Infesté Generic.dx!js
Fermé
Stof35
-
2 juil. 2009 à 16:00
tchaning Messages postés 4533 Date d'inscription mardi 15 juillet 2008 Statut Membre Dernière intervention 13 juin 2014 - 3 juil. 2009 à 09:20
tchaning Messages postés 4533 Date d'inscription mardi 15 juillet 2008 Statut Membre Dernière intervention 13 juin 2014 - 3 juil. 2009 à 09:20
A voir également:
- Infesté Generic.dx!js
- Copiez l'image dans un logiciel d'édition d'images ou un outil en ligne comme js paint ou pixlr e. remplissez les cases en suivant le code couleur. des cases supplémentaires vont se remplir automatiquement. que représente le dessin ? ✓ - Forum Photoshop
- Pixlr - Forum Graphisme
- Arrondir js ✓ - Forum Windows
- Please enable js and disable any ad blocker - Forum Mozilla Firefox
- Arrondi js ✓ - Forum Windows
10 réponses
tchaning
Messages postés
4533
Date d'inscription
mardi 15 juillet 2008
Statut
Membre
Dernière intervention
13 juin 2014
298
2 juil. 2009 à 16:07
2 juil. 2009 à 16:07
telecharger, installer Hijackthis , faire un scan puis copier / coller le rapport générer ICI .
Merci
Merci
Merci
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:15:28, on 02/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\system32\basfipm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Hummingbird\DM Extensions\papihost.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
D:\applis\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\explorer.exe
D:\Applis\ReGet Software5\ReGet Deluxe\ReGetDx.exe
C:\Program Files\MSOffice2003\OFFICE11\OUTLOOK.EXE
C:\Program Files\Hummingbird\DM Extensions\DM.exe
C:\Program Files\MsOfficeXP\Office11\EXCEL.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MediaMonkey\MediaMonkey.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://prod/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.50.2.2:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ClickCatcher MSIE handler - {16664845-0E00-11D2-8059-000000000000} - C:\Program Files\Fichiers communs\ReGet Shared\Catcher.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google plugin - {684EE1DB-CD52-4ca9-9CCF-93D5F6B419BA} - kmsvc32.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: IE DevToolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ReGet Bar - {17939A30-18E2-471E-9D3A-56DD725F1215} - d:\applis\ReGet Software5\ReGet Deluxe\IEBar.dll
O3 - Toolbar: &Hummingbird DM - {83E8BF99-F3C0-4475-B453-9F9E8E4548C3} - C:\Program Files\Hummingbird\DM Extensions\DOCSShlToolBar.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PowerDOCSAPIHost] "C:\Program Files\Hummingbird\DM Extensions\papihost.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /F "C:\WINDOWS\TEMP\E_S1393.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\applis\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [nv3w9tprt1sccrhjg6598] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\if55mc.exe
O4 - HKCU\..\Run: [xgw8g3k0jo24a8pjlxt85yo5h] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\mbiocpt.exe
O4 - HKCU\..\Run: [k4z66yeyrsg2vgwvr9s5en] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\ky39jbv40.exe
O4 - HKCU\..\Run: [yn9r0w46edpidvyd] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\ky39jbv40.exe
O4 - HKCU\..\Run: [b4pc2ev9tvkye1sj0gm5a3db] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\s2fp3.exe
O4 - HKCU\..\Run: [jlh7slsueefb3] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\zegxc.exe
O4 - HKCU\..\Run: [bwl9xuh2h7kpsbbduga3vz6io] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\bief8ff3.exe
O4 - HKCU\..\Run: [uuz39oqo89byot] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\f7qxlbsy.exe
O4 - HKCU\..\Run: [l5ceiycnu5s6l] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\f7qxlbsy.exe
O4 - HKCU\..\Run: [aqqmk1j1ijyhvn] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\he3kqdqq8.exe
O4 - HKCU\..\Run: [o5a36cm6u5dle97lyl128] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\iys2er.exe
O4 - HKCU\..\Run: [ge3x5uaazje] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\ak4j7g.exe
O4 - HKCU\..\Run: [w6o7gbtjcet3lia] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\fih8uzt.exe
O4 - HKCU\..\Run: [u099jfm48aw] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\h0indss62l.exe
O4 - HKCU\..\Run: [zuk9wlqtx1dl5crnv9t94eojm3] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\mxs74mmp.exe
O4 - HKCU\..\Run: [f856hr4lx1varaw] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\pdwhv0f.exe
O4 - HKCU\..\Run: [odcaxs1ktgfbje0n0jwckhw1y51rj] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\cwyxm19.exe
O4 - HKCU\..\Run: [f11ajl1nvz0m35d0vv8] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\bextc.exe
O4 - HKCU\..\Run: [wldob1kg8hweectitxkx91s7] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\ca5b7726nn.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: zqosys32.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: Do&wnload by ReGet Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_Link.htm
O8 - Extra context menu item: Download A&ll by ReGet Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_All.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MSOFFI~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MSOFFI~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - d:\applis\Ghost Navigator2_6_0\Ghost (file missing)
O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - d:\applis\Ghost Navigator2_6_0\Ghost (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.pcclt2089
O15 - Trusted Zone: www.sib.fr
O15 - Trusted Zone: *.sib.fr
O15 - Trusted IP range: http://10.35.102.89
O16 - DPF: {205E7068-6D03-4566-AD06-A146B592FBA5} (Loader Class v2) - http://pcclt2010/TDBIN/Spider80.ocx
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - https://ocean.sib.fr/Citrix/MetaFrame1/ICAWEB_common/fr/ica32/wficat.cab
O16 - DPF: {44C7F862-906C-11D3-A8ED-0008C75B3588} (IEPAPI Class) - http://abysse/cyberdocs/DMExtensions/papibrdg.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {B91AEDBE-93DF-4017-8BB3-F1C300C0EC51} - http://abysse/cyberdocs/DMExtensions/deployment/setup.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = sib.fr
O17 - HKLM\Software\..\Telephony: DomainName = sib.fr
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D450C91-A2EA-4387-BF1B-B6C17754AEE5}: NameServer = 212.27.40.240,212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\..\{9539275B-A755-401A-B00A-FD21515E0C9C}: Domain = sib.fr
O17 - HKLM\System\CCS\Services\Tcpip\..\{9539275B-A755-401A-B00A-FD21515E0C9C}: NameServer = 10.35.100.226
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = sib.fr
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = sib.fr
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 10.35.100.226
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = sib.fr
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 10.35.100.226
O18 - Protocol: PCDOCS - {EDC110E5-4CFB-4FEE-813A-BF796297030E} - C:\Program Files\Hummingbird\DM Extensions\PwDMoniker.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Broadcom ASF IP monitoring service v6.0.4 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\system32\basfipm.exe
O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lich - Unknown owner - C:\WINDOWS\system32\lich.exe (file missing)
O23 - Service: McAfee Framework Service (mcafeeframework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: OracleOUIHomeClientCache - Unknown owner - c:\ora817\BIN\ONRSD.EXE
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:15:28, on 02/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\WINDOWS\system32\basfipm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Hummingbird\DM Extensions\papihost.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
D:\applis\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\WINDOWS\explorer.exe
D:\Applis\ReGet Software5\ReGet Deluxe\ReGetDx.exe
C:\Program Files\MSOffice2003\OFFICE11\OUTLOOK.EXE
C:\Program Files\Hummingbird\DM Extensions\DM.exe
C:\Program Files\MsOfficeXP\Office11\EXCEL.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MediaMonkey\MediaMonkey.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://prod/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.50.2.2:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ClickCatcher MSIE handler - {16664845-0E00-11D2-8059-000000000000} - C:\Program Files\Fichiers communs\ReGet Shared\Catcher.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google plugin - {684EE1DB-CD52-4ca9-9CCF-93D5F6B419BA} - kmsvc32.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: IE DevToolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ReGet Bar - {17939A30-18E2-471E-9D3A-56DD725F1215} - d:\applis\ReGet Software5\ReGet Deluxe\IEBar.dll
O3 - Toolbar: &Hummingbird DM - {83E8BF99-F3C0-4475-B453-9F9E8E4548C3} - C:\Program Files\Hummingbird\DM Extensions\DOCSShlToolBar.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PowerDOCSAPIHost] "C:\Program Files\Hummingbird\DM Extensions\papihost.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /F "C:\WINDOWS\TEMP\E_S1393.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\applis\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [nv3w9tprt1sccrhjg6598] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\if55mc.exe
O4 - HKCU\..\Run: [xgw8g3k0jo24a8pjlxt85yo5h] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\mbiocpt.exe
O4 - HKCU\..\Run: [k4z66yeyrsg2vgwvr9s5en] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\ky39jbv40.exe
O4 - HKCU\..\Run: [yn9r0w46edpidvyd] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\ky39jbv40.exe
O4 - HKCU\..\Run: [b4pc2ev9tvkye1sj0gm5a3db] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\s2fp3.exe
O4 - HKCU\..\Run: [jlh7slsueefb3] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\zegxc.exe
O4 - HKCU\..\Run: [bwl9xuh2h7kpsbbduga3vz6io] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\bief8ff3.exe
O4 - HKCU\..\Run: [uuz39oqo89byot] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\f7qxlbsy.exe
O4 - HKCU\..\Run: [l5ceiycnu5s6l] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\f7qxlbsy.exe
O4 - HKCU\..\Run: [aqqmk1j1ijyhvn] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\he3kqdqq8.exe
O4 - HKCU\..\Run: [o5a36cm6u5dle97lyl128] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\iys2er.exe
O4 - HKCU\..\Run: [ge3x5uaazje] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\ak4j7g.exe
O4 - HKCU\..\Run: [w6o7gbtjcet3lia] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\fih8uzt.exe
O4 - HKCU\..\Run: [u099jfm48aw] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\h0indss62l.exe
O4 - HKCU\..\Run: [zuk9wlqtx1dl5crnv9t94eojm3] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\mxs74mmp.exe
O4 - HKCU\..\Run: [f856hr4lx1varaw] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\pdwhv0f.exe
O4 - HKCU\..\Run: [odcaxs1ktgfbje0n0jwckhw1y51rj] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\cwyxm19.exe
O4 - HKCU\..\Run: [f11ajl1nvz0m35d0vv8] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\bextc.exe
O4 - HKCU\..\Run: [wldob1kg8hweectitxkx91s7] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\ca5b7726nn.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: zqosys32.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: Do&wnload by ReGet Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_Link.htm
O8 - Extra context menu item: Download A&ll by ReGet Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_All.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MSOFFI~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MSOFFI~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - d:\applis\Ghost Navigator2_6_0\Ghost (file missing)
O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - d:\applis\Ghost Navigator2_6_0\Ghost (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.pcclt2089
O15 - Trusted Zone: www.sib.fr
O15 - Trusted Zone: *.sib.fr
O15 - Trusted IP range: http://10.35.102.89
O16 - DPF: {205E7068-6D03-4566-AD06-A146B592FBA5} (Loader Class v2) - http://pcclt2010/TDBIN/Spider80.ocx
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - https://ocean.sib.fr/Citrix/MetaFrame1/ICAWEB_common/fr/ica32/wficat.cab
O16 - DPF: {44C7F862-906C-11D3-A8ED-0008C75B3588} (IEPAPI Class) - http://abysse/cyberdocs/DMExtensions/papibrdg.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {B91AEDBE-93DF-4017-8BB3-F1C300C0EC51} - http://abysse/cyberdocs/DMExtensions/deployment/setup.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = sib.fr
O17 - HKLM\Software\..\Telephony: DomainName = sib.fr
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D450C91-A2EA-4387-BF1B-B6C17754AEE5}: NameServer = 212.27.40.240,212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\..\{9539275B-A755-401A-B00A-FD21515E0C9C}: Domain = sib.fr
O17 - HKLM\System\CCS\Services\Tcpip\..\{9539275B-A755-401A-B00A-FD21515E0C9C}: NameServer = 10.35.100.226
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = sib.fr
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = sib.fr
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 10.35.100.226
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = sib.fr
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 10.35.100.226
O18 - Protocol: PCDOCS - {EDC110E5-4CFB-4FEE-813A-BF796297030E} - C:\Program Files\Hummingbird\DM Extensions\PwDMoniker.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Broadcom ASF IP monitoring service v6.0.4 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\system32\basfipm.exe
O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: lich - Unknown owner - C:\WINDOWS\system32\lich.exe (file missing)
O23 - Service: McAfee Framework Service (mcafeeframework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: OracleOUIHomeClientCache - Unknown owner - c:\ora817\BIN\ONRSD.EXE
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
tchaning
Messages postés
4533
Date d'inscription
mardi 15 juillet 2008
Statut
Membre
Dernière intervention
13 juin 2014
298
2 juil. 2009 à 16:25
2 juil. 2009 à 16:25
coche et fixed les lignes suivantes :
O2 - BHO: Google plugin - {684EE1DB-CD52-4ca9-9CCF-93D5F6B419BA} - kmsvc32.dll (file missing)
O4 - HKCU\..\Run: [nv3w9tprt1sccrhjg6598] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\if55mc.exe
O4 - HKCU\..\Run: [xgw8g3k0jo24a8pjlxt85yo5h] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\mbiocpt.exe
O4 - HKCU\..\Run: [k4z66yeyrsg2vgwvr9s5en] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\ky39jbv40.exe
- HKCU\..\Run: [yn9r0w46edpidvyd] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\ky39jbv40.exe
O4 - HKCU\..\Run: [jlh7slsueefb3] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\zegxc.exe
O4 - HKCU\..\Run: [bwl9xuh2h7kpsbbduga3vz6io] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\bief8ff3.exe
O4 - HKCU\..\Run: [uuz39oqo89byot] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\f7qxlbsy.exe
O4 - HKCU\..\Run: [l5ceiycnu5s6l] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\f7qxlbsy.exe
O4 - HKCU\..\Run: [aqqmk1j1ijyhvn] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\he3kqdqq8.exe
O4 - HKCU\..\Run: [ge3x5uaazje] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\ak4j7g.exe
O4 - HKCU\..\Run: [zuk9wlqtx1dl5crnv9t94eojm3] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\mxs74mmp.exe
O4 - HKCU\..\Run: [f856hr4lx1varaw] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\pdwhv0f.exe
O4 - HKCU\..\Run: [odcaxs1ktgfbje0n0jwckhw1y51rj] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\cwyxm19.exe
O4 - HKCU\..\Run: [f11ajl1nvz0m35d0vv8] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\bextc.exe
O4 - Startup: zqosys32.exe
O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - d:\applis\Ghost Navigator2_6_0\Ghost (file missing)
O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - d:\applis\Ghost Navigator2_6_0\Ghost (file missing)
O15 - Trusted Zone: *.pcclt2089
O15 - Trusted Zone: *.sib.fr
O16 - DPF: {205E7068-6D03-4566-AD06-A146B592FBA5} (Loader Class v2) - http://pcclt2010/TDBIN/Spider80.ocx
O16 - DPF: {44C7F862-906C-11D3-A8ED-0008C75B3588} (IEPAPI Class) - http://abysse/cyberdocs/DMExtensions/papibrdg.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = sib.fr
O17 - HKLM\Software\..\Telephony: DomainName = sib.fr
O17 - HKLM\System\CCS\Services\Tcpip\..\{9539275B-A755-401A-B00A-FD21515E0C9C}: Domain = sib.fr
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = sib.fr
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = sib.fr
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = sib.fr
O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: lich - Unknown owner - C:\WINDOWS\system32\lich.exe (file missing)
O2 - BHO: Google plugin - {684EE1DB-CD52-4ca9-9CCF-93D5F6B419BA} - kmsvc32.dll (file missing)
O4 - HKCU\..\Run: [nv3w9tprt1sccrhjg6598] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\if55mc.exe
O4 - HKCU\..\Run: [xgw8g3k0jo24a8pjlxt85yo5h] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\mbiocpt.exe
O4 - HKCU\..\Run: [k4z66yeyrsg2vgwvr9s5en] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\ky39jbv40.exe
- HKCU\..\Run: [yn9r0w46edpidvyd] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\ky39jbv40.exe
O4 - HKCU\..\Run: [jlh7slsueefb3] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\zegxc.exe
O4 - HKCU\..\Run: [bwl9xuh2h7kpsbbduga3vz6io] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\bief8ff3.exe
O4 - HKCU\..\Run: [uuz39oqo89byot] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\f7qxlbsy.exe
O4 - HKCU\..\Run: [l5ceiycnu5s6l] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\f7qxlbsy.exe
O4 - HKCU\..\Run: [aqqmk1j1ijyhvn] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\he3kqdqq8.exe
O4 - HKCU\..\Run: [ge3x5uaazje] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\ak4j7g.exe
O4 - HKCU\..\Run: [zuk9wlqtx1dl5crnv9t94eojm3] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\mxs74mmp.exe
O4 - HKCU\..\Run: [f856hr4lx1varaw] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\pdwhv0f.exe
O4 - HKCU\..\Run: [odcaxs1ktgfbje0n0jwckhw1y51rj] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\cwyxm19.exe
O4 - HKCU\..\Run: [f11ajl1nvz0m35d0vv8] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\bextc.exe
O4 - Startup: zqosys32.exe
O9 - Extra button: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - d:\applis\Ghost Navigator2_6_0\Ghost (file missing)
O9 - Extra 'Tools' menuitem: Ghost Navigator - {ECC5777A-6E88-BFCE-13CE-81F134789E7B} - d:\applis\Ghost Navigator2_6_0\Ghost (file missing)
O15 - Trusted Zone: *.pcclt2089
O15 - Trusted Zone: *.sib.fr
O16 - DPF: {205E7068-6D03-4566-AD06-A146B592FBA5} (Loader Class v2) - http://pcclt2010/TDBIN/Spider80.ocx
O16 - DPF: {44C7F862-906C-11D3-A8ED-0008C75B3588} (IEPAPI Class) - http://abysse/cyberdocs/DMExtensions/papibrdg.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = sib.fr
O17 - HKLM\Software\..\Telephony: DomainName = sib.fr
O17 - HKLM\System\CCS\Services\Tcpip\..\{9539275B-A755-401A-B00A-FD21515E0C9C}: Domain = sib.fr
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = sib.fr
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = sib.fr
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = sib.fr
O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: lich - Unknown owner - C:\WINDOWS\system32\lich.exe (file missing)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
2 juil. 2009 à 16:52
2 juil. 2009 à 16:52
FIXER UNE LIGNE NE SUPPRIME PAS L'INFECTION LE FICHIER ET TOUJOURS PRESENT DONC TU EST TOUJOURS INFECTER
tchaning
Messages postés
4533
Date d'inscription
mardi 15 juillet 2008
Statut
Membre
Dernière intervention
13 juin 2014
298
2 juil. 2009 à 16:54
2 juil. 2009 à 16:54
oOO c'est pas fini lol
tchaning
Messages postés
4533
Date d'inscription
mardi 15 juillet 2008
Statut
Membre
Dernière intervention
13 juin 2014
298
2 juil. 2009 à 19:39
2 juil. 2009 à 19:39
relance moi un scan hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 08:41:03, on 03/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\basfipm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Hummingbird\DM Extensions\papihost.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
D:\applis\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\MSOffice2003\OFFICE11\OUTLOOK.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://prod/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.50.2.2:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ClickCatcher MSIE handler - {16664845-0E00-11D2-8059-000000000000} - C:\Program Files\Fichiers communs\ReGet Shared\Catcher.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: IE DevToolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ReGet Bar - {17939A30-18E2-471E-9D3A-56DD725F1215} - d:\applis\ReGet Software5\ReGet Deluxe\IEBar.dll
O3 - Toolbar: &Hummingbird DM - {83E8BF99-F3C0-4475-B453-9F9E8E4548C3} - C:\Program Files\Hummingbird\DM Extensions\DOCSShlToolBar.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PowerDOCSAPIHost] "C:\Program Files\Hummingbird\DM Extensions\papihost.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /F "C:\WINDOWS\TEMP\E_S1393.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\applis\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [b4pc2ev9tvkye1sj0gm5a3db] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\s2fp3.exe
O4 - HKCU\..\Run: [o5a36cm6u5dle97lyl128] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\iys2er.exe
O4 - HKCU\..\Run: [w6o7gbtjcet3lia] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\fih8uzt.exe
O4 - HKCU\..\Run: [u099jfm48aw] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\h0indss62l.exe
O4 - HKCU\..\Run: [wldob1kg8hweectitxkx91s7] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\ca5b7726nn.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: Do&wnload by ReGet Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_Link.htm
O8 - Extra context menu item: Download A&ll by ReGet Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_All.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MSOFFI~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MSOFFI~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted IP range: http://10.35.102.89
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - https://ocean.sib.fr/Citrix/MetaFrame1/ICAWEB_common/fr/ica32/wficat.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {B91AEDBE-93DF-4017-8BB3-F1C300C0EC51} - http://abysse/cyberdocs/DMExtensions/deployment/setup.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = sib.fr
O17 - HKLM\Software\..\Telephony: DomainName = sib.fr
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D450C91-A2EA-4387-BF1B-B6C17754AEE5}: NameServer = 212.27.40.240,212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\..\{9539275B-A755-401A-B00A-FD21515E0C9C}: NameServer = 10.35.100.226
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = sib.fr
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 10.35.100.226
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 10.35.100.226
O18 - Protocol: PCDOCS - {EDC110E5-4CFB-4FEE-813A-BF796297030E} - C:\Program Files\Hummingbird\DM Extensions\PwDMoniker.DLL
O20 - Winlogon Notify: !saswinlogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Broadcom ASF IP monitoring service v6.0.4 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\system32\basfipm.exe
O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Framework Service (mcafeeframework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: OracleOUIHomeClientCache - Unknown owner - c:\ora817\BIN\ONRSD.EXE
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
Scan saved at 08:41:03, on 03/07/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\SCardSvr.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\basfipm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\McAfee\Common Framework\FrameworkService.exe
C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
C:\Program Files\McAfee\Common Framework\naPrdMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe
C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Apoint\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Hummingbird\DM Extensions\papihost.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
D:\applis\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\McAfee\Common Framework\UdaterUI.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\McAfee\Common Framework\McTray.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\MSOffice2003\OFFICE11\OUTLOOK.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://prod/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.50.2.2:3128
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ClickCatcher MSIE handler - {16664845-0E00-11D2-8059-000000000000} - C:\Program Files\Fichiers communs\ReGet Shared\Catcher.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan Enterprise\scriptcl.dll
O2 - BHO: IE DevToolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ReGet Bar - {17939A30-18E2-471E-9D3A-56DD725F1215} - d:\applis\ReGet Software5\ReGet Deluxe\IEBar.dll
O3 - Toolbar: &Hummingbird DM - {83E8BF99-F3C0-4475-B453-9F9E8E4548C3} - C:\Program Files\Hummingbird\DM Extensions\DOCSShlToolBar.dll
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [PowerDOCSAPIHost] "C:\Program Files\Hummingbird\DM Extensions\papihost.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\McAfee\VirusScan Enterprise\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /F "C:\WINDOWS\TEMP\E_S1393.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\applis\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [b4pc2ev9tvkye1sj0gm5a3db] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\s2fp3.exe
O4 - HKCU\..\Run: [o5a36cm6u5dle97lyl128] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\iys2er.exe
O4 - HKCU\..\Run: [w6o7gbtjcet3lia] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\fih8uzt.exe
O4 - HKCU\..\Run: [u099jfm48aw] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\h0indss62l.exe
O4 - HKCU\..\Run: [wldob1kg8hweectitxkx91s7] C:\DOCUME~1\MENGUAL\LOCALS~1\Temp\ca5b7726nn.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: VPN Client.lnk = ?
O8 - Extra context menu item: Do&wnload by ReGet Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_Link.htm
O8 - Extra context menu item: Download A&ll by ReGet Deluxe - C:\Program Files\Fichiers communs\ReGet Shared\CC_All.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MSOFFI~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MSOFFI~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted IP range: http://10.35.102.89
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - https://ocean.sib.fr/Citrix/MetaFrame1/ICAWEB_common/fr/ica32/wficat.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {B91AEDBE-93DF-4017-8BB3-F1C300C0EC51} - http://abysse/cyberdocs/DMExtensions/deployment/setup.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = sib.fr
O17 - HKLM\Software\..\Telephony: DomainName = sib.fr
O17 - HKLM\System\CCS\Services\Tcpip\..\{0D450C91-A2EA-4387-BF1B-B6C17754AEE5}: NameServer = 212.27.40.240,212.27.40.241
O17 - HKLM\System\CCS\Services\Tcpip\..\{9539275B-A755-401A-B00A-FD21515E0C9C}: NameServer = 10.35.100.226
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = sib.fr
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 10.35.100.226
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 10.35.100.226
O18 - Protocol: PCDOCS - {EDC110E5-4CFB-4FEE-813A-BF796297030E} - C:\Program Files\Hummingbird\DM Extensions\PwDMoniker.DLL
O20 - Winlogon Notify: !saswinlogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Broadcom ASF IP monitoring service v6.0.4 (BAsfIpM) - Broadcom Corp. - C:\WINDOWS\system32\basfipm.exe
O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: EvtEng - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Framework Service (mcafeeframework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe
O23 - Service: McAfee McShield (McShield) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\Mcshield.exe
O23 - Service: McAfee Task Manager (McTaskManager) - McAfee, Inc. - C:\Program Files\McAfee\VirusScan Enterprise\VsTskMgr.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: OracleOUIHomeClientCache - Unknown owner - c:\ora817\BIN\ONRSD.EXE
O23 - Service: RegSrvc - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
tchaning
Messages postés
4533
Date d'inscription
mardi 15 juillet 2008
Statut
Membre
Dernière intervention
13 juin 2014
298
3 juil. 2009 à 09:20
3 juil. 2009 à 09:20
coche et fix les lignes suivante :
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = sib.fr
O17 - HKLM\Software\..\Telephony: DomainName = sib.fr
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = sib.fr
O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\
ensuite telecharge CCLEANER (scan application + registre ) attention , sauvegarder un copie du registre avec de scanner :
http://ftpclubic22.clubic.com/...
Lance un scan antivirus : avira (gratuit) ou autre
Telecharge et installe (faire la mise a jour ) :
http://ftpclubic22.clubic.com/...
lance moi les rapport ici
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = sib.fr
O17 - HKLM\Software\..\Telephony: DomainName = sib.fr
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = sib.fr
O23 - Service: Service de transfert intelligent en arrière-plan (BITS) - Unknown owner - C:\WINDOWS\
ensuite telecharge CCLEANER (scan application + registre ) attention , sauvegarder un copie du registre avec de scanner :
http://ftpclubic22.clubic.com/...
Lance un scan antivirus : avira (gratuit) ou autre
Telecharge et installe (faire la mise a jour ) :
http://ftpclubic22.clubic.com/...
lance moi les rapport ici
