PopUp intempestifs Sécurité IE avec VistaRésolu/Fermé

Question

Bonjour, 

J'ai posté ce message dans la section "Windows" mais sur les conseils d'un forumeur, je me permets dans créer un ici.

Voici mon problème: depuis que j'ai accepté la mise à jour de Vista, il y a maintenant 2 jours, je me retrouve avec des fenêtres de Sécurité Internet Explorer même lorsque je lance IE, qui me dit ceci:

Sur un fond orangé/jaune: Un site web veut ouvrir un contenu Web en utilisant ce programme sur votre ordinateur 

Puis le corps du message: Ce programme sera ouvert en dehors du mode protégé. Le mode protégé de Ie vous aide à protéger votre ordi; Si vous ne faites pas confiance à ce site Web, n'ouvrez pas ce programme. (Pour le lancement d'IE, c'est un comble!!!) 

Non: Processus hôte Windows (rundll32) 
Editeur: Microsoft Windows 
Détails: "C:\windows\system32\gzmrotate.dll" DllVerify 

J'ai aussi une case qui me permettrait de ne plus afficher d'avertissement pour ce programme mais elle n'est pas active! 

Donc soit j'autorise et je peux aller sur internet soit je refuse et je ne peux pas, simple.... 

Après 1 heure avec la hot-line de McAfee = no solution. Ils m'ont conseillé des utilitaires Spywae a passer en plus... 

J'ai fait passer Spybot et SUPERAntiSpyware Professional qui m'ont retiré quelques petites choses mais ces fenêtres sont toujours là... 

Une idée car j'en ai marre de cliquer et surtout, je voudrai comprendre d'où cela vient..? Virus or not virus??? That's my question! ;))

Merci de votre aide! 

Andisa

green day · Answer

Salut

 Télécharge ceci : 

Lien : hijackthis

Démo : http://pageperso.aol.fr/balltrap34/demohijack.htm 

Choisir l'option "do a scan and a logfile", et faire un copier/coller du rapport ainsi générer sur le forum. 

++

Andisa · Answer

Bonsoir green day,

Voici le rapport:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:33:51, on 12/10/2007
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32	askeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32undll32.exe
C:\Windows\System32undll32.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\System32undll32.exe
C:\Windows\sttray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\McAfee\MSK\mskagent.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\PROGRA~1\MICROS~3\OFFICE11\OUTLOOK.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: rightonadz browser optimizer - {971C3384-F75E-4562-95B3-CBE7417529BC} - C:\Windows\system32\gzmrotate.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32
vHotkey.dll,Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [hid_start] C:\Windows\System32\Rundll32.exe "C:\Windows\system32\gzmrotate.dll" DllVerify
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1
O4 - HKUS\.DEFAULT\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin
pjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin
pjpi160.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix: 
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafeeedirsvcedirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

green day · Answer

Ok, le message d'erreur est une bébéttes !

 fais ce qui est indiqué ici stp :

 virus methode preliminaire de desinfection version fr

++

Andisa · Answer

Pendant que ça scanne, peux-tu me dire de quelle bêbête il s'agit?

Merci

Andisa

green day · Answer

re

 il s'agit de l'adware AdRotator/IconAds associé au fichier.dll suivant : gzmrotate.dll selon castelcops

 il y a aussi pas ma de fichiers suspects dans les fichiers temps !

++

Andisa · Answer

AdRotator a été supprimer hier via SuperAntiSpyware pro

Je viens de désactivier la protection sécurité internet de windows qui ne sert pas à grand chose faut bien le dire... Et je n'ai plus de pop up... Mais je continue les scans pour avoir ton avis final.

Merci!

Andisa

Andisa · Answer

Voici le rapport AVG Anti-spyware:

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

 + Créé à:	23:14:10 12/10/2007

 + Résultat de l'analyse:	



C:\Users\Jean-Pierre\AppData\Roaming\Microsoft\Windows\Cookies\Low\jean-pierre@com[1].txt -> TrackingCookie.Com : Aucune action entreprise.


Fin du rapport

Andisa

Andisa · Answer

BitDefender ne peut pas checker mon PC mais ne dit pas pourquoi.....

Andisa

Andisa · Answer

Et voici le dernier scan HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:25:04, on 12/10/2007
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32	askeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32undll32.exe
C:\Windows\System32undll32.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\sttray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\McAfee\MSK\mskagent.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32undll32.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Windows\System32undll32.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\MSN Messenger\livecall.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\PROGRA~1\MICROS~3\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\Temp\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: rightonadz browser optimizer - {971C3384-F75E-4562-95B3-CBE7417529BC} - C:\Windows\system32\gzmrotate.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32
vHotkey.dll,Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [hid_start] C:\Windows\System32\Rundll32.exe "C:\Windows\system32\gzmrotate.dll" DllVerify
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Windows\Temp\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1
O4 - HKUS\.DEFAULT\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin
pjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin
pjpi160.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix: 
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Windows\Temp\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafeeedirsvcedirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

green day · Answer

ok, pas grave ... ça doit être le reste de la bénétte ...

 petite verif : 

Télécharger ComboFix (par sUBs) sur le Bureau : http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    * Démarrer en mode sans echec
    * Double cliquer combofix.exe.
    * Appuyer sur la touche Y (Yes) pour démarrer le scan
    * Le rapport sera crée dans: C:\Combofix.txt 

++

Andisa · Answer

Et voici le rapport (très long...) de ComboFix: ComboFix 07-10-12.4 - Isabelle 2007-10-12 23:44:02.1 - NTFSx86 NETWORK Microsoft© Windows VistaT dition Familiale Premium 6.0.6000.0.1252.1.1036.18.1660 [GMT 2:00] Running from: C:\Users\Isabelle\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WBF1ACNT\ComboFix[1].exe . ((((((((((((((((((((((((((((( Fichiers créés 2007-09-12 to 2007-10-12 )))))))))))))))))))))))))))))))))))) . 2007-10-12 23:35 51,200 --a------ C:\Windows\NirCmd.exe 2007-10-12 23:17 d-------- C:\Windows\BDOSCAN8 2007-10-12 22:29 d-------- C:\Users\Isabelle\AppData\Roaming\Grisoft 2007-10-12 22:29 d-------- C:\Users\All Users\Grisoft 2007-10-12 22:29 d-------- C:\ProgramData\Grisoft 2007-10-12 22:29 10,872 --a------ C:\Windows\System32\drivers\AvgAsCln.sys 2007-10-12 22:17 d-------- C:\Program Files\CCleaner 2007-10-12 21:31 d-------- C:\Program Files\Trend Micro 2007-10-11 21:37 d-------- C:\Users\Isabelle\AppData\Roaming\SUPERAntiSpyware.com 2007-10-11 21:37 d-------- C:\Users\All Users\SUPERAntiSpyware.com 2007-10-11 21:37 d-------- C:\ProgramData\SUPERAntiSpyware.com 2007-10-11 21:37 d-------- C:\Program Files\SUPERAntiSpyware 2007-10-11 21:36 d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-10-11 19:48 d-------- C:\Users\All Users\Spybot - Search & Destroy 2007-10-11 19:48 d-------- C:\ProgramData\Spybot - Search & Destroy 2007-10-09 18:08 d-------- C:\Multimedia Files 2007-10-06 23:30 d-------- C:\Program Files\MSN Messenger 2007-10-06 23:03 27,620 --a------ C:\Users\Isabelle\AppData\Roaming vModes.dat 2007-10-06 22:55 dr------- C:\Users\Isabelle\Videos 2007-10-06 22:55 dr------- C:\Users\Isabelle\Searches 2007-10-06 22:55 dr------- C:\Users\Isabelle\Saved Games 2007-10-06 22:55 dr------- C:\Users\Isabelle\Pictures 2007-10-06 22:55 dr------- C:\Users\Isabelle\Music 2007-10-06 22:55 dr------- C:\Users\Isabelle\Links 2007-10-06 22:55 dr------- C:\Users\Isabelle\Downloads 2007-10-06 22:55 dr------- C:\Users\Isabelle\Documents 2007-10-06 22:55 dr------- C:\Users\Isabelle\Contacts 2007-10-06 22:55 d-------- C:\Users\Isabelle\Bluetooth Software 2007-10-06 22:55 d-------- C:\Users\Isabelle\AppData\Roaming\Roxio 2007-10-06 22:55 d-------- C:\Users\Isabelle\AppData\Roaming\Media Center Programs 2007-10-06 22:55 d--h----- C:\Users\Isabelle\AppData\Roaming\GTek 2007-10-06 22:55 d--h----- C:\Users\Isabelle\AppData 2007-10-06 22:54 27,905 --a------ C:\Users\Jean-Pierre\AppData\Roaming vModes.dat 2007-09-21 12:53 d-------- C:\Windows\PCHEALTH 2007-09-21 12:53 d-------- C:\Program Files\Microsoft.NET 2007-09-21 12:48 dr-h----- C:\MSOCache 2007-09-21 12:32 619,008 --a------ C:\Windows\System32\drivers\dxgkrnl.sys 2007-09-21 12:32 70,144 --a------ C:\Windows\System32\drivers\pacer.sys 2007-09-21 12:32 61,952 --a------ C:\Windows\System32\drivers\wanarp.sys 2007-09-21 12:32 48,640 --a------ C:\Windows\System32\drivers dproxy.sys 2007-09-21 12:32 20,480 --a------ C:\Windows\System32\drivers distapi.sys 2007-09-21 12:29 63,488 --a------ C:\Windows\System32\drivers\mpsdrv.sys 2007-09-21 12:29 23,040 --a------ C:\Windows\System32\drivers unnel.sys 2007-09-21 12:29 15,360 --a------ C:\Windows\System32\drivers\TUNMP.SYS 2007-09-21 12:27 82,432 --a------ C:\Windows\System32\drivers\sdbus.sys 2007-09-21 12:23 12,800 --a------ C:\Windows\System32\drivers\fs_rec.sys . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2007-10-11 19:35 5,863,960 ----a-w C:\Users\Isabelle\SUPERAntiSpywarePro.exe 2007-10-11 19:26 904,048 ----a-w C:\Users\Isabelle\fsbl.exe 2007-10-11 17:28 --------- d-----w C:\Program Files\McAfee 2007-10-10 16:26 --------- d-----w C:\Program Files\Windows Mail 2007-10-07 11:45 45,240 ----a-w C:\Windows\system32\drivers\pciidex.sys 2007-10-07 11:45 28,344 ----a-w C:\Windows\system32\drivers\battc.sys 2007-10-07 11:45 258,232 ----a-w C:\Windows\system32\drivers\acpi.sys 2007-10-07 11:45 21,688 ----a-w C:\Windows\system32\drivers\atapi.sys 2007-10-07 11:45 20,920 ----a-w C:\Windows\system32\drivers\compbatt.sys 2007-10-07 11:45 16,056 ----a-w C:\Windows\system32\drivers\pciide.sys 2007-10-07 11:45 14,208 ----a-w C:\Windows\system32\drivers\CmBatt.sys 2007-10-07 11:45 110,264 ----a-w C:\Windows\system32\drivers\ataport.sys 2007-10-07 11:45 11,264 ----a-w C:\Windows\system32\drivers\wmiacpi.sys 2007-09-21 10:37 174 --sha-w C:\Program Files\desktop.ini 2007-09-21 10:34 --------- d-----w C:\Program Files\Windows Calendar 2007-09-21 10:10 --------- d--h--w C:\Users\Jean-Pierre\AppData\Roaming\GTek 2007-09-04 09:34 --------- d-----w C:\Users\Jean-Pierre\AppData\Roaming\Roxio 2007-09-04 09:31 --------- d-sh--w C:\ProgramData\Modèles 2007-09-04 09:31 --------- d-sh--w C:\ProgramData\Menu Démarrer 2007-09-04 09:31 --------- d-sh--w C:\ProgramData\Favoris 2007-09-04 09:31 --------- d-sh--w C:\ProgramData\Documents 2007-09-04 09:31 --------- d-sh--w C:\ProgramData\Bureau 2007-09-04 09:31 --------- d-sh--w C:\ProgramData\Application Data 2007-09-04 09:31 --------- d-sh--w C:\Program Files\Fichiers communs 2007-08-28 23:51 53,760 ----a-w C:\Windows\system32\drivers\hdaudbus.sys 2007-08-28 23:51 --------- d-----w C:\Program Files\DellTPad 2007-08-28 23:50 73,216 ----a-w C:\Windows\system32\drivers\usbccgp.sys 2007-08-28 23:50 5,888 ----a-w C:\Windows\system32\drivers\usbd.sys 2007-08-28 23:50 38,912 ----a-w C:\Windows\system32\drivers\hidclass.sys 2007-08-28 23:50 38,400 ----a-w C:\Windows\system32\drivers\usbehci.sys 2007-08-28 23:50 25,472 ----a-w C:\Windows\system32\drivers\hidparse.sys 2007-08-28 23:50 23,040 ----a-w C:\Windows\system32\drivers\usbuhci.sys 2007-08-28 23:50 224,768 ----a-w C:\Windows\system32\drivers\usbport.sys 2007-08-28 23:50 192,000 ----a-w C:\Windows\system32\drivers\usbhub.sys 2007-08-28 23:50 12,288 ----a-w C:\Windows\system32\drivers\hidusb.sys 2007-08-28 23:50 --------- d-----w C:\Program Files\Windows Defender 2007-08-28 23:49 74,752 ----a-w C:\Windows\system32\drivers asl2tp.sys 2007-08-28 23:49 60,928 ----a-w C:\Windows\system32\drivers aspptp.sys 2007-08-28 23:49 51,896 ----a-w C:\Windows\system32\drivers\partmgr.sys 2007-08-28 23:49 29,184 ----a-w C:\Windows\system32\drivers\BTHUSB.SYS 2007-08-28 23:49 25,784 ------w C:\Windows\system32\drivers\msahci.sys 2007-08-28 23:49 220,160 ----a-w C:\Windows\system32\drivers\bthport.sys 2007-08-28 23:49 20,152 ------w C:\Windows\system32\drivers\viaide.sys 2007-08-28 23:49 19,456 ----a-w C:\Windows\system32\drivers\bthenum.sys 2007-08-28 23:49 19,128 ------w C:\Windows\system32\drivers\cmdide.sys 2007-08-28 23:49 18,104 ------w C:\Windows\system32\drivers\amdide.sys 2007-08-28 23:49 17,592 ----a-w C:\Windows\system32\drivers\intelide.sys 2007-08-28 23:49 17,592 ------w C:\Windows\system32\drivers\aliide.sys 2007-08-28 23:48 58,472 ------w C:\Windows\system32\drivers\ULIAGPKX.SYS 2007-08-28 23:48 54,888 ------w C:\Windows\system32\drivers\AMDAGP.SYS 2007-08-28 23:48 54,376 ------w C:\Windows\system32\drivers\VIAAGP.SYS 2007-08-28 23:48 53,864 ------w C:\Windows\system32\drivers\AGP440.sys 2007-08-28 23:48 53,352 ------w C:\Windows\system32\drivers\SISAGP.SYS 2007-08-28 23:48 50,792 ----a-w C:\Windows\system32\drivers ermdd.sys 2007-08-28 23:48 50,280 ----a-w C:\Windows\system32\drivers\volmgr.sys 2007-08-28 23:48 47,208 ------w C:\Windows\system32\drivers\isapnp.sys 2007-08-28 23:48 28,776 ----a-w C:\Windows\system32\drivers\mssmbios.sys 2007-08-28 23:48 242,688 ------w C:\Windows\system32\drivers dpdr.sys 2007-08-28 23:48 140,392 ----a-w C:\Windows\system32\drivers\pci.sys 2007-08-28 23:48 13,928 ----a-w C:\Windows\system32\drivers\msisadrv.sys 2007-08-28 23:48 12,776 ----a-w C:\Windows\system32\drivers\swenum.sys 2007-08-28 23:48 106,600 ------w C:\Windows\system32\drivers\NV_AGP.SYS 2007-08-28 23:44 4,875 ----a-w C:\Windows\system32\drivers\1028_Dell_INS_I1720.mrk 2007-08-28 16:29 --------- d-----w C:\ProgramData\Roxio 2007-08-28 16:26 --------- d-----w C:\Program Files\Orange 2007-08-28 16:26 --------- d-----w C:\Program Files\MAKEMSI Package Documentation 2007-08-28 16:26 --------- d-----w C:\Program Files\Dell 2007-08-28 16:25 --------- d-----w C:\ProgramData\SupportSoft 2007-08-28 16:25 --------- d-----w C:\Program Files\Google 2007-08-28 16:25 --------- d-----w C:\Program Files\Dell Support Center 2007-08-28 16:25 --------- d-----w C:\Program Files\Common Files\supportsoft 2007-08-28 16:25 --------- d-----w C:\Program Files\BAE 2007-08-28 16:24 --------- d-----w C:\ProgramData\Gtek 2007-08-28 16:24 --------- d-----w C:\Program Files\DellSupport 2007-08-28 16:23 --------- d-----w C:\ProgramData\Dell 2007-08-28 16:23 --------- d-----w C:\ProgramData\CyberLink 2007-08-28 16:23 --------- d-----w C:\Program Files\CyberLink 2007-08-28 16:22 --------- d--h--w C:\Program Files\InstallShield Installation Information 2007-08-28 16:22 --------- d-----w C:\ProgramData\McAfee 2007-08-28 16:21 --------- d-----w C:\Program Files\McAfee.com 2007-08-28 16:21 --------- d-----w C:\Program Files\Common Files\McAfee 2007-08-28 16:19 --------- d-----w C:\Program Files\Roxio 2007-08-28 16:19 --------- d-----w C:\Program Files\Common Files\Sonic Shared 2007-08-28 16:18 --------- d-----w C:\Program Files\Common Files\InstallShield 2007-08-28 16:17 --------- d-----w C:\ProgramData\Sonic 2007-08-28 16:17 --------- d-----w C:\ProgramData\InstallShield 2007-08-28 16:17 --------- d-----w C:\Program Files\Common Files\SureThing Shared 2007-08-28 16:17 --------- d-----w C:\Program Files\Common Files\Roxio Shared 2007-08-28 16:15 --------- d-----w C:\Program Files\Microsoft Works 2007-08-28 16:15 --------- d-----w C:\Program Files\Common Files\Adobe 2007-08-28 16:13 --------- d-----w C:\Program Files\WIDCOMM 2007-08-28 16:12 --------- d-----w C:\Program Files\Creative Live! Cam 2007-08-28 16:12 --------- d-----w C:\Program Files\Creative 2007-08-28 16:12 --------- d-----w C:\Program Files\Common Files\Reallusion 2007-08-28 16:12 --------- d-----w C:\Program Files\Common Files\Creative 2007-08-28 16:11 --------- d-----w C:\Program Files\Digital Line Detect 2007-08-28 16:11 --------- d-----w C:\Program Files\Broadcom 2007-08-28 16:10 --------- d-----w C:\Program Files\NetWaiting 2007-08-28 16:10 --------- d-----w C:\Program Files\Modem Diagnostic Tool 2007-08-28 16:07 --------- d-----w C:\Program Files\SigmaTel . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{971C3384-F75E-4562-95B3-CBE7417529BC}] 2007-10-10 12:24 63488 --a------ C:\Windows\system32\gzmrotate.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-08-29 01:50] "Apoint"="C:\Program Files\DellTPad\Apoint.exe" [2007-04-18 05:31] "OEM02Mon.exe"="C:\Windows\OEM02Mon.exe" [2007-02-02 11:00] "NvSvc"="C:\Windows\system32 vsvc.dll" [2007-05-16 08:54] "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-05-16 08:53] "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-05-16 08:54] "NVHotkey"="C:\Windows\system32 vHotkey.dll" [2007-05-16 08:54] "SunJavaUpdateSched"="c:\Program Files\Java\jre1.6.0\bin\jusched.exe" [2007-08-28 18:06] "SigmatelSysTrayApp"="sttray.exe" [2007-03-06 22:37 C:\Windows\sttray.exe] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 12:37] "RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 12:22] "MskAgentexe"="C:\Program Files\McAfee\MSK\MskAgent.exe" [2007-01-17 18:30] "PCMService"="C:\Program Files\Dell\MediaDirect\PCMService.exe" [2007-04-16 17:10] "ECenter"="c:\dell\E-Center\EULALauncher.exe" [2007-03-16 12:50] "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-28 18:25] "ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2006-10-03 12:35] "hid_start"="C:\Windows\system32\gzmrotate.dll" [2007-10-10 12:24] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DellSupport"="C:\Program Files\DellSupport\DSAgnt.exe" [2007-03-15 13:09] "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55] "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 14:35] "DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-05-02 20:08] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2006-11-02 14:35] "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06] [HKEY_USERS\.default\software\microsoft\windows\currentversion unonce] "DelayShred"="c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1.SH! C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ BTTray.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-11-03 18:55:50] Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe [2007-08-28 18:11:01] Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader eader_sl.exe [2005-09-23 22:05:26] QuickSet.lnk - C:\Windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D39BF83DC4.exe [2007-08-28 18:10:04] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon otify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" R3 NETw4v32;Pilote de carte Intel(R) Wireless WiFi Link pour Windows Vista 32 bits;C:\Windows\system32\DRIVERS\NETw4v32.sys S2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe /service /p dellsupportcenter S2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys S3 btwaudio;Périphérique audio Bluetooth;C:\Windows\system32\drivers\btwaudio.sys S3 btwavdt;Bluetooth AVDT Service;C:\Windows\system32\drivers\btwavdt.sys S3 btwrchid;btwrchid;C:\Windows\system32\DRIVERS\btwrchid.sys S3 nvlddmkm;nvlddmkm;C:\Windows\system32\DRIVERS vlddmkm.sys S3 OEM02Dev;Creative Camera OEM002 Driver;C:\Windows\system32\DRIVERS\OEM02Dev.sys S3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;C:\Windows\system32\DRIVERS\OEM02Vfx.sys S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalSystemNetworkRestricted hidserv UxSms WdiSystemHost Netman trkwks AudioEndpointBuilder WUDFSvc irmon sysmain IPBusEnum dot3svc PcaSvc EMDMgmt TabletInputService wlansvc WPDBusEnum bthsvcs BthServ *Newly Created Service* - AVGASCLN *Newly Created Service* - CATCHME *Newly Created Service* - ECACHE . Contenu du dossier 'Scheduled Tasks/Tâches planifiées' "2007-08-28 16:29:18 C:\Windows\Tasks\McDefragTask.job" - c:\program files\mcafee\mqc\QcConsol.exe "2007-08-28 16:29:18 C:\Windows\Tasks\McQcTask.job" - c:\program files\mcafee\mqc\QcConsol.exe "2007-10-12 21:19:08 C:\Windows\Tasks\User_Feed_Synchronization-{B9783D14-3EC4-4163-B3C8-D03CDF735B8A}.job" . ************************************************************************** catchme 0.3.1169 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-10-12 23:45:33 Windows 6.0.6000 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2007-10-12 23:45:54 . --- E O F --- J'suis clean maintenant? ;)) Andisa

green day · Answer

ok, je regarde, et te donne la suite demain !

 je dois y aller 

@+

;-)

Andisa · Answer

Merci Docteur!!!

A demain!

Andisa

green day · Answer

Salut

ok, poste un nouveau jijack stp

++

Andisa · Answer

Bonjour,

Voici le dernier scan:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:48:48, on 13/10/2007
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32	askeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32undll32.exe
C:\Windows\System32undll32.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\sttray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Windows\System32undll32.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\McAfee\MSK\mskagent.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32undll32.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conime.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: rightonadz browser optimizer - {971C3384-F75E-4562-95B3-CBE7417529BC} - C:\Windows\system32\gzmrotate.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32
vHotkey.dll,Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [hid_start] C:\Windows\System32\Rundll32.exe "C:\Windows\system32\gzmrotate.dll" DllVerify
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1
O4 - HKUS\.DEFAULT\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin
pjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin
pjpi160.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix: 
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AVG Anti-Spyware Guard - Unknown owner - C:\Windows\Temp\AVG Anti-Spyware 7.5\guard.exe (file missing)
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafeeedirsvcedirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

green day · Answer

ok,

Télécharge SDFix sur ton bureau 

http://downloads.andymanchesta.com/RemovalTools/SDFix.exe 

Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. 
Redémarre ton ordinateur en mode sans échec 
Ouvre le dossier SDFix qui vient d'être créé sur le Bureau et double clique sur RunThis.bat pour lancer le script. 
Appuie sur Y pour commencer le processus de nettoyage. 
Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer. 
Appuie sur une touche pour redémarrer le PC. 
Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers. 
Après le chargement du Bureau, l'outil terminera son travail et affichera Finished. 
Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau. 
Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt. 
Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis ! 

++

Andisa · Answer

Bon, un petit peu tard et en même temps (enfin presque!)  que le coup d'envoi de la 1/2 finale, voici le rapport SDFix:

catchme 0.3.1160 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-13 20:38:51
Windows 6.0.6000  NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001c26f3e0f3]
"001247977094"=hex:31,38,0b,7e,55,31,8e,e4,e0,80,07,06,74,c7,20,41
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001c26f3e0f3]
"001247977094"=hex:31,38,0b,7e,55,31,8e,e4,e0,80,07,06,74,c7,20,41

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

C'est bien non???!!!!!

Et voici le HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:47:03, on 13/10/2007
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32	askeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32undll32.exe
C:\Windows\System32undll32.exe
C:\Windows\System32undll32.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\sttray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\McAfee\MSK\mskagent.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32undll32.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\MSN Messenger\livecall.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Windows\system32\conime.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\PROGRA~1\MICROS~3\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchProtocolHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: rightonadz browser optimizer - {971C3384-F75E-4562-95B3-CBE7417529BC} - C:\Windows\system32\gzmrotate.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32
vHotkey.dll,Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [hid_start] C:\Windows\System32\Rundll32.exe "C:\Windows\system32\gzmrotate.dll" DllVerify
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1
O4 - HKUS\.DEFAULT\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin
pjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin
pjpi160.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix: 
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AVG Anti-Spyware Guard - Unknown owner - C:\Windows\Temp\AVG Anti-Spyware 7.5\guard.exe (file missing)
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafeeedirsvcedirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

Andisa · Answer

Désactivation Windows Defender, reconnu comme "virus" par McAfee...

Andisa

Andisa · Answer

Désactivation Windows Defender, reconnu comme "virus" par McAfee...

Andisa

green day · Answer

Salut

 poste un nouveau hijack stp

 windows defender n'est pas un virus, tu peux l'accepter si tu l'as installé !

++

Andisa · Answer

Bonjour, 

Voici un nouveau rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:09:59, on 01/11/2007
Platform: Windows Vista  (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16546)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32undll32.exe
C:\Windows\System32undll32.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Windows\sttray.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\McAfee\MSK\mskagent.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Windows\System32undll32.exe
C:\Windows\System32undll32.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Windows Sidebar\sidebar.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
c:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
C:\Program Files\McAfee\MPS\mpsevh.exe
C:\Windows\system32	askeng.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\program files\mcafee\virusscan\scriptcl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {971C3384-F75E-4562-95B3-CBE7417529BC} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32
vsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32
vHotkey.dll,Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [MskAgentexe] C:\Program Files\McAfee\MSK\MskAgent.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [hid_start] C:\Windows\System32\Rundll32.exe "C:\Windows\system32\gzmrotate.dll" DllVerify
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1
O4 - HKUS\.DEFAULT\..\RunOnce: [DelayShred] "c:\program files\mcafee\mshr\ShrCL.EXE" /P7 /q C:\Users\Isabelle\AppData\Local\Temp\GOOGLE~1\{9C0DF~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F05A~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46E891~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46E88C~3.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46C392~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\EKHRDM66\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46B8D8~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46D65D~2.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\OLQ01422\46F054~2.SH! C:\Users\Isabelle\AppData\Local\Temp\ONLINE~1.SH! C:\Users\Isabelle\AppData\Local\MICROS~1\Windows\TEMPOR~1\Content.IE5\967IPK2J\MYMSN_~1
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin
pjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin
pjpi160.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix: 
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: McAfee Application Installer Cleanup (0074391193810234) (0074391193810234mcinstcleanup) - Unknown owner - C:\Windows\TEMP\007439~1.EXE (file missing)
O23 - Service: McAfee Application Installer Cleanup (0221881192520318) (0221881192520318mcinstcleanup) - Unknown owner - (no file)
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. - C:\PROGRA~1\COMMON~1\McAfee\EmProxy\emproxy.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee HackerWatch Service - McAfee, Inc. - C:\Program Files\Common Files\McAfee\HackerWatch\HWAPI.exe
O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafeeedirsvcedirsvc.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Privacy Service (MPS9) - McAfee, Inc. - C:\PROGRA~1\McAfee\MPS\mps.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

PopUp intempestifs Sécurité IE avec Vista

21 réponses

Discussions similaires

Newsletters