Actualité informatique
Test comparatif matériel informatique
Jeux vidéo
Astuces informatique
Vidéo
Télécharger
Services en ligne
Forum informatique
01Business

|-  SECURITE


|||-  

comment supprimer un virus?

 

14 utilisateurs inconnus
Ajouter une réponse
 

 
Page photos
 
     
Vider la liste des messages à citer
 
 Page :
1  2
Dernière Page
Page Suivante
Page Précédente
Première Page
Auteur
 Sujet :

comment supprimer un virus?

Prévenir les modérateurs en cas d'abus 
cjenny658
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 27/04/2010 à 20:08:18  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour, je viens de faire un SCAN avec AVAST qui m'a détecté 11 virus. J'en ai supprimé 10 mais je n'arrive pas à supprimer le dernier ('lien introuvable'). Je ne sais pas si cela a un rapport mais quand je vais sur internet , j'ai une dizaine de fenêtres intempestives qui s'ouvrent. Mon ordinateur est très très lent... Que faire? Merci d'avance pour vos conseils. Jenny

  1. Posté le 27/04/2010 à 20:11:23  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
alut,

 Télécharger le logiciel suivant: Malwarebytes' Anti-Malware (Gratuit) (Windows 2K et + 32/64 bits)

 http://www.malwarebytes.org/mbam.php

 Une fois installé lorsques que vous allez démarrer le logiciel il va demander de ce mettre à jour et cliquer "ok".

 Sinon cliquer sur l'onglet "mise à jour" et sur "Recherche de mise à jour" pour la version gratuite avant chaque scan.

 Dans l'onglet "Recherche" ,Vérifier que c'est bien "Exécuter un examen complet" qui est coché et appuyer le bouton "Rechercher".

 Quand il aura fini cliquer sur "ok".

 Vous allez maintenant être de retour à l'écran principal de la recherche. Cliquer sur "Afficher les résultats".
 Maintenant vous allez voir le résultat avec les fichiers infectés.

 Cliquer ensuite "Supprimer la Selection" et une fois terminée, il va ouvrir le "Bloc note" avec le résultat du travail.

 Pour me copier/coller les log dans le "Bloc note" vous allez dans le menu Édition et cliquer sur "Sélectionner tout" et retourner dans "Édition" et cliquer sur "copier"
 Sur le forum, faire un click droit et cliquer sur "coller".

 Ensuite:

 Téléchargement de Trend Micro Hijack This Bêta 2.0.3 (Windows 9x/2k/XP/Vista/7 32/64 bits)

 http://go.trendmicro.com/free- [...] ckThis.msi

 Cliquez pour le télécharger et dans enregistrer sous le mettre sur le bureau. Cliquer sur le fichier pour l'installer.

 Ensuite vous cliquez sur HijackThis.exe. Prendre l'option sur "Do a System scan and save a log file".

 Le scan terminée, une fenêtre va s'ouvrir dans le "bloc note".
 Dans le "Bloc note" allé dans le menu Édition et cliquer sur "Sélectionner tout" et retourner dans"Édition" et cliquer sur "copier"
 Sur le forum, faire un click droit et cliquer sur "coller".

(Publicité)
cjenny658
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 28/04/2010 à 11:15:02  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
voici le rapport de Malwarebytes. Merci de votre aide.

 Malwarebytes' Anti-Malware 1.45
 www.malwarebytes.org

 Version de la base de données: 4044

 Windows 6.0.6000
 Internet Explorer 8.0.6001.18904

 28/04/2010 13:12:40
 mbam-log-2010-04-28 (13-12-40).txt

 Type d'examen: Examen complet (C:\|D:\|)
 Elément(s) analysé(s): 227428
 Temps écoulé: 2 heure(s), 23 minute(s), 21 seconde(s)

 Processus mémoire infecté(s): 2
 Module(s) mémoire infecté(s): 3
 Clé(s) du Registre infectée(s): 51
 Valeur(s) du Registre infectée(s): 1
 Elément(s) de données du Registre infecté(s): 2
 Dossier(s) infecté(s): 5
 Fichier(s) infecté(s): 16

 Processus mémoire infecté(s):
 C:\Program Files\SpaceQuery\spacequery.ex​e (Adware.SpaceQuery) -> Unloaded process successfully.
 C:\ProgramData\SpaceQuery\spac​equery121.exe (Adware.SpaceQuery) -> Unloaded process successfully.

 Module(s) mémoire infecté(s):
 C:\Program Files\InferiorBrandingSystem\I​nferiorBrandingSystem.dll (Adware.InferiorBrandingSystem​) -> Delete on reboot.
 C:\Windows\System32\bf78.dll (Adware.Mirar) -> Delete on reboot.
 C:\Program Files\SpaceQuery\spacequery.dl​l (Adware.SpaceQuery) -> Delete on reboot.

 Clé(s) du Registre infectée(s):
 HKEY_CLASSES_ROOT\AppID\{7326c​63e-4c2e-b709-797b-c39330f6122​4} (Adware.InferiorBrandingSystem​) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\CLSID\{8ce2f​082-c95d-db7f-b8ce-e1f01d6c1b0​3} (Adware.InferiorBrandingSystem​) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\CLSID\{147a9​76f-eee1-4377-8ea7-4716e4cdd23​9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\CLSID\{a4730​ebe-43a6-443e-9776-36915d323ad​3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\Typelib\{066​ea362-2fbe-70e3-7fab-575cf5fc6​508} (Adware.InferiorBrandingSystem​) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\Typelib\{d51​8921a-4a03-425e-9873-b9a717568​21e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Internet Explorer\SearchScopes\{56256a5​1-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Stats\{8ce2f082-c95d-db7f-​b8ce-e1f01d6c1b03} (Adware.InferiorBrandingSystem​) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Stats\{00a6faf1-072e-44cf-​8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Stats\{00a6faf6-072e-44cf-​8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Stats\{07b18ea1-a523-4961-​b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Stats\{07b18ea9-a523-4961-​b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Stats\{07b18eab-a523-4961-​b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Stats\{1d4db7d2-6ec9-47a3-​bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Stats\{3dc201fb-e9c9-499c-​a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Stats\{63d0ed2c-b45b-4458-​8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Stats\{9ff05104-b030-46fc-​94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Settings\{8ce2f082-c95d-db​7f-b8ce-e1f01d6c1b03} (Adware.InferiorBrandingSystem​) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Settings\{00a6faf1-072e-44​cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Settings\{07b18ea1-a523-49​61-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Settings\{07b18ea9-a523-49​61-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Settings\{07b18eab-a523-49​61-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87​-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc​09-1c83-4648-b3e6-003d2bbc7481​} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\Low Rights\ElevationPolicy\{68af84​7f-6e91-45dd-9b68-d6a12c30e5d7​} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b9​6c-28d4-4626-8358-27e6caeef907​} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71f​a0-ff48-48dd-9b6d-7a13a3e42127​} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb196​8e-ead6-40fd-8dae-ff14757f60c7​} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d9​01-86f0-4383-99b6-9cdd406036da​} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\SearchScopes\{56256a5​1-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{8ce2f082-c95d-db7f-b8​ce-e1f01d6c1b03} (Adware.InferiorBrandingSystem​) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Uninstall\spacequery (Adware.SpaceQuery) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\AppID\Inferi​orBrandingSystem.DLL (Adware.InferiorBrandingSystem​) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\inferiorbran​dingsystem.inferiorbrandingsys​tem (Adware.InferiorBrandingSystem​) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\inferiorbran​dingsystem.inferiorbrandingsys​tem.1 (Adware.InferiorBrandingSystem​) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Uninstall\InferiorBrandingSys​tem (Adware.InferiorBrandingSystem​) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\Software\Inf​eriorBrandingSystem (Adware.InferiorBrandingSystem​) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SYSTEM\Curr​entControlSet\Services\SpaceQu​ery Service (Adware.SpaceQuery) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Sp​aceQuery (Adware.SpaceQuery) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\Software\IEB​arProperties (Adware.Mirar) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Med​iaHoldings (Malware.Trace) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\MyW​ebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Pla​yMP3 (Adware.PLayMP3z) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Fu​n Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Fu​nWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr​.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Multimedia\WMPlayer\Sc​hemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Uninstall\PlayMP3 (Adware.PLayMP3z) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\My​WebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{d778686f-e8d7-4a05-88​ff-dcf942d4bcfa} (Trojan.BHO) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\CLSID\{d7786​86f-e8d7-4a05-88ff-dcf942d4bcf​a} (Trojan.BHO) -> Quarantined and deleted successfully.

 Valeur(s) du Registre infectée(s):
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Run\sfkg6wipusp (Trojan.Downloader) -> Quarantined and deleted successfully.

 Elément(s) de données du Registre infecté(s):
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Internet Explorer\Main\Search Bar (Hijack.SearchPage) -> Bad: (http://www.mirarsearch.com/?u​seie5=1&q=) Good: (http://www.google.com) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Internet Explorer\Main\Search Bar (Hijack.SearchPage) -> Bad: (http://www.mirarsearch.com/?u​seie5=1&q=) Good: (http://www.google.com) -> Quarantined and deleted successfully.

 Dossier(s) infecté(s):
 C:\Program Files\PlayMP3z (Adware.PLayMP3z) -> Quarantined and deleted successfully.
 C:\Users\jenny\AppData\Roaming​\Microsoft\Windows\Start Menu\Programs\PlayMP3z (Adware.PLayMP3z) -> Quarantined and deleted successfully.
 C:\Program Files\SpaceQuery (Adware.SpaceQuery) -> Delete on reboot.
 C:\ProgramData\SpaceQuery (Adware.SpaceQuery) -> Quarantined and deleted successfully.
 C:\Program Files\InferiorBrandingSystem (Adware.InferiorBrandingSystem​) -> Delete on reboot.

 Fichier(s) infecté(s):
 C:\Program Files\InferiorBrandingSystem\I​nferiorBrandingSystem.dll (Adware.InferiorBrandingSystem​) -> Delete on reboot.
 C:\Windows\System32\bf78.dll (Adware.Mirar) -> Delete on reboot.
 C:\Program Files\PlayMP3z\PlayMP3.exe (Adware.BHO) -> Quarantined and deleted successfully.
 C:\Program Files\Windows Live\Messenger\riched20.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 C:\Users\jenny\AppData\Local\M​icrosoft\Windows\Temporary Internet Files\Content.IE5\8JDDRB6U\acc​ess[1].exe (Adware.Mirar) -> Quarantined and deleted successfully.
 C:\Users\jenny\AppData\Local\T​emp\gni9AB5.tmp (Adware.Dropper) -> Quarantined and deleted successfully.
 D:\Sony.Sound.Forge.v8.0.Incl.​Keygen - (ed2kreleases.tk) - By.Ed(d)\Sony.Sound.Forge.v8.0​.Incl.Keygen\keygen\keygen.exe (Trojan.Downloader) -> Quarantined and deleted successfully.
 C:\Program Files\PlayMP3z\uninstall.exe (Adware.PLayMP3z) -> Quarantined and deleted successfully.
 C:\Users\jenny\AppData\Roaming​\Microsoft\Windows\Start Menu\Programs\PlayMP3z\Run PlayMP3z.pif (Adware.PLayMP3z) -> Quarantined and deleted successfully.
 C:\Program Files\SpaceQuery\spacequery.dl​l (Adware.SpaceQuery) -> Delete on reboot.
 C:\Program Files\SpaceQuery\spacequery.ex​e (Adware.SpaceQuery) -> Quarantined and deleted successfully.
 C:\Program Files\SpaceQuery\uninstall.exe (Adware.SpaceQuery) -> Quarantined and deleted successfully.
 C:\ProgramData\SpaceQuery\spac​equery121.exe (Adware.SpaceQuery) -> Quarantined and deleted successfully.
 C:\Program Files\InferiorBrandingSystem\u​ninstall.exe (Adware.InferiorBrandingSystem​) -> Quarantined and deleted successfully.
 C:\Users\Public\Desktop\Stream​ing Music - MediaPass.lnk (Adware.Trace) -> Quarantined and deleted successfully.
 C:\Users\jenny\AppData\Roaming​\Microsoft\Windows\jnipmo.exe (Trojan.Downloader) -> Delete on reboot.

cjenny658
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 28/04/2010 à 11:52:10  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Re-bonjour, j'ai essayé le Téléchargement de Trend Micro Hijack This Bêta 2.0.3 (Windows 9x/2k/XP/Vista/7 32/64 bits)
 mais ça ne marche pas. On me dit que l'action est impossible et qu'il faut exécuter le logiciel en tant qu'administrateur. Or, l'option 'exécuter en tant qu'administrateur' est gelée! je ne peux pas la sélectionner...    

 J'attends vos conseils. Merci d'avance. Jenny

  1. Posté le 28/04/2010 à 17:21:00  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bizzare essayer ceci:

 Télécharger combofix ici et Choisir "Enregistrer la cible sous" et modifier le nom du fichier pour votre nick ou autre.
 (Windows 2K/XP/Vista 32 bits)

 http://download.bleepingcomput [...] mboFix.exe

 Désactiver votre antivirus et Windows Defender avant d'exécuter le logiciel en cliquant dessus.

 Ensuite attendre que le log soit fini. Ne rien toucher avant la fin.

 La barre démarrer peut disparaître et c'est normal.

 Le rapport est dans "Bloc note" et vous pouvez le sauvegarder.

 Pour me copier/coller les log dans le "Bloc note" vous allez dans le menu Édition et cliquer sur "Sélectionner tout" et retourner dans "Édition" et cliquer sur "copier"
 Sur le forum, faire un click droit et cliquer sur "coller".

(Publicité)
cjenny658
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 28/04/2010 à 17:58:31  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
J'ai essayé avec combofix, j'ai fait le log plusieurs fois mais je ne trouve pas le rapport???

 En tout cas je n'ai plus de fenêtres intempestives qui s'ouvrent quand je vais sur le net. Merci !

 Merci de votre aide.

 Jenny

  1. Posté le 28/04/2010 à 19:15:15  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Il est dans c:\combofx.txt

cjenny658
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 28/04/2010 à 20:47:44  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
je n'arrive vraiment pas à le trouver... et les fenêtres intempestives sont revenues.. :(  

 (Merci pour l'aide. )

(Publicité)
  1. Posté le 29/04/2010 à 02:33:17  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Essayer de faire un log directement du logiciel ici:

 http://go.trendmicro.com/free- [...] ckThis.exe

 Sinon essayer celui-ci:

 Téléchargement de Random's system information tool Incompatible windows 7 64 bit

 http://images.malwareremoval.com/random/RSIT.exe

 Cliquez pour le télécharger et dans enregistrer sous le mettre sur le bureau. Cliquer sur le fichier pour générer les logs. RSIT installe Hijackthis en même temps.

 Ensuite vous cliquez sur RSIT.exe. Cliquer sur "continuer" ou changer le temps par défaut soit un mois à 2 ou 3 mois si vous pensez que l'infection date de ce temps.

 Le scan terminée, 2 fenêtres "bloc note" vont s'ouvrir. Vous me copier/coller log.txt en premier et info.txt en second.

 Dans le "Bloc note" vous allez dans le menu Édition et cliquer sur "Sélectionner tout" et retourner dans "Édition" et cliquer sur "copier"
 Sur le forum, faire un click droit et cliquer sur "coller".

cjenny658
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 30/04/2010 à 15:19:14  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonjour ! ça y est j'ai réussi à avoir le rapport de HijackThis !

 Logfile of Trend Micro HijackThis v2.0.4
 Scan saved at 17:17:29, on 30/04/2010
 Platform: Windows Vista  (WinNT 6.00.1904)
 MSIE: Internet Explorer v8.00 (8.00.6001.18904)
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\Dwm.exe
 C:\Windows\Explorer.EXE
 C:\Windows\system32\taskeng.ex​e
 C:\Windows\RtHDVCpl.exe
 C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 C:\Windows\System32\igfxtray.e​xe
 C:\Windows\System32\hkcmd.exe
 C:\Windows\System32\igfxpers.e​xe
 C:\Program Files\Launch Manager\LManager.exe
 C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTBoardService.exe
 C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTSNMPAgent.exe
 C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe
 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
 C:\Windows\ehome\ehtray.exe
 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
 C:\Windows\System32\rundll32.e​xe
 C:\Program Files\Adparatus\Adparatus.exe
 C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe
 C:\Program Files\3\3Connect\AutoUpdateSrv​.exe
 C:\Windows\ehome\ehmsas.exe
 C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
 C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.E​XE
 C:\Acer\Empowering Technology\ACER.EMPOWERING.FRA​MEWORK.SUPERVISOR.EXE
 C:\Windows\system32\igfxsrvc.e​xe
 C:\Windows\system32\igfxext.ex​e
 C:\Users\jenny\AppData\Local\T​emp\RtkBtMnt.exe
 C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalizatio​n.exe
 C:\Windows\system32\wuauclt.ex​e
 C:\Program Files\Windows Live\Contacts\wlcomm.exe
 C:\Program Files\Internet Explorer\iexplore.exe
 C:\Program Files\Internet Explorer\iexplore.exe
 C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.e​xe
 C:\Program Files\Windows Live\Toolbar\wltuser.exe
 C:\Windows\system32\Macromed\F​lash\FlashUtil10b.exe
 C:\Program Files\Internet Explorer\iexplore.exe
 C:\Users\jenny\Desktop\HiJackT​his.exe

 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,CustomizeSearc​h =
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me =
 R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - (no file)
 R3 - URLSearchHook: (no name) - {91C18ED5-5E1C-4AE5-A148-A861D​E8C8E16} - (no file)
 O1 - Hosts: ::1 localhost
 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O2 - BHO: SMART Notebook Download Plugin - {67BCF957-85FC-4036-8DC4-D4D80​E00A77B} - C:\Program Files\SMART Technologies\SMART Notebook\NotebookPlugin.dll
 O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3A​AC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
 O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B​8505E96} - C:\Windows\system32\ActiveTool​Band.dll
 O2 - BHO: Adparatus - {8B2C7C9D-716D-4e9e-9358-B9C80​A81B7ED} - C:\Program Files\Adparatus\Adparatus.dll
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF105​77473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
 O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.5.4723.1820\swg.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94E​C1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
 O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB​0476E29} - C:\Windows\system32\eDStoolbar​.dll
 O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
 O3 - Toolbar: Mirar - {D778686E-E8D7-4A05-88FF-DCF94​2D4BCFA} - C:\Windows\system32\bf78.dll (file missing)
 O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-00902​7A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
 O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE​4475CCA} - (no file)
 O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
 O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,​nvsvcStart
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.d​ll,NvTaskbarInit
 O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
 O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.e​xe
 O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
 O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.e​xe
 O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.​exe
 O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.​exe
 O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSlo​ader.exe
 O4 - HKLM\..\Run: [SMART Board Service] C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTBoardService.exe
 O4 - HKLM\..\Run: [SMART SNMP Agent] C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTSNMPAgent.exe -e
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
 O4 - HKLM\..\Run: [Wireless Manager] "C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe" startup
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.ex​e"
 O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\av​astUI.exe /nogui
 O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
 O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateServ​ice\ISUSPM.exe" -startup
 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
 O4 - HKCU\..\Run: [GabPath] C:\Users\jenny\AppData\Roaming​\GabPath\gabpath.exe
 O4 - HKCU\..\Run: [Adparatus] "C:\Program Files\Adparatus\Adparatus.exe"
 O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe​"
 O4 - HKCU\..\Run: [SfKg6wIPuSp] C:\Users\jenny\AppData\Roaming​\Microsoft\Windows\jnipmo.exe
 O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
 O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
 O4 - Global Startup: Empowering Technology Launcher.lnk = ?
 O4 - Global Startup: SMART Board Tools.lnk = C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTBoardTools.exe
 O4 - Global Startup: Update Agent.lnk = ?
 O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\bl​ockpopups.htm
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFF​ICE11\EXCEL.EXE/3000
 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolba​rDynamic_mui_en_96D6FF0C6D236B​F8.dll/cmsidewiki.html
 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll
 O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll
 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\​REFIEBAR.DLL
 O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-30783​02C2030} - C:\Windows\system32\browseui.d​ll
 O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
 O23 - Service: @%SystemRoot%\system32\aelupsv​c.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files\Virgin Broadband Wireless\AffinegyService.exe
 O23 - Service: @%SystemRoot%\system32\Alg.exe​,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
 O23 - Service: @%systemroot%\system32\appinfo​.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\audiosr​v.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\audiosr​v.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 O23 - Service: @%SystemRoot%\system32\bfe.dll​,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\qmgr.dl​l,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\browser​.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\certpro​p.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
 O23 - Service: @%SystemRoot%\system32\cryptsv​c.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\dhcpcsv​c.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\dnsapi.​dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\dot3svc​.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\dps.dll​,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\eapsvc.​dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\ehome\ehrecvr.ex​e,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
 O23 - Service: @%SystemRoot%\ehome\ehsched.ex​e,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
 O23 - Service: @%SystemRoot%\ehome\ehstart.dl​l,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLock​Serv.exe
 O23 - Service: @%SystemRoot%\system32\emdmgmt​.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
 O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecovery​Service.exe
 O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\c​apuserv.exe
 O23 - Service: @%SystemRoot%\system32\wevtsvc​.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\fdPHost​.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\fdrespu​b.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpda​te.exe
 O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 O23 - Service: @%SystemRoot%\System32\hidserv​.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\kmsvc.d​ll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\​Intel 32\IDriverT.exe
 O23 - Service: @%SystemRoot%\system32\ikeext.​dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\IPBusEn​um.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\iphlpsv​c.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\irmon.d​ll,-2000 (Irmon) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
 O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\srvsvc.​dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\wkssvc.​dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
 O23 - Service: @%SystemRoot%\system32\lltdres​.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\lmhsvc.​dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\mmcss.d​ll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
 O23 - Service: @%SystemRoot%\system32\Firewal​lAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
 O23 - Service: @%SystemRoot%\system32\iscsids​c.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\msimsg.​dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.ex​e
 O23 - Service: @%SystemRoot%\system32\qagentr​t.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\netlogo​n.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
 O23 - Service: @%SystemRoot%\system32\netman.​dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\netprof​.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\nlasvc.​dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\nsisvc.​dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\p2psvc.​dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\p2psvc.​dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\pcasvc.​dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\pla.dll​,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\umpnpmg​r.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\p2psvc.​dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\p2psvc.​dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\polstor​e.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\profsvc​.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\psbase.​dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
 O23 - Service: @%SystemRoot%\system32\qwave.d​ll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\rasauto​.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\rasmans​.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
 O23 - Service: @%systemroot%\system32\Locator​.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.ex​e
 O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\samsrv.​dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
 O23 - Service: @%SystemRoot%\System32\SCardSv​r.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\schedsv​c.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\certpro​p.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\sdrsvc.​dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\seclogo​n.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\Sens.dl​l,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\SessEnv​.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\shsvcs.​dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\SLsvc.e​xe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
 O23 - Service: @%SystemRoot%\system32\SLUINot​ify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\snmptra​p.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.e​xe
 O23 - Service: @%systemroot%\system32\spoolsv​.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.ex​e
 O23 - Service: @%systemroot%\system32\ssdpsrv​.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wiaserv​c.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\swprv.d​ll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\sysmain​.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\TabSvc.​dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\tapisrv​.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\tbssvc.​dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\termsrv​.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\shsvcs.​dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\mmcss.d​ll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\trkwks.​dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\servicing\Truste​dInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedIn​staller.exe
 O23 - Service: @%SystemRoot%\system32\ui0dete​ct.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.​exe
 O23 - Service: @%systemroot%\system32\upnphos​t.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\dwm.exe​,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\vds.exe​,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
 O23 - Service: @%systemroot%\system32\vssvc.e​xe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
 O23 - Service: @%SystemRoot%\system32\w32time​.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wcncsvc​.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\WcsPlug​InService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\wdi.dll​,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\wdi.dll​,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\webclnt​.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wecsvc.​dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wercpls​upport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wersvc.​dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\winhttp​.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\wbem\wm​isvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\wsmsvc.​dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wlansvc​.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\wbem\wm​iapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiAp​Srv.exe
 O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.ex​e
 O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
 O23 - Service: @%SystemRoot%\system32\wpcsvc.​dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wpdbuse​num.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wscsvc.​dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\SearchI​ndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchInde​xer.exe
 O23 - Service: @%systemroot%\system32\wuaueng​.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wudfsvc​.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xa​udio.exe

 --
 End of file - 24105 bytes

  1. Posté le 30/04/2010 à 16:03:49  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Cocher les lignes suivantes dans Hijackthis et faire "Fix checked":

 R3 - URLSearchHook: (no name) - {91C18ED5-5E1C-4AE5-A148-A861D​E8C8E16} - (no file)
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O3 - Toolbar: Mirar - {D778686E-E8D7-4A05-88FF-DCF94​2D4BCFA} - C:\Windows\system32\bf78.dll (file missing)
 O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE​4475CCA} - (no file)

 Ensuite faire ceci:

 Télécharger le logiciel suivant: Malwarebytes' Anti-Malware (Gratuit) (Windows 2K et + 32/64 bits)

 http://www.malwarebytes.org/mbam.php

 Une fois installé lorsques que vous allez démarrer le logiciel il va demander de ce mettre à jour et cliquer "ok".

 Sinon cliquer sur l'onglet "mise à jour" et sur "Recherche de mise à jour" pour la version gratuite avant chaque scan.

 Dans l'onglet "Recherche" ,Vérifier que c'est bien "Exécuter un examen complet" qui est coché et appuyer le bouton "Rechercher".

 Quand il aura fini cliquer sur "ok".

 Vous allez maintenant être de retour à l'écran principal de la recherche. Cliquer sur "Afficher les résultats".
 Maintenant vous allez voir le résultat avec les fichiers infectés.

 Cliquer ensuite "Supprimer la Selection" et une fois terminée, il va ouvrir le "Bloc note" avec le résultat du travail.

 Pour me copier/coller les log dans le "Bloc note" vous allez dans le menu Édition et cliquer sur "Sélectionner tout" et retourner dans "Édition" et cliquer sur "copier"
 Sur le forum, faire un click droit et cliquer sur "coller".

 Ensuite:

 Refaire un Hijackthis.

(Publicité)
cjenny658
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 30/04/2010 à 21:27:31  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Merci !

 je n'arrive pas à supprimer ces deux lignes...
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O3 - Toolbar: Mirar - {D778686E-E8D7-4A05-88FF-DCF94​2D4BCFA} - C:\Windows\system32\bf78.dll (file missing)


 Logfile of Trend Micro HijackThis v2.0.4
 Scan saved at 23:24:00, on 30/04/2010
 Platform: Windows Vista  (WinNT 6.00.1904)
 MSIE: Internet Explorer v8.00 (8.00.6001.18904)
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\Dwm.exe
 C:\Windows\Explorer.EXE
 C:\Windows\system32\taskeng.ex​e
 C:\Windows\RtHDVCpl.exe
 C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 C:\Windows\System32\igfxtray.e​xe
 C:\Windows\System32\hkcmd.exe
 C:\Windows\System32\igfxpers.e​xe
 C:\Program Files\Launch Manager\LManager.exe
 C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTBoardService.exe
 C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTSNMPAgent.exe
 C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe
 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
 C:\Windows\ehome\ehtray.exe
 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
 C:\Windows\System32\rundll32.e​xe
 C:\Program Files\Adparatus\Adparatus.exe
 C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe
 C:\Program Files\3\3Connect\AutoUpdateSrv​.exe
 C:\Windows\ehome\ehmsas.exe
 C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
 C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.E​XE
 C:\Acer\Empowering Technology\ACER.EMPOWERING.FRA​MEWORK.SUPERVISOR.EXE
 C:\Windows\system32\igfxsrvc.e​xe
 C:\Windows\system32\igfxext.ex​e
 C:\Users\jenny\AppData\Local\T​emp\RtkBtMnt.exe
 C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalizatio​n.exe
 C:\Windows\system32\wuauclt.ex​e
 C:\Program Files\Windows Live\Contacts\wlcomm.exe
 C:\Users\jenny\Desktop\HiJackT​his.exe

 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,CustomizeSearc​h =
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me =
 R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - (no file)
 O1 - Hosts: ::1 localhost
 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O2 - BHO: SMART Notebook Download Plugin - {67BCF957-85FC-4036-8DC4-D4D80​E00A77B} - C:\Program Files\SMART Technologies\SMART Notebook\NotebookPlugin.dll
 O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3A​AC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
 O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B​8505E96} - C:\Windows\system32\ActiveTool​Band.dll
 O2 - BHO: Adparatus - {8B2C7C9D-716D-4e9e-9358-B9C80​A81B7ED} - C:\Program Files\Adparatus\Adparatus.dll
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF105​77473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
 O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.5.4723.1820\swg.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94E​C1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
 O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB​0476E29} - C:\Windows\system32\eDStoolbar​.dll
 O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
 O3 - Toolbar: Mirar - {D778686E-E8D7-4A05-88FF-DCF94​2D4BCFA} - C:\Windows\system32\bf78.dll (file missing)
 O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-00902​7A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
 O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
 O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,​nvsvcStart
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.d​ll,NvTaskbarInit
 O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
 O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.e​xe
 O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
 O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.e​xe
 O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.​exe
 O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.​exe
 O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSlo​ader.exe
 O4 - HKLM\..\Run: [SMART Board Service] C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTBoardService.exe
 O4 - HKLM\..\Run: [SMART SNMP Agent] C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTSNMPAgent.exe -e
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
 O4 - HKLM\..\Run: [Wireless Manager] "C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe" startup
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.ex​e"
 O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\av​astUI.exe /nogui
 O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
 O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateServ​ice\ISUSPM.exe" -startup
 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
 O4 - HKCU\..\Run: [GabPath] C:\Users\jenny\AppData\Roaming​\GabPath\gabpath.exe
 O4 - HKCU\..\Run: [Adparatus] "C:\Program Files\Adparatus\Adparatus.exe"
 O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe​"
 O4 - HKCU\..\Run: [SfKg6wIPuSp] C:\Users\jenny\AppData\Roaming​\Microsoft\Windows\jnipmo.exe
 O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
 O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
 O4 - Global Startup: Empowering Technology Launcher.lnk = ?
 O4 - Global Startup: SMART Board Tools.lnk = C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTBoardTools.exe
 O4 - Global Startup: Update Agent.lnk = ?
 O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\bl​ockpopups.htm
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFF​ICE11\EXCEL.EXE/3000
 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolba​rDynamic_mui_en_96D6FF0C6D236B​F8.dll/cmsidewiki.html
 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll
 O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll
 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\​REFIEBAR.DLL
 O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-30783​02C2030} - C:\Windows\system32\browseui.d​ll
 O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
 O23 - Service: @%SystemRoot%\system32\aelupsv​c.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files\Virgin Broadband Wireless\AffinegyService.exe
 O23 - Service: @%SystemRoot%\system32\Alg.exe​,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
 O23 - Service: @%systemroot%\system32\appinfo​.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\audiosr​v.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\audiosr​v.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 O23 - Service: @%SystemRoot%\system32\bfe.dll​,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\qmgr.dl​l,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\browser​.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\certpro​p.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
 O23 - Service: @%SystemRoot%\system32\cryptsv​c.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\dhcpcsv​c.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\dnsapi.​dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\dot3svc​.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\dps.dll​,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\eapsvc.​dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\ehome\ehrecvr.ex​e,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
 O23 - Service: @%SystemRoot%\ehome\ehsched.ex​e,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
 O23 - Service: @%SystemRoot%\ehome\ehstart.dl​l,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLock​Serv.exe
 O23 - Service: @%SystemRoot%\system32\emdmgmt​.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
 O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecovery​Service.exe
 O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\c​apuserv.exe
 O23 - Service: @%SystemRoot%\system32\wevtsvc​.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\fdPHost​.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\fdrespu​b.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpda​te.exe
 O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 O23 - Service: @%SystemRoot%\System32\hidserv​.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\kmsvc.d​ll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\​Intel 32\IDriverT.exe
 O23 - Service: @%SystemRoot%\system32\ikeext.​dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\IPBusEn​um.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\iphlpsv​c.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\irmon.d​ll,-2000 (Irmon) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
 O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\srvsvc.​dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\wkssvc.​dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
 O23 - Service: @%SystemRoot%\system32\lltdres​.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\lmhsvc.​dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\mmcss.d​ll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
 O23 - Service: @%SystemRoot%\system32\Firewal​lAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
 O23 - Service: @%SystemRoot%\system32\iscsids​c.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\msimsg.​dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.ex​e
 O23 - Service: @%SystemRoot%\system32\qagentr​t.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\netlogo​n.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
 O23 - Service: @%SystemRoot%\system32\netman.​dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\netprof​.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\nlasvc.​dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\nsisvc.​dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\p2psvc.​dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\p2psvc.​dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\pcasvc.​dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\pla.dll​,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\umpnpmg​r.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\p2psvc.​dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\p2psvc.​dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\polstor​e.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\profsvc​.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\psbase.​dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
 O23 - Service: @%SystemRoot%\system32\qwave.d​ll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\rasauto​.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\rasmans​.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
 O23 - Service: @%systemroot%\system32\Locator​.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.ex​e
 O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\samsrv.​dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
 O23 - Service: @%SystemRoot%\System32\SCardSv​r.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\schedsv​c.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\certpro​p.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\sdrsvc.​dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\seclogo​n.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\Sens.dl​l,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\SessEnv​.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\shsvcs.​dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\SLsvc.e​xe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
 O23 - Service: @%SystemRoot%\system32\SLUINot​ify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\snmptra​p.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.e​xe
 O23 - Service: @%systemroot%\system32\spoolsv​.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.ex​e
 O23 - Service: @%systemroot%\system32\ssdpsrv​.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wiaserv​c.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\swprv.d​ll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\sysmain​.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\TabSvc.​dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\tapisrv​.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\tbssvc.​dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\termsrv​.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\shsvcs.​dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\mmcss.d​ll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\trkwks.​dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\servicing\Truste​dInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedIn​staller.exe
 O23 - Service: @%SystemRoot%\system32\ui0dete​ct.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.​exe
 O23 - Service: @%systemroot%\system32\upnphos​t.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\dwm.exe​,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\vds.exe​,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
 O23 - Service: @%systemroot%\system32\vssvc.e​xe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
 O23 - Service: @%SystemRoot%\system32\w32time​.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wcncsvc​.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\WcsPlug​InService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\wdi.dll​,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\wdi.dll​,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\webclnt​.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wecsvc.​dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wercpls​upport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wersvc.​dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\winhttp​.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\wbem\wm​isvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\wsmsvc.​dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wlansvc​.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\wbem\wm​iapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiAp​Srv.exe
 O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.ex​e
 O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
 O23 - Service: @%SystemRoot%\system32\wpcsvc.​dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wpdbuse​num.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wscsvc.​dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\SearchI​ndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchInde​xer.exe
 O23 - Service: @%systemroot%\system32\wuaueng​.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wudfsvc​.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xa​udio.exe

 --
 End of file - 23627 bytes

  1. Posté le 30/04/2010 à 22:55:38  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Ensuite faire un scan ici: http://www.eset-nod32.fr/scanner.html

 Et me copier/coller le log qui est ici: C:\Program Files\EsetOnlineScanner\log.tx​t

cjenny658
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 01/05/2010 à 01:38:47  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Malwarebytes' Anti-Malware 1.46
 www.malwarebytes.org

 Version de la base de données: 4056

 Windows 6.0.6000
 Internet Explorer 8.0.6001.18904

 01/05/2010 03:36:30
 mbam-log-2010-05-01 (03-36-30).txt

 Type d'examen: Examen complet (C:\|D:\|)
 Elément(s) analysé(s): 238482
 Temps écoulé: 2 heure(s), 47 minute(s), 55 seconde(s)

 Processus mémoire infecté(s): 1
 Module(s) mémoire infecté(s): 1
 Clé(s) du Registre infectée(s): 15
 Valeur(s) du Registre infectée(s): 3
 Elément(s) de données du Registre infecté(s): 0
 Dossier(s) infecté(s): 7
 Fichier(s) infecté(s): 31

 Processus mémoire infecté(s):
 C:\Program Files\Adparatus\Adparatus.exe (Adware.Adparatus) -> Unloaded process successfully.

 Module(s) mémoire infecté(s):
 C:\Program Files\Adparatus\Adparatus.dll (Adware.Adparatus) -> Delete on reboot.

 Clé(s) du Registre infectée(s):
 HKEY_CLASSES_ROOT\TypeLib\{a4b​ca928-b566-49c6-aef1-50bf8673f​5cf} (Adware.Adparatus) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\Interface\{d​0b60438-57e7-44de-8f8e-6c3bf30​5d430} (Adware.Adparatus) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\CLSID\{8b2c7​c9d-716d-4e9e-9358-b9c80a81b7e​d} (Adware.Adparatus) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Stats\{8b2c7c9d-716d-4e9e-​9358-b9c80a81b7ed} (Adware.Adparatus) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Ext\Settings\{8b2c7c9d-716d-4e​9e-9358-b9c80a81b7ed} (Adware.Adparatus) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Explorer\Browser Helper Objects\{8b2c7c9d-716d-4e9e-93​58-b9c80a81b7ed} (Adware.Adparatus) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\Interface\{2​911746b-a321-e19b-3aa0-ea0c4cd​63cd0} (Adware.InferiorBrandingSystem​) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\Interface\{2​e9937fc-cf2f-4f56-af54-5a6a3dd​375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\Interface\{7​41de825-a6f0-4497-9aa6-8023cf9​b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_CLASSES_ROOT\Interface\{c​f54be1c-9359-4395-8533-1657cf2​09cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Mi​crosoft\Windows\CurrentVersion​\Uninstall\adparatus (Adware.Adparatus) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Uninstall\gabpath (Adware.Agent) -> Quarantined and deleted successfully.
 HKEY_LOCAL_MACHINE\SOFTWARE\Ma​rketPrecision\Adparatus (Adware.Adparatus) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\Software\Gab​Path (Adware.Adparatus) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\Software\App​DataLow\Software\MarketPrecisi​on (Adware.Adparatus) -> Quarantined and deleted successfully.

 Valeur(s) du Registre infectée(s):
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Run\adparatus (Adware.Adparatus) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Run\gabpath (Adware.Agent) -> Quarantined and deleted successfully.
 HKEY_CURRENT_USER\SOFTWARE\Mic​rosoft\Windows\CurrentVersion\​Run\sfkg6wipusp (Trojan.Downloader) -> Quarantined and deleted successfully.

 Elément(s) de données du Registre infecté(s):
 (Aucun élément nuisible détecté)

 Dossier(s) infecté(s):
 C:\Users\jenny\AppData\Roaming​\GabPath (Adware.Agent) -> Quarantined and deleted successfully.
 C:\Program Files\Adparatus (Adware.Adparatus) -> Delete on reboot.
 C:\Program Files\Adparatus\FF (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Program Files\Adparatus\FF\2594 (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Program Files\Adparatus\FF\2594\compon​ents (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Users\jenny\AppData\Local\T​emp\AdparatusTemp (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Users\jenny\AppData\Roaming​\Microsoft\Windows\Start Menu\Programs\Adparatus (Adware.Adparatus) -> Quarantined and deleted successfully.

 Fichier(s) infecté(s):
 C:\Program Files\Adparatus\Adparatus.exe (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Program Files\Adparatus\Adparatus.dll (Adware.Adparatus) -> Delete on reboot.
 C:\Users\jenny\AppData\Roaming​\GabPath\gabpath.exe (Adware.Agent) -> Quarantined and deleted successfully.
 C:\Program Files\Adparatus\AdparatusResou​rces.dll (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Program Files\Adparatus\Uninstall.exe (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Program Files\Adparatus\FF\2594\compon​ents\Adparatus2594.dll (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Program Files\Adparatus\FF\2594\compon​ents\MSWBCtl2594.dll (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Users\jenny\AppData\Local\M​icrosoft\Windows\Temporary Internet Files\Content.IE5\3DX1VQA2\Bun​dleInstaller[1].htm (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Users\jenny\AppData\Local\T​emp\stub-9945.exe (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Windows\Temp\SPA313C.tmp\up​grade.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
 C:\Users\jenny\AppData\Roaming​\GabPath\config.cfg (Adware.Agent) -> Quarantined and deleted successfully.
 C:\Users\jenny\AppData\Roaming​\GabPath\GPUninstall.exe (Adware.Agent) -> Quarantined and deleted successfully.
 C:\Program Files\Adparatus\Adparatus.ico (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Program Files\Adparatus\Support.url (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Program Files\Adparatus\FF\2594\chrome​.manifest (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Program Files\Adparatus\FF\2594\instal​l.rdf (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Users\jenny\AppData\Local\T​emp\AdparatusTemp\DUH2017.tmp.​xml (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Users\jenny\AppData\Local\T​emp\AdparatusTemp\DUH20A7.tmp.​html (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Users\jenny\AppData\Local\T​emp\AdparatusTemp\DUH22A6.tmp.​xml (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Users\jenny\AppData\Local\T​emp\AdparatusTemp\DUH2655.tmp.​html (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Users\jenny\AppData\Local\T​emp\AdparatusTemp\DUH8B96.tmp.​xml (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Users\jenny\AppData\Local\T​emp\AdparatusTemp\DUH8BD9.tmp.​html (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Users\jenny\AppData\Local\T​emp\AdparatusTemp\DUH9C48.tmp.​xml (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Users\jenny\AppData\Local\T​emp\AdparatusTemp\DUH9D1B.tmp.​html (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Users\jenny\AppData\Local\T​emp\AdparatusTemp\DUH9DD4.tmp.​html (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Users\jenny\AppData\Local\T​emp\AdparatusTemp\DUHDD3F.tmp.​xml (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Users\jenny\AppData\Local\T​emp\AdparatusTemp\DUHE072.tmp.​html (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Users\jenny\AppData\Roaming​\Microsoft\Windows\Start Menu\Programs\Adparatus\About Adparatus.lnk (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Users\jenny\AppData\Roaming​\Microsoft\Windows\Start Menu\Programs\Adparatus\Adpara​tus Support.lnk (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Users\jenny\AppData\Roaming​\Microsoft\Windows\Start Menu\Programs\Adparatus\Uninst​all Adparatus.lnk (Adware.Adparatus) -> Quarantined and deleted successfully.
 C:\Users\jenny\AppData\Local\T​emp\adparatus.installer.log (Adware.Adparatus) -> Quarantined and deleted successfully.

(Publicité)
  1. Posté le 01/05/2010 à 02:50:39  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Super! Le scan de ESET maintenant suivit d'un Hijackthis

cjenny658
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 01/05/2010 à 15:30:55  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
cela fait 7h que le scan est en cours avec Eset !! ce n'est qu'à 49%, c'est normal?  Merci

cjenny658
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 01/05/2010 à 16:21:27  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
ESETSmartInstaller@High as CAB hook log:
 OnlineScanner.ocx - registred OK


 c'est tout ce que le log d'Eset dit...

cjenny658
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 01/05/2010 à 16:25:26  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Voici le nouveau log HijackThis. Si je comprends bien, il y a toujours les mêmes 2 fichiers impossible à supprimer...

 Logfile of Trend Micro HijackThis v2.0.4
 Scan saved at 18:23:50, on 01/05/2010
 Platform: Windows Vista  (WinNT 6.00.1904)
 MSIE: Internet Explorer v8.00 (8.00.6001.18904)
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\Dwm.exe
 C:\Windows\Explorer.EXE
 C:\Windows\system32\taskeng.ex​e
 C:\Windows\System32\rundll32.e​xe
 C:\Windows\RtHDVCpl.exe
 C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 C:\Windows\System32\igfxtray.e​xe
 C:\Windows\System32\hkcmd.exe
 C:\Windows\System32\igfxpers.e​xe
 C:\Program Files\Launch Manager\LManager.exe
 C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTBoardService.exe
 C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTSNMPAgent.exe
 C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe
 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
 C:\Windows\ehome\ehtray.exe
 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
 C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe
 C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTBoardTools.exe
 C:\Program Files\3\3Connect\AutoUpdateSrv​.exe
 C:\Acer\Empowering Technology\ENET\ENMTRAY.EXE
 C:\Windows\ehome\ehmsas.exe
 C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.E​XE
 C:\Windows\system32\igfxsrvc.e​xe
 C:\Acer\Empowering Technology\ACER.EMPOWERING.FRA​MEWORK.SUPERVISOR.EXE
 C:\Acer\Empowering Technology\eRecovery\ERAGENT.E​XE
 C:\Windows\system32\igfxext.ex​e
 C:\Program Files\SMART Technologies\SMART Board Drivers\Aware.exe
 C:\Users\jenny\AppData\Local\T​emp\RtkBtMnt.exe
 C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalizatio​n.exe
 C:\Program Files\SMART Technologies\SMART Board Drivers\Marker.exe
 C:\Program Files\Internet Explorer\iexplore.exe
 C:\Program Files\Internet Explorer\iexplore.exe
 C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.e​xe
 C:\Program Files\Windows Live\Toolbar\wltuser.exe
 C:\Windows\system32\wuauclt.ex​e
 C:\Program Files\Internet Explorer\iexplore.exe
 C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
 C:\Program Files\Microsoft\Office Live\OfficeLiveSignIn.exe
 C:\Users\jenny\Desktop\HiJackT​his.exe

 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,CustomizeSearc​h =
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me =
 R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - (no file)
 O1 - Hosts: ::1 localhost
 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7​D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O2 - BHO: SMART Notebook Download Plugin - {67BCF957-85FC-4036-8DC4-D4D80​E00A77B} - C:\Program Files\SMART Technologies\SMART Notebook\NotebookPlugin.dll
 O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3A​AC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
 O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B​8505E96} - C:\Windows\system32\ActiveTool​Band.dll
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF105​77473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
 O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.5.4723.1820\swg.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94E​C1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
 O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB​0476E29} - C:\Windows\system32\eDStoolbar​.dll
 O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
 O3 - Toolbar: Mirar - {D778686E-E8D7-4A05-88FF-DCF94​2D4BCFA} - C:\Windows\system32\bf78.dll (file missing)
 O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-00902​7A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
 O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
 O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,​nvsvcStart
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.d​ll,NvTaskbarInit
 O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
 O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.e​xe
 O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
 O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.e​xe
 O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.​exe
 O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.​exe
 O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSlo​ader.exe
 O4 - HKLM\..\Run: [SMART Board Service] C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTBoardService.exe
 O4 - HKLM\..\Run: [SMART SNMP Agent] C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTSNMPAgent.exe -e
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
 O4 - HKLM\..\Run: [Wireless Manager] "C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe" startup
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.ex​e"
 O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\av​astUI.exe /nogui
 O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
 O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateServ​ice\ISUSPM.exe" -startup
 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
 O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe​"
 O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
 O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
 O4 - Global Startup: Empowering Technology Launcher.lnk = ?
 O4 - Global Startup: SMART Board Tools.lnk = C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTBoardTools.exe
 O4 - Global Startup: Update Agent.lnk = ?
 O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\bl​ockpopups.htm
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFF​ICE11\EXCEL.EXE/3000
 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolba​rDynamic_mui_en_96D6FF0C6D236B​F8.dll/cmsidewiki.html
 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll
 O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll
 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\​REFIEBAR.DLL
 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11​451AFC5} (OnlineScanner Control) - http://download.eset.com/speci [...] canner.cab
 O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-30783​02C2030} - C:\Windows\system32\browseui.d​ll
 O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
 O23 - Service: @%SystemRoot%\system32\aelupsv​c.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files\Virgin Broadband Wireless\AffinegyService.exe
 O23 - Service: @%SystemRoot%\system32\Alg.exe​,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
 O23 - Service: @%systemroot%\system32\appinfo​.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\audiosr​v.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\audiosr​v.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 O23 - Service: @%SystemRoot%\system32\bfe.dll​,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\qmgr.dl​l,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\browser​.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\certpro​p.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
 O23 - Service: @%SystemRoot%\system32\cryptsv​c.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\dhcpcsv​c.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\dnsapi.​dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\dot3svc​.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\dps.dll​,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\eapsvc.​dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\ehome\ehrecvr.ex​e,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
 O23 - Service: @%SystemRoot%\ehome\ehsched.ex​e,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
 O23 - Service: @%SystemRoot%\ehome\ehstart.dl​l,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLock​Serv.exe
 O23 - Service: @%SystemRoot%\system32\emdmgmt​.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
 O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecovery​Service.exe
 O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\c​apuserv.exe
 O23 - Service: @%SystemRoot%\system32\wevtsvc​.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\fdPHost​.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\fdrespu​b.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpda​te.exe
 O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 O23 - Service: @%SystemRoot%\System32\hidserv​.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\kmsvc.d​ll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\​Intel 32\IDriverT.exe
 O23 - Service: @%SystemRoot%\system32\ikeext.​dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\IPBusEn​um.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\iphlpsv​c.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\irmon.d​ll,-2000 (Irmon) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
 O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\srvsvc.​dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\wkssvc.​dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
 O23 - Service: @%SystemRoot%\system32\lltdres​.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\lmhsvc.​dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\mmcss.d​ll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
 O23 - Service: @%SystemRoot%\system32\Firewal​lAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
 O23 - Service: @%SystemRoot%\system32\iscsids​c.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\msimsg.​dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.ex​e
 O23 - Service: @%SystemRoot%\system32\qagentr​t.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\netlogo​n.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
 O23 - Service: @%SystemRoot%\system32\netman.​dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\netprof​.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\nlasvc.​dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\nsisvc.​dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\p2psvc.​dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\p2psvc.​dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\pcasvc.​dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\pla.dll​,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\umpnpmg​r.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\p2psvc.​dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\p2psvc.​dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\polstor​e.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\profsvc​.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\psbase.​dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
 O23 - Service: @%SystemRoot%\system32\qwave.d​ll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\rasauto​.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\rasmans​.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
 O23 - Service: @%systemroot%\system32\Locator​.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.ex​e
 O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\samsrv.​dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
 O23 - Service: @%SystemRoot%\System32\SCardSv​r.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\schedsv​c.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\certpro​p.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\sdrsvc.​dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\seclogo​n.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\Sens.dl​l,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\SessEnv​.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\shsvcs.​dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\SLsvc.e​xe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
 O23 - Service: @%SystemRoot%\system32\SLUINot​ify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\snmptra​p.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.e​xe
 O23 - Service: @%systemroot%\system32\spoolsv​.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.ex​e
 O23 - Service: @%systemroot%\system32\ssdpsrv​.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wiaserv​c.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\swprv.d​ll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\sysmain​.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\TabSvc.​dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\tapisrv​.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\tbssvc.​dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\termsrv​.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\shsvcs.​dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\mmcss.d​ll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\trkwks.​dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\servicing\Truste​dInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedIn​staller.exe
 O23 - Service: @%SystemRoot%\system32\ui0dete​ct.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.​exe
 O23 - Service: @%systemroot%\system32\upnphos​t.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\dwm.exe​,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\vds.exe​,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
 O23 - Service: @%systemroot%\system32\vssvc.e​xe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
 O23 - Service: @%SystemRoot%\system32\w32time​.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wcncsvc​.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\WcsPlug​InService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\wdi.dll​,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\wdi.dll​,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\webclnt​.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wecsvc.​dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wercpls​upport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wersvc.​dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\winhttp​.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\wbem\wm​isvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\wsmsvc.​dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wlansvc​.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\wbem\wm​iapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiAp​Srv.exe
 O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.ex​e
 O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
 O23 - Service: @%SystemRoot%\system32\wpcsvc.​dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wpdbuse​num.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wscsvc.​dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\SearchI​ndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchInde​xer.exe
 O23 - Service: @%systemroot%\system32\wuaueng​.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wudfsvc​.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xa​udio.exe

 --
 End of file - 23959 bytes

  1. Posté le 01/05/2010 à 16:38:50  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Indiquez moi ou sont les 2 fichiers impossible a supprimer et quel est le nom des virus?

 Cocher et "Fix checked" dans Hijackthis:

 R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - (no file)
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)

 Mettre à jour Adobe Reader à la version 9.3.2 le plus rapidement possible. Faire de même avec vos plugins comme java, flash et shockwave si utilisé. Cela va réduire de beaucoup les trous de sécurité.

cjenny658
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 02/05/2010 à 02:18:16  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
voici le nom des deux fichiers impossible à supprimer:

 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O3 - Toolbar: Mirar - {D778686E-E8D7-4A05-88FF-DCF94​2D4BCFA} - C:\Windows\system32\bf78.dll (file missing)

 j'ai pu supprimer celui-ci:
 R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-00902​71D4F88} - (no file)
 mais il reste toujours les deux ci-dessus   :(

 comment fait-on pour mettre à jour Adobe Reader et Java?

 Merci beaucoup

  1. Posté le 02/05/2010 à 06:06:14  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Allez dans ajout/suppression de programmes et supprimer Adobe Reader 7.

 Tout les liens et explication ici: http://pages.videotron.com/g22 [...] curite.htm

 Refaire un nouveau Hijackthis voir si je vois pourquoi il ne sont pas supprimable.

 Est-ce un message d'Erreur ?

cjenny658
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 02/05/2010 à 13:57:42  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
voilà, adobe, flash et java sont maintenant à jour.

 J'ai refait un HijackThis, voici le log. Les deux fichiers sont toujours impossible à supprimer...

 Logfile of Trend Micro HijackThis v2.0.4
 Scan saved at 15:54:47, on 02/05/2010
 Platform: Windows Vista  (WinNT 6.00.1904)
 MSIE: Internet Explorer v8.00 (8.00.6001.18904)
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\Dwm.exe
 C:\Windows\Explorer.EXE
 C:\Windows\system32\taskeng.ex​e
 C:\Windows\System32\rundll32.e​xe
 C:\Windows\RtHDVCpl.exe
 C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 C:\Windows\System32\igfxtray.e​xe
 C:\Windows\System32\hkcmd.exe
 C:\Windows\System32\igfxpers.e​xe
 C:\Program Files\Launch Manager\LManager.exe
 C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTBoardService.exe
 C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTSNMPAgent.exe
 C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe
 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
 C:\Windows\ehome\ehtray.exe
 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
 C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe
 C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTBoardTools.exe
 C:\Program Files\3\3Connect\AutoUpdateSrv​.exe
 C:\Windows\ehome\ehmsas.exe
 C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.E​XE
 C:\Windows\system32\igfxsrvc.e​xe
 C:\Acer\Empowering Technology\ACER.EMPOWERING.FRA​MEWORK.SUPERVISOR.EXE
 C:\Acer\Empowering Technology\eRecovery\ERAGENT.E​XE
 C:\Windows\system32\igfxext.ex​e
 C:\Program Files\SMART Technologies\SMART Board Drivers\Aware.exe
 C:\Users\jenny\AppData\Local\T​emp\RtkBtMnt.exe
 C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalizatio​n.exe
 C:\Program Files\SMART Technologies\SMART Board Drivers\Marker.exe
 C:\Windows\system32\wuauclt.ex​e
 C:\Program Files\Windows Live\Toolbar\wltuser.exe
 C:\Program Files\Windows Live\Contacts\wlcomm.exe
 C:\Users\jenny\Desktop\PROGRAM​MES\HiJackThis.exe

 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,CustomizeSearc​h =
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me =
 O1 - Hosts: ::1 localhost
 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelperShim.dll
 O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988​571CECB} - (no file)
 O2 - BHO: SMART Notebook Download Plugin - {67BCF957-85FC-4036-8DC4-D4D80​E00A77B} - C:\Program Files\SMART Technologies\SMART Notebook\NotebookPlugin.dll
 O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3A​AC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
 O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B​8505E96} - C:\Windows\system32\ActiveTool​Band.dll
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF105​77473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
 O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.5.4723.1820\swg.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94E​C1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
 O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB​0476E29} - C:\Windows\system32\eDStoolbar​.dll
 O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
 O3 - Toolbar: Mirar - {D778686E-E8D7-4A05-88FF-DCF94​2D4BCFA} - C:\Windows\system32\bf78.dll (file missing)
 O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-00902​7A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
 O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
 O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,​nvsvcStart
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.d​ll,NvTaskbarInit
 O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
 O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.e​xe
 O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
 O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.e​xe
 O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.​exe
 O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.​exe
 O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSlo​ader.exe
 O4 - HKLM\..\Run: [SMART Board Service] C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTBoardService.exe
 O4 - HKLM\..\Run: [SMART SNMP Agent] C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTSNMPAgent.exe -e
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
 O4 - HKLM\..\Run: [Wireless Manager] "C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe" startup
 O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\av​astUI.exe /nogui
 O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
 O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.e​xe"
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
 O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateServ​ice\isuspm.exe" -startup
 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
 O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe​"
 O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\F​lash\FlashUtil10b.exe
 O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
 O4 - Global Startup: Empowering Technology Launcher.lnk = ?
 O4 - Global Startup: SMART Board Tools.lnk = C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTBoardTools.exe
 O4 - Global Startup: Update Agent.lnk = ?
 O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\bl​ockpopups.htm
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFF​ICE11\EXCEL.EXE/3000
 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolba​rDynamic_mui_en_96D6FF0C6D236B​F8.dll/cmsidewiki.html
 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll
 O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll
 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\​REFIEBAR.DLL
 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11​451AFC5} (OnlineScanner Control) - http://download.eset.com/speci [...] canner.cab
 O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-30783​02C2030} - C:\Windows\system32\browseui.d​ll
 O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
 O23 - Service: @%SystemRoot%\system32\aelupsv​c.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files\Virgin Broadband Wireless\AffinegyService.exe
 O23 - Service: @%SystemRoot%\system32\Alg.exe​,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
 O23 - Service: @%systemroot%\system32\appinfo​.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\audiosr​v.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\audiosr​v.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 O23 - Service: @%SystemRoot%\system32\bfe.dll​,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\qmgr.dl​l,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\browser​.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\certpro​p.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
 O23 - Service: @%SystemRoot%\system32\cryptsv​c.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\dhcpcsv​c.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\dnsapi.​dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\dot3svc​.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\dps.dll​,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\eapsvc.​dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\ehome\ehrecvr.ex​e,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
 O23 - Service: @%SystemRoot%\ehome\ehsched.ex​e,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
 O23 - Service: @%SystemRoot%\ehome\ehstart.dl​l,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLock​Serv.exe
 O23 - Service: @%SystemRoot%\system32\emdmgmt​.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
 O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecovery​Service.exe
 O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\c​apuserv.exe
 O23 - Service: @%SystemRoot%\system32\wevtsvc​.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\fdPHost​.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\fdrespu​b.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpda​te.exe
 O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 O23 - Service: @%SystemRoot%\System32\hidserv​.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\kmsvc.d​ll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\​Intel 32\IDriverT.exe
 O23 - Service: @%SystemRoot%\system32\ikeext.​dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\IPBusEn​um.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\iphlpsv​c.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\irmon.d​ll,-2000 (Irmon) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
 O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\srvsvc.​dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\wkssvc.​dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
 O23 - Service: @%SystemRoot%\system32\lltdres​.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\lmhsvc.​dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\mmcss.d​ll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
 O23 - Service: @%SystemRoot%\system32\Firewal​lAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
 O23 - Service: @%SystemRoot%\system32\iscsids​c.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\msimsg.​dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.ex​e
 O23 - Service: @%SystemRoot%\system32\qagentr​t.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\netlogo​n.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
 O23 - Service: @%SystemRoot%\system32\netman.​dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\netprof​.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\nlasvc.​dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\nsisvc.​dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\p2psvc.​dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\p2psvc.​dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\pcasvc.​dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\pla.dll​,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\umpnpmg​r.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\p2psvc.​dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\p2psvc.​dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\polstor​e.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\profsvc​.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\psbase.​dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
 O23 - Service: @%SystemRoot%\system32\qwave.d​ll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\rasauto​.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\rasmans​.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
 O23 - Service: @%systemroot%\system32\Locator​.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.ex​e
 O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\samsrv.​dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
 O23 - Service: @%SystemRoot%\System32\SCardSv​r.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\schedsv​c.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\certpro​p.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\sdrsvc.​dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\seclogo​n.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\Sens.dl​l,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\SessEnv​.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\shsvcs.​dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\SLsvc.e​xe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
 O23 - Service: @%SystemRoot%\system32\SLUINot​ify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\snmptra​p.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.e​xe
 O23 - Service: @%systemroot%\system32\spoolsv​.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.ex​e
 O23 - Service: @%systemroot%\system32\ssdpsrv​.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wiaserv​c.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\swprv.d​ll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\sysmain​.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\TabSvc.​dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\tapisrv​.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\tbssvc.​dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\termsrv​.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\shsvcs.​dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\mmcss.d​ll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\trkwks.​dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\servicing\Truste​dInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedIn​staller.exe
 O23 - Service: @%SystemRoot%\system32\ui0dete​ct.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.​exe
 O23 - Service: @%systemroot%\system32\upnphos​t.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\dwm.exe​,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\vds.exe​,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
 O23 - Service: @%systemroot%\system32\vssvc.e​xe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
 O23 - Service: @%SystemRoot%\system32\w32time​.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wcncsvc​.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\WcsPlug​InService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\wdi.dll​,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\wdi.dll​,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\webclnt​.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wecsvc.​dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wercpls​upport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wersvc.​dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\winhttp​.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\wbem\wm​isvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\wsmsvc.​dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wlansvc​.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\wbem\wm​iapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiAp​Srv.exe
 O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.ex​e
 O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
 O23 - Service: @%SystemRoot%\system32\wpcsvc.​dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wpdbuse​num.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wscsvc.​dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\SearchI​ndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchInde​xer.exe
 O23 - Service: @%systemroot%\system32\wuaueng​.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wudfsvc​.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xa​udio.exe

 --
 End of file - 23729 bytes

cjenny658
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 02/05/2010 à 14:09:20  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
quand je clique sur SCAN pour HijackThis, ce message s'affiche:

 -For some reason, your system denied write access to the Hosts file. If any Hijacked domains are in this file, HijackThis may NOT be able to fix this.
 If that happens, you need to edit the file yourself. To do this, click Start, Run and type:   notepad C:\Windows\System32\drivers\et​c\hosts
 and press Enter, Find the line(s) HijackThis reports and delete them. Save the file as 'hosts' (with quotes), and reboot.
 For Vista, simply exit HijackThis, right click on the HijackThis icon, choose 'Run as administrator'-

 Ensuite, une fois le SCAN fini, lorsque je sélectionne les deux fichiers et click sur 'fix checked' un autre message s'affiche:
 - HijackThis is about to remove a BHO and the corresponding file from your system. Close all Internet Explorer windows AND all Windows Explorer windows before continuing for the best chance of success. -

 C'est ce que j'ai fait mais ça ne semble rien changer...

 Merci

  1. Posté le 03/05/2010 à 01:54:09  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Faire bouton de droit et Exécuter en tant qu'administrateur sur l'icône de Hijackthis. Fermer tout ce qui fonctionne et tanter de fixer les lignes.

 Essayer aussi en mode sans échec.

cjenny658
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 03/05/2010 à 10:04:51  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
ça a marché !!! les deux fichiers sont supprimés  :)

 cela veut-il dire qu'il n'y a plus de virus dans mon ordinateur?

 voici le nouveau log:

 Logfile of Trend Micro HijackThis v2.0.4
 Scan saved at 12:02:12, on 03/05/2010
 Platform: Windows Vista  (WinNT 6.00.1904)
 MSIE: Internet Explorer v8.00 (8.00.6001.18904)
 Boot mode: Normal

 Running processes:
 C:\Windows\system32\Dwm.exe
 C:\Windows\Explorer.EXE
 C:\Windows\SYSTEM32\WISPTIS.EX​E
 C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
 C:\Windows\system32\taskeng.ex​e
 C:\Windows\System32\rundll32.e​xe
 C:\Windows\RtHDVCpl.exe
 C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 C:\Windows\System32\igfxtray.e​xe
 C:\Windows\System32\hkcmd.exe
 C:\Windows\System32\igfxpers.e​xe
 C:\Program Files\Launch Manager\LManager.exe
 C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTBoardService.exe
 C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTSNMPAgent.exe
 C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe
 C:\Program Files\Alwil Software\Avast5\AvastUI.exe
 C:\Windows\ehome\ehtray.exe
 C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe
 C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTBoardTools.exe
 C:\Program Files\3\3Connect\AutoUpdateSrv​.exe
 C:\Windows\ehome\ehmsas.exe
 C:\Acer\Empowering Technology\EPOWER\EPOWER_DMC.E​XE
 C:\Windows\system32\igfxsrvc.e​xe
 C:\Acer\Empowering Technology\ACER.EMPOWERING.FRA​MEWORK.SUPERVISOR.EXE
 C:\Acer\Empowering Technology\eRecovery\ERAGENT.E​XE
 C:\Windows\system32\igfxext.ex​e
 C:\Program Files\SMART Technologies\SMART Board Drivers\Aware.exe
 C:\Users\jenny\AppData\Local\T​emp\RtkBtMnt.exe
 C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalizatio​n.exe
 C:\Program Files\SMART Technologies\SMART Board Drivers\Marker.exe
 C:\Windows\system32\wuauclt.ex​e
 C:\Windows\system32\conime.exe
 C:\Program Files\Windows Live\Messenger\msnmsgr.exe
 C:\Program Files\Windows Live\Contacts\wlcomm.exe
 C:\Users\jenny\Desktop\PROGRAM​MES\HiJackThis.exe
 C:\Windows\system32\NOTEPAD.EX​E
 C:\Windows\system32\SearchFilt​erHost.exe

 R1 - HKCU\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
 R1 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,SearchAssistan​t =
 R0 - HKLM\Software\Microsoft\Intern​et Explorer\Search,CustomizeSearc​h =
 R0 - HKCU\Software\Microsoft\Intern​et Explorer\Toolbar,LinksFolderNa​me =
 O1 - Hosts: ::1 localhost
 O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578​C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\Ac​roIEHelperShim.dll
 O2 - BHO: SMART Notebook Download Plugin - {67BCF957-85FC-4036-8DC4-D4D80​E00A77B} - C:\Program Files\SMART Technologies\SMART Notebook\NotebookPlugin.dll
 O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3A​AC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
 O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B​8505E96} - C:\Windows\system32\ActiveTool​Band.dll
 O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-51647​60863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
 O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF105​77473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
 O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B​5AD205D} - C:\Program Files\Google\GoogleToolbarNoti​fier\5.5.4723.1820\swg.dll
 O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C​1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
 O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94E​C1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
 O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB​0476E29} - C:\Windows\system32\eDStoolbar​.dll
 O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D​3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
 O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-00902​7A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
 O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
 O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,​nvsvcStart
 O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,​NvStartup
 O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.d​ll,NvTaskbarInit
 O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
 O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh​.exe
 O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.e​xe
 O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
 O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.e​xe
 O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.​exe
 O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.​exe
 O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSlo​ader.exe
 O4 - HKLM\..\Run: [SMART Board Service] C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTBoardService.exe
 O4 - HKLM\..\Run: [SMART SNMP Agent] C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTSNMPAgent.exe -e
 O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
 O4 - HKLM\..\Run: [Wireless Manager] "C:\Program Files\Virgin Broadband Wireless\Wireless Manager.exe" startup
 O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\av​astUI.exe /nogui
 O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
 O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
 O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.e​xe"
 O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
 O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
 O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateServ​ice\isuspm.exe" -startup
 O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
 O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNoti​fier\GoogleToolbarNotifier.exe​"
 O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\Windows\system32\Macromed\F​lash\FlashUtil10b.exe
 O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
 O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
 O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
 O4 - Global Startup: Empowering Technology Launcher.lnk = ?
 O4 - Global Startup: SMART Board Tools.lnk = C:\Program Files\SMART Technologies\SMART Board Drivers\SMARTBoardTools.exe
 O4 - Global Startup: Update Agent.lnk = ?
 O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\bl​ockpopups.htm
 O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFF​ICE11\EXCEL.EXE/3000
 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolba​rDynamic_mui_en_96D6FF0C6D236B​F8.dll/cmsidewiki.html
 O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll
 O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCD​DC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExten​sion.dll
 O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C5​71A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\​REFIEBAR.DLL
 O16 - DPF: {7530BFB8-7293-4D34-9923-61A11​451AFC5} (OnlineScanner Control) - http://download.eset.com/speci [...] canner.cab
 O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-30783​02C2030} - C:\Windows\system32\browseui.d​ll
 O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
 O23 - Service: @%SystemRoot%\system32\aelupsv​c.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: AffinegyService - Affinegy, Inc. - C:\Program Files\Virgin Broadband Wireless\AffinegyService.exe
 O23 - Service: @%SystemRoot%\system32\Alg.exe​,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe
 O23 - Service: @%systemroot%\system32\appinfo​.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\audiosr​v.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\audiosr​v.dll,-200 (Audiosrv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
 O23 - Service: @%SystemRoot%\system32\bfe.dll​,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\qmgr.dl​l,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\browser​.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\certpro​p.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
 O23 - Service: @%SystemRoot%\system32\cryptsv​c.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\dhcpcsv​c.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\dnsapi.​dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\dot3svc​.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\dps.dll​,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\eapsvc.​dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\ehome\ehrecvr.ex​e,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
 O23 - Service: @%SystemRoot%\ehome\ehsched.ex​e,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
 O23 - Service: @%SystemRoot%\ehome\ehstart.dl​l,-101 (ehstart) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLock​Serv.exe
 O23 - Service: @%SystemRoot%\system32\emdmgmt​.dll,-1000 (EMDMgmt) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
 O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecovery​Service.exe
 O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\c​apuserv.exe
 O23 - Service: @%SystemRoot%\system32\wevtsvc​.dll,-200 (Eventlog) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\fdPHost​.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\fdrespu​b.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: Service Google Update (gupdate) (gupdate) - Unknown owner - C:\Program Files\Google\Update\GoogleUpda​te.exe
 O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.e​xe
 O23 - Service: @%SystemRoot%\System32\hidserv​.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\kmsvc.d​ll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\​Intel 32\IDriverT.exe
 O23 - Service: @%SystemRoot%\system32\ikeext.​dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\IPBusEn​um.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\iphlpsv​c.dll,-200 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\irmon.d​ll,-2000 (Irmon) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe
 O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\srvsvc.​dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\wkssvc.​dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
 O23 - Service: @%SystemRoot%\system32\lltdres​.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\lmhsvc.​dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\mmcss.d​ll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
 O23 - Service: @%SystemRoot%\system32\Firewal​lAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe
 O23 - Service: @%SystemRoot%\system32\iscsids​c.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\msimsg.​dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.ex​e
 O23 - Service: @%SystemRoot%\system32\qagentr​t.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\netlogo​n.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe
 O23 - Service: @%SystemRoot%\system32\netman.​dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\netprof​.dll,-246 (netprofm) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\nlasvc.​dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\nsisvc.​dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\p2psvc.​dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\p2psvc.​dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\pcasvc.​dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\pla.dll​,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\umpnpmg​r.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\p2psvc.​dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\p2psvc.​dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\polstor​e.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\profsvc​.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\psbase.​dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe
 O23 - Service: @%SystemRoot%\system32\qwave.d​ll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\rasauto​.dll,-200 (RasAuto) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\rasmans​.dll,-200 (RasMan) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
 O23 - Service: @%systemroot%\system32\Locator​.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.ex​e
 O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\samsrv.​dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe
 O23 - Service: @%SystemRoot%\System32\SCardSv​r.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\schedsv​c.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\certpro​p.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\sdrsvc.​dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\seclogo​n.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\Sens.dl​l,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\SessEnv​.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\shsvcs.​dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\SLsvc.e​xe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe
 O23 - Service: @%SystemRoot%\system32\SLUINot​ify.dll,-103 (SLUINotify) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\snmptra​p.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.e​xe
 O23 - Service: @%systemroot%\system32\spoolsv​.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.ex​e
 O23 - Service: @%systemroot%\system32\ssdpsrv​.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wiaserv​c.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\swprv.d​ll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\sysmain​.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\TabSvc.​dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\tapisrv​.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\tbssvc.​dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\termsrv​.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\shsvcs.​dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\mmcss.d​ll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\trkwks.​dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\servicing\Truste​dInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedIn​staller.exe
 O23 - Service: @%SystemRoot%\system32\ui0dete​ct.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.​exe
 O23 - Service: @%systemroot%\system32\upnphos​t.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\dwm.exe​,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\vds.exe​,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe
 O23 - Service: @%systemroot%\system32\vssvc.e​xe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe
 O23 - Service: @%SystemRoot%\system32\w32time​.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wcncsvc​.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\WcsPlug​InService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\wdi.dll​,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\wdi.dll​,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\webclnt​.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wecsvc.​dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wercpls​upport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wersvc.​dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\winhttp​.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\wbem\wm​isvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\wsmsvc.​dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wlansvc​.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%Systemroot%\system32\wbem\wm​iapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiAp​Srv.exe
 O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.ex​e
 O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\wmpnetwk.exe
 O23 - Service: @%SystemRoot%\system32\wpcsvc.​dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wpdbuse​num.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\System32\wscsvc.​dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.ex​e
 O23 - Service: @%systemroot%\system32\SearchI​ndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchInde​xer.exe
 O23 - Service: @%systemroot%\system32\wuaueng​.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: @%SystemRoot%\system32\wudfsvc​.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.ex​e
 O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xa​udio.exe

 --
 End of file - 24048 bytes

cjenny658
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 03/05/2010 à 11:42:28  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
comment dois-je faire pour nettoyer mes clés USB et disque dur externe? Est ce que cela risque de me faire perdre des fichiers?

 Merci d'avance

  1. Posté le 03/05/2010 à 14:05:26  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Normalement, non vous allez rien perdre.

 Faire ceci:

 Pour faire une Recherche uniquement

 Téléchargement du logiciel du site de l'auteur El Desaparecido et C_XX: UsbFix

 http://pagesperso-orange.fr/No [...] UsbFix.exe

 Double cliquez sur UsbFix.exe présent sur votre bureau..

 Faire la touche "F" pour (français).
 Ensuite vous choisissez l'option "1" (Recherche) .
 Un message va vous dires de brancher tous vos: clés USB, disques durs externes, camera, lecteur MP3 etc. qui ont été en contact avec l'infection.

 Vous cliquez sur "OK" pour commencer la recherche.
 Une fenêtre va maintenant vous indiquer où est le log.

cjenny658
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 03/05/2010 à 21:01:49  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Merci, je vais faire ça. Sinon pour l'ordinateur, c'est bon? Il est débarrassé de tout virus?

 Merci pour tout .

 Jenny

  1. Posté le 04/05/2010 à 02:38:58  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Nous allons le savoir en même temps avec USBFix.

cjenny658
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 04/05/2010 à 19:24:12  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonsoir, voici les rapport d'usbfix:

 ############################## | UsbFix V6.111 |

 User : jenny (Administrateurs) # PC-DE-JENNY
 Update on 03/05/2010 by El Desaparecido , C_XX & Chimay8
 Start at: 21:05:13 | 04/05/2010
 Website : http://pagesperso-orange.fr/NosTools/index.html
 Contact : FindyKill.Contact@gmail.com

 Genuine Intel(R) CPU           T2060  @ 1.60GHz
 Microsoft® Windows Vista™ Édition Familiale Premium  (6.0.6000 32-bit) #
 Internet Explorer 8.0.6001.18904
 Windows Firewall Status : Enabled
 AV : avast! Antivirus 5.0.83886587 [ Enabled | Updated ]

 C:\ -> Disque fixe local # 52,65 Go (3,44 Go free) [ACER] # NTFS
 D:\ -> Disque fixe local # 52,31 Go (30,29 Go free) [DATA] # NTFS
 E:\ -> Disque CD-ROM
 F:\ -> Disque amovible # 3,72 Go (3,01 Go free) [USB DISK] # FAT32
 K:\ -> Disque amovible # 7,46 Go (2,6 Go free) [Transcend] # FAT32

 ################## | Elements infectieux |

 C:\Users\jenny\AppData\Local\T​emp\gtb.exe  

 ################## | Registre |


 ################## | Mountpoints2 |

 HKCU\..\..\Explorer\MountPoint​s2\G
 shell\AutoRun\command =G:\AutoRun.exe

 HKCU\..\..\Explorer\MountPoint​s2\{170cce9a-84ee-11dd-ac61-00​16d4b2d5d7}
 shell\AutoRun\command =G:\AutoRun.exe

 HKCU\..\..\Explorer\MountPoint​s2\{1b68d8d7-4d5f-11de-a7d1-00​16d4b2d5d7}
 shell\AutoRun\command =G:\AutoRun.exe

 HKCU\..\..\Explorer\MountPoint​s2\{1e2cae75-916f-11dd-88a5-00​16d4b2d5d7}
 shell\AutoRun\command =G:\AutoRun.exe

 HKCU\..\..\Explorer\MountPoint​s2\{55e89ef3-9964-11de-83ac-00​16d4b2d5d7}
 shell\AutoRun\command =G:\AutoRun.exe

 HKCU\..\..\Explorer\MountPoint​s2\{64c7e1b0-8308-11dd-979c-00​16d4b2d5d7}
 shell\AutoRun\command =G:\AutoRun.exe

 HKCU\..\..\Explorer\MountPoint​s2\{79175a81-9a05-11de-8a34-00​16d4b2d5d7}
 shell\AutoRun\command =G:\AutoRun.exe

 HKCU\..\..\Explorer\MountPoint​s2\{79175aaf-9a05-11de-8a34-00​16d4b2d5d7}
 shell\AutoRun\command =G:\AutoRun.exe

 HKCU\..\..\Explorer\MountPoint​s2\{79175acc-9a05-11de-8a34-00​16d4b2d5d7}
 shell\AutoRun\command =G:\AutoRun.exe

 HKCU\..\..\Explorer\MountPoint​s2\{7a8dee47-e825-11de-9362-00​16d4b2d5d7}
 shell\AutoRun\command =G:\AutoRun.exe

 HKCU\..\..\Explorer\MountPoint​s2\{b5dd86f5-ad11-11de-84bb-00​16d4b2d5d7}
 shell\AutoRun\command =G:\AutoRun.exe

 HKCU\..\..\Explorer\MountPoint​s2\{c32c8f94-a1ed-11dd-b6a0-00​16d4b2d5d7}
 shell\AutoRun\command =G:\AutoRun.exe

 HKCU\..\..\Explorer\MountPoint​s2\{c532f9ec-848f-11dd-bdd8-00​16d4b2d5d7}
 shell\AutoRun\command =G:\AutoRun.exe

 HKCU\..\..\Explorer\MountPoint​s2\{c532f9fd-848f-11dd-bdd8-00​16d4b2d5d7}
 shell\AutoRun\command =G:\AutoRun.exe

 HKCU\..\..\Explorer\MountPoint​s2\{c532f9fe-848f-11dd-bdd8-00​16d4b2d5d7}
 shell\AutoRun\command =G:\AutoRun.exe

 HKCU\..\..\Explorer\MountPoint​s2\{c532fa0a-848f-11dd-bdd8-00​16d4b2d5d7}
 shell\AutoRun\command =G:\AutoRun.exe

 HKCU\..\..\Explorer\MountPoint​s2\{c532fa0c-848f-11dd-bdd8-00​16d4b2d5d7}
 shell\AutoRun\command =G:\AutoRun.exe

 ################## | Vaccin |

 (!) Cet ordinateur n'est pas vacciné !  

 ################## | ! Fin du rapport # UsbFix V6.111 ! |

  1. Posté le 04/05/2010 à 22:39:51  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Pour faire la suppression

 Avant de démarrer UsbFix, il est important de brancher tous vos: clés USB, disques durs externes, camera, lecteur MP3 etc. qui ont été en contact avec l'infection.

 Double cliquez sur UsbFix.exe présent sur votre bureau..

 Faire la touche "F" pour (français).
 Ensuite vous choisissez l'option "2" (Suppression) .
 Quand il aura fini, vous cliquez sur "OK".
 L'ordinateur redémarrera automatiquement lorsque vous cliquerez sur "Fermer"

 Au redémarrage , UsbFix va redémarrer automatiquement.
 Une fenêtre va maintenant vous indiquer où est le log.
 Voilà!

 La base de registre est sauvegardée dans C:\UsbFix\Backup et les fichiers supprimés sont sauvegardés dans C:\UsbFix\Quarantine.

 L'utilitaire va vacciner vos lecteurs vous protégeant ainsi d'une autre infection.

cjenny658
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 05/05/2010 à 13:03:56  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonjour, voici le nouveau rapport de usbfix:


 ############################## | UsbFix V6.111 |

 User : jenny (Administrateurs) # PC-DE-JENNY
 Update on 03/05/2010 by El Desaparecido , C_XX & Chimay8
 Start at: 13:20:24 | 05/05/2010
 Website : http://pagesperso-orange.fr/NosTools/index.html
 Contact : FindyKill.Contact@gmail.com

 Genuine Intel(R) CPU           T2060  @ 1.60GHz
 Microsoft® Windows Vista™ Édition Familiale Premium  (6.0.6000 32-bit) #
 Internet Explorer 8.0.6001.18904
 Windows Firewall Status : Enabled
 AV : avast! Antivirus 5.0.83886587 [ Enabled | Updated ]

 C:\ -> Disque fixe local # 52,65 Go (3,33 Go free) [ACER] # NTFS
 D:\ -> Disque fixe local # 52,31 Go (30,29 Go free) [DATA] # NTFS
 E:\ -> Disque CD-ROM
 F:\ -> Disque amovible # 3,72 Go (3,01 Go free) [USB DISK] # FAT32
 K:\ -> Disque amovible # 7,46 Go (2,6 Go free) [Transcend] # FAT32

 ################## | Elements infectieux |

 Supprimé ! C:\Users\jenny\AppData\Local\T​emp\gtb.exe
 Supprimé ! C:\$Recycle.Bin\S-1-5-21-12590​48679-3574687588-2651321410-10​00
 Supprimé ! D:\$Recycle.Bin\S-1-5-21-12590​48679-3574687588-2651321410-10​00

 ################## | Registre |


 ################## | Mountpoints2 |

 Supprimé ! HKCU\...\Explorer\MountPoints2​\G\Shell\AutoRun\Command  
 Supprimé ! HKCU\...\Explorer\MountPoints2​\{170cce9a-84ee-11dd-ac61-0016​d4b2d5d7}\Shell\AutoRun\Comman​d  
 Supprimé ! HKCU\...\Explorer\MountPoints2​\{1b68d8d7-4d5f-11de-a7d1-0016​d4b2d5d7}\Shell\AutoRun\Comman​d  
 Supprimé ! HKCU\...\Explorer\MountPoints2​\{1e2cae75-916f-11dd-88a5-0016​d4b2d5d7}\Shell\AutoRun\Comman​d  
 Supprimé ! HKCU\...\Explorer\MountPoints2​\{55e89ef3-9964-11de-83ac-0016​d4b2d5d7}\Shell\AutoRun\Comman​d  
 Supprimé ! HKCU\...\Explorer\MountPoints2​\{64c7e1b0-8308-11dd-979c-0016​d4b2d5d7}\Shell\AutoRun\Comman​d  
 Supprimé ! HKCU\...\Explorer\MountPoints2​\{79175a81-9a05-11de-8a34-0016​d4b2d5d7}\Shell\AutoRun\Comman​d  
 Supprimé ! HKCU\...\Explorer\MountPoints2​\{79175aaf-9a05-11de-8a34-0016​d4b2d5d7}\Shell\AutoRun\Comman​d  
 Supprimé ! HKCU\...\Explorer\MountPoints2​\{79175acc-9a05-11de-8a34-0016​d4b2d5d7}\Shell\AutoRun\Comman​d  
 Supprimé ! HKCU\...\Explorer\MountPoints2​\{7a8dee47-e825-11de-9362-0016​d4b2d5d7}\Shell\AutoRun\Comman​d  
 Supprimé ! HKCU\...\Explorer\MountPoints2​\{b5dd86f5-ad11-11de-84bb-0016​d4b2d5d7}\Shell\AutoRun\Comman​d  
 Supprimé ! HKCU\...\Explorer\MountPoints2​\{c32c8f94-a1ed-11dd-b6a0-0016​d4b2d5d7}\Shell\AutoRun\Comman​d  
 Supprimé ! HKCU\...\Explorer\MountPoints2​\{c532f9ec-848f-11dd-bdd8-0016​d4b2d5d7}\Shell\AutoRun\Comman​d  
 Supprimé ! HKCU\...\Explorer\MountPoints2​\{c532f9fd-848f-11dd-bdd8-0016​d4b2d5d7}\Shell\AutoRun\Comman​d  
 Supprimé ! HKCU\...\Explorer\MountPoints2​\{c532f9fe-848f-11dd-bdd8-0016​d4b2d5d7}\Shell\AutoRun\Comman​d  
 Supprimé ! HKCU\...\Explorer\MountPoints2​\{c532fa0a-848f-11dd-bdd8-0016​d4b2d5d7}\Shell\AutoRun\Comman​d  
 Supprimé ! HKCU\...\Explorer\MountPoints2​\{c532fa0c-848f-11dd-bdd8-0016​d4b2d5d7}\Shell\AutoRun\Comman​d  

 ################## | Listing des fichiers présent |

 [05/12/2006 01:39|--a------|74] C:\autoexec.bat
 [02/11/2006 11:53|-rahs----|438840] C:\bootmgr
 [05/12/2006 08:55|-ra-s----|8192] C:\BOOTSECT.BAK
 [18/09/2006 23:43|--a------|10] C:\config.sys
 [?|?|?] C:\hiberfil.sys
 [18/04/2007 21:56|--a------|91] C:\MDisc.log
 [18/04/2007 21:57|--a------|91] C:\MDR.log
 [?|?|?] C:\pagefile.sys
 [18/04/2007 21:57|--a------|380] C:\PowerDV.log
 [18/04/2007 14:27|--a------|383] C:\RHDSetup.log
 [10/09/2007 18:59|--a------|159] C:\Setup.log
 [05/12/2006 01:47|--a------|0] C:\Trace.log
 [05/05/2010 14:59|--a------|3522] C:\UsbFix.txt
 [10/05/2007 17:57|--a------|1665325] D:\agsetup.exe
 [10/05/2007 18:45|--a------|6953344] D:\alcohol-52_alcohol_52_free_​edition_1.9.6.4719_anglais_255​01.exe
 [10/05/2007 17:52|--a------|73728] D:\antiLeech.dll.new
 [02/05/2010 15:19|--a------|2729] D:\CdMkr70.ini
 [10/05/2007 14:40|--a------|24278048] D:\dotnetfx.exe
 [10/05/2007 14:40|--a------|10703680] D:\NDP1.1sp1-KB867460-X86.exe
 [10/05/2007 14:41|--a------|6868074] D:\Satsuki.Decoder.Pack.3.1.1.​4.exe
 [24/04/2010 15:13|--a------|129723] F:\RyanairBoardingPass.pdf
 [23/04/2010 22:02|--a------|18219] F:\DATA ANALYSIS PAGE.docx
 [23/04/2010 15:37|--a------|34816] F:\Magali_Fontaine_Letter_of_A​pplication[1].doc
 [04/04/2010 18:00|--a------|425374] K:\TIM.bmp
 [08/12/2009 14:38|---h-----|78848] K:\~WRL0004.tmp
 [04/04/2010 18:03|--a------|4228] K:\jéré.jpg
 [11/01/2010 22:56|--a------|65587] K:\PICT0045.JPG
 [14/05/2007 20:09|--a------|704520] K:\PICT0069.JPG
 [04/04/2009 19:31|--a------|48363] K:\PICT0124.JPG
 [27/07/2007 22:13|--a------|57280] K:\PICT0139.JPG
 [06/04/2009 22:58|--a------|55122] K:\PICT0145 - Copie.JPG
 [08/12/2009 14:14|---h-----|53760] K:\~WRL3983.tmp

 ################## | Vaccination |

 # C:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
 # D:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
 # F:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).
 # K:\autorun.inf -> Dossier créé par UsbFix (El Desaparecido).

 ################## | Upload |

 Veuillez envoyer le fichier : C:\UsbFix_Upload_Me_PC-de-jenn​y.zip : http://chiquitine.changelog.fr/Sample/Upload.php
 Merci pour votre contribution .  

 ################## | ! Fin du rapport # UsbFix V6.111 ! |

  1. Posté le 05/05/2010 à 18:23:15  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Très bien. Tout vos périphérique était brancher lors du scan ?

 Si oui, alors désactiver la restauration système et appliquer pour la nettoyer et la remettre en fonction.

cjenny658
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 05/05/2010 à 21:47:54  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Oui ils étaient tous branchés.
 Je n'ai pas bien compris ce que ça veut dire la restauration système???
 Désolée...

 Merci

 Il n'y a plus de virus?
 Dois je changer d'antivirus? (j'ai Avast)

  1. Posté le 06/05/2010 à 01:14:07  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
J'irais avec Antivir ou Microsoft Security essential.

 Pour la restauration système faire ceci pour la désactiver et ensuite la remettre:

 Pour Vista, Démarrer et faire un clique droit sur "Ordinateur" et Propriétés. Cliquez sur "Protection du système" et sous l'onglet "Protection du système", désélectionnez les partitions pour désactiver la restauration du système. Cliquez sur "Désactiver la restauration du système" et cliquez sur Appliquer.

cjenny658
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 07/05/2010 à 09:32:00  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonjour, j'ai téléchargé antivir et voici ce qui s'est aafiché:  

 Avira AntiVir Personal – Antivirus gratuit
 ******************************​************

 Copyright © 2000 - 2009 Avira GmbH.
 Tous droits réservés.


 Sommaire
 ********

 0 Informations importantes
 1 Configuration système minimale
 2 Conditions importantes requises pour l’installation
 3 Service de support
 4 Adresse de contact


 0 Informations importantes
 **************************

 Les  utilisateurs  qui  ont  jusque-là  installé une version  ANSI du
 paquet logiciel Avira AntiVir Personal sur un système  d'exploitation
 Microsoft   Windows 2000   ou   Microsoft Windows XP,  reçoivent  une
 notification  de  mise  à  jour  lors de la tentative de mise à jour.

 Procédez comme suit pour une mise à jour :

 1. Désinstallez  la  version  existante de l'Avira AntiVir  Personal.
 2. Téléchargez un paquet logiciel actuel de la zone de téléchargement

du site  Internet  Avira  AntiVir Personal http://www.free-av.com.
 3. Installez ce paquet logiciel sur votre ordinateur.


 1 Configuration système minimale
 ******************************​**

 Pour  garantir  le  bon  fonctionnement de l'Avira AntiVir  Personal,
 l'ordinateur  doit  disposer  de la configuration minimale suivante :

 - Processeur Pentium ou supérieur de 266 MHz minimum

 - Système d'exploitation
  - Windows 2000, SP4 et le cumul de mises à jour 1 ou
  - Microsoft XP, SP2 (32 ou 64 bits) ou
  - Windows Vista (32 ou 64 bits, SP1 recommandé)

 Des  différences  peuvent  apparaître  dans  la   représentation  des
 interfaces  de  programme  selon  le  système d’exploitation utilisé.
 
 - 100 Mo minimum d'espace mémoire disponible sur le disque dur (voire
 plus  en  cas  d'utilisation de la fonction de quarantaine et pour la
 mémoire temporaire)

 - 192 Mo minimum de mémoire vive sous Windows 2000/XP

 - 512 Mo minimum de mémoire vive sous Windows Vista

 - Pour l'installation : droits d'administrateur

 - Pour  toutes  les  installations : Windows Internet Explorer 6.0 ou
  ultérieur




 2 Conditions importantes requises pour l’installation
 ******************************​***********************

 Assurez-vous  que  les  conditions   suivantes   sont  remplies  pour
 permettre le bon fonctionnement de l'Avira AntiVir Personal sur votre
 ordinateur :

 - Configuration système minimale OK
 - Pas d’autres programmes de détection de virus  installés (On-Access
  Scanner, Guard)
 - Droits d'administrateur disponibles
 - Connexion Internet ou Intranet disponible
 - Tous les programmes en cours arrêtés sur l'ordinateur


 3 Service de support
 ********************

 Vous  obtiendrez  toutes  les  informations   nécessaires  concernant
 Notre   service   étendu   de   support   sur   notre  site  Internet
 http://www.free-av.com/fr/support/index. Nos experts répondent  à vos
 questions et vous apportent leur aide en cas de problèmes techniques.


 4 Adresse de contact
 ********************

 Nous  nous  tenons  à votre disposition si vous avez des questions et
 des  suggestions  concernant  l'univers  des  produits  Avira AntiVir
 Personal.  Vous trouverez nos adresses de contact sur Internet sous :

 http://www.avira.com/fr/classic-contact

  1. Posté le 07/05/2010 à 18:03:00  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Il semblerait que vous ayez une ancienne version ou un autre antivirus. Vérifier dans ajout/suppression pour la désinstaller avant de mettre celle-ci.

cjenny658
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 09/05/2010 à 13:03:27  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
bonjour, il semble que tout soit rentré en ordre maintenant  :)

 merci infiniment pour votre aide

 bonne continuation

 Jenny   :super:

cjenny658
Sur la bonne voie (de 100 à 499 messages postés)
  1. Posté le 10/05/2010 à 18:38:15  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Bonjour, apparemment je me suis réjouie trop vite.

 Antivir vient de me trouver le même virus qu'avant:  

 C:\Windows\System32\ActiveTool​Band.dll    
 Contient le cheval de Troie  TR/PatchLoad.299631.1

 Que dois-je faire?

 Merci d'avance.

 Jenny

  1. Posté le 11/05/2010 à 00:00:17  
  1. answer
  1. Prévenir les modérateurs en cas d'abus
 
Repasser malwarebytes' et supprimer tout ce qu'il trouve. S'il ne détecte pas votre infection:

 Supprimer le virus. Si vous ne le pouvez, essayer en mode sans échec.

 Page :
1  2
Dernière Page
Page Suivante
Page Précédente
Première Page

Aller à :
 

Sujets relatifs
Plus de sujets relatifs à : comment supprimer un virus?

Les 5 sujets de discussion précédents Nombre de réponses Dernier message
internet explorer et opera s'arretent sans arret. 0
virus Security center 7
faux positif McAfee sur SVCHOST.EXE (Windows XP3 PRO) 0
logiciel gratuit 1
win32/mariofev.a [RESOLU] 53