Aller au contenu

  • Pas encore inscrit ?

    Pourquoi ne pas vous inscrire ? C'est simple, rapide et gratuit.
    Pour en savoir plus, lisez Les avantages de l'inscription... et la Charte de Zébulon.
    De plus, les messages que vous postez en tant qu'invité restent invisibles tant qu'un modérateur ne les a pas validés. Inscrivez-vous, ce sera un gain de temps pour tout le monde, vous, les helpeurs et les modérateurs ! :wink:

Pub au lancement du navigateur sous vista

dido

Par dido
dans Analyses et éradication malwares

 Partager

Messages recommandés

dido Member

dido

Posté(e)
  • Auteur
Posté(e) (modifié)

Re,

 

voila je me suis déconnecté du net, j'ai passé en mode sans échec et j'ai renommé "HijackThis" en "dido".

 

le rapport généré dans le bureau est :

 

Logfile of HijackThis v1.99.1

Scan saved at 19:30:15, on 03/07/2007

Platform: Unknown Windows (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16473)

 

Running processes:

C:\Windows\Explorer.EXE

C:\Windows\helppane.exe

C:\Users\kenpachi\Desktop\dido.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig/dell?hl=fr&cli...amp;ibd=2070604

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll

O2 - BHO: NetXfer - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program Files\Xi\NetXfer\NXIEHelper.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"

O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"

O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE

O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"

O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe

O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe

O4 - Global Startup: QuickSet.lnk = ?

O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm

O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Tout télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddList.html

O8 - Extra context menu item: Télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddLink.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll

O11 - Options group: [iNTERNATIONAL] International*

O13 - Gopher Prefix:

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{52204BC7-91A6-489B-BE3A-AFCAD0D8ADCA}: NameServer = 192.168.1.1

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: BCL easyPDF SDK 5 Loader (bepldr) - Unknown owner - C:\Program Files\Common Files\BCL Technologies\easyPDF 5\bepldr.exe

O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe

O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe

O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe

O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe

O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe

O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe

O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

 

merci

Modifié par dido

dido Member

dido

Posté(e)
  • Auteur
Posté(e) (modifié)

Re,

 

Apres que je poste le dernier rapport, je viens juste d'être envahi par une page du site fr.drivecleaner.com. je constate que l'icône java se trouve dans la barre de tache et que ces pubs ne ce lancent que lorsque cette petite icône de java est visible.

 

j'ai effectué la manipulation que tu m'a indiqué mais cette fois ci sans passer par le mode sans échec et en renommant à dido.

 

voila le rapport :

 

Logfile of HijackThis v1.99.1

Scan saved at 20:07:12, on 03/07/2007

Platform: Unknown Windows (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16473)

 

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\system32\taskeng.exe

C:\Windows\Explorer.EXE

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

c:\PROGRA~1\mcafee.com\agent\mcagent.exe

C:\Program Files\Java\jre1.6.0\bin\jusched.exe

C:\Windows\System32\ico.exe

C:\Windows\sttray.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

C:\Program Files\McAfee\MSK\mskagent.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Dell\MediaDirect\PCMService.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\DellSupport\DSAgnt.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\MSN Messenger\msnmsgr.exe

C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program Files\McAfee\MPS\mpsevh.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Windows\ehome\ehmsas.exe

C:\Windows\System32\Pmxmiced.exe

C:\Program Files\Windows Mail\WinMail.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

C:\Program Files\Opera\Opera.exe

C:\Users\kenpachi\Desktop\dido.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig/dell?hl=fr&cli...amp;ibd=2070604

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/ig/dell?hl=fr&cli...amp;ibd=2070604

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O1 - Hosts: ::1 localhost

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll

O2 - BHO: NetXfer - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program Files\Xi\NetXfer\NXIEHelper.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"

O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"

O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE

O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"

O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe

O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe

O4 - Global Startup: QuickSet.lnk = ?

O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm

O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Tout télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddList.html

O8 - Extra context menu item: Télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddLink.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll

O11 - Options group: [iNTERNATIONAL] International*

O13 - Gopher Prefix:

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{52204BC7-91A6-489B-BE3A-AFCAD0D8ADCA}: NameServer = 192.168.1.1

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL

O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: BCL easyPDF SDK 5 Loader (bepldr) - Unknown owner - C:\Program Files\Common Files\BCL Technologies\easyPDF 5\bepldr.exe

O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe

O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe

O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe

O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe

O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe

O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe

O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe

O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe

O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe

O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\redirsvc\redirsvc.exe

O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe

O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe

O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe

O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe

O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe

O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe

O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost.exe (file missing)

O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\STacSV.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

 

mais je dois signaler que sans passer par le mode sans échec j'ai deux message d'avertissement comme quoi HijackThis n'a pas pu accéder à certaines choses ou un truc de ce genre.

 

merci

Modifié par dido
bruce lee Devil Member !

bruce lee

Posté(e)
Posté(e)

Re,

 

Télécharge Deckard's System Scanner http://deckard.geekstogo.com/dss.exe sur ton bureau

 

Ferme toutes les applications en cours

Doublie clique sur dss.exe. Tu auras deux messages qui vont apparaitre à l'écran, clique sur OK pour les deux.

 

Sois patient, le scan peut être long.

 

A la fin tu auras de nouveau un message disant que bloc-notes va s'ouvrir clique sur OK puis fais un copier/coller de tout son contenu.

dido Member

dido

Posté(e)
  • Auteur
Posté(e)

re,

A la fin du scan j'ai trouvé 2 fichiers txt ouvert les voila :

 

Deckard's System Scanner v20070611.50

Run by kenpachi on 2007-07-03 at 21:56:21

Computer is in Normal Mode.

--------------------------------------------------------------------------------

 

-- Last 5 Restore Point(s) --

19: 2007-07-03 18:38:36 UTC - RP70 - Removed Ad-Aware 2007

18: 2007-07-03 17:48:48 UTC - RP67 - Installed Ad-Aware 2007

17: 2007-07-03 17:40:18 UTC - RP66 - Removed Ad-Aware 2007

16: 2007-07-03 16:58:10 UTC - RP65 - Installed Ad-Aware 2007

15: 2007-06-28 17:41:47 UTC - RP64 - Windows Update

 

 

-- First Restore Point --

1: 2007-06-22 22:17:41 UTC - RP50 - Point de contrôle planifié

 

 

Backed up registry hives.

 

Performed disk cleanup.

 

 

-- HijackThis Clone ------------------------------------------------------------

 

Emulating logfile of HijackThis v1.99.1

Scan saved at 2007-07-03 21:58:48

Platform: Windows Vista (6.00.6000)

MSIE: Internet Explorer (7.00.6000.16386)

 

Running processes:

C:\Windows\System32\dwm.exe

C:\Windows\System32\taskeng.exe

C:\Windows\explorer.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Java\jre1.6.0\bin\jusched.exe

C:\Windows\System32\ico.exe

C:\Windows\sttray.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe

C:\Program Files\McAfee\MSK\mskagent.exe

C:\Windows\System32\pmxmiced.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\Dell\MediaDirect\PCMService.exe

C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\DellSupport\DSAgnt.exe

C:\Windows\ehome\ehtray.exe

C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Digital Line Detect\DLG.exe

C:\Program Files\Dell\QuickSet\quickset.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Windows\ehome\ehmsas.exe

C:\Program Files\McAfee\MPS\mpsevh.exe

C:\Program Files\Windows Mail\WinMail.exe

C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

C:\Program Files\McAfee.com\Agent\mcagent.exe

C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe

C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe

C:\Users\kenpachi\Desktop\dss.exe

C:\Windows\System32\conime.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig/dell?hl=fr&cli...amp;ibd=2070604

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll

O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll

O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptcl.dll

O2 - BHO: NetXfer - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program Files\Xi\NetXfer\NXIEHelper.dll

O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\GoogleToolbar2.dll

O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\GoogleToolbar2.dll

O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll

O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide

O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"

O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"

O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE

O4 - HKLM\..\Run: [sigmatelSysTrayApp] sttray.exe

O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"

O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe

O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup

O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe

O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"

O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe

O4 - Global Startup: BTTray.lnk = C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe

O4 - Global Startup: QuickSet.lnk = C:\Windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe

O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm

O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

O8 - Extra context menu item: Tout télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddList.html

O8 - Extra context menu item: Télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddLink.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll

O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll

O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office12\ONBttnIE.dll

O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)

O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)

O9 - Extra 'Tools' menuitem: (no name) - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (file missing)

O9 - Extra button: (no name) - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: (no name) - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/9/b...heckControl.cab

O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab

O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} () - http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab

O17 - HKLM\SYSTEM\CCS\Services\Tcpip\..\{52204BC7-91A6-489B-BE3A-AFCAD0D8ADCA}: NameServer = 192.168.1.1

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll

O18 - Protocol: ms-help - {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\microsoft shared\Help\hxds.dll

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\MSN Messenger\msgrapp.8.1.0178.00.dll

O18 - Filter: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

O23 - Service: BCL easyPDF SDK 5 Loader (bepldr) - Unknown owner - "C:\Program Files\Common Files\BCL Technologies\easyPDF 5\bepldr.exe"

O23 - Service: GoogleDesktopManager - Google - "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe"

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - "C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe"

O23 - Service: RoxMediaDB9 - Sonic Solutions - "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe"

O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe"

O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\stacsv.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - "C:\Program Files\Common Files\SureThing Shared\stllssvr.exe"

 

 

-- File Associations -----------------------------------------------------------

 

All associations okay.

 

 

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

 

R3 DSproct - \??\c:\program files\dellsupport\gtaction\triggers\dsproct.sys

 

S3 driverhardwarev2 - \??\c:\program files\hardwaredetection\driverhardwarev2.sys

 

 

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

 

R2 STacSV (SigmaTel Audio Service) - c:\program files\sigmatel\c-major audio\wdm\stacsv.exe <Not Verified; SigmaTel, Inc.; C-Major Audio>

 

S3 bepldr (BCL easyPDF SDK 5 Loader) - "c:\program files\common files\bcl technologies\easypdf 5\bepldr.exe" <Not Verified; ; bepldr Module>

S3 stllssvr - "c:\program files\common files\surething shared\stllssvr.exe" <Not Verified; MicroVision Development, Inc.; SureThing CD Labeler>

 

 

-- Scheduled Tasks -------------------------------------------------------------

 

2007-07-01 01:00:02 370 --a------ C:\Windows\Tasks\McQcTask.job

2007-06-15 01:00:03 380 --a------ C:\Windows\Tasks\McDefragTask.job

 

 

-- Files created between 2007-06-03 and 2007-07-03 -----------------------------

 

2007-07-03 00:02:52 0 d-------- C:\Users\All Users\Grisoft

2007-06-26 17:26:08 0 dr------- C:\Users\Invité\Searches

2007-06-26 17:25:36 0 dr------- C:\Users\Invité\Contacts

2007-06-26 17:25:11 0 d--hs---- C:\Users\Invité\Voisinage réseau

2007-06-26 17:25:11 0 d--hs---- C:\Users\Invité\Voisinage d'impression

2007-06-26 17:25:11 0 d--hs---- C:\Users\Invité\SendTo

2007-06-26 17:25:11 0 d--hs---- C:\Users\Invité\Recent

2007-06-26 17:25:11 0 d--hs---- C:\Users\Invité\Modèles

2007-06-26 17:25:11 0 d--hs---- C:\Users\Invité\Mes documents

2007-06-26 17:25:11 0 d--hs---- C:\Users\Invité\Menu Démarrer

2007-06-26 17:25:11 0 d--hs---- C:\Users\Invité\Local Settings

2007-06-26 17:25:11 0 d--hs---- C:\Users\Invité\Cookies

2007-06-26 17:25:11 0 d--hs---- C:\Users\Invité\Application Data

2007-06-26 17:25:10 0 dr------- C:\Users\Invité\Videos

2007-06-26 17:25:10 0 dr------- C:\Users\Invité\Saved Games

2007-06-26 17:25:10 0 dr------- C:\Users\Invité\Pictures

2007-06-26 17:25:10 786432 --ahs---- C:\Users\Invité\NTUSER.DAT

2007-06-26 17:25:10 0 dr------- C:\Users\Invité\Music

2007-06-26 17:25:10 0 dr------- C:\Users\Invité\Links

2007-06-26 17:25:10 0 dr------- C:\Users\Invité\Favorites

2007-06-26 17:25:10 0 dr------- C:\Users\Invité\Downloads

2007-06-26 17:25:10 0 dr------- C:\Users\Invité\Documents

2007-06-26 17:25:10 0 dr------- C:\Users\Invité\Desktop

2007-06-26 17:25:10 0 d--h----- C:\Users\Invité\AppData

2007-06-25 23:43:18 0 d-------- C:\Program Files\Common Files\BCL Technologies

2007-06-25 23:42:55 0 d-------- C:\Users\All Users\Nitro PDF

2007-06-25 23:42:55 0 d-------- C:\Program Files\Nitro PDF

2007-06-25 23:11:29 0 d-------- C:\Program Files\Xi

2007-06-24 18:27:45 0 d-------- C:\Program Files\HardwareDetection

2007-06-24 01:21:57 676224 --a------ C:\Windows\system32\ogacheckcontrol.dll

2007-06-18 20:15:43 0 d-------- C:\Windows\BDOSCAN8

2007-06-18 01:11:07 0 d-------- C:\Windows\system32\Kaspersky Lab

2007-06-17 22:48:21 0 d-------- C:\Users\All Users\FLEXnet

2007-06-17 22:36:00 0 d-------- C:\Users\All Users\Adobe

2007-06-17 22:36:00 0 d-------- C:\Program Files\Common Files\Adobe

2007-06-16 23:08:36 0 d-------- C:\Users\All Users\eMule

2007-06-16 23:06:41 0 d-------- C:\Program Files\eMule

2007-06-16 19:08:24 0 d-------- C:\Program Files\Shareaza

2007-06-15 00:29:46 0 d-------- C:\Program Files\Yamicsoft

2007-06-14 20:59:53 0 d-------- C:\Program Files\Lavalys

2007-06-13 21:52:25 0 d-------- C:\Windows\system32\directx

2007-06-11 21:38:59 0 d-------- C:\Program Files\TuneUp Utilities 2007

2007-06-11 21:36:47 0 d-------- C:\Users\All Users\TuneUp Software

2007-06-11 21:36:44 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard

2007-06-11 20:57:21 0 d-------- C:\Users\All Users\Messenger Plus!

2007-06-11 20:55:59 0 d-------- C:\Program Files\Windows Live

2007-06-11 20:55:58 0 d-------- C:\Program Files\Messenger Plus! Live

2007-06-11 00:34:40 0 d-------- C:\Program Files\MSECache

2007-06-11 00:16:19 0 d-------- C:\Program Files\Microsoft Works

2007-06-11 00:15:08 0 d-------- C:\Program Files\Microsoft.NET

2007-06-11 00:12:47 0 d-------- C:\Program Files\Microsoft Visual Studio 8

2007-06-11 00:11:12 0 d-------- C:\Users\All Users\Microsoft Help

2007-06-11 00:10:01 0 dr-h----- C:\MSOCache

2007-06-10 02:12:53 0 d-------- C:\Program Files\Internet Download Manager

2007-06-09 13:57:00 0 d-------- C:\Program Files\Winamp

2007-06-09 13:11:06 0 d-------- C:\Program Files\Pando Networks

2007-06-09 11:52:13 0 d-------- C:\Program Files\7-Zip

2007-06-08 23:00:52 0 d-------- C:\Program Files\Opera

2007-06-08 22:15:53 0 d-------- C:\Users\All Users\Apple Computer

2007-06-08 22:15:40 217088 --a------ C:\Windows\system32\yv12vfw.dll <Not Verified; www.helixcommunity.org; Helix YV12 YUV Codec>

2007-06-08 22:15:39 180224 --a------ C:\Windows\system32\xvidvfw.dll

2007-06-08 22:15:39 593920 --a------ C:\Windows\system32\xvidcore.dll

2007-06-08 22:15:39 3596288 --a------ C:\Windows\system32\qt-dx331.dll

2007-06-08 22:15:39 73728 --a------ C:\Windows\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>

2007-06-08 22:15:39 740442 --a------ C:\Windows\system32\divx.dll <Not Verified; DivX, Inc.; DivX®>

2007-06-08 22:15:38 10752 --a------ C:\Windows\system32\ff_vfw.dll

2007-06-08 22:15:36 0 d-------- C:\Users\All Users\Real

2007-06-08 22:15:36 0 d-------- C:\Program Files\K-Lite Codec Pack

2007-06-08 20:09:12 0 d-------- C:\Windows\PCHEALTH

2007-06-08 20:09:12 0 d-------- C:\Program Files\MSN Messenger

2007-06-08 19:45:04 0 d-------- C:\Program Files\uTorrent

2007-06-07 23:25:16 0 d-------- C:\ATI

2007-06-07 22:46:57 0 --a------ C:\Windows\nsreg.dat

2007-06-07 21:25:45 0 d-------- C:\Windows\system32\DLA

2007-06-07 20:43:32 0 d-------- C:\Users\kenpachi\Bluetooth Software

2007-06-07 20:42:11 0 dr------- C:\Users\kenpachi\Searches

2007-06-07 20:41:46 0 dr------- C:\Users\kenpachi\Contacts

2007-06-07 20:40:40 0 d--hs---- C:\Users\kenpachi\Voisinage réseau

2007-06-07 20:40:40 0 d--hs---- C:\Users\kenpachi\Voisinage d'impression

2007-06-07 20:40:40 0 d--hs---- C:\Users\kenpachi\SendTo

2007-06-07 20:40:40 0 d--hs---- C:\Users\kenpachi\Recent

2007-06-07 20:40:40 0 d--hs---- C:\Users\kenpachi\Modèles

2007-06-07 20:40:40 0 d--hs---- C:\Users\kenpachi\Mes documents

2007-06-07 20:40:40 0 d--hs---- C:\Users\kenpachi\Menu Démarrer

2007-06-07 20:40:40 0 d--hs---- C:\Users\kenpachi\Local Settings

2007-06-07 20:40:40 0 d--hs---- C:\Users\kenpachi\Cookies

2007-06-07 20:40:40 0 d--hs---- C:\Users\kenpachi\Application Data

2007-06-07 20:40:39 0 dr------- C:\Users\kenpachi\Videos

2007-06-07 20:40:39 0 dr------- C:\Users\kenpachi\Saved Games

2007-06-07 20:40:39 0 dr------- C:\Users\kenpachi\Pictures

2007-06-07 20:40:39 2621440 --ahs---- C:\Users\kenpachi\NTUSER.DAT

2007-06-07 20:40:39 0 dr------- C:\Users\kenpachi\Music

2007-06-07 20:40:39 0 dr------- C:\Users\kenpachi\Links

2007-06-07 20:40:39 0 dr------- C:\Users\kenpachi\Favorites

2007-06-07 20:40:39 0 dr------- C:\Users\kenpachi\Downloads

2007-06-07 20:40:39 0 dr------- C:\Users\kenpachi\Documents

2007-06-07 20:40:39 0 dr------- C:\Users\kenpachi\Desktop

2007-06-07 20:40:39 0 d--h----- C:\Users\kenpachi\AppData

2007-06-07 20:32:15 0 d--hs---- C:\Users\Default\Voisinage réseau

2007-06-07 20:32:15 0 d--hs---- C:\Users\Default\Voisinage d'impression

2007-06-07 20:32:15 0 d--hs---- C:\Users\Default\SendTo

2007-06-07 20:32:15 0 d--hs---- C:\Users\Default\Recent

2007-06-07 20:32:15 0 d--hs---- C:\Users\Default\Modèles

2007-06-07 20:32:15 0 d--hs---- C:\Users\Default\Mes documents

2007-06-07 20:32:15 0 d--hs---- C:\Users\Default\Menu Démarrer

2007-06-07 20:32:15 0 d--hs---- C:\Users\Default\Local Settings

2007-06-07 20:32:15 0 d--hs---- C:\Users\Default\Cookies

2007-06-07 20:32:15 0 d--hs---- C:\Users\Default\Application Data

2007-06-07 20:32:15 0 d--hs---- C:\Users\All Users\Modèles

2007-06-07 20:32:15 0 d--hs---- C:\Users\All Users\Menu Démarrer

2007-06-07 20:32:15 0 d--hs---- C:\Users\All Users\Favoris

2007-06-07 20:32:15 0 d--hs---- C:\Users\All Users\Documents

2007-06-07 20:32:15 0 d--hs---- C:\Users\All Users\Bureau

2007-06-07 20:32:15 0 d--hs---- C:\Users\All Users\Application Data

2007-06-07 20:32:15 0 d--hs---- C:\Program Files\Fichiers communs

2007-06-07 20:32:15 0 d--hs---- C:\Documents and Settings

2007-06-04 22:02:45 0 d-------- C:\Program Files\Synaptics

2007-06-04 22:00:51 0 d-------- C:\Windows\Users

2007-06-04 21:57:19 0 d-------- C:\doctemp

2007-06-04 21:55:42 0 d-------- C:\Windows\system32\oem

2007-06-04 21:55:42 0 d-------- C:\Drivers

2007-06-04 21:55:42 0 d-------- C:\DELL

2007-06-04 14:36:48 0 d-------- C:\Users\All Users\Dell

2007-06-04 14:36:48 0 d-------- C:\Users\All Users\CyberLink

2007-06-04 14:36:48 0 d-------- C:\MDT

2007-06-04 14:36:42 44544 --a------ C:\Windows\system32\msxml4a.dll <Not Verified; Microsoft Corporation; Microsoft® MSXML 4.0 SP1>

2007-06-04 14:36:23 0 d-------- C:\Program Files\CyberLink

2007-06-04 14:36:15 0 d-------- C:\Users\All Users\Google

2007-06-04 14:35:55 0 d-------- C:\Program Files\Google

2007-06-04 14:35:54 0 d-------- C:\Program Files\BAE

2007-06-04 14:35:32 0 d-------- C:\Users\All Users\Gtek

2007-06-04 14:35:32 0 d-------- C:\Program Files\DellSupport

2007-06-04 14:33:32 143360 --a------ C:\Windows\system32\dunzip32.dll <Not Verified; Inner Media, Inc.; DynaZIP-32 Multi-Threading UnZIP DLL>

2007-06-04 14:32:22 0 d-------- C:\Program Files\McAfee.com

2007-06-04 14:32:21 0 d-------- C:\Program Files\Common Files\McAfee

2007-06-04 14:32:19 0 d-------- C:\Program Files\McAfee

2007-06-04 14:32:17 0 d-------- C:\Users\All Users\McAfee

2007-06-04 14:30:54 0 d-------- C:\Users\All Users\Roxio

2007-06-04 14:29:07 0 d-------- C:\Program Files\Common Files\SureThing Shared

2007-06-04 14:29:03 0 d-------- C:\Users\All Users\InstallShield

2007-06-04 14:29:02 0 d-------- C:\Program Files\Roxio

2007-06-04 14:28:49 0 d-------- C:\Users\All Users\Sonic

2007-06-04 14:28:44 0 d-------- C:\Program Files\Common Files\Sonic Shared

2007-06-04 14:28:09 0 d-------- C:\Program Files\Common Files\Roxio Shared

2007-06-04 14:26:07 1458176 --a------ C:\Windows\system32\stlang.dll <Not Verified; SigmaTel, Inc.; C-Major Audio>

2007-06-04 14:26:07 90112 --a------ C:\Windows\system32\stacsv.exe <Not Verified; SigmaTel, Inc.; C-Major Audio>

2007-06-04 14:26:07 303104 --a------ C:\Windows\sttray.exe <Not Verified; SigmaTel, Inc.; C-Major Audio>

2007-06-04 14:25:41 0 d-------- C:\Program Files\SigmaTel

2007-06-04 14:24:31 229376 --a------ C:\Windows\system32\BtwRSupport.dll <Not Verified; Broadcom Corporation.; Bluetooth Software 6.0.1.3100>

2007-06-04 14:24:02 0 d-------- C:\Windows\system32\es-MX

2007-06-04 14:24:02 0 d-------- C:\Windows\system32\es-AR

2007-06-04 14:24:01 0 d-------- C:\Program Files\WIDCOMM

2007-06-04 14:22:24 274432 --a------ C:\Windows\system32\pmxutil.dll <Not Verified; Primax Electronics Ltd.; Mouse Suite 98>

2007-06-04 14:22:24 131072 --a------ C:\Windows\system32\pmxscrll.dll <Not Verified; Primax Electronics Ltd.; MouseSuite 98>

2007-06-04 14:22:24 126976 --a------ C:\Windows\system32\pmxmiced.exe <Not Verified; Primax Electronics Ltd.; MouseSuite 98>

2007-06-04 14:22:24 65536 --a------ C:\Windows\system32\pmxhooks.dll <Not Verified; Primax Electronics Ltd.; Mouse Suite 98>

2007-06-04 14:22:23 28672 --a------ C:\Windows\system32\UnInst.exe <Not Verified; Primax Electronics Ltd.; primax UnInst>

2007-06-04 14:22:23 49152 --a------ C:\Windows\system32\pmxcomm.dll <Not Verified; Primax Electronics Ltd.; Mouse Suite 98>

2007-06-04 14:22:23 94208 --a------ C:\Windows\system32\Pelzoom.dll <Not Verified; Primax Electronics Ltd.; Primax Mouse>

2007-06-04 14:22:23 40960 --a------ C:\Windows\system32\LaunHelp.exe <Not Verified; Primax Electronics Ltd.; primax LaunHelp>

2007-06-04 14:22:23 49152 --a------ C:\Windows\system32\ico.exe <Not Verified; Primax Electronics Ltd.; MouseSuite 98>

2007-06-04 14:22:23 303104 --a------ C:\Windows\system32\FontZoom.exe <Not Verified; ; SkinDialog_Demo Application>

2007-06-04 14:22:21 2285568 --a------ C:\Windows\system32\DellPM.exe <Not Verified; Primax Electronics Ltd.; MouseSuite>

2007-06-04 14:22:21 143360 --a------ C:\Windows\system32\ApSwitch.exe <Not Verified; Primax Electronics Ltd.; MouseSuite 98>

2007-06-04 14:22:21 0 d-------- C:\Program Files\Dell

2007-06-04 14:21:42 0 d-------- C:\Program Files\Digital Line Detect

2007-06-04 14:21:34 0 d-------- C:\Windows\java

2007-06-04 14:21:33 0 d-------- C:\Program Files\Common Files\InstallShield

2007-06-04 14:20:44 0 d-------- C:\Program Files\Modem Diagnostic Tool

2007-06-04 14:19:44 0 d--h----- C:\Program Files\InstallShield Installation Information

2007-06-04 14:19:19 0 d-------- C:\Program Files\NetWaiting

2007-06-04 14:18:55 0 d-------- C:\Program Files\ATI Technologies

2007-06-04 14:18:43 0 d-------- C:\Program Files\Java

2007-06-04 14:18:43 0 d-------- C:\Program Files\Common Files\Java

2007-06-04 14:18:37 0 d-------- C:\Windows\system32\Macromed

2007-06-04 14:18:30 0 d-------- C:\Program Files\MSXML 4.0

2007-06-04 14:18:12 0 d--hs---- C:\Windows\Installer

2007-06-04 14:08:56 12 --a------ C:\Windows\bthservsdp.dat

2007-06-04 14:08:46 0 d-------- C:\Windows\SoftwareDistribution

2007-06-04 14:08:03 0 d-------- C:\Program Files\CONEXANT

2007-06-04 14:06:45 0 d--hs---- C:\System Volume Information

 

 

-- Find3M Report ---------------------------------------------------------------

 

2007-07-03 19:26:07 0 d-------- C:\Users\kenpachi\AppData\Roaming\DMCache

2007-07-03 01:59:43 0 d-------- C:\Users\kenpachi\AppData\Roaming\uTorrent

2007-07-01 18:16:40 0 d-------- C:\Users\kenpachi\AppData\Roaming\IDM

2007-06-25 23:45:19 0 d-------- C:\Users\kenpachi\AppData\Roaming\Nitro PDF

2007-06-25 23:11:50 0 d-------- C:\Users\kenpachi\AppData\Roaming\Xi

2007-06-18 00:56:44 690832 --a------ C:\Windows\system32\perfh00C.dat

2007-06-18 00:56:44 117572 --a------ C:\Windows\system32\perfc00C.dat

2007-06-17 23:27:38 0 d-------- C:\Users\kenpachi\AppData\Roaming\Adobe

2007-06-16 19:08:24 0 d-------- C:\Users\kenpachi\AppData\Roaming\Shareaza

2007-06-13 19:20:01 0 d-------- C:\Program Files\Windows Mail

2007-06-13 18:47:56 0 d-------- C:\Users\kenpachi\AppData\Roaming\Roxio

2007-06-11 21:38:59 0 d-------- C:\Users\kenpachi\AppData\Roaming\TuneUp Software

2007-06-11 19:02:34 0 d-------- C:\Users\kenpachi\AppData\Roaming\AdobeUM

2007-06-11 00:16:09 0 d-------- C:\Program Files\MSBuild

2007-06-10 15:43:22 0 d-------- C:\Users\kenpachi\AppData\Roaming\McAfee

2007-06-09 14:00:06 0 d-------- C:\Users\kenpachi\AppData\Roaming\Winamp

2007-06-09 11:43:01 0 d-------- C:\Users\kenpachi\AppData\Roaming\WinRAR

2007-06-09 00:23:36 0 d-------- C:\Users\kenpachi\AppData\Roaming\Media Player Classic

2007-06-08 23:12:23 0 d-------- C:\Users\kenpachi\AppData\Roaming\Real

2007-06-08 23:01:04 0 d-------- C:\Users\kenpachi\AppData\Roaming\Opera

2007-06-08 22:21:22 0 d-------- C:\Users\kenpachi\AppData\Roaming\Google

2007-06-07 23:17:11 0 d-------- C:\Users\kenpachi\AppData\Roaming\Talkback

2007-06-07 23:02:30 0 d-------- C:\Users\kenpachi\AppData\Roaming\Macromedia

2007-06-07 22:46:54 0 d-------- C:\Users\kenpachi\AppData\Roaming\Mozilla

2007-06-07 22:32:01 0 d-------- C:\Users\kenpachi\AppData\Roaming\CyberLink

2007-06-07 22:28:26 0 d-------- C:\Users\kenpachi\AppData\Roaming\Template

2007-06-07 22:28:25 0 --a------ C:\Users\kenpachi\AppData\Roaming\wklnhst.dat

2007-06-07 21:02:20 0 d-------- C:\Program Files\Windows Defender

2007-06-07 20:55:53 0 d-------- C:\Users\kenpachi\AppData\Roaming\GTek

2007-06-07 20:43:49 0 d-------- C:\Users\kenpachi\AppData\Roaming\ATI

2007-06-07 20:41:51 0 d-------- C:\Users\kenpachi\AppData\Roaming\Identities

2007-06-07 20:32:15 0 d-------- C:\Program Files\Windows NT

 

 

-- Registry Dump ---------------------------------------------------------------

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]

{0055C089-8582-441B-A0BF-17B458C2A3A8} C:\Program Files\Internet Download Manager\IDMIECC.dll

{72853161-30C5-4D22-B7F9-0BBC1D38A37E} C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} c:\Program Files\Java\jre1.6.0\bin\ssv.dll

{7DB2D5A0-7241-4E79-B68D-6309F01C5231} c:\program files\mcafee\virusscan\scriptcl.dll

{83B80A9C-D91A-4F22-8DCF-EA7204039F79} C:\Program Files\Xi\NetXfer\NXIEHelper.dll

{9030D464-4C02-4ABF-8ECC-5164760863C6} C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

{AA58ED58-01DD-4d91-8333-CF10577473F7} c:\program files\google\googletoolbar2.dll

{CA6319C0-31B7-401E-A518-A07C3DB8F777} C:\Program Files\BAE\BAE.dll

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]

"Windows Defender"=hex(2):25,50,72,6f,67,72,61,6d,46,69,6c,65,73,25,5c,57,69,\

"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"

"SunJavaUpdateSched"="\"c:\\Program Files\\Java\\jre1.6.0\\bin\\jusched.exe\""

"ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\CLIStart.exe\""

"PMX Daemon"="ICO.EXE"

"SigmatelSysTrayApp"="sttray.exe"

"ISUSScheduler"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\issch.exe\" -start"

"RoxWatchTray"="\"C:\\Program Files\\Common Files\\Roxio Shared\\9.0\\SharedCOM\\RoxWatchTray9.exe\""

"MskAgentexe"="C:\\Program Files\\McAfee\\MSK\\MskAgent.exe"

"Google Desktop Search"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup"

"ECenter"="c:\\dell\\E-Center\\EULALauncher.exe"

"PCMService"="\"C:\\Program Files\\Dell\\MediaDirect\\PCMService.exe\""

"ISUSPM Startup"="C:\\PROGRA~1\\COMMON~1\\INSTAL~1\\UPDATE~1\\ISUSPM.exe -startup"

"GrooveMonitor"="\"C:\\Program Files\\Microsoft Office\\Office12\\GrooveMonitor.exe\""

"Adobe Reader Speed Launcher"="\"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\""

 

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]

"DellSupport"="\"C:\\Program Files\\DellSupport\\DSAgnt.exe\" /startup"

"ehTray.exe"="C:\\Windows\\ehome\\ehTray.exe"

"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"

@=""

"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe"

"WMPNSCFG"="C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe"

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"=dword:00000002

"ConsentPromptBehaviorUser"=dword:00000001

"EnableInstallerDetection"=dword:00000001

"EnableLUA"=dword:00000001

"EnableSecureUIAPaths"=dword:00000001

"EnableVirtualization"=dword:00000001

"PromptOnSecureDesktop"=dword:00000001

"ValidateAdminCodeSignatures"=dword:00000000

"scforceoption"=dword:00000000

"FilterAdministratorToken"=dword:00000000

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system\UIPI]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system\UIPI\Clipboard]

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system\UIPI\Clipboard\ExceptionFormats]

"CF_TEXT"=dword:00000001

"CF_BITMAP"=dword:00000002

"CF_OEMTEXT"=dword:00000007

"CF_DIB"=dword:00000008

"CF_PALETTE"=dword:00000009

"CF_UNICODETEXT"=dword:0000000d

"CF_DIBV5"=dword:00000011

 

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]

"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"="Groove GFS Stub Execution Hook"

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"appinit_dlls"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"="credssp.dll"

 

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa

Notification Packages REG_MULTI_SZ scecli\

Security Packages REG_MULTI_SZ kerberosmsv1_0schannelwdigesttspkg\

Authentication Packages REG_MULTI_SZ msv1_0\

 

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AppInfo

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\KeyIso

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\MCODS

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\NTDS

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\ProfSvc

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sacsvr

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\SWPRV

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\TabletInputService

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\TBS

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\TrustedInstaller

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\volmgr.sys

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\volmgrx.sys

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="updateMgr"

"hkey"="HKCU"

"inimapping"="0"

"YEAR"=dword:000007d7

"MONTH"=dword:00000006

"DAY"=dword:0000000b

"HOUR"=dword:00000014

"MINUTE"=dword:00000035

"SECOND"=dword:0000001c

 

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]

LocalService REG_MULTI_SZ nsilltdsvcSSDPSRVupnphostSCardSvrw32timeEventSystemRemoteRegistryWinHttpAutoProxySvclanmanworkstationTBSSLUINotifyTHREADORDERfdrespubnetprofmfdphostwcncsvcQWAVEMcx2SvcWebClient\

LocalSystemNetworkRestricted REG_MULTI_SZ hidservUxSmsWdiSystemHostNetmantrkwksAudioEndpointBuilderWUDFSvcirmonsysmainIPBusEnumdot3svcPcaSvcEMDMgmtTabletInputServicewlansvcWPDBusEnum\

NetworkServiceNetworkRestricted REG_MULTI_SZ PolicyAgent\

LocalServiceNoNetwork REG_MULTI_SZ PLADPSBFEmpssvcehstart\

NetworkService REG_MULTI_SZ CryptSvcDHCPTermServiceKtmRmDNSCacheNapAgentnlasvcWinRMWECSVCTapisrv\

termsvcs REG_MULTI_SZ TermService\

WerSvcGroup REG_MULTI_SZ wersvc\

swprv REG_MULTI_SZ swprv\

LocalServiceNetworkRestricted REG_MULTI_SZ DHCPeventlogAudioSrvLmHostswscsvcp2pimsvcPNRPSvcp2psvcWPCSvcPnrpAutoReg\

rpcss REG_MULTI_SZ RpcSs\

regsvc REG_MULTI_SZ RemoteRegistry\

wcssvc REG_MULTI_SZ WcsPlugInService\

DcomLaunch REG_MULTI_SZ PlugPlayDcomLaunch\

wdisvc REG_MULTI_SZ WdiServiceHost\

sdrsvc REG_MULTI_SZ sdrsvc\

imgsvc REG_MULTI_SZ StiSvc\

secsvcs REG_MULTI_SZ WinDefend\

bthsvcs REG_MULTI_SZ BthServ\

 

hklm\software\Microsoft\Windows NT\CurrentVersion\Svchost *netsvcs*

AeLookupSvc

UxTuneUp

wercplsupport

CertPropSvc

SCPolicySvc

gpsvc

IKEEXT

LogonHours

PCAudit

iphlpsvc

AppInfo

msiscsi

MMCSS

ProfSvc

EapHost

SessionEnv

hkmsvc

 

 

 

-- End of Deckard's System Scanner: finished at 2007-07-03 at 21:59:36 ---------

 

et le deuxième :

 

Deckard's System Scanner v20070611.50

Extra logfile - please post this as an attachment with your post.

--------------------------------------------------------------------------------

 

-- System Information ----------------------------------------------------------

 

Microsoft® Windows Vista Édition Familiale Premium (build 6000)

Architecture: X86; Language: French

 

CPU 0: Intel® Core2 CPU T7200 @ 2.00GHz

Percentage of Memory in Use: 42%

Physical Memory (total/avail): 2045.82 MiB / 1177.66 MiB

Pagefile Memory (total/avail): 4311.95 MiB / 3236.71 MiB

Virtual Memory (total/avail): 2047.88 MiB / 1926.55 MiB

 

C: is Fixed (NTFS) - 136.96 GiB total, 87.9 GiB free.

D: is Fixed (NTFS) - 10 GiB total, 6.35 GiB free.

E: is CDROM (No Media)

F: is Fixed (FAT32) - 465.65 GiB total, 278.33 GiB free.

 

 

-- Security Center -------------------------------------------------------------

 

AUOptions is scheduled to auto-install.

Windows Internal Firewall is disabled.

 

FW: McAfee Personal Firewall v (McAfee)

AV: McAfee VirusScan v (McAfee)

AS: McAfee VirusScan v (McAfee)

AS: AVG Anti-Spyware v7, 5, 1, 43 (GRISOFT s.r.o.) Disabled Outdated

AS: Windows Defender v1.1.1505.0 (Microsoft Corporation) Disabled

 

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

 

[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]

 

 

-- Environment Variables -------------------------------------------------------

 

ALLUSERSPROFILE=C:\ProgramData

APPDATA=C:\Users\kenpachi\AppData\Roaming

CommonProgramFiles=C:\Program Files\Common Files

COMPUTERNAME=PC-DE-KENPACHI

ComSpec=C:\Windows\system32\cmd.exe

FP_NO_HOST_CHECK=NO

HOMEDRIVE=C:

HOMEPATH=\Users\kenpachi

LOCALAPPDATA=C:\Users\kenpachi\AppData\Local

LOGONSERVER=\\PC-DE-KENPACHI

NUMBER_OF_PROCESSORS=2

OS=Windows_NT

Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\

PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC

PROCESSOR_ARCHITECTURE=x86

PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 6, GenuineIntel

PROCESSOR_LEVEL=6

PROCESSOR_REVISION=0f06

ProgramData=C:\ProgramData

ProgramFiles=C:\Program Files

PROMPT=$P$G

PUBLIC=C:\Users\Public

RoxioCentral=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\

SystemDrive=C:

SystemRoot=C:\Windows

TEMP=C:\Users\kenpachi\AppData\Local\Temp

TMP=C:\Users\kenpachi\AppData\Local\Temp

USERDOMAIN=PC-de-kenpachi

USERNAME=kenpachi

USERPROFILE=C:\Users\kenpachi

windir=C:\Windows

 

 

-- User Profiles ---------------------------------------------------------------

 

kenpachi

Invité (new local, guest, net ready)

 

 

-- Add/Remove Programs ---------------------------------------------------------

 

--> MsiExec.exe /I{152CF1AF-139A-44D0-8AB1-F1721083E4E7}

--> MsiExec.exe /I{7EB5D4F6-B411-4765-80A6-F9B8EB5804CF}

7-Zip 4.47 beta --> "C:\Program Files\7-Zip\Uninstall.exe"

Adobe Flash Player ActiveX --> C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe

Adobe Reader 8.1.0 - Français --> MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81000000003}

Adobe Shockwave Player --> C:\Windows\System32\Macromed\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Macromed\SHOCKW~1\Install.log

Archiveur WinRAR --> C:\Program Files\WinRAR\uninstall.exe

Assistant Personnalisation du systéme Dell --> MsiExec.exe /I{9954484F-6EE4-4040-94E3-4B380646F867}

ATI Catalyst Control Center Ex --> MsiExec.exe /I{493BAF04-DA99-9257-B343-E17BB5E687A3}

µTorrent --> "C:\Program Files\uTorrent\uninstall.exe"

Complément Microsoft Enregistrer en tant que PDF ou XPS pour programmes Microsoft Office 2007 --> MsiExec.exe /X{90120000-00B2-040C-0000-0000000FF1CE}

Conexant HDA D110 MDC V.92 Modem --> C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_14F100C3\HXFSETUP.EXE -U -IDellHDAz.inf

DellSupport --> MsiExec.exe /X{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}

Digital Line Detect --> C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x040c -removeonly

eMule --> "C:\Program Files\eMule\Uninstall.exe"

EVEREST Ultimate Edition v4.00 --> "C:\Program Files\Lavalys\EVEREST Ultimate Edition\unins000.exe"

Google Desktop --> C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall

Google Toolbar for Internet Explorer --> MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}

Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"

Guide de l'utilisateur --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}\setup.exe"

HijackThis 1.99.1 --> C:\Users\kenpachi\AppData\Local\Temp\Rar$EX00.197\HijackThis.exe /uninstall

Internet Download Manager --> C:\Program Files\Internet Download Manager\Uninstall.exe

Java SE Runtime Environment 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}

K-Lite Mega Codec Pack 2.1.5 --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"

Ma-Config.com --> "C:\Program Files\HardwareDetection\Uninstall.exe" "C:\Program Files\HardwareDetection\install.log" -u

Macro complémentaire Microsoft Office PowerPoint --> MsiExec.exe /I{A3B1D3CE-1B63-42AC-B0B8-2703141578EE}

McAfee SecurityCenter --> C:\Program Files\McAfee\MSC\mcuninst.exe

MediaDirect --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}\Setup.exe" -l0x40c -cluninstall

Messenger Plus! Live --> "C:\Program Files\Messenger Plus! Live\Uninstall.exe"

Microsoft Office Access MUI (French) 2007 --> MsiExec.exe /X{90120000-0015-040C-0000-0000000FF1CE}

Microsoft Office Enterprise 2007 --> "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL

Microsoft Office Enterprise 2007 --> MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}

Microsoft Office Excel MUI (French) 2007 --> MsiExec.exe /X{90120000-0016-040C-0000-0000000FF1CE}

Microsoft Office Groove MUI (French) 2007 --> MsiExec.exe /X{90120000-00BA-040C-0000-0000000FF1CE}

Microsoft Office InfoPath MUI (French) 2007 --> MsiExec.exe /X{90120000-0044-040C-0000-0000000FF1CE}

Microsoft Office OneNote MUI (French) 2007 --> MsiExec.exe /X{90120000-00A1-040C-0000-0000000FF1CE}

Microsoft Office Outlook MUI (French) 2007 --> MsiExec.exe /X{90120000-001A-040C-0000-0000000FF1CE}

Microsoft Office Outlook SMS Add-in --> MsiExec.exe /I{FD5C399F-2D43-4EC5-AAF7-D600041EF25C}

Microsoft Office PowerPoint MUI (French) 2007 --> MsiExec.exe /X{90120000-0018-040C-0000-0000000FF1CE}

Microsoft Office Proof (Arabic) 2007 --> MsiExec.exe /X{90120000-001F-0401-0000-0000000FF1CE}

Microsoft Office Proof (Dutch) 2007 --> MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}

Microsoft Office Proof (English) 2007 --> MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}

Microsoft Office Proof (French) 2007 --> MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}

Microsoft Office Proof (German) 2007 --> MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}

Microsoft Office Proof (Spanish) 2007 --> MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}

Microsoft Office Proofing (French) 2007 --> MsiExec.exe /X{90120000-002C-040C-0000-0000000FF1CE}

Microsoft Office Publisher MUI (French) 2007 --> MsiExec.exe /X{90120000-0019-040C-0000-0000000FF1CE}

Microsoft Office Shared MUI (French) 2007 --> MsiExec.exe /X{90120000-006E-040C-0000-0000000FF1CE}

Microsoft Office Word MUI (French) 2007 --> MsiExec.exe /X{90120000-001B-040C-0000-0000000FF1CE}

Mouse Suite for Laptop Computers --> C:\Program Files\InstallShield Installation Information\{BF13AA9D-E4CE-4015-9778-ECC1D4FB06E4}\setup.exe -runfromtemp -l0x040c -removeonly

Mozilla Firefox (2.0.0.4) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe

MSXML 4.0 SP2 (KB927978) --> MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}

NetWaiting --> C:\Program Files\InstallShield Installation Information\{3F92ABBB-6BBF-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x040c -removeonly

NetXfer 2.42.366 --> "C:\Program Files\Xi\NetXfer\unins000.exe"

Nitro PDF Professional --> MsiExec.exe /I{F0C2AD51-9F09-4B75-82EE-74DA80F708D8}

Opera 9.21 --> MsiExec.exe /X{39619863-8A11-4B60-A166-E6747C986EBE}

Outil de diagnostic de modem --> MsiExec.exe /I{F63A3748-B93D-4360-9AD4-B064481A5C7B}

OutlookAddinSetup --> MsiExec.exe /I{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}

Pando --> MsiExec.exe /I{C0B0FA55-D4E9-4374-9871-BBFBF2AEF0D1}

QuickSet --> MsiExec.exe /I{7F0C4457-8E64-491B-8D7B-991504365D1E}

Roxio Creator Audio --> MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}

Roxio Creator BDAV Plugin --> MsiExec.exe /I{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}

Roxio Creator Copy --> MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}

Roxio Creator Data --> MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}

Roxio Creator DE --> MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}

Roxio Creator Tools --> MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}

Roxio Drag-to-Disc --> MsiExec.exe /I{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}

Roxio Express Labeler --> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}

Roxio MyDVD DE --> MsiExec.exe /I{D639085F-4B6E-4105-9F37-A0DBB023E2FB}

Roxio Update Manager --> MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}

Security Update for Excel 2007 (KB934670) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CD098537-8857-4065-B4B6-AC023CB2C48E}

Security Update for Office 2007 (KB934062) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {305D509B-F194-4638-9F0F-D9E4C05F9D33}

Shareaza version 2.2.5.0 --> "C:\Program Files\Shareaza\Uninstall\unins000.exe"

SigmaTel Audio --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\101\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x40c -remove -removeonly

Sonic Activation Module --> MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}

Spelling Dictionaries Support For Adobe Reader 8 --> MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}

Synaptics Pointing Device Driver --> rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall

TuneUp Utilities 2007 --> MsiExec.exe /I{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}

Update for Office 2007 (KB932080) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {EDC9CA29-6BC1-471C-828C-7A36109005D7}

Update for Office 2007 (KB933688) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F6E692F1-63C2-4760-94C6-C689DCD053F1}

Update for Office 2007 (KB934391) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5}

Update for Office 2007 (KB934393) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {92FBAD46-E7F6-49FA-89B5-C39FC5BFAD15}

Update for Outlook 2007 (KB933493) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {23F2FF76-ABCD-421D-9860-0D0B2999D028}

Update for Outlook 2007 Junk Email Filter (KB934655) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F7185592-E40D-476E-9BC4-38DF96EE176B}

Update for Word 2007 (KB934173) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C6A89125-5473-45E3-B413-ED8186437475}

URL Assistant --> regsvr32 /u /s "C:\Program Files\BAE\BAE.dll"

Vista Manager --> MsiExec.exe /I{4E79AC14-1F0A-4044-B069-126EDCD2308F}

WIDCOMM Bluetooth Software 6.0.1.3100 --> MsiExec.exe /X{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}

Winamp (remove only) --> "C:\Program Files\Winamp\UninstWA.exe"

Windows Live Messenger --> MsiExec.exe /I{F6326B60-1B1D-4ABF-BFCD-7B7404F44411}

Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}

Windows Media Player Firefox Plugin --> MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}

 

 

-- End of Deckard's System Scanner: finished at 2007-07-03 at 21:59:36 ---------

 

merci pour tous

bruce lee Devil Member !

bruce lee

Posté(e)
Posté(e)

Bonjour dido,

 

bonjour,

 

 

Imprime ces instructions si nécessaire car il va y avoir un redémarrage de l'ordinateur.

 

Télécharge FixWareout de l'un de ces deux liens :

http://downloads.subratam.org/Fixwareout.exe

http://download.bleepingcomputer.com/lonny/Fixwareout.exe

 

Sauvegarde-le sur ton Bureau, puis lance-le.

Clique Next, puis Install, et assure-toi que "Run fixit" soit coché, puis clique Finish.

Suis les directives à l'écran.

L'outil va te demander de redémarrer ton PC; fais-le s'il te plaît.

Le redémarrage risque de prendre un peu plus de temps; ceci est normal.

Suite au redémarrage, copie/colle le contenu du rapport généré par l'outil qui se trouve ici : C:\fixwareout\report.txt

dido Member

dido

Posté(e)
  • Auteur
Posté(e)

bonjour,

 

j'ai effectué ce que tu m'a dit sauf qu'il m'a affiché un message comme quoi ma version de windows n'est pas supporter. et puis il s'est arrêté sans rien faire.

 

salutations, merci

bruce lee Devil Member !

bruce lee

Posté(e)
Posté(e)

Re,

 

Télécharge gmer : http://www.gmer.net/gmer.zip

Déconnecte toi d'internet si possible et ferme tous les programmes.

Décompresse le fichier zip et double-clic sur gmer.exe

IMPORTANT: Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.

Clic sur l'onglet "rootkit" et clic sur Scan

Lorsque le scan est terminé, clic sur "copy"

 

Ouvre le bloc-note et clic sur le Menu Edition / Coller

Le rapport doit alors apparaître.

Enregistre le fichier sur ton bureau et copie/colle le contenu ici.

dido Member

dido

Posté(e)
  • Auteur
Posté(e) (modifié)

Re,

 

en réalisant le scan avec gmer, mon ordi portable s'est planté : une sorte de "freeze" rien ne voulais marché et j'ai du l'arrêter électriquement :P . j'ai ressayé une deuxième fois mais j'ai eu le meme probléme et j'ai été obliger d'arrêter l'ordi électriquement. j'ai remarqué que mon ordi se plantait lorsque gmer arriver à \ctfs ou un truc de ce genre. j'espère que se n'est pas quelque chose de grave.

 

merci

Modifié par dido
bruce lee Devil Member !

bruce lee

Posté(e)
Posté(e)

Re,

 

Télécharge Blacklight (de F-Secure); clique sur "I ACCEPT" au bas de la page. Sauvegarde le sur ton Bureau.

 

Double-clique blbeta.exe et accepte la licence; clique Scan puis Next

 

Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).

 

Copie et colle le contenu de ce rapport dans ta prochaine réponse. NE PAS choisir l'option "rename ou cleaning" de suite : nous devons analyser le rapport, car des fichiers légitimes peuvent être présents, tel wbemtest.exe

dido Member

dido

Posté(e)
  • Auteur
Posté(e)

Re,

 

voila le rapport avec blacklight :

 

07/04/07 21:38:32 [info]: BlackLight Engine 1.0.64 initialized

07/04/07 21:38:32 [info]: OS: 6.0 build 6000 ()

07/04/07 21:38:33 [Note]: 7019 4

07/04/07 21:38:33 [Note]: 7005 0

07/04/07 21:38:35 [Note]: 7006 0

07/04/07 21:38:35 [Note]: 7027 0

07/04/07 21:38:36 [Note]: 7026 0

07/04/07 21:38:36 [Note]: 7026 0

07/04/07 21:38:41 [Note]: FSRAW library version 1.7.1022

07/04/07 21:41:52 [Note]: 7007 0

 

apparemment il n'a rien trouvé!!

 

salutations

Rejoindre la conversation

Vous pouvez publier maintenant et vous inscrire plus tard. Si vous avez un compte, connectez-vous maintenant pour publier avec votre compte.
Remarque : votre message nécessitera l’approbation d’un modérateur avant de pouvoir être visible.

Invité
Répondre à ce sujet…

×   Collé en tant que texte enrichi.   Coller en tant que texte brut à la place

  Seulement 75 émoticônes maximum sont autorisées.

×   Votre lien a été automatiquement intégré.   Afficher plutôt comme un lien

×   Votre contenu précédent a été rétabli.   Vider l’éditeur

×   Vous ne pouvez pas directement coller des images. Envoyez-les depuis votre ordinateur ou insérez-les depuis une URL.

×
 Partager
Aller sur la liste des sujets

  • En ligne récemment   0 membre est en ligne

    • Aucun utilisateur enregistré regarde cette page.
×
×
  • Créer...