Bonjour, Depuis Quelque Temps Quand Jouvre Internet Explorer Et Quelque Temps Je Recois Des Publicité Qui Souvre Automatic Jai Essaiyer Des Truc Du Genre : Spyware Doctor , Spybot Et C'est Toujours Pareille >.< Sa Commence Neteent a Ménerver Alors Si Vous Saver Coment Faire Pour Regler Se Probleme Aider Moi S.v.p Merci =)

Salut, Ecris correctement s'il te plaît. - Télécharge HijackThis v2.0.2 sur ton Bureau : http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe - Double-clique sur HJTInstall afin de lancer l'installation. - Clique sur Install ensuite sur I Accept. - Clique sur Do a system scan and save a logfile. - Le bloc-notes s'ouvrira, fais un copier/coller de tout son contenu ici dans ton prochain message.

Probleme De Pub Intensive !

Réponse 21 / 44

Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention 10 305

De rien ;)

N'oublie pas de mettre ton sujet en Résolu.

Réponse 22 / 44

lacoste06 Messages postés 27 Statut Membre

C'est Deja Fait :D

Réponse 23 / 44

Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention 10 305

Tu es rapide dis donc.

Réponse 24 / 44

lacoste06 Messages postés 27 Statut Membre

Et Ossi Est-ce que je serais mieu de garder Cccleaner ??

Réponse 25 / 44

Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention 10 305

Pour faire le ménage de temps en temps.

Réponse 26 / 44

lacoste06 Messages postés 27 Statut Membre

Ok Jvais garder Les instructon que tu m'as donner dans ma boite de reception au cas ou :)

Réponse 27 / 44

Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention 10 305

Pourquoi faire ?

Réponse 28 / 44

lacoste06 Messages postés 27 Statut Membre

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:11:11, on 2008-10-15
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Vidéotron\Services de sécurité Vidéotron\Fws.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Vidéotron\Vidéotron Service Agent\VideotronSA.exe
C:\Program Files\Vidéotron\Services de sécurité Vidéotron\RPS.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Vidéotron\Vidéotron Service Agent\VideotronSAComHandler.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\lxczcoms.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\PSIService.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Vidéotron\Services de sécurité Vidéotron\rpsupdaterR.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\dllhost.exe
C:\Windows\System32\msdtc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.vista.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Spyware Doctor\pctsGui.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fsympatico.msn.ca%2fdefaultf.aspx%2f%3f
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fsympatico.msn.ca%2fdefaultf.aspx%2f%3f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fsympatico.msn.ca%2fdefaultf.aspx%2f%3f
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Vidéotron\Services de sécurité Vidéotron\pkR.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [VideotronSA.exe] "C:\Program Files\Vidéotron\Vidéotron Service Agent\VideotronSA.exe" /AUTORUN
O4 - HKLM\..\Run: [Services de sécurité Vidéotron] "C:\Program Files\Vidéotron\Services de sécurité Vidéotron\Rps.exe"
O4 - HKLM\..\Run: [-FreedomNeedsReboot] "C:\Program Files\Vidéotron\Services de sécurité Vidéotron\ZkRunOnceR.exe"
O4 - HKLM\..\Run: [lxczbmgr.exe] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Clavier+] C:\Users\pc\AppData\Local\Clavier+\Clavier.exe
O4 - HKCU\..\Run: [love browse] "C:\ProgramData\shim type type.hj9tl7"
O4 - HKCU\..\Run: [LESS CITY AMEN SETUP] "C:\ProgramData\noun settings mail.2be2bcq"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [IndexCleaner] "C:\Program Files\Vidéotron\Services de sécurité Vidéotron\IdxClnR.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab
O16 - DPF: {72376E32-8AF2-473F-BE32-E5D0F39C865D} (CUpdateAdvisorCtrl Object) - http://www.cyberlink.com/acer/update/prog/UpdateAdvisorV2.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Filter hijack: text/html - {C6F62B7A-5450-4A2F-8687-6CEEC3AEB055} - C:\Windows\system32\controlkids2.dll
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.vista.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxcz_device - - C:\Windows\system32\lxczcoms.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Service de mise a jour pour Services de sécurité Vidéotron (RPSUpdaterR) - Radialpoint Inc. - C:\Program Files\Vidéotron\Services de sécurité Vidéotron\rpsupdaterR.exe
O23 - Service: Services de sécurité Vidéotron Coupe-feu (RP_FWS) - Vidéotron - C:\Program Files\Vidéotron\Services de sécurité Vidéotron\Fws.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

Réponse 29 / 44

lacoste06 Messages postés 27 Statut Membre

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:11:11, on 2008-10-15
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Vidéotron\Services de sécurité Vidéotron\Fws.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Vidéotron\Vidéotron Service Agent\VideotronSA.exe
C:\Program Files\Vidéotron\Services de sécurité Vidéotron\RPS.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Vidéotron\Vidéotron Service Agent\VideotronSAComHandler.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\lxczcoms.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\PSIService.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Vidéotron\Services de sécurité Vidéotron\rpsupdaterR.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\dllhost.exe
C:\Windows\System32\msdtc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.vista.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Spyware Doctor\pctsGui.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fsympatico.msn.ca%2fdefaultf.aspx%2f%3f
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fsympatico.msn.ca%2fdefaultf.aspx%2f%3f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fsympatico.msn.ca%2fdefaultf.aspx%2f%3f
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Vidéotron\Services de sécurité Vidéotron\pkR.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [VideotronSA.exe] "C:\Program Files\Vidéotron\Vidéotron Service Agent\VideotronSA.exe" /AUTORUN
O4 - HKLM\..\Run: [Services de sécurité Vidéotron] "C:\Program Files\Vidéotron\Services de sécurité Vidéotron\Rps.exe"
O4 - HKLM\..\Run: [-FreedomNeedsReboot] "C:\Program Files\Vidéotron\Services de sécurité Vidéotron\ZkRunOnceR.exe"
O4 - HKLM\..\Run: [lxczbmgr.exe] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Clavier+] C:\Users\pc\AppData\Local\Clavier+\Clavier.exe
O4 - HKCU\..\Run: [love browse] "C:\ProgramData\shim type type.hj9tl7"
O4 - HKCU\..\Run: [LESS CITY AMEN SETUP] "C:\ProgramData\noun settings mail.2be2bcq"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [IndexCleaner] "C:\Program Files\Vidéotron\Services de sécurité Vidéotron\IdxClnR.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab
O16 - DPF: {72376E32-8AF2-473F-BE32-E5D0F39C865D} (CUpdateAdvisorCtrl Object) - http://www.cyberlink.com/acer/update/prog/UpdateAdvisorV2.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Filter hijack: text/html - {C6F62B7A-5450-4A2F-8687-6CEEC3AEB055} - C:\Windows\system32\controlkids2.dll
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.vista.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxcz_device - - C:\Windows\system32\lxczcoms.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Service de mise a jour pour Services de sécurité Vidéotron (RPSUpdaterR) - Radialpoint Inc. - C:\Program Files\Vidéotron\Services de sécurité Vidéotron\rpsupdaterR.exe
O23 - Service: Services de sécurité Vidéotron Coupe-feu (RP_FWS) - Vidéotron - C:\Program Files\Vidéotron\Services de sécurité Vidéotron\Fws.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

Réponse 30 / 44

Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention 10 305

Important : Désactive TeaTimer, le résident de Spybot, il va gêner la désinfection en empêchant la modification des BHO.

---> Démarre Spybot, clique sur Mode, coche Mode avancé
---> A gauche, clique sur Outils, puis sur Résident
---> Décoche la case devant Résident "TeaTimer" :
http://apu.mabul.org/up/5/apu-5-gpdx9e06cwz2dypom2q7n6nc.jpg
---> Quitte Spybot

Note : Je te conseille de ne pas le réactiver, il a été incapable d'empêcher l'infection de ton PC.

---> Désactive l'UAC :
https://www.zebulon.fr/astuces/pratique/220-desactiver-l-uac-dans-vista.html

---> Télécharge Lop S&D sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Poste le rapport généré (C:\lopR.txt)

lacoste06 Messages postés 27 Statut Membre

j'ai compris le truc de carrer bleu et voila le rapport :

--------------------\\ Lop S&D 4.2.4-5 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : AMD Phenom(tm) 9500 Quad-Core Processor )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : pc ( Administrator )
BOOT : Normal boot
Antivirus : Services de sécurité Vidéotron Antivirus 6.0.0 (Activated)
Firewall : Services de sécurité Vidéotron Coupe-feu 6.0.0 (Activated)
C:\ (Local Disk) - NTFS - Total : 228 Go Free : 159 Go
D:\ (Local Disk) - NTFS - Total : 227 Go Free : 227 Go
E:\ (CD or DVD)
G:\ (USB)
H:\ (USB)
I:\ (USB)
J:\ (USB)

"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [1] ( 2008-10-15|20:36 )

[ UAC => 0 ]

--------------------\\ Listing des dossiers dans Local

[2008-03-26|20:11] C:\Users\pc\AppData\Local\Acer Arcade Live
[2008-04-07|16:14] C:\Users\pc\AppData\Local\Adobe
[2008-06-20|22:35] C:\Users\pc\AppData\Local\Apple
[2008-06-21|00:24] C:\Users\pc\AppData\Local\Apple Computer
[2008-03-26|15:37] C:\Users\pc\AppData\Local\Application Data
[2008-06-04|21:42] C:\Users\pc\AppData\Local\Apps
[2008-03-26|20:03] C:\Users\pc\AppData\Local\ATI
[2008-08-06|11:04] C:\Users\pc\AppData\Local\Clavier+
[2008-07-18|05:09] C:\Users\pc\AppData\Local\Corel
[2008-03-26|20:11] C:\Users\pc\AppData\Local\CyberLink
[2008-10-15|07:20] C:\Users\pc\AppData\Local\d3d9caps.dat
[2008-06-21|15:12] C:\Users\pc\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008-04-06|19:18] C:\Users\pc\AppData\Local\GDIPFONTCACHEV1.DAT
[2008-03-31|09:04] C:\Users\pc\AppData\Local\Google
[2008-03-26|15:37] C:\Users\pc\AppData\Local\Historique
[2008-03-26|20:11] C:\Users\pc\AppData\Local\HomeMedia
[2008-03-27|11:36] C:\Users\pc\AppData\Local\HP
[2008-10-15|07:17] C:\Users\pc\AppData\Local\IconCache.db
[2008-04-06|18:47] C:\Users\pc\AppData\Local\Last.fm
[2008-09-08|16:59] C:\Users\pc\AppData\Local\Microsoft
[2008-04-12|09:22] C:\Users\pc\AppData\Local\Microsoft Games
[2008-04-06|21:00] C:\Users\pc\AppData\Local\Mozilla
[2008-04-08|07:24] C:\Users\pc\AppData\Local\PlayMovie
[2008-03-26|15:39] C:\Users\pc\AppData\Local\PowerCinema
[2008-04-16|20:16] C:\Users\pc\AppData\Local\PunkBuster
[2008-05-18|17:47] C:\Users\pc\AppData\Local\SpookyManor
[2008-10-15|20:27] C:\Users\pc\AppData\Local\Temp
[2008-03-26|15:37] C:\Users\pc\AppData\Local\Temporary Internet Files
[2008-03-28|01:50] C:\Users\pc\AppData\Local\VirtualStore
[2008-08-31|22:10] C:\Users\pc\AppData\Local\Windows Live Writer
[2008-03-28|02:03] C:\Users\pc\AppData\Local\WindowsUpdate

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[2008-10-15 20:27][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[2008-10-15 20:26][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{06231519-8B49-487C-B4CB-DE2CD0E7DBD9}.job
[2008-10-10 15:05][--a------] C:\Windows\tasks\Norton Security Scan.job
[2008-10-15 07:20][--ah-----] C:\Windows\tasks\SA.DAT
[2008-10-15 07:19][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[2007-08-27|15:48] C:\ProgramData\{174892B1-CBE7-44F5-86FF-AB555EFD73A3}
[2008-06-23|20:09] C:\ProgramData\Adobe
[2008-06-23|09:37] C:\ProgramData\aim mp3 grey.21h5w7
[2008-06-20|22:34] C:\ProgramData\Apple
[2008-06-20|22:37] C:\ProgramData\Apple Computer
[2006-11-02|09:02] C:\ProgramData\Application Data
[2008-04-06|18:25] C:\ProgramData\Borland
[2008-03-26|15:34] C:\ProgramData\Bureau
[2008-04-06|18:31] C:\ProgramData\Corel
[2008-03-26|20:12] C:\ProgramData\CyberLink
[2006-11-02|09:02] C:\ProgramData\Desktop
[2006-11-02|09:02] C:\ProgramData\Documents
[2008-03-26|20:06] C:\ProgramData\eSobi
[2008-03-26|15:34] C:\ProgramData\Favoris
[2006-11-02|09:02] C:\ProgramData\Favorites
[2008-07-27|23:36] C:\ProgramData\Google
[2008-03-27|11:58] C:\ProgramData\Hewlett-Packard
[2008-05-12|06:56] C:\ProgramData\HP
[2008-03-28|18:08] C:\ProgramData\HPSSUPPLY
[2008-05-12|06:58] C:\ProgramData\hpzinstall.log
[2008-03-26|15:34] C:\ProgramData\Menu D‚marrer
[2008-06-14|07:28] C:\ProgramData\Messenger Plus!
[2008-03-27|09:11] C:\ProgramData\Microsoft
[2008-03-31|15:38] C:\ProgramData\Microsoft Help
[2008-03-26|15:34] C:\ProgramData\ModŠles
[2008-04-06|20:31] C:\ProgramData\Mozilla
[2008-09-28|08:21] C:\ProgramData\noun settings mail.2be2bcq
[2008-03-27|13:52] C:\ProgramData\ntuser.dat
[2008-03-27|13:52] C:\ProgramData\ntuser.dat.LOG1
[2008-03-27|13:52] C:\ProgramData\ntuser.dat.LOG2
[2008-03-27|13:52] C:\ProgramData\ntuser.dat{0534525d-fc20-11dc-b50d-001c25538256}.TM.blf
[2008-03-27|13:52] C:\ProgramData\ntuser.dat{0534525d-fc20-11dc-b50d-001c25538256}.TMContainer00000000000000000001.regtrans-ms
[2008-03-27|13:52] C:\ProgramData\ntuser.dat{0534525d-fc20-11dc-b50d-001c25538256}.TMContainer00000000000000000002.regtrans-ms
[2008-05-11|15:30] C:\ProgramData\Philips Intelligent Agent
[2008-09-28|08:21] C:\ProgramData\Program meal settings
[2008-09-27|23:14] C:\ProgramData\Raxco
[2008-05-17|11:14] C:\ProgramData\shim type type.0qgxdnu
[2008-08-12|10:12] C:\ProgramData\shim type type.3qxrdrj
[2008-06-09|11:38] C:\ProgramData\shim type type.97ckybf
[2008-06-23|09:36] C:\ProgramData\shim type type.camqy
[2008-09-19|20:59] C:\ProgramData\shim type type.dng1l3
[2008-09-28|08:20] C:\ProgramData\shim type type.hj9tl7
[2008-07-23|19:05] C:\ProgramData\shim type type.j6xqm8
[2008-07-22|07:24] C:\ProgramData\shim type type.p1gzx
[2008-09-28|08:20] C:\ProgramData\shim type type.s7p49p
[2008-09-06|15:20] C:\ProgramData\shim type type.wr7jza7
[2008-07-27|23:33] C:\ProgramData\SITEguard
[2008-10-13|23:07] C:\ProgramData\Spybot - Search & Destroy
[2006-11-02|09:02] C:\ProgramData\Start Menu
[2008-07-27|23:36] C:\ProgramData\STOPzilla!
[2008-04-06|20:26] C:\ProgramData\Symantec
[2008-04-06|18:33] C:\ProgramData\TaskMgr
[2008-10-15|20:33] C:\ProgramData\TEMP
[2006-11-02|09:02] C:\ProgramData\Templates
[2008-09-28|08:21] C:\ProgramData\Tool Eggs Less City
[2008-04-06|20:39] C:\ProgramData\Vid‚otron
[2008-03-27|14:22] C:\ProgramData\WEBREG
[2008-06-06|06:44] C:\ProgramData\WindowsSearch
[2008-08-27|22:08] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[2008-03-26|15:38] C:\Program Files\Acer Arcade Live
[2008-03-26|16:08] C:\Program Files\Acer Inc
[2007-08-27|15:48] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[2008-04-06|20:33] C:\Program Files\Adobe
[2008-05-15|19:49] C:\Program Files\Ahead
[2008-10-13|15:05] C:\Program Files\Alwil Software
[2008-04-16|20:24] C:\Program Files\America's Army
[2008-04-16|19:32] C:\Program Files\America's Army Server Manager
[2008-06-20|22:35] C:\Program Files\Apple Software Update
[2008-03-26|16:02] C:\Program Files\ATI
[2008-03-26|16:04] C:\Program Files\ATI Technologies
[2008-05-16|12:25] C:\Program Files\BFG
[2008-08-22|10:02] C:\Program Files\BitTorrent
[2008-06-20|22:36] C:\Program Files\Bonjour
[2008-04-06|20:40] C:\Program Files\CA
[2008-05-17|11:14] C:\Program Files\Circle Developement
[2008-10-03|16:25] C:\Program Files\Common Files
[2008-04-06|20:39] C:\Program Files\ComPlus Applications
[2008-07-24|13:18] C:\Program Files\Control Kids
[2008-04-11|16:01] C:\Program Files\Corel
[2007-08-27|15:56] C:\Program Files\CyberLink
[2008-08-22|10:02] C:\Program Files\DNA
[2007-08-27|16:00] C:\Program Files\eSobi
[2008-03-26|15:34] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[2008-10-09|21:21] C:\Program Files\Google
[2008-05-18|20:24] C:\Program Files\Hidden Expedition Titanic
[2008-04-06|20:50] C:\Program Files\HP
[2008-04-06|20:38] C:\Program Files\InstallShield Installation Information
[2008-06-20|22:36] C:\Program Files\Internet Explorer
[2008-06-20|22:37] C:\Program Files\iPod
[2008-06-20|22:37] C:\Program Files\iTunes
[2008-08-22|22:32] C:\Program Files\IZArc
[2008-08-14|08:14] C:\Program Files\Java
[2008-10-14|19:19] C:\Program Files\JuicyMS
[2008-04-09|20:13] C:\Program Files\Lexmark 1200 Series
[2008-07-02|10:12] C:\Program Files\LimeWire
[2008-04-11|17:15] C:\Program Files\LucasArts
[2008-06-19|12:01] C:\Program Files\MAIET
[2008-09-06|15:20] C:\Program Files\Messenger Plus! Live
[2008-03-27|15:58] C:\Program Files\Microsoft Easy Assist
[2006-11-02|08:37] C:\Program Files\Microsoft Games
[2008-03-26|23:21] C:\Program Files\Microsoft IntelliPoint
[2008-03-26|23:34] C:\Program Files\Microsoft IntelliType Pro
[2008-03-31|15:37] C:\Program Files\Microsoft Office
[2008-08-18|20:04] C:\Program Files\Microsoft Silverlight
[2008-05-14|15:28] C:\Program Files\Microsoft SQL Server Compact Edition
[2008-09-10|03:01] C:\Program Files\Microsoft Works
[2008-05-21|21:12] C:\Program Files\Mortimer Beckett And The Secrets Of Spooky Manor
[2008-03-26|21:15] C:\Program Files\Movie Maker
[2008-10-14|18:55] C:\Program Files\Mozilla Firefox
[2006-11-02|08:37] C:\Program Files\MSBuild
[2008-03-26|17:53] C:\Program Files\MSXML 4.0
[2008-05-18|19:46] C:\Program Files\MumboJumbo
[2007-08-27|15:43] C:\Program Files\NewTech Infosystems
[2008-10-10|15:00] C:\Program Files\Norton Security Scan
[2008-05-20|20:13] C:\Program Files\Play at Joe's
[2008-05-18|20:12] C:\Program Files\PopCap Games
[2008-06-20|22:36] C:\Program Files\QuickTime
[2008-09-27|23:14] C:\Program Files\Raxco
[2008-03-27|09:27] C:\Program Files\Realtek AC97
[2006-11-02|08:37] C:\Program Files\Reference Assemblies
[2008-05-18|17:37] C:\Program Files\ReflexiveArcade
[2008-05-12|16:09] C:\Program Files\RegCure
[2008-10-13|22:56] C:\Program Files\Spybot - Search & Destroy
[2008-10-03|07:33] C:\Program Files\Spyware Doctor
[2008-08-14|08:14] C:\Program Files\Sun
[2008-10-15|20:09] C:\Program Files\Trend Micro
[2006-11-02|09:01] C:\Program Files\Uninstall Information
[2008-04-06|20:39] C:\Program Files\Vid‚otron
[2008-03-26|21:15] C:\Program Files\Windows Calendar
[2008-03-26|21:15] C:\Program Files\Windows Collaboration
[2008-03-26|21:15] C:\Program Files\Windows Defender
[2008-03-26|21:15] C:\Program Files\Windows Journal
[2008-10-09|21:20] C:\Program Files\Windows Live
[2008-09-08|20:19] C:\Program Files\Windows Live Safety Center
[2008-06-14|16:08] C:\Program Files\Windows Live Toolbar
[2008-08-13|21:31] C:\Program Files\Windows Mail
[2008-09-11|21:54] C:\Program Files\Windows Media Player
[2008-03-26|15:34] C:\Program Files\Windows NT
[2008-03-26|21:15] C:\Program Files\Windows Photo Gallery
[2008-03-26|21:15] C:\Program Files\Windows Sidebar
[2008-04-06|18:25] C:\Program Files\WordPerfect Office X3
[2008-03-31|15:33] C:\Program Files\Yahoo!

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[2008-04-06|20:33] C:\Program Files\Common Files\Adobe
[2008-05-15|19:49] C:\Program Files\Common Files\Ahead
[2008-06-20|22:34] C:\Program Files\Common Files\Apple
[2008-04-06|20:40] C:\Program Files\Common Files\Authentium
[2008-04-06|18:24] C:\Program Files\Common Files\Borland Shared
[2008-04-11|16:01] C:\Program Files\Common Files\Corel
[2008-03-27|11:14] C:\Program Files\Common Files\Hewlett-Packard
[2008-04-06|20:50] C:\Program Files\Common Files\HP
[2008-07-21|23:19] C:\Program Files\Common Files\INCA Shared
[2007-08-27|15:55] C:\Program Files\Common Files\InstallShield
[2008-07-27|23:27] C:\Program Files\Common Files\iS3
[2008-04-06|18:34] C:\Program Files\Common Files\Java
[2007-08-27|15:43] C:\Program Files\Common Files\LightScribe
[2008-08-27|22:10] C:\Program Files\Common Files\microsoft shared
[2007-08-27|15:43] C:\Program Files\Common Files\muvee Technologies
[2007-08-27|15:43] C:\Program Files\Common Files\NewTech Infosystems
[2008-04-06|20:46] C:\Program Files\Common Files\Scanner
[2006-11-02|07:18] C:\Program Files\Common Files\Services
[2006-11-02|07:18] C:\Program Files\Common Files\SpeechEngines
[2008-08-22|22:13] C:\Program Files\Common Files\Symantec Shared
[2008-03-26|21:15] C:\Program Files\Common Files\System
[2008-04-06|19:51] C:\Program Files\Common Files\WindowsLiveInstaller

--------------------\\ Process

( 94 Processes )

iexplore.exe ~ [PID:2484]
iexplore.exe ~ [PID:2580]
iexplore.exe ~ [PID:412]

--------------------\\ Recherche avec S_Lop

C:\ProgramData\shim type type.camqy
C:\ProgramData\shim type type.p1gzx
C:\ProgramData\aim mp3 grey.21h5w7
C:\ProgramData\shim type type.dng1l3
C:\ProgramData\shim type type.hj9tl7
C:\ProgramData\shim type type.j6xqm8
C:\ProgramData\shim type type.s7p49p
C:\ProgramData\noun settings mail.2be2bcq
C:\ProgramData\shim type type.0qgxdnu
C:\ProgramData\shim type type.3qxrdrj
C:\ProgramData\shim type type.97ckybf
C:\ProgramData\shim type type.wr7jza7

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\ProgramData\Tool Eggs Less City
C:\ProgramData\Tool Eggs Less City\Keep lies.exe
C:\ProgramData\Tool Eggs Less City\program proc.exe
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"love browse"="\"C:\\ProgramData\\shim type type.hj9tl7\""
"LESS CITY AMEN SETUP"="\"C:\\ProgramData\\noun settings mail.2be2bcq\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-15 20:27:40
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-15 20:36:25
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 164

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

[F:8][D:3]-> C:\Users\pc\AppData\Local\Temp
[F:96][D:1]-> C:\Users\pc\AppData\Roaming\MICROS~1\Windows\Cookies
[F:207][D:4]-> C:\Users\pc\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:5][D:1]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 2008-10-15|20:39 - Option : [1]

--------------------\\ Fin du rapport a 20:39:02
[ UAC => 1 ]

Réponse 31 / 44

Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention 10 305

---> Relance Lop S&D
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)

Réponse 32 / 44

Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention 10 305

Les infections qui te font des pubs.

Réponse 33 / 44

Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention 10 305

"etes vous en train de me faire effacer mes doné ?"
---> Non.

Réponse 34 / 44

Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention 10 305

---> Tu peux supprimer Lop S&D et le dossier Lop SD situé dans C:\

---> Poste un nouveau rapport HijackThis.

Réponse 35 / 44

Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention 10 305

C'est le rapport de tout à l'heure.

Lance HijackThis en tant qu'administrateur en cliquant droit sur le raccourci d'HijackThis.

Réponse 36 / 44

lacoste06 Messages postés 27 Statut Membre

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:20:42, on 2008-10-15
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Vidéotron\Services de sécurité Vidéotron\Fws.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\Ati2evxx.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Vidéotron\Vidéotron Service Agent\VideotronSA.exe
C:\Program Files\Vidéotron\Services de sécurité Vidéotron\RPS.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Program Files\Vidéotron\Vidéotron Service Agent\VideotronSAComHandler.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\system32\lxczcoms.exe
C:\Windows\System32\svchost.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\PSIService.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Vidéotron\Services de sécurité Vidéotron\rpsupdaterR.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\dllhost.exe
C:\Windows\System32\msdtc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.vista.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\dllhost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fsympatico.msn.ca%2fdefaultf.aspx%2f%3f
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fsympatico.msn.ca%2fdefaultf.aspx%2f%3f
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?redirfallthru=http%3a%2f%2fsympatico.msn.ca%2fdefaultf.aspx%2f%3f
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Pop-Up Blocker BHO - {3C060EA2-E6A9-4E49-A530-D4657B8C449A} - C:\Program Files\Vidéotron\Services de sécurité Vidéotron\pkR.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [VideotronSA.exe] "C:\Program Files\Vidéotron\Vidéotron Service Agent\VideotronSA.exe" /AUTORUN
O4 - HKLM\..\Run: [Services de sécurité Vidéotron] "C:\Program Files\Vidéotron\Services de sécurité Vidéotron\Rps.exe"
O4 - HKLM\..\Run: [-FreedomNeedsReboot] "C:\Program Files\Vidéotron\Services de sécurité Vidéotron\ZkRunOnceR.exe"
O4 - HKLM\..\Run: [lxczbmgr.exe] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Clavier+] C:\Users\pc\AppData\Local\Clavier+\Clavier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [IndexCleaner] "C:\Program Files\Vidéotron\Services de sécurité Vidéotron\IdxClnR.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans WordPerfect - C:\Program Files\WordPerfect Office X3\Programs\WPLauncher.hta
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab
O16 - DPF: {72376E32-8AF2-473F-BE32-E5D0F39C865D} (CUpdateAdvisorCtrl Object) - http://www.cyberlink.com/acer/update/prog/UpdateAdvisorV2.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Filter hijack: text/html - {C6F62B7A-5450-4A2F-8687-6CEEC3AEB055} - C:\Windows\system32\controlkids2.dll
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: DvpApi (dvpapi) - Authentium, Inc. - C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.vista.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: lxcz_device - - C:\Windows\system32\lxczcoms.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Windows\system32\PSIService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Service de mise a jour pour Services de sécurité Vidéotron (RPSUpdaterR) - Radialpoint Inc. - C:\Program Files\Vidéotron\Services de sécurité Vidéotron\rpsupdaterR.exe
O23 - Service: Services de sécurité Vidéotron Coupe-feu (RP_FWS) - Vidéotron - C:\Program Files\Vidéotron\Services de sécurité Vidéotron\Fws.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

Réponse 37 / 44

Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention 10 305

---> Désinstalle HijackThis.

---> Réactive l'UAC.

---> Fais un scan rapide avec MBAM, supprime tout ce qu'il trouve et poste le rapport :
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm

Réponse 38 / 44

lacoste06 Messages postés 27 Statut Membre

Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1274
Windows 6.0.6001 Service Pack 1

2008-10-15 21:35:55
mbam-log-2008-10-15 (21-35-55).txt

Type de recherche: Examen rapide
Eléments examinés: 44560
Temps écoulé: 5 minute(s), 33 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

voila merci maintenant je pourai naviguer sans etre deranger envers ses pub :)

Réponse 39 / 44

Destrio5 Messages postés 99820 Date d'inscription Statut Modérateur Dernière intervention 10 305

Peux-tu me dire ce qu'il y a dans le dossier suivant : C:\ProgramData\Program meal settings

Réponse 40 / 44

lacoste06 Messages postés 27 Statut Membre

Si Le Probleme reviendrai cmais jen doute fort

Probleme De Pub Intensive !

44 réponses

Votre réponse

Discussions similaires

Newsletters