:\Users\MARIAJ~1\AppData\Local\Microsoft Games
      [05.07.2008|19:59] C:\Users\MARIAJ~1\AppData\Local\Microsoft Help
      [19.12.2007|00:18] C:\Users\MARIAJ~1\AppData\Local\Mozilla
      [23.03.2008|23:51] C:\Users\MARIAJ~1\AppData\Local\Octoshape
      [20.02.2008|21:53] C:\Users\MARIAJ~1\AppData\Local\OLYMPUS
      [07.07.2008|11:46] C:\Users\MARIAJ~1\AppData\Local\piratrax
      [02.03.2008|19:50] C:\Users\MARIAJ~1\AppData\Local\PowerCinema
      [22.03.2008|11:52] C:\Users\MARIAJ~1\AppData\Local\RapidSolution
      [14.05.2008|10:36] C:\Users\MARIAJ~1\AppData\Local\Shareaza
      [23.01.2008|11:03] C:\Users\MARIAJ~1\AppData\Local\Sony Corporation
      [08.08.2008|16:02] C:\Users\MARIAJ~1\AppData\Local\Temp
      [18.12.2007|21:53] C:\Users\MARIAJ~1\AppData\Local\Temporary Internet Files
      [03.05.2008|20:39] C:\Users\MARIAJ~1\AppData\Local\TVU Networks
      [19.12.2007|19:13] C:\Users\MARIAJ~1\AppData\Local\VirtualStore
      [06.01.2008|14:39] C:\Users\MARIAJ~1\AppData\Local\Xara
      [28.07.2008|21:40] C:\Users\MARIAJ~1\AppData\Local\Zattoo
      [10.06.2008|15:44] C:\Users\MARIAJ~1\AppData\Local\ZattooPlayer

      --------------------\\ Tâches planifiées dans C:\Windows\tasks

      [08.08.2008 14:16][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{54F5BB1E-258E-4285-86DE-AE544FA29283}.job
      [20.12.2007 13:55][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
      [08.08.2008 15:58][--ah-----] C:\Windows\tasks\SA.DAT
      [08.08.2008 15:57][--a------] C:\Windows\tasks\SCHEDLGU.TXT

      --------------------\\ Listing des dossiers dans C:\ProgramData

      [27.03.2007|14:37] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
      [16.06.2008|10:24] C:\ProgramData\ACD Systems
      [10.02.2008|18:29] C:\ProgramData\Adobe
      [05.05.2008|18:12] C:\ProgramData\Ahead
      [03.01.2008|15:30] C:\ProgramData\Apple
      [12.06.2008|12:05] C:\ProgramData\Apple Computer
      [02.11.2006|15:02] C:\ProgramData\Application Data
      [05.08.2008|22:50] C:\ProgramData\avg7
      [18.12.2007|21:49] C:\ProgramData\Bureau
      [25.03.2008|20:43] C:\ProgramData\CheckPoint
      [05.05.2008|17:34] C:\ProgramData\CyberLink
      [02.11.2006|15:02] C:\ProgramData\Desktop
      [02.11.2006|15:02] C:\ProgramData\Documents
      [12.02.2008|17:03] C:\ProgramData\Downloaded Installations
      [22.02.2008|20:17] C:\ProgramData\Emjysoft
      [08.08.2008|15:14] C:\ProgramData\eMule
      [04.06.2008|22:27] C:\ProgramData\ezsidmv.dat
      [18.12.2007|21:49] C:\ProgramData\Favoris
      [02.11.2006|15:02] C:\ProgramData\Favorites
      [04.01.2008|17:00] C:\ProgramData\Gogii
      [21.12.2007|13:59] C:\ProgramData\Google
      [07.08.2008|15:39] C:\ProgramData\Google Updater
      [19.05.2008|11:21] C:\ProgramData\Grisoft
      [07.01.2008|23:14] C:\ProgramData\HaCon
      [15.03.2008|12:01] C:\ProgramData\HotSync
      [20.05.2008|09:25] C:\ProgramData\IM
      [19.12.2007|17:58] C:\ProgramData\IncrediMail
      [12.02.2008|16:58] C:\ProgramData\Installations
      [18.12.2007|21:54] C:\ProgramData\InstallShield
      [07.08.2008|11:54] C:\ProgramData\Malwarebytes
      [18.12.2007|21:49] C:\ProgramData\Menu D‚marrer
      [28.02.2008|21:49] C:\ProgramData\Microsoft
      [23.07.2008|09:28] C:\ProgramData\Microsoft Help
      [18.12.2007|21:49] C:\ProgramData\ModŠles
      [12.02.2008|16:53] C:\ProgramData\NCCD.log
      [12.02.2008|17:42] C:\ProgramData\PC Suite
      [04.06.2008|22:25] C:\ProgramData\Skype
      [19.02.2008|23:17] C:\ProgramData\Spybot - Search & Destroy
      [02.11.2006|15:02] C:\ProgramData\Start Menu
      [25.03.2008|20:25] C:\ProgramData\Symantec
      [22.03.2008|10:05] C:\ProgramData\TEMP
      [02.11.2006|15:02] C:\ProgramData\Templates
      [11.05.2008|18:54] C:\ProgramData\TVU Networks
      [18.06.2008|13:17] C:\ProgramData\WindowsSearch
      [24.07.2008|13:28] C:\ProgramData\WLInstaller
      [19.01.2008|20:24] C:\ProgramData\Zylom

      --------------------\\ Listing des dossiers dans C:\Program Files

      [23.03.2008|16:59] C:\Program Files\21cn
      [21.12.2007|22:24] C:\Program Files\7-Zip
      [16.06.2008|10:24] C:\Program Files\ACD Systems
      [27.03.2007|14:14] C:\Program Files\Acer Arcade Deluxe
      [18.12.2007|22:06] C:\Program Files\Acer Inc
      [27.03.2007|14:37] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
      [14.07.2008|16:53] C:\Program Files\Adobe
      [18.02.2008|01:40] C:\Program Files\adslTV
      [05.05.2008|19:19] C:\Program Files\Ahead
      [15.07.2008|19:35] C:\Program Files\Apple Software Update
      [07.07.2008|14:09] C:\Program Files\Ares
      [04.07.2008|18:18] C:\Program Files\BitTorrent
      [19.06.2008|12:04] C:\Program Files\Bonjour
      [15.02.2008|22:43] C:\Program Files\CCleaner
      [17.06.2008|20:31] C:\Program Files\Common Files
      [27.03.2007|13:36] C:\Program Files\CONEXANT
      [12.02.2008|18:28] C:\Program Files\Corel
      [27.03.2007|13:51] C:\Program Files\CyberLink
      [02.08.2008|10:28] C:\Program Files\Decalage
      [12.06.2008|19:59] C:\Program Files\desktop.ini
      [12.02.2008|17:42] C:\Program Files\DIFX
      [10.06.2008|09:54] C:\Program Files\Digitalway
      [09.02.2008|16:47] C:\Program Files\DreamMail4
      [18.12.2007|21:49] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
      [04.03.2008|00:20] C:\Program Files\Free Audio Pack
      [15.07.2008|10:46] C:\Program Files\Google
      [05.08.2008|23:09] C:\Program Files\Grisoft
      [24.07.2008|11:54] C:\Program Files\IncrediMail
      [08.06.2008|15:30] C:\Program Files\InstallShield Installation Information
      [27.03.2007|13:15] C:\Program Files\Intel
      [12.06.2008|19:43] C:\Program Files\Internet Explorer
      [20.07.2008|12:45] C:\Program Files\Java
      [22.03.2008|21:13] C:\Program Files\JLC's Software
      [18.12.2007|21:56] C:\Program Files\Launch Manager
      [10.07.2008|18:31] C:\Program Files\LimeWire
      [03.03.2008|16:33] C:\Program Files\Macrogaming
      [02.11.2006|14:37] C:\Program Files\Microsoft Games
      [13.01.2008|13:13] C:\Program Files\Microsoft LifeCam
      [21.12.2007|12:29] C:\Program Files\Microsoft Office
      [02.01.2008|19:47] C:\Program Files\Microsoft SQL Server Compact Edition
      [08.03.2008|12:49] C:\Program Files\Microsoft Visual Studio
      [21.12.2007|12:24] C:\Program Files\Microsoft Visual Studio 8
      [22.03.2008|00:02] C:\Program Files\Microsoft Works
      [21.12.2007|12:28] C:\Program Files\Microsoft.NET
      [12.06.2008|19:43] C:\Program Files\Movie Maker
      [17.07.2008|09:05] C:\Program Files\Mozilla Firefox
      [08.03.2008|12:49] C:\Program Files\MSBuild
      [24.07.2008|12:56] C:\Program Files\MSN Messenger
      [19.12.2007|20:16] C:\Program Files\MSXML 4.0
      [07.08.2008|14:18] C:\Program Files\Navilog1
      [27.03.2007|13:49] C:\Program Files\NewTech Infosystems
      [20.02.2008|21:31] C:\Program Files\OLYMPUS
      [22.03.2008|00:02] C:\Program Files\Palm
      [03.07.2008|20:16] C:\Program Files\PhotoFiltre
      [20.05.2008|12:26] C:\Program Files\Picasa2
      [10.07.2008|10:56] C:\Program Files\Piratrax
      [12.06.2008|12:06] C:\Program Files\QuickTime
      [08.06.2008|15:35] C:\Program Files\Real
      [08.06.2008|15:34] C:\Program Files\Real Alternative
      [27.03.2007|13:26] C:\Program Files\Realtek
      [02.11.2006|14:37] C:\Program Files\Reference Assemblies
      [03.03.2008|16:33] C:\Program Files\RegCleaner
      [04.01.2008|16:55] C:\Program Files\RngInterstitial.dll
      [21.05.2008|11:12] C:\Program Files\Simnor World Clock Version 1.0
      [04.06.2008|22:25] C:\Program Files\Skype
      [27.03.2007|13:47] C:\Program Files\SMSC
      [23.01.2008|11:04] C:\Program Files\Sony Corporation
      [19.02.2008|23:21] C:\Program Files\Spybot - Search & Destroy
      [20.07.2008|12:46] C:\Program Files\Sun
      [27.03.2007|13:30] C:\Program Files\Synaptics
      [15.02.2008|21:55] C:\Program Files\ToniArts
      [07.01.2008|22:47] C:\Program Files\TWIXTEL
      [02.11.2006|15:01] C:\Program Files\Uninstall Information
      [12.06.2008|19:43] C:\Program Files\Windows Calendar
      [12.06.2008|19:43] C:\Program Files\Windows Collaboration
      [12.06.2008|19:42] C:\Program Files\Windows Defender
      [12.06.2008|19:43] C:\Program Files\Windows Journal
      [02.01.2008|19:49] C:\Program Files\Windows Live
      [20.12.2007|13:54] C:\Program Files\Windows Live Favorites
      [20.12.2007|13:55] C:\Program Files\Windows Live Toolbar
      [12.06.2008|19:43] C:\Program Files\Windows Mail
      [12.06.2008|19:43] C:\Program Files\Windows Media Player
      [18.12.2007|21:49] C:\Program Files\Windows NT
      [12.06.2008|19:42] C:\Program Files\Windows Photo Gallery
      [12.06.2008|19:43] C:\Program Files\Windows Sidebar
      [14.03.2008|21:11] C:\Program Files\WinRAR
      [03.03.2008|16:33] C:\Program Files\worldTVRT
      [06.01.2008|14:37] C:\Program Files\Xara
      [08.08.2008|14:30] C:\Program Files\Yahoo!
      [28.07.2008|21:38] C:\Program Files\Zattoo
      [25.03.2008|20:43] C:\Program Files\Zone Labs

      --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

      [16.06.2008|10:24] C:\Program Files\Common Files\ACD Systems
      [14.07.2008|16:53] C:\Program Files\Common Files\Adobe
      [05.05.2008|19:19] C:\Program Files\Common Files\Ahead
      [12.06.2008|12:00] C:\Program Files\Common Files\Apple
      [17.06.2008|20:32] C:\Program Files\Common Files\Corel
      [08.03.2008|12:49] C:\Program Files\Common Files\DESIGNER
      [18.12.2007|21:54] C:\Program Files\Common Files\InstallShield
      [18.02.2008|12:14] C:\Program Files\Common Files\Java
      [27.03.2007|13:49] C:\Program Files\Common Files\LightScribe
      [18.07.2008|14:19] C:\Program Files\Common Files\microsoft shared
      [27.03.2007|13:48] C:\Program Files\Common Files\muvee Technologies
      [05.05.2008|19:12] C:\Program Files\Common Files\Nero
      [27.03.2007|13:49] C:\Program Files\Common Files\NewTech Infosystems
      [25.02.2008|00:07] C:\Program Files\Common Files\Real
      [02.11.2006|13:18] C:\Program Files\Common Files\Services
      [04.06.2008|22:25] C:\Program Files\Common Files\Skype
      [02.11.2006|13:18] C:\Program Files\Common Files\SpeechEngines
      [25.03.2008|20:30] C:\Program Files\Common Files\Symantec Shared
      [23.03.2008|16:59] C:\Program Files\Common Files\Synacast
      [12.06.2008|19:42] C:\Program Files\Common Files\System
      [24.07.2008|09:25] C:\Program Files\Common Files\WindowsLiveInstaller
      [17.01.2008|14:50] C:\Program Files\Common Files\Wise Installation Wizard
      [06.01.2008|14:37] C:\Program Files\Common Files\Xara
      [25.02.2008|00:07] C:\Program Files\Common Files\xing shared

      --------------------\\ Process

      ( 92 Processus )

      ... OK !

      --------------------\\ Recherche avec S_Lop

      Aucun fichier / dossier Lop trouvé !

      --------------------\\ Recherche de Fichiers / Dossiers Lop

      Aucun fichier / dossier Lop trouvé !

      --------------------\\ Verification du Registre

      ..... OK !

      --------------------\\ Verification du fichier Hosts

      Fichier Hosts PROPRE


      --------------------\\ Recherche de fichiers avec Catchme

      catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-08-08 16:03:08
      Windows 6.0.6001 Service Pack 1 NTFS
      scanning hidden processes ...
      scanning hidden files ...
      scan completed successfully
      hidden processes: 0
      hidden files: 3

      --------------------\\ Recherche d'autres infections

      --------------------\\ Cracks & Keygens ..

      => C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\ACDSee.9.Photo.Manager.9.0.55.Multi.Spanish.+.Crack.by.EVCDGroup.WwW.EliteVCD.CoM (2).lnk
      => C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\ACDSee.9.Photo.Manager.9.0.55.Multi.Spanish.+.Crack.by.EVCDGroup.WwW.EliteVCD.CoM.lnk
      => C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\Corel Paint Shop Pro Photo XI v.11.0 Multilanguaje + extras + keygen.rar.lnk
      => C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\incredimail xe premium 5 0 0 build 2206 crack spanish espa¤ol 1 02 06 by paranoico.lnk
      => C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\IncrediMail.Xe.Premium.5.0.0.Build.2206.Crack.Spanish.Espa¤ol.1.02.06.By.PaRaNoiCo (2).lnk
      => C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\IncrediMail.Xe.Premium.5.0.0.Build.2206.Crack.Spanish.Espa¤ol.1.02.06.By.PaRaNoiCo.lnk


      [F:253][D:15]-> C:\Users\MARIAJ~1\AppData\Local\Temp
      [F:9][D:1]-> C:\Users\MARIAJ~1\AppData\Roaming\MICROS~1\Windows\Cookies
      [F:46][D:4]-> C:\Users\MARIAJ~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
      [F:70][D:2]-> C:\$Recycle.Bin

      --------------------\\ Fin du rapport a 16:06:02.83
      [ UAC => 1 ]
      0
  10. Utilisateur anonyme
     
    suis le chemin et supprime les
    0
    1. liroi Messages postés 75 Date d'inscription   Statut Membre Dernière intervention  
       
      je ne comprend pas ce que je doi faire
      0
  11. Utilisateur anonyme
     
    bonjour

    tu as des cracks car tu telecharge vire tout tes cracks

    telecharge [[ccleaner]

    tuto ici

    https://www.malekal.com/tutoriel-ccleaner/
    0
    1. liroi Messages postés 75 Date d'inscription   Statut Membre Dernière intervention  
       
      voila je l'ai fait
      0
  12. Utilisateur anonyme
     
    bonjour

    reposte un log hijackthis

    as tu encore des pubs ?
    0
    1. liroi Messages postés 75 Date d'inscription   Statut Membre Dernière intervention  
       
      bonjour,
      non je n'ai plus de pub, mais le message de que j'ouvre le messenger continue:
      une erreur est survenue dans le script de cette page
      ligne: 2
      Caractere: 30262
      Erreu 'a' a la valeur Null ou n'est pas un objet
      code: 0
      Url:/db 2.t. msn.com/fr-ch/home aspx?ver=8.5.1302&did=1

      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 08:12:48, on 11.08.2008
      Platform: Windows Vista SP1 (WinNT 6.00.1905)
      MSIE: Internet Explorer v7.00 (7.00.6001.18000)
      Boot mode: Normal

      Running processes:
      C:\Windows\system32\taskeng.exe
      C:\Windows\system32\Dwm.exe
      C:\Windows\Explorer.EXE
      C:\Program Files\Windows Defender\MSASCui.exe
      C:\Windows\System32\igfxtray.exe
      C:\Windows\System32\hkcmd.exe
      C:\Windows\System32\igfxpers.exe
      C:\Windows\RtHDVCpl.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
      C:\Acer\Empowering Technology\EDSMSNFIX.EXE
      C:\Program Files\Launch Manager\LManager.exe
      C:\Windows\vVX3000.exe
      C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
      C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
      C:\Program Files\Search Settings\SearchSettings.exe
      C:\Windows\ehome\ehtray.exe
      C:\Program Files\Picasa2\PicasaMediaDetector.exe
      C:\Program Files\Windows Sidebar\sidebar.exe
      C:\Program Files\Ares\Ares.exe
      C:\Program Files\Windows Media Player\wmpnscfg.exe
      C:\Program Files\Skype\Phone\Skype.exe
      C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      C:\Users\mariajose\AppData\Local\vdlaziq.exe
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\Program Files\Palm\Hotsync.exe
      C:\Users\mariajose\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
      C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
      C:\Windows\ehome\ehmsas.exe
      C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
      C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
      C:\Windows\system32\wbem\unsecapp.exe
      C:\Users\MARIAJ~1\AppData\Local\Temp\RtkBtMnt.exe
      C:\Program Files\Windows Sidebar\sidebar.exe
      C:\Windows\system32\igfxext.exe
      C:\Windows\system32\igfxsrvc.exe
      C:\Program Files\IncrediMail\bin\IMApp.exe
      C:\Program Files\IncrediMail\bin\IncMail.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Users\mariajose\Desktop\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
      R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
      O1 - Hosts: ::1 localhost
      O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
      O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
      O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
      O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - (no file)
      O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
      O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
      O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
      O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
      O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
      O4 - HKLM\..\Run: [eDSMSNfix] C:\Acer\Empowering Technology\eDSMSNfix.exe
      O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
      O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
      O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
      O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
      O4 - HKLM\..\Run: [VX3000] C:\Windows\vVX3000.exe
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
      O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
      O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
      O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
      O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
      O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
      O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
      O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
      O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
      O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
      O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
      O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
      O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
      O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      O4 - HKCU\..\Run: [vdlaziq] "c:\users\mariajose\appdata\local\vdlaziq.exe" vdlaziq
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
      O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
      O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
      O4 - Startup: VirtualExpander.lnk = C:\Users\mariajose\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
      O4 - Global Startup: Empowering Technology Launcher.lnk = ?
      O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe
      O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
      O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
      O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O17 - HKLM\System\CCS\Services\Tcpip\..\{C8355408-E9C6-47BF-BAC6-0EE3A73BAE41}: NameServer = 195.186.1.111,195.186.4.111
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
      O20 - AppInit_DLLs: eNetHook.dll
      O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
      O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
      O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
      O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
      O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
      O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
      O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
      O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
      O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
      O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
      O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
      O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
      0
  13. Utilisateur anonyme
     
    re

    tu es encore infecter

    Télécharges ToolBar S&D ( de Eric_71 ) :
    https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

    ( Tuto : https://sites.google.com/site/toolbarsd/aideenimages )

    !! Déconnectes toi et fermes toute tes applications en cours le temps de la manipe !!

    * double-cliques sur l'.exe pour lancer l'installe et laisses toi guider ...
    * Une fois fait, cliques sur le raccourci créé sur ton bureau pour lancer l'outil .
    * Choisis l'option 1 ( "recherche") et tapes "entrée" .
    * Une fois le scan finit , un rapport va apparaître, copie/colles l'intégralité
    de son contenu dans ta prochaine réponse ...
    ( le rapport est en outre sauvegardé ici -> C:\TB.txt )
    0
    1. liroi Messages postés 75 Date d'inscription   Statut Membre Dernière intervention  
       
      --------------------\\ Lop S&D 4.2.2-5 XP/Vista

      [ Windows VISTA (NT 6.0) Workstation Build 6001, Service Pack 1 ]
      [ USER : mariajose ] [ "C:\Lop SD" ] [ Selection : 1 ]
      [ 11.08.2008 | 11:01:14.06 ] [ PC : PC-DE-MARIAJOSE ]
      [ MAJ : 01-08-2008 | 01:40 ]
      [ UAC => 0 ]

      --------------------\\ Listing des dossiers dans Local

      [16.06.2008|10:31] C:\Users\MARIAJ~1\AppData\Local\ACD Systems
      [22.03.2008|00:02] C:\Users\MARIAJ~1\AppData\Local\acer eNM
      [06.07.2008|23:40] C:\Users\MARIAJ~1\AppData\Local\Adobe
      [05.05.2008|19:18] C:\Users\MARIAJ~1\AppData\Local\Ahead
      [03.01.2008|15:30] C:\Users\MARIAJ~1\AppData\Local\Apple
      [16.07.2008|08:24] C:\Users\MARIAJ~1\AppData\Local\Apple Computer
      [18.12.2007|21:53] C:\Users\MARIAJ~1\AppData\Local\Application Data
      [24.06.2008|09:06] C:\Users\MARIAJ~1\AppData\Local\Ares
      [15.02.2008|13:18] C:\Users\MARIAJ~1\AppData\Local\Corel Photo Album
      [08.08.2008|14:13] C:\Users\MARIAJ~1\AppData\Local\d3d9caps.dat
      [03.08.2008|14:12] C:\Users\MARIAJ~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      [19.07.2008|16:49] C:\Users\MARIAJ~1\AppData\Local\Downloaded Installations
      [19.01.2008|20:19] C:\Users\MARIAJ~1\AppData\Local\DownloadLog.txt
      [07.06.2008|19:09] C:\Users\MARIAJ~1\AppData\Local\GDIPFONTCACHEV1.DAT
      [19.01.2008|12:46] C:\Users\MARIAJ~1\AppData\Local\Google
      [07.01.2008|23:14] C:\Users\MARIAJ~1\AppData\Local\HaCon
      [18.12.2007|21:53] C:\Users\MARIAJ~1\AppData\Local\Historique
      [11.08.2008|10:57] C:\Users\MARIAJ~1\AppData\Local\IconCache.db
      [03.02.2008|19:26] C:\Users\MARIAJ~1\AppData\Local\IM
      [06.08.2008|17:38] C:\Users\MARIAJ~1\AppData\Local\ircpaaf.bat
      [07.06.2008|19:09] C:\Users\MARIAJ~1\AppData\Local\Logiciel de commande Fujicolor
      [01.01.2008|14:29] C:\Users\MARIAJ~1\AppData\Local\Magentic
      [02.03.2008|19:50] C:\Users\MARIAJ~1\AppData\Local\MCE Deluxe Suite
      [06.08.2008|18:48] C:\Users\MARIAJ~1\AppData\Local\Microsoft
      [09.03.2008|23:03] C:\Users\MARIAJ~1\AppData\Local\Microsoft Games
      [05.07.2008|19:59] C:\Users\MARIAJ~1\AppData\Local\Microsoft Help
      [19.12.2007|00:18] C:\Users\MARIAJ~1\AppData\Local\Mozilla
      [23.03.2008|23:51] C:\Users\MARIAJ~1\AppData\Local\Octoshape
      [20.02.2008|21:53] C:\Users\MARIAJ~1\AppData\Local\OLYMPUS
      [07.07.2008|11:46] C:\Users\MARIAJ~1\AppData\Local\piratrax
      [02.03.2008|19:50] C:\Users\MARIAJ~1\AppData\Local\PowerCinema
      [22.03.2008|11:52] C:\Users\MARIAJ~1\AppData\Local\RapidSolution
      [14.05.2008|10:36] C:\Users\MARIAJ~1\AppData\Local\Shareaza
      [23.01.2008|11:03] C:\Users\MARIAJ~1\AppData\Local\Sony Corporation
      [11.08.2008|11:01] C:\Users\MARIAJ~1\AppData\Local\Temp
      [18.12.2007|21:53] C:\Users\MARIAJ~1\AppData\Local\Temporary Internet Files
      [03.05.2008|20:39] C:\Users\MARIAJ~1\AppData\Local\TVU Networks
      [11.08.2008|11:00] C:\Users\MARIAJ~1\AppData\Local\vdlaziq.bat
      [11.08.2008|11:00] C:\Users\MARIAJ~1\AppData\Local\vdlaziq.dat
      [09.08.2008|12:56] C:\Users\MARIAJ~1\AppData\Local\vdlaziq.exe
      [09.08.2008|12:56] C:\Users\MARIAJ~1\AppData\Local\vdlaziq_nav.dat
      [11.08.2008|11:00] C:\Users\MARIAJ~1\AppData\Local\vdlaziq_navps.dat
      [19.12.2007|19:13] C:\Users\MARIAJ~1\AppData\Local\VirtualStore
      [06.01.2008|14:39] C:\Users\MARIAJ~1\AppData\Local\Xara
      [09.08.2008|14:22] C:\Users\MARIAJ~1\AppData\Local\Zattoo
      [10.06.2008|15:44] C:\Users\MARIAJ~1\AppData\Local\ZattooPlayer

      --------------------\\ Tâches planifiées dans C:\Windows\tasks

      [10.08.2008 23:24][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{54F5BB1E-258E-4285-86DE-AE544FA29283}.job
      [20.12.2007 13:55][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
      [11.08.2008 10:59][--ah-----] C:\Windows\tasks\SA.DAT
      [11.08.2008 10:58][--a------] C:\Windows\tasks\SCHEDLGU.TXT

      --------------------\\ Listing des dossiers dans C:\ProgramData

      [27.03.2007|14:37] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
      [16.06.2008|10:24] C:\ProgramData\ACD Systems
      [10.02.2008|18:29] C:\ProgramData\Adobe
      [05.05.2008|18:12] C:\ProgramData\Ahead
      [03.01.2008|15:30] C:\ProgramData\Apple
      [12.06.2008|12:05] C:\ProgramData\Apple Computer
      [02.11.2006|15:02] C:\ProgramData\Application Data
      [08.08.2008|16:44] C:\ProgramData\avg7
      [18.12.2007|21:49] C:\ProgramData\Bureau
      [25.03.2008|20:43] C:\ProgramData\CheckPoint
      [05.05.2008|17:34] C:\ProgramData\CyberLink
      [02.11.2006|15:02] C:\ProgramData\Desktop
      [02.11.2006|15:02] C:\ProgramData\Documents
      [12.02.2008|17:03] C:\ProgramData\Downloaded Installations
      [22.02.2008|20:17] C:\ProgramData\Emjysoft
      [08.08.2008|15:14] C:\ProgramData\eMule
      [04.06.2008|22:27] C:\ProgramData\ezsidmv.dat
      [18.12.2007|21:49] C:\ProgramData\Favoris
      [02.11.2006|15:02] C:\ProgramData\Favorites
      [04.01.2008|17:00] C:\ProgramData\Gogii
      [21.12.2007|13:59] C:\ProgramData\Google
      [11.08.2008|08:20] C:\ProgramData\Google Updater
      [07.01.2008|23:14] C:\ProgramData\HaCon
      [15.03.2008|12:01] C:\ProgramData\HotSync
      [20.05.2008|09:25] C:\ProgramData\IM
      [19.12.2007|17:58] C:\ProgramData\IncrediMail
      [12.02.2008|16:58] C:\ProgramData\Installations
      [18.12.2007|21:54] C:\ProgramData\InstallShield
      [07.08.2008|11:54] C:\ProgramData\Malwarebytes
      [18.12.2007|21:49] C:\ProgramData\Menu D‚marrer
      [28.02.2008|21:49] C:\ProgramData\Microsoft
      [23.07.2008|09:28] C:\ProgramData\Microsoft Help
      [18.12.2007|21:49] C:\ProgramData\ModŠles
      [12.02.2008|16:53] C:\ProgramData\NCCD.log
      [12.02.2008|17:42] C:\ProgramData\PC Suite
      [04.06.2008|22:25] C:\ProgramData\Skype
      [09.08.2008|09:27] C:\ProgramData\Spybot - Search & Destroy
      [02.11.2006|15:02] C:\ProgramData\Start Menu
      [08.08.2008|17:11] C:\ProgramData\Symantec
      [22.03.2008|10:05] C:\ProgramData\TEMP
      [02.11.2006|15:02] C:\ProgramData\Templates
      [11.05.2008|18:54] C:\ProgramData\TVU Networks
      [18.06.2008|13:17] C:\ProgramData\WindowsSearch
      [09.08.2008|23:54] C:\ProgramData\WLInstaller
      [19.01.2008|20:24] C:\ProgramData\Zylom

      --------------------\\ Listing des dossiers dans C:\Program Files

      [23.03.2008|16:59] C:\Program Files\21cn
      [21.12.2007|22:24] C:\Program Files\7-Zip
      [16.06.2008|10:24] C:\Program Files\ACD Systems
      [27.03.2007|14:14] C:\Program Files\Acer Arcade Deluxe
      [18.12.2007|22:06] C:\Program Files\Acer Inc
      [27.03.2007|14:37] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
      [14.07.2008|16:53] C:\Program Files\Adobe
      [18.02.2008|01:40] C:\Program Files\adslTV
      [05.05.2008|19:19] C:\Program Files\Ahead
      [15.07.2008|19:35] C:\Program Files\Apple Software Update
      [07.07.2008|14:09] C:\Program Files\Ares
      [04.07.2008|18:18] C:\Program Files\BitTorrent
      [19.06.2008|12:04] C:\Program Files\Bonjour
      [15.02.2008|22:43] C:\Program Files\CCleaner
      [17.06.2008|20:31] C:\Program Files\Common Files
      [27.03.2007|13:36] C:\Program Files\CONEXANT
      [12.02.2008|18:28] C:\Program Files\Corel
      [27.03.2007|13:51] C:\Program Files\CyberLink
      [02.08.2008|10:28] C:\Program Files\Decalage
      [12.06.2008|19:59] C:\Program Files\desktop.ini
      [12.02.2008|17:42] C:\Program Files\DIFX
      [10.06.2008|09:54] C:\Program Files\Digitalway
      [09.02.2008|16:47] C:\Program Files\DreamMail4
      [18.12.2007|21:49] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
      [04.03.2008|00:20] C:\Program Files\Free Audio Pack
      [15.07.2008|10:46] C:\Program Files\Google
      [24.07.2008|11:54] C:\Program Files\IncrediMail
      [08.06.2008|15:30] C:\Program Files\InstallShield Installation Information
      [27.03.2007|13:15] C:\Program Files\Intel
      [12.06.2008|19:43] C:\Program Files\Internet Explorer
      [20.07.2008|12:45] C:\Program Files\Java
      [22.03.2008|21:13] C:\Program Files\JLC's Software
      [18.12.2007|21:56] C:\Program Files\Launch Manager
      [10.07.2008|18:31] C:\Program Files\LimeWire
      [03.03.2008|16:33] C:\Program Files\Macrogaming
      [02.11.2006|14:37] C:\Program Files\Microsoft Games
      [13.01.2008|13:13] C:\Program Files\Microsoft LifeCam
      [21.12.2007|12:29] C:\Program Files\Microsoft Office
      [02.01.2008|19:47] C:\Program Files\Microsoft SQL Server Compact Edition
      [08.03.2008|12:49] C:\Program Files\Microsoft Visual Studio
      [21.12.2007|12:24] C:\Program Files\Microsoft Visual Studio 8
      [22.03.2008|00:02] C:\Program Files\Microsoft Works
      [21.12.2007|12:28] C:\Program Files\Microsoft.NET
      [12.06.2008|19:43] C:\Program Files\Movie Maker
      [17.07.2008|09:05] C:\Program Files\Mozilla Firefox
      [08.03.2008|12:49] C:\Program Files\MSBuild
      [19.12.2007|20:16] C:\Program Files\MSXML 4.0
      [07.08.2008|14:18] C:\Program Files\Navilog1
      [27.03.2007|13:49] C:\Program Files\NewTech Infosystems
      [20.02.2008|21:31] C:\Program Files\OLYMPUS
      [22.03.2008|00:02] C:\Program Files\Palm
      [03.07.2008|20:16] C:\Program Files\PhotoFiltre
      [20.05.2008|12:26] C:\Program Files\Picasa2
      [10.07.2008|10:56] C:\Program Files\Piratrax
      [12.06.2008|12:06] C:\Program Files\QuickTime
      [08.06.2008|15:35] C:\Program Files\Real
      [08.06.2008|15:34] C:\Program Files\Real Alternative
      [27.03.2007|13:26] C:\Program Files\Realtek
      [02.11.2006|14:37] C:\Program Files\Reference Assemblies
      [03.03.2008|16:33] C:\Program Files\RegCleaner
      [04.01.2008|16:55] C:\Program Files\RngInterstitial.dll
      [09.08.2008|13:22] C:\Program Files\Search Settings
      [21.05.2008|11:12] C:\Program Files\Simnor World Clock Version 1.0
      [04.06.2008|22:25] C:\Program Files\Skype
      [27.03.2007|13:47] C:\Program Files\SMSC
      [23.01.2008|11:04] C:\Program Files\Sony Corporation
      [09.08.2008|08:56] C:\Program Files\Spybot - Search & Destroy
      [20.07.2008|12:46] C:\Program Files\Sun
      [27.03.2007|13:30] C:\Program Files\Synaptics
      [15.02.2008|21:55] C:\Program Files\ToniArts
      [07.01.2008|22:47] C:\Program Files\TWIXTEL
      [02.11.2006|15:01] C:\Program Files\Uninstall Information
      [12.06.2008|19:43] C:\Program Files\Windows Calendar
      [12.06.2008|19:43] C:\Program Files\Windows Collaboration
      [12.06.2008|19:42] C:\Program Files\Windows Defender
      [12.06.2008|19:43] C:\Program Files\Windows Journal
      [10.08.2008|00:00] C:\Program Files\Windows Live
      [08.08.2008|16:49] C:\Program Files\Windows Live Toolbar
      [12.06.2008|19:43] C:\Program Files\Windows Mail
      [12.06.2008|19:43] C:\Program Files\Windows Media Player
      [18.12.2007|21:49] C:\Program Files\Windows NT
      [12.06.2008|19:42] C:\Program Files\Windows Photo Gallery
      [12.06.2008|19:43] C:\Program Files\Windows Sidebar
      [14.03.2008|21:11] C:\Program Files\WinRAR
      [03.03.2008|16:33] C:\Program Files\worldTVRT
      [06.01.2008|14:37] C:\Program Files\Xara
      [08.08.2008|14:30] C:\Program Files\Yahoo!
      [09.08.2008|14:21] C:\Program Files\Zattoo
      [25.03.2008|20:43] C:\Program Files\Zone Labs

      --------------------\\ Listing des dossiers dans C:\Program Files\Common Files

      [16.06.2008|10:24] C:\Program Files\Common Files\ACD Systems
      [14.07.2008|16:53] C:\Program Files\Common Files\Adobe
      [05.05.2008|19:19] C:\Program Files\Common Files\Ahead
      [12.06.2008|12:00] C:\Program Files\Common Files\Apple
      [17.06.2008|20:32] C:\Program Files\Common Files\Corel
      [08.03.2008|12:49] C:\Program Files\Common Files\DESIGNER
      [18.12.2007|21:54] C:\Program Files\Common Files\InstallShield
      [18.02.2008|12:14] C:\Program Files\Common Files\Java
      [27.03.2007|13:49] C:\Program Files\Common Files\LightScribe
      [18.07.2008|14:19] C:\Program Files\Common Files\microsoft shared
      [27.03.2007|13:48] C:\Program Files\Common Files\muvee Technologies
      [05.05.2008|19:12] C:\Program Files\Common Files\Nero
      [27.03.2007|13:49] C:\Program Files\Common Files\NewTech Infosystems
      [25.02.2008|00:07] C:\Program Files\Common Files\Real
      [02.11.2006|13:18] C:\Program Files\Common Files\Services
      [04.06.2008|22:25] C:\Program Files\Common Files\Skype
      [02.11.2006|13:18] C:\Program Files\Common Files\SpeechEngines
      [08.08.2008|17:11] C:\Program Files\Common Files\Symantec Shared
      [23.03.2008|16:59] C:\Program Files\Common Files\Synacast
      [12.06.2008|19:42] C:\Program Files\Common Files\System
      [24.07.2008|09:25] C:\Program Files\Common Files\WindowsLiveInstaller
      [17.01.2008|14:50] C:\Program Files\Common Files\Wise Installation Wizard
      [06.01.2008|14:37] C:\Program Files\Common Files\Xara
      [25.02.2008|00:07] C:\Program Files\Common Files\xing shared

      --------------------\\ Process

      ( 89 Processus )

      ... OK !

      --------------------\\ Recherche avec S_Lop

      Aucun fichier / dossier Lop trouvé !

      --------------------\\ Recherche de Fichiers / Dossiers Lop

      Aucun fichier / dossier Lop trouvé !

      --------------------\\ Verification du Registre

      ..... OK !

      --------------------\\ Verification du fichier Hosts

      Fichier Hosts PROPRE


      --------------------\\ Recherche de fichiers avec Catchme

      catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
      Rootkit scan 2008-08-11 11:01:49
      Windows 6.0.6001 Service Pack 1 NTFS
      scanning hidden processes ...
      scanning hidden files ...
      scan completed successfully
      hidden processes: 0
      hidden files: 3

      --------------------\\ Recherche d'autres infections

      C:\Windows\prefetch\MESSENGERSKINNER.EXE-9247C55C.pf
      C:\Windows\prefetch\MESSENGERSKINNER_SETUP.EXE-6CFA6EDD.pf

      C:\Users\MARIAJ~1\AppData\Local\vdlaziq.bat
      C:\Users\MARIAJ~1\AppData\Local\vdlaziq.dat
      C:\Users\MARIAJ~1\AppData\Local\vdlaziq.exe
      C:\Users\MARIAJ~1\AppData\Local\vdlaziq_nav.dat
      C:\Users\MARIAJ~1\AppData\Local\vdlaziq_navps.dat
      C:\Windows\Prefetch\VDLAZIQ.EXE-E5449FDD.pf
      [b]==> EGDACCESS <==/b

      --------------------\\ Cracks & Keygens ..

      => C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\ACDSee.9.Photo.Manager.9.0.55.Multi.Spanish.+.Crack.by.EVCDGroup.WwW.EliteVCD.CoM (2).lnk
      => C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\ACDSee.9.Photo.Manager.9.0.55.Multi.Spanish.+.Crack.by.EVCDGroup.WwW.EliteVCD.CoM.lnk
      => C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\Corel Paint Shop Pro Photo XI v.11.0 Multilanguaje + extras + keygen.rar.lnk
      => C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\incredimail xe premium 5 0 0 build 2206 crack spanish espa¤ol 1 02 06 by paranoico.lnk
      => C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\IncrediMail.Xe.Premium.5.0.0.Build.2206.Crack.Spanish.Espa¤ol.1.02.06.By.PaRaNoiCo (2).lnk
      => C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\IncrediMail.Xe.Premium.5.0.0.Build.2206.Crack.Spanish.Espa¤ol.1.02.06.By.PaRaNoiCo.lnk


      [F:652][D:29]-> C:\Users\MARIAJ~1\AppData\Local\Temp
      [F:68][D:1]-> C:\Users\MARIAJ~1\AppData\Roaming\MICROS~1\Windows\Cookies
      [F:104][D:6]-> C:\Users\MARIAJ~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
      [F:72][D:2]-> C:\$Recycle.Bin

      --------------------\\ Fin du rapport a 11:04:23.33
      [ UAC => 1 ]
      0
  14. Utilisateur anonyme
     
    ok

    Clique sur ce lien :
    http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
    Clique sur navilog1.exe pour télécharger navilog1
    Choisis Enregistrer

    et enregistre-le sur ton bureau.

    Ensuite double clique sur navilog1.exe pour lancer l'installation.
    Une fois l'installation terminée, le fix s'exécutera automatiquement.
    (Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

    Laisse-toi guider. Au menu principal, choisis 1 et valides.
    (ne fais pas le choix 2,3 ou 4 sans notre avis/accord)

    Patiente jusqu'au message :
    *** Analyse Termine le ..... ***
    Appuie sur une touche comme demandé, le bloc note va s'ouvrir.
    Copie-colle l'intégralité dans une réponse. Referme le bloc note.
    Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
    poste les rapports obtenus
    0
    1. liroi Messages postés 75 Date d'inscription   Statut Membre Dernière intervention  
       
      Search Navipromo version 3.6.3 commencé le 11.08.2008 à 11:34:36.19

      !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
      !!! Postez ce rapport sur le forum pour le faire analyser !!!
      !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

      Outil exécuté depuis C:\Program Files\navilog1
      Session actuelle : "mariajose"

      Mise à jour le 09.08.2008 à 18h00 par IL-MAFIOSO

      Microsoft Windows Vista 6.0.6001
      Internet Explorer : 7.0.6001.18000
      Système de fichiers : NTFS

      Recherche executé en mode normal

      *** Recherche Programmes installés ***


      *** Recherche dossiers dans "C:\Windows" ***


      *** Recherche dossiers dans "C:\Program Files" ***


      *** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***


      *** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1" ***


      *** Recherche dossiers dans "C:\ProgramData" ***


      *** Recherche dossiers dans "c:\users\mariaj~1\appdata\roaming\micros~1\windows\startm~1\programs" ***


      *** Recherche dossiers dans "C:\Users\mariajose\AppData\Local\virtualstore\Program Files" ***


      *** Recherche dossiers dans "C:\Users\MARIAJ~1\AppData\Roaming" ***


      *** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
      pour + d'infos : http://www.gmer.net



      *** Recherche avec GenericNaviSearch ***
      !!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
      !!! A vérifier impérativement avant toute suppression manuelle !!!

      * Recherche dans "C:\Windows\system32" *

      * Recherche dans "C:\Users\mariajose\AppData\Local\Microsoft" *

      * Recherche dans "C:\Users\mariajose\AppData\Local\virtualstore\windows\system32" *

      * Recherche dans "C:\Users\mariajose\AppData\Local" *

      Fichiers trouvés :

      vdlaziq.exe trouvé !
      vdlaziq.dat trouvé !
      vdlaziq.bat trouvé !
      vdlaziq_nav.dat trouvé !
      vdlaziq_navps.dat trouvé !



      *** Recherche fichiers ***


      C:\Windows\prefetch\MESSENGERSKINNER.EXE-9247C55C.pf trouvé !
      C:\Windows\prefetch\MESSENGERSKINNER_SETUP.EXE-6CFA6EDD.pf trouvé !

      *** Recherche clés spécifiques dans le Registre ***

      HKEY_CURRENT_USER\Software\Lanconfig trouvé !

      *** Module de Recherche complémentaire ***
      (Recherche fichiers spécifiques)

      1)Recherche nouveaux fichiers Instant Access :


      2)Recherche Heuristique :

      * Dans "C:\Windows\system32" :


      * Dans "C:\Users\mariajose\AppData\Local\Microsoft" :


      * Dans "C:\Users\mariajose\AppData\Local\virtualstore\windows\system32" :


      * Dans "C:\Users\mariajose\AppData\Local" :

      vdlaziq.bat trouvé !
      vdlaziq.dat trouvé !
      vdlaziq.exe trouvé !
      vdlaziq_nav.dat trouvé !
      vdlaziq_navps.dat trouvé !

      3)Recherche Certificats :

      Certificat Egroup absent !
      Certificat Electronic-Group absent !
      Certificat Montorgueil absent !
      Certificat OOO-Favorit absent !
      Certificat Sunny-Day-Design-Ltd absent !

      4)Recherche fichiers connus :



      *** Analyse terminée le 11.08.2008 à 11:46:26.24 ***
      0
      1. luffy17 > liroi Messages postés 75 Date d'inscription   Statut Membre Dernière intervention  
         
        Ok, relance Navilog et ce coup si tape 2 ( à la place de 1) laisse faire puis quand navilog te demande de redémarrer le pc accepte et là normalement c'est bon ^^
        0
  15. luffy17
     
    Si tu tourne sur vista tu doit d'abord désactiver l' UAC =====> https://forum.malekal.com/viewtopic.php?f=59&t=6517

    Après télécharger Navilog 1======> http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

    Un coups installé Tape "F" pour français puis 1 pour recherche. Laisse faire... Puis relance Navilog, "F" puis cette fois si fais "2" pour déinfection.

    PS: Ne jamais télécharger ces logiciels

    go-astro
    GoRecord
    HotTVPlayer / HotTVPlayer & Paris Hilton
    Live-Player
    MailSkinner
    Messenger Skinner
    Instant Access
    InternetGameBox
    Official Emule (Version d'Emule modifiée)
    Sudoplanet
    Webmediaplayer

    Et ne jamais aller sur le site www.games-desktop.com (n'allez pas dessus!!)

    Ils propagent les virus Magic.Control / egdaccess / NaviPromo / Popups Spyware-Secure
    0
  16. luffy17
     
    juste pour info tu es infecté par Messenger Skinner ( un logiciel d'émoticones et clins d'oeils pour msn qui transporte le malware Magic.Control
    0
  17. Utilisateur anonyme
     
    bonjour luffy17

    merci mais si t regarde plus haut tu verras

    fait option 2 avec navilog et ensuite poste le rapprt stp
    0
    1. liroi Messages postés 75 Date d'inscription   Statut Membre Dernière intervention  
       
      Clean Navipromo version 3.6.3 commencé le 11.08.2008 à 12:22:07.16

      Outil exécuté depuis C:\Program Files\navilog1
      Session actuelle : "mariajose"

      Mise à jour le 09.08.2008 à 18h00 par IL-MAFIOSO

      Microsoft Windows Vista 6.0.6001
      Internet Explorer : 7.0.6001.18000
      Système de fichiers : NTFS

      Mode suppression automatique
      avec prise en charge résultats Catchme et GNS


      Nettoyage exécuté au redémarrage de l'ordinateur


      *** fsbl1.txt non trouvé ***
      (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)


      *** Suppression avec sauvegardes résultats GenericNaviSearch ***

      * Suppression dans "C:\Windows\System32" *


      C:\Windows\prefetch\vdlaziq*.pf trouvé !
      Copie C:\Windows\prefetch\vdlaziq*.pf réalisée avec succès !
      C:\Windows\prefetch\vdlaziq*.pf supprimé !


      * Suppression dans "C:\Users\mariajose\AppData\Local\Microsoft" *



      * Suppression dans "C:\Users\mariajose\AppData\Local\virtualstore\windows\system32" *



      * Suppression dans "C:\Users\mariajose\AppData\Local" *


      vdlaziq.exe trouvé !
      Copie vdlaziq.exe réalisée avec succès !
      vdlaziq.exe supprimé !

      vdlaziq.dat trouvé !
      Copie vdlaziq.dat réalisée avec succès !
      vdlaziq.dat supprimé !

      vdlaziq.bat trouvé !
      Copie vdlaziq.bat réalisée avec succès !
      vdlaziq.bat supprimé !

      vdlaziq_nav.dat trouvé !
      Copie vdlaziq_nav.dat réalisée avec succès !
      vdlaziq_nav.dat supprimé !

      vdlaziq_navps.dat trouvé !
      Copie vdlaziq_navps.dat réalisée avec succès !
      vdlaziq_navps.dat supprimé !



      *** Suppression dossiers dans "C:\Windows" ***


      *** Suppression dossiers dans "C:\Program Files" ***


      *** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***


      *** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1" ***


      *** Suppression dossiers dans "C:\ProgramData" ***


      *** Suppression dossiers dans c:\users\mariaj~1\appdata\roaming\micros~1\windows\startm~1\programs ***


      *** Suppression dossiers dans "C:\Users\mariajose\AppData\Local\virtualstore\Program Files" ***


      *** Suppression dossiers dans "C:\Users\mariajose\AppData\Roaming" ***



      *** Suppression fichiers ***

      C:\Windows\prefetch\MESSENGERSKINNER.EXE-9247C55C.pf supprimé !
      C:\Windows\prefetch\MESSENGERSKINNER_SETUP.EXE-6CFA6EDD.pf supprimé !

      *** Suppression fichiers temporaires ***

      Nettoyage contenu C:\Windows\Temp effectué !
      Nettoyage contenu C:\Users\MARIAJ~1\AppData\Local\Temp effectué !

      *** Traitement Recherche complémentaire ***
      (Recherche fichiers spécifiques)

      1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

      2)Recherche, création sauvegardes et suppression Heuristique :


      * Dans "C:\Windows\system32" *


      * Dans "C:\Users\mariajose\AppData\Local\Microsoft" *


      * Dans "C:\Users\mariajose\AppData\Local\virtualstore\windows\system32" *


      * Dans "C:\Users\mariajose\AppData\Local" *


      *** Sauvegarde du Registre vers dossier Safebackup ***

      sauvegarde du Registre réalisée avec succès !

      *** Nettoyage Registre ***

      Nettoyage Registre Ok


      *** Certificats ***

      Certificat Egroup absent !
      Certificat Electronic-Group absent !
      Certificat Montorgueil absent !
      Certificat OOO-Favorit absent !
      Certificat Sunny-Day-Design-Ltdt absent !


      *** Nettoyage terminé le 11.08.2008 à 12:29:08.03 ***
      0
  18. Utilisateur anonyme
     
    repost un log hijackthis stp
    0
    1. liroi Messages postés 75 Date d'inscription   Statut Membre Dernière intervention  
       
      Logfile of Trend Micro HijackThis v2.0.2
      Scan saved at 16:45:47, on 11.08.2008
      Platform: Windows Vista SP1 (WinNT 6.00.1905)
      MSIE: Internet Explorer v7.00 (7.00.6001.18000)
      Boot mode: Normal

      Running processes:
      C:\Windows\system32\Dwm.exe
      C:\Windows\system32\taskeng.exe
      C:\Windows\Explorer.EXE
      C:\Program Files\Windows Defender\MSASCui.exe
      C:\Windows\System32\igfxtray.exe
      C:\Windows\System32\hkcmd.exe
      C:\Windows\System32\igfxpers.exe
      C:\Windows\RtHDVCpl.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
      C:\Acer\Empowering Technology\EDSMSNFIX.EXE
      C:\Program Files\Launch Manager\LManager.exe
      C:\Windows\vVX3000.exe
      C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
      C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
      C:\Program Files\Search Settings\SearchSettings.exe
      C:\Windows\ehome\ehtray.exe
      C:\Program Files\Picasa2\PicasaMediaDetector.exe
      C:\Program Files\Windows Sidebar\sidebar.exe
      C:\Program Files\Ares\Ares.exe
      C:\Program Files\Windows Media Player\wmpnscfg.exe
      C:\Program Files\Skype\Phone\Skype.exe
      C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      C:\Program Files\Windows Live\Messenger\msnmsgr.exe
      C:\Program Files\Palm\Hotsync.exe
      C:\Windows\ehome\ehmsas.exe
      C:\Users\mariajose\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
      C:\Windows\system32\wbem\unsecapp.exe
      C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
      C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
      C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
      C:\Users\MARIAJ~1\AppData\Local\Temp\RtkBtMnt.exe
      C:\Program Files\Windows Sidebar\sidebar.exe
      C:\Windows\system32\igfxext.exe
      C:\Windows\system32\igfxsrvc.exe
      C:\Program Files\IncrediMail\bin\IMApp.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Users\mariajose\Desktop\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
      R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
      R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
      O1 - Hosts: ::1 localhost
      O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
      O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
      O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
      O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
      O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
      O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
      O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - (no file)
      O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
      O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
      O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
      O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
      O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
      O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
      O4 - HKLM\..\Run: [eDSMSNfix] C:\Acer\Empowering Technology\eDSMSNfix.exe
      O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
      O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
      O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
      O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
      O4 - HKLM\..\Run: [VX3000] C:\Windows\vVX3000.exe
      O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
      O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
      O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
      O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
      O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
      O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
      O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
      O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
      O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
      O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
      O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
      O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
      O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
      O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
      O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
      O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
      O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
      O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
      O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
      O4 - Startup: VirtualExpander.lnk = C:\Users\mariajose\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
      O4 - Global Startup: Empowering Technology Launcher.lnk = ?
      O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe
      O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
      O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
      O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
      O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
      O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
      O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
      O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
      O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
      O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
      O17 - HKLM\System\CCS\Services\Tcpip\..\{C8355408-E9C6-47BF-BAC6-0EE3A73BAE41}: NameServer = 195.186.1.111,195.186.4.111
      O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
      O20 - AppInit_DLLs: eNetHook.dll
      O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
      O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
      O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
      O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
      O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
      O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
      O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
      O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
      O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
      O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
      O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
      O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
      O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
      O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
      O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
      0
  19. Utilisateur anonyme
     
    bon tu n'utilise aucun antivirus il serait bon d'en mettre un je te proprose antivir

    ensuite tu as toujours des cracks vire le repertoire si tu telecharge cela ne pose pas de souci mais tes saloperies vienne de la
    0
    1. liroi Messages postés 75 Date d'inscription   Statut Membre Dernière intervention  
       
      oui mais comment vider ces cracks ??
      0
  20. Utilisateur anonyme
     
    EMULE ET BIT TORRENT SHOOTE LES
    0
Précédent
  • 1
  • 2