Votre question

fenêtres CiD qui s'ouvrent sans cesse

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
15 Juin 2008 12:15:13


Bonjour, j'ai des fenêtres CiD qui s'ouvrent tout le temps lorsque je suis sur mon PC.
J'ai lu d'autres post à ce sujet mais il est dit dans ces post de créer mon propre post.
Est-ce que quelqu'un pourrait m'aider pour les faire disparaître?

Autres pages sur : fenetres cid ouvrent cesse

15 Juin 2008 12:46:50

Bonjour,

Télécharge Hijackthis (de Trend Micro) sur ton Bureau.

  • Double clique sur HJTInstall.exe pour lancer l'installation.
  • Clique sur Install.
  • Double clique sur le raccourci d'HijackThis qui vient d'être créé pour le lancer. (Clique droit -> lancer en tant qu'admin si sous Vista)
  • Accepte la licence en cliquant sur Yes.
  • Clique sur "Do a system scan and save a logfile".
  • Poste ici[ le rapport généré.

    Note : Le rapport se trouve également ici : C:\Program Files\Trend Micro\Hijackthis\Hijackthis.log

    Aide : Comment utiliser HijackThis.
    15 Juin 2008 13:08:15

    Voici le rapport:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:07:14, on 15/06/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16681)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\Inventel\Add-on\wlancfg.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
    C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Common Files\Teleca Shared\Generic.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Internet Explorer\IEUser.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Windows\system32\SearchFilterHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
    O4 - HKLM\..\Run: [wlancfg] C:\Program Files\Inventel\Add-on\wlancfg.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [bits global] "C:\ProgramData\Plan Bore Bore.xovtft"
    O4 - HKCU\..\Run: [CAMP SHIM EXIT HECK] "C:\ProgramData\Acid Dumb Active.atm8czx"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O13 - Gopher Prefix:
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    --
    End of file - 8671 bytes
    Contenus similaires
    15 Juin 2008 13:52:19

    Re,

    Télécharge Lop S&D.exe (d’ Eric 71 & Angeldark) sur ton bureau.

  • Double-clique dessus pour lancer l'installation
  • Puis double-clique sur le raccourci Lop S&D présent sur ton bureau (Si tu es sous Vista, clique droit -> exécuter en tant qu'admin)
  • Séléctionne la langue souhaitée , puis choisis l'Option 1 (Recherche)
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré (C:\lopR.txt)

    Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
    Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "Nouvelle tâche (exécuter)"
    Tapes explorer et valide. Cela te fera apparaitre ton bureau
    15 Juin 2008 14:03:32


    -----------------------[ Lop S&D 4.2.1-4 XP/Vista ]---------------------

    [ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
    [ USER : Bibi ] [ "C:\Lop SD" ] [ Selection : 1 ]
    [ 15/06/2008 | 13:59:14,34 ] [ PC : PC-DE-BIBI ]
    [ MAJ : 13-06-2008 | 02:10 ]
    [ UAC => 0 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [01/06/2008|22:12] C:\Users\Bibi\AppData\Roaming\Adobe\Online Services
    [01/06/2008|22:02] C:\Users\Bibi\AppData\Roaming\Adobe\Photoshop Album
    [22/05/2008|22:52] C:\Users\Bibi\AppData\Roaming\Adobe\Flash Player
    [14/01/2008|13:28] C:\Users\Bibi\AppData\Roaming\Adobe\ESD
    [02/11/2007|18:45] C:\Users\Bibi\AppData\Roaming\Adobe\Acrobat


    [19/11/2007|15:37] C:\Users\Bibi\AppData\Roaming\Ahead\NeroVision

    [01/11/2007|22:26] C:\Users\Bibi\AppData\Roaming\ATI\ACE

    [01/11/2007|22:25] C:\Users\Bibi\AppData\Roaming\Identities\{AC7BC8E0-436D-4711-94EE-000C6F0AD282}


    [01/11/2007|22:48] C:\Users\Bibi\AppData\Roaming\Macromedia\Flash Player


    [13/06/2008|15:48] C:\Users\Bibi\AppData\Roaming\Microsoft\preuve
    [08/06/2008|21:33] C:\Users\Bibi\AppData\Roaming\Microsoft\Word
    [01/06/2008|23:37] C:\Users\Bibi\AppData\Roaming\Microsoft\CLR Security Config
    [01/06/2008|21:12] C:\Users\Bibi\AppData\Roaming\Microsoft\Office
    [27/05/2008|18:51] C:\Users\Bibi\AppData\Roaming\Microsoft\Excel
    [09/05/2008|23:44] C:\Users\Bibi\AppData\Roaming\Microsoft\Speech
    [09/05/2008|23:21] C:\Users\Bibi\AppData\Roaming\Microsoft\eHome
    [07/05/2008|14:07] C:\Users\Bibi\AppData\Roaming\Microsoft\Document Building Blocks
    [07/05/2008|14:07] C:\Users\Bibi\AppData\Roaming\Microsoft\UProof
    [07/05/2008|14:07] C:\Users\Bibi\AppData\Roaming\Microsoft\Proof
    [27/04/2008|20:38] C:\Users\Bibi\AppData\Roaming\Microsoft\Outlook
    [11/03/2008|17:57] C:\Users\Bibi\AppData\Roaming\Microsoft\CLView
    [31/01/2008|23:10] C:\Users\Bibi\AppData\Roaming\Microsoft\ModŠles
    [26/11/2007|15:07] C:\Users\Bibi\AppData\Roaming\Microsoft\Templates
    [18/11/2007|21:40] C:\Users\Bibi\AppData\Roaming\Microsoft\OIS
    [17/11/2007|00:03] C:\Users\Bibi\AppData\Roaming\Microsoft\WLTB Custom Buttons
    [17/11/2007|00:03] C:\Users\Bibi\AppData\Roaming\Microsoft\MSNLiveFav
    [11/11/2007|13:38] C:\Users\Bibi\AppData\Roaming\Microsoft\Crypto
    [07/11/2007|22:47] C:\Users\Bibi\AppData\Roaming\Microsoft\AddIns
    [02/11/2007|22:51] C:\Users\Bibi\AppData\Roaming\Microsoft\Forms
    [02/11/2007|18:33] C:\Users\Bibi\AppData\Roaming\Microsoft\Macros compl‚mentaires
    [02/11/2007|18:06] C:\Users\Bibi\AppData\Roaming\Microsoft\Internet Explorer
    [01/11/2007|23:55] C:\Users\Bibi\AppData\Roaming\Microsoft\MSN Messenger
    [01/11/2007|23:00] C:\Users\Bibi\AppData\Roaming\Microsoft\Windows Photo Gallery
    [01/11/2007|22:58] C:\Users\Bibi\AppData\Roaming\Microsoft\IdentityCRL
    [01/11/2007|22:58] C:\Users\Bibi\AppData\Roaming\Microsoft\HTML Help
    [01/11/2007|22:26] C:\Users\Bibi\AppData\Roaming\Microsoft\Windows
    [01/11/2007|22:25] C:\Users\Bibi\AppData\Roaming\Microsoft\SystemCertificates
    [01/11/2007|22:25] C:\Users\Bibi\AppData\Roaming\Microsoft\Protect
    [01/11/2007|22:25] C:\Users\Bibi\AppData\Roaming\Microsoft\Credentials

    [01/11/2007|22:51] C:\Users\Bibi\AppData\Roaming\Mozilla\Firefox


    [03/11/2007|12:57] C:\Users\Bibi\AppData\Roaming\Skype\bertelus

    [01/06/2008|21:28] C:\Users\Bibi\AppData\Roaming\Sony Ericsson\Teleca

    [01/06/2008|21:55] C:\Users\Bibi\AppData\Roaming\Teleca\Capability Manager
    [01/06/2008|21:54] C:\Users\Bibi\AppData\Roaming\Teleca\DM


    [15/05/2008|02:22] C:\Users\Bibi\AppData\Roaming\vlc\cache

    [15/05/2008|02:22] C:\Users\Bibi\AppData\Roaming\Winamp\Plugins

    ----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

    [16/11/2007 16:43][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
    [15/06/2008 13:58][--ah-----] C:\Windows\tasks\SA.DAT
    [15/06/2008 13:57][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    ------[ Listing des dossiers dans C:\ProgramData ]------

    [24/04/2007|14:41] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
    [26/05/2008|12:28] C:\ProgramData\16LoudFunk
    [26/05/2008|12:28] C:\ProgramData\Acid Dumb Active.atm8czx
    [01/06/2008|22:02] C:\ProgramData\Adobe
    [18/11/2007|18:57] C:\ProgramData\Ahead
    [01/06/2008|22:03] C:\ProgramData\Apple Computer
    [02/11/2006|15:02] C:\ProgramData\Application Data
    [23/08/2007|07:09] C:\ProgramData\ATI
    [01/11/2007|22:21] C:\ProgramData\Bureau
    [24/04/2007|14:32] C:\ProgramData\CyberLink
    [02/11/2006|15:02] C:\ProgramData\Desktop
    [02/11/2006|15:02] C:\ProgramData\Documents
    [24/04/2007|15:02] C:\ProgramData\eSobi
    [01/11/2007|22:21] C:\ProgramData\Favoris
    [02/11/2006|15:02] C:\ProgramData\Favorites
    [04/11/2007|20:05] C:\ProgramData\Hewlett-Packard
    [02/11/2007|21:47] C:\ProgramData\HP
    [02/11/2007|21:44] C:\ProgramData\HP Product Assistant
    [02/11/2007|21:48] C:\ProgramData\hpzinstall.log
    [01/11/2007|22:21] C:\ProgramData\Menu D‚marrer
    [03/11/2007|12:54] C:\ProgramData\Messenger Plus!
    [02/11/2007|14:52] C:\ProgramData\Microsoft
    [08/05/2008|00:59] C:\ProgramData\Microsoft Help
    [01/11/2007|22:21] C:\ProgramData\ModŠles
    [29/03/2008|00:18] C:\ProgramData\Plan Bore Bore.b1vaicp
    [03/05/2008|12:51] C:\ProgramData\Plan Bore Bore.hgpv88i
    [26/05/2008|12:27] C:\ProgramData\Plan Bore Bore.i3fpu3s
    [26/05/2008|12:27] C:\ProgramData\Plan Bore Bore.xovtft
    [07/04/2008|22:50] C:\ProgramData\QuickTime
    [01/11/2007|23:13] C:\ProgramData\Skype
    [01/06/2008|21:27] C:\ProgramData\Sony Ericsson
    [02/11/2006|15:02] C:\ProgramData\Start Menu
    [01/11/2007|22:35] C:\ProgramData\Symantec
    [01/06/2008|21:27] C:\ProgramData\Teleca
    [02/11/2006|15:02] C:\ProgramData\Templates
    [26/05/2008|12:28] C:\ProgramData\That Face Camp Shim
    [26/03/2008|18:21] C:\ProgramData\WinZip
    [16/11/2007|16:31] C:\ProgramData\WLInstaller

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [24/04/2007|14:31] C:\Program Files\Acer Arcade Live
    [23/08/2007|07:12] C:\Program Files\Acer Inc
    [24/04/2007|14:41] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
    [01/06/2008|22:02] C:\Program Files\Adobe
    [29/11/2007|21:34] C:\Program Files\Ahead
    [01/11/2007|22:55] C:\Program Files\Alwil Software
    [01/06/2008|22:03] C:\Program Files\Apple Software Update
    [23/08/2007|07:01] C:\Program Files\ATI
    [23/08/2007|07:02] C:\Program Files\ATI Technologies
    [09/05/2008|23:25] C:\Program Files\Audacity
    [01/11/2007|23:17] C:\Program Files\CDex_170b2
    [29/03/2008|00:18] C:\Program Files\Circle Developement
    [01/06/2008|21:27] C:\Program Files\Common Files
    [24/04/2007|14:27] C:\Program Files\CyberLink
    [01/11/2007|23:51] C:\Program Files\desktop.ini
    [24/04/2007|15:02] C:\Program Files\eSobi
    [23/04/2008|20:12] C:\Program Files\Everest Poker
    [01/11/2007|22:21] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [29/11/2007|20:20] C:\Program Files\Free Easy Burner
    [02/11/2007|21:43] C:\Program Files\Hewlett-Packard
    [02/11/2007|21:45] C:\Program Files\HP
    [07/04/2008|22:47] C:\Program Files\InstallShield Installation Information
    [11/06/2008|13:59] C:\Program Files\Internet Explorer
    [01/11/2007|22:36] C:\Program Files\Inventel
    [28/05/2008|13:45] C:\Program Files\Java
    [29/03/2008|00:18] C:\Program Files\Messenger Plus! Live
    [17/11/2007|13:34] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [02/11/2006|14:37] C:\Program Files\Microsoft Games
    [08/05/2008|00:59] C:\Program Files\Microsoft Office
    [16/11/2007|16:40] C:\Program Files\Microsoft SQL Server Compact Edition
    [08/05/2008|00:59] C:\Program Files\Microsoft Works
    [24/04/2007|14:36] C:\Program Files\Microsoft.NET
    [02/11/2006|14:42] C:\Program Files\Movie Maker
    [20/04/2008|12:57] C:\Program Files\Mozilla Firefox
    [02/11/2006|14:37] C:\Program Files\MSBuild
    [02/11/2006|14:37] C:\Program Files\MSN
    [01/11/2007|23:23] C:\Program Files\MSXML 4.0
    [01/11/2007|22:41] C:\Program Files\Neuf
    [24/04/2007|15:07] C:\Program Files\NewTech Infosystems
    [18/11/2007|21:22] C:\Program Files\Pochette Express 2
    [01/06/2008|22:05] C:\Program Files\QuickTime
    [03/11/2007|13:57] C:\Program Files\Realtek
    [02/11/2006|14:37] C:\Program Files\Reference Assemblies
    [01/11/2007|23:13] C:\Program Files\Skype
    [01/06/2008|22:08] C:\Program Files\Sony
    [01/06/2008|21:27] C:\Program Files\Sony Ericsson
    [15/06/2008|13:07] C:\Program Files\Trend Micro
    [07/04/2008|22:47] C:\Program Files\Ulead Systems
    [02/11/2006|15:01] C:\Program Files\Uninstall Information
    [27/04/2008|19:25] C:\Program Files\uTorrent
    [12/11/2007|16:47] C:\Program Files\VideoLAN
    [01/11/2007|23:21] C:\Program Files\Winamp
    [01/11/2007|23:49] C:\Program Files\Windows Calendar
    [02/11/2006|14:42] C:\Program Files\Windows Collaboration
    [01/11/2007|23:49] C:\Program Files\Windows Defender
    [02/11/2006|14:42] C:\Program Files\Windows Journal
    [28/02/2008|23:26] C:\Program Files\Windows Live
    [16/11/2007|16:43] C:\Program Files\Windows Live Favorites
    [16/11/2007|16:43] C:\Program Files\Windows Live Toolbar
    [11/06/2008|13:59] C:\Program Files\Windows Mail
    [07/04/2008|22:51] C:\Program Files\Windows Media Components
    [01/11/2007|23:49] C:\Program Files\Windows Media Player
    [01/11/2007|22:21] C:\Program Files\Windows NT
    [02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
    [10/01/2008|19:05] C:\Program Files\Windows Sidebar
    [26/03/2008|18:20] C:\Program Files\WinZip
    [02/11/2007|15:03] C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Common Files ]------

    [01/06/2008|22:02] C:\Program Files\Common Files\Adobe
    [29/11/2007|21:33] C:\Program Files\Common Files\Ahead
    [24/04/2007|14:36] C:\Program Files\Common Files\DESIGNER
    [01/11/2007|22:36] C:\Program Files\Common Files\FDEUnInstaller.exe
    [02/11/2007|21:43] C:\Program Files\Common Files\Hewlett-Packard
    [02/11/2007|21:45] C:\Program Files\Common Files\HP
    [24/04/2007|15:05] C:\Program Files\Common Files\InstallShield
    [28/05/2008|13:44] C:\Program Files\Common Files\Java
    [24/04/2007|15:07] C:\Program Files\Common Files\LightScribe
    [01/06/2008|22:07] C:\Program Files\Common Files\microsoft shared
    [24/04/2007|15:06] C:\Program Files\Common Files\muvee Technologies
    [30/11/2007|13:56] C:\Program Files\Common Files\Nero
    [24/04/2007|15:07] C:\Program Files\Common Files\NewTech Infosystems
    [02/11/2006|13:18] C:\Program Files\Common Files\Services
    [01/11/2007|23:13] C:\Program Files\Common Files\Skype
    [01/06/2008|21:27] C:\Program Files\Common Files\Sony Ericsson Shared
    [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
    [01/11/2007|22:36] C:\Program Files\Common Files\Symantec Shared
    [02/11/2007|14:53] C:\Program Files\Common Files\System
    [01/06/2008|21:27] C:\Program Files\Common Files\Teleca Shared
    [07/04/2008|22:47] C:\Program Files\Common Files\Ulead Systems
    [16/11/2007|16:36] C:\Program Files\Common Files\WindowsLiveInstaller

    ---------------------------[ Process ]--------------------------

    ... 51

    iexplore.exe ~ [2592]
    iexplore.exe ~ [2680]

    ----------------------[ Recherche avec S_Lop ]---------------------

    C:\ProgramData\Acid Dumb Active.atm8czx
    C:\ProgramData\Plan Bore Bore.b1vaicp
    C:\ProgramData\Plan Bore Bore.hgpv88i
    C:\ProgramData\Plan Bore Bore.i3fpu3s
    C:\ProgramData\Plan Bore Bore.xovtft
    C:\ProgramData\Acid Dumb Active.atm8czx
    C:\ProgramData\Plan Bore Bore.hgpv88i
    C:\ProgramData\Plan Bore Bore.i3fpu3s
    C:\ProgramData\Plan Bore Bore.xovtft
    C:\Users\Bibi\AppData\Local\Temp\bisDF85.exe

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\ProgramData\That Face Camp Shim
    C:\ProgramData\That Face Camp Shim\Iso Test.exe
    C:\Program Files\Circle Developement
    C:\Program Files\Circle Developement\Uninstall.exe
    C:\Windows\Prefetch\ISO TEST.EXE-5122268A.pf
    C:\Users\Bibi\AppData\Roaming\MICROS~1\Windows\Cookies\bibi@www.adserver5[2].txt
    C:\Users\Bibi\AppData\Roaming\MICROS~1\Windows\Cookies\bibi@banner.cotedazurpalace[2].txt
    C:\Users\Bibi\AppData\Roaming\MICROS~1\Windows\Cookies\bibi@cotedazurpalace[1].txt
    C:\Users\Bibi\AppData\Roaming\MICROS~1\Windows\Cookies\bibi@adopt.euroclick[2].txt
    C:\Users\Bibi\AppData\Roaming\MICROS~1\Windows\Cookies\bibi@partygaming.122.2o7[1].txt
    C:\Users\Bibi\AppData\Roaming\MICROS~1\Windows\Cookies\bibi@partypoker[1].txt
    C:\Users\Bibi\AppData\Roaming\MICROS~1\Windows\Cookies\bibi@www.2xmoinscher[2].txt

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-15 13:59:40
    Windows 6.0.6000 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------


    Aucune autre infection trouvée !

    [F:1891][D:126]-> C:\Users\Bibi\AppData\Local\Temp
    [F:247][D:1]-> C:\Users\Bibi\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:1863][D:11]-> C:\Users\Bibi\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:2][D:2]-> C:\$Recycle.Bin

    [ UAC => 1 ]

    --------------------[ Fin du rapport a 14:00:23,84 ]----------------------
    15 Juin 2008 15:28:06

    Re,

    Sélectionne entièrement l'encadré ci-dessous , puis clique droit Copier

    C:\ProgramData\16LoudFunk


    Relance Lop S&D

  • Choisis cette fois ci l'Option 4 (LopScript)
  • Une page blanche va s'ouvrir , clique droit dessus et choisis Coller
  • Ferme la page , il te sera demandé de l'enregistrer , clique sur [Enregistrer]
  • Ne ferme pas la fenêtre lors de la suppression !
  • Poste le rapport généré (C:\lopR.txt)
    15 Juin 2008 16:51:31


    -----------------------[ Lop S&D 4.2.1-4 XP/Vista ]---------------------

    [ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
    [ USER : Bibi ] [ "C:\Lop SD" ] [ Selection : 4 ]
    [ 15/06/2008 | 16:45:51,51 ] [ PC : PC-DE-BIBI ]
    [ MAJ : 13-06-2008 | 02:10 ]
    [ UAC => 0 ]

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ LopScript //////////////////////////////////

    C:\ProgramData\16LoudFunk

    Supprimé! - C:\ProgramData\16LoudFunk

    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprimé! - C:\ProgramData\That Face Camp Shim\Iso Test.exe
    Supprimé! - C:\Program Files\Circle Developement\Uninstall.exe
    Supprimé! - C:\Windows\Prefetch\ISO TEST.EXE-5122268A.pf
    Supprimé! - C:\Users\Bibi\AppData\Roaming\MICROS~1\Windows\Cookies\bibi@www.adserver5[2].txt
    Supprimé! - C:\Users\Bibi\AppData\Roaming\MICROS~1\Windows\Cookies\bibi@banner.cotedazurpalace[2].txt
    Supprimé! - C:\Users\Bibi\AppData\Roaming\MICROS~1\Windows\Cookies\bibi@cotedazurpalace[1].txt
    Supprimé! - C:\Users\Bibi\AppData\Roaming\MICROS~1\Windows\Cookies\bibi@adopt.euroclick[2].txt
    Supprimé! - C:\Users\Bibi\AppData\Roaming\MICROS~1\Windows\Cookies\bibi@partygaming.122.2o7[1].txt
    Supprimé! - C:\Users\Bibi\AppData\Roaming\MICROS~1\Windows\Cookies\bibi@partypoker[1].txt
    Supprimé! - C:\Users\Bibi\AppData\Roaming\MICROS~1\Windows\Cookies\bibi@www.2xmoinscher[2].txt
    Supprimé! - C:\ProgramData\Acid Dumb Active.atm8czx
    Supprimé! - C:\ProgramData\Plan Bore Bore.b1vaicp
    Supprimé! - C:\ProgramData\Plan Bore Bore.hgpv88i
    Supprimé! - C:\ProgramData\Plan Bore Bore.i3fpu3s
    Supprimé! - C:\ProgramData\Plan Bore Bore.xovtft
    Supprimé! - C:\Users\Bibi\AppData\Local\Temp\bisDF85.exe
    Supprimé! - C:\ProgramData\That Face Camp Shim
    Supprimé! - C:\Program Files\Circle Developement
    Restauré! - Fichier Hosts

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    [01/06/2008|22:12] C:\Users\Bibi\AppData\Roaming\Adobe\Online Services
    [01/06/2008|22:02] C:\Users\Bibi\AppData\Roaming\Adobe\Photoshop Album
    [22/05/2008|22:52] C:\Users\Bibi\AppData\Roaming\Adobe\Flash Player
    [14/01/2008|13:28] C:\Users\Bibi\AppData\Roaming\Adobe\ESD
    [02/11/2007|18:45] C:\Users\Bibi\AppData\Roaming\Adobe\Acrobat


    [19/11/2007|15:37] C:\Users\Bibi\AppData\Roaming\Ahead\NeroVision

    [01/11/2007|22:26] C:\Users\Bibi\AppData\Roaming\ATI\ACE

    [01/11/2007|22:25] C:\Users\Bibi\AppData\Roaming\Identities\{AC7BC8E0-436D-4711-94EE-000C6F0AD282}


    [01/11/2007|22:48] C:\Users\Bibi\AppData\Roaming\Macromedia\Flash Player


    [13/06/2008|15:48] C:\Users\Bibi\AppData\Roaming\Microsoft\preuve
    [08/06/2008|21:33] C:\Users\Bibi\AppData\Roaming\Microsoft\Word
    [01/06/2008|23:37] C:\Users\Bibi\AppData\Roaming\Microsoft\CLR Security Config
    [01/06/2008|21:12] C:\Users\Bibi\AppData\Roaming\Microsoft\Office
    [27/05/2008|18:51] C:\Users\Bibi\AppData\Roaming\Microsoft\Excel
    [09/05/2008|23:44] C:\Users\Bibi\AppData\Roaming\Microsoft\Speech
    [09/05/2008|23:21] C:\Users\Bibi\AppData\Roaming\Microsoft\eHome
    [07/05/2008|14:07] C:\Users\Bibi\AppData\Roaming\Microsoft\Document Building Blocks
    [07/05/2008|14:07] C:\Users\Bibi\AppData\Roaming\Microsoft\UProof
    [07/05/2008|14:07] C:\Users\Bibi\AppData\Roaming\Microsoft\Proof
    [27/04/2008|20:38] C:\Users\Bibi\AppData\Roaming\Microsoft\Outlook
    [11/03/2008|17:57] C:\Users\Bibi\AppData\Roaming\Microsoft\CLView
    [31/01/2008|23:10] C:\Users\Bibi\AppData\Roaming\Microsoft\ModŠles
    [26/11/2007|15:07] C:\Users\Bibi\AppData\Roaming\Microsoft\Templates
    [18/11/2007|21:40] C:\Users\Bibi\AppData\Roaming\Microsoft\OIS
    [17/11/2007|00:03] C:\Users\Bibi\AppData\Roaming\Microsoft\WLTB Custom Buttons
    [17/11/2007|00:03] C:\Users\Bibi\AppData\Roaming\Microsoft\MSNLiveFav
    [11/11/2007|13:38] C:\Users\Bibi\AppData\Roaming\Microsoft\Crypto
    [07/11/2007|22:47] C:\Users\Bibi\AppData\Roaming\Microsoft\AddIns
    [02/11/2007|22:51] C:\Users\Bibi\AppData\Roaming\Microsoft\Forms
    [02/11/2007|18:33] C:\Users\Bibi\AppData\Roaming\Microsoft\Macros compl‚mentaires
    [02/11/2007|18:06] C:\Users\Bibi\AppData\Roaming\Microsoft\Internet Explorer
    [01/11/2007|23:55] C:\Users\Bibi\AppData\Roaming\Microsoft\MSN Messenger
    [01/11/2007|23:00] C:\Users\Bibi\AppData\Roaming\Microsoft\Windows Photo Gallery
    [01/11/2007|22:58] C:\Users\Bibi\AppData\Roaming\Microsoft\IdentityCRL
    [01/11/2007|22:58] C:\Users\Bibi\AppData\Roaming\Microsoft\HTML Help
    [01/11/2007|22:26] C:\Users\Bibi\AppData\Roaming\Microsoft\Windows
    [01/11/2007|22:25] C:\Users\Bibi\AppData\Roaming\Microsoft\SystemCertificates
    [01/11/2007|22:25] C:\Users\Bibi\AppData\Roaming\Microsoft\Protect
    [01/11/2007|22:25] C:\Users\Bibi\AppData\Roaming\Microsoft\Credentials

    [01/11/2007|22:51] C:\Users\Bibi\AppData\Roaming\Mozilla\Firefox


    [03/11/2007|12:57] C:\Users\Bibi\AppData\Roaming\Skype\bertelus

    [01/06/2008|21:28] C:\Users\Bibi\AppData\Roaming\Sony Ericsson\Teleca

    [01/06/2008|21:55] C:\Users\Bibi\AppData\Roaming\Teleca\Capability Manager
    [01/06/2008|21:54] C:\Users\Bibi\AppData\Roaming\Teleca\DM


    [15/05/2008|02:22] C:\Users\Bibi\AppData\Roaming\vlc\cache

    [15/05/2008|02:22] C:\Users\Bibi\AppData\Roaming\Winamp\Plugins

    ----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

    [16/11/2007 16:43][--a------] C:\Windows\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
    [15/06/2008 16:45][--ah-----] C:\Windows\tasks\SA.DAT
    [15/06/2008 16:43][--a------] C:\Windows\tasks\SCHEDLGU.TXT

    ------[ Listing des dossiers dans C:\ProgramData ]------

    [24/04/2007|14:41] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
    [01/06/2008|22:02] C:\ProgramData\Adobe
    [18/11/2007|18:57] C:\ProgramData\Ahead
    [01/06/2008|22:03] C:\ProgramData\Apple Computer
    [02/11/2006|15:02] C:\ProgramData\Application Data
    [23/08/2007|07:09] C:\ProgramData\ATI
    [01/11/2007|22:21] C:\ProgramData\Bureau
    [24/04/2007|14:32] C:\ProgramData\CyberLink
    [02/11/2006|15:02] C:\ProgramData\Desktop
    [02/11/2006|15:02] C:\ProgramData\Documents
    [24/04/2007|15:02] C:\ProgramData\eSobi
    [01/11/2007|22:21] C:\ProgramData\Favoris
    [02/11/2006|15:02] C:\ProgramData\Favorites
    [04/11/2007|20:05] C:\ProgramData\Hewlett-Packard
    [02/11/2007|21:47] C:\ProgramData\HP
    [02/11/2007|21:44] C:\ProgramData\HP Product Assistant
    [02/11/2007|21:48] C:\ProgramData\hpzinstall.log
    [01/11/2007|22:21] C:\ProgramData\Menu D‚marrer
    [03/11/2007|12:54] C:\ProgramData\Messenger Plus!
    [02/11/2007|14:52] C:\ProgramData\Microsoft
    [08/05/2008|00:59] C:\ProgramData\Microsoft Help
    [01/11/2007|22:21] C:\ProgramData\ModŠles
    [07/04/2008|22:50] C:\ProgramData\QuickTime
    [01/11/2007|23:13] C:\ProgramData\Skype
    [01/06/2008|21:27] C:\ProgramData\Sony Ericsson
    [02/11/2006|15:02] C:\ProgramData\Start Menu
    [01/11/2007|22:35] C:\ProgramData\Symantec
    [01/06/2008|21:27] C:\ProgramData\Teleca
    [02/11/2006|15:02] C:\ProgramData\Templates
    [26/03/2008|18:21] C:\ProgramData\WinZip
    [16/11/2007|16:31] C:\ProgramData\WLInstaller

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [24/04/2007|14:31] C:\Program Files\Acer Arcade Live
    [23/08/2007|07:12] C:\Program Files\Acer Inc
    [24/04/2007|14:41] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
    [01/06/2008|22:02] C:\Program Files\Adobe
    [29/11/2007|21:34] C:\Program Files\Ahead
    [01/11/2007|22:55] C:\Program Files\Alwil Software
    [01/06/2008|22:03] C:\Program Files\Apple Software Update
    [23/08/2007|07:01] C:\Program Files\ATI
    [23/08/2007|07:02] C:\Program Files\ATI Technologies
    [09/05/2008|23:25] C:\Program Files\Audacity
    [01/11/2007|23:17] C:\Program Files\CDex_170b2
    [01/06/2008|21:27] C:\Program Files\Common Files
    [24/04/2007|14:27] C:\Program Files\CyberLink
    [01/11/2007|23:51] C:\Program Files\desktop.ini
    [24/04/2007|15:02] C:\Program Files\eSobi
    [23/04/2008|20:12] C:\Program Files\Everest Poker
    [01/11/2007|22:21] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
    [29/11/2007|20:20] C:\Program Files\Free Easy Burner
    [02/11/2007|21:43] C:\Program Files\Hewlett-Packard
    [02/11/2007|21:45] C:\Program Files\HP
    [07/04/2008|22:47] C:\Program Files\InstallShield Installation Information
    [11/06/2008|13:59] C:\Program Files\Internet Explorer
    [01/11/2007|22:36] C:\Program Files\Inventel
    [28/05/2008|13:45] C:\Program Files\Java
    [29/03/2008|00:18] C:\Program Files\Messenger Plus! Live
    [17/11/2007|13:34] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [02/11/2006|14:37] C:\Program Files\Microsoft Games
    [08/05/2008|00:59] C:\Program Files\Microsoft Office
    [16/11/2007|16:40] C:\Program Files\Microsoft SQL Server Compact Edition
    [08/05/2008|00:59] C:\Program Files\Microsoft Works
    [24/04/2007|14:36] C:\Program Files\Microsoft.NET
    [02/11/2006|14:42] C:\Program Files\Movie Maker
    [20/04/2008|12:57] C:\Program Files\Mozilla Firefox
    [02/11/2006|14:37] C:\Program Files\MSBuild
    [02/11/2006|14:37] C:\Program Files\MSN
    [01/11/2007|23:23] C:\Program Files\MSXML 4.0
    [01/11/2007|22:41] C:\Program Files\Neuf
    [24/04/2007|15:07] C:\Program Files\NewTech Infosystems
    [18/11/2007|21:22] C:\Program Files\Pochette Express 2
    [01/06/2008|22:05] C:\Program Files\QuickTime
    [03/11/2007|13:57] C:\Program Files\Realtek
    [02/11/2006|14:37] C:\Program Files\Reference Assemblies
    [01/11/2007|23:13] C:\Program Files\Skype
    [01/06/2008|22:08] C:\Program Files\Sony
    [01/06/2008|21:27] C:\Program Files\Sony Ericsson
    [15/06/2008|13:07] C:\Program Files\Trend Micro
    [07/04/2008|22:47] C:\Program Files\Ulead Systems
    [02/11/2006|15:01] C:\Program Files\Uninstall Information
    [27/04/2008|19:25] C:\Program Files\uTorrent
    [12/11/2007|16:47] C:\Program Files\VideoLAN
    [01/11/2007|23:21] C:\Program Files\Winamp
    [01/11/2007|23:49] C:\Program Files\Windows Calendar
    [02/11/2006|14:42] C:\Program Files\Windows Collaboration
    [01/11/2007|23:49] C:\Program Files\Windows Defender
    [02/11/2006|14:42] C:\Program Files\Windows Journal
    [28/02/2008|23:26] C:\Program Files\Windows Live
    [16/11/2007|16:43] C:\Program Files\Windows Live Favorites
    [16/11/2007|16:43] C:\Program Files\Windows Live Toolbar
    [11/06/2008|13:59] C:\Program Files\Windows Mail
    [07/04/2008|22:51] C:\Program Files\Windows Media Components
    [01/11/2007|23:49] C:\Program Files\Windows Media Player
    [01/11/2007|22:21] C:\Program Files\Windows NT
    [02/11/2006|14:42] C:\Program Files\Windows Photo Gallery
    [10/01/2008|19:05] C:\Program Files\Windows Sidebar
    [26/03/2008|18:20] C:\Program Files\WinZip
    [02/11/2007|15:03] C:\Program Files\Yahoo!

    ------[ Listing des dossiers dans C:\Program Files\Common Files ]------

    [01/06/2008|22:02] C:\Program Files\Common Files\Adobe
    [29/11/2007|21:33] C:\Program Files\Common Files\Ahead
    [24/04/2007|14:36] C:\Program Files\Common Files\DESIGNER
    [01/11/2007|22:36] C:\Program Files\Common Files\FDEUnInstaller.exe
    [02/11/2007|21:43] C:\Program Files\Common Files\Hewlett-Packard
    [02/11/2007|21:45] C:\Program Files\Common Files\HP
    [24/04/2007|15:05] C:\Program Files\Common Files\InstallShield
    [28/05/2008|13:44] C:\Program Files\Common Files\Java
    [24/04/2007|15:07] C:\Program Files\Common Files\LightScribe
    [01/06/2008|22:07] C:\Program Files\Common Files\microsoft shared
    [24/04/2007|15:06] C:\Program Files\Common Files\muvee Technologies
    [30/11/2007|13:56] C:\Program Files\Common Files\Nero
    [24/04/2007|15:07] C:\Program Files\Common Files\NewTech Infosystems
    [02/11/2006|13:18] C:\Program Files\Common Files\Services
    [01/11/2007|23:13] C:\Program Files\Common Files\Skype
    [01/06/2008|21:27] C:\Program Files\Common Files\Sony Ericsson Shared
    [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
    [01/11/2007|22:36] C:\Program Files\Common Files\Symantec Shared
    [02/11/2007|14:53] C:\Program Files\Common Files\System
    [01/06/2008|21:27] C:\Program Files\Common Files\Teleca Shared
    [07/04/2008|22:47] C:\Program Files\Common Files\Ulead Systems
    [16/11/2007|16:36] C:\Program Files\Common Files\WindowsLiveInstaller

    ---------------------------[ Process ]--------------------------

    ... 65

    ... OK !

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-15 16:48:20
    Windows 6.0.6000 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------


    Aucune autre infection trouvée !

    [F:1893][D:126]-> C:\Users\Bibi\AppData\Local\Temp
    [F:255][D:1]-> C:\Users\Bibi\AppData\Roaming\MICROS~1\Windows\Cookies
    [F:2209][D:11]-> C:\Users\Bibi\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
    [F:2][D:2]-> C:\$Recycle.Bin

    [ UAC => 1 ]

    --------------------[ Fin du rapport a 16:50:11,44 ]----------------------
    15 Juin 2008 17:30:42

    Poste un nouveau rapport HJT.
    17 Juin 2008 16:09:54

    excuses-moi je réponds tard mais ils ne m'avaient pas indiqué par mail que tu avais répondu!

    C'est quoi un rapport HJT?? Comment je fais pour le poster?

    Merci
    17 Juin 2008 18:00:39

    Le premier rapport que tu as fait au début ;) 
    17 Juin 2008 18:29:52

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:07:14, on 15/06/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16681)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\Inventel\Add-on\wlancfg.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
    C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Common Files\Teleca Shared\Generic.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Internet Explorer\IEUser.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Windows\system32\SearchFilterHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
    O4 - HKLM\..\Run: [wlancfg] C:\Program Files\Inventel\Add-on\wlancfg.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [bits global] "C:\ProgramData\Plan Bore Bore.xovtft"
    O4 - HKCU\..\Run: [CAMP SHIM EXIT HECK] "C:\ProgramData\Acid Dumb Active.atm8czx"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O13 - Gopher Prefix:
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    --
    End of file - 8671 bytes
    17 Juin 2008 19:49:48

    Re,

    Télécharge Clean (de Malekal) sur ton Bureau.

  • Dézippe le sur ton Bureau. Double-clic sur le dossier Clean qui vient d'apparaître.
  • Double-clic sur Clean.cmd. (L’extension cmd peut ne pas apparaître) Cela va ouvrir une fenêtre noire.
  • Un menu va apparaître, choisis l'option 1 puis entrée. Ensuite appuies sur une touche comme il te sera demandé.
  • Poste le rapport qui se trouve ici : C:\rapport_clean.txt

    Si tu obtiens un fichier C:\upload_moi.zip, merci de faire ceci.

    Aide : Comment utiliser Clean.

    ********

    Désinstalle via Ajout/Suppression de Programmes (si présents) :
  • Avast!

    Télécharge et exécute : http://www.avast.com/eng/avast-uninstall-utility.html

    Télécharge Ccleaner sur ton Bureau.

  • Clique sur "download the latest version"
  • Installe-le en laissant seulement les options suivantes cochées :
    - Ajouter un raccourci sur le Bureau
    - Contrôler automatiquement les mises à jour de CCleaner
  • Lance le Nettoyage
  • Clique sur Chercher des erreurs et sauvegarde si tu le souhaites.

    Aide : Comment utiliser CCleaner.

    ***************

    Télécharge AntiVir sur ton Bureau.

  • Double clique sur l'exécutable téléchargé pour lancer l'installation.
  • A la fin de l'installation, clique sur Finish.
  • Ouvre Antivir, assure-toi qu’il soit bien à jour !
  • Dans l'onglet Local Protection, choisis Scanner.
  • Active la recherche de rootkits via le + de rootkit search, puis dans manual selection, coche tout (tes partitions de disque dur).
  • Clique sur la loupe du milieu pour lancer le scan en tant qu'Administrateur.
  • Poste moi le rapport généré : Pour cela, clique sur l'onglet Overview, puis choisis Reports, tu trouveras son rapport..

    Note : Pour une éradication des menaces plus efficace, lance le scan en mode sans échec.

    Pourquoi changer ? Avast vs Antivir.

    Aide : Comment installer et utiliser AntiVir.
    17 Juin 2008 20:14:48

    en fait tu veux que j'enlève Avast et que je mette un autre antivirus, c'est ca?
    Mais en fait pendant les manipulations que tu m'a dit de faire, Avast a trouvé le virus "Win32:Trojan-gen".
    Suite aux manipulations que j'ai faites je n'ai plus les fenêtre CiD qui appraissent, alors suis-je obligé de continuer à faire les manip' que tu me décris au-dessus ou est-ce que c'est juste un conseil pour changer d'antivirus?
    17 Juin 2008 20:56:29

    Un conseil sérieux, mais tu n'en es pas obligé.
    18 Juin 2008 00:33:29

    Ok, merci.
    Est-ce que c'est bon pour les fenêtre intempestives? (ca à l'air de marcher là, y'en a plus)
    et pour le virus que m'a trouvé Avast, est-ce qu'il faut que je fasse autre chose?
    18 Juin 2008 11:18:14

    Je me suis aperçu que tu n'avais pas posté un nouveau rapport HijackThis ;) 

    Le fichier détecté par ton av ?
    18 Juin 2008 12:40:53

    Oups pardon, voici le rapport:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:07:14, on 15/06/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16681)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\Inventel\Add-on\wlancfg.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
    C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Common Files\Teleca Shared\Generic.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Internet Explorer\IEUser.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Windows\system32\SearchFilterHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
    O4 - HKLM\..\Run: [wlancfg] C:\Program Files\Inventel\Add-on\wlancfg.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [bits global] "C:\ProgramData\Plan Bore Bore.xovtft"
    O4 - HKCU\..\Run: [CAMP SHIM EXIT HECK] "C:\ProgramData\Acid Dumb Active.atm8czx"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O13 - Gopher Prefix:
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    --
    End of file - 8671 bytes


    Et pour le fichier détecté par avast, il s'agit du virus Win32: Trojan-gen
    Merci
    18 Juin 2008 13:31:50

    Oui, mais où ? ;) 

    Localisaions + nom du fichier + extension si c'est possible.

    Pour le rapport HJT, il en faut un nouveau ! Tu refais la manip "do a system scan and save a log file". Voili Voilou .
    18 Juin 2008 17:07:17

    le virus Win32:Trojan-gen se situe dans C:\Lop SD\Backup-Lop\F

    Voilà, c'est tout ce que ça m'indique.
    18 Juin 2008 17:08:54

    Et voilà le dernier rapport que je viens d'avoir en relancant HijackThis :


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 13:07:14, on 15/06/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16681)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\Inventel\Add-on\wlancfg.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
    C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Common Files\Teleca Shared\Generic.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Internet Explorer\IEUser.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Windows\system32\SearchFilterHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O1 - Hosts: ::1 localhost
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
    O4 - HKLM\..\Run: [wlancfg] C:\Program Files\Inventel\Add-on\wlancfg.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [bits global] "C:\ProgramData\Plan Bore Bore.xovtft"
    O4 - HKCU\..\Run: [CAMP SHIM EXIT HECK] "C:\ProgramData\Acid Dumb Active.atm8czx"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O13 - Gopher Prefix:
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    --
    End of file - 8671 bytes
    18 Juin 2008 17:45:12

    Citation :
    Scan saved at 13:07:14, on 15/06/2008

    Tu vois ? ;) 

    Pour le virus, il est dans la quarantaine du logiciel utilisé :) 

    Tu as bien relancé Hijackthis, do a system scan and save a log file ?
    Si oui, désinstalle/réinstalle HJT, et refais la manip?./
    18 Juin 2008 18:31:34


    J'avais bien relancé Hijackthis do a system scan and save a log file.
    Je l'ai désinstallé et je viens de le ré-installer.

    Voilà le rapport:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:30:00, on 18/06/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16681)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\Inventel\Add-on\wlancfg.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
    C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Common Files\Teleca Shared\Generic.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\Windows\System32\mobsync.exe
    C:\Program Files\Internet Explorer\IEUser.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Windows\system32\SearchFilterHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
    O4 - HKLM\..\Run: [wlancfg] C:\Program Files\Inventel\Add-on\wlancfg.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [bits global] "C:\ProgramData\Plan Bore Bore.xovtft"
    O4 - HKCU\..\Run: [CAMP SHIM EXIT HECK] "C:\ProgramData\Acid Dumb Active.atm8czx"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O13 - Gopher Prefix:
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    --
    End of file - 8579 bytes
    18 Juin 2008 19:17:06

    Re,

    Relance HijackThis (clique droit -> lancer en tant qu'adminstrateur sous Vista), do a system scan only, coche ces lignes (si toujours présentes) :
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
    O4 - HKCU\..\Run: [bits global] "C:\ProgramData\Plan Bore Bore.xovtft"
    O4 - HKCU\..\Run: [CAMP SHIM EXIT HECK] "C:\ProgramData\Acid Dumb Active.atm8czx"
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

    Ferme toutes les applications en cours (particulièrement ton navigateur Internet).
    Puis Fix Checked !

    **********

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.

  • Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées :
    Redémarre en mode sans échec
    /!\ Ne jamais démarrer en mode sans échec via MSCONFIG /!\

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.

    REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    [#FF0000]Aide
    : Comment utiliser MBAM.
    19 Juin 2008 12:19:37


    C'est bon j'ai fait la malip' aves Hijackthis. J'ai cocher les lignes que tu m'a dit et j'ai fait Fix Checked.

    Ensuite, faut-il que je fasse MalwareByte's Anti-Malware ??ou est-ce juste un conseil?? Ca sert à quoi en fait ca??
    19 Juin 2008 13:31:20

    Fais-le :) 
    19 Juin 2008 17:11:04

    OK mais j'ai un peu d'mal... Quand j'ouvre le lien que tu m'as envoyé, je vais dans quoi pour télécharger MalwareByte's Anti-Malware???
    19 Juin 2008 17:30:06

    Suis le tutoriel comment utiliser MBAM
    20 Juin 2008 00:00:49


    J'ai fait ce que tu m'a dit.
    J'ai téléchargé MalwareByte's Anti-Malware, je l'ai installé, j'ai redémarré en mode sans échec, j'ai lancé MalwareByte's Anti-Malware et le programme n'a rien trouvé. J'ai le rapport que j'ai fermé comme tu me l'a dit.

    Y a-t-il autre chose à faire??
    20 Juin 2008 06:54:48

    Re,

    Poste un nouveau rapport HijackThis.
    Toujours des dysfonctionnements ?
    20 Juin 2008 16:56:04

    Non plus de disfonctionnements.

    Nouveau rapport Hijackthis:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:30:00, on 18/06/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16681)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\Inventel\Add-on\wlancfg.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
    C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Common Files\Teleca Shared\Generic.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\Windows\System32\mobsync.exe
    C:\Program Files\Internet Explorer\IEUser.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Windows\system32\SearchFilterHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
    O4 - HKLM\..\Run: [wlancfg] C:\Program Files\Inventel\Add-on\wlancfg.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [bits global] "C:\ProgramData\Plan Bore Bore.xovtft"
    O4 - HKCU\..\Run: [CAMP SHIM EXIT HECK] "C:\ProgramData\Acid Dumb Active.atm8czx"
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O13 - Gopher Prefix:
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    --
    End of file - 8579 bytes
    21 Juin 2008 12:23:26


    En fait, à chaque fois que je relance Hijackthis, ca me met un message, comme un message d'erreur, mais Hijackthis se lance quand même après, mais j'ai l'impression qu'en fait, le message qui s'affiche me dit qu'il ne peut pas y avoir de NOUVEAU rapport de fait.

    Pour enlever NORTON, je veux bien, mais à quoi ça sert??
    Et pour le ré-installer après, je sais pas si j'ai un CD ou quoi que ce soit?!
    21 Juin 2008 13:11:00

    Il y avait des restes de Norton. Tu as juste à exécuter l'utilitaire.

    Pour HijackThis, lance le en tant qu'administrateur (via clique droit), et il m'en faut un nouveau :) 
    21 Juin 2008 19:46:31

    Je peux pas faire de nouveau rapport

    Et je peux pas non plus installer le truc pour Norton,

    Dans les 2 cas, ca me met me met un message d'erreur avec l'emplacement du programme et en dessous "une référence a été renvoyée par le serveur"

    Ca veut dire quoi ça???
    22 Juin 2008 14:33:53

    Encore ...

    Voir cette astuce :

    Clique sur démarrer --> exécuter, tape regedit puis valide par ok.
    (Si tu es sous Vista, clique seulement sur démarrer, tape regedit et valide par entrée)

    Navigue jusqu'à cette clef :

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System, puis regarde à droite la valeur et double clique sur: ValidateAdminCodeSignatures.
    Si la valeur par défaut est: (1) donc activé, tape 0) pour desactiver puis OK.
    23 Juin 2008 10:40:42

    OK merci.
    J'ai fait la manip' que tu m'a dit de faire.
    Merci, ça marche et j'ai pu faire la manip' pour désinstaller NORTON, ainsi qu'un nouveau rapport Hijackthis :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:40:26, on 23/06/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16681)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\Inventel\Add-on\wlancfg.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
    C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Common Files\Teleca Shared\Generic.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Internet Explorer\IEUser.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
    O4 - HKLM\..\Run: [wlancfg] C:\Program Files\Inventel\Add-on\wlancfg.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O13 - Gopher Prefix:
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    --
    End of file - 8149 bytes
    23 Juin 2008 13:31:12

    Bizarre....

    Relance HijackThis (clique droit -> lancer en tant qu'adminstrateur sous Vista), do a system scan only, coche ces lignes (si toujours présentes) :
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - (no file)
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)

    Ferme toutes les applications en cours (particulièrement ton navigateur Internet).
    Puis Fix Checked !

    ********

    Relance HijackThis

  • Clique sur Open the Misc Tools Section.
  • Choisis Delete an NT Service .
  • Tape CLTNetCnService et valide.

    *********

    Télécharge ToolsCleaner2 (de A.Rothstein)

  • Installe le sur ton Bureau.
  • Clique sur Recherche pour lancer le scan.
  • Clique sur Supprimer pour nettoyer les outils utilisés.
  • Clique sur Quitter.
  • Poste ce rapport ~>C:\TCleaner.txt<~

  • Garde Ccleaner, Avg (ou MBAM) et AntiVir si nous les avons installés..
  • Désactive-réactive la restauration système.
  • Rapporte ton infection sur Malware Complaints >Tuto<
  • Ton(tes) infection(s) : Lop.
  • Si tu ne la trouves pas dans la liste, poste dans Autres infections,

  • Mets ton ordi correctement à jour >ici<
  • Si ce n'est pas fait, assure-toi que les Mises à jour Automatiques Windows soient activées !

    Puis regarde ces dossiers :

    - Sécurité/Prévention
    - Conséquences de la multi-protection
    - Toolbars : Inutilité et ralentissements

    Bonne journée/soirée :) 
    23 Juin 2008 15:30:42

    Salut.

    J'ai cocher les ligne que tu m'a dit.

    J'ai relancé Hijackthis et fait ce que tu m'a dit mais quand j'ai entré CLTNetCnService ca m'a mis un message d'erreur :

    Service 'CLTNetCnService' was not found in the registry.

    Je me suis arrêté là..
    23 Juin 2008 16:45:43

    Ah ?!

    Curiosité..

    Poste un nouveau rapport HijackThis, on va regarder ça ;) 
    23 Juin 2008 20:04:16

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:07:51, on 23/06/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16681)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
    C:\Program Files\Inventel\Add-on\wlancfg.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files\Common Files\Teleca Shared\Generic.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Internet Explorer\IEUser.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
    O4 - HKLM\..\Run: [wlancfg] C:\Program Files\Inventel\Add-on\wlancfg.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
    O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O13 - Gopher Prefix:
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    --
    End of file - 6466 bytes
    23 Juin 2008 20:44:24

    Comprends pas pour le service ..

    C'est clean,
    @++ :) 
    23 Juin 2008 20:56:00

    ok bah merci beaucoup en tout cas c'est super sympa de ta part!
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS