PopUp intempestifs Sécurité IE avec Vista
Résolu/Fermé
Andisa
Messages postés
49
Date d'inscription
mardi 8 mai 2007
Statut
Membre
Dernière intervention
7 octobre 2008
-
12 oct. 2007 à 12:16
Andisa Messages postés 49 Date d'inscription mardi 8 mai 2007 Statut Membre Dernière intervention 7 octobre 2008 - 1 nov. 2007 à 19:18
Andisa Messages postés 49 Date d'inscription mardi 8 mai 2007 Statut Membre Dernière intervention 7 octobre 2008 - 1 nov. 2007 à 19:18
A voir également:
- PopUp intempestifs Sécurité IE avec Vista
- Mode securite - Guide
- Url masquée pour votre sécurité - Forum Programmation
- Telecharger windows vista gratuit - Télécharger - Divers Utilitaires
- Google payment ie ltd - Forum Consommation & Internet
- Prélèvement "CB Google" inconnu. Arnaque ? ✓ - Forum Consommation & Internet
21 réponses
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
12 oct. 2007 à 21:19
12 oct. 2007 à 21:19
Salut
Télécharge ceci :
Lien : hijackthis
Démo : http://pageperso.aol.fr/balltrap34/demohijack.htm
Choisir l'option "do a scan and a logfile", et faire un copier/coller du rapport ainsi générer sur le forum.
++
Télécharge ceci :
Lien : hijackthis
Démo : http://pageperso.aol.fr/balltrap34/demohijack.htm
Choisir l'option "do a scan and a logfile", et faire un copier/coller du rapport ainsi générer sur le forum.
++
Andisa
Messages postés
49
Date d'inscription
mardi 8 mai 2007
Statut
Membre
Dernière intervention
7 octobre 2008
13
12 oct. 2007 à 21:37
12 oct. 2007 à 21:37
Bonsoir green day,
Voici le rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:33:51, on 12/10/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Windows\sttray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\McAfee\MSK\mskagent.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\PROGRA~1\MICROS~3\OFFICE11\OUTLOOK.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: rightonadz browser optimizer - {971C3384-F75E-4562-95B3-CBE7417529BC} - C:\Windows\system32\gzmrotate.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [hid_start] C:\Windows\System32\Rundll32.exe "C:\Windows\system32\gzmrotate.dll" DllVerify
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1
O4 - HKUS\.DEFAULT\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Voici le rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:33:51, on 12/10/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Windows\sttray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\McAfee\MSK\mskagent.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\PROGRA~1\MICROS~3\OFFICE11\OUTLOOK.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: rightonadz browser optimizer - {971C3384-F75E-4562-95B3-CBE7417529BC} - C:\Windows\system32\gzmrotate.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [hid_start] C:\Windows\System32\Rundll32.exe "C:\Windows\system32\gzmrotate.dll" DllVerify
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1
O4 - HKUS\.DEFAULT\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
12 oct. 2007 à 21:50
12 oct. 2007 à 21:50
Ok, le message d'erreur est une bébéttes !
fais ce qui est indiqué ici stp :
virus methode preliminaire de desinfection version fr
++
fais ce qui est indiqué ici stp :
virus methode preliminaire de desinfection version fr
++
Andisa
Messages postés
49
Date d'inscription
mardi 8 mai 2007
Statut
Membre
Dernière intervention
7 octobre 2008
13
12 oct. 2007 à 22:53
12 oct. 2007 à 22:53
Pendant que ça scanne, peux-tu me dire de quelle bêbête il s'agit?
Merci
Andisa
Merci
Andisa
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
12 oct. 2007 à 23:04
12 oct. 2007 à 23:04
re
il s'agit de l'adware AdRotator/IconAds associé au fichier.dll suivant : gzmrotate.dll selon castelcops
il y a aussi pas ma de fichiers suspects dans les fichiers temps !
++
il s'agit de l'adware AdRotator/IconAds associé au fichier.dll suivant : gzmrotate.dll selon castelcops
il y a aussi pas ma de fichiers suspects dans les fichiers temps !
++
Andisa
Messages postés
49
Date d'inscription
mardi 8 mai 2007
Statut
Membre
Dernière intervention
7 octobre 2008
13
12 oct. 2007 à 23:08
12 oct. 2007 à 23:08
AdRotator a été supprimer hier via SuperAntiSpyware pro
Je viens de désactivier la protection sécurité internet de windows qui ne sert pas à grand chose faut bien le dire... Et je n'ai plus de pop up... Mais je continue les scans pour avoir ton avis final.
Merci!
Andisa
Je viens de désactivier la protection sécurité internet de windows qui ne sert pas à grand chose faut bien le dire... Et je n'ai plus de pop up... Mais je continue les scans pour avoir ton avis final.
Merci!
Andisa
Andisa
Messages postés
49
Date d'inscription
mardi 8 mai 2007
Statut
Membre
Dernière intervention
7 octobre 2008
13
12 oct. 2007 à 23:15
12 oct. 2007 à 23:15
Voici le rapport AVG Anti-spyware:
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 23:14:10 12/10/2007
+ Résultat de l'analyse:
C:\Users\Jean-Pierre\AppData\Roaming\Microsoft\Windows\Cookies\Low\jean-pierre@com[1].txt -> TrackingCookie.Com : Aucune action entreprise.
Fin du rapport
Andisa
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 23:14:10 12/10/2007
+ Résultat de l'analyse:
C:\Users\Jean-Pierre\AppData\Roaming\Microsoft\Windows\Cookies\Low\jean-pierre@com[1].txt -> TrackingCookie.Com : Aucune action entreprise.
Fin du rapport
Andisa
Andisa
Messages postés
49
Date d'inscription
mardi 8 mai 2007
Statut
Membre
Dernière intervention
7 octobre 2008
13
12 oct. 2007 à 23:21
12 oct. 2007 à 23:21
BitDefender ne peut pas checker mon PC mais ne dit pas pourquoi.....
Andisa
Andisa
Andisa
Messages postés
49
Date d'inscription
mardi 8 mai 2007
Statut
Membre
Dernière intervention
7 octobre 2008
13
12 oct. 2007 à 23:27
12 oct. 2007 à 23:27
Et voici le dernier scan HijackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:25:04, on 12/10/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\sttray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\McAfee\MSK\mskagent.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\MSN Messenger\livecall.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\PROGRA~1\MICROS~3\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\Temp\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: rightonadz browser optimizer - {971C3384-F75E-4562-95B3-CBE7417529BC} - C:\Windows\system32\gzmrotate.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [hid_start] C:\Windows\System32\Rundll32.exe "C:\Windows\system32\gzmrotate.dll" DllVerify
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Windows\Temp\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1
O4 - HKUS\.DEFAULT\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Windows\Temp\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:25:04, on 12/10/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\sttray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\McAfee\MSK\mskagent.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\MSN Messenger\livecall.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\PROGRA~1\MICROS~3\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\Temp\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: rightonadz browser optimizer - {971C3384-F75E-4562-95B3-CBE7417529BC} - C:\Windows\system32\gzmrotate.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [hid_start] C:\Windows\System32\Rundll32.exe "C:\Windows\system32\gzmrotate.dll" DllVerify
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Windows\Temp\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1
O4 - HKUS\.DEFAULT\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Windows\Temp\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
12 oct. 2007 à 23:30
12 oct. 2007 à 23:30
ok, pas grave ... ça doit être le reste de la bénétte ...
petite verif :
Télécharger ComboFix (par sUBs) sur le Bureau : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
* Démarrer en mode sans echec
* Double cliquer combofix.exe.
* Appuyer sur la touche Y (Yes) pour démarrer le scan
* Le rapport sera crée dans: C:\Combofix.txt
++
petite verif :
Télécharger ComboFix (par sUBs) sur le Bureau : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
* Démarrer en mode sans echec
* Double cliquer combofix.exe.
* Appuyer sur la touche Y (Yes) pour démarrer le scan
* Le rapport sera crée dans: C:\Combofix.txt
++
Andisa
Messages postés
49
Date d'inscription
mardi 8 mai 2007
Statut
Membre
Dernière intervention
7 octobre 2008
13
12 oct. 2007 à 23:53
12 oct. 2007 à 23:53
Et voici le rapport (très long...) de ComboFix:
ComboFix 07-10-12.4 - Isabelle 2007-10-12 23:44:02.1 - NTFSx86 NETWORK
Microsoft© Windows VistaT dition Familiale Premium 6.0.6000.0.1252.1.1036.18.1660 [GMT 2:00]
Running from: C:\Users\Isabelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WBF1ACNT\ComboFix[1].exe
.
((((((((((((((((((((((((((((( Fichiers créés 2007-09-12 to 2007-10-12 ))))))))))))))))))))))))))))))))))))
.
2007-10-12 23:35 51,200 --a------ C:\Windows\NirCmd.exe
2007-10-12 23:17 <REP> d-------- C:\Windows\BDOSCAN8
2007-10-12 22:29 <REP> d-------- C:\Users\Isabelle\AppData\Roaming\Grisoft
2007-10-12 22:29 <REP> d-------- C:\Users\All Users\Grisoft
2007-10-12 22:29 <REP> d-------- C:\ProgramData\Grisoft
2007-10-12 22:29 10,872 --a------ C:\Windows\System32\drivers\AvgAsCln.sys
2007-10-12 22:17 <REP> d-------- C:\Program Files\CCleaner
2007-10-12 21:31 <REP> d-------- C:\Program Files\Trend Micro
2007-10-11 21:37 <REP> d-------- C:\Users\Isabelle\AppData\Roaming\SUPERAntiSpyware.com
2007-10-11 21:37 <REP> d-------- C:\Users\All Users\SUPERAntiSpyware.com
2007-10-11 21:37 <REP> d-------- C:\ProgramData\SUPERAntiSpyware.com
2007-10-11 21:37 <REP> d-------- C:\Program Files\SUPERAntiSpyware
2007-10-11 21:36 <REP> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-10-11 19:48 <REP> d-------- C:\Users\All Users\Spybot - Search & Destroy
2007-10-11 19:48 <REP> d-------- C:\ProgramData\Spybot - Search & Destroy
2007-10-09 18:08 <REP> d-------- C:\Multimedia Files
2007-10-06 23:30 <REP> d-------- C:\Program Files\MSN Messenger
2007-10-06 23:03 27,620 --a------ C:\Users\Isabelle\AppData\Roaming\nvModes.dat
2007-10-06 22:55 <REP> dr------- C:\Users\Isabelle\Videos
2007-10-06 22:55 <REP> dr------- C:\Users\Isabelle\Searches
2007-10-06 22:55 <REP> dr------- C:\Users\Isabelle\Saved Games
2007-10-06 22:55 <REP> dr------- C:\Users\Isabelle\Pictures
2007-10-06 22:55 <REP> dr------- C:\Users\Isabelle\Music
2007-10-06 22:55 <REP> dr------- C:\Users\Isabelle\Links
2007-10-06 22:55 <REP> dr------- C:\Users\Isabelle\Downloads
2007-10-06 22:55 <REP> dr------- C:\Users\Isabelle\Documents
2007-10-06 22:55 <REP> dr------- C:\Users\Isabelle\Contacts
2007-10-06 22:55 <REP> d-------- C:\Users\Isabelle\Bluetooth Software
2007-10-06 22:55 <REP> d-------- C:\Users\Isabelle\AppData\Roaming\Roxio
2007-10-06 22:55 <REP> d-------- C:\Users\Isabelle\AppData\Roaming\Media Center Programs
2007-10-06 22:55 <REP> d--h----- C:\Users\Isabelle\AppData\Roaming\GTek
2007-10-06 22:55 <REP> d--h----- C:\Users\Isabelle\AppData
2007-10-06 22:54 27,905 --a------ C:\Users\Jean-Pierre\AppData\Roaming\nvModes.dat
2007-09-21 12:53 <REP> d-------- C:\Windows\PCHEALTH
2007-09-21 12:53 <REP> d-------- C:\Program Files\Microsoft.NET
2007-09-21 12:48 <REP> dr-h----- C:\MSOCache
2007-09-21 12:32 619,008 --a------ C:\Windows\System32\drivers\dxgkrnl.sys
2007-09-21 12:32 70,144 --a------ C:\Windows\System32\drivers\pacer.sys
2007-09-21 12:32 61,952 --a------ C:\Windows\System32\drivers\wanarp.sys
2007-09-21 12:32 48,640 --a------ C:\Windows\System32\drivers\ndproxy.sys
2007-09-21 12:32 20,480 --a------ C:\Windows\System32\drivers\ndistapi.sys
2007-09-21 12:29 63,488 --a------ C:\Windows\System32\drivers\mpsdrv.sys
2007-09-21 12:29 23,040 --a------ C:\Windows\System32\drivers\tunnel.sys
2007-09-21 12:29 15,360 --a------ C:\Windows\System32\drivers\TUNMP.SYS
2007-09-21 12:27 82,432 --a------ C:\Windows\System32\drivers\sdbus.sys
2007-09-21 12:23 12,800 --a------ C:\Windows\System32\drivers\fs_rec.sys
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-11 19:35 5,863,960 ----a-w C:\Users\Isabelle\SUPERAntiSpywarePro.exe
2007-10-11 19:26 904,048 ----a-w C:\Users\Isabelle\fsbl.exe
2007-10-11 17:28 --------- d-----w C:\Program Files\McAfee
2007-10-10 16:26 --------- d-----w C:\Program Files\Windows Mail
2007-10-07 11:45 45,240 ----a-w C:\Windows\system32\drivers\pciidex.sys
2007-10-07 11:45 28,344 ----a-w C:\Windows\system32\drivers\battc.sys
2007-10-07 11:45 258,232 ----a-w C:\Windows\system32\drivers\acpi.sys
2007-10-07 11:45 21,688 ----a-w C:\Windows\system32\drivers\atapi.sys
2007-10-07 11:45 20,920 ----a-w C:\Windows\system32\drivers\compbatt.sys
2007-10-07 11:45 16,056 ----a-w C:\Windows\system32\drivers\pciide.sys
2007-10-07 11:45 14,208 ----a-w C:\Windows\system32\drivers\CmBatt.sys
2007-10-07 11:45 110,264 ----a-w C:\Windows\system32\drivers\ataport.sys
2007-10-07 11:45 11,264 ----a-w C:\Windows\system32\drivers\wmiacpi.sys
2007-09-21 10:37 174 --sha-w C:\Program Files\desktop.ini
2007-09-21 10:34 --------- d-----w C:\Program Files\Windows Calendar
2007-09-21 10:10 --------- d--h--w C:\Users\Jean-Pierre\AppData\Roaming\GTek
2007-09-04 09:34 --------- d-----w C:\Users\Jean-Pierre\AppData\Roaming\Roxio
2007-09-04 09:31 --------- d-sh--w C:\ProgramData\Modèles
2007-09-04 09:31 --------- d-sh--w C:\ProgramData\Menu Démarrer
2007-09-04 09:31 --------- d-sh--w C:\ProgramData\Favoris
2007-09-04 09:31 --------- d-sh--w C:\ProgramData\Documents
2007-09-04 09:31 --------- d-sh--w C:\ProgramData\Bureau
2007-09-04 09:31 --------- d-sh--w C:\ProgramData\Application Data
2007-09-04 09:31 --------- d-sh--w C:\Program Files\Fichiers communs
2007-08-28 23:51 53,760 ----a-w C:\Windows\system32\drivers\hdaudbus.sys
2007-08-28 23:51 --------- d-----w C:\Program Files\DellTPad
2007-08-28 23:50 73,216 ----a-w C:\Windows\system32\drivers\usbccgp.sys
2007-08-28 23:50 5,888 ----a-w C:\Windows\system32\drivers\usbd.sys
2007-08-28 23:50 38,912 ----a-w C:\Windows\system32\drivers\hidclass.sys
2007-08-28 23:50 38,400 ----a-w C:\Windows\system32\drivers\usbehci.sys
2007-08-28 23:50 25,472 ----a-w C:\Windows\system32\drivers\hidparse.sys
2007-08-28 23:50 23,040 ----a-w C:\Windows\system32\drivers\usbuhci.sys
2007-08-28 23:50 224,768 ----a-w C:\Windows\system32\drivers\usbport.sys
2007-08-28 23:50 192,000 ----a-w C:\Windows\system32\drivers\usbhub.sys
2007-08-28 23:50 12,288 ----a-w C:\Windows\system32\drivers\hidusb.sys
2007-08-28 23:50 --------- d-----w C:\Program Files\Windows Defender
2007-08-28 23:49 74,752 ----a-w C:\Windows\system32\drivers\rasl2tp.sys
2007-08-28 23:49 60,928 ----a-w C:\Windows\system32\drivers\raspptp.sys
2007-08-28 23:49 51,896 ----a-w C:\Windows\system32\drivers\partmgr.sys
2007-08-28 23:49 29,184 ----a-w C:\Windows\system32\drivers\BTHUSB.SYS
2007-08-28 23:49 25,784 ------w C:\Windows\system32\drivers\msahci.sys
2007-08-28 23:49 220,160 ----a-w C:\Windows\system32\drivers\bthport.sys
2007-08-28 23:49 20,152 ------w C:\Windows\system32\drivers\viaide.sys
2007-08-28 23:49 19,456 ----a-w C:\Windows\system32\drivers\bthenum.sys
2007-08-28 23:49 19,128 ------w C:\Windows\system32\drivers\cmdide.sys
2007-08-28 23:49 18,104 ------w C:\Windows\system32\drivers\amdide.sys
2007-08-28 23:49 17,592 ----a-w C:\Windows\system32\drivers\intelide.sys
2007-08-28 23:49 17,592 ------w C:\Windows\system32\drivers\aliide.sys
2007-08-28 23:48 58,472 ------w C:\Windows\system32\drivers\ULIAGPKX.SYS
2007-08-28 23:48 54,888 ------w C:\Windows\system32\drivers\AMDAGP.SYS
2007-08-28 23:48 54,376 ------w C:\Windows\system32\drivers\VIAAGP.SYS
2007-08-28 23:48 53,864 ------w C:\Windows\system32\drivers\AGP440.sys
2007-08-28 23:48 53,352 ------w C:\Windows\system32\drivers\SISAGP.SYS
2007-08-28 23:48 50,792 ----a-w C:\Windows\system32\drivers\termdd.sys
2007-08-28 23:48 50,280 ----a-w C:\Windows\system32\drivers\volmgr.sys
2007-08-28 23:48 47,208 ------w C:\Windows\system32\drivers\isapnp.sys
2007-08-28 23:48 28,776 ----a-w C:\Windows\system32\drivers\mssmbios.sys
2007-08-28 23:48 242,688 ------w C:\Windows\system32\drivers\rdpdr.sys
2007-08-28 23:48 140,392 ----a-w C:\Windows\system32\drivers\pci.sys
2007-08-28 23:48 13,928 ----a-w C:\Windows\system32\drivers\msisadrv.sys
2007-08-28 23:48 12,776 ----a-w C:\Windows\system32\drivers\swenum.sys
2007-08-28 23:48 106,600 ------w C:\Windows\system32\drivers\NV_AGP.SYS
2007-08-28 23:44 4,875 ----a-w C:\Windows\system32\drivers\1028_Dell_INS_I1720.mrk
2007-08-28 16:29 --------- d-----w C:\ProgramData\Roxio
2007-08-28 16:26 --------- d-----w C:\Program Files\Orange
2007-08-28 16:26 --------- d-----w C:\Program Files\MAKEMSI Package Documentation
2007-08-28 16:26 --------- d-----w C:\Program Files\Dell
2007-08-28 16:25 --------- d-----w C:\ProgramData\SupportSoft
2007-08-28 16:25 --------- d-----w C:\Program Files\Google
2007-08-28 16:25 --------- d-----w C:\Program Files\Dell Support Center
2007-08-28 16:25 --------- d-----w C:\Program Files\Common Files\supportsoft
2007-08-28 16:25 --------- d-----w C:\Program Files\BAE
2007-08-28 16:24 --------- d-----w C:\ProgramData\Gtek
2007-08-28 16:24 --------- d-----w C:\Program Files\DellSupport
2007-08-28 16:23 --------- d-----w C:\ProgramData\Dell
2007-08-28 16:23 --------- d-----w C:\ProgramData\CyberLink
2007-08-28 16:23 --------- d-----w C:\Program Files\CyberLink
2007-08-28 16:22 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-08-28 16:22 --------- d-----w C:\ProgramData\McAfee
2007-08-28 16:21 --------- d-----w C:\Program Files\McAfee.com
2007-08-28 16:21 --------- d-----w C:\Program Files\Common Files\McAfee
2007-08-28 16:19 --------- d-----w C:\Program Files\Roxio
2007-08-28 16:19 --------- d-----w C:\Program Files\Common Files\Sonic Shared
2007-08-28 16:18 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-08-28 16:17 --------- d-----w C:\ProgramData\Sonic
2007-08-28 16:17 --------- d-----w C:\ProgramData\InstallShield
2007-08-28 16:17 --------- d-----w C:\Program Files\Common Files\SureThing Shared
2007-08-28 16:17 --------- d-----w C:\Program Files\Common Files\Roxio Shared
2007-08-28 16:15 --------- d-----w C:\Program Files\Microsoft Works
2007-08-28 16:15 --------- d-----w C:\Program Files\Common Files\Adobe
2007-08-28 16:13 --------- d-----w C:\Program Files\WIDCOMM
2007-08-28 16:12 --------- d-----w C:\Program Files\Creative Live! Cam
2007-08-28 16:12 --------- d-----w C:\Program Files\Creative
2007-08-28 16:12 --------- d-----w C:\Program Files\Common Files\Reallusion
2007-08-28 16:12 --------- d-----w C:\Program Files\Common Files\Creative
2007-08-28 16:11 --------- d-----w C:\Program Files\Digital Line Detect
2007-08-28 16:11 --------- d-----w C:\Program Files\Broadcom
2007-08-28 16:10 --------- d-----w C:\Program Files\NetWaiting
2007-08-28 16:10 --------- d-----w C:\Program Files\Modem Diagnostic Tool
2007-08-28 16:07 --------- d-----w C:\Program Files\SigmaTel
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{971C3384-F75E-4562-95B3-CBE7417529BC}]
2007-10-10 12:24 63488 --a------ C:\Windows\system32\gzmrotate.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-08-29 01:50]
"Apoint"="C:\Program Files\DellTPad\Apoint.exe" [2007-04-18 05:31]
"OEM02Mon.exe"="C:\Windows\OEM02Mon.exe" [2007-02-02 11:00]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-05-16 08:54]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-05-16 08:53]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-05-16 08:54]
"NVHotkey"="C:\Windows\system32\nvHotkey.dll" [2007-05-16 08:54]
"SunJavaUpdateSched"="c:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2007-08-28 18:06]
"SigmatelSysTrayApp"="sttray.exe" [2007-03-06 22:37 C:\Windows\sttray.exe]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 12:37]
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 12:22]
"MskAgentexe"="C:\Program Files\McAfee\MSK\MskAgent.exe" [2007-01-17 18:30]
"PCMService"="C:\Program Files\Dell\MediaDirect\PCMService.exe" [2007-04-16 17:10]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2007-03-16 12:50]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-28 18:25]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 12:35]
"hid_start"="C:\Windows\system32\gzmrotate.dll" [2007-10-10 12:24]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 13:09]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:35]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-05-02 20:08]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2006-11-02 14:35]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"DelayShred"="c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1.SH!
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-03 18:55:50]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2007-08-28 18:11:01]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]
QuickSet.lnk - C:\Windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe [2007-08-28 18:10:04]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
R3 NETw4v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits;C:\Windows\system32\DRIVERS\NETw4v32.sys
S2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter
S2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys
S3 btwaudio;Périphérique audio Bluetooth;C:\Windows\system32\drivers\btwaudio.sys
S3 btwavdt;Bluetooth AVDT Service;C:\Windows\system32\drivers\btwavdt.sys
S3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys
S3 nvlddmkm;nvlddmkm;C:\Windows\system32\DRIVERS\nvlddmkm.sys
S3 OEM02Dev;Creative Camera OEM002 Driver;C:\Windows\system32\DRIVERS\OEM02Dev.sys
S3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;C:\Windows\system32\DRIVERS\OEM02Vfx.sys
S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
bthsvcs BthServ
*Newly Created Service* - AVGASCLN
*Newly Created Service* - CATCHME
*Newly Created Service* - ECACHE
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-08-28 16:29:18 C:\Windows\Tasks\McDefragTask.job"
- c:\program files\mcafee\mqc\QcConsol.exe
"2007-08-28 16:29:18 C:\Windows\Tasks\McQcTask.job"
- c:\program files\mcafee\mqc\QcConsol.exe
"2007-10-12 21:19:08 C:\Windows\Tasks\User_Feed_Synchronization-{B9783D14-3EC4-4163-B3C8-D03CDF735B8A}.job"
.
**************************************************************************
catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-12 23:45:33
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-10-12 23:45:54
.
--- E O F ---
J'suis clean maintenant? ;))
Andisa
ComboFix 07-10-12.4 - Isabelle 2007-10-12 23:44:02.1 - NTFSx86 NETWORK
Microsoft© Windows VistaT dition Familiale Premium 6.0.6000.0.1252.1.1036.18.1660 [GMT 2:00]
Running from: C:\Users\Isabelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WBF1ACNT\ComboFix[1].exe
.
((((((((((((((((((((((((((((( Fichiers créés 2007-09-12 to 2007-10-12 ))))))))))))))))))))))))))))))))))))
.
2007-10-12 23:35 51,200 --a------ C:\Windows\NirCmd.exe
2007-10-12 23:17 <REP> d-------- C:\Windows\BDOSCAN8
2007-10-12 22:29 <REP> d-------- C:\Users\Isabelle\AppData\Roaming\Grisoft
2007-10-12 22:29 <REP> d-------- C:\Users\All Users\Grisoft
2007-10-12 22:29 <REP> d-------- C:\ProgramData\Grisoft
2007-10-12 22:29 10,872 --a------ C:\Windows\System32\drivers\AvgAsCln.sys
2007-10-12 22:17 <REP> d-------- C:\Program Files\CCleaner
2007-10-12 21:31 <REP> d-------- C:\Program Files\Trend Micro
2007-10-11 21:37 <REP> d-------- C:\Users\Isabelle\AppData\Roaming\SUPERAntiSpyware.com
2007-10-11 21:37 <REP> d-------- C:\Users\All Users\SUPERAntiSpyware.com
2007-10-11 21:37 <REP> d-------- C:\ProgramData\SUPERAntiSpyware.com
2007-10-11 21:37 <REP> d-------- C:\Program Files\SUPERAntiSpyware
2007-10-11 21:36 <REP> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-10-11 19:48 <REP> d-------- C:\Users\All Users\Spybot - Search & Destroy
2007-10-11 19:48 <REP> d-------- C:\ProgramData\Spybot - Search & Destroy
2007-10-09 18:08 <REP> d-------- C:\Multimedia Files
2007-10-06 23:30 <REP> d-------- C:\Program Files\MSN Messenger
2007-10-06 23:03 27,620 --a------ C:\Users\Isabelle\AppData\Roaming\nvModes.dat
2007-10-06 22:55 <REP> dr------- C:\Users\Isabelle\Videos
2007-10-06 22:55 <REP> dr------- C:\Users\Isabelle\Searches
2007-10-06 22:55 <REP> dr------- C:\Users\Isabelle\Saved Games
2007-10-06 22:55 <REP> dr------- C:\Users\Isabelle\Pictures
2007-10-06 22:55 <REP> dr------- C:\Users\Isabelle\Music
2007-10-06 22:55 <REP> dr------- C:\Users\Isabelle\Links
2007-10-06 22:55 <REP> dr------- C:\Users\Isabelle\Downloads
2007-10-06 22:55 <REP> dr------- C:\Users\Isabelle\Documents
2007-10-06 22:55 <REP> dr------- C:\Users\Isabelle\Contacts
2007-10-06 22:55 <REP> d-------- C:\Users\Isabelle\Bluetooth Software
2007-10-06 22:55 <REP> d-------- C:\Users\Isabelle\AppData\Roaming\Roxio
2007-10-06 22:55 <REP> d-------- C:\Users\Isabelle\AppData\Roaming\Media Center Programs
2007-10-06 22:55 <REP> d--h----- C:\Users\Isabelle\AppData\Roaming\GTek
2007-10-06 22:55 <REP> d--h----- C:\Users\Isabelle\AppData
2007-10-06 22:54 27,905 --a------ C:\Users\Jean-Pierre\AppData\Roaming\nvModes.dat
2007-09-21 12:53 <REP> d-------- C:\Windows\PCHEALTH
2007-09-21 12:53 <REP> d-------- C:\Program Files\Microsoft.NET
2007-09-21 12:48 <REP> dr-h----- C:\MSOCache
2007-09-21 12:32 619,008 --a------ C:\Windows\System32\drivers\dxgkrnl.sys
2007-09-21 12:32 70,144 --a------ C:\Windows\System32\drivers\pacer.sys
2007-09-21 12:32 61,952 --a------ C:\Windows\System32\drivers\wanarp.sys
2007-09-21 12:32 48,640 --a------ C:\Windows\System32\drivers\ndproxy.sys
2007-09-21 12:32 20,480 --a------ C:\Windows\System32\drivers\ndistapi.sys
2007-09-21 12:29 63,488 --a------ C:\Windows\System32\drivers\mpsdrv.sys
2007-09-21 12:29 23,040 --a------ C:\Windows\System32\drivers\tunnel.sys
2007-09-21 12:29 15,360 --a------ C:\Windows\System32\drivers\TUNMP.SYS
2007-09-21 12:27 82,432 --a------ C:\Windows\System32\drivers\sdbus.sys
2007-09-21 12:23 12,800 --a------ C:\Windows\System32\drivers\fs_rec.sys
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-10-11 19:35 5,863,960 ----a-w C:\Users\Isabelle\SUPERAntiSpywarePro.exe
2007-10-11 19:26 904,048 ----a-w C:\Users\Isabelle\fsbl.exe
2007-10-11 17:28 --------- d-----w C:\Program Files\McAfee
2007-10-10 16:26 --------- d-----w C:\Program Files\Windows Mail
2007-10-07 11:45 45,240 ----a-w C:\Windows\system32\drivers\pciidex.sys
2007-10-07 11:45 28,344 ----a-w C:\Windows\system32\drivers\battc.sys
2007-10-07 11:45 258,232 ----a-w C:\Windows\system32\drivers\acpi.sys
2007-10-07 11:45 21,688 ----a-w C:\Windows\system32\drivers\atapi.sys
2007-10-07 11:45 20,920 ----a-w C:\Windows\system32\drivers\compbatt.sys
2007-10-07 11:45 16,056 ----a-w C:\Windows\system32\drivers\pciide.sys
2007-10-07 11:45 14,208 ----a-w C:\Windows\system32\drivers\CmBatt.sys
2007-10-07 11:45 110,264 ----a-w C:\Windows\system32\drivers\ataport.sys
2007-10-07 11:45 11,264 ----a-w C:\Windows\system32\drivers\wmiacpi.sys
2007-09-21 10:37 174 --sha-w C:\Program Files\desktop.ini
2007-09-21 10:34 --------- d-----w C:\Program Files\Windows Calendar
2007-09-21 10:10 --------- d--h--w C:\Users\Jean-Pierre\AppData\Roaming\GTek
2007-09-04 09:34 --------- d-----w C:\Users\Jean-Pierre\AppData\Roaming\Roxio
2007-09-04 09:31 --------- d-sh--w C:\ProgramData\Modèles
2007-09-04 09:31 --------- d-sh--w C:\ProgramData\Menu Démarrer
2007-09-04 09:31 --------- d-sh--w C:\ProgramData\Favoris
2007-09-04 09:31 --------- d-sh--w C:\ProgramData\Documents
2007-09-04 09:31 --------- d-sh--w C:\ProgramData\Bureau
2007-09-04 09:31 --------- d-sh--w C:\ProgramData\Application Data
2007-09-04 09:31 --------- d-sh--w C:\Program Files\Fichiers communs
2007-08-28 23:51 53,760 ----a-w C:\Windows\system32\drivers\hdaudbus.sys
2007-08-28 23:51 --------- d-----w C:\Program Files\DellTPad
2007-08-28 23:50 73,216 ----a-w C:\Windows\system32\drivers\usbccgp.sys
2007-08-28 23:50 5,888 ----a-w C:\Windows\system32\drivers\usbd.sys
2007-08-28 23:50 38,912 ----a-w C:\Windows\system32\drivers\hidclass.sys
2007-08-28 23:50 38,400 ----a-w C:\Windows\system32\drivers\usbehci.sys
2007-08-28 23:50 25,472 ----a-w C:\Windows\system32\drivers\hidparse.sys
2007-08-28 23:50 23,040 ----a-w C:\Windows\system32\drivers\usbuhci.sys
2007-08-28 23:50 224,768 ----a-w C:\Windows\system32\drivers\usbport.sys
2007-08-28 23:50 192,000 ----a-w C:\Windows\system32\drivers\usbhub.sys
2007-08-28 23:50 12,288 ----a-w C:\Windows\system32\drivers\hidusb.sys
2007-08-28 23:50 --------- d-----w C:\Program Files\Windows Defender
2007-08-28 23:49 74,752 ----a-w C:\Windows\system32\drivers\rasl2tp.sys
2007-08-28 23:49 60,928 ----a-w C:\Windows\system32\drivers\raspptp.sys
2007-08-28 23:49 51,896 ----a-w C:\Windows\system32\drivers\partmgr.sys
2007-08-28 23:49 29,184 ----a-w C:\Windows\system32\drivers\BTHUSB.SYS
2007-08-28 23:49 25,784 ------w C:\Windows\system32\drivers\msahci.sys
2007-08-28 23:49 220,160 ----a-w C:\Windows\system32\drivers\bthport.sys
2007-08-28 23:49 20,152 ------w C:\Windows\system32\drivers\viaide.sys
2007-08-28 23:49 19,456 ----a-w C:\Windows\system32\drivers\bthenum.sys
2007-08-28 23:49 19,128 ------w C:\Windows\system32\drivers\cmdide.sys
2007-08-28 23:49 18,104 ------w C:\Windows\system32\drivers\amdide.sys
2007-08-28 23:49 17,592 ----a-w C:\Windows\system32\drivers\intelide.sys
2007-08-28 23:49 17,592 ------w C:\Windows\system32\drivers\aliide.sys
2007-08-28 23:48 58,472 ------w C:\Windows\system32\drivers\ULIAGPKX.SYS
2007-08-28 23:48 54,888 ------w C:\Windows\system32\drivers\AMDAGP.SYS
2007-08-28 23:48 54,376 ------w C:\Windows\system32\drivers\VIAAGP.SYS
2007-08-28 23:48 53,864 ------w C:\Windows\system32\drivers\AGP440.sys
2007-08-28 23:48 53,352 ------w C:\Windows\system32\drivers\SISAGP.SYS
2007-08-28 23:48 50,792 ----a-w C:\Windows\system32\drivers\termdd.sys
2007-08-28 23:48 50,280 ----a-w C:\Windows\system32\drivers\volmgr.sys
2007-08-28 23:48 47,208 ------w C:\Windows\system32\drivers\isapnp.sys
2007-08-28 23:48 28,776 ----a-w C:\Windows\system32\drivers\mssmbios.sys
2007-08-28 23:48 242,688 ------w C:\Windows\system32\drivers\rdpdr.sys
2007-08-28 23:48 140,392 ----a-w C:\Windows\system32\drivers\pci.sys
2007-08-28 23:48 13,928 ----a-w C:\Windows\system32\drivers\msisadrv.sys
2007-08-28 23:48 12,776 ----a-w C:\Windows\system32\drivers\swenum.sys
2007-08-28 23:48 106,600 ------w C:\Windows\system32\drivers\NV_AGP.SYS
2007-08-28 23:44 4,875 ----a-w C:\Windows\system32\drivers\1028_Dell_INS_I1720.mrk
2007-08-28 16:29 --------- d-----w C:\ProgramData\Roxio
2007-08-28 16:26 --------- d-----w C:\Program Files\Orange
2007-08-28 16:26 --------- d-----w C:\Program Files\MAKEMSI Package Documentation
2007-08-28 16:26 --------- d-----w C:\Program Files\Dell
2007-08-28 16:25 --------- d-----w C:\ProgramData\SupportSoft
2007-08-28 16:25 --------- d-----w C:\Program Files\Google
2007-08-28 16:25 --------- d-----w C:\Program Files\Dell Support Center
2007-08-28 16:25 --------- d-----w C:\Program Files\Common Files\supportsoft
2007-08-28 16:25 --------- d-----w C:\Program Files\BAE
2007-08-28 16:24 --------- d-----w C:\ProgramData\Gtek
2007-08-28 16:24 --------- d-----w C:\Program Files\DellSupport
2007-08-28 16:23 --------- d-----w C:\ProgramData\Dell
2007-08-28 16:23 --------- d-----w C:\ProgramData\CyberLink
2007-08-28 16:23 --------- d-----w C:\Program Files\CyberLink
2007-08-28 16:22 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-08-28 16:22 --------- d-----w C:\ProgramData\McAfee
2007-08-28 16:21 --------- d-----w C:\Program Files\McAfee.com
2007-08-28 16:21 --------- d-----w C:\Program Files\Common Files\McAfee
2007-08-28 16:19 --------- d-----w C:\Program Files\Roxio
2007-08-28 16:19 --------- d-----w C:\Program Files\Common Files\Sonic Shared
2007-08-28 16:18 --------- d-----w C:\Program Files\Common Files\InstallShield
2007-08-28 16:17 --------- d-----w C:\ProgramData\Sonic
2007-08-28 16:17 --------- d-----w C:\ProgramData\InstallShield
2007-08-28 16:17 --------- d-----w C:\Program Files\Common Files\SureThing Shared
2007-08-28 16:17 --------- d-----w C:\Program Files\Common Files\Roxio Shared
2007-08-28 16:15 --------- d-----w C:\Program Files\Microsoft Works
2007-08-28 16:15 --------- d-----w C:\Program Files\Common Files\Adobe
2007-08-28 16:13 --------- d-----w C:\Program Files\WIDCOMM
2007-08-28 16:12 --------- d-----w C:\Program Files\Creative Live! Cam
2007-08-28 16:12 --------- d-----w C:\Program Files\Creative
2007-08-28 16:12 --------- d-----w C:\Program Files\Common Files\Reallusion
2007-08-28 16:12 --------- d-----w C:\Program Files\Common Files\Creative
2007-08-28 16:11 --------- d-----w C:\Program Files\Digital Line Detect
2007-08-28 16:11 --------- d-----w C:\Program Files\Broadcom
2007-08-28 16:10 --------- d-----w C:\Program Files\NetWaiting
2007-08-28 16:10 --------- d-----w C:\Program Files\Modem Diagnostic Tool
2007-08-28 16:07 --------- d-----w C:\Program Files\SigmaTel
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{971C3384-F75E-4562-95B3-CBE7417529BC}]
2007-10-10 12:24 63488 --a------ C:\Windows\system32\gzmrotate.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-08-29 01:50]
"Apoint"="C:\Program Files\DellTPad\Apoint.exe" [2007-04-18 05:31]
"OEM02Mon.exe"="C:\Windows\OEM02Mon.exe" [2007-02-02 11:00]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-05-16 08:54]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-05-16 08:53]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-05-16 08:54]
"NVHotkey"="C:\Windows\system32\nvHotkey.dll" [2007-05-16 08:54]
"SunJavaUpdateSched"="c:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2007-08-28 18:06]
"SigmatelSysTrayApp"="sttray.exe" [2007-03-06 22:37 C:\Windows\sttray.exe]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 12:37]
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 12:22]
"MskAgentexe"="C:\Program Files\McAfee\MSK\MskAgent.exe" [2007-01-17 18:30]
"PCMService"="C:\Program Files\Dell\MediaDirect\PCMService.exe" [2007-04-16 17:10]
"ECenter"="c:\dell\E-Center\EULALauncher.exe" [2007-03-16 12:50]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-28 18:25]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 12:35]
"hid_start"="C:\Windows\system32\gzmrotate.dll" [2007-10-10 12:24]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 13:09]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:35]
"DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-05-02 20:08]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2006-11-02 14:35]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06]
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"DelayShred"="c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1.SH!
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-03 18:55:50]
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2007-08-28 18:11:01]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]
QuickSet.lnk - C:\Windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe [2007-08-28 18:10:04]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
R3 NETw4v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits;C:\Windows\system32\DRIVERS\NETw4v32.sys
S2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter
S2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys
S3 btwaudio;Périphérique audio Bluetooth;C:\Windows\system32\drivers\btwaudio.sys
S3 btwavdt;Bluetooth AVDT Service;C:\Windows\system32\drivers\btwavdt.sys
S3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys
S3 nvlddmkm;nvlddmkm;C:\Windows\system32\DRIVERS\nvlddmkm.sys
S3 OEM02Dev;Creative Camera OEM002 Driver;C:\Windows\system32\DRIVERS\OEM02Dev.sys
S3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;C:\Windows\system32\DRIVERS\OEM02Vfx.sys
S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum
bthsvcs BthServ
*Newly Created Service* - AVGASCLN
*Newly Created Service* - CATCHME
*Newly Created Service* - ECACHE
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-08-28 16:29:18 C:\Windows\Tasks\McDefragTask.job"
- c:\program files\mcafee\mqc\QcConsol.exe
"2007-08-28 16:29:18 C:\Windows\Tasks\McQcTask.job"
- c:\program files\mcafee\mqc\QcConsol.exe
"2007-10-12 21:19:08 C:\Windows\Tasks\User_Feed_Synchronization-{B9783D14-3EC4-4163-B3C8-D03CDF735B8A}.job"
.
**************************************************************************
catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-12 23:45:33
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-10-12 23:45:54
.
--- E O F ---
J'suis clean maintenant? ;))
Andisa
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
12 oct. 2007 à 23:55
12 oct. 2007 à 23:55
ok, je regarde, et te donne la suite demain !
je dois y aller
@+
;-)
je dois y aller
@+
;-)
Andisa
Messages postés
49
Date d'inscription
mardi 8 mai 2007
Statut
Membre
Dernière intervention
7 octobre 2008
13
13 oct. 2007 à 00:00
13 oct. 2007 à 00:00
Merci Docteur!!!
A demain!
Andisa
A demain!
Andisa
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
13 oct. 2007 à 12:53
13 oct. 2007 à 12:53
Salut
ok, poste un nouveau jijack stp
++
ok, poste un nouveau jijack stp
++
Andisa
Messages postés
49
Date d'inscription
mardi 8 mai 2007
Statut
Membre
Dernière intervention
7 octobre 2008
13
13 oct. 2007 à 14:52
13 oct. 2007 à 14:52
Bonjour,
Voici le dernier scan:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:48:48, on 13/10/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\sttray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\McAfee\MSK\mskagent.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conime.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: rightonadz browser optimizer - {971C3384-F75E-4562-95B3-CBE7417529BC} - C:\Windows\system32\gzmrotate.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [hid_start] C:\Windows\System32\Rundll32.exe "C:\Windows\system32\gzmrotate.dll" DllVerify
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1
O4 - HKUS\.DEFAULT\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AVG Anti-Spyware Guard - Unknown owner - C:\Windows\Temp\AVG Anti-Spyware 7.5\guard.exe (file missing)
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Voici le dernier scan:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:48:48, on 13/10/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\sttray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\McAfee\MSK\mskagent.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conime.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\DllHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: rightonadz browser optimizer - {971C3384-F75E-4562-95B3-CBE7417529BC} - C:\Windows\system32\gzmrotate.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [hid_start] C:\Windows\System32\Rundll32.exe "C:\Windows\system32\gzmrotate.dll" DllVerify
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1
O4 - HKUS\.DEFAULT\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AVG Anti-Spyware Guard - Unknown owner - C:\Windows\Temp\AVG Anti-Spyware 7.5\guard.exe (file missing)
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
13 oct. 2007 à 15:11
13 oct. 2007 à 15:11
ok,
Télécharge SDFix sur ton bureau
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.
Redémarre ton ordinateur en mode sans échec
Ouvre le dossier SDFix qui vient d'être créé sur le Bureau et double clique sur RunThis.bat pour lancer le script.
Appuie sur Y pour commencer le processus de nettoyage.
Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
Appuie sur une touche pour redémarrer le PC.
Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !
++
Télécharge SDFix sur ton bureau
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.
Redémarre ton ordinateur en mode sans échec
Ouvre le dossier SDFix qui vient d'être créé sur le Bureau et double clique sur RunThis.bat pour lancer le script.
Appuie sur Y pour commencer le processus de nettoyage.
Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
Appuie sur une touche pour redémarrer le PC.
Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !
++
Andisa
Messages postés
49
Date d'inscription
mardi 8 mai 2007
Statut
Membre
Dernière intervention
7 octobre 2008
13
13 oct. 2007 à 20:56
13 oct. 2007 à 20:56
Bon, un petit peu tard et en même temps (enfin presque!) que le coup d'envoi de la 1/2 finale, voici le rapport SDFix:
catchme 0.3.1160 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-13 20:38:51
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001c26f3e0f3]
"001247977094"=hex:31,38,0b,7e,55,31,8e,e4,e0,80,07,06,74,c7,20,41
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001c26f3e0f3]
"001247977094"=hex:31,38,0b,7e,55,31,8e,e4,e0,80,07,06,74,c7,20,41
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
C'est bien non???!!!!!
Et voici le HijackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:47:03, on 13/10/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\sttray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\McAfee\MSK\mskagent.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\MSN Messenger\livecall.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\PROGRA~1\MICROS~3\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchProtocolHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: rightonadz browser optimizer - {971C3384-F75E-4562-95B3-CBE7417529BC} - C:\Windows\system32\gzmrotate.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [hid_start] C:\Windows\System32\Rundll32.exe "C:\Windows\system32\gzmrotate.dll" DllVerify
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1
O4 - HKUS\.DEFAULT\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AVG Anti-Spyware Guard - Unknown owner - C:\Windows\Temp\AVG Anti-Spyware 7.5\guard.exe (file missing)
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
catchme 0.3.1160 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-13 20:38:51
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001c26f3e0f3]
"001247977094"=hex:31,38,0b,7e,55,31,8e,e4,e0,80,07,06,74,c7,20,41
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001c26f3e0f3]
"001247977094"=hex:31,38,0b,7e,55,31,8e,e4,e0,80,07,06,74,c7,20,41
scanning hidden registry entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
C'est bien non???!!!!!
Et voici le HijackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:47:03, on 13/10/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\sttray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\McAfee\MSK\mskagent.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\MSN Messenger\livecall.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\PROGRA~1\MICROS~3\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchProtocolHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: rightonadz browser optimizer - {971C3384-F75E-4562-95B3-CBE7417529BC} - C:\Windows\system32\gzmrotate.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [hid_start] C:\Windows\System32\Rundll32.exe "C:\Windows\system32\gzmrotate.dll" DllVerify
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1
O4 - HKUS\.DEFAULT\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AVG Anti-Spyware Guard - Unknown owner - C:\Windows\Temp\AVG Anti-Spyware 7.5\guard.exe (file missing)
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Andisa
Messages postés
49
Date d'inscription
mardi 8 mai 2007
Statut
Membre
Dernière intervention
7 octobre 2008
13
31 oct. 2007 à 21:04
31 oct. 2007 à 21:04
Désactivation Windows Defender, reconnu comme "virus" par McAfee...
Andisa
Andisa
Andisa
Messages postés
49
Date d'inscription
mardi 8 mai 2007
Statut
Membre
Dernière intervention
7 octobre 2008
13
31 oct. 2007 à 21:33
31 oct. 2007 à 21:33
Désactivation Windows Defender, reconnu comme "virus" par McAfee...
Andisa
Andisa
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
1 nov. 2007 à 18:48
1 nov. 2007 à 18:48
Salut
poste un nouveau hijack stp
windows defender n'est pas un virus, tu peux l'accepter si tu l'as installé !
++
poste un nouveau hijack stp
windows defender n'est pas un virus, tu peux l'accepter si tu l'as installé !
++