Hijacked - besoin d'aide!
- dan9x1
- Newbie
- Inscription: Nov 24, 2010
- Messages: 6
- Status: Offline
Novembre 24th, 2010, 9:44 pm
Besoin d'aide - se détourné! J'ai couru tous mes logiciels malveillants et les logiciels espions et n'arrive toujours pas à l'arrêter.
Logfile of Trend Micro HijackThis v2.0.2
Scan sauvé à 23:31:01, le 24/11/2010
Windows Vista SP2 (WinNT 6.00.1906): Plate-forme
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal
Les processus en cours:
C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ ccSvcHst.exe
C: \ Windows \ system32 \ taskeng.exe
C: \ Windows \ system32 \ DWM. exe
C: \ Windows \ Explorer.EXE
C: \ Windows \ RtHDVCpl.exe
C: \ Program Files \ Winamp \ winampa.exe
\ Program Files \ Logitech \ QuickCam \ Quickcam.exe: C
C: \ Program Files \ Common Files \ Service ArcSoft \ Connection \ Bin \ ACDaemon.exe
C: \ Windows \ System32 \ rundll32.exe
C: \ Program Files \ Common Files \ Java \ Java Update \ jusched.exe
\ Program Files \ Webroot \ WebrootSecurity \ SpySweeperUI.exe: C
\ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe: C
C: \ Windows \ ehome \ ehtray. exe
C: \ Windows \ System32 \ mobsync.exe
C: \ Windows \ system32 \ wbem \ Unsecapp.exe
C: \ Windows \ ehome \ ehmsas.exe
\ Program Files \ Common Files \ Logishrd \ LQCVFX \ COCIManager.exe: C
C: \ Program Files \ Common Files \ Java \ Java Update \ jucheck.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
\ Program Files \ Trend Micro \ HijackThis \ HijackThis: C. exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo,com/
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
O1 - Hosts::: 1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-9B51-4EFB-7695ECA05670} - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn \ yt.dll
O2 - BHO: Adobe Link Helper PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper. dll
O2 - BHO: Spybot-S & D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C: PROGRA \ ~ 1 \ SPYBOT ~ 1 \ SDHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ IPSBHO. DLL
O2 - BHO: (no name) - {-01A2-83A2F9B1 4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - {DBC80044-A445-435B-BC74-9C25C1C588A9} - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C: \ Windows \ system32 \ eDStoolbar.dll
Toolbar - O3: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn \ yt.dll
O3 - Toolbar: barre d'outils Norton - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ coIEPlg.dll
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide
O4 - HKLM \ .. \ Run: [RtHDVCpl] "RtHDVCpl.exe"
O4 - HKLM \ .. \ Run: [SMSERIAL] "C: \ Program Files \ Motorola \ SMSERIAL \ sm56hlpr. exe "
O4 - HKLM \ .. \ Run: [Acer Enregistrement du produit] "C: \ Program Files \ Acer enregistrement \ ACE1.exe" / démarrage
O4 - HKLM \ .. \ Run: [Acer Aider Launcher] "C: \ Program Files \ Acer Aider \ launcher.exe"
O4 - HKLM \ .. \ Run: [Acer Tour Reminder] "C: \ Acer \ AcerTour \ Reminder.exe"
O4 - HKLM \ .. \ Run: [WinampAgent] "C: \ Program Files \ Winamp \ winampa.exe"
O4 - HKLM \ .. \ Run: [LogitechQuickCamRibbon] "C: \ Program Files \ Logitech \ QuickCam \ Quickcam. exe "/ cacher
O4 - HKLM \ .. \ Run: [ArcSoft Connection Service] "C: \ Program Files \ Common Files \ ArcSoft \ Connection Service \ Bin \ ACDaemon.exe"
O4 - HKLM \ .. \ Run: [NvCplDaemon] "rundll32.exe" C: \ Windows \ system32 \ nvcpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [NvMediaCenter] "rundll32.exe" C: \ Windows \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Common Files \ Java \ Java Update \ jusched.exe"
O4 - HKLM \ .. \ Run: [SpySweeper] "C: \ Program Files \ Webroot \ WebrootSecurity \ SpySweeperUI.exe" / startintray
O4 - HKLM \ .. \ Run: [TeaTimer SpybotSD] "C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe"
O4 - HKLM \ .. \ Run: [updateMgr] "C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ AdobeUpdateManager.exe" AcRdB7_1_0
O4 - HKLM \ .. \ Run: [ehTray.exe] "C: \ Windows \ ehome \ ehTray.exe"
O4 - HKLM \ .. \ RunOnce: [mise à jour Shockwave] "C: \ Windows \ system32 \ Adobe \ Shockwave 11 \ SwHelper_1150596.exe"-Mise à jour -1150596 - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; NET CLR 2.0.. 50727; Media Center PC 5.0; NET CLR 1.1.4322; NET CLR 3.5.30729; NET CLR 3.0.30618; AskTB5.2) "-" http://www, syix, com / Elmer / Flash% 20Bowling... 2010.htm% "
O4 - HKUS \ S-1-5-19 \ .. \ Run: [% Sidebar] ProgramFiles% \ Windows Sidebar \ Sidebar. exe / detectMem (User Service local)
O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] oobefldr.dll rundll32.exe, ShowWelcomeCenter (User Service local)
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User SERVICE RÉSEAU)
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Rappel Acer Tour] C: \ Acer \ AcerTour \ Reminder.exe (utilisateur "SYSTEM")
O4 - HKUS \ DEFAULT \ .. \ Run: [Rappel Acer Tour] C: \ Acer \ AcerTour \ Rappel.. exe (utilisateur par défaut de l'utilisateur)
O8 - Extra context menu item: E & xporter vers Microsoft Excel - res://C : \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11D5-BC6D-00B0D0A1DE45} - C: \ Program Files \ AIM \ aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C: \ PROGRA ~ 1 \ SPYBOT ~ 1 \ SDHelper. dll
O9 - Extra "Outils" menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C: \ PROGRA ~ 1 \ SPYBOT ~ 1 \ SDHelper.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp. dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O13 - Gopher Prefix:
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8. 0,41 \ coIEPlg.dll
Service - O23: ArcSoft Daemon Connect (ACDaemon) - ArcSoft Inc - C: \ Program Files \ Common Files \ Service ArcSoft \ Connection \ Bin \ ACService.exe
O23 - Service: Service ePerformance (AcerMemUsageCheckService) - Unknown owner - C: \ Acer \ Empowering Technology \ ePerformance \ MemCheck.exe
O23 - Service: BrSplService (Brother XP spl Service) - frère Industries Ltd - C: \ Windows \ system32 \ brsvc01a. exe
O23 - Service: Service eDataSecurity - HiTRSUT - C: \ Acer \ Empowering Technology \ eDataSecurity \ eDSService.exe
O23 - Service: Service eRecovery (eRecoveryService) - Acer Inc - C: \ Acer \ Empowering Technology \ eRecovery \ eRecoveryService.exe
O23 - Service: Gestionnaire de tableau InstallDriver (IDriverT) - Macrovision Corporation - C: \ Program Files \ Fichiers communs \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT. exe
O23 - Service: Disc Labeling Service LightScribeService Direct (LightScribeService) - Hewlett-Packard Company - C: \ Program Files \ Fichiers communs \ LightScribe \ LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc - C: \ Program Files \ Common Files \ LogiShrd \ LVMVFM \ LVPrcSrv.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd - C: \ Windows \ system32 \ nlssrv32. exe
O23 - Service: Norton Internet Security - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C: \ Windows \ system32 \ nvvsvc.exe
O23 - Service: Retrospect Express HD Launcher (RetroExpLauncher) - EMC Dantz - C: \ Program Files \ Retrospect \ Retrospect Express HD 1.1 \ retrorun.exe
Service - O23: SBSD Service Centre de sécurité (SBSDWSCService) - Safer Networking Ltd - C: \ Program Files \ Spybot - Search & Destroy \ SDWinSec.exe
Valve Corporation - - Service à la clientèle à vapeur C:: - O23 Service \ Program Files \ Common Files \ Steam \ SteamService.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc ( http://ww.webroot,com ) - C: \ Program Files \ Webroot \ WebrootSecurity \ SpySweeper.exe
O23 - Service: Service à la clientèle Webroot (WRConsumerService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ WebrootSecurity \ WRConsumerService. exe
-
End of file - 8525 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan sauvé à 23:31:01, le 24/11/2010
Windows Vista SP2 (WinNT 6.00.1906): Plate-forme
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal
Les processus en cours:
C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ ccSvcHst.exe
C: \ Windows \ system32 \ taskeng.exe
C: \ Windows \ system32 \ DWM. exe
C: \ Windows \ Explorer.EXE
C: \ Windows \ RtHDVCpl.exe
C: \ Program Files \ Winamp \ winampa.exe
\ Program Files \ Logitech \ QuickCam \ Quickcam.exe: C
C: \ Program Files \ Common Files \ Service ArcSoft \ Connection \ Bin \ ACDaemon.exe
C: \ Windows \ System32 \ rundll32.exe
C: \ Program Files \ Common Files \ Java \ Java Update \ jusched.exe
\ Program Files \ Webroot \ WebrootSecurity \ SpySweeperUI.exe: C
\ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe: C
C: \ Windows \ ehome \ ehtray. exe
C: \ Windows \ System32 \ mobsync.exe
C: \ Windows \ system32 \ wbem \ Unsecapp.exe
C: \ Windows \ ehome \ ehmsas.exe
\ Program Files \ Common Files \ Logishrd \ LQCVFX \ COCIManager.exe: C
C: \ Program Files \ Common Files \ Java \ Java Update \ jucheck.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
\ Program Files \ Trend Micro \ HijackThis \ HijackThis: C. exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo,com/
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
O1 - Hosts::: 1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-9B51-4EFB-7695ECA05670} - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn \ yt.dll
O2 - BHO: Adobe Link Helper PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper. dll
O2 - BHO: Spybot-S & D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C: PROGRA \ ~ 1 \ SPYBOT ~ 1 \ SDHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ IPSBHO. DLL
O2 - BHO: (no name) - {-01A2-83A2F9B1 4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - {DBC80044-A445-435B-BC74-9C25C1C588A9} - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C: \ Windows \ system32 \ eDStoolbar.dll
Toolbar - O3: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn \ yt.dll
O3 - Toolbar: barre d'outils Norton - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ coIEPlg.dll
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide
O4 - HKLM \ .. \ Run: [RtHDVCpl] "RtHDVCpl.exe"
O4 - HKLM \ .. \ Run: [SMSERIAL] "C: \ Program Files \ Motorola \ SMSERIAL \ sm56hlpr. exe "
O4 - HKLM \ .. \ Run: [Acer Enregistrement du produit] "C: \ Program Files \ Acer enregistrement \ ACE1.exe" / démarrage
O4 - HKLM \ .. \ Run: [Acer Aider Launcher] "C: \ Program Files \ Acer Aider \ launcher.exe"
O4 - HKLM \ .. \ Run: [Acer Tour Reminder] "C: \ Acer \ AcerTour \ Reminder.exe"
O4 - HKLM \ .. \ Run: [WinampAgent] "C: \ Program Files \ Winamp \ winampa.exe"
O4 - HKLM \ .. \ Run: [LogitechQuickCamRibbon] "C: \ Program Files \ Logitech \ QuickCam \ Quickcam. exe "/ cacher
O4 - HKLM \ .. \ Run: [ArcSoft Connection Service] "C: \ Program Files \ Common Files \ ArcSoft \ Connection Service \ Bin \ ACDaemon.exe"
O4 - HKLM \ .. \ Run: [NvCplDaemon] "rundll32.exe" C: \ Windows \ system32 \ nvcpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [NvMediaCenter] "rundll32.exe" C: \ Windows \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Common Files \ Java \ Java Update \ jusched.exe"
O4 - HKLM \ .. \ Run: [SpySweeper] "C: \ Program Files \ Webroot \ WebrootSecurity \ SpySweeperUI.exe" / startintray
O4 - HKLM \ .. \ Run: [TeaTimer SpybotSD] "C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe"
O4 - HKLM \ .. \ Run: [updateMgr] "C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ AdobeUpdateManager.exe" AcRdB7_1_0
O4 - HKLM \ .. \ Run: [ehTray.exe] "C: \ Windows \ ehome \ ehTray.exe"
O4 - HKLM \ .. \ RunOnce: [mise à jour Shockwave] "C: \ Windows \ system32 \ Adobe \ Shockwave 11 \ SwHelper_1150596.exe"-Mise à jour -1150596 - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; NET CLR 2.0.. 50727; Media Center PC 5.0; NET CLR 1.1.4322; NET CLR 3.5.30729; NET CLR 3.0.30618; AskTB5.2) "-" http://www, syix, com / Elmer / Flash% 20Bowling... 2010.htm% "
O4 - HKUS \ S-1-5-19 \ .. \ Run: [% Sidebar] ProgramFiles% \ Windows Sidebar \ Sidebar. exe / detectMem (User Service local)
O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] oobefldr.dll rundll32.exe, ShowWelcomeCenter (User Service local)
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User SERVICE RÉSEAU)
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Rappel Acer Tour] C: \ Acer \ AcerTour \ Reminder.exe (utilisateur "SYSTEM")
O4 - HKUS \ DEFAULT \ .. \ Run: [Rappel Acer Tour] C: \ Acer \ AcerTour \ Rappel.. exe (utilisateur par défaut de l'utilisateur)
O8 - Extra context menu item: E & xporter vers Microsoft Excel - res://C : \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11D5-BC6D-00B0D0A1DE45} - C: \ Program Files \ AIM \ aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C: \ PROGRA ~ 1 \ SPYBOT ~ 1 \ SDHelper. dll
O9 - Extra "Outils" menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C: \ PROGRA ~ 1 \ SPYBOT ~ 1 \ SDHelper.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp. dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O13 - Gopher Prefix:
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8. 0,41 \ coIEPlg.dll
Service - O23: ArcSoft Daemon Connect (ACDaemon) - ArcSoft Inc - C: \ Program Files \ Common Files \ Service ArcSoft \ Connection \ Bin \ ACService.exe
O23 - Service: Service ePerformance (AcerMemUsageCheckService) - Unknown owner - C: \ Acer \ Empowering Technology \ ePerformance \ MemCheck.exe
O23 - Service: BrSplService (Brother XP spl Service) - frère Industries Ltd - C: \ Windows \ system32 \ brsvc01a. exe
O23 - Service: Service eDataSecurity - HiTRSUT - C: \ Acer \ Empowering Technology \ eDataSecurity \ eDSService.exe
O23 - Service: Service eRecovery (eRecoveryService) - Acer Inc - C: \ Acer \ Empowering Technology \ eRecovery \ eRecoveryService.exe
O23 - Service: Gestionnaire de tableau InstallDriver (IDriverT) - Macrovision Corporation - C: \ Program Files \ Fichiers communs \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT. exe
O23 - Service: Disc Labeling Service LightScribeService Direct (LightScribeService) - Hewlett-Packard Company - C: \ Program Files \ Fichiers communs \ LightScribe \ LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc - C: \ Program Files \ Common Files \ LogiShrd \ LVMVFM \ LVPrcSrv.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd - C: \ Windows \ system32 \ nlssrv32. exe
O23 - Service: Norton Internet Security - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C: \ Windows \ system32 \ nvvsvc.exe
O23 - Service: Retrospect Express HD Launcher (RetroExpLauncher) - EMC Dantz - C: \ Program Files \ Retrospect \ Retrospect Express HD 1.1 \ retrorun.exe
Service - O23: SBSD Service Centre de sécurité (SBSDWSCService) - Safer Networking Ltd - C: \ Program Files \ Spybot - Search & Destroy \ SDWinSec.exe
Valve Corporation - - Service à la clientèle à vapeur C:: - O23 Service \ Program Files \ Common Files \ Steam \ SteamService.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc ( http://ww.webroot,com ) - C: \ Program Files \ Webroot \ WebrootSecurity \ SpySweeper.exe
O23 - Service: Service à la clientèle Webroot (WRConsumerService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ WebrootSecurity \ WRConsumerService. exe
-
End of file - 8525 bytes
- Anonymous
- Bot
- Inscription: 25 Feb 2008
- Messages: ?
- Loc: Ozzuland
- Status: Online
Novembre 24th, 2010, 9:44 pm
- Don2007
- Web Master
- Inscription: Nov 21, 2006
- Messages: 4924
- Loc: NY
- Status: Offline
Novembre 25th, 2010, 8:44 am
O2 - BHO: (no name) - {-01A2-83A2F9B1 4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp. dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp. dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.dll
O10 - fichier inconnu dans Winsock LSP: c: \ windows \ system32 \ wpclsp.
How do you know when a politician is lying? His mouth is moving.
- dan9x1
- Newbie
- Inscription: Nov 24, 2010
- Messages: 6
- Status: Offline
Novembre 25th, 2010, 3:07 pm
D'accord, supprimé ces. courut adaware en mode sans échec, désormais obtenir spy sweeper fenêtres pop-up me disant qu'il a bloqué l'accès à divers sites Web qui ressemblent à des difficultés (curedc dot info, etc)
Logfile of Trend Micro HijackThis v2.0.4
Scan sauvé à 17:02:41, le 25/11/2010
Windows Vista SP2 (WinNT 6.00.1906): Plate-forme
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal
Les processus en cours:
C: \ Windows \ system32 \ dwm.exe
C: \ Windows \ system32 \ taskeng. exe
C: \ Windows \ Explorer.EXE
C: \ Windows \ RtHDVCpl.exe
C: \ Program Files \ Winamp \ winampa.exe
\ Program Files \ Logitech \ QuickCam \ Quickcam.exe: C
C: \ Program Files \ Common Files \ Service ArcSoft \ Connection \ Bin \ ACDaemon.exe
C: \ Windows \ System32 \ rundll32.exe
C: \ Program Files \ Common Files \ Java \ Java Update \ jusched.exe
\ Program Files \ Webroot \ WebrootSecurity \ SpySweeperUI.exe: C
\ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe: C
C: \ Windows \ ehome \ ehtray. exe
C: \ Windows \ ehome \ ehmsas.exe
C: \ Windows \ System32 \ mobsync.exe
\ Program Files \ Common Files \ Logishrd \ LQCVFX \ COCIManager.exe: C
C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ ccSvcHst.exe
C: \ Windows \ system32 \ wbem \ Unsecapp.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Lavasoft \ Ad-Aware \ AAWTray.exe
C: \ Users \ Matt \ HJT \ HijackThis. exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo,com/
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
O1 - Hosts::: 1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-9B51-4EFB-7695ECA05670} - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn \ yt.dll
O2 - BHO: Adobe Link Helper PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper. dll
O2 - BHO: Spybot-S & D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C: PROGRA \ ~ 1 \ SPYBOT ~ 1 \ SDHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ IPSBHO. DLL
O2 - BHO: (no name) - {-01A2-83A2F9B1 4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - {DBC80044-A445-435B-BC74-9C25C1C588A9} - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C: \ Windows \ system32 \ eDStoolbar.dll
Toolbar - O3: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn \ yt.dll
O3 - Toolbar: barre d'outils Norton - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ coIEPlg.dll
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide
O4 - HKLM \ .. \ Run: [RtHDVCpl] "RtHDVCpl.exe"
O4 - HKLM \ .. \ Run: [SMSERIAL] "C: \ Program Files \ Motorola \ SMSERIAL \ sm56hlpr. exe "
O4 - HKLM \ .. \ Run: [Acer Enregistrement du produit] "C: \ Program Files \ Acer enregistrement \ ACE1.exe" / démarrage
O4 - HKLM \ .. \ Run: [Acer Aider Launcher] "C: \ Program Files \ Acer Aider \ launcher.exe"
O4 - HKLM \ .. \ Run: [Acer Tour Reminder] "C: \ Acer \ AcerTour \ Reminder.exe"
O4 - HKLM \ .. \ Run: [WinampAgent] "C: \ Program Files \ Winamp \ winampa.exe"
O4 - HKLM \ .. \ Run: [LogitechQuickCamRibbon] "C: \ Program Files \ Logitech \ QuickCam \ Quickcam. exe "/ cacher
O4 - HKLM \ .. \ Run: [ArcSoft Connection Service] "C: \ Program Files \ Common Files \ ArcSoft \ Connection Service \ Bin \ ACDaemon.exe"
O4 - HKLM \ .. \ Run: [NvCplDaemon] "rundll32.exe" C: \ Windows \ system32 \ nvcpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [NvMediaCenter] "rundll32.exe" C: \ Windows \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Common Files \ Java \ Java Update \ jusched.exe"
O4 - HKLM \ .. \ Run: [SpySweeper] "C: \ Program Files \ Webroot \ WebrootSecurity \ SpySweeperUI.exe" / startintray
O4 - HKLM \ .. \ Run: [TeaTimer SpybotSD] "C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe"
O4 - HKLM \ .. \ Run: [updateMgr] "C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ AdobeUpdateManager.exe" AcRdB7_1_0
O4 - HKLM \ .. \ Run: [ehTray.exe] "C: \ Windows \ ehome \ ehTray.exe"
O4 - HKLM \ .. \ RunOnce: [mise à jour Shockwave] "C: \ Windows \ system32 \ Adobe \ Shockwave 11 \ SwHelper_1150596.exe"-Mise à jour -1150596 - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; NET CLR 2.0.. 50727; Media Center PC 5.0; NET CLR 1.1.4322; NET CLR 3.5.30729; NET CLR 3.0.30618;... AskTB5.2) "-" http://www.syix, com / Elmer / Flash% 20Bowling 2010.htm% "
O4 - HKUS \ S-1-5-19 \ .. \ Run: [% Sidebar] ProgramFiles% \ Windows Sidebar \ Sidebar. exe / detectMem (User Service local)
O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] oobefldr.dll rundll32.exe, ShowWelcomeCenter (User Service local)
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User SERVICE RÉSEAU)
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Rappel Acer Tour] C: \ Acer \ AcerTour \ Reminder.exe (utilisateur "SYSTEM")
O4 - HKUS \ DEFAULT \ .. \ Run: [Rappel Acer Tour] C: \ Acer \ AcerTour \ Rappel.. exe (utilisateur par défaut de l'utilisateur)
O8 - Extra context menu item: E & xporter vers Microsoft Excel - res://C : \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11D5-BC6D-00B0D0A1DE45} - C: \ Program Files \ AIM \ aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C: \ PROGRA ~ 1 \ SPYBOT ~ 1 \ SDHelper. dll
O9 - Extra "Outils" menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C: \ PROGRA ~ 1 \ SPYBOT ~ 1 \ SDHelper.dll
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ coIEPlg.dll
O22 - SharedTaskScheduler: Démon de cache de composants Catégories - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C: \ Windows \ system32 \ browseui. dll
Service - O23: ArcSoft Daemon Connect (ACDaemon) - ArcSoft Inc - C: \ Program Files \ Common Files \ Service ArcSoft \ Connection \ Bin \ ACService.exe
O23 - Service: Service ePerformance (AcerMemUsageCheckService) - Unknown owner - C: \ Acer \ Empowering Technology \ ePerformance \ MemCheck.exe
O23 - Service: BrSplService (Brother XP spl Service) - frère Industries Ltd - C: \ Windows \ system32 \ brsvc01a. exe
O23 - Service: Service eDataSecurity - HiTRSUT - C: \ Acer \ Empowering Technology \ eDataSecurity \ eDSService.exe
O23 - Service: Service eRecovery (eRecoveryService) - Acer Inc - C: \ Acer \ Empowering Technology \ eRecovery \ eRecoveryService.exe
O23 - Service: Gestionnaire de tableau InstallDriver (IDriverT) - Macrovision Corporation - C: \ Program Files \ Fichiers communs \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT. exe
O23 - Service: Service Lavasoft Ad-Aware - Lavasoft - C: \ Program Files \ Lavasoft \ Ad-Aware \ AAWService.exe
O23 - Service: Disc Labeling Service LightScribeService Direct (LightScribeService) - Hewlett-Packard Company - C: \ Program Files \ Fichiers communs \ LightScribe \ LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc - C: \ Program Files \ Common Files \ LogiShrd \ LVMVFM \ LVPrcSrv.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd - C: \ Windows \ system32 \ nlssrv32.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C: \ Windows \ system32 \ nvvsvc.exe
O23 - Service: Retrospect Express HD Launcher (RetroExpLauncher) - EMC Dantz - C: \ Program Files \ Retrospect \ Retrospect Express HD 1.1 \ retrorun. exe
Service - O23: SBSD Service Centre de sécurité (SBSDWSCService) - Safer Networking Ltd - C: \ Program Files \ Spybot - Search & Destroy \ SDWinSec.exe
Valve Corporation - - Service à la clientèle à vapeur C:: - O23 Service \ Program Files \ Common Files \ Steam \ SteamService.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc ( http://www.webroot,com ) - C: \ Program Files \ Webroot \ WebrootSecurity \ SpySweeper. exe
O23 - Service: Service à la clientèle Webroot (WRConsumerService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ WebrootSecurity \ WRConsumerService.exe
-
End of file - 8108 bytes
Logfile of Trend Micro HijackThis v2.0.4
Scan sauvé à 17:02:41, le 25/11/2010
Windows Vista SP2 (WinNT 6.00.1906): Plate-forme
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal
Les processus en cours:
C: \ Windows \ system32 \ dwm.exe
C: \ Windows \ system32 \ taskeng. exe
C: \ Windows \ Explorer.EXE
C: \ Windows \ RtHDVCpl.exe
C: \ Program Files \ Winamp \ winampa.exe
\ Program Files \ Logitech \ QuickCam \ Quickcam.exe: C
C: \ Program Files \ Common Files \ Service ArcSoft \ Connection \ Bin \ ACDaemon.exe
C: \ Windows \ System32 \ rundll32.exe
C: \ Program Files \ Common Files \ Java \ Java Update \ jusched.exe
\ Program Files \ Webroot \ WebrootSecurity \ SpySweeperUI.exe: C
\ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe: C
C: \ Windows \ ehome \ ehtray. exe
C: \ Windows \ ehome \ ehmsas.exe
C: \ Windows \ System32 \ mobsync.exe
\ Program Files \ Common Files \ Logishrd \ LQCVFX \ COCIManager.exe: C
C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ ccSvcHst.exe
C: \ Windows \ system32 \ wbem \ Unsecapp.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Lavasoft \ Ad-Aware \ AAWTray.exe
C: \ Users \ Matt \ HJT \ HijackThis. exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo,com/
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
O1 - Hosts::: 1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-9B51-4EFB-7695ECA05670} - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn \ yt.dll
O2 - BHO: Adobe Link Helper PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper. dll
O2 - BHO: Spybot-S & D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C: PROGRA \ ~ 1 \ SPYBOT ~ 1 \ SDHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ IPSBHO. DLL
O2 - BHO: (no name) - {-01A2-83A2F9B1 4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - {DBC80044-A445-435B-BC74-9C25C1C588A9} - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C: \ Windows \ system32 \ eDStoolbar.dll
Toolbar - O3: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn \ yt.dll
O3 - Toolbar: barre d'outils Norton - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ coIEPlg.dll
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide
O4 - HKLM \ .. \ Run: [RtHDVCpl] "RtHDVCpl.exe"
O4 - HKLM \ .. \ Run: [SMSERIAL] "C: \ Program Files \ Motorola \ SMSERIAL \ sm56hlpr. exe "
O4 - HKLM \ .. \ Run: [Acer Enregistrement du produit] "C: \ Program Files \ Acer enregistrement \ ACE1.exe" / démarrage
O4 - HKLM \ .. \ Run: [Acer Aider Launcher] "C: \ Program Files \ Acer Aider \ launcher.exe"
O4 - HKLM \ .. \ Run: [Acer Tour Reminder] "C: \ Acer \ AcerTour \ Reminder.exe"
O4 - HKLM \ .. \ Run: [WinampAgent] "C: \ Program Files \ Winamp \ winampa.exe"
O4 - HKLM \ .. \ Run: [LogitechQuickCamRibbon] "C: \ Program Files \ Logitech \ QuickCam \ Quickcam. exe "/ cacher
O4 - HKLM \ .. \ Run: [ArcSoft Connection Service] "C: \ Program Files \ Common Files \ ArcSoft \ Connection Service \ Bin \ ACDaemon.exe"
O4 - HKLM \ .. \ Run: [NvCplDaemon] "rundll32.exe" C: \ Windows \ system32 \ nvcpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [NvMediaCenter] "rundll32.exe" C: \ Windows \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Common Files \ Java \ Java Update \ jusched.exe"
O4 - HKLM \ .. \ Run: [SpySweeper] "C: \ Program Files \ Webroot \ WebrootSecurity \ SpySweeperUI.exe" / startintray
O4 - HKLM \ .. \ Run: [TeaTimer SpybotSD] "C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe"
O4 - HKLM \ .. \ Run: [updateMgr] "C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ AdobeUpdateManager.exe" AcRdB7_1_0
O4 - HKLM \ .. \ Run: [ehTray.exe] "C: \ Windows \ ehome \ ehTray.exe"
O4 - HKLM \ .. \ RunOnce: [mise à jour Shockwave] "C: \ Windows \ system32 \ Adobe \ Shockwave 11 \ SwHelper_1150596.exe"-Mise à jour -1150596 - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; NET CLR 2.0.. 50727; Media Center PC 5.0; NET CLR 1.1.4322; NET CLR 3.5.30729; NET CLR 3.0.30618;... AskTB5.2) "-" http://www.syix, com / Elmer / Flash% 20Bowling 2010.htm% "
O4 - HKUS \ S-1-5-19 \ .. \ Run: [% Sidebar] ProgramFiles% \ Windows Sidebar \ Sidebar. exe / detectMem (User Service local)
O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] oobefldr.dll rundll32.exe, ShowWelcomeCenter (User Service local)
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User SERVICE RÉSEAU)
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Rappel Acer Tour] C: \ Acer \ AcerTour \ Reminder.exe (utilisateur "SYSTEM")
O4 - HKUS \ DEFAULT \ .. \ Run: [Rappel Acer Tour] C: \ Acer \ AcerTour \ Rappel.. exe (utilisateur par défaut de l'utilisateur)
O8 - Extra context menu item: E & xporter vers Microsoft Excel - res://C : \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11D5-BC6D-00B0D0A1DE45} - C: \ Program Files \ AIM \ aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C: \ PROGRA ~ 1 \ SPYBOT ~ 1 \ SDHelper. dll
O9 - Extra "Outils" menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C: \ PROGRA ~ 1 \ SPYBOT ~ 1 \ SDHelper.dll
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ coIEPlg.dll
O22 - SharedTaskScheduler: Démon de cache de composants Catégories - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C: \ Windows \ system32 \ browseui. dll
Service - O23: ArcSoft Daemon Connect (ACDaemon) - ArcSoft Inc - C: \ Program Files \ Common Files \ Service ArcSoft \ Connection \ Bin \ ACService.exe
O23 - Service: Service ePerformance (AcerMemUsageCheckService) - Unknown owner - C: \ Acer \ Empowering Technology \ ePerformance \ MemCheck.exe
O23 - Service: BrSplService (Brother XP spl Service) - frère Industries Ltd - C: \ Windows \ system32 \ brsvc01a. exe
O23 - Service: Service eDataSecurity - HiTRSUT - C: \ Acer \ Empowering Technology \ eDataSecurity \ eDSService.exe
O23 - Service: Service eRecovery (eRecoveryService) - Acer Inc - C: \ Acer \ Empowering Technology \ eRecovery \ eRecoveryService.exe
O23 - Service: Gestionnaire de tableau InstallDriver (IDriverT) - Macrovision Corporation - C: \ Program Files \ Fichiers communs \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT. exe
O23 - Service: Service Lavasoft Ad-Aware - Lavasoft - C: \ Program Files \ Lavasoft \ Ad-Aware \ AAWService.exe
O23 - Service: Disc Labeling Service LightScribeService Direct (LightScribeService) - Hewlett-Packard Company - C: \ Program Files \ Fichiers communs \ LightScribe \ LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc - C: \ Program Files \ Common Files \ LogiShrd \ LVMVFM \ LVPrcSrv.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd - C: \ Windows \ system32 \ nlssrv32.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C: \ Windows \ system32 \ nvvsvc.exe
O23 - Service: Retrospect Express HD Launcher (RetroExpLauncher) - EMC Dantz - C: \ Program Files \ Retrospect \ Retrospect Express HD 1.1 \ retrorun. exe
Service - O23: SBSD Service Centre de sécurité (SBSDWSCService) - Safer Networking Ltd - C: \ Program Files \ Spybot - Search & Destroy \ SDWinSec.exe
Valve Corporation - - Service à la clientèle à vapeur C:: - O23 Service \ Program Files \ Common Files \ Steam \ SteamService.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc ( http://www.webroot,com ) - C: \ Program Files \ Webroot \ WebrootSecurity \ SpySweeper. exe
O23 - Service: Service à la clientèle Webroot (WRConsumerService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ WebrootSecurity \ WRConsumerService.exe
-
End of file - 8108 bytes
- Don2007
- Web Master
- Inscription: Nov 21, 2006
- Messages: 4924
- Loc: NY
- Status: Offline
Novembre 25th, 2010, 6:43 pm
O2 - BHO: (no name) - {-01A2-83A2F9B1 4AA5-87D1-45B6B8505E96} - (no file)
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
__________________________
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C: \ Windows \ system32 \ eDStoolbar.dll
Pourquoi est-il une barre d'outils dans le répertoire system32? Désinstallez tous les barres d'outils? Désinstaller Norton pendant que vous y êtes.
__________________________
O4 - HKLM \ .. \ RunOnce: [mise à jour Shockwave] "C: \ Windows \ system32 \ Adobe \ Shockwave 11 \ SwHelper_1150596.exe"-Mise à jour -1150596 - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; NET CLR 2.0.. 50727; Media Center PC 5.0; NET CLR 1.1.4322; NET CLR 3.5.30729; NET CLR 3.0.30618;... AskTB5.2) "-" http://www.syix, com / Elmer / Flash% 20Bowling 2010.htm% "
Vous n'avez pas besoin de ça ^ ^ non plus!
O2 - BHO: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
__________________________
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C: \ Windows \ system32 \ eDStoolbar.dll
Pourquoi est-il une barre d'outils dans le répertoire system32? Désinstallez tous les barres d'outils? Désinstaller Norton pendant que vous y êtes.
__________________________
O4 - HKLM \ .. \ RunOnce: [mise à jour Shockwave] "C: \ Windows \ system32 \ Adobe \ Shockwave 11 \ SwHelper_1150596.exe"-Mise à jour -1150596 - "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; NET CLR 2.0.. 50727; Media Center PC 5.0; NET CLR 1.1.4322; NET CLR 3.5.30729; NET CLR 3.0.30618;... AskTB5.2) "-" http://www.syix, com / Elmer / Flash% 20Bowling 2010.htm% "
Vous n'avez pas besoin de ça ^ ^ non plus!
How do you know when a politician is lying? His mouth is moving.
- dan9x1
- Newbie
- Inscription: Nov 24, 2010
- Messages: 6
- Status: Offline
Novembre 25th, 2010, 9:07 pm
Que recommandez-vous à la place de Norton anti-virus et pare-feu?
- Don2007
- Web Master
- Inscription: Nov 21, 2006
- Messages: 4924
- Loc: NY
- Status: Offline
Novembre 26th, 2010, 8:27 am
Heres ce que je fais. J'ai anti malware de malwarebytes.org
Il ya une version gratuite. Il doit être mis à jour avant son exécution. Une fois par semaine suffit.
J'ai également verrouiller ma base de registre avec regwatcher.
http://www.jacobsm.com/mjsoft.htm#rgwtchr
Cela s'arrête une installation d'aucune sorte, sauf si vous mettez sur accepter.
La plupart des virus sont livrés avec des pièces jointes. Le seul moment où vous devez ouvrir une pièce jointe est de savoir si vous l'avez demandé. Si vous connaissez quelqu'un vous a envoyé quelque chose, en contact avec eux avant de l'ouvrir, pour être sûr.
D'autres logiciels malveillants vient à travers les pages Web malveillantes. Si vous visitez un grand nombre de sites pornographiques ou des sites qui offrent gratuitement des fissures, c'est quand vous êtes vulnérable.
Il ya une version gratuite. Il doit être mis à jour avant son exécution. Une fois par semaine suffit.
J'ai également verrouiller ma base de registre avec regwatcher.
http://www.jacobsm.com/mjsoft.htm#rgwtchr
Cela s'arrête une installation d'aucune sorte, sauf si vous mettez sur accepter.
La plupart des virus sont livrés avec des pièces jointes. Le seul moment où vous devez ouvrir une pièce jointe est de savoir si vous l'avez demandé. Si vous connaissez quelqu'un vous a envoyé quelque chose, en contact avec eux avant de l'ouvrir, pour être sûr.
D'autres logiciels malveillants vient à travers les pages Web malveillantes. Si vous visitez un grand nombre de sites pornographiques ou des sites qui offrent gratuitement des fissures, c'est quand vous êtes vulnérable.
How do you know when a politician is lying? His mouth is moving.
- dan9x1
- Newbie
- Inscription: Nov 24, 2010
- Messages: 6
- Status: Offline
Novembre 30th, 2010, 6:31 pm
Vous cherchez une bonne heure actuelle, aucune alerte spyware plus. Merci pour les aider!
Logfile of Trend Micro HijackThis v2.0.4
Scan sauvé à 20:30:22, le 30/11/2010
Windows Vista SP2 (WinNT 6.00.1906): Plate-forme
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal
Les processus en cours:
C: \ Windows \ system32 \ taskeng.exe
C: \ Windows \ system32 \ dwm.exe
C: \ Windows \ Explorer.EXE
C: \ Windows \ RtHDVCpl.exe
C: \ Program Files \ Winamp \ winampa. exe
\ Program Files \ Logitech \ QuickCam \ Quickcam.exe: C
C: \ Program Files \ Common Files \ Service ArcSoft \ Connection \ Bin \ ACDaemon.exe
C: \ Windows \ System32 \ rundll32.exe
C: \ Program Files \ Common Files \ Java \ Java Update \ jusched.exe
\ Program Files \ Webroot \ WebrootSecurity \ SpySweeperUI.exe: C
\ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe: C
C: \ Windows \ ehome \ ehtray.exe
C: \ Windows \ ehome \ ehmsas.exe
C: \ Windows \ System32 \ MobSync. exe
\ Program Files \ Common Files \ Logishrd \ LQCVFX \ COCIManager.exe: C
C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ ccSvcHst.exe
C: \ Windows \ system32 \ wbem \ Unsecapp.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Lavasoft \ Ad-Aware \ AAWTray.exe
C: \ Users \ Matt \ HJT \ HijackThis. exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo,com/
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-9B51-4EFB-7695ECA05670} - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn \ yt.dll
O2 - BHO: Adobe Link Helper PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper. dll
O2 - BHO: Spybot-S & D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C: PROGRA \ ~ 1 \ SPYBOT ~ 1 \ SDHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ IPSBHO. DLL
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - {DBC80044-A445-435B-BC74-9C25C1C588A9} - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O3 - Toolbar: barre d'outils Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn \ yt.dll
O3 - Toolbar: barre d'outils Norton - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ coIEPlg.dll
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui. exe "-hide
O4 - HKLM \ .. \ Run: [RtHDVCpl] "RtHDVCpl.exe"
O4 - HKLM \ .. \ Run: [SMSERIAL] "C: \ Program Files \ Motorola \ SMSERIAL \ sm56hlpr.exe"
O4 - HKLM \ .. \ Run: [Acer Enregistrement du produit] "C: \ Program Files \ Acer enregistrement \ ACE1.exe" / démarrage
O4 - HKLM \ .. \ Run: [Acer Aider Launcher] "C: \ Program Files \ Acer Aider \ launcher.exe"
O4 - HKLM \ .. \ Run: [Acer Tour Reminder] "C: \ Acer \ AcerTour \ Reminder.exe"
O4 - HKLM \ .. \ Run: [WinampAgent] "C: \ Program Files \ Winamp \ winampa.exe"
O4 - HKLM \ .. \ Run: [LogitechQuickCamRibbon] "C: \ Program Files \ Logitech \ QuickCam \ Quickcam.exe" / cacher
O4 - HKLM \ .. \ Run: [ArcSoft Connection Service] "C: \ Program Files \ Common Files \ ArcSoft \ Connection Service \ Bin \ ACDaemon.exe"
O4 - HKLM \ .. \ Run: [NvCplDaemon] "rundll32.exe" C: \ Windows \ system32 \ nvcpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [NvMediaCenter] "rundll32. EXE "C: \ Windows \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Common Files \ Java \ Java Update \ jusched.exe"
O4 - HKLM \ .. \ Run: [SpySweeper] "C: \ Program Files \ Webroot \ WebrootSecurity \ SpySweeperUI.exe" / startintray
O4 - HKLM \ .. \ Run: [TeaTimer SpybotSD] "C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe"
O4 - HKLM \ .. \ Run: [updateMgr] "C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ AdobeUpdateManager. exe "AcRdB7_1_0
O4 - HKLM \ .. \ Run: [ehTray.exe] "C: \ Windows \ ehome \ ehTray.exe"
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User Service local)
O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] oobefldr.dll rundll32.exe, ShowWelcomeCenter (User Service local)
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User SERVICE RÉSEAU)
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Rappel Acer Tour] C: \ Acer \ AcerTour \ Reminder.exe (utilisateur "SYSTEM")
O4 - HKUS \ DEFAULT \ .. \ Run: [Acer Tour Reminder] C: \ Acer \ AcerTour \ Reminder.exe (utilisateur par défaut de l'utilisateur).
O8 - Extra context menu item: E & xporter vers Microsoft Excel - res://C : \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ REFIEBAR. DLL
O9 - Extra button: AIM - {AC9E2541-2814-11D5-BC6D-00B0D0A1DE45} - C: \ Program Files \ AIM \ aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C: \ PROGRA ~ 1 \ SPYBOT ~ 1 \ SDHelper.dll
O9 - Extra "Outils" menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C: \ PROGRA ~ 1 \ SPYBOT ~ 1 \ SDHelper.dll
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ coIEPlg. dll
O22 - SharedTaskScheduler: Démon de cache de composants Catégories - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C: \ Windows \ system32 \ browseui.dll
Service - O23: ArcSoft Daemon Connect (ACDaemon) - ArcSoft Inc - C: \ Program Files \ Common Files \ Service ArcSoft \ Connection \ Bin \ ACService.exe
O23 - Service: Service ePerformance (AcerMemUsageCheckService) - Unknown owner - C: \ Acer \ Empowering Technology \ ePerformance \ Memcheck. exe
O23 - Service: BrSplService (Brother XP spl Service) - frère Industries Ltd - C: \ Windows \ system32 \ brsvc01a.exe
O23 - Service: Service eDataSecurity - HiTRSUT - C: \ Acer \ Empowering Technology \ eDataSecurity \ eDSService.exe
O23 - Service: Service eRecovery (eRecoveryService) - Acer Inc - C: \ Acer \ Empowering Technology \ eRecovery \ eRecoveryService. exe
O23 - Service: Gestionnaire de tableau InstallDriver (IDriverT) - Macrovision Corporation - C: \ Program Files \ Fichiers communs \ InstallShield \ Driver \ 32 11 \ Intel \ IDriverT.exe
O23 - Service: Service Lavasoft Ad-Aware - Lavasoft - C: \ Program Files \ Lavasoft \ Ad-Aware \ AAWService.exe
O23 - Service: Disc Labeling Service LightScribeService Direct (LightScribeService) - Hewlett-Packard Company - C: \ Program Files \ Fichiers communs \ LightScribe \ LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc - C: \ Program Files \ Common Files \ LogiShrd \ LVMVFM \ LVPrcSrv.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd - C: \ Windows \ system32 \ nlssrv32.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C: \ Windows \ system32 \ nvvsvc. exe
O23 - Service: Retrospect Express HD Launcher (RetroExpLauncher) - EMC Dantz - C: \ Program Files \ Retrospect \ Retrospect Express HD 1.1 \ retrorun.exe
Service - O23: SBSD Service Centre de sécurité (SBSDWSCService) - Safer Networking Ltd - C: \ Program Files \ Spybot - Search & Destroy \ SDWinSec.exe
Valve Corporation - - Service à la clientèle à vapeur C:: - O23 Service \ Program Files \ Common Files \ Steam \ SteamService. exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc ( http://www.webroot,com ) - C: \ Program Files \ Webroot \ WebrootSecurity \ SpySweeper.exe
O23 - Service: Service à la clientèle Webroot (WRConsumerService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ WebrootSecurity \ WRConsumerService.exe
-
End of file - 7463 bytes
Logfile of Trend Micro HijackThis v2.0.4
Scan sauvé à 20:30:22, le 30/11/2010
Windows Vista SP2 (WinNT 6.00.1906): Plate-forme
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal
Les processus en cours:
C: \ Windows \ system32 \ taskeng.exe
C: \ Windows \ system32 \ dwm.exe
C: \ Windows \ Explorer.EXE
C: \ Windows \ RtHDVCpl.exe
C: \ Program Files \ Winamp \ winampa. exe
\ Program Files \ Logitech \ QuickCam \ Quickcam.exe: C
C: \ Program Files \ Common Files \ Service ArcSoft \ Connection \ Bin \ ACDaemon.exe
C: \ Windows \ System32 \ rundll32.exe
C: \ Program Files \ Common Files \ Java \ Java Update \ jusched.exe
\ Program Files \ Webroot \ WebrootSecurity \ SpySweeperUI.exe: C
\ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe: C
C: \ Windows \ ehome \ ehtray.exe
C: \ Windows \ ehome \ ehmsas.exe
C: \ Windows \ System32 \ MobSync. exe
\ Program Files \ Common Files \ Logishrd \ LQCVFX \ COCIManager.exe: C
C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ ccSvcHst.exe
C: \ Windows \ system32 \ wbem \ Unsecapp.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Lavasoft \ Ad-Aware \ AAWTray.exe
C: \ Users \ Matt \ HJT \ HijackThis. exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo,com/
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-9B51-4EFB-7695ECA05670} - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn \ yt.dll
O2 - BHO: Adobe Link Helper PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper. dll
O2 - BHO: Spybot-S & D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C: PROGRA \ ~ 1 \ SPYBOT ~ 1 \ SDHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ IPSBHO. DLL
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - {DBC80044-A445-435B-BC74-9C25C1C588A9} - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O3 - Toolbar: barre d'outils Yahoo! - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn \ yt.dll
O3 - Toolbar: barre d'outils Norton - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ coIEPlg.dll
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui. exe "-hide
O4 - HKLM \ .. \ Run: [RtHDVCpl] "RtHDVCpl.exe"
O4 - HKLM \ .. \ Run: [SMSERIAL] "C: \ Program Files \ Motorola \ SMSERIAL \ sm56hlpr.exe"
O4 - HKLM \ .. \ Run: [Acer Enregistrement du produit] "C: \ Program Files \ Acer enregistrement \ ACE1.exe" / démarrage
O4 - HKLM \ .. \ Run: [Acer Aider Launcher] "C: \ Program Files \ Acer Aider \ launcher.exe"
O4 - HKLM \ .. \ Run: [Acer Tour Reminder] "C: \ Acer \ AcerTour \ Reminder.exe"
O4 - HKLM \ .. \ Run: [WinampAgent] "C: \ Program Files \ Winamp \ winampa.exe"
O4 - HKLM \ .. \ Run: [LogitechQuickCamRibbon] "C: \ Program Files \ Logitech \ QuickCam \ Quickcam.exe" / cacher
O4 - HKLM \ .. \ Run: [ArcSoft Connection Service] "C: \ Program Files \ Common Files \ ArcSoft \ Connection Service \ Bin \ ACDaemon.exe"
O4 - HKLM \ .. \ Run: [NvCplDaemon] "rundll32.exe" C: \ Windows \ system32 \ nvcpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [NvMediaCenter] "rundll32. EXE "C: \ Windows \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Common Files \ Java \ Java Update \ jusched.exe"
O4 - HKLM \ .. \ Run: [SpySweeper] "C: \ Program Files \ Webroot \ WebrootSecurity \ SpySweeperUI.exe" / startintray
O4 - HKLM \ .. \ Run: [TeaTimer SpybotSD] "C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe"
O4 - HKLM \ .. \ Run: [updateMgr] "C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ AdobeUpdateManager. exe "AcRdB7_1_0
O4 - HKLM \ .. \ Run: [ehTray.exe] "C: \ Windows \ ehome \ ehTray.exe"
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User Service local)
O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] oobefldr.dll rundll32.exe, ShowWelcomeCenter (User Service local)
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% ProgramFiles% \ Windows Sidebar \ Sidebar.exe / detectMem (User SERVICE RÉSEAU)
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Rappel Acer Tour] C: \ Acer \ AcerTour \ Reminder.exe (utilisateur "SYSTEM")
O4 - HKUS \ DEFAULT \ .. \ Run: [Acer Tour Reminder] C: \ Acer \ AcerTour \ Reminder.exe (utilisateur par défaut de l'utilisateur).
O8 - Extra context menu item: E & xporter vers Microsoft Excel - res://C : \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ REFIEBAR. DLL
O9 - Extra button: AIM - {AC9E2541-2814-11D5-BC6D-00B0D0A1DE45} - C: \ Program Files \ AIM \ aim.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C: \ PROGRA ~ 1 \ SPYBOT ~ 1 \ SDHelper.dll
O9 - Extra "Outils" menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C: \ PROGRA ~ 1 \ SPYBOT ~ 1 \ SDHelper.dll
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ coIEPlg. dll
O22 - SharedTaskScheduler: Démon de cache de composants Catégories - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C: \ Windows \ system32 \ browseui.dll
Service - O23: ArcSoft Daemon Connect (ACDaemon) - ArcSoft Inc - C: \ Program Files \ Common Files \ Service ArcSoft \ Connection \ Bin \ ACService.exe
O23 - Service: Service ePerformance (AcerMemUsageCheckService) - Unknown owner - C: \ Acer \ Empowering Technology \ ePerformance \ Memcheck. exe
O23 - Service: BrSplService (Brother XP spl Service) - frère Industries Ltd - C: \ Windows \ system32 \ brsvc01a.exe
O23 - Service: Service eDataSecurity - HiTRSUT - C: \ Acer \ Empowering Technology \ eDataSecurity \ eDSService.exe
O23 - Service: Service eRecovery (eRecoveryService) - Acer Inc - C: \ Acer \ Empowering Technology \ eRecovery \ eRecoveryService. exe
O23 - Service: Gestionnaire de tableau InstallDriver (IDriverT) - Macrovision Corporation - C: \ Program Files \ Fichiers communs \ InstallShield \ Driver \ 32 11 \ Intel \ IDriverT.exe
O23 - Service: Service Lavasoft Ad-Aware - Lavasoft - C: \ Program Files \ Lavasoft \ Ad-Aware \ AAWService.exe
O23 - Service: Disc Labeling Service LightScribeService Direct (LightScribeService) - Hewlett-Packard Company - C: \ Program Files \ Fichiers communs \ LightScribe \ LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc - C: \ Program Files \ Common Files \ LogiShrd \ LVMVFM \ LVPrcSrv.exe
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd - C: \ Windows \ system32 \ nlssrv32.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Engine \ 16.8.0.41 \ ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C: \ Windows \ system32 \ nvvsvc. exe
O23 - Service: Retrospect Express HD Launcher (RetroExpLauncher) - EMC Dantz - C: \ Program Files \ Retrospect \ Retrospect Express HD 1.1 \ retrorun.exe
Service - O23: SBSD Service Centre de sécurité (SBSDWSCService) - Safer Networking Ltd - C: \ Program Files \ Spybot - Search & Destroy \ SDWinSec.exe
Valve Corporation - - Service à la clientèle à vapeur C:: - O23 Service \ Program Files \ Common Files \ Steam \ SteamService. exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc ( http://www.webroot,com ) - C: \ Program Files \ Webroot \ WebrootSecurity \ SpySweeper.exe
O23 - Service: Service à la clientèle Webroot (WRConsumerService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ WebrootSecurity \ WRConsumerService.exe
-
End of file - 7463 bytes
- dan9x1
- Newbie
- Inscription: Nov 24, 2010
- Messages: 6
- Status: Offline
Novembre 30th, 2010, 6:33 pm
HAHAHA parlé trop vite. Dès que j'ai envoyé le dernier message, les logiciels espions alertes commencé poping de nouveau!
- Don2007
- Web Master
- Inscription: Nov 21, 2006
- Messages: 4924
- Loc: NY
- Status: Offline
Décembre 1st, 2010, 8:57 am
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Rappel Acer Tour] C: \ Acer \ AcerTour \ Reminder.exe (utilisateur "SYSTEM")
O4 - HKUS \ DEFAULT \ .. \ Run: [Acer Tour Reminder] C: \ Acer \ AcerTour \ Reminder.exe (utilisateur par défaut de l'utilisateur).
Ces ^ ^ ne sont pas un problème, mais vous n'avez pas besoin non plus.
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd - C: \ Windows \ system32 \ nlssrv32.exe
^ ^ Thats considéré comme une menace par certains sites.
Je voudrais aussi désinstaller tous les barres d'outils. Si les fausses alertes se poursuivre, il faut regarder dans le registre.
O4 - HKUS \ DEFAULT \ .. \ Run: [Acer Tour Reminder] C: \ Acer \ AcerTour \ Reminder.exe (utilisateur par défaut de l'utilisateur).
Ces ^ ^ ne sont pas un problème, mais vous n'avez pas besoin non plus.
O23 - Service: Nalpeiron Licensing Service (nlsX86cc) - Nalpeiron Ltd - C: \ Windows \ system32 \ nlssrv32.exe
^ ^ Thats considéré comme une menace par certains sites.
Je voudrais aussi désinstaller tous les barres d'outils. Si les fausses alertes se poursuivre, il faut regarder dans le registre.
How do you know when a politician is lying? His mouth is moving.
- dan9x1
- Newbie
- Inscription: Nov 24, 2010
- Messages: 6
- Status: Offline
Décembre 24th, 2010, 10:52 am
PC différents, même problème (enfants darn). Quel est le problème avec cette image:
Logfile of Trend Micro HijackThis v2.0.4
Scan sauvé à 12:36:23, le 24/12/2010
Windows XP SP3 (WinNT 05/01/2600): Plate-forme
MSIE: Internet Explorer v7.00 (7.00.6000.17093)
Boot mode: Normal
Les processus en cours:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass. exe
\ Program Files \ Webroot \ WebrootSecurity \ WRConsumerService.exe: C
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ Common Files \ Acronis \ Schedule2 \ schedul2.exe
C: \ WINDOWS \ eHome \ ehRecvr.exe
C: \ WINDOWS \ eHome \ ehSched.exe
C: \ Program Files \ Jeux iWin \ iWinTrusted.exe
C: \ Program Files \ Java \ jre6 \ bin \ JQS. exe
\ Program Files \ Fichiers communs \ LightScribe \ LSSrvc.exe: C
\ Program Files \ Common Files \ Logishrd \ LVMVFM \ LVPrcSrv.exe: C
\ Program Files \ Fichiers communs \ Microsoft Shared \ VS7Debug \ MDM.exe: C
C: \ Program Files \ Norton Internet Security \ Engine \ 17.8.0.5 \ ccSvcHst.exe
C: \ WINDOWS \ system32 \ svchost.exe
\ Program Files \ Common Files \ Acronis \ Fomatik \ TrueImageTryStartService.exe: C
\ Program Files \ Webroot \ WebrootSecurity \ SpySweeper.exe: C
\ Program Files \ Norton Internet Security \ Engine \ 17.8.0: C. 5 \ ccSvcHst.exe
C: \ WINDOWS \ system32 \ dllhost.exe
C: \ WINDOWS \ ehome \ ehtray.exe
C: \ Program Files \ Common Files \ Java \ Java Update \ jusched.exe
C: \ Program Files \ Acronis \ TrueImageHome \ TrueImageMonitor.exe
C: \ Program Files \ Acronis \ TrueImageHome \ TimounterMonitor.exe
C: \ Program Files \ Common Files \ Acronis \ Schedule2 \ schedhlp.exe
C: \ Program Files \ QuickTime \ qttask.exe
\ Program Files \ Webroot \ WebrootSecurity \ SpySweeperUI.exe: C
C: \ WINDOWS \ system32 \ ctfmon. exe
\ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe: C
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ WINDOWS \ explorer.exe
C: \ Program Files \ Lavasoft \ Ad-Aware \ AAWService.exe
\ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe: C
C: \ Program Files \ Lavasoft \ Ad-Aware \ AAWTray.exe
\ Program Files \ Skype \ Barres d'outils \ Shared \ SkypeNames2: C. exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoocom/
O2 - BHO: Class AcroIEHlprObj - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: Spybot-S & D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C: PROGRA \ ~ 1 \ SPYBOT ~ 1 \ SDHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C: \ Program Files \ Norton Internet Security \ Engine \ 17.8.0.5 \ coIEPlg. dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C: \ Program Files \ Norton Internet Security \ Engine \ 17.8.0.5 \ IPSBHO.DLL
O2 - BHO: (no name) - {8CA5ED52-F3FB-4414-A105-2E3491156990} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C: \ Program Files \ Skype \ Barres d'outils \ Internet Explorer \ skypeieplugin. dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll (file missing)
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - {DBC80044-A445-435B-BC74-9C25C1C588A9} - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C: \ Program Files \ Java \ jre6 \ lib \ deploy \ JQS \ ie \ jqs_plugin. dll
O3 - Toolbar: barre d'outils Norton - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C: \ Program Files \ Norton Internet Security \ Engine \ 17.8.0.5 \ coIEPlg.dll
O4 - HKLM \ .. \ Run: [ehTray] "C: \ WINDOWS \ ehome \ ehtray.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Common Files \ Java \ Java Update \ jusched.exe"
O4 - HKLM \ .. \ Run: [LWS] "C: \ Program Files \ Logitech \ LWS \ Webcam Software \ LWS.exe"-hide
O4 - HKLM \ .. \ Run: TrueImageMonitor [. ": \ Program Files \ Acronis \ TrueImageHome \ TrueImageMonitor.exe C" exe]
O4 - HKLM \ .. \ Run: [AcronisTimounterMonitor] "C: \ Program Files \ Acronis \ TrueImageHome \ TimounterMonitor.exe"
O4 - HKLM \ .. \ Run: [Acronis Scheduler2 Service] "C: \ Program Files \ Common Files \ Acronis \ Schedule2 \ schedhlp.exe"
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [SpySweeper] "C: \ Program Files \ Webroot \ WebrootSecurity \ SpySweeperUI.exe" / startintray
O4 - HKLM \ .. \ Run: [DWQueuedReporting] "C: \ PROGRA ~ 1 \ COMMON ~ 1 \ MICROS ~ 1 \ DW \ dwtrig20.exe"-t
O4 - HKLM \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe "
O4 - HKLM \ .. \ Run: [Skype] "C: \ Program Files \ Skype \ Phone \ Skype.exe" / nosplash / minimiser
O4 - HKLM \ .. \ Run: \ Program Files \ Spybot - Search & Destroy \ TeaTimer: [TeaTimer SpybotSD] "C. exe "
O8 - Extra context menu item: E & xporter vers Microsoft Excel - res://C : \ PROGRA ~ 1 \ MI1933 ~ 1 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: Skype add-on pour Internet Explorer - {898EA8C8-E7FF-479b-8935-AEC46303B9E5} - C: skypeieplugin.dll \ Program Files \ Skype \ Barres d'outils \ Internet Explorer \
O9 - Extra "Outils" menuitem: Skype add-on pour Internet Explorer - {898EA8C8-E7FF-479b-8935-AEC46303B9E5} - C: \ Program Files \ Skype \ Barres d'outils \ Internet Explorer \ skypeieplugin. dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C: \ PROGRA ~ 1 \ SPYBOT ~ 1 \ SDHelper.dll
O9 - Extra "Outils" menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C: \ PROGRA ~ 1 \ SPYBOT ~ 1 \ SDHelper.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C: \ Windows \ PCHealth \ HelpCtr \ Vendors \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = US \ IEButton \ support. htm
O9 - Extra "Outils" menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C: \ Windows \ PCHealth \ HelpCtr \ Vendors \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = US \ IEButton \ support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra "Outils" menuitem: @ xpsp3res.dll, -20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag. exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra "Outils" menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} (détection des périphériques)-tp: / / www.logitechcom/devicedetector/plugins/LogitechDeviceDetection32. cabine
O18 - Protocol: skype-dire-addon-données - {91774881-D725-4E58-B298-07617B9B86A8} - C: \ Program Files \ Skype \ Barres d'outils \ Internet Explorer \ skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C: \ PROGRA ~ 1 \ COMMON ~ 1 \ Skype \ ~ SKYPE4 1.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C: \ Program Files \ Common Files \ Acronis \ Schedule2 \ schedul2.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx. exe
O23 - Service: Gestionnaire de tableau InstallDriver (IDriverT) - Macrovision Corporation - C: \ Program Files \ Fichiers communs \ InstallShield \ Driver \ 32 1050 \ Intel \ IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: iWinTrusted - iWin Inc - C: \ Program Files \ Jeux iWin \ iWinTrusted.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc - C: \ Program Files \ Java \ jre6 \ bin \ JQS. exe
O23 - Service: Service Lavasoft Ad-Aware - Lavasoft - C: \ Program Files \ Lavasoft \ Ad-Aware \ AAWService.exe
O23 - Service: Disc Labeling Service LightScribeService Direct (LightScribeService) - Hewlett-Packard Company - C: \ Program Files \ Fichiers communs \ LightScribe \ LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc - C: \ Program Files \ Common Files \ Logishrd \ LVMVFM \ LVPrcSrv. exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Engine \ 17.8.0.5 \ ccSvcHst.exe
O23 - Service: Acronis Try and Decide Service (TryAndDecideService) - Unknown owner - C: \ Program Files \ Common Files \ Acronis \ Fomatik \ TrueImageTryStartService.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc ( http://www.webrootcom ) - C: \ Program Files \ Webroot \ WebrootSecurity \ SpySweeper. exe
O23 - Service: Service à la clientèle Webroot (WRConsumerService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ WebrootSecurity \ WRConsumerService.exe
-
End of file - 8283 bytes
Logfile of Trend Micro HijackThis v2.0.4
Scan sauvé à 12:36:23, le 24/12/2010
Windows XP SP3 (WinNT 05/01/2600): Plate-forme
MSIE: Internet Explorer v7.00 (7.00.6000.17093)
Boot mode: Normal
Les processus en cours:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass. exe
\ Program Files \ Webroot \ WebrootSecurity \ WRConsumerService.exe: C
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ spoolsv.exe
C: \ Program Files \ Common Files \ Acronis \ Schedule2 \ schedul2.exe
C: \ WINDOWS \ eHome \ ehRecvr.exe
C: \ WINDOWS \ eHome \ ehSched.exe
C: \ Program Files \ Jeux iWin \ iWinTrusted.exe
C: \ Program Files \ Java \ jre6 \ bin \ JQS. exe
\ Program Files \ Fichiers communs \ LightScribe \ LSSrvc.exe: C
\ Program Files \ Common Files \ Logishrd \ LVMVFM \ LVPrcSrv.exe: C
\ Program Files \ Fichiers communs \ Microsoft Shared \ VS7Debug \ MDM.exe: C
C: \ Program Files \ Norton Internet Security \ Engine \ 17.8.0.5 \ ccSvcHst.exe
C: \ WINDOWS \ system32 \ svchost.exe
\ Program Files \ Common Files \ Acronis \ Fomatik \ TrueImageTryStartService.exe: C
\ Program Files \ Webroot \ WebrootSecurity \ SpySweeper.exe: C
\ Program Files \ Norton Internet Security \ Engine \ 17.8.0: C. 5 \ ccSvcHst.exe
C: \ WINDOWS \ system32 \ dllhost.exe
C: \ WINDOWS \ ehome \ ehtray.exe
C: \ Program Files \ Common Files \ Java \ Java Update \ jusched.exe
C: \ Program Files \ Acronis \ TrueImageHome \ TrueImageMonitor.exe
C: \ Program Files \ Acronis \ TrueImageHome \ TimounterMonitor.exe
C: \ Program Files \ Common Files \ Acronis \ Schedule2 \ schedhlp.exe
C: \ Program Files \ QuickTime \ qttask.exe
\ Program Files \ Webroot \ WebrootSecurity \ SpySweeperUI.exe: C
C: \ WINDOWS \ system32 \ ctfmon. exe
\ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe: C
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ WINDOWS \ explorer.exe
C: \ Program Files \ Lavasoft \ Ad-Aware \ AAWService.exe
\ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe: C
C: \ Program Files \ Lavasoft \ Ad-Aware \ AAWTray.exe
\ Program Files \ Skype \ Barres d'outils \ Shared \ SkypeNames2: C. exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoocom/
O2 - BHO: Class AcroIEHlprObj - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: Spybot-S & D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C: PROGRA \ ~ 1 \ SPYBOT ~ 1 \ SDHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C: \ Program Files \ Norton Internet Security \ Engine \ 17.8.0.5 \ coIEPlg. dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C: \ Program Files \ Norton Internet Security \ Engine \ 17.8.0.5 \ IPSBHO.DLL
O2 - BHO: (no name) - {8CA5ED52-F3FB-4414-A105-2E3491156990} - (no file)
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C: \ Program Files \ Skype \ Barres d'outils \ Internet Explorer \ skypeieplugin. dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll (file missing)
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - {DBC80044-A445-435B-BC74-9C25C1C588A9} - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C: \ Program Files \ Java \ jre6 \ lib \ deploy \ JQS \ ie \ jqs_plugin. dll
O3 - Toolbar: barre d'outils Norton - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C: \ Program Files \ Norton Internet Security \ Engine \ 17.8.0.5 \ coIEPlg.dll
O4 - HKLM \ .. \ Run: [ehTray] "C: \ WINDOWS \ ehome \ ehtray.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Common Files \ Java \ Java Update \ jusched.exe"
O4 - HKLM \ .. \ Run: [LWS] "C: \ Program Files \ Logitech \ LWS \ Webcam Software \ LWS.exe"-hide
O4 - HKLM \ .. \ Run: TrueImageMonitor [. ": \ Program Files \ Acronis \ TrueImageHome \ TrueImageMonitor.exe C" exe]
O4 - HKLM \ .. \ Run: [AcronisTimounterMonitor] "C: \ Program Files \ Acronis \ TrueImageHome \ TimounterMonitor.exe"
O4 - HKLM \ .. \ Run: [Acronis Scheduler2 Service] "C: \ Program Files \ Common Files \ Acronis \ Schedule2 \ schedhlp.exe"
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [SpySweeper] "C: \ Program Files \ Webroot \ WebrootSecurity \ SpySweeperUI.exe" / startintray
O4 - HKLM \ .. \ Run: [DWQueuedReporting] "C: \ PROGRA ~ 1 \ COMMON ~ 1 \ MICROS ~ 1 \ DW \ dwtrig20.exe"-t
O4 - HKLM \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe "
O4 - HKLM \ .. \ Run: [Skype] "C: \ Program Files \ Skype \ Phone \ Skype.exe" / nosplash / minimiser
O4 - HKLM \ .. \ Run: \ Program Files \ Spybot - Search & Destroy \ TeaTimer: [TeaTimer SpybotSD] "C. exe "
O8 - Extra context menu item: E & xporter vers Microsoft Excel - res://C : \ PROGRA ~ 1 \ MI1933 ~ 1 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: Skype add-on pour Internet Explorer - {898EA8C8-E7FF-479b-8935-AEC46303B9E5} - C: skypeieplugin.dll \ Program Files \ Skype \ Barres d'outils \ Internet Explorer \
O9 - Extra "Outils" menuitem: Skype add-on pour Internet Explorer - {898EA8C8-E7FF-479b-8935-AEC46303B9E5} - C: \ Program Files \ Skype \ Barres d'outils \ Internet Explorer \ skypeieplugin. dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C: \ PROGRA ~ 1 \ SPYBOT ~ 1 \ SDHelper.dll
O9 - Extra "Outils" menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C: \ PROGRA ~ 1 \ SPYBOT ~ 1 \ SDHelper.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C: \ Windows \ PCHealth \ HelpCtr \ Vendors \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = US \ IEButton \ support. htm
O9 - Extra "Outils" menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C: \ Windows \ PCHealth \ HelpCtr \ Vendors \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = US \ IEButton \ support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra "Outils" menuitem: @ xpsp3res.dll, -20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag. exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra "Outils" menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C: \ Program Files \ Messenger \ msmsgs.exe
O16 - DPF: {0067DBFC-A752-458C-AE6E-B9C7E63D4824} (détection des périphériques)-tp: / / www.logitechcom/devicedetector/plugins/LogitechDeviceDetection32. cabine
O18 - Protocol: skype-dire-addon-données - {91774881-D725-4E58-B298-07617B9B86A8} - C: \ Program Files \ Skype \ Barres d'outils \ Internet Explorer \ skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C: \ PROGRA ~ 1 \ COMMON ~ 1 \ Skype \ ~ SKYPE4 1.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C: \ Program Files \ Common Files \ Acronis \ Schedule2 \ schedul2.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx. exe
O23 - Service: Gestionnaire de tableau InstallDriver (IDriverT) - Macrovision Corporation - C: \ Program Files \ Fichiers communs \ InstallShield \ Driver \ 32 1050 \ Intel \ IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: iWinTrusted - iWin Inc - C: \ Program Files \ Jeux iWin \ iWinTrusted.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc - C: \ Program Files \ Java \ jre6 \ bin \ JQS. exe
O23 - Service: Service Lavasoft Ad-Aware - Lavasoft - C: \ Program Files \ Lavasoft \ Ad-Aware \ AAWService.exe
O23 - Service: Disc Labeling Service LightScribeService Direct (LightScribeService) - Hewlett-Packard Company - C: \ Program Files \ Fichiers communs \ LightScribe \ LSSrvc.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc - C: \ Program Files \ Common Files \ Logishrd \ LVMVFM \ LVPrcSrv. exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Engine \ 17.8.0.5 \ ccSvcHst.exe
O23 - Service: Acronis Try and Decide Service (TryAndDecideService) - Unknown owner - C: \ Program Files \ Common Files \ Acronis \ Fomatik \ TrueImageTryStartService.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc ( http://www.webrootcom ) - C: \ Program Files \ Webroot \ WebrootSecurity \ SpySweeper. exe
O23 - Service: Service à la clientèle Webroot (WRConsumerService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ WebrootSecurity \ WRConsumerService.exe
-
End of file - 8283 bytes
Page 1 sur 1
Pour répondre à ce sujet, vous devez vous connecter ou vous enregistrer. Il est gratuit.
Afficher de l'information
- Total des messages de ce sujet: 10 messages
- Utilisateurs parcourant ce forum: Aucun utilisateur enregistré et 92 invités
- Vous ne pouvez pas poster de nouveaux sujets
- Vous ne pouvez pas répondre aux sujets
- Vous ne pouvez pas éditer vos messages
- Vous ne pouvez pas supprimer vos messages
- Vous ne pouvez pas joindre des fichiers
