Fenetre IE cid qui s'ouvre toute seule
Dernière réponse : dans Sécurité
Bonjour à tous, depuis peu j'ai des fenêtres Internet Explorer qui s'ouvrent toutes seules et à chaque fois ce sont des pub avec écrit "cid" devant. J'ai vu qu'il fallait télécharger hijackthis et poster le rapport donc je vous montre ce rapport.
Serait-il possible de savoir comment est-ce que j'ai choppé ce virus et comment ne plus le chopper ?
Merci d'avance aux éventuels helpers qui pourraient me venir en aide.
Bonne journée
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:35:05, on 07/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Windows\System32\wsqmcons.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ig/dell?hl=fr&client=dell-row&chan...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [bash chin] "C:\ProgramData\Windowregsregs.hviii"
O4 - HKCU\..\Run: [Ford mpeg road draw] "C:\ProgramData\Tons bleh vc.u4rm6c"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 9264 bytes
Serait-il possible de savoir comment est-ce que j'ai choppé ce virus et comment ne plus le chopper ?
Merci d'avance aux éventuels helpers qui pourraient me venir en aide.
Bonne journée
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:35:05, on 07/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Windows\System32\wsqmcons.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ig/dell?hl=fr&client=dell-row&chan...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [bash chin] "C:\ProgramData\Windowregsregs.hviii"
O4 - HKCU\..\Run: [Ford mpeg road draw] "C:\ProgramData\Tons bleh vc.u4rm6c"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 9264 bytes
Autres pages sur : fenetre cid ouvre seule
Lassé par la pub ? Créez un compte
Bonjour,
Télécharge Lop S&D.exe ([#ff0000]Eric_71[/#f]) sur ton Bureau.
Lance l'installation du programme en exécutant le fichier téléchargé.
Double-clique maintenant sur le raccourci de LopS&D.
Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
Poste le rapport généré (C:\lopR.txt*)
(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
* le nom de la partition peut changer
Télécharge Lop S&D.exe ([#ff0000]Eric_71[/#f]) sur ton Bureau.
(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)
* le nom de la partition peut changer
Merci beaucoup de me venir en aide, je poste donc le rapport obtenu:
--------------------\\ Lop S&D 4.2.4-1 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU T2390 @ 1.86GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A13
USER : Pierre-adrien ( Administrator )
BOOT : Normal boot
"C:\Lop SD" ( MAJ : 06-09-2008|22:02 )
Option : [1] ( 07/09/2008|20:18 )
[ UAC => 1 ]
--------------------\\ Listing des dossiers dans Local
[03/09/2008|13:10] C:\Users\PIERRE~1\AppData\Local\Adobe
[02/09/2008|19:13] C:\Users\PIERRE~1\AppData\Local\Apple
[02/09/2008|20:41] C:\Users\PIERRE~1\AppData\Local\Apple Computer
[02/09/2008|12:57] C:\Users\PIERRE~1\AppData\Local\Application Data
[07/09/2008|15:33] C:\Users\PIERRE~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[02/09/2008|18:04] C:\Users\PIERRE~1\AppData\Local\eMule
[02/09/2008|12:58] C:\Users\PIERRE~1\AppData\Local\GDIPFONTCACHEV1.DAT
[02/09/2008|13:11] C:\Users\PIERRE~1\AppData\Local\Google
[02/09/2008|12:57] C:\Users\PIERRE~1\AppData\Local\Historique
[07/09/2008|02:03] C:\Users\PIERRE~1\AppData\Local\IconCache.db
[05/09/2008|09:40] C:\Users\PIERRE~1\AppData\Local\MediaDirect
[05/09/2008|10:40] C:\Users\PIERRE~1\AppData\Local\Microsoft
[02/09/2008|13:18] C:\Users\PIERRE~1\AppData\Local\Mozilla
[02/09/2008|21:38] C:\Users\PIERRE~1\AppData\Local\SupportSoft
[07/09/2008|20:14] C:\Users\PIERRE~1\AppData\Local\Temp
[02/09/2008|12:57] C:\Users\PIERRE~1\AppData\Local\Temporary Internet Files
[02/09/2008|18:29] C:\Users\PIERRE~1\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[28/08/2008 15:21][--a------] C:\Windows\tasks\McDefragTask.job
[28/08/2008 15:21][--a------] C:\Windows\tasks\McQcTask.job
[07/09/2008 10:19][--ah-----] C:\Windows\tasks\SA.DAT
[07/09/2008 10:18][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[03/09/2008|13:16] C:\ProgramData\Adobe
[02/09/2008|19:12] C:\ProgramData\Apple
[02/09/2008|19:17] C:\ProgramData\Apple Computer
[02/09/2008|12:57] C:\ProgramData\Application Data
[02/09/2008|12:57] C:\ProgramData\Bureau
[05/09/2008|01:32] C:\ProgramData\CyberLink
[28/08/2008|15:16] C:\ProgramData\Dell
[02/09/2008|12:57] C:\ProgramData\Documents
[02/09/2008|18:10] C:\ProgramData\eMule
[02/09/2008|12:57] C:\ProgramData\Favoris
[28/08/2008|15:04] C:\ProgramData\Google
[28/08/2008|15:11] C:\ProgramData\McAfee
[02/09/2008|12:57] C:\ProgramData\Menu D‚marrer
[02/09/2008|21:38] C:\ProgramData\Messenger Plus!
[02/09/2008|13:44] C:\ProgramData\Microsoft
[02/09/2008|12:57] C:\ProgramData\ModŠles
[02/09/2008|19:53] C:\ProgramData\oneonline
[28/08/2008|15:05] C:\ProgramData\SupportSoft
[02/09/2008|19:53] C:\ProgramData\Tons bleh vc.u4rm6c
[02/09/2008|19:53] C:\ProgramData\way rdr ford mpeg
[02/09/2008|19:53] C:\ProgramData\Windowregsregs.1gx2oj8
[02/09/2008|19:44] C:\ProgramData\Windowregsregs.60dn8
[02/09/2008|19:53] C:\ProgramData\Windowregsregs.hviii
[02/09/2008|18:21] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[03/09/2008|13:16] C:\Program Files\Adobe
[02/09/2008|19:13] C:\Program Files\Apple Software Update
[02/09/2008|19:15] C:\Program Files\Bonjour
[02/09/2008|19:44] C:\Program Files\Circle Developement
[28/08/2008|15:03] C:\Program Files\Cisco
[28/08/2008|15:11] C:\Program Files\Citrix
[03/09/2008|13:15] C:\Program Files\Common Files
[28/08/2008|16:40] C:\Program Files\CONEXANT
[28/08/2008|14:57] C:\Program Files\Creative
[28/08/2008|14:56] C:\Program Files\Creative Live! Cam
[28/08/2008|15:07] C:\Program Files\CyberLink
[28/08/2008|15:16] C:\Program Files\Dell
[28/08/2008|15:05] C:\Program Files\Dell Support Center
[29/08/2008|00:34] C:\Program Files\DellTPad
[28/08/2008|14:56] C:\Program Files\Digital Line Detect
[02/09/2008|18:04] C:\Program Files\eMule
[02/09/2008|12:57] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[02/09/2008|20:38] C:\Program Files\Google
[28/08/2008|15:05] C:\Program Files\InstallShield Installation Information
[28/08/2008|15:02] C:\Program Files\Intel
[02/09/2008|19:15] C:\Program Files\Internet Explorer
[02/09/2008|19:18] C:\Program Files\iPod
[02/09/2008|19:18] C:\Program Files\iTunes
[28/08/2008|14:53] C:\Program Files\Java
[06/09/2008|22:30] C:\Program Files\McAfee
[28/08/2008|15:09] C:\Program Files\McAfee.com
[02/09/2008|19:52] C:\Program Files\Messenger Plus! Live
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[28/08/2008|15:08] C:\Program Files\Microsoft Office
[28/08/2008|15:09] C:\Program Files\Microsoft Works
[28/08/2008|14:55] C:\Program Files\Modem Diagnostic Tool
[21/01/2008|04:35] C:\Program Files\Movie Maker
[02/09/2008|13:17] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[28/08/2008|14:55] C:\Program Files\NetWaiting
[02/09/2008|13:07] C:\Program Files\Neuf
[02/09/2008|19:15] C:\Program Files\QuickTime
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[28/08/2008|16:40] C:\Program Files\Sigmatel
[07/09/2008|10:34] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[02/09/2008|14:00] C:\Program Files\VideoLAN
[21/01/2008|04:35] C:\Program Files\Windows Calendar
[21/01/2008|04:35] C:\Program Files\Windows Collaboration
[21/01/2008|04:35] C:\Program Files\Windows Defender
[21/01/2008|04:35] C:\Program Files\Windows Journal
[02/09/2008|18:25] C:\Program Files\Windows Live
[02/09/2008|20:37] C:\Program Files\Windows Mail
[21/01/2008|04:35] C:\Program Files\Windows Media Player
[02/09/2008|12:57] C:\Program Files\Windows NT
[21/01/2008|04:35] C:\Program Files\Windows Photo Gallery
[21/01/2008|04:35] C:\Program Files\Windows Sidebar
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[03/09/2008|13:16] C:\Program Files\Common Files\Adobe
[02/09/2008|19:12] C:\Program Files\Common Files\Apple
[28/08/2008|14:56] C:\Program Files\Common Files\InstallShield
[28/08/2008|14:53] C:\Program Files\Common Files\Java
[28/08/2008|15:09] C:\Program Files\Common Files\McAfee
[02/09/2008|18:14] C:\Program Files\Common Files\microsoft shared
[28/08/2008|14:57] C:\Program Files\Common Files\Reallusion
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[28/08/2008|15:05] C:\Program Files\Common Files\supportsoft
[21/01/2008|04:35] C:\Program Files\Common Files\System
[02/09/2008|18:25] C:\Program Files\Common Files\WindowsLiveInstaller
--------------------\\ Process
( 81 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
C:\ProgramData\Windowregsregs.60dn8
C:\ProgramData\Windowregsregs.hviii
C:\ProgramData\Tons bleh vc.u4rm6c
C:\ProgramData\Windowregsregs.1gx2oj8
C:\Users\PIERRE~1\AppData\Local\Temp\bisA644.exe
C:\Users\PIERRE~1\AppData\Local\Temp\bisAA1B.exe
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\ProgramData\way rdr ford mpeg
C:\ProgramData\way rdr ford mpeg\Memo Intra.exe
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\Users\PIERRE~1\AppData\Roaming\MICROS~1\Windows\Cookies\pierre-adrien@adopt.euroclick[2].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"bash chin"="\"C:\\ProgramData\\Windowregsregs.hviii\""
"Ford mpeg road draw"="\"C:\\ProgramData\\Tons bleh vc.u4rm6c\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-07 20:18:39
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:350][D:43]-> C:\Users\PIERRE~1\AppData\Local\Temp
[F:110][D:1]-> C:\Users\PIERRE~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:361][D:5]-> C:\Users\PIERRE~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:4][D:4]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 07/09/2008|20:20 - Option : [1]
--------------------\\ Fin du rapport a 20:20:41
[ UAC => 1 ]
--------------------\\ Lop S&D 4.2.4-1 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU T2390 @ 1.86GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A13
USER : Pierre-adrien ( Administrator )
BOOT : Normal boot
"C:\Lop SD" ( MAJ : 06-09-2008|22:02 )
Option : [1] ( 07/09/2008|20:18 )
[ UAC => 1 ]
--------------------\\ Listing des dossiers dans Local
[03/09/2008|13:10] C:\Users\PIERRE~1\AppData\Local\Adobe
[02/09/2008|19:13] C:\Users\PIERRE~1\AppData\Local\Apple
[02/09/2008|20:41] C:\Users\PIERRE~1\AppData\Local\Apple Computer
[02/09/2008|12:57] C:\Users\PIERRE~1\AppData\Local\Application Data
[07/09/2008|15:33] C:\Users\PIERRE~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[02/09/2008|18:04] C:\Users\PIERRE~1\AppData\Local\eMule
[02/09/2008|12:58] C:\Users\PIERRE~1\AppData\Local\GDIPFONTCACHEV1.DAT
[02/09/2008|13:11] C:\Users\PIERRE~1\AppData\Local\Google
[02/09/2008|12:57] C:\Users\PIERRE~1\AppData\Local\Historique
[07/09/2008|02:03] C:\Users\PIERRE~1\AppData\Local\IconCache.db
[05/09/2008|09:40] C:\Users\PIERRE~1\AppData\Local\MediaDirect
[05/09/2008|10:40] C:\Users\PIERRE~1\AppData\Local\Microsoft
[02/09/2008|13:18] C:\Users\PIERRE~1\AppData\Local\Mozilla
[02/09/2008|21:38] C:\Users\PIERRE~1\AppData\Local\SupportSoft
[07/09/2008|20:14] C:\Users\PIERRE~1\AppData\Local\Temp
[02/09/2008|12:57] C:\Users\PIERRE~1\AppData\Local\Temporary Internet Files
[02/09/2008|18:29] C:\Users\PIERRE~1\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[28/08/2008 15:21][--a------] C:\Windows\tasks\McDefragTask.job
[28/08/2008 15:21][--a------] C:\Windows\tasks\McQcTask.job
[07/09/2008 10:19][--ah-----] C:\Windows\tasks\SA.DAT
[07/09/2008 10:18][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[03/09/2008|13:16] C:\ProgramData\Adobe
[02/09/2008|19:12] C:\ProgramData\Apple
[02/09/2008|19:17] C:\ProgramData\Apple Computer
[02/09/2008|12:57] C:\ProgramData\Application Data
[02/09/2008|12:57] C:\ProgramData\Bureau
[05/09/2008|01:32] C:\ProgramData\CyberLink
[28/08/2008|15:16] C:\ProgramData\Dell
[02/09/2008|12:57] C:\ProgramData\Documents
[02/09/2008|18:10] C:\ProgramData\eMule
[02/09/2008|12:57] C:\ProgramData\Favoris
[28/08/2008|15:04] C:\ProgramData\Google
[28/08/2008|15:11] C:\ProgramData\McAfee
[02/09/2008|12:57] C:\ProgramData\Menu D‚marrer
[02/09/2008|21:38] C:\ProgramData\Messenger Plus!
[02/09/2008|13:44] C:\ProgramData\Microsoft
[02/09/2008|12:57] C:\ProgramData\ModŠles
[02/09/2008|19:53] C:\ProgramData\oneonline
[28/08/2008|15:05] C:\ProgramData\SupportSoft
[02/09/2008|19:53] C:\ProgramData\Tons bleh vc.u4rm6c
[02/09/2008|19:53] C:\ProgramData\way rdr ford mpeg
[02/09/2008|19:53] C:\ProgramData\Windowregsregs.1gx2oj8
[02/09/2008|19:44] C:\ProgramData\Windowregsregs.60dn8
[02/09/2008|19:53] C:\ProgramData\Windowregsregs.hviii
[02/09/2008|18:21] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[03/09/2008|13:16] C:\Program Files\Adobe
[02/09/2008|19:13] C:\Program Files\Apple Software Update
[02/09/2008|19:15] C:\Program Files\Bonjour
[02/09/2008|19:44] C:\Program Files\Circle Developement
[28/08/2008|15:03] C:\Program Files\Cisco
[28/08/2008|15:11] C:\Program Files\Citrix
[03/09/2008|13:15] C:\Program Files\Common Files
[28/08/2008|16:40] C:\Program Files\CONEXANT
[28/08/2008|14:57] C:\Program Files\Creative
[28/08/2008|14:56] C:\Program Files\Creative Live! Cam
[28/08/2008|15:07] C:\Program Files\CyberLink
[28/08/2008|15:16] C:\Program Files\Dell
[28/08/2008|15:05] C:\Program Files\Dell Support Center
[29/08/2008|00:34] C:\Program Files\DellTPad
[28/08/2008|14:56] C:\Program Files\Digital Line Detect
[02/09/2008|18:04] C:\Program Files\eMule
[02/09/2008|12:57] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[02/09/2008|20:38] C:\Program Files\Google
[28/08/2008|15:05] C:\Program Files\InstallShield Installation Information
[28/08/2008|15:02] C:\Program Files\Intel
[02/09/2008|19:15] C:\Program Files\Internet Explorer
[02/09/2008|19:18] C:\Program Files\iPod
[02/09/2008|19:18] C:\Program Files\iTunes
[28/08/2008|14:53] C:\Program Files\Java
[06/09/2008|22:30] C:\Program Files\McAfee
[28/08/2008|15:09] C:\Program Files\McAfee.com
[02/09/2008|19:52] C:\Program Files\Messenger Plus! Live
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[28/08/2008|15:08] C:\Program Files\Microsoft Office
[28/08/2008|15:09] C:\Program Files\Microsoft Works
[28/08/2008|14:55] C:\Program Files\Modem Diagnostic Tool
[21/01/2008|04:35] C:\Program Files\Movie Maker
[02/09/2008|13:17] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[28/08/2008|14:55] C:\Program Files\NetWaiting
[02/09/2008|13:07] C:\Program Files\Neuf
[02/09/2008|19:15] C:\Program Files\QuickTime
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[28/08/2008|16:40] C:\Program Files\Sigmatel
[07/09/2008|10:34] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[02/09/2008|14:00] C:\Program Files\VideoLAN
[21/01/2008|04:35] C:\Program Files\Windows Calendar
[21/01/2008|04:35] C:\Program Files\Windows Collaboration
[21/01/2008|04:35] C:\Program Files\Windows Defender
[21/01/2008|04:35] C:\Program Files\Windows Journal
[02/09/2008|18:25] C:\Program Files\Windows Live
[02/09/2008|20:37] C:\Program Files\Windows Mail
[21/01/2008|04:35] C:\Program Files\Windows Media Player
[02/09/2008|12:57] C:\Program Files\Windows NT
[21/01/2008|04:35] C:\Program Files\Windows Photo Gallery
[21/01/2008|04:35] C:\Program Files\Windows Sidebar
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[03/09/2008|13:16] C:\Program Files\Common Files\Adobe
[02/09/2008|19:12] C:\Program Files\Common Files\Apple
[28/08/2008|14:56] C:\Program Files\Common Files\InstallShield
[28/08/2008|14:53] C:\Program Files\Common Files\Java
[28/08/2008|15:09] C:\Program Files\Common Files\McAfee
[02/09/2008|18:14] C:\Program Files\Common Files\microsoft shared
[28/08/2008|14:57] C:\Program Files\Common Files\Reallusion
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[28/08/2008|15:05] C:\Program Files\Common Files\supportsoft
[21/01/2008|04:35] C:\Program Files\Common Files\System
[02/09/2008|18:25] C:\Program Files\Common Files\WindowsLiveInstaller
--------------------\\ Process
( 81 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
C:\ProgramData\Windowregsregs.60dn8
C:\ProgramData\Windowregsregs.hviii
C:\ProgramData\Tons bleh vc.u4rm6c
C:\ProgramData\Windowregsregs.1gx2oj8
C:\Users\PIERRE~1\AppData\Local\Temp\bisA644.exe
C:\Users\PIERRE~1\AppData\Local\Temp\bisAA1B.exe
--------------------\\ Recherche de Fichiers / Dossiers Lop
C:\ProgramData\way rdr ford mpeg
C:\ProgramData\way rdr ford mpeg\Memo Intra.exe
C:\Program Files\Circle Developement
C:\Program Files\Circle Developement\Uninstall.exe
C:\Users\PIERRE~1\AppData\Roaming\MICROS~1\Windows\Cookies\pierre-adrien@adopt.euroclick[2].txt
--------------------\\ Verification du Registre
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"bash chin"="\"C:\\ProgramData\\Windowregsregs.hviii\""
"Ford mpeg road draw"="\"C:\\ProgramData\\Tons bleh vc.u4rm6c\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-07 20:18:39
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:350][D:43]-> C:\Users\PIERRE~1\AppData\Local\Temp
[F:110][D:1]-> C:\Users\PIERRE~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:361][D:5]-> C:\Users\PIERRE~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:4][D:4]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 07/09/2008|20:20 - Option : [1]
--------------------\\ Fin du rapport a 20:20:41
[ UAC => 1 ]
Re voici le rapport,
--------------------\\ Lop S&D 4.2.4-1 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU T2390 @ 1.86GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A13
USER : Pierre-adrien ( Administrator )
BOOT : Normal boot
"C:\Lop SD" ( MAJ : 06-09-2008|22:02 )
Option : [2] ( 08/09/2008|17:31 )
[ UAC => 1 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\ProgramData\way rdr ford mpeg\Memo Intra.exe
Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
Supprime! - C:\Users\PIERRE~1\AppData\Roaming\MICROS~1\Windows\Cookies\pierre-adrien@adopt.euroclick[2].txt
Supprime! - C:\ProgramData\Windowregsregs.60dn8
Supprime! - C:\ProgramData\Windowregsregs.hviii
Supprime! - C:\ProgramData\Tons bleh vc.u4rm6c
Supprime! - C:\ProgramData\Windowregsregs.1gx2oj8
Supprime! - C:\Users\PIERRE~1\AppData\Local\Temp\bisA644.exe
Supprime! - C:\Users\PIERRE~1\AppData\Local\Temp\bisAA1B.exe
Supprime! - C:\ProgramData\way rdr ford mpeg
Supprime! - C:\Program Files\Circle Developement
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans Local
[03/09/2008|13:10] C:\Users\PIERRE~1\AppData\Local\Adobe
[02/09/2008|19:13] C:\Users\PIERRE~1\AppData\Local\Apple
[02/09/2008|20:41] C:\Users\PIERRE~1\AppData\Local\Apple Computer
[02/09/2008|12:57] C:\Users\PIERRE~1\AppData\Local\Application Data
[07/09/2008|15:33] C:\Users\PIERRE~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[02/09/2008|18:04] C:\Users\PIERRE~1\AppData\Local\eMule
[02/09/2008|12:58] C:\Users\PIERRE~1\AppData\Local\GDIPFONTCACHEV1.DAT
[02/09/2008|13:11] C:\Users\PIERRE~1\AppData\Local\Google
[02/09/2008|12:57] C:\Users\PIERRE~1\AppData\Local\Historique
[08/09/2008|00:01] C:\Users\PIERRE~1\AppData\Local\IconCache.db
[05/09/2008|09:40] C:\Users\PIERRE~1\AppData\Local\MediaDirect
[05/09/2008|10:40] C:\Users\PIERRE~1\AppData\Local\Microsoft
[02/09/2008|13:18] C:\Users\PIERRE~1\AppData\Local\Mozilla
[02/09/2008|21:38] C:\Users\PIERRE~1\AppData\Local\SupportSoft
[08/09/2008|17:31] C:\Users\PIERRE~1\AppData\Local\Temp
[02/09/2008|12:57] C:\Users\PIERRE~1\AppData\Local\Temporary Internet Files
[02/09/2008|18:29] C:\Users\PIERRE~1\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[28/08/2008 15:21][--a------] C:\Windows\tasks\McDefragTask.job
[28/08/2008 15:21][--a------] C:\Windows\tasks\McQcTask.job
[08/09/2008 09:19][--ah-----] C:\Windows\tasks\SA.DAT
[08/09/2008 00:02][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[03/09/2008|13:16] C:\ProgramData\Adobe
[02/09/2008|19:12] C:\ProgramData\Apple
[02/09/2008|19:17] C:\ProgramData\Apple Computer
[02/09/2008|12:57] C:\ProgramData\Application Data
[02/09/2008|12:57] C:\ProgramData\Bureau
[05/09/2008|01:32] C:\ProgramData\CyberLink
[28/08/2008|15:16] C:\ProgramData\Dell
[02/09/2008|12:57] C:\ProgramData\Documents
[02/09/2008|18:10] C:\ProgramData\eMule
[02/09/2008|12:57] C:\ProgramData\Favoris
[28/08/2008|15:04] C:\ProgramData\Google
[28/08/2008|15:11] C:\ProgramData\McAfee
[02/09/2008|12:57] C:\ProgramData\Menu D‚marrer
[02/09/2008|21:38] C:\ProgramData\Messenger Plus!
[02/09/2008|13:44] C:\ProgramData\Microsoft
[02/09/2008|12:57] C:\ProgramData\ModŠles
[02/09/2008|19:53] C:\ProgramData\oneonline
[28/08/2008|15:05] C:\ProgramData\SupportSoft
[02/09/2008|18:21] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[03/09/2008|13:16] C:\Program Files\Adobe
[08/09/2008|09:34] C:\Program Files\Apple Software Update
[02/09/2008|19:15] C:\Program Files\Bonjour
[28/08/2008|15:03] C:\Program Files\Cisco
[28/08/2008|15:11] C:\Program Files\Citrix
[03/09/2008|13:15] C:\Program Files\Common Files
[28/08/2008|16:40] C:\Program Files\CONEXANT
[28/08/2008|14:57] C:\Program Files\Creative
[28/08/2008|14:56] C:\Program Files\Creative Live! Cam
[28/08/2008|15:07] C:\Program Files\CyberLink
[28/08/2008|15:16] C:\Program Files\Dell
[28/08/2008|15:05] C:\Program Files\Dell Support Center
[29/08/2008|00:34] C:\Program Files\DellTPad
[28/08/2008|14:56] C:\Program Files\Digital Line Detect
[02/09/2008|18:04] C:\Program Files\eMule
[02/09/2008|12:57] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[02/09/2008|20:38] C:\Program Files\Google
[28/08/2008|15:05] C:\Program Files\InstallShield Installation Information
[28/08/2008|15:02] C:\Program Files\Intel
[02/09/2008|19:15] C:\Program Files\Internet Explorer
[02/09/2008|19:18] C:\Program Files\iPod
[02/09/2008|19:18] C:\Program Files\iTunes
[28/08/2008|14:53] C:\Program Files\Java
[08/09/2008|11:29] C:\Program Files\LimeWire
[06/09/2008|22:30] C:\Program Files\McAfee
[28/08/2008|15:09] C:\Program Files\McAfee.com
[02/09/2008|19:52] C:\Program Files\Messenger Plus! Live
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[28/08/2008|15:08] C:\Program Files\Microsoft Office
[28/08/2008|15:09] C:\Program Files\Microsoft Works
[28/08/2008|14:55] C:\Program Files\Modem Diagnostic Tool
[21/01/2008|04:35] C:\Program Files\Movie Maker
[02/09/2008|13:17] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[28/08/2008|14:55] C:\Program Files\NetWaiting
[02/09/2008|13:07] C:\Program Files\Neuf
[02/09/2008|19:15] C:\Program Files\QuickTime
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[08/09/2008|09:33] C:\Program Files\Safari
[28/08/2008|16:40] C:\Program Files\Sigmatel
[07/09/2008|10:34] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[02/09/2008|14:00] C:\Program Files\VideoLAN
[21/01/2008|04:35] C:\Program Files\Windows Calendar
[21/01/2008|04:35] C:\Program Files\Windows Collaboration
[21/01/2008|04:35] C:\Program Files\Windows Defender
[21/01/2008|04:35] C:\Program Files\Windows Journal
[02/09/2008|18:25] C:\Program Files\Windows Live
[02/09/2008|20:37] C:\Program Files\Windows Mail
[21/01/2008|04:35] C:\Program Files\Windows Media Player
[02/09/2008|12:57] C:\Program Files\Windows NT
[21/01/2008|04:35] C:\Program Files\Windows Photo Gallery
[21/01/2008|04:35] C:\Program Files\Windows Sidebar
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[03/09/2008|13:16] C:\Program Files\Common Files\Adobe
[02/09/2008|19:12] C:\Program Files\Common Files\Apple
[28/08/2008|14:56] C:\Program Files\Common Files\InstallShield
[28/08/2008|14:53] C:\Program Files\Common Files\Java
[28/08/2008|15:09] C:\Program Files\Common Files\McAfee
[02/09/2008|18:14] C:\Program Files\Common Files\microsoft shared
[28/08/2008|14:57] C:\Program Files\Common Files\Reallusion
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[28/08/2008|15:05] C:\Program Files\Common Files\supportsoft
[21/01/2008|04:35] C:\Program Files\Common Files\System
[02/09/2008|18:25] C:\Program Files\Common Files\WindowsLiveInstaller
--------------------\\ Process
( 88 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-08 17:31:38
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:358][D:44]-> C:\Users\PIERRE~1\AppData\Local\Temp
[F:113][D:1]-> C:\Users\PIERRE~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:398][D:5]-> C:\Users\PIERRE~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:3][D:3]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 07/09/2008|20:20 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 08/09/2008|17:33 - Option : [2]
--------------------\\ Fin du rapport a 17:33:17
[ UAC => 1 ]
--------------------\\ Lop S&D 4.2.4-1 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU T2390 @ 1.86GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A13
USER : Pierre-adrien ( Administrator )
BOOT : Normal boot
"C:\Lop SD" ( MAJ : 06-09-2008|22:02 )
Option : [2] ( 08/09/2008|17:31 )
[ UAC => 1 ]
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION
Supprime! - C:\ProgramData\way rdr ford mpeg\Memo Intra.exe
Supprime! - C:\Program Files\Circle Developement\Uninstall.exe
Supprime! - C:\Users\PIERRE~1\AppData\Roaming\MICROS~1\Windows\Cookies\pierre-adrien@adopt.euroclick[2].txt
Supprime! - C:\ProgramData\Windowregsregs.60dn8
Supprime! - C:\ProgramData\Windowregsregs.hviii
Supprime! - C:\ProgramData\Tons bleh vc.u4rm6c
Supprime! - C:\ProgramData\Windowregsregs.1gx2oj8
Supprime! - C:\Users\PIERRE~1\AppData\Local\Temp\bisA644.exe
Supprime! - C:\Users\PIERRE~1\AppData\Local\Temp\bisAA1B.exe
Supprime! - C:\ProgramData\way rdr ford mpeg
Supprime! - C:\Program Files\Circle Developement
-
[ Fichier Hosts ] .. Restaure!
\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\
--------------------\\ Listing des dossiers dans Local
[03/09/2008|13:10] C:\Users\PIERRE~1\AppData\Local\Adobe
[02/09/2008|19:13] C:\Users\PIERRE~1\AppData\Local\Apple
[02/09/2008|20:41] C:\Users\PIERRE~1\AppData\Local\Apple Computer
[02/09/2008|12:57] C:\Users\PIERRE~1\AppData\Local\Application Data
[07/09/2008|15:33] C:\Users\PIERRE~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[02/09/2008|18:04] C:\Users\PIERRE~1\AppData\Local\eMule
[02/09/2008|12:58] C:\Users\PIERRE~1\AppData\Local\GDIPFONTCACHEV1.DAT
[02/09/2008|13:11] C:\Users\PIERRE~1\AppData\Local\Google
[02/09/2008|12:57] C:\Users\PIERRE~1\AppData\Local\Historique
[08/09/2008|00:01] C:\Users\PIERRE~1\AppData\Local\IconCache.db
[05/09/2008|09:40] C:\Users\PIERRE~1\AppData\Local\MediaDirect
[05/09/2008|10:40] C:\Users\PIERRE~1\AppData\Local\Microsoft
[02/09/2008|13:18] C:\Users\PIERRE~1\AppData\Local\Mozilla
[02/09/2008|21:38] C:\Users\PIERRE~1\AppData\Local\SupportSoft
[08/09/2008|17:31] C:\Users\PIERRE~1\AppData\Local\Temp
[02/09/2008|12:57] C:\Users\PIERRE~1\AppData\Local\Temporary Internet Files
[02/09/2008|18:29] C:\Users\PIERRE~1\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[28/08/2008 15:21][--a------] C:\Windows\tasks\McDefragTask.job
[28/08/2008 15:21][--a------] C:\Windows\tasks\McQcTask.job
[08/09/2008 09:19][--ah-----] C:\Windows\tasks\SA.DAT
[08/09/2008 00:02][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[03/09/2008|13:16] C:\ProgramData\Adobe
[02/09/2008|19:12] C:\ProgramData\Apple
[02/09/2008|19:17] C:\ProgramData\Apple Computer
[02/09/2008|12:57] C:\ProgramData\Application Data
[02/09/2008|12:57] C:\ProgramData\Bureau
[05/09/2008|01:32] C:\ProgramData\CyberLink
[28/08/2008|15:16] C:\ProgramData\Dell
[02/09/2008|12:57] C:\ProgramData\Documents
[02/09/2008|18:10] C:\ProgramData\eMule
[02/09/2008|12:57] C:\ProgramData\Favoris
[28/08/2008|15:04] C:\ProgramData\Google
[28/08/2008|15:11] C:\ProgramData\McAfee
[02/09/2008|12:57] C:\ProgramData\Menu D‚marrer
[02/09/2008|21:38] C:\ProgramData\Messenger Plus!
[02/09/2008|13:44] C:\ProgramData\Microsoft
[02/09/2008|12:57] C:\ProgramData\ModŠles
[02/09/2008|19:53] C:\ProgramData\oneonline
[28/08/2008|15:05] C:\ProgramData\SupportSoft
[02/09/2008|18:21] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[03/09/2008|13:16] C:\Program Files\Adobe
[08/09/2008|09:34] C:\Program Files\Apple Software Update
[02/09/2008|19:15] C:\Program Files\Bonjour
[28/08/2008|15:03] C:\Program Files\Cisco
[28/08/2008|15:11] C:\Program Files\Citrix
[03/09/2008|13:15] C:\Program Files\Common Files
[28/08/2008|16:40] C:\Program Files\CONEXANT
[28/08/2008|14:57] C:\Program Files\Creative
[28/08/2008|14:56] C:\Program Files\Creative Live! Cam
[28/08/2008|15:07] C:\Program Files\CyberLink
[28/08/2008|15:16] C:\Program Files\Dell
[28/08/2008|15:05] C:\Program Files\Dell Support Center
[29/08/2008|00:34] C:\Program Files\DellTPad
[28/08/2008|14:56] C:\Program Files\Digital Line Detect
[02/09/2008|18:04] C:\Program Files\eMule
[02/09/2008|12:57] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[02/09/2008|20:38] C:\Program Files\Google
[28/08/2008|15:05] C:\Program Files\InstallShield Installation Information
[28/08/2008|15:02] C:\Program Files\Intel
[02/09/2008|19:15] C:\Program Files\Internet Explorer
[02/09/2008|19:18] C:\Program Files\iPod
[02/09/2008|19:18] C:\Program Files\iTunes
[28/08/2008|14:53] C:\Program Files\Java
[08/09/2008|11:29] C:\Program Files\LimeWire
[06/09/2008|22:30] C:\Program Files\McAfee
[28/08/2008|15:09] C:\Program Files\McAfee.com
[02/09/2008|19:52] C:\Program Files\Messenger Plus! Live
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[28/08/2008|15:08] C:\Program Files\Microsoft Office
[28/08/2008|15:09] C:\Program Files\Microsoft Works
[28/08/2008|14:55] C:\Program Files\Modem Diagnostic Tool
[21/01/2008|04:35] C:\Program Files\Movie Maker
[02/09/2008|13:17] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[28/08/2008|14:55] C:\Program Files\NetWaiting
[02/09/2008|13:07] C:\Program Files\Neuf
[02/09/2008|19:15] C:\Program Files\QuickTime
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[08/09/2008|09:33] C:\Program Files\Safari
[28/08/2008|16:40] C:\Program Files\Sigmatel
[07/09/2008|10:34] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[02/09/2008|14:00] C:\Program Files\VideoLAN
[21/01/2008|04:35] C:\Program Files\Windows Calendar
[21/01/2008|04:35] C:\Program Files\Windows Collaboration
[21/01/2008|04:35] C:\Program Files\Windows Defender
[21/01/2008|04:35] C:\Program Files\Windows Journal
[02/09/2008|18:25] C:\Program Files\Windows Live
[02/09/2008|20:37] C:\Program Files\Windows Mail
[21/01/2008|04:35] C:\Program Files\Windows Media Player
[02/09/2008|12:57] C:\Program Files\Windows NT
[21/01/2008|04:35] C:\Program Files\Windows Photo Gallery
[21/01/2008|04:35] C:\Program Files\Windows Sidebar
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[03/09/2008|13:16] C:\Program Files\Common Files\Adobe
[02/09/2008|19:12] C:\Program Files\Common Files\Apple
[28/08/2008|14:56] C:\Program Files\Common Files\InstallShield
[28/08/2008|14:53] C:\Program Files\Common Files\Java
[28/08/2008|15:09] C:\Program Files\Common Files\McAfee
[02/09/2008|18:14] C:\Program Files\Common Files\microsoft shared
[28/08/2008|14:57] C:\Program Files\Common Files\Reallusion
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[28/08/2008|15:05] C:\Program Files\Common Files\supportsoft
[21/01/2008|04:35] C:\Program Files\Common Files\System
[02/09/2008|18:25] C:\Program Files\Common Files\WindowsLiveInstaller
--------------------\\ Process
( 88 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-08 17:31:38
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:358][D:44]-> C:\Users\PIERRE~1\AppData\Local\Temp
[F:113][D:1]-> C:\Users\PIERRE~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:398][D:5]-> C:\Users\PIERRE~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:3][D:3]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 07/09/2008|20:20 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 08/09/2008|17:33 - Option : [2]
--------------------\\ Fin du rapport a 17:33:17
[ UAC => 1 ]
En fait c'est assez étrange car aujourd'hui je n'ai pas eu de pub CID alors qu'hier oui et ces pubs apparaissent par intermittence, il peut tres bien se passer une matinée sans que ces pub apparaissent puis d'un coup dans l'apres-midi elles apparaissent. Voici le rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:35:05, on 07/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Windows\System32\wsqmcons.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ig/dell?hl=fr&client=dell-row&chan...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [bash chin] "C:\ProgramData\Windowregsregs.hviii"
O4 - HKCU\..\Run: [Ford mpeg road draw] "C:\ProgramData\Tons bleh vc.u4rm6c"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 9264 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:35:05, on 07/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Windows\system32\conime.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Windows\System32\wsqmcons.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ig/dell?hl=fr&client=dell-row&chan...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [bash chin] "C:\ProgramData\Windowregsregs.hviii"
O4 - HKCU\..\Run: [Ford mpeg road draw] "C:\ProgramData\Tons bleh vc.u4rm6c"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 9264 bytes
--------------------\\ Lop S&D 4.2.4-1 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) Dual CPU T2390 @ 1.86GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A13
USER : Pierre-adrien ( Administrator )
BOOT : Normal boot
"C:\Lop SD" ( MAJ : 06-09-2008|22:02 )
Option : [1] ( 09/09/2008|14:08 )
[ UAC => 1 ]
--------------------\\ Listing des dossiers dans Local
[03/09/2008|13:10] C:\Users\PIERRE~1\AppData\Local\Adobe
[02/09/2008|19:13] C:\Users\PIERRE~1\AppData\Local\Apple
[02/09/2008|20:41] C:\Users\PIERRE~1\AppData\Local\Apple Computer
[02/09/2008|12:57] C:\Users\PIERRE~1\AppData\Local\Application Data
[07/09/2008|15:33] C:\Users\PIERRE~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[02/09/2008|18:04] C:\Users\PIERRE~1\AppData\Local\eMule
[02/09/2008|12:58] C:\Users\PIERRE~1\AppData\Local\GDIPFONTCACHEV1.DAT
[02/09/2008|13:11] C:\Users\PIERRE~1\AppData\Local\Google
[02/09/2008|12:57] C:\Users\PIERRE~1\AppData\Local\Historique
[08/09/2008|00:01] C:\Users\PIERRE~1\AppData\Local\IconCache.db
[05/09/2008|09:40] C:\Users\PIERRE~1\AppData\Local\MediaDirect
[08/09/2008|22:20] C:\Users\PIERRE~1\AppData\Local\Microsoft
[02/09/2008|13:18] C:\Users\PIERRE~1\AppData\Local\Mozilla
[02/09/2008|21:38] C:\Users\PIERRE~1\AppData\Local\SupportSoft
[09/09/2008|14:07] C:\Users\PIERRE~1\AppData\Local\Temp
[02/09/2008|12:57] C:\Users\PIERRE~1\AppData\Local\Temporary Internet Files
[08/09/2008|21:38] C:\Users\PIERRE~1\AppData\Local\VirtualStore
--------------------\\ Tâches planifiées dans C:\Windows\tasks
[28/08/2008 15:21][--a------] C:\Windows\tasks\McDefragTask.job
[28/08/2008 15:21][--a------] C:\Windows\tasks\McQcTask.job
[09/09/2008 10:33][--ah-----] C:\Windows\tasks\SA.DAT
[08/09/2008 00:02][--a------] C:\Windows\tasks\SCHEDLGU.TXT
--------------------\\ Listing des dossiers dans C:\ProgramData
[03/09/2008|13:16] C:\ProgramData\Adobe
[02/09/2008|19:12] C:\ProgramData\Apple
[02/09/2008|19:17] C:\ProgramData\Apple Computer
[02/09/2008|12:57] C:\ProgramData\Application Data
[02/09/2008|12:57] C:\ProgramData\Bureau
[05/09/2008|01:32] C:\ProgramData\CyberLink
[28/08/2008|15:16] C:\ProgramData\Dell
[02/09/2008|12:57] C:\ProgramData\Documents
[02/09/2008|18:10] C:\ProgramData\eMule
[02/09/2008|12:57] C:\ProgramData\Favoris
[28/08/2008|15:04] C:\ProgramData\Google
[28/08/2008|15:11] C:\ProgramData\McAfee
[02/09/2008|12:57] C:\ProgramData\Menu D‚marrer
[02/09/2008|21:38] C:\ProgramData\Messenger Plus!
[02/09/2008|13:44] C:\ProgramData\Microsoft
[02/09/2008|12:57] C:\ProgramData\ModŠles
[02/09/2008|19:53] C:\ProgramData\oneonline
[28/08/2008|15:05] C:\ProgramData\SupportSoft
[02/09/2008|18:21] C:\ProgramData\WLInstaller
--------------------\\ Listing des dossiers dans C:\Program Files
[03/09/2008|13:16] C:\Program Files\Adobe
[08/09/2008|09:34] C:\Program Files\Apple Software Update
[02/09/2008|19:15] C:\Program Files\Bonjour
[28/08/2008|15:03] C:\Program Files\Cisco
[28/08/2008|15:11] C:\Program Files\Citrix
[03/09/2008|13:15] C:\Program Files\Common Files
[28/08/2008|16:40] C:\Program Files\CONEXANT
[28/08/2008|14:57] C:\Program Files\Creative
[28/08/2008|14:56] C:\Program Files\Creative Live! Cam
[28/08/2008|15:07] C:\Program Files\CyberLink
[28/08/2008|15:16] C:\Program Files\Dell
[28/08/2008|15:05] C:\Program Files\Dell Support Center
[29/08/2008|00:34] C:\Program Files\DellTPad
[28/08/2008|14:56] C:\Program Files\Digital Line Detect
[02/09/2008|18:04] C:\Program Files\eMule
[02/09/2008|12:57] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[02/09/2008|20:38] C:\Program Files\Google
[28/08/2008|15:05] C:\Program Files\InstallShield Installation Information
[28/08/2008|15:02] C:\Program Files\Intel
[02/09/2008|19:15] C:\Program Files\Internet Explorer
[02/09/2008|19:18] C:\Program Files\iPod
[02/09/2008|19:18] C:\Program Files\iTunes
[28/08/2008|14:53] C:\Program Files\Java
[08/09/2008|11:29] C:\Program Files\LimeWire
[06/09/2008|22:30] C:\Program Files\McAfee
[28/08/2008|15:09] C:\Program Files\McAfee.com
[02/09/2008|19:52] C:\Program Files\Messenger Plus! Live
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[28/08/2008|15:08] C:\Program Files\Microsoft Office
[28/08/2008|15:09] C:\Program Files\Microsoft Works
[28/08/2008|14:55] C:\Program Files\Modem Diagnostic Tool
[21/01/2008|04:35] C:\Program Files\Movie Maker
[02/09/2008|13:17] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[28/08/2008|14:55] C:\Program Files\NetWaiting
[02/09/2008|13:07] C:\Program Files\Neuf
[02/09/2008|19:15] C:\Program Files\QuickTime
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[08/09/2008|09:33] C:\Program Files\Safari
[28/08/2008|16:40] C:\Program Files\Sigmatel
[07/09/2008|10:34] C:\Program Files\Trend Micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[02/09/2008|14:00] C:\Program Files\VideoLAN
[21/01/2008|04:35] C:\Program Files\Windows Calendar
[21/01/2008|04:35] C:\Program Files\Windows Collaboration
[21/01/2008|04:35] C:\Program Files\Windows Defender
[21/01/2008|04:35] C:\Program Files\Windows Journal
[02/09/2008|18:25] C:\Program Files\Windows Live
[02/09/2008|20:37] C:\Program Files\Windows Mail
[21/01/2008|04:35] C:\Program Files\Windows Media Player
[02/09/2008|12:57] C:\Program Files\Windows NT
[21/01/2008|04:35] C:\Program Files\Windows Photo Gallery
[21/01/2008|04:35] C:\Program Files\Windows Sidebar
--------------------\\ Listing des dossiers dans C:\Program Files\Common Files
[03/09/2008|13:16] C:\Program Files\Common Files\Adobe
[02/09/2008|19:12] C:\Program Files\Common Files\Apple
[28/08/2008|14:56] C:\Program Files\Common Files\InstallShield
[28/08/2008|14:53] C:\Program Files\Common Files\Java
[28/08/2008|15:09] C:\Program Files\Common Files\McAfee
[02/09/2008|18:14] C:\Program Files\Common Files\microsoft shared
[28/08/2008|14:57] C:\Program Files\Common Files\Reallusion
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[28/08/2008|15:05] C:\Program Files\Common Files\supportsoft
[21/01/2008|04:35] C:\Program Files\Common Files\System
[02/09/2008|18:25] C:\Program Files\Common Files\WindowsLiveInstaller
--------------------\\ Process
( 84 Processes )
... OK !
--------------------\\ Recherche avec S_Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Recherche de Fichiers / Dossiers Lop
Aucun fichier / dossier Lop trouvé !
--------------------\\ Verification du Registre
..... OK !
--------------------\\ Verification du fichier Hosts
Fichier Hosts PROPRE
--------------------\\ Recherche de fichiers avec Catchme
catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-09 14:09:57
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0
--------------------\\ Recherche d'autres infections
Aucune autre infection trouvée !
[F:354][D:44]-> C:\Users\PIERRE~1\AppData\Local\Temp
[F:114][D:1]-> C:\Users\PIERRE~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:434][D:5]-> C:\Users\PIERRE~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:3][D:3]-> C:\$Recycle.Bin
1 - "C:\Lop SD\LopR_1.txt" - 07/09/2008|20:20 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 08/09/2008|17:33 - Option : [2]
3 - "C:\Lop SD\LopR_3.txt" - 09/09/2008|14:13 - Option : [1]
--------------------\\ Fin du rapport a 14:13:37
[ UAC => 1 ]
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:59:27, on 09/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\system32\conime.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ig/dell?hl=fr&client=dell-row&chan...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 9267 bytes
Scan saved at 18:59:27, on 09/09/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\system32\conime.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\taskeng.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ig/dell?hl=fr&client=dell-row&chan...
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O13 - Gopher Prefix:
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 9267 bytes
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumFenêtre internet qui s'ouvre toute seule
- Forumfenetre internet qui s'ouvre toute seule!
- Forumfenetre pub qui s'ouvre toute seule
- ForumFenetre qui s'ouvre toute seul
- Forum[Résolue]Fenêtre de pub qui s ouvre toute seul même
- ForumProbleme de fenetre qui s'ouvre toute seul
- ForumFenetre publicitaire qui s'ouvre toutes seul [resolu]
- ForumFenetre FireFox S'ouvre Toute seul
- Forummon ordinateur ouvre des fenêtre tout seul
- Voir plus
