Plein de pub!!
liroi
Messages postés
75
Date d'inscription
Statut
Membre
Dernière intervention
-
Utilisateur anonyme -
Utilisateur anonyme -
Bonjour,
des que j'ouvre internet, j'ai plein de pages de publicités qui s'ouvrent toutes seules, je suis peut-être entrain de faire comme par exemple maintenant ecrire un message, et pouf. Une page qui demarre. je ne sais plus quoi faire!Merci
des que j'ouvre internet, j'ai plein de pages de publicités qui s'ouvrent toutes seules, je suis peut-être entrain de faire comme par exemple maintenant ecrire un message, et pouf. Une page qui demarre. je ne sais plus quoi faire!Merci
A voir également:
- Plein de pub!!
- Bloqueur de pub youtube - Accueil - Streaming
- Stop pub gratuit - Télécharger - Divers Utilitaires
- Supprimer la pub - Guide
- Bloqueur de pub m6 - Astuces et Solutions
- Trouver nom acteur pub ✓ - Forum Cinéma / Télé
39 réponses
1) Télécharge et installe Malwarebyte's Anti-Malware:
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée. >>> clique sur OK
Lance Malwarebyte's Anti-Malware en double-cliquant sur l'icône sur ton Bureau.
Au premier lancement, une fenêtre t'annonce que la version est Free >>> clique sur OK
Laisse les Mises à jour se télécharger
*** Referme le programme ***
2) Redémarre en "Mode sans échec"
Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur [Entrée]
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
Regarde ici si besoin : https://www.malekal.com/demarrer-windows-mode-sans-echec/
Ouvre le fichier texte sauvegardé sur le Bureau afin de suivre les instructions comme il faut.
3) Scan avec Malwarebyte's Anti-Malware
Lance Malwarebyte's Anti-Malware
Onglet "Recherche" >>> coche Executer un exame complet >>> Rechercher sélectionne tes disques durs puis clique sur Lancer l’examen
A la fin du scan >>> clique sur Afficher les résultats puis sur Enregistrer le rapport
Suppression des éléments détectés >>>>
supprime ce qu'il a trouvé vide également les éléments de la quarantaine
S'il t'es demandé de redémarrer >>> clique sur "Yes"
--> Un rapport de scan s'ouvre, enregistre sur ton Bureau et poste ce rapport en réponse.
quand tu demande une analyse, demande en mode sans échec.
Pourquoi en mode sans échec:
*Car déjà l'analyse cherche plus de fichiers en mode sans échec que en mode normal.
*Et aussi en mode normal les virus ( trojans, cheval de troie, vers, spywares , malwares et autres ... sont actif) donc ne se supprimes pas donc ils faut le faire en mode sans échec .1) Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.
http://www.malwarebytes.org/mbam/program/mbam-setup.exe
A la fin de l'installation, veille à ce que l'option « mettre a jour Malwarebyte's Anti-Malware » soit cochée. >>> clique sur OK
Lance Malwarebyte's Anti-Malware en double-cliquant sur l'icône sur ton Bureau.
Au premier lancement, une fenêtre t'annonce que la version est Free >>> clique sur OK
Laisse les Mises à jour se télécharger
*** Referme le programme ***
2) Redémarre en "Mode sans échec"
Au redémarrage de l'ordinateur, une fois le chargement du BIOS terminé, il y a un écran noir qui apparaît rapidement, appuie sur la touche [F8] (ou [F5] sur certains pc) jusqu'à l'affichage du menu des options avancées de Windows.
Sélectionner "Mode sans échec" et appuie sur [Entrée]
Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre.
Regarde ici si besoin : https://www.malekal.com/demarrer-windows-mode-sans-echec/
Ouvre le fichier texte sauvegardé sur le Bureau afin de suivre les instructions comme il faut.
3) Scan avec Malwarebyte's Anti-Malware
Lance Malwarebyte's Anti-Malware
Onglet "Recherche" >>> coche Executer un exame complet >>> Rechercher sélectionne tes disques durs puis clique sur Lancer l’examen
A la fin du scan >>> clique sur Afficher les résultats puis sur Enregistrer le rapport
Suppression des éléments détectés >>>>
supprime ce qu'il a trouvé vide également les éléments de la quarantaine
S'il t'es demandé de redémarrer >>> clique sur "Yes"
--> Un rapport de scan s'ouvre, enregistre sur ton Bureau et poste ce rapport en réponse.
quand tu demande une analyse, demande en mode sans échec.
Pourquoi en mode sans échec:
*Car déjà l'analyse cherche plus de fichiers en mode sans échec que en mode normal.
*Et aussi en mode normal les virus ( trojans, cheval de troie, vers, spywares , malwares et autres ... sont actif) donc ne se supprimes pas donc ils faut le faire en mode sans échec .1) Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:33:07, on 07.08.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\EDSMSNFIX.EXE
C:\Program Files\Launch Manager\LManager.exe
C:\Windows\vVX3000.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Palm\Hotsync.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Sony Corporation\VirtualExpander\VirtualExpander.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\MARIAJ~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\mariajose\Desktop\HijackThis.exe
C:\Users\mariajose\Desktop\HijackThis.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Scan saved at 13:33:07, on 07.08.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\EDSMSNFIX.EXE
C:\Program Files\Launch Manager\LManager.exe
C:\Windows\vVX3000.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Palm\Hotsync.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Sony Corporation\VirtualExpander\VirtualExpander.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\MARIAJ~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\mariajose\Desktop\HijackThis.exe
C:\Users\mariajose\Desktop\HijackThis.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:57:07, on 07.08.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\EDSMSNFIX.EXE
C:\Program Files\Launch Manager\LManager.exe
C:\Windows\vVX3000.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Palm\Hotsync.exe
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Sony Corporation\VirtualExpander\VirtualExpander.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\mariajose\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eDSMSNfix] C:\Acer\Empowering Technology\eDSMSNfix.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX3000] C:\Windows\vVX3000.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: VirtualExpander.lnk = C:\Users\mariajose\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C8355408-E9C6-47BF-BAC6-0EE3A73BAE41}: NameServer = 195.186.1.111,195.186.4.111
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: eNetHook.dll
O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Scan saved at 13:57:07, on 07.08.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\EDSMSNFIX.EXE
C:\Program Files\Launch Manager\LManager.exe
C:\Windows\vVX3000.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Palm\Hotsync.exe
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Sony Corporation\VirtualExpander\VirtualExpander.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\mariajose\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - (no file)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eDSMSNfix] C:\Acer\Empowering Technology\eDSMSNfix.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX3000] C:\Windows\vVX3000.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: VirtualExpander.lnk = C:\Users\mariajose\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C8355408-E9C6-47BF-BAC6-0EE3A73BAE41}: NameServer = 195.186.1.111,195.186.4.111
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: eNetHook.dll
O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
il en reste encore
prend ce lien
https://sites.google.com/site/eric71mespages/lop.sd.exe
et fait l'option 1 ensuite poste le rapport
prend ce lien
https://sites.google.com/site/eric71mespages/lop.sd.exe
et fait l'option 1 ensuite poste le rapport
--------------------\\ Lop S&D 4.2.2-5 XP/Vista
[ Windows VISTA (NT 6.0) Workstation Build 6001, Service Pack 1 ]
[ USER : mariajose ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 07.08.2008 | 18:33:27.20 ] [ PC : PC-DE-MARIAJOSE ]
[ MAJ : 01-08-2008 | 01:40 ]
[ UAC => 0 ]
--------------------\\ Listing des dossiers dans Local
[16.06.2008|10:31] C:\Users\MARIAJ~1\AppData\Local\ACD Systems
[22.03.2008|00:02] C:\Users\MARIAJ~1\AppData\Local\acer eNM
[06.07.2008|23:40] C:\Users\MARIAJ~1\AppData\Local\Adobe
[05.05.2008|19:18] C:\Users\MARIAJ~1\AppData\Local\Ahead
[03.01.2008|15:30] C:\Users\MARIAJ~1\AppData\Local\Apple
[16.07.2008|08:24] C:\Users\MARIAJ~1\AppData\Local\Apple Computer
[18.12.2007|21:53] C:\Users\MARIAJ~1\AppData\Local\Application Data
[24.06.2008|09:06] C:\Users\MARIAJ~1\AppData\Local\Ares
[15.02.2008|13:18] C:\Users\MARIAJ~1\AppData\Local\Corel Photo Album
[21.06.2008|16:00] C:\Users\MARIAJ~1\AppData\Local\d3d9caps.dat
[03.08.2008|14:12] C:\Users\MARIAJ~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[19.07.2008|16:49] C:\Users\MARIAJ~1\AppData\Local\Downloaded Installations
[19.01.2008|20:19] C:\Users\MARIAJ~1\AppData\Local\DownloadLog.txt
[02.08.2008|10:37] C:\Users\MARIAJ~1\AppData\Local\eMule
[07.06.2008|19:09] C:\Users\MARIAJ~1\AppData\Local\GDIPFONTCACHEV1.DAT
[19.01.2008|12:46] C:\Users\MARIAJ~1\AppData\Local\Google
[07.01.2008|23:14] C:\Users\MARIAJ~1\AppData\Local\HaCon
[18.12.2007|21:53] C:\Users\MARIAJ~1\AppData\Local\Historique
[07.08.2008|17:59] C:\Users\MARIAJ~1\AppData\Local\IconCache.db
[03.02.2008|19:26] C:\Users\MARIAJ~1\AppData\Local\IM
[06.08.2008|17:38] C:\Users\MARIAJ~1\AppData\Local\ircpaaf.bat
[07.06.2008|19:09] C:\Users\MARIAJ~1\AppData\Local\Logiciel de commande Fujicolor
[01.01.2008|14:29] C:\Users\MARIAJ~1\AppData\Local\Magentic
[02.03.2008|19:50] C:\Users\MARIAJ~1\AppData\Local\MCE Deluxe Suite
[06.08.2008|18:48] C:\Users\MARIAJ~1\AppData\Local\Microsoft
[09.03.2008|23:03] C:\Users\MARIAJ~1\AppData\Local\Microsoft Games
[05.07.2008|19:59] C:\Users\MARIAJ~1\AppData\Local\Microsoft Help
[19.12.2007|00:18] C:\Users\MARIAJ~1\AppData\Local\Mozilla
[23.03.2008|23:51] C:\Users\MARIAJ~1\AppData\Local\Octoshape
[20.02.2008|21:53] C:\Users\MARIAJ~1\AppData\Local\OLYMPUS
[07.07.2008|11:46] C:\Users\MARIAJ~1\AppData\Local\piratrax
[02.03.2008|19:50] C:\Users\MARIAJ~1\AppData\Local\PowerCinema
[22.03.2008|11:52] C:\Users\MARIAJ~1\AppData\Local\RapidSolution
[14.05.2008|10:36] C:\Users\MARIAJ~1\AppData\Local\Shareaza
[23.01.2008|11:03] C:\Users\MARIAJ~1\AppData\Local\Sony Corporation
[07.08.2008|18:32] C:\Users\MARIAJ~1\AppData\Local\Temp
[18.12.2007|21:53] C:\Users\MARIAJ~1\AppData\Local\Temporary Internet Files
[03.05.2008|20:39] C:\Users\MARIAJ~1\AppData\Local\TVU Networks
[19.12.2007|19:13] C:\Users\MARIAJ~1\AppData\Local\VirtualStore
[06.01.2008|14:39] C:\Users\MARIAJ~1\AppData\Local\Xara
[28.07.2008|21:40] C:\Users\MARIAJ~1\AppData\Local\Zattoo
[10.06.2008|15:44] C:\Users\MARIAJ~1\AppData\Local\ZattooPlayer
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[07.08.2008 10:36][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{54F5BB1E-258E-4285-86DE-AE544FA29283}.job
[20.12.2007 13:55][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[07.08.2008 18:01][--ah-----] C:\Windows\tasks\SA.DAT
[07.08.2008 18:00][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[27.03.2007|14:37] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[16.06.2008|10:24] C:\ProgramData\ACD Systems
[10.02.2008|18:29] C:\ProgramData\Adobe
[05.05.2008|18:12] C:\ProgramData\Ahead
[03.01.2008|15:30] C:\ProgramData\Apple
[12.06.2008|12:05] C:\ProgramData\Apple Computer
[02.11.2006|15:02] C:\ProgramData\Application Data
[05.08.2008|22:50] C:\ProgramData\avg7
[18.12.2007|21:49] C:\ProgramData\Bureau
[25.03.2008|20:43] C:\ProgramData\CheckPoint
[05.05.2008|17:34] C:\ProgramData\CyberLink
[02.11.2006|15:02] C:\ProgramData\Desktop
[02.11.2006|15:02] C:\ProgramData\Documents
[12.02.2008|17:03] C:\ProgramData\Downloaded Installations
[22.02.2008|20:17] C:\ProgramData\Emjysoft
[02.08.2008|10:38] C:\ProgramData\eMule
[04.06.2008|22:27] C:\ProgramData\ezsidmv.dat
[18.12.2007|21:49] C:\ProgramData\Favoris
[02.11.2006|15:02] C:\ProgramData\Favorites
[04.01.2008|17:00] C:\ProgramData\Gogii
[21.12.2007|13:59] C:\ProgramData\Google
[07.08.2008|15:39] C:\ProgramData\Google Updater
[19.05.2008|11:21] C:\ProgramData\Grisoft
[07.01.2008|23:14] C:\ProgramData\HaCon
[15.03.2008|12:01] C:\ProgramData\HotSync
[20.05.2008|09:25] C:\ProgramData\IM
[19.12.2007|17:58] C:\ProgramData\IncrediMail
[12.02.2008|16:58] C:\ProgramData\Installations
[18.12.2007|21:54] C:\ProgramData\InstallShield
[07.08.2008|11:54] C:\ProgramData\Malwarebytes
[18.12.2007|21:49] C:\ProgramData\Menu D‚marrer
[28.02.2008|21:49] C:\ProgramData\Microsoft
[23.07.2008|09:28] C:\ProgramData\Microsoft Help
[18.12.2007|21:49] C:\ProgramData\ModŠles
[12.02.2008|16:53] C:\ProgramData\NCCD.log
[12.02.2008|17:42] C:\ProgramData\PC Suite
[04.06.2008|22:25] C:\ProgramData\Skype
[19.02.2008|23:17] C:\ProgramData\Spybot - Search & Destroy
[02.11.2006|15:02] C:\ProgramData\Start Menu
[25.03.2008|20:25] C:\ProgramData\Symantec
[22.03.2008|10:05] C:\ProgramData\TEMP
[02.11.2006|15:02] C:\ProgramData\Templates
[11.05.2008|18:54] C:\ProgramData\TVU Networks
[18.06.2008|13:17] C:\ProgramData\WindowsSearch
[24.07.2008|13:28] C:\ProgramData\WLInstaller
[19.12.2007|19:11] C:\ProgramData\Yahoo! Companion
[19.01.2008|20:24] C:\ProgramData\Zylom
--------------------\\ Listing des dossiers dans C:\Program Files
[23.03.2008|16:59] C:\Program Files\21cn
[21.12.2007|22:24] C:\Program Files\7-Zip
[16.06.2008|10:24] C:\Program Files\ACD Systems
[27.03.2007|14:14] C:\Program Files\Acer Arcade Deluxe
[18.12.2007|22:06] C:\Program Files\Acer Inc
[27.03.2007|14:37] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[14.07.2008|16:53] C:\Program Files\Adobe
[18.02.2008|01:40] C:\Program Files\adslTV
[05.05.2008|19:19] C:\Program Files\Ahead
[15.07.2008|19:35] C:\Program Files\Apple Software Update
[07.07.2008|14:09] C:\Program Files\Ares
[04.07.2008|18:18] C:\Program Files\BitTorrent
[19.06.2008|12:04] C:\Program Files\Bonjour
[15.02.2008|22:43] C:\Program Files\CCleaner
[17.06.2008|20:31] C:\Program Files\Common Files
[27.03.2007|13:36] C:\Program Files\CONEXANT
[12.02.2008|18:28] C:\Program Files\Corel
[27.03.2007|13:51] C:\Program Files\CyberLink
[02.08.2008|10:28] C:\Program Files\Decalage
[12.06.2008|19:59] C:\Program Files\desktop.ini
[12.02.2008|17:42] C:\Program Files\DIFX
[10.06.2008|09:54] C:\Program Files\Digitalway
[09.02.2008|16:47] C:\Program Files\DreamMail4
[02.08.2008|10:37] C:\Program Files\eMule
[18.12.2007|21:49] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[04.03.2008|00:20] C:\Program Files\Free Audio Pack
[15.07.2008|10:46] C:\Program Files\Google
[05.08.2008|23:09] C:\Program Files\Grisoft
[24.07.2008|11:54] C:\Program Files\IncrediMail
[08.06.2008|15:30] C:\Program Files\InstallShield Installation Information
[27.03.2007|13:15] C:\Program Files\Intel
[12.06.2008|19:43] C:\Program Files\Internet Explorer
[20.07.2008|12:45] C:\Program Files\Java
[22.03.2008|21:13] C:\Program Files\JLC's Software
[18.12.2007|21:56] C:\Program Files\Launch Manager
[10.07.2008|18:31] C:\Program Files\LimeWire
[03.03.2008|16:33] C:\Program Files\Macrogaming
[02.11.2006|14:37] C:\Program Files\Microsoft Games
[13.01.2008|13:13] C:\Program Files\Microsoft LifeCam
[21.12.2007|12:29] C:\Program Files\Microsoft Office
[02.01.2008|19:47] C:\Program Files\Microsoft SQL Server Compact Edition
[08.03.2008|12:49] C:\Program Files\Microsoft Visual Studio
[21.12.2007|12:24] C:\Program Files\Microsoft Visual Studio 8
[22.03.2008|00:02] C:\Program Files\Microsoft Works
[21.12.2007|12:28] C:\Program Files\Microsoft.NET
[12.06.2008|19:43] C:\Program Files\Movie Maker
[17.07.2008|09:05] C:\Program Files\Mozilla Firefox
[08.03.2008|12:49] C:\Program Files\MSBuild
[24.07.2008|12:56] C:\Program Files\MSN Messenger
[19.12.2007|20:16] C:\Program Files\MSXML 4.0
[07.08.2008|14:18] C:\Program Files\Navilog1
[27.03.2007|13:49] C:\Program Files\NewTech Infosystems
[20.02.2008|21:31] C:\Program Files\OLYMPUS
[22.03.2008|00:02] C:\Program Files\Palm
[03.07.2008|20:16] C:\Program Files\PhotoFiltre
[20.05.2008|12:26] C:\Program Files\Picasa2
[10.07.2008|10:56] C:\Program Files\Piratrax
[12.06.2008|12:06] C:\Program Files\QuickTime
[08.06.2008|15:35] C:\Program Files\Real
[08.06.2008|15:34] C:\Program Files\Real Alternative
[27.03.2007|13:26] C:\Program Files\Realtek
[02.11.2006|14:37] C:\Program Files\Reference Assemblies
[03.03.2008|16:33] C:\Program Files\RegCleaner
[04.01.2008|16:55] C:\Program Files\RngInterstitial.dll
[21.05.2008|11:12] C:\Program Files\Simnor World Clock Version 1.0
[04.06.2008|22:25] C:\Program Files\Skype
[27.03.2007|13:47] C:\Program Files\SMSC
[23.01.2008|11:04] C:\Program Files\Sony Corporation
[19.02.2008|23:21] C:\Program Files\Spybot - Search & Destroy
[20.07.2008|12:46] C:\Program Files\Sun
[27.03.2007|13:30] C:\Program Files\Synaptics
[15.02.2008|21:55] C:\Program Files\ToniArts
[07.01.2008|22:47] C:\Program Files\TWIXTEL
[02.11.2006|15:01] C:\Program Files\Uninstall Information
[12.06.2008|19:43] C:\Program Files\Windows Calendar
[12.06.2008|19:43] C:\Program Files\Windows Collaboration
[12.06.2008|19:42] C:\Program Files\Windows Defender
[12.06.2008|19:43] C:\Program Files\Windows Journal
[02.01.2008|19:49] C:\Program Files\Windows Live
[20.12.2007|13:54] C:\Program Files\Windows Live Favorites
[20.12.2007|13:55] C:\Program Files\Windows Live Toolbar
[12.06.2008|19:43] C:\Program Files\Windows Mail
[12.06.2008|19:43] C:\Program Files\Windows Media Player
[18.12.2007|21:49] C:\Program Files\Windows NT
[12.06.2008|19:42] C:\Program Files\Windows Photo Gallery
[12.06.2008|19:43] C:\Program Files\Windows Sidebar
[14.03.2008|21:11] C:\Program Files\WinRAR
[03.03.2008|16:33] C:\Program Files\worldTVRT
[06.01.2008|14:37] C:\Program Files\Xara
[18.12.2007|21:54] C:\Program Files\Yahoo!
[28.07.2008|21:38] C:\Program Files\Zattoo
[25.03.2008|20:43] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[16.06.2008|10:24] C:\Program Files\Common Files\ACD Systems
[14.07.2008|16:53] C:\Program Files\Common Files\Adobe
[05.05.2008|19:19] C:\Program Files\Common Files\Ahead
[12.06.2008|12:00] C:\Program Files\Common Files\Apple
[17.06.2008|20:32] C:\Program Files\Common Files\Corel
[08.03.2008|12:49] C:\Program Files\Common Files\DESIGNER
[18.12.2007|21:54] C:\Program Files\Common Files\InstallShield
[18.02.2008|12:14] C:\Program Files\Common Files\Java
[27.03.2007|13:49] C:\Program Files\Common Files\LightScribe
[18.07.2008|14:19] C:\Program Files\Common Files\microsoft shared
[27.03.2007|13:48] C:\Program Files\Common Files\muvee Technologies
[05.05.2008|19:12] C:\Program Files\Common Files\Nero
[27.03.2007|13:49] C:\Program Files\Common Files\NewTech Infosystems
[25.02.2008|00:07] C:\Program Files\Common Files\Real
[02.11.2006|13:18] C:\Program Files\Common Files\Services
[04.06.2008|22:25] C:\Program Files\Common Files\Skype
[02.11.2006|13:18] C:\Program Files\Common Files\SpeechEngines
[25.03.2008|20:30] C:\Program Files\Common Files\Symantec Shared
[23.03.2008|16:59] C:\Program Files\Common Files\Synacast
[12.06.2008|19:42] C:\Program Files\Common Files\System
[24.07.2008|09:25] C:\Program Files\Common Files\WindowsLiveInstaller
[17.01.2008|14:50] C:\Program Files\Common Files\Wise Installation Wizard
[06.01.2008|14:37] C:\Program Files\Common Files\Xara
[25.02.2008|00:07] C:\Program Files\Common Files\xing shared
--------------------\\ Process
( 91 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-07 18:33:39
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 3
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\ACDSee.9.Photo.Manager.9.0.55.Multi.Spanish.+.Crack.by.EVCDGroup.WwW.EliteVCD.CoM (2).lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\ACDSee.9.Photo.Manager.9.0.55.Multi.Spanish.+.Crack.by.EVCDGroup.WwW.EliteVCD.CoM.lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\Corel Paint Shop Pro Photo XI v.11.0 Multilanguaje + extras + keygen.rar.lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\incredimail xe premium 5 0 0 build 2206 crack spanish espa¤ol 1 02 06 by paranoico.lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\IncrediMail.Xe.Premium.5.0.0.Build.2206.Crack.Spanish.Espa¤ol.1.02.06.By.PaRaNoiCo (2).lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\IncrediMail.Xe.Premium.5.0.0.Build.2206.Crack.Spanish.Espa¤ol.1.02.06.By.PaRaNoiCo.lnk
=> C:\Users\MARIAJ~1\Downloads\eMule\Incoming\AcdSee 10 + crack Fr.zip
[F:162][D:15]-> C:\Users\MARIAJ~1\AppData\Local\Temp
[F:7][D:1]-> C:\Users\MARIAJ~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:62][D:4]-> C:\Users\MARIAJ~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:70][D:2]-> C:\$Recycle.Bin
--------------------\\ Fin du rapport a 18:35:32.27
[ UAC => 1 ]
[ Windows VISTA (NT 6.0) Workstation Build 6001, Service Pack 1 ]
[ USER : mariajose ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 07.08.2008 | 18:33:27.20 ] [ PC : PC-DE-MARIAJOSE ]
[ MAJ : 01-08-2008 | 01:40 ]
[ UAC => 0 ]
--------------------\\ Listing des dossiers dans Local
[16.06.2008|10:31] C:\Users\MARIAJ~1\AppData\Local\ACD Systems
[22.03.2008|00:02] C:\Users\MARIAJ~1\AppData\Local\acer eNM
[06.07.2008|23:40] C:\Users\MARIAJ~1\AppData\Local\Adobe
[05.05.2008|19:18] C:\Users\MARIAJ~1\AppData\Local\Ahead
[03.01.2008|15:30] C:\Users\MARIAJ~1\AppData\Local\Apple
[16.07.2008|08:24] C:\Users\MARIAJ~1\AppData\Local\Apple Computer
[18.12.2007|21:53] C:\Users\MARIAJ~1\AppData\Local\Application Data
[24.06.2008|09:06] C:\Users\MARIAJ~1\AppData\Local\Ares
[15.02.2008|13:18] C:\Users\MARIAJ~1\AppData\Local\Corel Photo Album
[21.06.2008|16:00] C:\Users\MARIAJ~1\AppData\Local\d3d9caps.dat
[03.08.2008|14:12] C:\Users\MARIAJ~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[19.07.2008|16:49] C:\Users\MARIAJ~1\AppData\Local\Downloaded Installations
[19.01.2008|20:19] C:\Users\MARIAJ~1\AppData\Local\DownloadLog.txt
[02.08.2008|10:37] C:\Users\MARIAJ~1\AppData\Local\eMule
[07.06.2008|19:09] C:\Users\MARIAJ~1\AppData\Local\GDIPFONTCACHEV1.DAT
[19.01.2008|12:46] C:\Users\MARIAJ~1\AppData\Local\Google
[07.01.2008|23:14] C:\Users\MARIAJ~1\AppData\Local\HaCon
[18.12.2007|21:53] C:\Users\MARIAJ~1\AppData\Local\Historique
[07.08.2008|17:59] C:\Users\MARIAJ~1\AppData\Local\IconCache.db
[03.02.2008|19:26] C:\Users\MARIAJ~1\AppData\Local\IM
[06.08.2008|17:38] C:\Users\MARIAJ~1\AppData\Local\ircpaaf.bat
[07.06.2008|19:09] C:\Users\MARIAJ~1\AppData\Local\Logiciel de commande Fujicolor
[01.01.2008|14:29] C:\Users\MARIAJ~1\AppData\Local\Magentic
[02.03.2008|19:50] C:\Users\MARIAJ~1\AppData\Local\MCE Deluxe Suite
[06.08.2008|18:48] C:\Users\MARIAJ~1\AppData\Local\Microsoft
[09.03.2008|23:03] C:\Users\MARIAJ~1\AppData\Local\Microsoft Games
[05.07.2008|19:59] C:\Users\MARIAJ~1\AppData\Local\Microsoft Help
[19.12.2007|00:18] C:\Users\MARIAJ~1\AppData\Local\Mozilla
[23.03.2008|23:51] C:\Users\MARIAJ~1\AppData\Local\Octoshape
[20.02.2008|21:53] C:\Users\MARIAJ~1\AppData\Local\OLYMPUS
[07.07.2008|11:46] C:\Users\MARIAJ~1\AppData\Local\piratrax
[02.03.2008|19:50] C:\Users\MARIAJ~1\AppData\Local\PowerCinema
[22.03.2008|11:52] C:\Users\MARIAJ~1\AppData\Local\RapidSolution
[14.05.2008|10:36] C:\Users\MARIAJ~1\AppData\Local\Shareaza
[23.01.2008|11:03] C:\Users\MARIAJ~1\AppData\Local\Sony Corporation
[07.08.2008|18:32] C:\Users\MARIAJ~1\AppData\Local\Temp
[18.12.2007|21:53] C:\Users\MARIAJ~1\AppData\Local\Temporary Internet Files
[03.05.2008|20:39] C:\Users\MARIAJ~1\AppData\Local\TVU Networks
[19.12.2007|19:13] C:\Users\MARIAJ~1\AppData\Local\VirtualStore
[06.01.2008|14:39] C:\Users\MARIAJ~1\AppData\Local\Xara
[28.07.2008|21:40] C:\Users\MARIAJ~1\AppData\Local\Zattoo
[10.06.2008|15:44] C:\Users\MARIAJ~1\AppData\Local\ZattooPlayer
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[07.08.2008 10:36][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{54F5BB1E-258E-4285-86DE-AE544FA29283}.job
[20.12.2007 13:55][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[07.08.2008 18:01][--ah-----] C:\Windows\tasks\SA.DAT
[07.08.2008 18:00][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[27.03.2007|14:37] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[16.06.2008|10:24] C:\ProgramData\ACD Systems
[10.02.2008|18:29] C:\ProgramData\Adobe
[05.05.2008|18:12] C:\ProgramData\Ahead
[03.01.2008|15:30] C:\ProgramData\Apple
[12.06.2008|12:05] C:\ProgramData\Apple Computer
[02.11.2006|15:02] C:\ProgramData\Application Data
[05.08.2008|22:50] C:\ProgramData\avg7
[18.12.2007|21:49] C:\ProgramData\Bureau
[25.03.2008|20:43] C:\ProgramData\CheckPoint
[05.05.2008|17:34] C:\ProgramData\CyberLink
[02.11.2006|15:02] C:\ProgramData\Desktop
[02.11.2006|15:02] C:\ProgramData\Documents
[12.02.2008|17:03] C:\ProgramData\Downloaded Installations
[22.02.2008|20:17] C:\ProgramData\Emjysoft
[02.08.2008|10:38] C:\ProgramData\eMule
[04.06.2008|22:27] C:\ProgramData\ezsidmv.dat
[18.12.2007|21:49] C:\ProgramData\Favoris
[02.11.2006|15:02] C:\ProgramData\Favorites
[04.01.2008|17:00] C:\ProgramData\Gogii
[21.12.2007|13:59] C:\ProgramData\Google
[07.08.2008|15:39] C:\ProgramData\Google Updater
[19.05.2008|11:21] C:\ProgramData\Grisoft
[07.01.2008|23:14] C:\ProgramData\HaCon
[15.03.2008|12:01] C:\ProgramData\HotSync
[20.05.2008|09:25] C:\ProgramData\IM
[19.12.2007|17:58] C:\ProgramData\IncrediMail
[12.02.2008|16:58] C:\ProgramData\Installations
[18.12.2007|21:54] C:\ProgramData\InstallShield
[07.08.2008|11:54] C:\ProgramData\Malwarebytes
[18.12.2007|21:49] C:\ProgramData\Menu D‚marrer
[28.02.2008|21:49] C:\ProgramData\Microsoft
[23.07.2008|09:28] C:\ProgramData\Microsoft Help
[18.12.2007|21:49] C:\ProgramData\ModŠles
[12.02.2008|16:53] C:\ProgramData\NCCD.log
[12.02.2008|17:42] C:\ProgramData\PC Suite
[04.06.2008|22:25] C:\ProgramData\Skype
[19.02.2008|23:17] C:\ProgramData\Spybot - Search & Destroy
[02.11.2006|15:02] C:\ProgramData\Start Menu
[25.03.2008|20:25] C:\ProgramData\Symantec
[22.03.2008|10:05] C:\ProgramData\TEMP
[02.11.2006|15:02] C:\ProgramData\Templates
[11.05.2008|18:54] C:\ProgramData\TVU Networks
[18.06.2008|13:17] C:\ProgramData\WindowsSearch
[24.07.2008|13:28] C:\ProgramData\WLInstaller
[19.12.2007|19:11] C:\ProgramData\Yahoo! Companion
[19.01.2008|20:24] C:\ProgramData\Zylom
--------------------\\ Listing des dossiers dans C:\Program Files
[23.03.2008|16:59] C:\Program Files\21cn
[21.12.2007|22:24] C:\Program Files\7-Zip
[16.06.2008|10:24] C:\Program Files\ACD Systems
[27.03.2007|14:14] C:\Program Files\Acer Arcade Deluxe
[18.12.2007|22:06] C:\Program Files\Acer Inc
[27.03.2007|14:37] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[14.07.2008|16:53] C:\Program Files\Adobe
[18.02.2008|01:40] C:\Program Files\adslTV
[05.05.2008|19:19] C:\Program Files\Ahead
[15.07.2008|19:35] C:\Program Files\Apple Software Update
[07.07.2008|14:09] C:\Program Files\Ares
[04.07.2008|18:18] C:\Program Files\BitTorrent
[19.06.2008|12:04] C:\Program Files\Bonjour
[15.02.2008|22:43] C:\Program Files\CCleaner
[17.06.2008|20:31] C:\Program Files\Common Files
[27.03.2007|13:36] C:\Program Files\CONEXANT
[12.02.2008|18:28] C:\Program Files\Corel
[27.03.2007|13:51] C:\Program Files\CyberLink
[02.08.2008|10:28] C:\Program Files\Decalage
[12.06.2008|19:59] C:\Program Files\desktop.ini
[12.02.2008|17:42] C:\Program Files\DIFX
[10.06.2008|09:54] C:\Program Files\Digitalway
[09.02.2008|16:47] C:\Program Files\DreamMail4
[02.08.2008|10:37] C:\Program Files\eMule
[18.12.2007|21:49] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[04.03.2008|00:20] C:\Program Files\Free Audio Pack
[15.07.2008|10:46] C:\Program Files\Google
[05.08.2008|23:09] C:\Program Files\Grisoft
[24.07.2008|11:54] C:\Program Files\IncrediMail
[08.06.2008|15:30] C:\Program Files\InstallShield Installation Information
[27.03.2007|13:15] C:\Program Files\Intel
[12.06.2008|19:43] C:\Program Files\Internet Explorer
[20.07.2008|12:45] C:\Program Files\Java
[22.03.2008|21:13] C:\Program Files\JLC's Software
[18.12.2007|21:56] C:\Program Files\Launch Manager
[10.07.2008|18:31] C:\Program Files\LimeWire
[03.03.2008|16:33] C:\Program Files\Macrogaming
[02.11.2006|14:37] C:\Program Files\Microsoft Games
[13.01.2008|13:13] C:\Program Files\Microsoft LifeCam
[21.12.2007|12:29] C:\Program Files\Microsoft Office
[02.01.2008|19:47] C:\Program Files\Microsoft SQL Server Compact Edition
[08.03.2008|12:49] C:\Program Files\Microsoft Visual Studio
[21.12.2007|12:24] C:\Program Files\Microsoft Visual Studio 8
[22.03.2008|00:02] C:\Program Files\Microsoft Works
[21.12.2007|12:28] C:\Program Files\Microsoft.NET
[12.06.2008|19:43] C:\Program Files\Movie Maker
[17.07.2008|09:05] C:\Program Files\Mozilla Firefox
[08.03.2008|12:49] C:\Program Files\MSBuild
[24.07.2008|12:56] C:\Program Files\MSN Messenger
[19.12.2007|20:16] C:\Program Files\MSXML 4.0
[07.08.2008|14:18] C:\Program Files\Navilog1
[27.03.2007|13:49] C:\Program Files\NewTech Infosystems
[20.02.2008|21:31] C:\Program Files\OLYMPUS
[22.03.2008|00:02] C:\Program Files\Palm
[03.07.2008|20:16] C:\Program Files\PhotoFiltre
[20.05.2008|12:26] C:\Program Files\Picasa2
[10.07.2008|10:56] C:\Program Files\Piratrax
[12.06.2008|12:06] C:\Program Files\QuickTime
[08.06.2008|15:35] C:\Program Files\Real
[08.06.2008|15:34] C:\Program Files\Real Alternative
[27.03.2007|13:26] C:\Program Files\Realtek
[02.11.2006|14:37] C:\Program Files\Reference Assemblies
[03.03.2008|16:33] C:\Program Files\RegCleaner
[04.01.2008|16:55] C:\Program Files\RngInterstitial.dll
[21.05.2008|11:12] C:\Program Files\Simnor World Clock Version 1.0
[04.06.2008|22:25] C:\Program Files\Skype
[27.03.2007|13:47] C:\Program Files\SMSC
[23.01.2008|11:04] C:\Program Files\Sony Corporation
[19.02.2008|23:21] C:\Program Files\Spybot - Search & Destroy
[20.07.2008|12:46] C:\Program Files\Sun
[27.03.2007|13:30] C:\Program Files\Synaptics
[15.02.2008|21:55] C:\Program Files\ToniArts
[07.01.2008|22:47] C:\Program Files\TWIXTEL
[02.11.2006|15:01] C:\Program Files\Uninstall Information
[12.06.2008|19:43] C:\Program Files\Windows Calendar
[12.06.2008|19:43] C:\Program Files\Windows Collaboration
[12.06.2008|19:42] C:\Program Files\Windows Defender
[12.06.2008|19:43] C:\Program Files\Windows Journal
[02.01.2008|19:49] C:\Program Files\Windows Live
[20.12.2007|13:54] C:\Program Files\Windows Live Favorites
[20.12.2007|13:55] C:\Program Files\Windows Live Toolbar
[12.06.2008|19:43] C:\Program Files\Windows Mail
[12.06.2008|19:43] C:\Program Files\Windows Media Player
[18.12.2007|21:49] C:\Program Files\Windows NT
[12.06.2008|19:42] C:\Program Files\Windows Photo Gallery
[12.06.2008|19:43] C:\Program Files\Windows Sidebar
[14.03.2008|21:11] C:\Program Files\WinRAR
[03.03.2008|16:33] C:\Program Files\worldTVRT
[06.01.2008|14:37] C:\Program Files\Xara
[18.12.2007|21:54] C:\Program Files\Yahoo!
[28.07.2008|21:38] C:\Program Files\Zattoo
[25.03.2008|20:43] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[16.06.2008|10:24] C:\Program Files\Common Files\ACD Systems
[14.07.2008|16:53] C:\Program Files\Common Files\Adobe
[05.05.2008|19:19] C:\Program Files\Common Files\Ahead
[12.06.2008|12:00] C:\Program Files\Common Files\Apple
[17.06.2008|20:32] C:\Program Files\Common Files\Corel
[08.03.2008|12:49] C:\Program Files\Common Files\DESIGNER
[18.12.2007|21:54] C:\Program Files\Common Files\InstallShield
[18.02.2008|12:14] C:\Program Files\Common Files\Java
[27.03.2007|13:49] C:\Program Files\Common Files\LightScribe
[18.07.2008|14:19] C:\Program Files\Common Files\microsoft shared
[27.03.2007|13:48] C:\Program Files\Common Files\muvee Technologies
[05.05.2008|19:12] C:\Program Files\Common Files\Nero
[27.03.2007|13:49] C:\Program Files\Common Files\NewTech Infosystems
[25.02.2008|00:07] C:\Program Files\Common Files\Real
[02.11.2006|13:18] C:\Program Files\Common Files\Services
[04.06.2008|22:25] C:\Program Files\Common Files\Skype
[02.11.2006|13:18] C:\Program Files\Common Files\SpeechEngines
[25.03.2008|20:30] C:\Program Files\Common Files\Symantec Shared
[23.03.2008|16:59] C:\Program Files\Common Files\Synacast
[12.06.2008|19:42] C:\Program Files\Common Files\System
[24.07.2008|09:25] C:\Program Files\Common Files\WindowsLiveInstaller
[17.01.2008|14:50] C:\Program Files\Common Files\Wise Installation Wizard
[06.01.2008|14:37] C:\Program Files\Common Files\Xara
[25.02.2008|00:07] C:\Program Files\Common Files\xing shared
--------------------\\ Process
( 91 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-07 18:33:39
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 3
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\ACDSee.9.Photo.Manager.9.0.55.Multi.Spanish.+.Crack.by.EVCDGroup.WwW.EliteVCD.CoM (2).lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\ACDSee.9.Photo.Manager.9.0.55.Multi.Spanish.+.Crack.by.EVCDGroup.WwW.EliteVCD.CoM.lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\Corel Paint Shop Pro Photo XI v.11.0 Multilanguaje + extras + keygen.rar.lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\incredimail xe premium 5 0 0 build 2206 crack spanish espa¤ol 1 02 06 by paranoico.lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\IncrediMail.Xe.Premium.5.0.0.Build.2206.Crack.Spanish.Espa¤ol.1.02.06.By.PaRaNoiCo (2).lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\IncrediMail.Xe.Premium.5.0.0.Build.2206.Crack.Spanish.Espa¤ol.1.02.06.By.PaRaNoiCo.lnk
=> C:\Users\MARIAJ~1\Downloads\eMule\Incoming\AcdSee 10 + crack Fr.zip
[F:162][D:15]-> C:\Users\MARIAJ~1\AppData\Local\Temp
[F:7][D:1]-> C:\Users\MARIAJ~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:62][D:4]-> C:\Users\MARIAJ~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:70][D:2]-> C:\$Recycle.Bin
--------------------\\ Fin du rapport a 18:35:32.27
[ UAC => 1 ]
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Salut,
1. Tu paies Norton ou c’est en essaie?
2. Ouvre une page Internet et dans (outils->option internet), dans le cadre tu vire toutes les adresses. Tu tape www.google.fr, tu valide tu sors.(si tu les veux ces pages tu les met dans favoris).
3. Via panneau de configuration dans « ajout/suppression de programmes », tu désinstalle « Yahoo toolbar » et « Ask toolbar ».
4. Tu as un logiciel de téléchargement sur ton pc (si oui lequel ?)? Tu l’as installé toi-même ?(le virus est entré par là).
En pratique si tu désinstalle ce logiciel et un autre qui l’accompagne tu résolut le problème. Mais si tu veux à tout prix le garder on va essayer. En sachant que ton pc risque à tout moment de s’infecter. Est ce que tu veux le garder?
Une fois que tu as fait ces opérations tu redémarre ton pc. Relance « hijack this » et poste le nouveau rapport.
A+.
1. Tu paies Norton ou c’est en essaie?
2. Ouvre une page Internet et dans (outils->option internet), dans le cadre tu vire toutes les adresses. Tu tape www.google.fr, tu valide tu sors.(si tu les veux ces pages tu les met dans favoris).
3. Via panneau de configuration dans « ajout/suppression de programmes », tu désinstalle « Yahoo toolbar » et « Ask toolbar ».
4. Tu as un logiciel de téléchargement sur ton pc (si oui lequel ?)? Tu l’as installé toi-même ?(le virus est entré par là).
En pratique si tu désinstalle ce logiciel et un autre qui l’accompagne tu résolut le problème. Mais si tu veux à tout prix le garder on va essayer. En sachant que ton pc risque à tout moment de s’infecter. Est ce que tu veux le garder?
Une fois que tu as fait ces opérations tu redémarre ton pc. Relance « hijack this » et poste le nouveau rapport.
A+.
oui tu as raison, je viens de le voir, je ne me suis pas aperçu avant, je pense que il devait etre installee quand je l'ai achetér, car je l'ai pris en ocassion. j'ai supprimer e-mule mais l'autre programme je n'arrive pas. ici je t'envoi le rapport.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:28:07, on 08.08.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\EDSMSNFIX.EXE
C:\Program Files\Launch Manager\LManager.exe
C:\Windows\vVX3000.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Palm\Hotsync.exe
C:\Users\mariajose\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\MARIAJ~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\mariajose\Desktop\HijackThis.exe
C:\Users\mariajose\Desktop\HijackThis.exe
C:\Windows\system32\rundll32.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eDSMSNfix] C:\Acer\Empowering Technology\eDSMSNfix.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX3000] C:\Windows\vVX3000.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: VirtualExpander.lnk = C:\Users\mariajose\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C8355408-E9C6-47BF-BAC6-0EE3A73BAE41}: NameServer = 195.186.1.111,195.186.4.111
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: eNetHook.dll
O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:28:07, on 08.08.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\EDSMSNFIX.EXE
C:\Program Files\Launch Manager\LManager.exe
C:\Windows\vVX3000.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Palm\Hotsync.exe
C:\Users\mariajose\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\MARIAJ~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\mariajose\Desktop\HijackThis.exe
C:\Users\mariajose\Desktop\HijackThis.exe
C:\Windows\system32\rundll32.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL (file missing)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eDSMSNfix] C:\Acer\Empowering Technology\eDSMSNfix.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX3000] C:\Windows\vVX3000.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: VirtualExpander.lnk = C:\Users\mariajose\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C8355408-E9C6-47BF-BAC6-0EE3A73BAE41}: NameServer = 195.186.1.111,195.186.4.111
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: eNetHook.dll
O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
poste le rapport de lop sd stp
as tu virer tes cracks ?
C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\ACDSee.9.Photo.Manager.9.0.55.Multi.Spanish.+.Crack.by.EVCDGroup.WwW.EliteVCD.CoM (2).lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\ACDSee.9.Photo.Manager.9.0.55.Multi.Spanish.+.Crack.by.EVCDGroup.WwW.EliteVCD.CoM.lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\Corel Paint Shop Pro Photo XI v.11.0 Multilanguaje + extras + keygen.rar.lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\incredimail xe premium 5 0 0 build 2206 crack spanish espa¤ol 1 02 06 by paranoico.lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\IncrediMail.Xe.Premium.5.0.0.Build.2206.Crack.Spanish.Espa¤ol.1.02.06.By.PaRaNoiCo (2).lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\IncrediMail.Xe.Premium.5.0.0.Build.2206.Crack.Spanish.Espa¤ol.1.02.06.By.PaRaNoiCo.lnk
=> C:\Users\MARIAJ~1\Downloads\eMule\Incoming\AcdSee 10 + crack Fr.zip
as tu virer tes cracks ?
C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\ACDSee.9.Photo.Manager.9.0.55.Multi.Spanish.+.Crack.by.EVCDGroup.WwW.EliteVCD.CoM (2).lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\ACDSee.9.Photo.Manager.9.0.55.Multi.Spanish.+.Crack.by.EVCDGroup.WwW.EliteVCD.CoM.lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\Corel Paint Shop Pro Photo XI v.11.0 Multilanguaje + extras + keygen.rar.lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\incredimail xe premium 5 0 0 build 2206 crack spanish espa¤ol 1 02 06 by paranoico.lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\IncrediMail.Xe.Premium.5.0.0.Build.2206.Crack.Spanish.Espa¤ol.1.02.06.By.PaRaNoiCo (2).lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\IncrediMail.Xe.Premium.5.0.0.Build.2206.Crack.Spanish.Espa¤ol.1.02.06.By.PaRaNoiCo.lnk
=> C:\Users\MARIAJ~1\Downloads\eMule\Incoming\AcdSee 10 + crack Fr.zip
Je ne sais pas comment virer les cracks
--------------------\\ Lop S&D 4.2.2-5 XP/Vista
[ Windows VISTA (NT 6.0) Workstation Build 6001, Service Pack 1 ]
[ USER : mariajose ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 08.08.2008 | 16:02:34.74 ] [ PC : PC-DE-MARIAJOSE ]
[ MAJ : 01-08-2008 | 01:40 ]
[ UAC => 0 ]
--------------------\\ Listing des dossiers dans Local
[16.06.2008|10:31] C:\Users\MARIAJ~1\AppData\Local\ACD Systems
[22.03.2008|00:02] C:\Users\MARIAJ~1\AppData\Local\acer eNM
[06.07.2008|23:40] C:\Users\MARIAJ~1\AppData\Local\Adobe
[05.05.2008|19:18] C:\Users\MARIAJ~1\AppData\Local\Ahead
[03.01.2008|15:30] C:\Users\MARIAJ~1\AppData\Local\Apple
[16.07.2008|08:24] C:\Users\MARIAJ~1\AppData\Local\Apple Computer
[18.12.2007|21:53] C:\Users\MARIAJ~1\AppData\Local\Application Data
[24.06.2008|09:06] C:\Users\MARIAJ~1\AppData\Local\Ares
[15.02.2008|13:18] C:\Users\MARIAJ~1\AppData\Local\Corel Photo Album
[08.08.2008|14:13] C:\Users\MARIAJ~1\AppData\Local\d3d9caps.dat
[03.08.2008|14:12] C:\Users\MARIAJ~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[19.07.2008|16:49] C:\Users\MARIAJ~1\AppData\Local\Downloaded Installations
[19.01.2008|20:19] C:\Users\MARIAJ~1\AppData\Local\DownloadLog.txt
[07.06.2008|19:09] C:\Users\MARIAJ~1\AppData\Local\GDIPFONTCACHEV1.DAT
[19.01.2008|12:46] C:\Users\MARIAJ~1\AppData\Local\Google
[07.01.2008|23:14] C:\Users\MARIAJ~1\AppData\Local\HaCon
[18.12.2007|21:53] C:\Users\MARIAJ~1\AppData\Local\Historique
[08.08.2008|15:57] C:\Users\MARIAJ~1\AppData\Local\IconCache.db
[03.02.2008|19:26] C:\Users\MARIAJ~1\AppData\Local\IM
[06.08.2008|17:38] C:\Users\MARIAJ~1\AppData\Local\ircpaaf.bat
[07.06.2008|19:09] C:\Users\MARIAJ~1\AppData\Local\Logiciel de commande Fujicolor
[01.01.2008|14:29] C:\Users\MARIAJ~1\AppData\Local\Magentic
[02.03.2008|19:50] C:\Users\MARIAJ~1\AppData\Local\MCE Deluxe Suite
[06.08.2008|18:48] C:\Users\MARIAJ~1\AppData\Local\Microsoft
[09.03.2008|23:03] C:\Users\MARIAJ~1\AppData\Local\Microsoft Games
[05.07.2008|19:59] C:\Users\MARIAJ~1\AppData\Local\Microsoft Help
[19.12.2007|00:18] C:\Users\MARIAJ~1\AppData\Local\Mozilla
[23.03.2008|23:51] C:\Users\MARIAJ~1\AppData\Local\Octoshape
[20.02.2008|21:53] C:\Users\MARIAJ~1\AppData\Local\OLYMPUS
[07.07.2008|11:46] C:\Users\MARIAJ~1\AppData\Local\piratrax
[02.03.2008|19:50] C:\Users\MARIAJ~1\AppData\Local\PowerCinema
[22.03.2008|11:52] C:\Users\MARIAJ~1\AppData\Local\RapidSolution
[14.05.2008|10:36] C:\Users\MARIAJ~1\AppData\Local\Shareaza
[23.01.2008|11:03] C:\Users\MARIAJ~1\AppData\Local\Sony Corporation
[08.08.2008|16:02] C:\Users\MARIAJ~1\AppData\Local\Temp
[18.12.2007|21:53] C:\Users\MARIAJ~1\AppData\Local\Temporary Internet Files
[03.05.2008|20:39] C:\Users\MARIAJ~1\AppData\Local\TVU Networks
[19.12.2007|19:13] C:\Users\MARIAJ~1\AppData\Local\VirtualStore
[06.01.2008|14:39] C:\Users\MARIAJ~1\AppData\Local\Xara
[28.07.2008|21:40] C:\Users\MARIAJ~1\AppData\Local\Zattoo
[10.06.2008|15:44] C:\Users\MARIAJ~1\AppData\Local\ZattooPlayer
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[08.08.2008 14:16][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{54F5BB1E-258E-4285-86DE-AE544FA29283}.job
[20.12.2007 13:55][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[08.08.2008 15:58][--ah-----] C:\Windows\tasks\SA.DAT
[08.08.2008 15:57][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[27.03.2007|14:37] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[16.06.2008|10:24] C:\ProgramData\ACD Systems
[10.02.2008|18:29] C:\ProgramData\Adobe
[05.05.2008|18:12] C:\ProgramData\Ahead
[03.01.2008|15:30] C:\ProgramData\Apple
[12.06.2008|12:05] C:\ProgramData\Apple Computer
[02.11.2006|15:02] C:\ProgramData\Application Data
[05.08.2008|22:50] C:\ProgramData\avg7
[18.12.2007|21:49] C:\ProgramData\Bureau
[25.03.2008|20:43] C:\ProgramData\CheckPoint
[05.05.2008|17:34] C:\ProgramData\CyberLink
[02.11.2006|15:02] C:\ProgramData\Desktop
[02.11.2006|15:02] C:\ProgramData\Documents
[12.02.2008|17:03] C:\ProgramData\Downloaded Installations
[22.02.2008|20:17] C:\ProgramData\Emjysoft
[08.08.2008|15:14] C:\ProgramData\eMule
[04.06.2008|22:27] C:\ProgramData\ezsidmv.dat
[18.12.2007|21:49] C:\ProgramData\Favoris
[02.11.2006|15:02] C:\ProgramData\Favorites
[04.01.2008|17:00] C:\ProgramData\Gogii
[21.12.2007|13:59] C:\ProgramData\Google
[07.08.2008|15:39] C:\ProgramData\Google Updater
[19.05.2008|11:21] C:\ProgramData\Grisoft
[07.01.2008|23:14] C:\ProgramData\HaCon
[15.03.2008|12:01] C:\ProgramData\HotSync
[20.05.2008|09:25] C:\ProgramData\IM
[19.12.2007|17:58] C:\ProgramData\IncrediMail
[12.02.2008|16:58] C:\ProgramData\Installations
[18.12.2007|21:54] C:\ProgramData\InstallShield
[07.08.2008|11:54] C:\ProgramData\Malwarebytes
[18.12.2007|21:49] C:\ProgramData\Menu D‚marrer
[28.02.2008|21:49] C:\ProgramData\Microsoft
[23.07.2008|09:28] C:\ProgramData\Microsoft Help
[18.12.2007|21:49] C:\ProgramData\ModŠles
[12.02.2008|16:53] C:\ProgramData\NCCD.log
[12.02.2008|17:42] C:\ProgramData\PC Suite
[04.06.2008|22:25] C:\ProgramData\Skype
[19.02.2008|23:17] C:\ProgramData\Spybot - Search & Destroy
[02.11.2006|15:02] C:\ProgramData\Start Menu
[25.03.2008|20:25] C:\ProgramData\Symantec
[22.03.2008|10:05] C:\ProgramData\TEMP
[02.11.2006|15:02] C:\ProgramData\Templates
[11.05.2008|18:54] C:\ProgramData\TVU Networks
[18.06.2008|13:17] C:\ProgramData\WindowsSearch
[24.07.2008|13:28] C:\ProgramData\WLInstaller
[19.01.2008|20:24] C:\ProgramData\Zylom
--------------------\\ Listing des dossiers dans C:\Program Files
[23.03.2008|16:59] C:\Program Files\21cn
[21.12.2007|22:24] C:\Program Files\7-Zip
[16.06.2008|10:24] C:\Program Files\ACD Systems
[27.03.2007|14:14] C:\Program Files\Acer Arcade Deluxe
[18.12.2007|22:06] C:\Program Files\Acer Inc
[27.03.2007|14:37] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[14.07.2008|16:53] C:\Program Files\Adobe
[18.02.2008|01:40] C:\Program Files\adslTV
[05.05.2008|19:19] C:\Program Files\Ahead
[15.07.2008|19:35] C:\Program Files\Apple Software Update
[07.07.2008|14:09] C:\Program Files\Ares
[04.07.2008|18:18] C:\Program Files\BitTorrent
[19.06.2008|12:04] C:\Program Files\Bonjour
[15.02.2008|22:43] C:\Program Files\CCleaner
[17.06.2008|20:31] C:\Program Files\Common Files
[27.03.2007|13:36] C:\Program Files\CONEXANT
[12.02.2008|18:28] C:\Program Files\Corel
[27.03.2007|13:51] C:\Program Files\CyberLink
[02.08.2008|10:28] C:\Program Files\Decalage
[12.06.2008|19:59] C:\Program Files\desktop.ini
[12.02.2008|17:42] C:\Program Files\DIFX
[10.06.2008|09:54] C:\Program Files\Digitalway
[09.02.2008|16:47] C:\Program Files\DreamMail4
[18.12.2007|21:49] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[04.03.2008|00:20] C:\Program Files\Free Audio Pack
[15.07.2008|10:46] C:\Program Files\Google
[05.08.2008|23:09] C:\Program Files\Grisoft
[24.07.2008|11:54] C:\Program Files\IncrediMail
[08.06.2008|15:30] C:\Program Files\InstallShield Installation Information
[27.03.2007|13:15] C:\Program Files\Intel
[12.06.2008|19:43] C:\Program Files\Internet Explorer
[20.07.2008|12:45] C:\Program Files\Java
[22.03.2008|21:13] C:\Program Files\JLC's Software
[18.12.2007|21:56] C:\Program Files\Launch Manager
[10.07.2008|18:31] C:\Program Files\LimeWire
[03.03.2008|16:33] C:\Program Files\Macrogaming
[02.11.2006|14:37] C:\Program Files\Microsoft Games
[13.01.2008|13:13] C:\Program Files\Microsoft LifeCam
[21.12.2007|12:29] C:\Program Files\Microsoft Office
[02.01.2008|19:47] C:\Program Files\Microsoft SQL Server Compact Edition
[08.03.2008|12:49] C:\Program Files\Microsoft Visual Studio
[21.12.2007|12:24] C:\Program Files\Microsoft Visual Studio 8
[22.03.2008|00:02] C:\Program Files\Microsoft Works
[21.12.2007|12:28] C:\Program Files\Microsoft.NET
[12.06.2008|19:43] C:\Program Files\Movie Maker
[17.07.2008|09:05] C:\Program Files\Mozilla Firefox
[08.03.2008|12:49] C:\Program Files\MSBuild
[24.07.2008|12:56] C:\Program Files\MSN Messenger
[19.12.2007|20:16] C:\Program Files\MSXML 4.0
[07.08.2008|14:18] C:\Program Files\Navilog1
[27.03.2007|13:49] C:\Program Files\NewTech Infosystems
[20.02.2008|21:31] C:\Program Files\OLYMPUS
[22.03.2008|00:02] C:\Program Files\Palm
[03.07.2008|20:16] C:\Program Files\PhotoFiltre
[20.05.2008|12:26] C:\Program Files\Picasa2
[10.07.2008|10:56] C:\Program Files\Piratrax
[12.06.2008|12:06] C:\Program Files\QuickTime
[08.06.2008|15:35] C:\Program Files\Real
[08.06.2008|15:34] C:\Program Files\Real Alternative
[27.03.2007|13:26] C:\Program Files\Realtek
[02.11.2006|14:37] C:\Program Files\Reference Assemblies
[03.03.2008|16:33] C:\Program Files\RegCleaner
[04.01.2008|16:55] C:\Program Files\RngInterstitial.dll
[21.05.2008|11:12] C:\Program Files\Simnor World Clock Version 1.0
[04.06.2008|22:25] C:\Program Files\Skype
[27.03.2007|13:47] C:\Program Files\SMSC
[23.01.2008|11:04] C:\Program Files\Sony Corporation
[19.02.2008|23:21] C:\Program Files\Spybot - Search & Destroy
[20.07.2008|12:46] C:\Program Files\Sun
[27.03.2007|13:30] C:\Program Files\Synaptics
[15.02.2008|21:55] C:\Program Files\ToniArts
[07.01.2008|22:47] C:\Program Files\TWIXTEL
[02.11.2006|15:01] C:\Program Files\Uninstall Information
[12.06.2008|19:43] C:\Program Files\Windows Calendar
[12.06.2008|19:43] C:\Program Files\Windows Collaboration
[12.06.2008|19:42] C:\Program Files\Windows Defender
[12.06.2008|19:43] C:\Program Files\Windows Journal
[02.01.2008|19:49] C:\Program Files\Windows Live
[20.12.2007|13:54] C:\Program Files\Windows Live Favorites
[20.12.2007|13:55] C:\Program Files\Windows Live Toolbar
[12.06.2008|19:43] C:\Program Files\Windows Mail
[12.06.2008|19:43] C:\Program Files\Windows Media Player
[18.12.2007|21:49] C:\Program Files\Windows NT
[12.06.2008|19:42] C:\Program Files\Windows Photo Gallery
[12.06.2008|19:43] C:\Program Files\Windows Sidebar
[14.03.2008|21:11] C:\Program Files\WinRAR
[03.03.2008|16:33] C:\Program Files\worldTVRT
[06.01.2008|14:37] C:\Program Files\Xara
[08.08.2008|14:30] C:\Program Files\Yahoo!
[28.07.2008|21:38] C:\Program Files\Zattoo
[25.03.2008|20:43] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[16.06.2008|10:24] C:\Program Files\Common Files\ACD Systems
[14.07.2008|16:53] C:\Program Files\Common Files\Adobe
[05.05.2008|19:19] C:\Program Files\Common Files\Ahead
[12.06.2008|12:00] C:\Program Files\Common Files\Apple
[17.06.2008|20:32] C:\Program Files\Common Files\Corel
[08.03.2008|12:49] C:\Program Files\Common Files\DESIGNER
[18.12.2007|21:54] C:\Program Files\Common Files\InstallShield
[18.02.2008|12:14] C:\Program Files\Common Files\Java
[27.03.2007|13:49] C:\Program Files\Common Files\LightScribe
[18.07.2008|14:19] C:\Program Files\Common Files\microsoft shared
[27.03.2007|13:48] C:\Program Files\Common Files\muvee Technologies
[05.05.2008|19:12] C:\Program Files\Common Files\Nero
[27.03.2007|13:49] C:\Program Files\Common Files\NewTech Infosystems
[25.02.2008|00:07] C:\Program Files\Common Files\Real
[02.11.2006|13:18] C:\Program Files\Common Files\Services
[04.06.2008|22:25] C:\Program Files\Common Files\Skype
[02.11.2006|13:18] C:\Program Files\Common Files\SpeechEngines
[25.03.2008|20:30] C:\Program Files\Common Files\Symantec Shared
[23.03.2008|16:59] C:\Program Files\Common Files\Synacast
[12.06.2008|19:42] C:\Program Files\Common Files\System
[24.07.2008|09:25] C:\Program Files\Common Files\WindowsLiveInstaller
[17.01.2008|14:50] C:\Program Files\Common Files\Wise Installation Wizard
[06.01.2008|14:37] C:\Program Files\Common Files\Xara
[25.02.2008|00:07] C:\Program Files\Common Files\xing shared
--------------------\\ Process
( 92 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-08 16:03:08
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 3
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\ACDSee.9.Photo.Manager.9.0.55.Multi.Spanish.+.Crack.by.EVCDGroup.WwW.EliteVCD.CoM (2).lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\ACDSee.9.Photo.Manager.9.0.55.Multi.Spanish.+.Crack.by.EVCDGroup.WwW.EliteVCD.CoM.lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\Corel Paint Shop Pro Photo XI v.11.0 Multilanguaje + extras + keygen.rar.lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\incredimail xe premium 5 0 0 build 2206 crack spanish espa¤ol 1 02 06 by paranoico.lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\IncrediMail.Xe.Premium.5.0.0.Build.2206.Crack.Spanish.Espa¤ol.1.02.06.By.PaRaNoiCo (2).lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\IncrediMail.Xe.Premium.5.0.0.Build.2206.Crack.Spanish.Espa¤ol.1.02.06.By.PaRaNoiCo.lnk
[F:253][D:15]-> C:\Users\MARIAJ~1\AppData\Local\Temp
[F:9][D:1]-> C:\Users\MARIAJ~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:46][D:4]-> C:\Users\MARIAJ~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:70][D:2]-> C:\$Recycle.Bin
--------------------\\ Fin du rapport a 16:06:02.83
[ UAC => 1 ]
--------------------\\ Lop S&D 4.2.2-5 XP/Vista
[ Windows VISTA (NT 6.0) Workstation Build 6001, Service Pack 1 ]
[ USER : mariajose ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 08.08.2008 | 16:02:34.74 ] [ PC : PC-DE-MARIAJOSE ]
[ MAJ : 01-08-2008 | 01:40 ]
[ UAC => 0 ]
--------------------\\ Listing des dossiers dans Local
[16.06.2008|10:31] C:\Users\MARIAJ~1\AppData\Local\ACD Systems
[22.03.2008|00:02] C:\Users\MARIAJ~1\AppData\Local\acer eNM
[06.07.2008|23:40] C:\Users\MARIAJ~1\AppData\Local\Adobe
[05.05.2008|19:18] C:\Users\MARIAJ~1\AppData\Local\Ahead
[03.01.2008|15:30] C:\Users\MARIAJ~1\AppData\Local\Apple
[16.07.2008|08:24] C:\Users\MARIAJ~1\AppData\Local\Apple Computer
[18.12.2007|21:53] C:\Users\MARIAJ~1\AppData\Local\Application Data
[24.06.2008|09:06] C:\Users\MARIAJ~1\AppData\Local\Ares
[15.02.2008|13:18] C:\Users\MARIAJ~1\AppData\Local\Corel Photo Album
[08.08.2008|14:13] C:\Users\MARIAJ~1\AppData\Local\d3d9caps.dat
[03.08.2008|14:12] C:\Users\MARIAJ~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[19.07.2008|16:49] C:\Users\MARIAJ~1\AppData\Local\Downloaded Installations
[19.01.2008|20:19] C:\Users\MARIAJ~1\AppData\Local\DownloadLog.txt
[07.06.2008|19:09] C:\Users\MARIAJ~1\AppData\Local\GDIPFONTCACHEV1.DAT
[19.01.2008|12:46] C:\Users\MARIAJ~1\AppData\Local\Google
[07.01.2008|23:14] C:\Users\MARIAJ~1\AppData\Local\HaCon
[18.12.2007|21:53] C:\Users\MARIAJ~1\AppData\Local\Historique
[08.08.2008|15:57] C:\Users\MARIAJ~1\AppData\Local\IconCache.db
[03.02.2008|19:26] C:\Users\MARIAJ~1\AppData\Local\IM
[06.08.2008|17:38] C:\Users\MARIAJ~1\AppData\Local\ircpaaf.bat
[07.06.2008|19:09] C:\Users\MARIAJ~1\AppData\Local\Logiciel de commande Fujicolor
[01.01.2008|14:29] C:\Users\MARIAJ~1\AppData\Local\Magentic
[02.03.2008|19:50] C:\Users\MARIAJ~1\AppData\Local\MCE Deluxe Suite
[06.08.2008|18:48] C:\Users\MARIAJ~1\AppData\Local\Microsoft
[09.03.2008|23:03] C:\Users\MARIAJ~1\AppData\Local\Microsoft Games
[05.07.2008|19:59] C:\Users\MARIAJ~1\AppData\Local\Microsoft Help
[19.12.2007|00:18] C:\Users\MARIAJ~1\AppData\Local\Mozilla
[23.03.2008|23:51] C:\Users\MARIAJ~1\AppData\Local\Octoshape
[20.02.2008|21:53] C:\Users\MARIAJ~1\AppData\Local\OLYMPUS
[07.07.2008|11:46] C:\Users\MARIAJ~1\AppData\Local\piratrax
[02.03.2008|19:50] C:\Users\MARIAJ~1\AppData\Local\PowerCinema
[22.03.2008|11:52] C:\Users\MARIAJ~1\AppData\Local\RapidSolution
[14.05.2008|10:36] C:\Users\MARIAJ~1\AppData\Local\Shareaza
[23.01.2008|11:03] C:\Users\MARIAJ~1\AppData\Local\Sony Corporation
[08.08.2008|16:02] C:\Users\MARIAJ~1\AppData\Local\Temp
[18.12.2007|21:53] C:\Users\MARIAJ~1\AppData\Local\Temporary Internet Files
[03.05.2008|20:39] C:\Users\MARIAJ~1\AppData\Local\TVU Networks
[19.12.2007|19:13] C:\Users\MARIAJ~1\AppData\Local\VirtualStore
[06.01.2008|14:39] C:\Users\MARIAJ~1\AppData\Local\Xara
[28.07.2008|21:40] C:\Users\MARIAJ~1\AppData\Local\Zattoo
[10.06.2008|15:44] C:\Users\MARIAJ~1\AppData\Local\ZattooPlayer
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[08.08.2008 14:16][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{54F5BB1E-258E-4285-86DE-AE544FA29283}.job
[20.12.2007 13:55][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[08.08.2008 15:58][--ah-----] C:\Windows\tasks\SA.DAT
[08.08.2008 15:57][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[27.03.2007|14:37] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[16.06.2008|10:24] C:\ProgramData\ACD Systems
[10.02.2008|18:29] C:\ProgramData\Adobe
[05.05.2008|18:12] C:\ProgramData\Ahead
[03.01.2008|15:30] C:\ProgramData\Apple
[12.06.2008|12:05] C:\ProgramData\Apple Computer
[02.11.2006|15:02] C:\ProgramData\Application Data
[05.08.2008|22:50] C:\ProgramData\avg7
[18.12.2007|21:49] C:\ProgramData\Bureau
[25.03.2008|20:43] C:\ProgramData\CheckPoint
[05.05.2008|17:34] C:\ProgramData\CyberLink
[02.11.2006|15:02] C:\ProgramData\Desktop
[02.11.2006|15:02] C:\ProgramData\Documents
[12.02.2008|17:03] C:\ProgramData\Downloaded Installations
[22.02.2008|20:17] C:\ProgramData\Emjysoft
[08.08.2008|15:14] C:\ProgramData\eMule
[04.06.2008|22:27] C:\ProgramData\ezsidmv.dat
[18.12.2007|21:49] C:\ProgramData\Favoris
[02.11.2006|15:02] C:\ProgramData\Favorites
[04.01.2008|17:00] C:\ProgramData\Gogii
[21.12.2007|13:59] C:\ProgramData\Google
[07.08.2008|15:39] C:\ProgramData\Google Updater
[19.05.2008|11:21] C:\ProgramData\Grisoft
[07.01.2008|23:14] C:\ProgramData\HaCon
[15.03.2008|12:01] C:\ProgramData\HotSync
[20.05.2008|09:25] C:\ProgramData\IM
[19.12.2007|17:58] C:\ProgramData\IncrediMail
[12.02.2008|16:58] C:\ProgramData\Installations
[18.12.2007|21:54] C:\ProgramData\InstallShield
[07.08.2008|11:54] C:\ProgramData\Malwarebytes
[18.12.2007|21:49] C:\ProgramData\Menu D‚marrer
[28.02.2008|21:49] C:\ProgramData\Microsoft
[23.07.2008|09:28] C:\ProgramData\Microsoft Help
[18.12.2007|21:49] C:\ProgramData\ModŠles
[12.02.2008|16:53] C:\ProgramData\NCCD.log
[12.02.2008|17:42] C:\ProgramData\PC Suite
[04.06.2008|22:25] C:\ProgramData\Skype
[19.02.2008|23:17] C:\ProgramData\Spybot - Search & Destroy
[02.11.2006|15:02] C:\ProgramData\Start Menu
[25.03.2008|20:25] C:\ProgramData\Symantec
[22.03.2008|10:05] C:\ProgramData\TEMP
[02.11.2006|15:02] C:\ProgramData\Templates
[11.05.2008|18:54] C:\ProgramData\TVU Networks
[18.06.2008|13:17] C:\ProgramData\WindowsSearch
[24.07.2008|13:28] C:\ProgramData\WLInstaller
[19.01.2008|20:24] C:\ProgramData\Zylom
--------------------\\ Listing des dossiers dans C:\Program Files
[23.03.2008|16:59] C:\Program Files\21cn
[21.12.2007|22:24] C:\Program Files\7-Zip
[16.06.2008|10:24] C:\Program Files\ACD Systems
[27.03.2007|14:14] C:\Program Files\Acer Arcade Deluxe
[18.12.2007|22:06] C:\Program Files\Acer Inc
[27.03.2007|14:37] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[14.07.2008|16:53] C:\Program Files\Adobe
[18.02.2008|01:40] C:\Program Files\adslTV
[05.05.2008|19:19] C:\Program Files\Ahead
[15.07.2008|19:35] C:\Program Files\Apple Software Update
[07.07.2008|14:09] C:\Program Files\Ares
[04.07.2008|18:18] C:\Program Files\BitTorrent
[19.06.2008|12:04] C:\Program Files\Bonjour
[15.02.2008|22:43] C:\Program Files\CCleaner
[17.06.2008|20:31] C:\Program Files\Common Files
[27.03.2007|13:36] C:\Program Files\CONEXANT
[12.02.2008|18:28] C:\Program Files\Corel
[27.03.2007|13:51] C:\Program Files\CyberLink
[02.08.2008|10:28] C:\Program Files\Decalage
[12.06.2008|19:59] C:\Program Files\desktop.ini
[12.02.2008|17:42] C:\Program Files\DIFX
[10.06.2008|09:54] C:\Program Files\Digitalway
[09.02.2008|16:47] C:\Program Files\DreamMail4
[18.12.2007|21:49] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[04.03.2008|00:20] C:\Program Files\Free Audio Pack
[15.07.2008|10:46] C:\Program Files\Google
[05.08.2008|23:09] C:\Program Files\Grisoft
[24.07.2008|11:54] C:\Program Files\IncrediMail
[08.06.2008|15:30] C:\Program Files\InstallShield Installation Information
[27.03.2007|13:15] C:\Program Files\Intel
[12.06.2008|19:43] C:\Program Files\Internet Explorer
[20.07.2008|12:45] C:\Program Files\Java
[22.03.2008|21:13] C:\Program Files\JLC's Software
[18.12.2007|21:56] C:\Program Files\Launch Manager
[10.07.2008|18:31] C:\Program Files\LimeWire
[03.03.2008|16:33] C:\Program Files\Macrogaming
[02.11.2006|14:37] C:\Program Files\Microsoft Games
[13.01.2008|13:13] C:\Program Files\Microsoft LifeCam
[21.12.2007|12:29] C:\Program Files\Microsoft Office
[02.01.2008|19:47] C:\Program Files\Microsoft SQL Server Compact Edition
[08.03.2008|12:49] C:\Program Files\Microsoft Visual Studio
[21.12.2007|12:24] C:\Program Files\Microsoft Visual Studio 8
[22.03.2008|00:02] C:\Program Files\Microsoft Works
[21.12.2007|12:28] C:\Program Files\Microsoft.NET
[12.06.2008|19:43] C:\Program Files\Movie Maker
[17.07.2008|09:05] C:\Program Files\Mozilla Firefox
[08.03.2008|12:49] C:\Program Files\MSBuild
[24.07.2008|12:56] C:\Program Files\MSN Messenger
[19.12.2007|20:16] C:\Program Files\MSXML 4.0
[07.08.2008|14:18] C:\Program Files\Navilog1
[27.03.2007|13:49] C:\Program Files\NewTech Infosystems
[20.02.2008|21:31] C:\Program Files\OLYMPUS
[22.03.2008|00:02] C:\Program Files\Palm
[03.07.2008|20:16] C:\Program Files\PhotoFiltre
[20.05.2008|12:26] C:\Program Files\Picasa2
[10.07.2008|10:56] C:\Program Files\Piratrax
[12.06.2008|12:06] C:\Program Files\QuickTime
[08.06.2008|15:35] C:\Program Files\Real
[08.06.2008|15:34] C:\Program Files\Real Alternative
[27.03.2007|13:26] C:\Program Files\Realtek
[02.11.2006|14:37] C:\Program Files\Reference Assemblies
[03.03.2008|16:33] C:\Program Files\RegCleaner
[04.01.2008|16:55] C:\Program Files\RngInterstitial.dll
[21.05.2008|11:12] C:\Program Files\Simnor World Clock Version 1.0
[04.06.2008|22:25] C:\Program Files\Skype
[27.03.2007|13:47] C:\Program Files\SMSC
[23.01.2008|11:04] C:\Program Files\Sony Corporation
[19.02.2008|23:21] C:\Program Files\Spybot - Search & Destroy
[20.07.2008|12:46] C:\Program Files\Sun
[27.03.2007|13:30] C:\Program Files\Synaptics
[15.02.2008|21:55] C:\Program Files\ToniArts
[07.01.2008|22:47] C:\Program Files\TWIXTEL
[02.11.2006|15:01] C:\Program Files\Uninstall Information
[12.06.2008|19:43] C:\Program Files\Windows Calendar
[12.06.2008|19:43] C:\Program Files\Windows Collaboration
[12.06.2008|19:42] C:\Program Files\Windows Defender
[12.06.2008|19:43] C:\Program Files\Windows Journal
[02.01.2008|19:49] C:\Program Files\Windows Live
[20.12.2007|13:54] C:\Program Files\Windows Live Favorites
[20.12.2007|13:55] C:\Program Files\Windows Live Toolbar
[12.06.2008|19:43] C:\Program Files\Windows Mail
[12.06.2008|19:43] C:\Program Files\Windows Media Player
[18.12.2007|21:49] C:\Program Files\Windows NT
[12.06.2008|19:42] C:\Program Files\Windows Photo Gallery
[12.06.2008|19:43] C:\Program Files\Windows Sidebar
[14.03.2008|21:11] C:\Program Files\WinRAR
[03.03.2008|16:33] C:\Program Files\worldTVRT
[06.01.2008|14:37] C:\Program Files\Xara
[08.08.2008|14:30] C:\Program Files\Yahoo!
[28.07.2008|21:38] C:\Program Files\Zattoo
[25.03.2008|20:43] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[16.06.2008|10:24] C:\Program Files\Common Files\ACD Systems
[14.07.2008|16:53] C:\Program Files\Common Files\Adobe
[05.05.2008|19:19] C:\Program Files\Common Files\Ahead
[12.06.2008|12:00] C:\Program Files\Common Files\Apple
[17.06.2008|20:32] C:\Program Files\Common Files\Corel
[08.03.2008|12:49] C:\Program Files\Common Files\DESIGNER
[18.12.2007|21:54] C:\Program Files\Common Files\InstallShield
[18.02.2008|12:14] C:\Program Files\Common Files\Java
[27.03.2007|13:49] C:\Program Files\Common Files\LightScribe
[18.07.2008|14:19] C:\Program Files\Common Files\microsoft shared
[27.03.2007|13:48] C:\Program Files\Common Files\muvee Technologies
[05.05.2008|19:12] C:\Program Files\Common Files\Nero
[27.03.2007|13:49] C:\Program Files\Common Files\NewTech Infosystems
[25.02.2008|00:07] C:\Program Files\Common Files\Real
[02.11.2006|13:18] C:\Program Files\Common Files\Services
[04.06.2008|22:25] C:\Program Files\Common Files\Skype
[02.11.2006|13:18] C:\Program Files\Common Files\SpeechEngines
[25.03.2008|20:30] C:\Program Files\Common Files\Symantec Shared
[23.03.2008|16:59] C:\Program Files\Common Files\Synacast
[12.06.2008|19:42] C:\Program Files\Common Files\System
[24.07.2008|09:25] C:\Program Files\Common Files\WindowsLiveInstaller
[17.01.2008|14:50] C:\Program Files\Common Files\Wise Installation Wizard
[06.01.2008|14:37] C:\Program Files\Common Files\Xara
[25.02.2008|00:07] C:\Program Files\Common Files\xing shared
--------------------\\ Process
( 92 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-08 16:03:08
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 3
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\ACDSee.9.Photo.Manager.9.0.55.Multi.Spanish.+.Crack.by.EVCDGroup.WwW.EliteVCD.CoM (2).lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\ACDSee.9.Photo.Manager.9.0.55.Multi.Spanish.+.Crack.by.EVCDGroup.WwW.EliteVCD.CoM.lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\Corel Paint Shop Pro Photo XI v.11.0 Multilanguaje + extras + keygen.rar.lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\incredimail xe premium 5 0 0 build 2206 crack spanish espa¤ol 1 02 06 by paranoico.lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\IncrediMail.Xe.Premium.5.0.0.Build.2206.Crack.Spanish.Espa¤ol.1.02.06.By.PaRaNoiCo (2).lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\IncrediMail.Xe.Premium.5.0.0.Build.2206.Crack.Spanish.Espa¤ol.1.02.06.By.PaRaNoiCo.lnk
[F:253][D:15]-> C:\Users\MARIAJ~1\AppData\Local\Temp
[F:9][D:1]-> C:\Users\MARIAJ~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:46][D:4]-> C:\Users\MARIAJ~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:70][D:2]-> C:\$Recycle.Bin
--------------------\\ Fin du rapport a 16:06:02.83
[ UAC => 1 ]
bonjour
tu as des cracks car tu telecharge vire tout tes cracks
telecharge [[ccleaner]
tuto ici
https://www.malekal.com/tutoriel-ccleaner/
tu as des cracks car tu telecharge vire tout tes cracks
telecharge [[ccleaner]
tuto ici
https://www.malekal.com/tutoriel-ccleaner/
bonjour,
non je n'ai plus de pub, mais le message de que j'ouvre le messenger continue:
une erreur est survenue dans le script de cette page
ligne: 2
Caractere: 30262
Erreu 'a' a la valeur Null ou n'est pas un objet
code: 0
Url:/db 2.t. msn.com/fr-ch/home aspx?ver=8.5.1302&did=1
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:12:48, on 11.08.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\EDSMSNFIX.EXE
C:\Program Files\Launch Manager\LManager.exe
C:\Windows\vVX3000.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\mariajose\AppData\Local\vdlaziq.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Palm\Hotsync.exe
C:\Users\mariajose\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\MARIAJ~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\mariajose\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eDSMSNfix] C:\Acer\Empowering Technology\eDSMSNfix.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX3000] C:\Windows\vVX3000.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [vdlaziq] "c:\users\mariajose\appdata\local\vdlaziq.exe" vdlaziq
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: VirtualExpander.lnk = C:\Users\mariajose\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C8355408-E9C6-47BF-BAC6-0EE3A73BAE41}: NameServer = 195.186.1.111,195.186.4.111
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
non je n'ai plus de pub, mais le message de que j'ouvre le messenger continue:
une erreur est survenue dans le script de cette page
ligne: 2
Caractere: 30262
Erreu 'a' a la valeur Null ou n'est pas un objet
code: 0
Url:/db 2.t. msn.com/fr-ch/home aspx?ver=8.5.1302&did=1
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:12:48, on 11.08.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\EDSMSNFIX.EXE
C:\Program Files\Launch Manager\LManager.exe
C:\Windows\vVX3000.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Users\mariajose\AppData\Local\vdlaziq.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Palm\Hotsync.exe
C:\Users\mariajose\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Windows\ehome\ehmsas.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Users\MARIAJ~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\IncrediMail\bin\IncMail.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\mariajose\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eDSMSNfix] C:\Acer\Empowering Technology\eDSMSNfix.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX3000] C:\Windows\vVX3000.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [vdlaziq] "c:\users\mariajose\appdata\local\vdlaziq.exe" vdlaziq
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: VirtualExpander.lnk = C:\Users\mariajose\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C8355408-E9C6-47BF-BAC6-0EE3A73BAE41}: NameServer = 195.186.1.111,195.186.4.111
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
re
tu es encore infecter
Télécharges ToolBar S&D ( de Eric_71 ) :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
( Tuto : https://sites.google.com/site/toolbarsd/aideenimages )
!! Déconnectes toi et fermes toute tes applications en cours le temps de la manipe !!
* double-cliques sur l'.exe pour lancer l'installe et laisses toi guider ...
* Une fois fait, cliques sur le raccourci créé sur ton bureau pour lancer l'outil .
* Choisis l'option 1 ( "recherche") et tapes "entrée" .
* Une fois le scan finit , un rapport va apparaître, copie/colles l'intégralité
de son contenu dans ta prochaine réponse ...
( le rapport est en outre sauvegardé ici -> C:\TB.txt )
tu es encore infecter
Télécharges ToolBar S&D ( de Eric_71 ) :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
( Tuto : https://sites.google.com/site/toolbarsd/aideenimages )
!! Déconnectes toi et fermes toute tes applications en cours le temps de la manipe !!
* double-cliques sur l'.exe pour lancer l'installe et laisses toi guider ...
* Une fois fait, cliques sur le raccourci créé sur ton bureau pour lancer l'outil .
* Choisis l'option 1 ( "recherche") et tapes "entrée" .
* Une fois le scan finit , un rapport va apparaître, copie/colles l'intégralité
de son contenu dans ta prochaine réponse ...
( le rapport est en outre sauvegardé ici -> C:\TB.txt )
--------------------\\ Lop S&D 4.2.2-5 XP/Vista
[ Windows VISTA (NT 6.0) Workstation Build 6001, Service Pack 1 ]
[ USER : mariajose ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 11.08.2008 | 11:01:14.06 ] [ PC : PC-DE-MARIAJOSE ]
[ MAJ : 01-08-2008 | 01:40 ]
[ UAC => 0 ]
--------------------\\ Listing des dossiers dans Local
[16.06.2008|10:31] C:\Users\MARIAJ~1\AppData\Local\ACD Systems
[22.03.2008|00:02] C:\Users\MARIAJ~1\AppData\Local\acer eNM
[06.07.2008|23:40] C:\Users\MARIAJ~1\AppData\Local\Adobe
[05.05.2008|19:18] C:\Users\MARIAJ~1\AppData\Local\Ahead
[03.01.2008|15:30] C:\Users\MARIAJ~1\AppData\Local\Apple
[16.07.2008|08:24] C:\Users\MARIAJ~1\AppData\Local\Apple Computer
[18.12.2007|21:53] C:\Users\MARIAJ~1\AppData\Local\Application Data
[24.06.2008|09:06] C:\Users\MARIAJ~1\AppData\Local\Ares
[15.02.2008|13:18] C:\Users\MARIAJ~1\AppData\Local\Corel Photo Album
[08.08.2008|14:13] C:\Users\MARIAJ~1\AppData\Local\d3d9caps.dat
[03.08.2008|14:12] C:\Users\MARIAJ~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[19.07.2008|16:49] C:\Users\MARIAJ~1\AppData\Local\Downloaded Installations
[19.01.2008|20:19] C:\Users\MARIAJ~1\AppData\Local\DownloadLog.txt
[07.06.2008|19:09] C:\Users\MARIAJ~1\AppData\Local\GDIPFONTCACHEV1.DAT
[19.01.2008|12:46] C:\Users\MARIAJ~1\AppData\Local\Google
[07.01.2008|23:14] C:\Users\MARIAJ~1\AppData\Local\HaCon
[18.12.2007|21:53] C:\Users\MARIAJ~1\AppData\Local\Historique
[11.08.2008|10:57] C:\Users\MARIAJ~1\AppData\Local\IconCache.db
[03.02.2008|19:26] C:\Users\MARIAJ~1\AppData\Local\IM
[06.08.2008|17:38] C:\Users\MARIAJ~1\AppData\Local\ircpaaf.bat
[07.06.2008|19:09] C:\Users\MARIAJ~1\AppData\Local\Logiciel de commande Fujicolor
[01.01.2008|14:29] C:\Users\MARIAJ~1\AppData\Local\Magentic
[02.03.2008|19:50] C:\Users\MARIAJ~1\AppData\Local\MCE Deluxe Suite
[06.08.2008|18:48] C:\Users\MARIAJ~1\AppData\Local\Microsoft
[09.03.2008|23:03] C:\Users\MARIAJ~1\AppData\Local\Microsoft Games
[05.07.2008|19:59] C:\Users\MARIAJ~1\AppData\Local\Microsoft Help
[19.12.2007|00:18] C:\Users\MARIAJ~1\AppData\Local\Mozilla
[23.03.2008|23:51] C:\Users\MARIAJ~1\AppData\Local\Octoshape
[20.02.2008|21:53] C:\Users\MARIAJ~1\AppData\Local\OLYMPUS
[07.07.2008|11:46] C:\Users\MARIAJ~1\AppData\Local\piratrax
[02.03.2008|19:50] C:\Users\MARIAJ~1\AppData\Local\PowerCinema
[22.03.2008|11:52] C:\Users\MARIAJ~1\AppData\Local\RapidSolution
[14.05.2008|10:36] C:\Users\MARIAJ~1\AppData\Local\Shareaza
[23.01.2008|11:03] C:\Users\MARIAJ~1\AppData\Local\Sony Corporation
[11.08.2008|11:01] C:\Users\MARIAJ~1\AppData\Local\Temp
[18.12.2007|21:53] C:\Users\MARIAJ~1\AppData\Local\Temporary Internet Files
[03.05.2008|20:39] C:\Users\MARIAJ~1\AppData\Local\TVU Networks
[11.08.2008|11:00] C:\Users\MARIAJ~1\AppData\Local\vdlaziq.bat
[11.08.2008|11:00] C:\Users\MARIAJ~1\AppData\Local\vdlaziq.dat
[09.08.2008|12:56] C:\Users\MARIAJ~1\AppData\Local\vdlaziq.exe
[09.08.2008|12:56] C:\Users\MARIAJ~1\AppData\Local\vdlaziq_nav.dat
[11.08.2008|11:00] C:\Users\MARIAJ~1\AppData\Local\vdlaziq_navps.dat
[19.12.2007|19:13] C:\Users\MARIAJ~1\AppData\Local\VirtualStore
[06.01.2008|14:39] C:\Users\MARIAJ~1\AppData\Local\Xara
[09.08.2008|14:22] C:\Users\MARIAJ~1\AppData\Local\Zattoo
[10.06.2008|15:44] C:\Users\MARIAJ~1\AppData\Local\ZattooPlayer
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[10.08.2008 23:24][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{54F5BB1E-258E-4285-86DE-AE544FA29283}.job
[20.12.2007 13:55][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[11.08.2008 10:59][--ah-----] C:\Windows\tasks\SA.DAT
[11.08.2008 10:58][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[27.03.2007|14:37] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[16.06.2008|10:24] C:\ProgramData\ACD Systems
[10.02.2008|18:29] C:\ProgramData\Adobe
[05.05.2008|18:12] C:\ProgramData\Ahead
[03.01.2008|15:30] C:\ProgramData\Apple
[12.06.2008|12:05] C:\ProgramData\Apple Computer
[02.11.2006|15:02] C:\ProgramData\Application Data
[08.08.2008|16:44] C:\ProgramData\avg7
[18.12.2007|21:49] C:\ProgramData\Bureau
[25.03.2008|20:43] C:\ProgramData\CheckPoint
[05.05.2008|17:34] C:\ProgramData\CyberLink
[02.11.2006|15:02] C:\ProgramData\Desktop
[02.11.2006|15:02] C:\ProgramData\Documents
[12.02.2008|17:03] C:\ProgramData\Downloaded Installations
[22.02.2008|20:17] C:\ProgramData\Emjysoft
[08.08.2008|15:14] C:\ProgramData\eMule
[04.06.2008|22:27] C:\ProgramData\ezsidmv.dat
[18.12.2007|21:49] C:\ProgramData\Favoris
[02.11.2006|15:02] C:\ProgramData\Favorites
[04.01.2008|17:00] C:\ProgramData\Gogii
[21.12.2007|13:59] C:\ProgramData\Google
[11.08.2008|08:20] C:\ProgramData\Google Updater
[07.01.2008|23:14] C:\ProgramData\HaCon
[15.03.2008|12:01] C:\ProgramData\HotSync
[20.05.2008|09:25] C:\ProgramData\IM
[19.12.2007|17:58] C:\ProgramData\IncrediMail
[12.02.2008|16:58] C:\ProgramData\Installations
[18.12.2007|21:54] C:\ProgramData\InstallShield
[07.08.2008|11:54] C:\ProgramData\Malwarebytes
[18.12.2007|21:49] C:\ProgramData\Menu D‚marrer
[28.02.2008|21:49] C:\ProgramData\Microsoft
[23.07.2008|09:28] C:\ProgramData\Microsoft Help
[18.12.2007|21:49] C:\ProgramData\ModŠles
[12.02.2008|16:53] C:\ProgramData\NCCD.log
[12.02.2008|17:42] C:\ProgramData\PC Suite
[04.06.2008|22:25] C:\ProgramData\Skype
[09.08.2008|09:27] C:\ProgramData\Spybot - Search & Destroy
[02.11.2006|15:02] C:\ProgramData\Start Menu
[08.08.2008|17:11] C:\ProgramData\Symantec
[22.03.2008|10:05] C:\ProgramData\TEMP
[02.11.2006|15:02] C:\ProgramData\Templates
[11.05.2008|18:54] C:\ProgramData\TVU Networks
[18.06.2008|13:17] C:\ProgramData\WindowsSearch
[09.08.2008|23:54] C:\ProgramData\WLInstaller
[19.01.2008|20:24] C:\ProgramData\Zylom
--------------------\\ Listing des dossiers dans C:\Program Files
[23.03.2008|16:59] C:\Program Files\21cn
[21.12.2007|22:24] C:\Program Files\7-Zip
[16.06.2008|10:24] C:\Program Files\ACD Systems
[27.03.2007|14:14] C:\Program Files\Acer Arcade Deluxe
[18.12.2007|22:06] C:\Program Files\Acer Inc
[27.03.2007|14:37] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[14.07.2008|16:53] C:\Program Files\Adobe
[18.02.2008|01:40] C:\Program Files\adslTV
[05.05.2008|19:19] C:\Program Files\Ahead
[15.07.2008|19:35] C:\Program Files\Apple Software Update
[07.07.2008|14:09] C:\Program Files\Ares
[04.07.2008|18:18] C:\Program Files\BitTorrent
[19.06.2008|12:04] C:\Program Files\Bonjour
[15.02.2008|22:43] C:\Program Files\CCleaner
[17.06.2008|20:31] C:\Program Files\Common Files
[27.03.2007|13:36] C:\Program Files\CONEXANT
[12.02.2008|18:28] C:\Program Files\Corel
[27.03.2007|13:51] C:\Program Files\CyberLink
[02.08.2008|10:28] C:\Program Files\Decalage
[12.06.2008|19:59] C:\Program Files\desktop.ini
[12.02.2008|17:42] C:\Program Files\DIFX
[10.06.2008|09:54] C:\Program Files\Digitalway
[09.02.2008|16:47] C:\Program Files\DreamMail4
[18.12.2007|21:49] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[04.03.2008|00:20] C:\Program Files\Free Audio Pack
[15.07.2008|10:46] C:\Program Files\Google
[24.07.2008|11:54] C:\Program Files\IncrediMail
[08.06.2008|15:30] C:\Program Files\InstallShield Installation Information
[27.03.2007|13:15] C:\Program Files\Intel
[12.06.2008|19:43] C:\Program Files\Internet Explorer
[20.07.2008|12:45] C:\Program Files\Java
[22.03.2008|21:13] C:\Program Files\JLC's Software
[18.12.2007|21:56] C:\Program Files\Launch Manager
[10.07.2008|18:31] C:\Program Files\LimeWire
[03.03.2008|16:33] C:\Program Files\Macrogaming
[02.11.2006|14:37] C:\Program Files\Microsoft Games
[13.01.2008|13:13] C:\Program Files\Microsoft LifeCam
[21.12.2007|12:29] C:\Program Files\Microsoft Office
[02.01.2008|19:47] C:\Program Files\Microsoft SQL Server Compact Edition
[08.03.2008|12:49] C:\Program Files\Microsoft Visual Studio
[21.12.2007|12:24] C:\Program Files\Microsoft Visual Studio 8
[22.03.2008|00:02] C:\Program Files\Microsoft Works
[21.12.2007|12:28] C:\Program Files\Microsoft.NET
[12.06.2008|19:43] C:\Program Files\Movie Maker
[17.07.2008|09:05] C:\Program Files\Mozilla Firefox
[08.03.2008|12:49] C:\Program Files\MSBuild
[19.12.2007|20:16] C:\Program Files\MSXML 4.0
[07.08.2008|14:18] C:\Program Files\Navilog1
[27.03.2007|13:49] C:\Program Files\NewTech Infosystems
[20.02.2008|21:31] C:\Program Files\OLYMPUS
[22.03.2008|00:02] C:\Program Files\Palm
[03.07.2008|20:16] C:\Program Files\PhotoFiltre
[20.05.2008|12:26] C:\Program Files\Picasa2
[10.07.2008|10:56] C:\Program Files\Piratrax
[12.06.2008|12:06] C:\Program Files\QuickTime
[08.06.2008|15:35] C:\Program Files\Real
[08.06.2008|15:34] C:\Program Files\Real Alternative
[27.03.2007|13:26] C:\Program Files\Realtek
[02.11.2006|14:37] C:\Program Files\Reference Assemblies
[03.03.2008|16:33] C:\Program Files\RegCleaner
[04.01.2008|16:55] C:\Program Files\RngInterstitial.dll
[09.08.2008|13:22] C:\Program Files\Search Settings
[21.05.2008|11:12] C:\Program Files\Simnor World Clock Version 1.0
[04.06.2008|22:25] C:\Program Files\Skype
[27.03.2007|13:47] C:\Program Files\SMSC
[23.01.2008|11:04] C:\Program Files\Sony Corporation
[09.08.2008|08:56] C:\Program Files\Spybot - Search & Destroy
[20.07.2008|12:46] C:\Program Files\Sun
[27.03.2007|13:30] C:\Program Files\Synaptics
[15.02.2008|21:55] C:\Program Files\ToniArts
[07.01.2008|22:47] C:\Program Files\TWIXTEL
[02.11.2006|15:01] C:\Program Files\Uninstall Information
[12.06.2008|19:43] C:\Program Files\Windows Calendar
[12.06.2008|19:43] C:\Program Files\Windows Collaboration
[12.06.2008|19:42] C:\Program Files\Windows Defender
[12.06.2008|19:43] C:\Program Files\Windows Journal
[10.08.2008|00:00] C:\Program Files\Windows Live
[08.08.2008|16:49] C:\Program Files\Windows Live Toolbar
[12.06.2008|19:43] C:\Program Files\Windows Mail
[12.06.2008|19:43] C:\Program Files\Windows Media Player
[18.12.2007|21:49] C:\Program Files\Windows NT
[12.06.2008|19:42] C:\Program Files\Windows Photo Gallery
[12.06.2008|19:43] C:\Program Files\Windows Sidebar
[14.03.2008|21:11] C:\Program Files\WinRAR
[03.03.2008|16:33] C:\Program Files\worldTVRT
[06.01.2008|14:37] C:\Program Files\Xara
[08.08.2008|14:30] C:\Program Files\Yahoo!
[09.08.2008|14:21] C:\Program Files\Zattoo
[25.03.2008|20:43] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[16.06.2008|10:24] C:\Program Files\Common Files\ACD Systems
[14.07.2008|16:53] C:\Program Files\Common Files\Adobe
[05.05.2008|19:19] C:\Program Files\Common Files\Ahead
[12.06.2008|12:00] C:\Program Files\Common Files\Apple
[17.06.2008|20:32] C:\Program Files\Common Files\Corel
[08.03.2008|12:49] C:\Program Files\Common Files\DESIGNER
[18.12.2007|21:54] C:\Program Files\Common Files\InstallShield
[18.02.2008|12:14] C:\Program Files\Common Files\Java
[27.03.2007|13:49] C:\Program Files\Common Files\LightScribe
[18.07.2008|14:19] C:\Program Files\Common Files\microsoft shared
[27.03.2007|13:48] C:\Program Files\Common Files\muvee Technologies
[05.05.2008|19:12] C:\Program Files\Common Files\Nero
[27.03.2007|13:49] C:\Program Files\Common Files\NewTech Infosystems
[25.02.2008|00:07] C:\Program Files\Common Files\Real
[02.11.2006|13:18] C:\Program Files\Common Files\Services
[04.06.2008|22:25] C:\Program Files\Common Files\Skype
[02.11.2006|13:18] C:\Program Files\Common Files\SpeechEngines
[08.08.2008|17:11] C:\Program Files\Common Files\Symantec Shared
[23.03.2008|16:59] C:\Program Files\Common Files\Synacast
[12.06.2008|19:42] C:\Program Files\Common Files\System
[24.07.2008|09:25] C:\Program Files\Common Files\WindowsLiveInstaller
[17.01.2008|14:50] C:\Program Files\Common Files\Wise Installation Wizard
[06.01.2008|14:37] C:\Program Files\Common Files\Xara
[25.02.2008|00:07] C:\Program Files\Common Files\xing shared
--------------------\\ Process
( 89 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-11 11:01:49
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 3
--------------------\\ Recherche d'autres infections
C:\Windows\prefetch\MESSENGERSKINNER.EXE-9247C55C.pf
C:\Windows\prefetch\MESSENGERSKINNER_SETUP.EXE-6CFA6EDD.pf
C:\Users\MARIAJ~1\AppData\Local\vdlaziq.bat
C:\Users\MARIAJ~1\AppData\Local\vdlaziq.dat
C:\Users\MARIAJ~1\AppData\Local\vdlaziq.exe
C:\Users\MARIAJ~1\AppData\Local\vdlaziq_nav.dat
C:\Users\MARIAJ~1\AppData\Local\vdlaziq_navps.dat
C:\Windows\Prefetch\VDLAZIQ.EXE-E5449FDD.pf
[b]==> EGDACCESS <==/b
--------------------\\ Cracks & Keygens ..
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\ACDSee.9.Photo.Manager.9.0.55.Multi.Spanish.+.Crack.by.EVCDGroup.WwW.EliteVCD.CoM (2).lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\ACDSee.9.Photo.Manager.9.0.55.Multi.Spanish.+.Crack.by.EVCDGroup.WwW.EliteVCD.CoM.lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\Corel Paint Shop Pro Photo XI v.11.0 Multilanguaje + extras + keygen.rar.lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\incredimail xe premium 5 0 0 build 2206 crack spanish espa¤ol 1 02 06 by paranoico.lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\IncrediMail.Xe.Premium.5.0.0.Build.2206.Crack.Spanish.Espa¤ol.1.02.06.By.PaRaNoiCo (2).lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\IncrediMail.Xe.Premium.5.0.0.Build.2206.Crack.Spanish.Espa¤ol.1.02.06.By.PaRaNoiCo.lnk
[F:652][D:29]-> C:\Users\MARIAJ~1\AppData\Local\Temp
[F:68][D:1]-> C:\Users\MARIAJ~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:104][D:6]-> C:\Users\MARIAJ~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:72][D:2]-> C:\$Recycle.Bin
--------------------\\ Fin du rapport a 11:04:23.33
[ UAC => 1 ]
[ Windows VISTA (NT 6.0) Workstation Build 6001, Service Pack 1 ]
[ USER : mariajose ] [ "C:\Lop SD" ] [ Selection : 1 ]
[ 11.08.2008 | 11:01:14.06 ] [ PC : PC-DE-MARIAJOSE ]
[ MAJ : 01-08-2008 | 01:40 ]
[ UAC => 0 ]
--------------------\\ Listing des dossiers dans Local
[16.06.2008|10:31] C:\Users\MARIAJ~1\AppData\Local\ACD Systems
[22.03.2008|00:02] C:\Users\MARIAJ~1\AppData\Local\acer eNM
[06.07.2008|23:40] C:\Users\MARIAJ~1\AppData\Local\Adobe
[05.05.2008|19:18] C:\Users\MARIAJ~1\AppData\Local\Ahead
[03.01.2008|15:30] C:\Users\MARIAJ~1\AppData\Local\Apple
[16.07.2008|08:24] C:\Users\MARIAJ~1\AppData\Local\Apple Computer
[18.12.2007|21:53] C:\Users\MARIAJ~1\AppData\Local\Application Data
[24.06.2008|09:06] C:\Users\MARIAJ~1\AppData\Local\Ares
[15.02.2008|13:18] C:\Users\MARIAJ~1\AppData\Local\Corel Photo Album
[08.08.2008|14:13] C:\Users\MARIAJ~1\AppData\Local\d3d9caps.dat
[03.08.2008|14:12] C:\Users\MARIAJ~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[19.07.2008|16:49] C:\Users\MARIAJ~1\AppData\Local\Downloaded Installations
[19.01.2008|20:19] C:\Users\MARIAJ~1\AppData\Local\DownloadLog.txt
[07.06.2008|19:09] C:\Users\MARIAJ~1\AppData\Local\GDIPFONTCACHEV1.DAT
[19.01.2008|12:46] C:\Users\MARIAJ~1\AppData\Local\Google
[07.01.2008|23:14] C:\Users\MARIAJ~1\AppData\Local\HaCon
[18.12.2007|21:53] C:\Users\MARIAJ~1\AppData\Local\Historique
[11.08.2008|10:57] C:\Users\MARIAJ~1\AppData\Local\IconCache.db
[03.02.2008|19:26] C:\Users\MARIAJ~1\AppData\Local\IM
[06.08.2008|17:38] C:\Users\MARIAJ~1\AppData\Local\ircpaaf.bat
[07.06.2008|19:09] C:\Users\MARIAJ~1\AppData\Local\Logiciel de commande Fujicolor
[01.01.2008|14:29] C:\Users\MARIAJ~1\AppData\Local\Magentic
[02.03.2008|19:50] C:\Users\MARIAJ~1\AppData\Local\MCE Deluxe Suite
[06.08.2008|18:48] C:\Users\MARIAJ~1\AppData\Local\Microsoft
[09.03.2008|23:03] C:\Users\MARIAJ~1\AppData\Local\Microsoft Games
[05.07.2008|19:59] C:\Users\MARIAJ~1\AppData\Local\Microsoft Help
[19.12.2007|00:18] C:\Users\MARIAJ~1\AppData\Local\Mozilla
[23.03.2008|23:51] C:\Users\MARIAJ~1\AppData\Local\Octoshape
[20.02.2008|21:53] C:\Users\MARIAJ~1\AppData\Local\OLYMPUS
[07.07.2008|11:46] C:\Users\MARIAJ~1\AppData\Local\piratrax
[02.03.2008|19:50] C:\Users\MARIAJ~1\AppData\Local\PowerCinema
[22.03.2008|11:52] C:\Users\MARIAJ~1\AppData\Local\RapidSolution
[14.05.2008|10:36] C:\Users\MARIAJ~1\AppData\Local\Shareaza
[23.01.2008|11:03] C:\Users\MARIAJ~1\AppData\Local\Sony Corporation
[11.08.2008|11:01] C:\Users\MARIAJ~1\AppData\Local\Temp
[18.12.2007|21:53] C:\Users\MARIAJ~1\AppData\Local\Temporary Internet Files
[03.05.2008|20:39] C:\Users\MARIAJ~1\AppData\Local\TVU Networks
[11.08.2008|11:00] C:\Users\MARIAJ~1\AppData\Local\vdlaziq.bat
[11.08.2008|11:00] C:\Users\MARIAJ~1\AppData\Local\vdlaziq.dat
[09.08.2008|12:56] C:\Users\MARIAJ~1\AppData\Local\vdlaziq.exe
[09.08.2008|12:56] C:\Users\MARIAJ~1\AppData\Local\vdlaziq_nav.dat
[11.08.2008|11:00] C:\Users\MARIAJ~1\AppData\Local\vdlaziq_navps.dat
[19.12.2007|19:13] C:\Users\MARIAJ~1\AppData\Local\VirtualStore
[06.01.2008|14:39] C:\Users\MARIAJ~1\AppData\Local\Xara
[09.08.2008|14:22] C:\Users\MARIAJ~1\AppData\Local\Zattoo
[10.06.2008|15:44] C:\Users\MARIAJ~1\AppData\Local\ZattooPlayer
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[10.08.2008 23:24][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{54F5BB1E-258E-4285-86DE-AE544FA29283}.job
[20.12.2007 13:55][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[11.08.2008 10:59][--ah-----] C:\Windows\tasks\SA.DAT
[11.08.2008 10:58][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[27.03.2007|14:37] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[16.06.2008|10:24] C:\ProgramData\ACD Systems
[10.02.2008|18:29] C:\ProgramData\Adobe
[05.05.2008|18:12] C:\ProgramData\Ahead
[03.01.2008|15:30] C:\ProgramData\Apple
[12.06.2008|12:05] C:\ProgramData\Apple Computer
[02.11.2006|15:02] C:\ProgramData\Application Data
[08.08.2008|16:44] C:\ProgramData\avg7
[18.12.2007|21:49] C:\ProgramData\Bureau
[25.03.2008|20:43] C:\ProgramData\CheckPoint
[05.05.2008|17:34] C:\ProgramData\CyberLink
[02.11.2006|15:02] C:\ProgramData\Desktop
[02.11.2006|15:02] C:\ProgramData\Documents
[12.02.2008|17:03] C:\ProgramData\Downloaded Installations
[22.02.2008|20:17] C:\ProgramData\Emjysoft
[08.08.2008|15:14] C:\ProgramData\eMule
[04.06.2008|22:27] C:\ProgramData\ezsidmv.dat
[18.12.2007|21:49] C:\ProgramData\Favoris
[02.11.2006|15:02] C:\ProgramData\Favorites
[04.01.2008|17:00] C:\ProgramData\Gogii
[21.12.2007|13:59] C:\ProgramData\Google
[11.08.2008|08:20] C:\ProgramData\Google Updater
[07.01.2008|23:14] C:\ProgramData\HaCon
[15.03.2008|12:01] C:\ProgramData\HotSync
[20.05.2008|09:25] C:\ProgramData\IM
[19.12.2007|17:58] C:\ProgramData\IncrediMail
[12.02.2008|16:58] C:\ProgramData\Installations
[18.12.2007|21:54] C:\ProgramData\InstallShield
[07.08.2008|11:54] C:\ProgramData\Malwarebytes
[18.12.2007|21:49] C:\ProgramData\Menu D‚marrer
[28.02.2008|21:49] C:\ProgramData\Microsoft
[23.07.2008|09:28] C:\ProgramData\Microsoft Help
[18.12.2007|21:49] C:\ProgramData\ModŠles
[12.02.2008|16:53] C:\ProgramData\NCCD.log
[12.02.2008|17:42] C:\ProgramData\PC Suite
[04.06.2008|22:25] C:\ProgramData\Skype
[09.08.2008|09:27] C:\ProgramData\Spybot - Search & Destroy
[02.11.2006|15:02] C:\ProgramData\Start Menu
[08.08.2008|17:11] C:\ProgramData\Symantec
[22.03.2008|10:05] C:\ProgramData\TEMP
[02.11.2006|15:02] C:\ProgramData\Templates
[11.05.2008|18:54] C:\ProgramData\TVU Networks
[18.06.2008|13:17] C:\ProgramData\WindowsSearch
[09.08.2008|23:54] C:\ProgramData\WLInstaller
[19.01.2008|20:24] C:\ProgramData\Zylom
--------------------\\ Listing des dossiers dans C:\Program Files
[23.03.2008|16:59] C:\Program Files\21cn
[21.12.2007|22:24] C:\Program Files\7-Zip
[16.06.2008|10:24] C:\Program Files\ACD Systems
[27.03.2007|14:14] C:\Program Files\Acer Arcade Deluxe
[18.12.2007|22:06] C:\Program Files\Acer Inc
[27.03.2007|14:37] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[14.07.2008|16:53] C:\Program Files\Adobe
[18.02.2008|01:40] C:\Program Files\adslTV
[05.05.2008|19:19] C:\Program Files\Ahead
[15.07.2008|19:35] C:\Program Files\Apple Software Update
[07.07.2008|14:09] C:\Program Files\Ares
[04.07.2008|18:18] C:\Program Files\BitTorrent
[19.06.2008|12:04] C:\Program Files\Bonjour
[15.02.2008|22:43] C:\Program Files\CCleaner
[17.06.2008|20:31] C:\Program Files\Common Files
[27.03.2007|13:36] C:\Program Files\CONEXANT
[12.02.2008|18:28] C:\Program Files\Corel
[27.03.2007|13:51] C:\Program Files\CyberLink
[02.08.2008|10:28] C:\Program Files\Decalage
[12.06.2008|19:59] C:\Program Files\desktop.ini
[12.02.2008|17:42] C:\Program Files\DIFX
[10.06.2008|09:54] C:\Program Files\Digitalway
[09.02.2008|16:47] C:\Program Files\DreamMail4
[18.12.2007|21:49] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[04.03.2008|00:20] C:\Program Files\Free Audio Pack
[15.07.2008|10:46] C:\Program Files\Google
[24.07.2008|11:54] C:\Program Files\IncrediMail
[08.06.2008|15:30] C:\Program Files\InstallShield Installation Information
[27.03.2007|13:15] C:\Program Files\Intel
[12.06.2008|19:43] C:\Program Files\Internet Explorer
[20.07.2008|12:45] C:\Program Files\Java
[22.03.2008|21:13] C:\Program Files\JLC's Software
[18.12.2007|21:56] C:\Program Files\Launch Manager
[10.07.2008|18:31] C:\Program Files\LimeWire
[03.03.2008|16:33] C:\Program Files\Macrogaming
[02.11.2006|14:37] C:\Program Files\Microsoft Games
[13.01.2008|13:13] C:\Program Files\Microsoft LifeCam
[21.12.2007|12:29] C:\Program Files\Microsoft Office
[02.01.2008|19:47] C:\Program Files\Microsoft SQL Server Compact Edition
[08.03.2008|12:49] C:\Program Files\Microsoft Visual Studio
[21.12.2007|12:24] C:\Program Files\Microsoft Visual Studio 8
[22.03.2008|00:02] C:\Program Files\Microsoft Works
[21.12.2007|12:28] C:\Program Files\Microsoft.NET
[12.06.2008|19:43] C:\Program Files\Movie Maker
[17.07.2008|09:05] C:\Program Files\Mozilla Firefox
[08.03.2008|12:49] C:\Program Files\MSBuild
[19.12.2007|20:16] C:\Program Files\MSXML 4.0
[07.08.2008|14:18] C:\Program Files\Navilog1
[27.03.2007|13:49] C:\Program Files\NewTech Infosystems
[20.02.2008|21:31] C:\Program Files\OLYMPUS
[22.03.2008|00:02] C:\Program Files\Palm
[03.07.2008|20:16] C:\Program Files\PhotoFiltre
[20.05.2008|12:26] C:\Program Files\Picasa2
[10.07.2008|10:56] C:\Program Files\Piratrax
[12.06.2008|12:06] C:\Program Files\QuickTime
[08.06.2008|15:35] C:\Program Files\Real
[08.06.2008|15:34] C:\Program Files\Real Alternative
[27.03.2007|13:26] C:\Program Files\Realtek
[02.11.2006|14:37] C:\Program Files\Reference Assemblies
[03.03.2008|16:33] C:\Program Files\RegCleaner
[04.01.2008|16:55] C:\Program Files\RngInterstitial.dll
[09.08.2008|13:22] C:\Program Files\Search Settings
[21.05.2008|11:12] C:\Program Files\Simnor World Clock Version 1.0
[04.06.2008|22:25] C:\Program Files\Skype
[27.03.2007|13:47] C:\Program Files\SMSC
[23.01.2008|11:04] C:\Program Files\Sony Corporation
[09.08.2008|08:56] C:\Program Files\Spybot - Search & Destroy
[20.07.2008|12:46] C:\Program Files\Sun
[27.03.2007|13:30] C:\Program Files\Synaptics
[15.02.2008|21:55] C:\Program Files\ToniArts
[07.01.2008|22:47] C:\Program Files\TWIXTEL
[02.11.2006|15:01] C:\Program Files\Uninstall Information
[12.06.2008|19:43] C:\Program Files\Windows Calendar
[12.06.2008|19:43] C:\Program Files\Windows Collaboration
[12.06.2008|19:42] C:\Program Files\Windows Defender
[12.06.2008|19:43] C:\Program Files\Windows Journal
[10.08.2008|00:00] C:\Program Files\Windows Live
[08.08.2008|16:49] C:\Program Files\Windows Live Toolbar
[12.06.2008|19:43] C:\Program Files\Windows Mail
[12.06.2008|19:43] C:\Program Files\Windows Media Player
[18.12.2007|21:49] C:\Program Files\Windows NT
[12.06.2008|19:42] C:\Program Files\Windows Photo Gallery
[12.06.2008|19:43] C:\Program Files\Windows Sidebar
[14.03.2008|21:11] C:\Program Files\WinRAR
[03.03.2008|16:33] C:\Program Files\worldTVRT
[06.01.2008|14:37] C:\Program Files\Xara
[08.08.2008|14:30] C:\Program Files\Yahoo!
[09.08.2008|14:21] C:\Program Files\Zattoo
[25.03.2008|20:43] C:\Program Files\Zone Labs
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[16.06.2008|10:24] C:\Program Files\Common Files\ACD Systems
[14.07.2008|16:53] C:\Program Files\Common Files\Adobe
[05.05.2008|19:19] C:\Program Files\Common Files\Ahead
[12.06.2008|12:00] C:\Program Files\Common Files\Apple
[17.06.2008|20:32] C:\Program Files\Common Files\Corel
[08.03.2008|12:49] C:\Program Files\Common Files\DESIGNER
[18.12.2007|21:54] C:\Program Files\Common Files\InstallShield
[18.02.2008|12:14] C:\Program Files\Common Files\Java
[27.03.2007|13:49] C:\Program Files\Common Files\LightScribe
[18.07.2008|14:19] C:\Program Files\Common Files\microsoft shared
[27.03.2007|13:48] C:\Program Files\Common Files\muvee Technologies
[05.05.2008|19:12] C:\Program Files\Common Files\Nero
[27.03.2007|13:49] C:\Program Files\Common Files\NewTech Infosystems
[25.02.2008|00:07] C:\Program Files\Common Files\Real
[02.11.2006|13:18] C:\Program Files\Common Files\Services
[04.06.2008|22:25] C:\Program Files\Common Files\Skype
[02.11.2006|13:18] C:\Program Files\Common Files\SpeechEngines
[08.08.2008|17:11] C:\Program Files\Common Files\Symantec Shared
[23.03.2008|16:59] C:\Program Files\Common Files\Synacast
[12.06.2008|19:42] C:\Program Files\Common Files\System
[24.07.2008|09:25] C:\Program Files\Common Files\WindowsLiveInstaller
[17.01.2008|14:50] C:\Program Files\Common Files\Wise Installation Wizard
[06.01.2008|14:37] C:\Program Files\Common Files\Xara
[25.02.2008|00:07] C:\Program Files\Common Files\xing shared
--------------------\\ Process
( 89 Processus )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-11 11:01:49
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 3
--------------------\\ Recherche d'autres infections
C:\Windows\prefetch\MESSENGERSKINNER.EXE-9247C55C.pf
C:\Windows\prefetch\MESSENGERSKINNER_SETUP.EXE-6CFA6EDD.pf
C:\Users\MARIAJ~1\AppData\Local\vdlaziq.bat
C:\Users\MARIAJ~1\AppData\Local\vdlaziq.dat
C:\Users\MARIAJ~1\AppData\Local\vdlaziq.exe
C:\Users\MARIAJ~1\AppData\Local\vdlaziq_nav.dat
C:\Users\MARIAJ~1\AppData\Local\vdlaziq_navps.dat
C:\Windows\Prefetch\VDLAZIQ.EXE-E5449FDD.pf
[b]==> EGDACCESS <==/b
--------------------\\ Cracks & Keygens ..
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\ACDSee.9.Photo.Manager.9.0.55.Multi.Spanish.+.Crack.by.EVCDGroup.WwW.EliteVCD.CoM (2).lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\ACDSee.9.Photo.Manager.9.0.55.Multi.Spanish.+.Crack.by.EVCDGroup.WwW.EliteVCD.CoM.lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\Corel Paint Shop Pro Photo XI v.11.0 Multilanguaje + extras + keygen.rar.lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\incredimail xe premium 5 0 0 build 2206 crack spanish espa¤ol 1 02 06 by paranoico.lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\IncrediMail.Xe.Premium.5.0.0.Build.2206.Crack.Spanish.Espa¤ol.1.02.06.By.PaRaNoiCo (2).lnk
=> C:\Users\MARIAJ~1\AppData\Roaming\Microsoft\Windows\Recent\IncrediMail.Xe.Premium.5.0.0.Build.2206.Crack.Spanish.Espa¤ol.1.02.06.By.PaRaNoiCo.lnk
[F:652][D:29]-> C:\Users\MARIAJ~1\AppData\Local\Temp
[F:68][D:1]-> C:\Users\MARIAJ~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:104][D:6]-> C:\Users\MARIAJ~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:72][D:2]-> C:\$Recycle.Bin
--------------------\\ Fin du rapport a 11:04:23.33
[ UAC => 1 ]
ok
Clique sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Clique sur navilog1.exe pour télécharger navilog1
Choisis Enregistrer
et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le bloc note va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le bloc note.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
poste les rapports obtenus
Clique sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Clique sur navilog1.exe pour télécharger navilog1
Choisis Enregistrer
et enregistre-le sur ton bureau.
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).
Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)
Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le bloc note va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le bloc note.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)
poste les rapports obtenus
Search Navipromo version 3.6.3 commencé le 11.08.2008 à 11:34:36.19
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "mariajose"
Mise à jour le 09.08.2008 à 18h00 par IL-MAFIOSO
Microsoft Windows Vista 6.0.6001
Internet Explorer : 7.0.6001.18000
Système de fichiers : NTFS
Recherche executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans "C:\Windows" ***
*** Recherche dossiers dans "C:\Program Files" ***
*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***
*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1" ***
*** Recherche dossiers dans "C:\ProgramData" ***
*** Recherche dossiers dans "c:\users\mariaj~1\appdata\roaming\micros~1\windows\startm~1\programs" ***
*** Recherche dossiers dans "C:\Users\mariajose\AppData\Local\virtualstore\Program Files" ***
*** Recherche dossiers dans "C:\Users\MARIAJ~1\AppData\Roaming" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\Windows\system32" *
* Recherche dans "C:\Users\mariajose\AppData\Local\Microsoft" *
* Recherche dans "C:\Users\mariajose\AppData\Local\virtualstore\windows\system32" *
* Recherche dans "C:\Users\mariajose\AppData\Local" *
Fichiers trouvés :
vdlaziq.exe trouvé !
vdlaziq.dat trouvé !
vdlaziq.bat trouvé !
vdlaziq_nav.dat trouvé !
vdlaziq_navps.dat trouvé !
*** Recherche fichiers ***
C:\Windows\prefetch\MESSENGERSKINNER.EXE-9247C55C.pf trouvé !
C:\Windows\prefetch\MESSENGERSKINNER_SETUP.EXE-6CFA6EDD.pf trouvé !
*** Recherche clés spécifiques dans le Registre ***
HKEY_CURRENT_USER\Software\Lanconfig trouvé !
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\Windows\system32" :
* Dans "C:\Users\mariajose\AppData\Local\Microsoft" :
* Dans "C:\Users\mariajose\AppData\Local\virtualstore\windows\system32" :
* Dans "C:\Users\mariajose\AppData\Local" :
vdlaziq.bat trouvé !
vdlaziq.dat trouvé !
vdlaziq.exe trouvé !
vdlaziq_nav.dat trouvé !
vdlaziq_navps.dat trouvé !
3)Recherche Certificats :
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
*** Analyse terminée le 11.08.2008 à 11:46:26.24 ***
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "mariajose"
Mise à jour le 09.08.2008 à 18h00 par IL-MAFIOSO
Microsoft Windows Vista 6.0.6001
Internet Explorer : 7.0.6001.18000
Système de fichiers : NTFS
Recherche executé en mode normal
*** Recherche Programmes installés ***
*** Recherche dossiers dans "C:\Windows" ***
*** Recherche dossiers dans "C:\Program Files" ***
*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***
*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1" ***
*** Recherche dossiers dans "C:\ProgramData" ***
*** Recherche dossiers dans "c:\users\mariaj~1\appdata\roaming\micros~1\windows\startm~1\programs" ***
*** Recherche dossiers dans "C:\Users\mariajose\AppData\Local\virtualstore\Program Files" ***
*** Recherche dossiers dans "C:\Users\MARIAJ~1\AppData\Roaming" ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans "C:\Windows\system32" *
* Recherche dans "C:\Users\mariajose\AppData\Local\Microsoft" *
* Recherche dans "C:\Users\mariajose\AppData\Local\virtualstore\windows\system32" *
* Recherche dans "C:\Users\mariajose\AppData\Local" *
Fichiers trouvés :
vdlaziq.exe trouvé !
vdlaziq.dat trouvé !
vdlaziq.bat trouvé !
vdlaziq_nav.dat trouvé !
vdlaziq_navps.dat trouvé !
*** Recherche fichiers ***
C:\Windows\prefetch\MESSENGERSKINNER.EXE-9247C55C.pf trouvé !
C:\Windows\prefetch\MESSENGERSKINNER_SETUP.EXE-6CFA6EDD.pf trouvé !
*** Recherche clés spécifiques dans le Registre ***
HKEY_CURRENT_USER\Software\Lanconfig trouvé !
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche nouveaux fichiers Instant Access :
2)Recherche Heuristique :
* Dans "C:\Windows\system32" :
* Dans "C:\Users\mariajose\AppData\Local\Microsoft" :
* Dans "C:\Users\mariajose\AppData\Local\virtualstore\windows\system32" :
* Dans "C:\Users\mariajose\AppData\Local" :
vdlaziq.bat trouvé !
vdlaziq.dat trouvé !
vdlaziq.exe trouvé !
vdlaziq_nav.dat trouvé !
vdlaziq_navps.dat trouvé !
3)Recherche Certificats :
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !
4)Recherche fichiers connus :
*** Analyse terminée le 11.08.2008 à 11:46:26.24 ***
Si tu tourne sur vista tu doit d'abord désactiver l' UAC =====> https://forum.malekal.com/viewtopic.php?f=59&t=6517
Après télécharger Navilog 1======> http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Un coups installé Tape "F" pour français puis 1 pour recherche. Laisse faire... Puis relance Navilog, "F" puis cette fois si fais "2" pour déinfection.
PS: Ne jamais télécharger ces logiciels
go-astro
GoRecord
HotTVPlayer / HotTVPlayer & Paris Hilton
Live-Player
MailSkinner
Messenger Skinner
Instant Access
InternetGameBox
Official Emule (Version d'Emule modifiée)
Sudoplanet
Webmediaplayer
Et ne jamais aller sur le site www.games-desktop.com (n'allez pas dessus!!)
Ils propagent les virus Magic.Control / egdaccess / NaviPromo / Popups Spyware-Secure
Après télécharger Navilog 1======> http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
Un coups installé Tape "F" pour français puis 1 pour recherche. Laisse faire... Puis relance Navilog, "F" puis cette fois si fais "2" pour déinfection.
PS: Ne jamais télécharger ces logiciels
go-astro
GoRecord
HotTVPlayer / HotTVPlayer & Paris Hilton
Live-Player
MailSkinner
Messenger Skinner
Instant Access
InternetGameBox
Official Emule (Version d'Emule modifiée)
Sudoplanet
Webmediaplayer
Et ne jamais aller sur le site www.games-desktop.com (n'allez pas dessus!!)
Ils propagent les virus Magic.Control / egdaccess / NaviPromo / Popups Spyware-Secure
juste pour info tu es infecté par Messenger Skinner ( un logiciel d'émoticones et clins d'oeils pour msn qui transporte le malware Magic.Control
bonjour luffy17
merci mais si t regarde plus haut tu verras
fait option 2 avec navilog et ensuite poste le rapprt stp
merci mais si t regarde plus haut tu verras
fait option 2 avec navilog et ensuite poste le rapprt stp
Clean Navipromo version 3.6.3 commencé le 11.08.2008 à 12:22:07.16
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "mariajose"
Mise à jour le 09.08.2008 à 18h00 par IL-MAFIOSO
Microsoft Windows Vista 6.0.6001
Internet Explorer : 7.0.6001.18000
Système de fichiers : NTFS
Mode suppression automatique
avec prise en charge résultats Catchme et GNS
Nettoyage exécuté au redémarrage de l'ordinateur
*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)
*** Suppression avec sauvegardes résultats GenericNaviSearch ***
* Suppression dans "C:\Windows\System32" *
C:\Windows\prefetch\vdlaziq*.pf trouvé !
Copie C:\Windows\prefetch\vdlaziq*.pf réalisée avec succès !
C:\Windows\prefetch\vdlaziq*.pf supprimé !
* Suppression dans "C:\Users\mariajose\AppData\Local\Microsoft" *
* Suppression dans "C:\Users\mariajose\AppData\Local\virtualstore\windows\system32" *
* Suppression dans "C:\Users\mariajose\AppData\Local" *
vdlaziq.exe trouvé !
Copie vdlaziq.exe réalisée avec succès !
vdlaziq.exe supprimé !
vdlaziq.dat trouvé !
Copie vdlaziq.dat réalisée avec succès !
vdlaziq.dat supprimé !
vdlaziq.bat trouvé !
Copie vdlaziq.bat réalisée avec succès !
vdlaziq.bat supprimé !
vdlaziq_nav.dat trouvé !
Copie vdlaziq_nav.dat réalisée avec succès !
vdlaziq_nav.dat supprimé !
vdlaziq_navps.dat trouvé !
Copie vdlaziq_navps.dat réalisée avec succès !
vdlaziq_navps.dat supprimé !
*** Suppression dossiers dans "C:\Windows" ***
*** Suppression dossiers dans "C:\Program Files" ***
*** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***
*** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1" ***
*** Suppression dossiers dans "C:\ProgramData" ***
*** Suppression dossiers dans c:\users\mariaj~1\appdata\roaming\micros~1\windows\startm~1\programs ***
*** Suppression dossiers dans "C:\Users\mariajose\AppData\Local\virtualstore\Program Files" ***
*** Suppression dossiers dans "C:\Users\mariajose\AppData\Roaming" ***
*** Suppression fichiers ***
C:\Windows\prefetch\MESSENGERSKINNER.EXE-9247C55C.pf supprimé !
C:\Windows\prefetch\MESSENGERSKINNER_SETUP.EXE-6CFA6EDD.pf supprimé !
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\MARIAJ~1\AppData\Local\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Suppression avec sauvegardes nouveaux fichiers Instant Access :
2)Recherche, création sauvegardes et suppression Heuristique :
* Dans "C:\Windows\system32" *
* Dans "C:\Users\mariajose\AppData\Local\Microsoft" *
* Dans "C:\Users\mariajose\AppData\Local\virtualstore\windows\system32" *
* Dans "C:\Users\mariajose\AppData\Local" *
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltdt absent !
*** Nettoyage terminé le 11.08.2008 à 12:29:08.03 ***
Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "mariajose"
Mise à jour le 09.08.2008 à 18h00 par IL-MAFIOSO
Microsoft Windows Vista 6.0.6001
Internet Explorer : 7.0.6001.18000
Système de fichiers : NTFS
Mode suppression automatique
avec prise en charge résultats Catchme et GNS
Nettoyage exécuté au redémarrage de l'ordinateur
*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)
*** Suppression avec sauvegardes résultats GenericNaviSearch ***
* Suppression dans "C:\Windows\System32" *
C:\Windows\prefetch\vdlaziq*.pf trouvé !
Copie C:\Windows\prefetch\vdlaziq*.pf réalisée avec succès !
C:\Windows\prefetch\vdlaziq*.pf supprimé !
* Suppression dans "C:\Users\mariajose\AppData\Local\Microsoft" *
* Suppression dans "C:\Users\mariajose\AppData\Local\virtualstore\windows\system32" *
* Suppression dans "C:\Users\mariajose\AppData\Local" *
vdlaziq.exe trouvé !
Copie vdlaziq.exe réalisée avec succès !
vdlaziq.exe supprimé !
vdlaziq.dat trouvé !
Copie vdlaziq.dat réalisée avec succès !
vdlaziq.dat supprimé !
vdlaziq.bat trouvé !
Copie vdlaziq.bat réalisée avec succès !
vdlaziq.bat supprimé !
vdlaziq_nav.dat trouvé !
Copie vdlaziq_nav.dat réalisée avec succès !
vdlaziq_nav.dat supprimé !
vdlaziq_navps.dat trouvé !
Copie vdlaziq_navps.dat réalisée avec succès !
vdlaziq_navps.dat supprimé !
*** Suppression dossiers dans "C:\Windows" ***
*** Suppression dossiers dans "C:\Program Files" ***
*** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***
*** Suppression dossiers dans "c:\progra~2\micros~1\windows\startm~1" ***
*** Suppression dossiers dans "C:\ProgramData" ***
*** Suppression dossiers dans c:\users\mariaj~1\appdata\roaming\micros~1\windows\startm~1\programs ***
*** Suppression dossiers dans "C:\Users\mariajose\AppData\Local\virtualstore\Program Files" ***
*** Suppression dossiers dans "C:\Users\mariajose\AppData\Roaming" ***
*** Suppression fichiers ***
C:\Windows\prefetch\MESSENGERSKINNER.EXE-9247C55C.pf supprimé !
C:\Windows\prefetch\MESSENGERSKINNER_SETUP.EXE-6CFA6EDD.pf supprimé !
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\Windows\Temp effectué !
Nettoyage contenu C:\Users\MARIAJ~1\AppData\Local\Temp effectué !
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Suppression avec sauvegardes nouveaux fichiers Instant Access :
2)Recherche, création sauvegardes et suppression Heuristique :
* Dans "C:\Windows\system32" *
* Dans "C:\Users\mariajose\AppData\Local\Microsoft" *
* Dans "C:\Users\mariajose\AppData\Local\virtualstore\windows\system32" *
* Dans "C:\Users\mariajose\AppData\Local" *
*** Sauvegarde du Registre vers dossier Safebackup ***
sauvegarde du Registre réalisée avec succès !
*** Nettoyage Registre ***
Nettoyage Registre Ok
*** Certificats ***
Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltdt absent !
*** Nettoyage terminé le 11.08.2008 à 12:29:08.03 ***
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:45:47, on 11.08.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\EDSMSNFIX.EXE
C:\Program Files\Launch Manager\LManager.exe
C:\Windows\vVX3000.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Palm\Hotsync.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\mariajose\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Users\MARIAJ~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\mariajose\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eDSMSNfix] C:\Acer\Empowering Technology\eDSMSNfix.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX3000] C:\Windows\vVX3000.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: VirtualExpander.lnk = C:\Users\mariajose\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C8355408-E9C6-47BF-BAC6-0EE3A73BAE41}: NameServer = 195.186.1.111,195.186.4.111
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Scan saved at 16:45:47, on 11.08.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\EDSMSNFIX.EXE
C:\Program Files\Launch Manager\LManager.exe
C:\Windows\vVX3000.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Palm\Hotsync.exe
C:\Windows\ehome\ehmsas.exe
C:\Users\mariajose\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Users\MARIAJ~1\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\IncrediMail\bin\IMApp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\mariajose\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [eDSMSNfix] C:\Acer\Empowering Technology\eDSMSNfix.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [VX3000] C:\Windows\vVX3000.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" -NoStart
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: VirtualExpander.lnk = C:\Users\mariajose\AppData\Local\Sony Corporation\VirtualExpander\VirtualExpander.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: HotSync Manager.lnk = C:\Program Files\Palm\Hotsync.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C8355408-E9C6-47BF-BAC6-0EE3A73BAE41}: NameServer = 195.186.1.111,195.186.4.111
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1030
Windows 6.0.6001 Service Pack 1
13:22:47 07.08.2008
mbam-log-8-7-2008 (13-22-47).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 121507
Temps écoulé: 1 hour(s), 19 minute(s), 11 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 2
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\adzgalore (Adware.Agent) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware-Secure (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
Fichier(s) infecté(s):
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware-Secure\Spyware-Secure trial.lnk (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware-Secure\Website.lnk (Rogue.Spyware-Secure) -> Quarantined and deleted successfully.