Pbm iexplore.exe Résolu

Question

Bonjour,
 

Jai un iexplore.exe dns mon pc 

Je veux lenlever avec hijackthis mais je ne comprend pas la procedure 

Voici quand meme mon rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:28:44, on 20/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\system32\hphmon05.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32	askmgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.dell.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - C:\Program Files\MyWaySA\SrchAsDe\deSrcAs.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {68141ABC-0E6F-C1DD-265D-7577E6DF7EA9} - C:\DOCUME~1\ODETTE~1\APPLIC~1\AXISRE~1\Bows pop.exe (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [ShowLOMControl] 
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iso real pile send] C:\Documents and Settings\All Users\Application Data\mode jump iso real\SOAPJUNK.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting
etWaiting.exe
O4 - HKCU\..\Run: [TYPE LONG] C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata\IdleSoap.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin
pjpi142_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin
pjpi142_03.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{14D04463-D86E-48F4-9FE5-5DFEA849EC89}: NameServer = 217.19.192.132 217.19.192.131
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

Destrio5 · Answer

Salut,

---> Télécharge Lop S&D sur ton Bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
---> Désactive l'antivirus
---> Double-clique dessus pour lancer l'installation
---> Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau
---> Séléctionne la langue souhaitée, puis choisis l'option 1 (Recherche)
---> Patiente jusqu'à la fin du scan
---> Réactive l'antivirus
---> Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

Si tu as un problème pour utiliser Lop S&D, regarde dans le tutorial :
http://bibou0007.com/outils-specifiques-f78/tutorial-lop-sd-t956.htm#11431

leodu45 · Answer

Merci d'avoir repondue jessaye et je ten parle

leodu45 · Answer

Merci mais le pbm et ke je nai pas dantivirus

As tu un lien pour en avoir un ?

Destrio5 · Answer

Tu as Antivir :
https://www.clubic.com/telecharger-fiche10821-avira-antivir-personal-free-antivirus.html

Il est efficace et gratuit. Il est en anglais mais simple d'utilisation.

leodu45 · Answer

Voila mon rapport 


   --------------------\  Lop S&D 4.2.2-2  XP/Vista

   [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
   [ USER : Odette et Gaby ] [ "C:\Lop SD" ] [ Selection : 1 ]
   [ 20/07/2008 | 20:24:04,15 ] [ PC : D6SYW52J ]
   [ MAJ : 20-07-2008 | 12:15 ]
 
   --------------------\  Listing des dossiers dans Application Data  

   [29/03/2006|20:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\Corel
   [01/09/2005|07:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
   [01/09/2005|07:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
   [29/03/2006|20:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\Intel
   [01/09/2005|07:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
   [29/03/2006|20:15] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
   [29/03/2006|20:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver

   [29/03/2006|20:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [03/04/2006|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
   [01/09/2005|07:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
   [13/04/2008|23:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [20/07/2008|19:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
   [03/04/2006|18:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
   [29/03/2006|20:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
   [29/03/2006|20:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
   [28/05/2008|16:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does
   [29/03/2006|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
   [08/10/2006|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
   [08/10/2006|16:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com Personal Firewall
   [16/04/2006|14:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
   [18/04/2006|17:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [28/05/2008|16:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\mode jump iso real
   [08/10/2006|16:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Network Associates
   [29/03/2006|20:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QSLLPSVCShare
   [29/03/2006|20:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
   [18/04/2006|18:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
   [27/07/2007|15:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
   [29/03/2006|20:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
   [26/11/2006|17:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

   [29/03/2006|20:27] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Corel
   [01/09/2005|07:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
   [01/09/2005|07:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
   [29/03/2006|20:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
   [01/09/2005|07:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
   [29/03/2006|20:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
   [29/03/2006|20:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

   [03/04/2006|17:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee.com Personal Firewall
   [01/09/2005|07:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

   [03/07/2006|18:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Intel
   [01/09/2005|07:05] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

   [19/07/2008|19:21] C:\DOCUME~1\ODETTE~1\APPLIC~1\Adobe
   [20/01/2007|16:27] C:\DOCUME~1\ODETTE~1\APPLIC~1\ArcSoft
   [28/05/2008|16:04] C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata
   [01/09/2005|07:08] C:\DOCUME~1\ODETTE~1\APPLIC~1\desktop.ini
   [03/04/2006|18:46] C:\DOCUME~1\ODETTE~1\APPLIC~1\FotoWire
   [11/07/2007|22:59] C:\DOCUME~1\ODETTE~1\APPLIC~1\GDIPFONTCACHEV1.DAT
   [12/07/2007|14:53] C:\DOCUME~1\ODETTE~1\APPLIC~1\G-Force Prefs (WindowsMediaPlayer).txt
   [13/04/2008|23:27] C:\DOCUME~1\ODETTE~1\APPLIC~1\Google
   [01/09/2005|07:25] C:\DOCUME~1\ODETTE~1\APPLIC~1\Identities
   [29/03/2006|20:22] C:\DOCUME~1\ODETTE~1\APPLIC~1\Intel
   [18/04/2006|17:34] C:\DOCUME~1\ODETTE~1\APPLIC~1\Lavasoft
   [03/04/2006|17:38] C:\DOCUME~1\ODETTE~1\APPLIC~1\Leadertech
   [03/04/2006|17:33] C:\DOCUME~1\ODETTE~1\APPLIC~1\Macromedia
   [03/04/2006|17:33] C:\DOCUME~1\ODETTE~1\APPLIC~1\McAfee.com Personal Firewall
   [13/07/2007|10:12] C:\DOCUME~1\ODETTE~1\APPLIC~1\Microsoft
   [15/07/2008|22:17] C:\DOCUME~1\ODETTE~1\APPLIC~1\Mozilla
   [16/04/2006|14:35] C:\DOCUME~1\ODETTE~1\APPLIC~1\MSNInstaller
   [03/04/2006|17:39] C:\DOCUME~1\ODETTE~1\APPLIC~1\Sonic
   [29/03/2006|20:15] C:\DOCUME~1\ODETTE~1\APPLIC~1\Sun
   [29/03/2006|20:24] C:\DOCUME~1\ODETTE~1\APPLIC~1\You've Got Pictures Screensaver
 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [20/07/2008 20:00][--ah-----] C:\WINDOWS	asks\A7E2AA3891852584.job
   [04/01/2007 11:38][--a------] C:\WINDOWS	asks\HP DArC Task #Hewlett-Packard#7200#CN39N3B06RI5.job
   [20/07/2008 14:35][--a------] C:\WINDOWS	asks\HP Usg Daily.job
   [04/04/2006 17:15][--a------] C:\WINDOWS	asks\Rappel d'abonnement 1 auprŠs de l'ISP.job
   [20/07/2008 19:04][--ah-----] C:\WINDOWS	asks\SA.DAT
   [10/08/2004 13:00][-r-h-----] C:\WINDOWS	asks\desktop.ini

   ( A7E2AA3891852584.job )=( c:\docume~1\odette~1\applic~1\blahdata\surfdeadplan.exe )

   --------------------\  Listing des dossiers dans C:\Program Files

   [29/03/2006|20:25] C:\Program Files\Adobe
   [16/04/2006|15:25] C:\Program Files\Ahead
   [12/05/2007|17:27] C:\Program Files\ALO SOFT
   [20/01/2007|16:19] C:\Program Files\ArcSoft
   [11/12/2006|12:25] C:\Program Files\AvantGo Connect
   [28/05/2008|16:03] C:\Program Files\blahdata
   [20/07/2008|14:55] C:\Program Files\Bodom-Child - RaBBi
   [29/03/2006|20:21] C:\Program Files\Broadcom
   [03/04/2006|17:29] C:\Program Files\Cegetel
   [24/12/2007|11:58] C:\Program Files\Circle Developement
   [11/12/2006|12:24] C:\Program Files\Common Files
   [29/03/2006|20:19] C:\Program Files\CONEXANT
   [03/04/2006|18:36] C:\Program Files\Corel
   [29/03/2006|20:22] C:\Program Files\CyberLink
   [12/05/2007|16:22] C:\Program Files\Dell
   [29/03/2006|20:20] C:\Program Files\Digital Line Detect
   [12/05/2007|16:22] C:\Program Files\DivX
   [23/12/2006|14:07] C:\Program Files\EA Games
   [17/07/2008|18:06] C:\Program Files\eMule
   [12/05/2007|17:28] C:\Program Files\Fichiers communs
   [01/09/2005|07:27] C:\Program Files\FrenchOtto
   [13/04/2008|23:27] C:\Program Files\Google
   [03/04/2006|18:29] C:\Program Files\Hewlett-Packard
   [03/04/2006|18:29] C:\Program Files\HP
   [20/01/2007|16:19] C:\Program Files\InstallShield Installation Information
   [29/03/2006|20:21] C:\Program Files\Intel
   [12/06/2008|18:42] C:\Program Files\Internet Explorer
   [29/03/2006|20:15] C:\Program Files\Java
   [25/12/2007|15:19] C:\Program Files\JFDuke3D
   [18/04/2006|17:34] C:\Program Files\Lavasoft
   [29/03/2006|20:24] C:\Program Files\Learn2.com
   [03/04/2006|18:46] C:\Program Files\Logitech
   [29/03/2006|20:29] C:\Program Files\McAfee
   [29/03/2006|20:15] C:\Program Files\Messenger
   [24/12/2007|11:58] C:\Program Files\Messenger Plus! Live
   [16/04/2006|14:45] C:\Program Files\MessengerPlus! 3
   [11/12/2006|12:25] C:\Program Files\Microsoft ActiveSync
   [01/09/2005|07:18] C:\Program Files\microsoft frontpage
   [16/04/2006|16:40] C:\Program Files\Microsoft Office
   [29/03/2006|20:23] C:\Program Files\Microsoft Works
   [12/05/2007|16:22] C:\Program Files\Modem Helper
   [01/09/2005|07:12] C:\Program Files\Movie Maker
   [20/07/2008|20:19] C:\Program Files\Mozilla Firefox
   [16/04/2006|15:13] C:\Program Files\MSN
   [01/09/2005|07:12] C:\Program Files\MSN Gaming Zone
   [24/12/2007|11:57] C:\Program Files\MSN Messenger
   [17/08/2007|12:50] C:\Program Files\MSXML 4.0
   [29/03/2006|20:26] C:\Program Files\MyWaySA
   [01/09/2005|07:15] C:\Program Files\NetMeeting
   [08/10/2006|16:13] C:\Program Files\Network Associates
   [01/09/2005|07:13] C:\Program Files\Online Services
   [19/06/2007|16:01] C:\Program Files\Outlook Express
   [18/07/2008|17:06] C:\Program Files\PhotoFiltre
   [29/03/2006|20:24] C:\Program Files\QuickTime
   [29/03/2006|20:24] C:\Program Files\Real
   [15/06/2008|15:38] C:\Program Files\Registry Mechanic
   [15/07/2006|13:03] C:\Program Files\Rockstar Games
   [03/04/2006|17:30] C:\Program Files\SAGEM
   [01/09/2005|07:15] C:\Program Files\Services en ligne
   [29/03/2006|20:19] C:\Program Files\Sigmatel
   [16/04/2006|16:23] C:\Program Files\Smart Projects
   [04/09/2007|11:40] C:\Program Files\Spybot - Search & Destroy
   [29/03/2006|20:21] C:\Program Files\Synaptics
   [20/07/2008|19:28] C:\Program Files\Trend Micro
   [25/12/2006|13:21] C:\Program Files\ViaMichelin
   [29/03/2006|20:24] C:\Program Files\Viewpoint
   [15/08/2007|14:57] C:\Program Files\Windows Live
   [15/08/2007|16:10] C:\Program Files\Windows Media Player
   [01/09/2005|07:12] C:\Program Files\Windows NT
   [01/09/2005|07:12] C:\Program Files\Windows Plus
   [20/07/2008|14:54] C:\Program Files\WinRAR
   [01/09/2005|07:18] C:\Program Files\xerox

   --------------------\  Listing des dossiers dans C:\Program Files\Fichiers communs

   [03/04/2006|17:39] C:\Program Files\Fichiers communs\Adobe
   [12/05/2007|16:22] C:\Program Files\Fichiers communs\AOL
   [20/01/2007|16:21] C:\Program Files\Fichiers communs\ArcSoft
   [16/04/2006|16:40] C:\Program Files\Fichiers communs\Designer
   [03/04/2006|18:46] C:\Program Files\Fichiers communs\FotoWire
   [29/03/2006|20:26] C:\Program Files\Fichiers communs\InstallShield
   [29/03/2006|20:14] C:\Program Files\Fichiers communs\Java
   [03/04/2006|18:44] C:\Program Files\Fichiers communs\Logitech
   [09/08/2007|16:37] C:\Program Files\Fichiers communs\Microsoft Shared
   [01/09/2005|07:15] C:\Program Files\Fichiers communs\MSSoap
   [08/10/2006|16:13] C:\Program Files\Fichiers communs\Network Associates
   [29/03/2006|20:24] C:\Program Files\Fichiers communs\Nullsoft
   [12/05/2007|17:28] C:\Program Files\Fichiers communs\ODBC
   [29/03/2006|20:24] C:\Program Files\Fichiers communs\Real
   [01/09/2005|07:15] C:\Program Files\Fichiers communs\Services
   [04/04/2006|10:51] C:\Program Files\Fichiers communs\Sonic Shared
   [01/09/2005|07:08] C:\Program Files\Fichiers communs\SpeechEngines
   [19/06/2007|16:01] C:\Program Files\Fichiers communs\System

   --------------------\  Process

   ( 71 Processus )

   iexplore.exe ~ [3356]
   iexplore.exe ~ [1336]
   MsgPlus.exe ~ [2916]

   --------------------\  Recherche avec S_Lop

   C:\DOCUME~1\ODETTE~1\LOCALS~1\Temp\bis7.exe
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does
   C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\Itch Defy.exe
   C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata
   C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata\atsfhher.exe
   C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata\bpnsmcfm.exe
   C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata\cejhcxci.exe
   C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata\geexdnif.exe
   C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata\IdleSoap.exe
   C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata\mags heart rect bits.exe
   C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata
pxrqgrr.exe
   C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata\ssywetnz.exe
   C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata\surf dead plan.exe
   C:\Program Files\blahdata
   C:\Program Files\Circle Developement
   C:\Program Files\Circle Developement\Uninstall.exe
   C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@advertstream[1].txt
   C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@adin.bigpoint[2].txt
   C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@bigpoint[2].txt
   C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@fr1.seafight.bigpoint[1].txt
   C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@banner.cotedazurpalace[2].txt
   C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@cotedazurpalace[2].txt
   C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@adopt.euroclick[1].txt
   C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@pacificpoker[1].txt
   C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@partygaming.122.2o7[1].txt
   C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@partypoker[1].txt
   C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@fr1.seafight.bigpoint[1].txt
   C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@32vegas[2].txt
   C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@banner.32vegas[2].txt
   C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@vegas-millions[1].txt
   C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@2xmoinscher[2].txt
   C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@www.2xmoinscher[2].txt
   C:\WINDOWS\Tasks\A7E2AA3891852584.job
 
   --------------------\  Verification du Registre

   [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] 
   "TYPE LONG"="C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata\IdleSoap.exe"

   [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

   --------------------\  Verification du fichier Hosts

   Fichier Hosts MODIFIE

   127.0.0.1 bin.errorprotector.com ## added by CiD
   127.0.0.1 br.errorsafe.com ## added by CiD
   127.0.0.1 br.winantivirus.com ## added by CiD
   127.0.0.1 br.winfixer.com ## added by CiD
   127.0.0.1 cdn.drivecleaner.com ## added by CiD
   127.0.0.1 cdn.errorsafe.com ## added by CiD
   127.0.0.1 cdn.winsoftware.com ## added by CiD
   127.0.0.1 de.errorsafe.com ## added by CiD
   127.0.0.1 de.winantivirus.com ## added by CiD
   127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
   127.0.0.1 download.cdn.errorsafe.com ## added by CiD
   127.0.0.1 download.cdn.winsoftware.com ## added by CiD
   127.0.0.1 download.errorsafe.com ## added by CiD
   127.0.0.1 download.systemdoctor.com ## added by CiD
   127.0.0.1 download.winantispyware.com ## added by CiD
   127.0.0.1 download.windrivecleaner.com ## added by CiD
   127.0.0.1 download.winfixer.com ## added by CiD
   127.0.0.1 drivecleaner.com ## added by CiD
   127.0.0.1 dynamique.drivecleaner.com ## added by CiD
   127.0.0.1 errorprotector.com ## added by CiD
   127.0.0.1 errorsafe.com ## added by CiD
   127.0.0.1 es.winantivirus.com ## added by CiD
   127.0.0.1 fr.winantivirus.com ## added by CiD
   127.0.0.1 fr.winfixer.com ## added by CiD
   127.0.0.1 go.drivecleaner.com ## added by CiD
   127.0.0.1 go.errorsafe.com ## added by CiD
   127.0.0.1 go.winantispyware.com ## added by CiD
   127.0.0.1 go.winantivirus.com ## added by CiD
   127.0.0.1 hk.winantivirus.com ## added by CiD
   127.0.0.1 instlog.errorsafe.com ## added by CiD
   127.0.0.1 instlog.winantivirus.com ## added by CiD
   127.0.0.1 instlog.winfixer.com ## added by CiD
   127.0.0.1 jsp.drivecleaner.com ## added by CiD
   127.0.0.1 kb.errorsafe.com ## added by CiD
   127.0.0.1 kb.winantivirus.com ## added by CiD
   127.0.0.1 nl.errorsafe.com ## added by CiD
   127.0.0.1 se.errorsafe.com ## added by CiD
   127.0.0.1 secure.drivecleaner.com ## added by CiD
   127.0.0.1 secure.errorsafe.com ## added by CiD
   127.0.0.1 secure.winantispam.com ## added by CiD
   127.0.0.1 secure.winantispy.com ## added by CiD
   127.0.0.1 secure.winantivirus.com ## added by CiD
   127.0.0.1 support.winantivirus.com ## added by CiD
   127.0.0.1 trial.updates.winsoftware.com ## added by CiD
   127.0.0.1 ulog.winantivirus.com ## added by CiD
   127.0.0.1 utils.errorsafe.com ## added by CiD
   127.0.0.1 utils.winantivirus.com ## added by CiD
   127.0.0.1 utils.winfixer.com ## added by CiD
   127.0.0.1 winantispyware.com ## added by CiD
   127.0.0.1 winantivirus.com ## added by CiD
   127.0.0.1 winfixer.com ## added by CiD
   127.0.0.1 winfixer2006.com ## added by CiD
   127.0.0.1 winsoftware.com ## added by CiD
   127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
   127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
   127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
   127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
   127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
   127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
   127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
   127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
   127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
   127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
   127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
   127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
   127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
   127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
   127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
   127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
   127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

   -> 72 [ 70 ## added by CiD ]

   /!\ 1 Not 127.0.0.1  !!

   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-07-20 20:24:48
   Windows 5.1.2600 Service Pack 2 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 1
 
   --------------------\  Recherche d'autres infections


   Aucune autre infection trouvée  !

   [F:2038][D:63]-> C:\DOCUME~1\ODETTE~1\LOCALS~1\Temp
   [F:530][D:0]-> C:\DOCUME~1\ODETTE~1\Cookies
   [F:20249][D:26]-> C:\DOCUME~1\ODETTE~1\LOCALS~1\TEMPOR~1\content.IE5

   --------------------\  Fin du rapport a 20:26:15,73

Destrio5 · Answer

---> Relance Lop S&D
---> Choisis cette fois-ci l'option 2 (Suppression)
---> Ne ferme pas la fenêtre lors de la suppression !
---> Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparait pas, presse Ctrl+Alt+Suppr, Onglet Fichier, Nouvelle tâche, tape explorer.exe et valide)

leodu45 · Answer

ok mrci

leodu45 · Answer

Voila jai refait la recherche voila mon rapport 

oci il a trouvé un trojant dans un dossier 

ece se ke je vais suprimer le dossier ? 



   --------------------\  Lop S&D 4.2.2-2  XP/Vista

   [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
   [ USER : Odette et Gaby ] [ "C:\Lop SD" ] [ Selection : 2 ]
   [ 20/07/2008 | 20:29:32,01 ] [ PC : D6SYW52J ]
   [ MAJ : 20-07-2008 | 12:15 ]


   \\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

   Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does\Itch Defy.exe
   Supprime! - C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata\atsfhher.exe
   Supprime! - C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata\bpnsmcfm.exe
   Supprime! - C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata\cejhcxci.exe
   Supprime! - C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata\geexdnif.exe
   Supprime! - C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata\IdleSoap.exe
   Supprime! - C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata\mags heart rect bits.exe
   Supprime! - C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata
pxrqgrr.exe
   Supprime! - C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata\ssywetnz.exe
   Supprime! - C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata\surf dead plan.exe
   Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
   Supprime! - C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@advertstream[1].txt
   Supprime! - C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@adin.bigpoint[2].txt
   Supprime! - C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@bigpoint[2].txt
   Supprime! - C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@fr1.seafight.bigpoint[1].txt
   Supprime! - C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@banner.cotedazurpalace[2].txt
   Supprime! - C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@cotedazurpalace[2].txt
   Supprime! - C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@adopt.euroclick[1].txt
   Supprime! - C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@pacificpoker[1].txt
   Supprime! - C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@partygaming.122.2o7[1].txt
   Supprime! - C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@partypoker[1].txt
   Supprime! - C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@32vegas[2].txt
   Supprime! - C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@banner.32vegas[2].txt
   Supprime! - C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@vegas-millions[1].txt
   Supprime! - C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@2xmoinscher[2].txt
   Supprime! - C:\DOCUME~1\ODETTE~1\Cookies\odette_et_gaby@www.2xmoinscher[2].txt
   Supprime! - C:\WINDOWS\Tasks\A7E2AA3891852584.job 
   Supprime! - C:\DOCUME~1\ODETTE~1\LOCALS~1\Temp\bis7.exe
   Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\live 64 math does
   Supprime! - C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata
   Supprime! - C:\Program Files\blahdata
   Supprime! - C:\Program Files\Circle Developement
   RestaurÚ! - Fichier Hosts
 
   //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\ 

   Supprime! - C:\Program Files\Viewpoint
   Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Viewpoint
 
   //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\

 
   --------------------\  Listing des dossiers dans APPLIC~1  

   [29/03/2006|20:27] C:\DOCUME~1\ADMINI~1\APPLIC~1\Corel
   [01/09/2005|07:08] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
   [01/09/2005|07:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
   [29/03/2006|20:22] C:\DOCUME~1\ADMINI~1\APPLIC~1\Intel
   [01/09/2005|07:05] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
   [29/03/2006|20:15] C:\DOCUME~1\ADMINI~1\APPLIC~1\Sun
   [29/03/2006|20:24] C:\DOCUME~1\ADMINI~1\APPLIC~1\You've Got Pictures Screensaver

   [29/03/2006|20:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
   [03/04/2006|18:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
   [01/09/2005|07:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
   [13/04/2008|23:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
   [20/07/2008|19:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
   [03/04/2006|18:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hpzinstall.log
   [29/03/2006|20:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
   [29/03/2006|20:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
   [29/03/2006|20:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
   [08/10/2006|16:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
   [08/10/2006|16:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com Personal Firewall
   [16/04/2006|14:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
   [18/04/2006|17:34] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
   [28/05/2008|16:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\mode jump iso real
   [08/10/2006|16:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Network Associates
   [29/03/2006|20:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QSLLPSVCShare
   [29/03/2006|20:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
   [18/04/2006|18:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
   [27/07/2007|15:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
   [26/11/2006|17:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage

   [29/03/2006|20:27] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Corel
   [01/09/2005|07:08] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
   [01/09/2005|07:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
   [29/03/2006|20:22] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
   [01/09/2005|07:05] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
   [29/03/2006|20:15] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sun
   [29/03/2006|20:24] C:\DOCUME~1\DEFAUL~1\APPLIC~1\You've Got Pictures Screensaver

   [03/04/2006|17:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee.com Personal Firewall
   [01/09/2005|07:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

   [03/07/2006|18:15] C:\DOCUME~1\NETWOR~1\APPLIC~1\Intel
   [01/09/2005|07:05] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

   [19/07/2008|19:21] C:\DOCUME~1\ODETTE~1\APPLIC~1\Adobe
   [20/01/2007|16:27] C:\DOCUME~1\ODETTE~1\APPLIC~1\ArcSoft
   [01/09/2005|07:08] C:\DOCUME~1\ODETTE~1\APPLIC~1\desktop.ini
   [03/04/2006|18:46] C:\DOCUME~1\ODETTE~1\APPLIC~1\FotoWire
   [11/07/2007|22:59] C:\DOCUME~1\ODETTE~1\APPLIC~1\GDIPFONTCACHEV1.DAT
   [12/07/2007|14:53] C:\DOCUME~1\ODETTE~1\APPLIC~1\G-Force Prefs (WindowsMediaPlayer).txt
   [13/04/2008|23:27] C:\DOCUME~1\ODETTE~1\APPLIC~1\Google
   [01/09/2005|07:25] C:\DOCUME~1\ODETTE~1\APPLIC~1\Identities
   [29/03/2006|20:22] C:\DOCUME~1\ODETTE~1\APPLIC~1\Intel
   [18/04/2006|17:34] C:\DOCUME~1\ODETTE~1\APPLIC~1\Lavasoft
   [03/04/2006|17:38] C:\DOCUME~1\ODETTE~1\APPLIC~1\Leadertech
   [03/04/2006|17:33] C:\DOCUME~1\ODETTE~1\APPLIC~1\Macromedia
   [03/04/2006|17:33] C:\DOCUME~1\ODETTE~1\APPLIC~1\McAfee.com Personal Firewall
   [13/07/2007|10:12] C:\DOCUME~1\ODETTE~1\APPLIC~1\Microsoft
   [15/07/2008|22:17] C:\DOCUME~1\ODETTE~1\APPLIC~1\Mozilla
   [16/04/2006|14:35] C:\DOCUME~1\ODETTE~1\APPLIC~1\MSNInstaller
   [03/04/2006|17:39] C:\DOCUME~1\ODETTE~1\APPLIC~1\Sonic
   [29/03/2006|20:15] C:\DOCUME~1\ODETTE~1\APPLIC~1\Sun
   [29/03/2006|20:24] C:\DOCUME~1\ODETTE~1\APPLIC~1\You've Got Pictures Screensaver
 
   --------------------\  Tâches planifiées dans C:\WINDOWS	asks

   [04/01/2007 11:38][--a------] C:\WINDOWS	asks\HP DArC Task #Hewlett-Packard#7200#CN39N3B06RI5.job
   [20/07/2008 14:35][--a------] C:\WINDOWS	asks\HP Usg Daily.job
   [04/04/2006 17:15][--a------] C:\WINDOWS	asks\Rappel d'abonnement 1 auprŠs de l'ISP.job
   [20/07/2008 19:04][--ah-----] C:\WINDOWS	asks\SA.DAT
   [10/08/2004 13:00][-r-h-----] C:\WINDOWS	asks\desktop.ini

   --------------------\  Listing des dossiers dans C:\Program Files

   [29/03/2006|20:25] C:\Program Files\Adobe
   [16/04/2006|15:25] C:\Program Files\Ahead
   [12/05/2007|17:27] C:\Program Files\ALO SOFT
   [20/01/2007|16:19] C:\Program Files\ArcSoft
   [11/12/2006|12:25] C:\Program Files\AvantGo Connect
   [20/07/2008|14:55] C:\Program Files\Bodom-Child - RaBBi
   [29/03/2006|20:21] C:\Program Files\Broadcom
   [03/04/2006|17:29] C:\Program Files\Cegetel
   [11/12/2006|12:24] C:\Program Files\Common Files
   [29/03/2006|20:19] C:\Program Files\CONEXANT
   [03/04/2006|18:36] C:\Program Files\Corel
   [29/03/2006|20:22] C:\Program Files\CyberLink
   [12/05/2007|16:22] C:\Program Files\Dell
   [29/03/2006|20:20] C:\Program Files\Digital Line Detect
   [12/05/2007|16:22] C:\Program Files\DivX
   [23/12/2006|14:07] C:\Program Files\EA Games
   [17/07/2008|18:06] C:\Program Files\eMule
   [12/05/2007|17:28] C:\Program Files\Fichiers communs
   [01/09/2005|07:27] C:\Program Files\FrenchOtto
   [13/04/2008|23:27] C:\Program Files\Google
   [03/04/2006|18:29] C:\Program Files\Hewlett-Packard
   [03/04/2006|18:29] C:\Program Files\HP
   [20/01/2007|16:19] C:\Program Files\InstallShield Installation Information
   [29/03/2006|20:21] C:\Program Files\Intel
   [12/06/2008|18:42] C:\Program Files\Internet Explorer
   [29/03/2006|20:15] C:\Program Files\Java
   [25/12/2007|15:19] C:\Program Files\JFDuke3D
   [18/04/2006|17:34] C:\Program Files\Lavasoft
   [29/03/2006|20:24] C:\Program Files\Learn2.com
   [03/04/2006|18:46] C:\Program Files\Logitech
   [29/03/2006|20:29] C:\Program Files\McAfee
   [29/03/2006|20:15] C:\Program Files\Messenger
   [24/12/2007|11:58] C:\Program Files\Messenger Plus! Live
   [16/04/2006|14:45] C:\Program Files\MessengerPlus! 3
   [11/12/2006|12:25] C:\Program Files\Microsoft ActiveSync
   [01/09/2005|07:18] C:\Program Files\microsoft frontpage
   [16/04/2006|16:40] C:\Program Files\Microsoft Office
   [29/03/2006|20:23] C:\Program Files\Microsoft Works
   [12/05/2007|16:22] C:\Program Files\Modem Helper
   [01/09/2005|07:12] C:\Program Files\Movie Maker
   [20/07/2008|20:19] C:\Program Files\Mozilla Firefox
   [16/04/2006|15:13] C:\Program Files\MSN
   [01/09/2005|07:12] C:\Program Files\MSN Gaming Zone
   [24/12/2007|11:57] C:\Program Files\MSN Messenger
   [17/08/2007|12:50] C:\Program Files\MSXML 4.0
   [29/03/2006|20:26] C:\Program Files\MyWaySA
   [01/09/2005|07:15] C:\Program Files\NetMeeting
   [08/10/2006|16:13] C:\Program Files\Network Associates
   [01/09/2005|07:13] C:\Program Files\Online Services
   [19/06/2007|16:01] C:\Program Files\Outlook Express
   [18/07/2008|17:06] C:\Program Files\PhotoFiltre
   [29/03/2006|20:24] C:\Program Files\QuickTime
   [29/03/2006|20:24] C:\Program Files\Real
   [15/06/2008|15:38] C:\Program Files\Registry Mechanic
   [15/07/2006|13:03] C:\Program Files\Rockstar Games
   [03/04/2006|17:30] C:\Program Files\SAGEM
   [01/09/2005|07:15] C:\Program Files\Services en ligne
   [29/03/2006|20:19] C:\Program Files\Sigmatel
   [16/04/2006|16:23] C:\Program Files\Smart Projects
   [04/09/2007|11:40] C:\Program Files\Spybot - Search & Destroy
   [29/03/2006|20:21] C:\Program Files\Synaptics
   [20/07/2008|19:28] C:\Program Files\Trend Micro
   [25/12/2006|13:21] C:\Program Files\ViaMichelin
   [15/08/2007|14:57] C:\Program Files\Windows Live
   [15/08/2007|16:10] C:\Program Files\Windows Media Player
   [01/09/2005|07:12] C:\Program Files\Windows NT
   [01/09/2005|07:12] C:\Program Files\Windows Plus
   [20/07/2008|14:54] C:\Program Files\WinRAR
   [01/09/2005|07:18] C:\Program Files\xerox

   --------------------\  Listing des dossiers dans C:\Program Files\Fichiers communs

   [03/04/2006|17:39] C:\Program Files\Fichiers communs\Adobe
   [12/05/2007|16:22] C:\Program Files\Fichiers communs\AOL
   [20/01/2007|16:21] C:\Program Files\Fichiers communs\ArcSoft
   [16/04/2006|16:40] C:\Program Files\Fichiers communs\Designer
   [03/04/2006|18:46] C:\Program Files\Fichiers communs\FotoWire
   [29/03/2006|20:26] C:\Program Files\Fichiers communs\InstallShield
   [29/03/2006|20:14] C:\Program Files\Fichiers communs\Java
   [03/04/2006|18:44] C:\Program Files\Fichiers communs\Logitech
   [09/08/2007|16:37] C:\Program Files\Fichiers communs\Microsoft Shared
   [01/09/2005|07:15] C:\Program Files\Fichiers communs\MSSoap
   [08/10/2006|16:13] C:\Program Files\Fichiers communs\Network Associates
   [29/03/2006|20:24] C:\Program Files\Fichiers communs\Nullsoft
   [12/05/2007|17:28] C:\Program Files\Fichiers communs\ODBC
   [29/03/2006|20:24] C:\Program Files\Fichiers communs\Real
   [01/09/2005|07:15] C:\Program Files\Fichiers communs\Services
   [04/04/2006|10:51] C:\Program Files\Fichiers communs\Sonic Shared
   [01/09/2005|07:08] C:\Program Files\Fichiers communs\SpeechEngines
   [19/06/2007|16:01] C:\Program Files\Fichiers communs\System

   --------------------\  Process

   ( 69 Processus )

   MsgPlus.exe ~ [2916]

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-07-20 20:30:19
   Windows 5.1.2600 Service Pack 2 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 1
 
   --------------------\  Recherche d'autres infections


   Aucune autre infection trouvée  !

   [F:2037][D:63]-> C:\DOCUME~1\ODETTE~1\LOCALS~1\Temp
   [F:515][D:0]-> C:\DOCUME~1\ODETTE~1\Cookies
   [F:20248][D:26]-> C:\DOCUME~1\ODETTE~1\LOCALS~1\TEMPOR~1\content.IE5

   --------------------\  Fin du rapport a 20:31:11,93












Je ne peut pas enlever le virus trouver car mon anti virus et périmer donc ke faire

Destrio5 · Answer

Fais ceci :

- Télécharge et installe MalwareByte's Anti-Malware :
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm

- Mets-le à jour

- Redémarre en mode sans échec (Recommandé) :
https://www.malekal.com/demarrer-windows-mode-sans-echec/

- Choisis ta session habituelle

- Fais un scan complet avec MalwareByte's Anti-Malware

- Supprime tout ce que le logiciel trouve, enregistre le rapport

- Redémarre en mode normal et poste le rapport ici

Tutorial :
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/

leodu45 · Answer

Rebonjour

Dsl pour le retard voila mon rapport 

( aprés avoir supprimer les virus que MalwareByte's Anti-Malware avé trouvé iexplore.exe et parti donc je ne c pa si je doi continuer une nouvelle procedure 


Rapport :



Malwarebytes' Anti-Malware 1.21
Version de la base de données: 971
Windows 5.1.2600 Service Pack 2

19:04:59 25/07/2008
mbam-log-7-25-2008 (19-04-59).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 104393
Temps écoulé: 1 hour(s), 43 minute(s), 21 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{4d25f926-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWay) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

Destrio5 · Answer

---> Relance MBAM, va dans Quarantaine et supprime tout

---> Poste un nouveau rapport HijackThis

leodu45 · Answer

Voila le rapport 



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:19:59, on 25/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\system32\hphmon05.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.dell.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {68141ABC-0E6F-C1DD-265D-7577E6DF7EA9} - C:\DOCUME~1\ODETTE~1\APPLIC~1\AXISRE~1\Bows pop.exe (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [ShowLOMControl] 
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iso real pile send] C:\Documents and Settings\All Users\Application Data\mode jump iso real\SOAPJUNK.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting
etWaiting.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [TYPE LONG] C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata\IdleSoap.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin
pjpi142_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin
pjpi142_03.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{14D04463-D86E-48F4-9FE5-5DFEA849EC89}: NameServer = 217.19.192.132 217.19.192.131
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

Destrio5 · Answer

Accepte les modifications si Spybot te demande quelque chose.

---> Mets à jour Java :
https://www.java.com/fr/download/manual.jsp

---> Relance HijackThis et choisis Do a system scan only

---> Coche les cases qui sont devant les lignes suivantes :

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/fr-fr 

R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file) 

O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - (no file) 

O2 - BHO: (no name) - {68141ABC-0E6F-C1DD-265D-7577E6DF7EA9} - C:\DOCUME~1\ODETTE~1\APPLIC~1\AXISRE~1\Bows pop.exe (file missing) 

O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe 

O4 - HKLM\..\Run: [ShowLOMControl]  

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime 

O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup

O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start 

O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" 

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE 

O4 - HKLM\..\Run: [iso real pile send] C:\Documents and Settings\All Users\Application Data\mode jump iso real\SOAPJUNK.exe 

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" 

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe 

O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart

O4 - HKCU\..\Run: [TYPE LONG] C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata\IdleSoap.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') 

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

---> Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.

---> Télécharge OTMoveIt2 à partir du lien ci-dessous : 
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe 

---> Enregistre le fichier sur le Bureau.

---> Double-clique sur le fichier OTMoveIt2.exe pour lancer l'outil.
Assure-toi que la case Unregister Dll's and Ocx's soit bien cochée.

---> Copie l'intégralité du texte ci-dessous et colle-le dans la fenêtre intitulée Paste Standard List of Files/Folders to be moved.



C:\DOCUME~1\ODETTE~1\APPLIC~1\AXISRE~1\
C:\Documents and Settings\All Users\Application Data\mode jump iso real\
C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata\



---> Clique sur MoveIt! pour lancer la suppression.
Lorsqu'un résultat apparaît dans le cadre Results, clique sur Exit.

Note : Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur YES. 

---> Poste le rapport de OTMoveIt qui se trouve dans C:\_OTMoveIt\MovedFiles. 

---> Poste un nouveau rapport HijackThis

Destrio5 · Answer

Accepte les modifications si Spybot te demande quelque chose.

---> Mets à jour Java :
https://www.java.com/fr/download/manual.jsp

---> Relance HijackThis et choisis Do a system scan only

---> Coche les cases qui sont devant les lignes suivantes :

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/fr-fr 

R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file) 

O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - (no file) 

O2 - BHO: (no name) - {68141ABC-0E6F-C1DD-265D-7577E6DF7EA9} - C:\DOCUME~1\ODETTE~1\APPLIC~1\AXISRE~1\Bows pop.exe (file missing) 

O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe 

O4 - HKLM\..\Run: [ShowLOMControl]  

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime 

O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup

O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start 

O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" 

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE 

O4 - HKLM\..\Run: [iso real pile send] C:\Documents and Settings\All Users\Application Data\mode jump iso real\SOAPJUNK.exe 

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" 

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe 

O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart

O4 - HKCU\..\Run: [TYPE LONG] C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata\IdleSoap.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') 

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

---> Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose.

---> Télécharge OTMoveIt2 à partir du lien ci-dessous : 
http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe 

---> Enregistre le fichier sur le Bureau.

---> Double-clique sur le fichier OTMoveIt2.exe pour lancer l'outil.
Assure-toi que la case Unregister Dll's and Ocx's soit bien cochée.

---> Copie l'intégralité du texte ci-dessous et colle-le dans la fenêtre intitulée Paste Standard List of Files/Folders to be moved.



C:\DOCUME~1\ODETTE~1\APPLIC~1\AXISRE~1\
C:\Documents and Settings\All Users\Application Data\mode jump iso real\
C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata\



---> Clique sur MoveIt! pour lancer la suppression.
Lorsqu'un résultat apparaît dans le cadre Results, clique sur Exit.

Note : Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer. Accepte en cliquant sur YES. 

---> Poste le rapport de OTMoveIt qui se trouve dans C:\_OTMoveIt\MovedFiles. 

---> Poste un nouveau rapport HijackThis

leodu45 · Answer

Rapport otmoveit 


Folder C:\DOCUME~1\ODETTE~1\APPLIC~1\AXISRE~1\ not found.
C:\Documents and Settings\All Users\Application Data\mode jump iso real moved successfully.
Folder C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata\ not found.
 
OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 07252008_195352



Rapport hijackthis


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:55:50, on 25/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\system32\hphmon05.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\WINDOWS\system32\LVComsX.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.dell.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {68141ABC-0E6F-C1DD-265D-7577E6DF7EA9} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [iso real pile send] C:\Documents and Settings\All Users\Application Data\mode jump iso real\SOAPJUNK.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting
etWaiting.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TYPE LONG] C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata\IdleSoap.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin
pjpi142_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin
pjpi142_03.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{14D04463-D86E-48F4-9FE5-5DFEA849EC89}: NameServer = 217.19.192.132 217.19.192.131
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

Destrio5 · Answer

Spybot a bloqué les modifications...

leodu45 · Answer

Mais sa fé koi alors ? ya un pbm ou c bn jai tuer le virus

Destrio5 · Answer

Oui, le virus est tué mais il y a des traces.

Vire Spybot et recommence la manip' sauf pour OTMoveIt2.

leodu45 · Answer

toute la manp depui le debut ?

Destrio5 · Answer

http://www.commentcamarche.net/forum/affich 7499872 pbm iexplore exe#14

leodu45 · Answer

dsl mais je suis perdu ke doije faire

Destrio5 · Answer

---> Désinstalle Spybot

---> Mets à jour Java :
https://www.java.com/fr/download/manual.jsp

---> Relance HijackThis et choisis Do a system scan only

---> Coche les cases qui sont devant les lignes suivantes :

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.fr/myway

R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)

O2 - BHO: (no name) - {4D25F921-B9FE-4682-BF72-8AB8210D6D75} - (no file)

O2 - BHO: (no name) - {68141ABC-0E6F-C1DD-265D-7577E6DF7EA9} - C:\DOCUME~1\ODETTE~1\APPLIC~1\AXISRE~1\Bows pop.exe (file missing)

O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe

O4 - HKLM\..\Run: [ShowLOMControl] 

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup

O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [iso real pile send] C:\Documents and Settings\All Users\Application Data\mode jump iso real\SOAPJUNK.exe

O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart

O4 - HKCU\..\Run: [TYPE LONG] C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata\IdleSoap.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

---> Clique en bas sur Fix checked. Mets oui si HijackThis te demande quelque chose. 

---> Redémarre et poste un nouveau rapport HijackThis

leodu45 · Answer

Dsl mais je nai pas la ligne

O2 - BHO: (no name) - {68141ABC-0E6F-C1DD-265D-7577E6DF7EA9} - C:\DOCUME~1\ODETTE~1\APPLIC~1\AXISRE~1\Bows pop.exe (file missing)

Destrio5 · Answer

Et bien tu ne la coches pas.

leodu45 · Answer

voila mon rapport 


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:36:56, on 25/07/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\system32\hphmon05.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\WINDOWS\system32\LVComsX.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://mysearch.myway.com/jsp/dellsidebar.jsp?p=DR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.dell.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {68141ABC-0E6F-C1DD-265D-7577E6DF7EA9} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKLM\..\Run: [HPHUPD05] C:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\system32\hphmon05.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [MSKDetectorExe] C:\Program Files\McAfee\SpamKiller\MSKDetct.exe /uninstall
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting
etWaiting.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [TYPE LONG] C:\DOCUME~1\ODETTE~1\APPLIC~1\blahdata\IdleSoap.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin
pjpi142_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin
pjpi142_03.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation  - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

Destrio5 · Answer

O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe 

---> Tu n'as pas désinstallé Spybot.

Pbm iexplore.exe

26 réponses

Votre réponse

Discussions similaires

Newsletters