Se connecter / S'enregistrer
Votre question

bug.. virus je croix

Tags :
  • Acer
  • Sécurité
Dernière réponse : dans Sécurité et virus
7 Mars 2008 17:26:38

bonjour a tous,
voila depuis quelque temps mon ordi bug en fin quand je ouvre un dossier ex.music ba y a la barre de zaches en bas qui disparait avec tous les incones apre 5 seconde sa revien mais sa ouvre pas le dossier
dite moi tout ce que vous pancer que sa soit

merci :bounce: 
peace

Autres pages sur : bug virus croix

a b 8 Sécurité
7 Mars 2008 18:43:31

Bonjour,

C'est effectivement bizarre.

Télécharge puis installe Hijackthis (Trend Micro).
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
7 Mars 2008 20:36:11

voila :D  j'espere que c'est ca :bounce:  merci de m'aider :hello: 

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:18:11, on 07.03.2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe
C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Common Files\Motive\MotiveBrowser.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Norton Security Scan\Nss.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Norton Security Scan\Nss.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.eazel.com/index.php?rvs=hompag
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBes1.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBes1.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBes1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Windows\system32\SysMonitor.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [PCMService] "C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe"
O4 - HKLM\..\Run: [MotiveReportAgent] "C:\Program Files\Common Files\Motive\McciBootStrapper.exe" /url="-url=file://C:\Program Files\Common Files\Motive\ReportAgent.html" /browsertype=CustomMSIE /browserpath="C:\Program Files\Common Files\Motive\MotiveBrowser.exe" /hidden
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [?????????] ??????????????e
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Way bits] "C:\ProgramData\save info info.xp0yz"
O4 - HKCU\..\Run: [Itch ford four knob] "C:\ProgramData\proxy less bash.48bqi"
O4 - HKCU\..\Run: [himem] "c:\windows\himem.exe" 3fff 8ffff
O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [d85dbdf1] rundll32.exe "C:\Users\ado\AppData\Local\Temp\smnvxoqh.dll",b
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\ado\AppData\Local\Temp\jkkhi.dll,c
O4 - HKCU\..\Run: [BMdb6e8e6d] Rundll32.exe "C:\Users\ado\AppData\Local\Temp\alcrqkng.dll",s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 11123 bytes
Contenus similaires
a b 8 Sécurité
7 Mars 2008 22:12:13

Re,

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

  • Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur combofix.exe afin de le lancer.
  • Tape sur la touche 1 (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
    7 Mars 2008 22:47:48

    dsl si c'est faux mais j'arrive pas mieu le systeme bug trop... :fou:  j'en ai marre :( 



    ComboFix 08-03-07.3 - ado 2008-03-07 22:39:01.1 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6000.0.1252.1.1036.18.183 [GMT 1:00]
    Endroit: C:\Users\ado\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4QGAEQUH\ComboFix[1].exe
    * Création d'un nouveau point de restauration
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Program Files\Common Files\SystemDoctor
    C:\Program Files\Common Files\SystemDoctor\err.log
    C:\Program Files\Common Files\winantivirus pro 2007
    C:\Program Files\Common Files\winantivirus pro 2007\err.log
    C:\Users\ado\AppData\Roaming\inst.exe
    C:\Users\ado\AppData\Roaming\WinAntiVirus Pro 2007
    C:\Users\ado\AppData\Roaming\WinAntiVirus Pro 2007\avtasks.dat
    C:\Users\ado\AppData\Roaming\WinAntiVirus Pro 2007\CookieList.dat
    C:\Users\ado\AppData\Roaming\WinAntiVirus Pro 2007\history.db
    C:\Users\ado\AppData\Roaming\WinAntiVirus Pro 2007\Logs\update.log
    C:\Users\ado\AppData\Roaming\WinAntiVirus Pro 2007\Logs\wa7Support.log
    C:\Users\ado\AppData\Roaming\WinAntiVirus Pro 2007\Logs\winav.log
    C:\Users\ado\AppData\Roaming\WinAntiVirus Pro 2007\PGE.dat
    C:\UWA7P

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-02-07 to 2008-03-07 ))))))))))))))))))))))))))))))))))))
    .

    Pas de nouveau fichier créé dans cet espace de temps

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-03-07 21:17 307,968 ----a-w C:\Windows\System32\TuneUpDefragService.exe
    2008-03-07 21:17 --------- d-----w C:\Users\ado\AppData\Roaming\TuneUp Software
    2008-03-07 21:17 --------- d-----w C:\Program Files\TuneUp Utilities 2008
    2008-03-07 21:17 --------- d-----w C:\PROGRA~2\TuneUp Software
    2008-03-07 21:15 --------- d-----w C:\Program Files\Common Files\Wise Installation Wizard
    2008-03-07 20:50 --------- d-----w C:\Program Files\Common Files\Symantec Shared
    2008-03-07 18:26 --------- d-----w C:\PROGRA~2\Lavasoft
    2008-03-07 18:23 --------- d-----w C:\Program Files\Lavasoft
    2008-03-07 18:16 --------- d-----w C:\Program Files\Trend Micro
    2008-03-07 18:03 --------- d-----w C:\Program Files\Norton Security Scan
    2008-03-07 17:51 --------- d-----w C:\Program Files\Nero
    2008-03-07 17:18 --------- d-----w C:\Users\ado\AppData\Roaming\uTorrent
    2008-03-07 16:56 --------- d-----w C:\Program Files\Common Files\Adobe
    2008-03-07 16:17 --------- d-----w C:\Program Files\Navilog1
    2008-03-07 12:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-03-06 21:33 5,048 ----a-w C:\Windows\System32\tmp.reg
    2008-03-06 21:26 --------- d-----w C:\Program Files\Ares
    2008-03-06 16:59 --------- d-----w C:\PROGRA~2\eMule
    2008-03-06 16:58 --------- d-----w C:\Program Files\SababaDC
    2008-03-05 21:29 82,432 ----a-w C:\Windows\System32\IEDFix.exe
    2008-03-05 17:02 --------- d-----w C:\Program Files\TubeMaster
    2008-03-02 17:08 --------- d-----w C:\Program Files\GTA3Mods
    2008-03-02 12:17 --------- d-----w C:\Program Files\Rockstar Games
    2008-03-02 09:26 --------- d-----w C:\Users\ado\AppData\Roaming\LimeWire
    2008-03-01 22:12 86,016 ----a-w C:\Windows\System32\VACFix.exe
    2008-02-29 11:31 --------- d-----w C:\Program Files\MSN Messenger
    2008-02-29 11:30 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
    2008-02-29 11:29 --------- d-----w C:\Program Files\Windows Live
    2008-02-29 11:28 --------- d-----w C:\PROGRA~2\WLInstaller
    2008-02-27 13:33 --------- d-----w C:\Program Files\Microsoft Silverlight
    2008-02-27 12:15 28,416 ----a-w C:\Windows\System32\uxtuneup.dll
    2008-02-27 12:15 16,640 ----a-w C:\Windows\System32\authuitu.dll
    2008-02-23 19:51 --------- d-----w C:\Program Files\TVAnts
    2008-02-21 20:37 --------- d-----w C:\Users\ado\AppData\Roaming\vlc
    2008-02-21 20:36 --------- d-----w C:\Program Files\VideoLAN
    2008-02-17 19:14 722 ---ha-w C:\os848618.bin
    2008-02-17 19:02 --------- d-----w C:\Program Files\Common Files\Vbox
    2008-02-17 18:09 --------- d-----w C:\Program Files\PhotoFiltre
    2008-02-15 21:28 --------- d-----w C:\Program Files\Windows Live Safety Center
    2008-02-13 16:49 47,360 ----a-w C:\Users\ado\AppData\Roaming\pcouffin.sys
    2008-02-13 16:49 --------- d-----w C:\Users\ado\AppData\Roaming\Vso
    2008-02-13 10:26 194,560 ----a-w C:\Windows\System32\WebClnt.dll
    2008-02-13 10:26 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
    2008-02-13 10:19 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
    2008-02-13 10:19 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
    2008-02-13 10:19 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
    2008-02-13 10:19 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
    2008-02-13 10:19 24,064 ----a-w C:\Windows\System32\netcfg.exe
    2008-02-13 10:19 22,016 ----a-w C:\Windows\System32\netiougc.exe
    2008-02-13 10:19 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
    2008-02-13 10:19 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
    2008-02-13 10:19 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
    2008-02-13 10:19 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
    2008-02-13 10:19 15,928 ----a-w C:\Windows\system32\drivers\pciide.sys
    2008-02-13 10:19 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
    2008-02-13 10:18 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
    2008-02-13 10:18 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
    2008-02-13 10:18 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
    2008-02-13 10:18 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
    2008-02-13 10:18 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
    2008-02-13 10:18 1,686,528 ----a-w C:\Windows\System32\gameux.dll
    2008-02-13 10:13 824,832 ----a-w C:\Windows\System32\wininet.dll
    2008-02-13 10:13 56,320 ----a-w C:\Windows\System32\iesetup.dll
    2008-02-13 10:13 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
    2008-02-13 10:13 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
    2008-02-11 19:12 47,360 ----a-w C:\Windows\system32\drivers\pcouffin.sys
    2008-02-11 16:21 --------- d-----w C:\Program Files\DivX
    2008-01-30 11:33 --------- d-----w C:\Program Files\SopCast
    2008-01-18 20:42 --------- d-----w C:\PROGRA~2\Symantec
    2008-01-14 20:07 --------- d-----w C:\Program Files\Brother
    2008-01-14 20:05 --------- d-----w C:\Users\ado\AppData\Roaming\InstallShield
    2008-01-14 20:04 --------- d-----w C:\Program Files\Nuance
    2008-01-14 20:04 --------- d-----w C:\PROGRA~2\ScanSoft
    2008-01-14 20:03 --------- d-----w C:\Program Files\Common Files\ScanSoft Shared
    2008-01-14 20:02 --------- d-----w C:\Program Files\ScanSoft
    2008-01-14 20:00 --------- d-----w C:\PROGRA~2\Brother
    2008-01-09 12:22 --------- d-----w C:\Program Files\Windows Mail
    2008-01-09 12:01 --------- d-----w C:\Program Files\Best_Security_Tips
    2008-01-09 11:50 --------- d-----w C:\Program Files\Windows Sidebar
    2008-01-09 11:48 1,060,920 ----a-w C:\Windows\system32\drivers\ntfs.sys
    2008-01-09 11:47 211,000 ----a-w C:\Windows\system32\drivers\volsnap.sys
    2008-01-09 11:47 11,776 ----a-w C:\Windows\System32\sbunattend.exe
    2008-01-09 11:18 524,288 ----a-w C:\Windows\System32\DivXsm.exe
    2008-01-09 11:18 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
    2008-01-09 11:18 200,704 ----a-w C:\Windows\System32\ssldivx.dll
    2008-01-09 11:18 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
    2008-01-09 11:16 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
    2008-01-09 11:16 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
    2008-01-09 11:16 81,920 ----a-w C:\Windows\System32\dpl100.dll
    2008-01-09 11:16 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
    2008-01-09 11:16 682,496 ----a-w C:\Windows\System32\DivX.dll
    2008-01-09 11:16 196,608 ----a-w C:\Windows\System32\dtu100.dll
    2007-12-14 10:32 12,632 ----a-w C:\Windows\System32\lsdelete.exe
    2007-12-13 13:38 73,216 ----a-w C:\Windows\ST6UNST.EXE
    2007-12-13 13:38 249,856 ------w C:\Windows\Setup1.exe
    2007-12-12 11:53 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
    2007-12-12 11:53 223,232 ----a-w C:\Windows\System32\WMASF.DLL
    2007-12-12 11:53 1,327,104 ----a-w C:\Windows\System32\quartz.dll
    2007-12-11 19:44 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
    2007-12-11 19:44 57,344 ----a-w C:\Windows\System32\dpv11.dll
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{da30eff8-ccc6-4162-a20d-67402a26a215}]
    2008-01-09 13:01 1502232 --a------ C:\Program Files\Best_Security_Tips\tbBes1.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{DA30EFF8-CCC6-4162-A20D-67402A26A215}"= "C:\Program Files\Best_Security_Tips\tbBes1.dll" [2008-01-09 13:01 1502232]

    [HKEY_CLASSES_ROOT\clsid\{da30eff8-ccc6-4162-a20d-67402a26a215}]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
    "{DA30EFF8-CCC6-4162-A20D-67402A26A215}"= C:\Program Files\Best_Security_Tips\tbBes1.dll [2008-01-09 13:01 1502232]

    [HKEY_CLASSES_ROOT\clsid\{da30eff8-ccc6-4162-a20d-67402a26a215}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-09 12:47 1232896]
    "WindowsWelcomeCenter"="oobefldr.dll" [2006-11-02 13:34 2159104 C:\Windows\System32\oobefldr.dll]
    "????r"="" []
    "?????????"="??????????????e" []
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
    "ares"="C:\Program Files\Ares\Ares.exe" [ ]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-10-20 16:02 171448]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46 1460560]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [ ]
    "Way bits"="C:\ProgramData\save info info.xp0yz" [ ]
    "Itch ford four knob"="C:\ProgramData\proxy less bash.48bqi" [ ]
    "himem"="c:\windows\himem.exe" [ ]
    "ISUSPM Startup"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [2005-08-11 14:30 249856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-09-17 21:05 1006264]
    "RtHDVCpl"="RtHDVCpl.exe" [2006-12-01 14:37 4186112 C:\Windows\RtHDVCpl.exe]
    "Acer Tour"="" []
    "Acer Empowering Technology Monitor"="C:\Windows\system32\SysMonitor.exe" [2006-11-23 15:24 319488]
    "WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 20:48 57344]
    "eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-02-06 23:04 464168]
    "eRecoveryService"="" []
    "PCMService"="C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe" [2006-11-25 00:57 151552]
    "MotiveReportAgent"="C:\Program Files\Common Files\Motive\McciBootStrapper.exe" [2005-12-16 12:40 202240]
    "LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 15:02 563984]
    "LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 15:06 2027792]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
    "Lexmark 1200 Series"="C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe" [ ]
    "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-09-12 05:28 86016]
    "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-09-12 05:28 8497696]
    "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-09-12 05:28 81920]
    "SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 09:03 210472]
    "PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 21:12 30248]
    "IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-29 21:10 46632]
    "PPort11reminder"="C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 13:46 255528]
    "BrMfcWnd"="C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-12 14:51 663552]
    "ControlCenter3"="C:\Program Files\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 15:58 65536]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
    Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 04:44:06 29696]
    Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2006-12-26 00:18:20 528384]

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "UacDisableNotify"=dword:00000001
    "InternetSettingsDisableNotify"=dword:00000001
    "AutoUpdateDisableNotify"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{7555F09B-0754-413A-B4E7-5BBE15848606}"= UDP:C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe:CyberLink PowerCinema Resident Program
    "{43E270A2-6FC2-4DD1-821B-EEE0BB1DEB8C}"= TCP:C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe:CyberLink PowerCinema Resident Program
    "TCP Query User{1BBE969F-1738-4EDF-8D8F-D6B72EC50E00}C:\program files\ares\ares.exe"= UDP:C:\program files\ares\ares.exe:Ares p2p for windows|Desc=Ares p2p for windows
    "UDP Query User{0F430538-EA2A-40A0-BBFD-EBDE735FD3BD}C:\program files\ares\ares.exe"= TCP:C:\program files\ares\ares.exe:Ares p2p for windows|Desc=Ares p2p for windows
    "TCP Query User{B269698E-ECC0-4589-A756-98CA1FBD63D9}C:\program files\limewire\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire|Desc=LimeWire
    "UDP Query User{01B467DA-CACB-4765-85CF-CBA83C848785}C:\program files\limewire\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire|Desc=LimeWire
    "{B5033EC7-732F-40DE-BC62-F5047EE07866}"= UDP:C:\Program Files\utorrent\utorrent.exe:µTorrent
    "{FB60646B-0B22-4562-987C-8AF7D058F3DD}"= TCP:C:\Program Files\utorrent\utorrent.exe:µTorrent
    "TCP Query User{08F587D7-5A55-43CE-85C3-E820D7C6CA70}C:\program files\emule\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule|Desc=eMule
    "UDP Query User{EDBA8E8B-D537-4527-B125-4834AC5DD3E0}C:\program files\emule\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule|Desc=eMule
    "TCP Query User{478BD115-6302-4040-889E-DF078357D02F}C:\program files\sababadc\sababadc.exe"= UDP:C:\program files\sababadc\sababadc.exe:SababaDC|Desc=SababaDC
    "UDP Query User{B1BC7FA1-C86F-4288-BC3D-90EA8685500F}C:\program files\sababadc\sababadc.exe"= TCP:C:\program files\sababadc\sababadc.exe:SababaDC|Desc=SababaDC
    "TCP Query User{E883E491-8357-4522-B5E6-4EDD08064436}C:\users\ado\downloads\752469@samp01b-server\samp-server.exe"= UDP:C:\users\ado\downloads\752469@samp01b-server\samp-server.exe:samp-server.exe|Desc=samp-server.exe
    "UDP Query User{051C309C-55A9-4ABC-81D3-F060D749FD5B}C:\users\ado\downloads\752469@samp01b-server\samp-server.exe"= TCP:C:\users\ado\downloads\752469@samp01b-server\samp-server.exe:samp-server.exe|Desc=samp-server.exe
    "TCP Query User{2ADB3372-2901-45A1-90F0-C445C7356069}C:\program files\common files\nero\nero web\setupx.exe"= UDP:C:\program files\common files\nero\nero web\setupx.exe:Nero Installer|Desc=Nero Installer
    "UDP Query User{2536DF90-7538-4A3C-B068-4E462FCB7900}C:\program files\common files\nero\nero web\setupx.exe"= TCP:C:\program files\common files\nero\nero web\setupx.exe:Nero Installer|Desc=Nero Installer
    "TCP Query User{E107E0A8-4785-4BB6-813E-9341081895E1}C:\users\ado\appdata\local\temp\onlineupdate8\setupxu.exe"= UDP:C:\users\ado\appdata\local\temp\onlineupdate8\setupxu.exe:setupxu.exe|Desc=setupxu.exe
    "UDP Query User{1D35970B-BC84-4957-9384-9A81608FC9F4}C:\users\ado\appdata\local\temp\onlineupdate8\setupxu.exe"= TCP:C:\users\ado\appdata\local\temp\onlineupdate8\setupxu.exe:setupxu.exe|Desc=setupxu.exe
    "TCP Query User{E487518F-8DC9-44FD-AE88-E9ED3A7BD0A0}C:\program files\dc++\dcplusplus.exe"= UDP:C:\program files\dc++\dcplusplus.exe:D C++|Desc=DC++
    "UDP Query User{A096AB6B-74C8-484B-ABC1-3BBB03788AAC}C:\program files\dc++\dcplusplus.exe"= TCP:C:\program files\dc++\dcplusplus.exe:D C++|Desc=DC++
    "{57641C82-1D49-4FBC-81FD-A2A16411853A}"= UDP:C:\Windows\System32\lxczcoms.exe:Lexmark Communications System
    "{1735046F-E435-4CC2-A8D5-C8762313B59A}"= TCP:C:\Windows\System32\lxczcoms.exe:Lexmark Communications System
    "{95802521-6988-49BA-A186-B720F58EA33E}"= UDP:C:\Windows\System32\spool\drivers\w32x86\3\lxczpswx.exe:p rinter Status Window
    "{0CA9FA8D-0C4A-4896-9D79-25863A04154D}"= TCP:C:\Windows\System32\spool\drivers\w32x86\3\lxczpswx.exe:p rinter Status Window
    "TCP Query User{F4856A94-6B09-4838-B488-75F903E66009}C:\program files\sopcast\adv\sopadver.exe"= UDP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver|Desc=SopCast Adver
    "UDP Query User{2BB3E653-F4BC-486D-AF80-C863C20559CF}C:\program files\sopcast\adv\sopadver.exe"= TCP:C:\program files\sopcast\adv\sopadver.exe:SopCast Adver|Desc=SopCast Adver
    "TCP Query User{7F86D674-EF0E-4EDE-BD1E-98CB16034299}C:\program files\sopcast\sopcast.exe"= UDP:C:\program files\sopcast\sopcast.exe:SopCast Main Application|Desc=SopCast Main Application
    "UDP Query User{9E7E9506-00F5-40E3-B920-889372F4C31E}C:\program files\sopcast\sopcast.exe"= TCP:C:\program files\sopcast\sopcast.exe:SopCast Main Application|Desc=SopCast Main Application
    "TCP Query User{D641A350-211A-4192-80BF-BB506ECD2547}C:\program files\internet explorer\iexplore.exe"= UDP:C:\program files\internet explorer\iexplore.exe:Internet Explorer|Desc=Internet Explorer
    "UDP Query User{470EEF7F-0563-4063-A179-4597F1878DE7}C:\program files\internet explorer\iexplore.exe"= TCP:C:\program files\internet explorer\iexplore.exe:Internet Explorer|Desc=Internet Explorer
    "TCP Query User{839CE8C7-D49F-4863-B9C6-4D8BB9EADEB5}C:\program files\tvants\tvants.exe"= UDP:C:\program files\tvants\tvants.exe:TVAnts|Desc=TVAnts
    "UDP Query User{B1128E75-6F1A-46B5-BAC5-AB2904CCFF14}C:\program files\tvants\tvants.exe"= TCP:C:\program files\tvants\tvants.exe:TVAnts|Desc=TVAnts
    "{471A8741-363A-42F2-AE82-8DBB4687D5F1}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)|Edge=TRUE|
    "TCP Query User{77EE5C7D-941B-4C46-B587-5E8AA116DF4E}C:\users\ado\appdata\local\microsoft\windows\temporary internet files\content.ie5\51nqzhz6\installer-13398-33-nero-general-clean-tool-french[1].exe"= UDP:C:\users\ado\appdata\local\microsoft\windows\temporary internet files\content.ie5\51nqzhz6\installer-13398-33-nero-general-clean-tool-french[1].exe:installer-13398-33-nero-general-clean-tool-french[1].exe|Desc=installer-13398-33-nero-general-clean-tool-french[1].exe
    "UDP Query User{C950A8F6-CCE0-46EA-A533-E829E4A84C03}C:\users\ado\appdata\local\microsoft\windows\temporary internet files\content.ie5\51nqzhz6\installer-13398-33-nero-general-clean-tool-french[1].exe"= TCP:C:\users\ado\appdata\local\microsoft\windows\temporary internet files\content.ie5\51nqzhz6\installer-13398-33-nero-general-clean-tool-french[1].exe:installer-13398-33-nero-general-clean-tool-french[1].exe|Desc=installer-13398-33-nero-general-clean-tool-french[1].exe

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
    "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
    "C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe"= C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu
    "C:\Acer\Empowering Technology\eDataSecurity\encryption.exe"= C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption
    "C:\Acer\Empowering Technology\eDataSecurity\decryption.exe"= C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:D ecryption

    R0 PSDFilter;PSDFilter;C:\Windows\system32\DRIVERS\psdfilter.sys [2007-02-06 23:04]
    R0 PSDNServ;PSDNSERVER;C:\Windows\system32\drivers\PSDNServ.sys [2007-02-06 23:04]
    R0 psdvdisk;psdvdisk;C:\Windows\system32\drivers\psdvdisk.sys [2006-11-08 15:11]
    R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2007-12-04 15:52]
    R2 eDataSecurity Service;eDSService.exe;"C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe" [2007-02-06 23:04]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2007-08-31 16:46]
    R2 UxTuneUp;TuneUp Extension de thème;C:\Windows\System32\svchost.exe [2006-11-02 10:45]
    R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-06 09:51]
    S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\Windows\System32\TuneUpDefragService.exe [2008-03-07 22:17]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
    bthsvcs REG_MULTI_SZ BthServ

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5f93e3b2-651e-11dc-9aa9-806e6f6e6963}]
    \shell\AutoRun\command - E:\setup.exe

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-03-07 21:22:23 C:\Windows\Tasks\Maintenance en 1 clic.job"
    - C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
    "2008-03-07 19:00:01 C:\Windows\Tasks\Norton Internet Security - Analyse système complète - ado.job"
    - c:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exeB/TASK:
    "2008-03-07 17:00:15 C:\Windows\Tasks\Norton Security Scan.job"
    - C:\Program Files\Norton Security Scan\Nss.exe
    "2008-03-07 18:32:41 C:\Windows\Tasks\User_Feed_Synchronization-{89FF33B0-A040-4317-86A0-4CEDC49DA3A5}.job"
    - C:\Windows\system32\msfeedssync.exe
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-07 22:43:37
    Windows 6.0.6000 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-03-07 22:45:23
    ComboFix-quarantined-files.txt 2008-03-07 21:45:16
    .
    2008-03-07 11:31:39 --- E O F ---
    a b 8 Sécurité
    8 Mars 2008 12:34:56

    Re,

    Reposte un rapport Hijackthis.
    8 Mars 2008 12:42:50

    voila :) 

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:18:11, on 07.03.2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16609)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Windows\System32\SysMonitor.exe
    C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe
    C:\Program Files\Common Files\logishrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Logitech\QuickCam\Quickcam.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    C:\Windows\System32\mobsync.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\Program Files\Common Files\Motive\MotiveBrowser.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
    C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
    C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
    C:\Program Files\Norton Security Scan\Nss.exe
    C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
    C:\Program Files\Norton Security Scan\Nss.exe
    C:\Program Files\Internet Explorer\ieuser.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Windows\explorer.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
    C:\Windows\system32\SearchFilterHost.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.eazel.com/index.php?rvs=hompag
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    R3 - URLSearchHook: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBes1.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBes1.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
    O3 - Toolbar: Best Security Tips Toolbar - {da30eff8-ccc6-4162-a20d-67402a26a215} - C:\Program Files\Best_Security_Tips\tbBes1.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Windows\system32\SysMonitor.exe
    O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
    O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
    O4 - HKLM\..\Run: [PCMService] "C:\Acer\Empowering Technology\eMode\PCM\PCMService.exe"
    O4 - HKLM\..\Run: [MotiveReportAgent] "C:\Program Files\Common Files\Motive\McciBootStrapper.exe" /url="-url=file://C:\Program Files\Common Files\Motive\ReportAgent.html" /browsertype=CustomMSIE /browserpath="C:\Program Files\Common Files\Motive\MotiveBrowser.exe" /hidden
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
    O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
    O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
    O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
    O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    O4 - HKCU\..\Run: [?????????] ??????????????e
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [Way bits] "C:\ProgramData\save info info.xp0yz"
    O4 - HKCU\..\Run: [Itch ford four knob] "C:\ProgramData\proxy less bash.48bqi"
    O4 - HKCU\..\Run: [himem] "c:\windows\himem.exe" 3fff 8ffff
    O4 - HKCU\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
    O4 - HKCU\..\Run: [d85dbdf1] rundll32.exe "C:\Users\ado\AppData\Local\Temp\smnvxoqh.dll",b
    O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\ado\AppData\Local\Temp\jkkhi.dll,c
    O4 - HKCU\..\Run: [BMdb6e8e6d] Rundll32.exe "C:\Users\ado\AppData\Local\Temp\alcrqkng.dll",s
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Empowering Technology Launcher.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLCapSvc.exe
    O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Acer\Empowering Technology\eMode\PCM\Kernel\TV\CLSched.exe
    O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
    O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
    O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
    O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

    --
    End of file - 11123 bytes
    a b 8 Sécurité
    8 Mars 2008 13:03:34

    Re,

    Télécharge Lop S&D.exe sur ton Bureau.
  • Double-clique dessus pour lancer l'installation
  • Clic-droit sur le raccourci Lop S&D puis Exécuter en tant qu'administrateur
  • Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)
  • Patiente jusqu'à la fin du scan
  • Poste le rapport généré (C:\lopR.txt)

    (Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS