netera

Bonjour!!!
Voila J'ai un portable (Acer aspire3690 1.86Ghz-533fsb-1gb ddr2-80gb hd VISTA basic) que j'acheté il y à 4-5 moi. Le HD à l'origine ete de 10Gb(restoration) C:35gb et D:35Gb .Au debut tout a bien marché mais petit à petit mon HD C: s'avait rempli à 95% avec de mise à jour importantes et meme avec des defragmentation ext.. il m'avait relenti la navigation et le travail conssiderablement.
Je ne croit pas d'avoir ou an virus parce-que j'ai scané avec plusieurs outilles anti visur anti spy ext... mais qoi que???
Alors j'ai dessidé de formater le pc réinstaler Vista redimentioner
mes partitions en léssant plus de place pour C: mais la restoration de system avec les CD ROM de acer et parti sur la partition de sauvgarde et j'ai pas pu changer la dimention des partitions.
Mentenant J'ai Vista reinstaler mon hdC: et plen a 50% et mon ordi ram plus qu'avant . Je ne comprend pas toujour pas de virus et CPU à 95-100% ram utiliser à 60%
àpart que c'est la partition de sauvgarde qui et infécter???
Pas des ports ouverts
J'ai un probleme avec la ligne:
O4 - HKCU..Run: [?????????] ??????????????e
de HijackThis qui veut rien savor!!!
AV kaspesky
Spy bot
parfeux Windows

Voila 2 raport

le dernier scan de smitfraudfix
____________________________________________________
SmitFraudFix v2.277

Scan done at 12:55:27,05, 03/02/2008
Run from C:UsersPeterDesktopanti_spySmitfraudFix
OS: Microsoft Windows [version 6.0.6000] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:Windowssystem32csrss.exe
C:Windowssystem32wininit.exe
C:Windowssystem32csrss.exe
C:Windowssystem32winlogon.exe
C:Windowssystem32services.exe
C:Windowssystem32lsass.exe
C:Windowssystem32lsm.exe
C:Windowssystem32svchost.exe
C:Windowssystem32svchost.exe
C:WindowsSystem32svchost.exe
C:WindowsSystem32svchost.exe
C:WindowsSystem32svchost.exe
C:Windowssystem32svchost.exe
C:Windowssystem32SLsvc.exe
C:Windowssystem32svchost.exe
C:Windowssystem32svchost.exe
C:Program FilesLavasoftAd-Aware 2007aawservice.exe
C:WindowsSystem32spoolsv.exe
C:Windowssystem32svchost.exe
C:Program FilesKaspersky LabKaspersky Anti-Virus 7.0avp.exe
C:Program FilesAcerAcer ArcadeKernelTVCLCapSvc.exe
C:Program FilesAcerAcer ArcadeKernelCLML_NTServiceCLMLServer.exe
C:AcerEmpowering TechnologyeDataSecurityeDSService.exe
C:AcerEmpowering TechnologyeLockServiceeLockServ.exe
C:AcerEmpowering TechnologyeNeteNet Service.exe
C:Program FilesCommon FilesLightScribeLSSrvc.exe
C:AcerMobility CenterMobilityService.exe
C:Windowssystem32svchost.exe
C:Program FilesCyberLinkShared FilesRichVideo.exe
C:WindowsSystem32svchost.exe
C:Windowssystem32SearchIndexer.exe
C:Windowssystem32DRIVERSxaudio.exe
C:Program FilesAcerAcer ArcadeKernelTVCLSched.exe
C:AcerEmpowering TechnologyeRecoveryeRecoveryService.exe
C:AcerEmpowering TechnologyePowerePowerSvc.exe
C:Program FilesSpybot - Search & DestroySDWinSec.exe
C:Windowssystem32wbemwmiprvse.exe
C:Windowssystem32wbemunsecapp.exe
C:Windowssystem32 askeng.exe
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Windowssystem32 askeng.exe
C:WindowsSystem32igfxtray.exe
C:WindowsSystem32hkcmd.exe
C:WindowsSystem32igfxpers.exe
C:Program FilesSynapticsSynTPSynTPEnh.exe
C:AcerEmpowering TechnologyeDataSecurityeDSloader.exe
C:Program FilesAcerAcer ArcadePCMService.exe
C:Program FilesKaspersky LabKaspersky Anti-Virus 7.0avp.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Program FilesSpybot - Search & DestroyTeaTimer.exe
C:Program FilesPlasmatek SoftwareProtectXprotectx.exe
C:AcerEmpowering TechnologyENETENMTRAY.EXE
C:AcerEmpowering TechnologyEPOWEREPOWER_DMC.EXE
C:AcerEmpowering TechnologyeRecoveryERAGENT.EXE
C:Program FilesWindows Sidebarsidebar.exe
C:Windowssystem32wbemwmiprvse.exe
C:Program FilesMozilla Firefox 3 Beta 2firefox.exe
C:AcerEmpowering TechnologyeSettingsServicecapuserv.exe
C:Program FilesMicrosoft OfficeOffice12WINWORD.EXE
C:Windowssystem32conime.exe
C:Windowssystem32SearchProtocolHost.exe
C:Windowssystem32cmd.exe
C:Windowssystem32SearchFilterHost.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

hosts file corrupted !

127.0.0.1 legal-at-spybot.info
127.0.0.1 www.legal-at-spybot.info

»»»»»»»»»»»»»»»»»»»»»»»» C:


»»»»»»»»»»»»»»»»»»»»»»»» C:Windows


»»»»»»»»»»»»»»»»»»»»»»»» C:Windowssystem


»»»»»»»»»»»»»»»»»»»»»»»» C:WindowsWeb


»»»»»»»»»»»»»»»»»»»»»»»» C:Windowssystem32


»»»»»»»»»»»»»»»»»»»»»»»» C:Windowssystem32LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:UsersPeter


»»»»»»»»»»»»»»»»»»»»»»»» C:UsersPeterApplication Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu


»»»»»»»»»»»»»»»»»»»»»»»» C:UsersPeterFAVORI~1


»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» C:Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, following keys are not inevitably infected!!!

IEDFix.exe by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWindows]
"AppInit_DLLs"="C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll eNetHook.dll"


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogon]


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Palladia 300/400 Usb Adsl Modem
DNS Server Search Order: 192.168.1.1



»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End
_____________________________________________________
HijackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:05:24, on 03/02/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16575)
Boot mode: Normal

Running processes:
C:Windowssystem32Dwm.exe
C:WindowsExplorer.EXE
C:Windowssystem32 askeng.exe
C:WindowsSystem32igfxtray.exe
C:WindowsSystem32hkcmd.exe
C:WindowsSystem32igfxpers.exe
C:Program FilesSynapticsSynTPSynTPEnh.exe
C:AcerEmpowering TechnologyeDataSecurityeDSloader.exe
C:Program FilesAcerAcer ArcadePCMService.exe
C:Program FilesKaspersky LabKaspersky Anti-Virus 7.0avp.exe
C:Program FilesWindows Sidebarsidebar.exe
C:Program FilesSpybot - Search & DestroyTeaTimer.exe
C:Program FilesPlasmatek SoftwareProtectXprotectx.exe
C:AcerEmpowering TechnologyENETENMTRAY.EXE
C:AcerEmpowering TechnologyEPOWEREPOWER_DMC.EXE
C:AcerEmpowering TechnologyeRecoveryERAGENT.EXE
C:Program FilesWindows Sidebarsidebar.exe
C:Program FilesMozilla Firefox 3 Beta 2firefox.exe
C:Program FilesMicrosoft OfficeOffice12WINWORD.EXE
C:Windowssystem32conime.exe
C:Windows
otepad.exe
C:UsersPeterDesktopanti_spyHijackThisHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpnyt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:Program FilesYahoo!CompanionInstallscpnyt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_03inssv.dll
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:Windowssystem32ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:Windowssystem32eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpnyt.dll
O4 - HKLM..Run: [IgfxTray] C:Windowssystem32igfxtray.exe
O4 - HKLM..Run: [HotKeysCmds] C:Windowssystem32hkcmd.exe
O4 - HKLM..Run: [Persistence] C:Windowssystem32igfxpers.exe
O4 - HKLM..Run: [SynTPEnh] C:Program FilesSynapticsSynTPSynTPEnh.exe
O4 - HKLM..Run: [eDataSecurity Loader] C:AcerEmpowering TechnologyeDataSecurityeDSloader.exe
O4 - HKLM..Run: [PCMService] "C:Program FilesAcerAcer ArcadePCMService.exe"
O4 - HKLM..Run: [WarReg_PopUp] C:AcerWR_PopUpWarReg_PopUp.exe
O4 - HKLM..Run: [Acer Tour Reminder] C:AcerAcerTourReminder.exe
O4 - HKLM..Run: [AVP] "C:Program FilesKaspersky LabKaspersky Anti-Virus 7.0avp.exe"
O4 - HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 - HKCU..Run: [?????????] ??????????????e
O4 - HKCU..Run: [SpybotSD TeaTimer] C:Program FilesSpybot - Search & DestroyTeaTimer.exe
O4 - HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User 'SERVICE RESEAU')
O4 - Startup: ProtectX Hacker Defence Suite.lnk = C:Program FilesPlasmatek SoftwareProtectXprotectx.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Reader eader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_03inssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_03inssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:Program FilesKaspersky LabKaspersky Anti-Virus 7.0SCIEPlgn.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:PROGRA~1SPYBOT~1SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O20 - AppInit_DLLs: C:PROGRA~1KASPER~1KASPER~1.0 3hook.dll eNetHook.dll
O20 - Winlogon Notify: !SASWinLogon - C:Program FilesSUPERAntiSpywareSASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:Program FilesLavasoftAd-Aware 2007aawservice.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:Program FilesKaspersky LabKaspersky Anti-Virus 7.0avp.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:Program FilesAcerAcer ArcadeKernelTVCLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:Program FilesAcerAcer ArcadeKernelTVCLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe (file missing)
O23 - Service: CyberLink Media Library Service - Cyberlink - C:Program FilesAcerAcer ArcadeKernelCLML_NTServiceCLMLServer.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:AcerEmpowering TechnologyeDataSecurityeDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:AcerEmpowering TechnologyeLockServiceeLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:AcerEmpowering TechnologyeNeteNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:AcerEmpowering TechnologyeRecoveryeRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:AcerEmpowering TechnologyeSettingsServicecapuserv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:Program FilesCommon FilesLightScribeLSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:AcerMobility CenterMobilityService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:Program FilesCyberLinkShared FilesRichVideo.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:Program FilesSpybot - Search & DestroySDWinSec.exe
O23 - Service: ePower Service (WMIService) - acer - C:AcerEmpowering TechnologyePowerePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:Windowssystem32DRIVERSxaudio.exe

--
End of file - 7730 bytes

_______________________________________________________

Merci pour votre réponce!!!