Analyse rapport hijackthis suite anti-malwareRésolu/Fermé

Question

Bonjour,
 Quelqu'un pourrait me donner son avis sur le rapport hijackthis généré après nettoyage du pc avec anti-malware?

D'avance merci pour votre aide.!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:26:46, on 16/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32	askeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\e-Carte Bleue\LA BANQUE POSTALE\CVD ADESIO\ECB.exe
C:\Windows\sttray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Users\Seb\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\PhotoDownloader.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe
O4 - HKLM\..\Run: [eCarteBleue-LP-P1] "C:\Program Files\e-Carte Bleue\LA BANQUE POSTALE\CVD ADESIO\ECB.exe"  /dontopenmycards
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [RDsl12vg7H] C:\Users\Seb\AppData\Local\Temp\windfr.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin
pjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin
pjpi160.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix: 
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/5.0.15.0/ImageUploader5.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

crapoulou · Answer

Salut,
Télécharge LopS&D (de eric_71) :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2 
Enregistre le fichier sur ton bureau.
Lance l'installation.
Une fois le programme lancé tape F pour être en Français.
Puis exécute l'option 1 : Recherche.
Un rapport sera généré.
Poste le ici.
(Dans le cas où le rapport ne s'ouvre pas, ce dernier se trouve sur C:\LopR.txt)
Petit tuto ici si besoin : http://www.malekal.com/tutorial_Lop_SD.php

seb67 · Answer

Merci pour le tuyau.. L'nalyse est en cours, je poste le rapport dans la foulée

seb67 · Answer

Voici le rapport... Est ce bon signe?

   --------------------\  Lop S&D 4.2.4-5   XP/Vista

   Microsoft® Windows Vista™ Édition Familiale Premium  ( v6.0.6001 ) Service Pack 1
   X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU         T5600  @ 1.83GHz )
   BIOS : Phoenix ROM BIOS PLUS Version 1.10 A08
   USER : Seb ( Not Administrator ! )
   BOOT : Normal boot
   C:\ (Local Disk) - NTFS - Total : 136 Go Free : 72 Go
   D:\ (Local Disk) - NTFS - Total : 9 Go Free : 6 Go
   E:\ (CD or DVD) - UDF - Total : 5 Go Free : 0 Go

   "C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
   Option : [1] ( 16/10/2008|22:41 )

   [ UAC => 1 ]
 
   --------------------\  Listing des dossiers dans Local  

   [27/06/2007|22:56] C:\Users\Seb\AppData\Local\Adobe
   [05/06/2007|19:03] C:\Users\Seb\AppData\Local\Application Data 
   [05/06/2007|19:06] C:\Users\Seb\AppData\Local\ATI
   [08/05/2008|10:01] C:\Users\Seb\AppData\Local\d3d9caps.dat
   [14/09/2008|15:15] C:\Users\Seb\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
   [02/07/2007|19:51] C:\Users\Seb\AppData\Local\GDIPFONTCACHEV1.DAT
   [14/01/2008|00:00] C:\Users\Seb\AppData\Local\Google
   [05/06/2007|19:03] C:\Users\Seb\AppData\Local\Historique 
   [16/10/2008|07:10] C:\Users\Seb\AppData\Local\IconCache.db
   [30/06/2007|19:34] C:\Users\Seb\AppData\Local\MediaDirect
   [15/08/2008|14:54] C:\Users\Seb\AppData\Local\Microsoft
   [06/06/2007|22:04] C:\Users\Seb\AppData\Local\Microsoft Games
   [29/09/2007|18:13] C:\Users\Seb\AppData\Local\Mozilla
   [30/06/2007|01:22] C:\Users\Seb\AppData\Local\Powercinema
   [08/06/2007|20:44] C:\Users\Seb\AppData\Local\Protexis
   [04/11/2007|22:29] C:\Users\Seb\AppData\Local\SupportSoft
   [16/10/2008|22:41] C:\Users\Seb\AppData\Local\Temp
   [05/06/2007|19:03] C:\Users\Seb\AppData\Local\Temporary Internet Files 
   [14/10/2008|23:41] C:\Users\Seb\AppData\Local\VirtualStore
   [21/03/2008|12:43] C:\Users\Seb\AppData\Local\WindowsUpdate
 
   --------------------\  Tâches planifiées dans C:\Windows	asks

   [15/03/2008 02:00][--a------] C:\Windows	asks\McDefragTask.job
   [01/12/2007 02:00][--a------] C:\Windows	asks\McQcTask.job
   [16/10/2008 22:02][--ah-----] C:\Windows	asks\SA.DAT
   [16/10/2008 22:01][--a------] C:\Windows	asks\SCHEDLGU.TXT

   --------------------\  Listing des dossiers dans C:\ProgramData
   
   [01/06/2007|02:36] C:\ProgramData\Adobe
   [14/10/2008|23:40] C:\ProgramData\AppEnSys
   [05/06/2007|19:01] C:\ProgramData\Application Data 
   [07/07/2008|00:20] C:\ProgramData\AVS4YOU
   [17/07/2008|21:25] C:\ProgramData\Azureus
   [05/06/2007|19:01] C:\ProgramData\Bureau 
   [01/06/2007|02:38] C:\ProgramData\Corel
   [01/06/2007|02:50] C:\ProgramData\CyberLink
   [04/11/2007|22:32] C:\ProgramData\Dell
   [05/06/2007|19:01] C:\ProgramData\Documents 
   [05/06/2007|19:01] C:\ProgramData\Favoris 
   [01/06/2007|02:49] C:\ProgramData\Google
   [14/10/2008|23:41] C:\ProgramData\gryvepyf
   [01/06/2007|02:49] C:\ProgramData\Gtek
   [30/09/2008|00:05] C:\ProgramData\Installations
   [01/06/2007|02:41] C:\ProgramData\InstallShield
   [15/10/2008|22:52] C:\ProgramData\Malwarebytes
   [01/06/2007|02:47] C:\ProgramData\McAfee
   [05/06/2007|19:01] C:\ProgramData\Menu D‚marrer 
   [13/06/2007|20:14] C:\ProgramData\Microsoft
   [05/06/2007|19:01] C:\ProgramData\ModŠles 
   [22/06/2008|17:37] C:\ProgramData\Nokia
   [07/06/2007|21:08] C:\ProgramData\PC Suite
   [01/04/2008|22:16] C:\ProgramData\Roxio
   [01/06/2007|02:41] C:\ProgramData\Sonic
   [04/11/2007|22:28] C:\ProgramData\SupportSoft
   [14/10/2008|23:41] C:\ProgramData\ulipqdav
   [20/01/2008|19:54] C:\ProgramData\ZoomBrowser

   --------------------\  Listing des dossiers dans C:\Program Files

   [01/06/2007|02:36] C:\Program Files\Adobe
   [01/06/2007|02:27] C:\Program Files\ATI Technologies
   [07/07/2008|21:41] C:\Program Files\AVS4YOU
   [15/10/2008|21:06] C:\Program Files\Azureus
   [01/06/2007|02:49] C:\Program Files\BAE
   [20/01/2008|19:36] C:\Program Files\Canon
   [30/09/2008|00:06] C:\Program Files\Common Files
   [01/06/2007|02:14] C:\Program Files\CONEXANT
   [01/06/2007|02:39] C:\Program Files\Corel
   [01/06/2007|02:50] C:\Program Files\CyberLink
   [08/06/2007|19:11] C:\Program Files\Dell
   [04/11/2007|22:27] C:\Program Files\Dell Support Center
   [01/06/2007|02:48] C:\Program Files\DellSupport
   [07/06/2007|20:21] C:\Program Files\DIFX
   [01/06/2007|02:31] C:\Program Files\Digital Line Detect
   [13/01/2008|23:04] C:\Program Files\DivX
   [10/02/2008|16:44] C:\Program Files\e-Carte Bleue
   [05/06/2007|19:01] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
   [12/05/2008|18:48] C:\Program Files\FLV Player
   [13/01/2008|23:59] C:\Program Files\Google
   [08/06/2007|19:49] C:\Program Files\HardwareDetection
   [27/10/2007|16:21] C:\Program Files\InstallShield Installation Information
   [21/03/2008|15:03] C:\Program Files\Internet Explorer
   [01/06/2007|02:27] C:\Program Files\Java
   [27/10/2007|16:05] C:\Program Files\KONAMI
   [15/10/2008|22:52] C:\Program Files\Malwarebytes' Anti-Malware
   [12/09/2008|21:03] C:\Program Files\McAfee
   [01/06/2007|02:45] C:\Program Files\McAfee.com
   [02/11/2006|14:37] C:\Program Files\Microsoft Games
   [01/06/2007|02:36] C:\Program Files\Microsoft Office
   [10/09/2008|20:33] C:\Program Files\Microsoft Works
   [01/06/2007|02:30] C:\Program Files\Modem Diagnostic Tool
   [21/03/2008|15:03] C:\Program Files\Movie Maker
   [07/10/2008|21:15] C:\Program Files\Mozilla Firefox
   [08/07/2008|21:29] C:\Program Files\mp3DirectCut
   [02/11/2006|14:37] C:\Program Files\MSBuild
   [05/06/2007|21:27] C:\Program Files\MSN Messenger
   [01/06/2007|02:27] C:\Program Files\MSXML 4.0
   [01/06/2007|02:28] C:\Program Files\NetWaiting
   [30/09/2008|00:10] C:\Program Files\Nokia
   [01/07/2007|18:31] C:\Program Files\OpenOffice.org 2.2
   [07/06/2007|20:19] C:\Program Files\PC Connectivity Solution
   [03/08/2008|13:18] C:\Program Filesacer
   [02/11/2006|14:37] C:\Program Files\Reference Assemblies
   [12/06/2007|19:41] C:\Program Files\Roxio
   [11/03/2008|22:03] C:\Program Files\SigmaTel
   [01/06/2007|10:07] C:\Program Files\Synaptics
   [01/01/2008|19:05] C:\Program Files\SystemRequirementsLab
   [02/11/2006|15:01] C:\Program Files\Uninstall Information
   [10/06/2007|21:03] C:\Program Files\VideoLAN
   [01/06/2007|02:32] C:\Program Files\WIDCOMM
   [21/03/2008|15:03] C:\Program Files\Windows Calendar
   [21/03/2008|15:03] C:\Program Files\Windows Collaboration
   [21/03/2008|15:03] C:\Program Files\Windows Defender
   [21/03/2008|15:03] C:\Program Files\Windows Journal
   [16/10/2008|03:11] C:\Program Files\Windows Mail
   [21/03/2008|15:03] C:\Program Files\Windows Media Player
   [05/06/2007|19:01] C:\Program Files\Windows NT
   [21/03/2008|15:03] C:\Program Files\Windows Photo Gallery
   [21/03/2008|15:03] C:\Program Files\Windows Sidebar
   [29/10/2007|00:26] C:\Program Files\WinRAR

   --------------------\  Listing des dossiers dans C:\Program Files\Common Files

   [01/06/2007|02:36] C:\Program Files\Common Files\Adobe
   [07/07/2008|21:41] C:\Program Files\Common Files\AVSMedia
   [20/01/2008|19:31] C:\Program Files\Common Files\Canon
   [01/06/2007|02:39] C:\Program Files\Common Files\Corel
   [01/06/2007|02:42] C:\Program Files\Common Files\InstallShield
   [01/06/2007|02:27] C:\Program Files\Common Files\Java
   [14/03/2008|15:08] C:\Program Files\Common Files\McAfee
   [07/07/2008|00:19] C:\Program Files\Common Files\microsoft shared
   [30/09/2008|00:06] C:\Program Files\Common Files\Nokia
   [22/06/2008|17:34] C:\Program Files\Common Files\PCSuite
   [05/08/2007|16:25] C:\Program Files\Common Files\PX Storage Engine
   [01/06/2007|02:41] C:\Program Files\Common Files\Roxio Shared
   [02/11/2006|13:18] C:\Program Files\Common Files\Services
   [01/06/2007|02:43] C:\Program Files\Common Files\Sonic Shared
   [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
   [04/11/2007|22:27] C:\Program Files\Common Files\supportsoft
   [01/06/2007|02:41] C:\Program Files\Common Files\SureThing Shared
   [21/03/2008|15:03] C:\Program Files\Common Files\System

   --------------------\  Process

   ( 85 Processes )

   iexplore.exe ~ [PID:5752]

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   C:\Users\Seb\AppData\Local\Temp\NSU_db0bb2299e924b3d12dba8
   C:\Users\Seb\AppData\Local\Temp\NSU_e1bfd8bbf8c0423812dba8
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-10-16 22:41:29
   Windows 6.0.6001 Service Pack 1 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 9
 
   --------------------\  Recherche d'autres infections

   --------------------\  Cracks & Keygens ..

   C:\Users\Seb\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NDLCPJJZ\keyGen[1].htm


   [F:5887][D:444]-> C:\Users\Seb\AppData\Local\Temp
   [F:121][D:1]-> C:\Users\Seb\AppData\Roaming\MICROS~1\Windows\Cookies
   [F:54][D:5]-> C:\Users\Seb\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
   [F:1180][D:38]-> C:\$Recycle.Bin

   1 - "C:\Lop SD\LopR_1.txt" - 16/10/2008|22:49 - Option : [1]

   --------------------\  Fin du rapport a 22:49:01
   [ UAC => 1 ]

crapoulou · Answer

passe l'option 2 de lop S&D stp.
Poste le rapport généré.

seb67 · Answer

Voila le résultat:

   --------------------\  Lop S&D 4.2.4-5   XP/Vista

   Microsoft® Windows Vista™ Édition Familiale Premium  ( v6.0.6001 ) Service Pack 1
   X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU         T5600  @ 1.83GHz )
   BIOS : Phoenix ROM BIOS PLUS Version 1.10 A08
   USER : Seb ( Not Administrator ! )
   BOOT : Normal boot
   C:\ (Local Disk) - NTFS - Total : 136 Go Free : 72 Go
   D:\ (Local Disk) - NTFS - Total : 9 Go Free : 6 Go
   E:\ (CD or DVD) - UDF - Total : 5 Go Free : 0 Go

   "C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
   Option : [2] ( 16/10/2008|23:15 )

   [ UAC => 1 ]


   \\\\\\\\\\\\\\\ SUPPRESSION

   Supprime! - C:\Users\Seb\AppData\Local\Temp\NSU_db0bb2299e924b3d12dba8
   Supprime! - C:\Users\Seb\AppData\Local\Temp\NSU_e1bfd8bbf8c0423812dba8
   -
   [ Fichier Hosts ] .. Restaure!
 
   \\\\\\\\\\\\\\\ 

 
   --------------------\  Listing des dossiers dans Local  

   [27/06/2007|22:56] C:\Users\Seb\AppData\Local\Adobe
   [05/06/2007|19:03] C:\Users\Seb\AppData\Local\Application Data 
   [05/06/2007|19:06] C:\Users\Seb\AppData\Local\ATI
   [08/05/2008|10:01] C:\Users\Seb\AppData\Local\d3d9caps.dat
   [14/09/2008|15:15] C:\Users\Seb\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
   [02/07/2007|19:51] C:\Users\Seb\AppData\Local\GDIPFONTCACHEV1.DAT
   [14/01/2008|00:00] C:\Users\Seb\AppData\Local\Google
   [05/06/2007|19:03] C:\Users\Seb\AppData\Local\Historique 
   [16/10/2008|07:10] C:\Users\Seb\AppData\Local\IconCache.db
   [30/06/2007|19:34] C:\Users\Seb\AppData\Local\MediaDirect
   [15/08/2008|14:54] C:\Users\Seb\AppData\Local\Microsoft
   [06/06/2007|22:04] C:\Users\Seb\AppData\Local\Microsoft Games
   [29/09/2007|18:13] C:\Users\Seb\AppData\Local\Mozilla
   [30/06/2007|01:22] C:\Users\Seb\AppData\Local\Powercinema
   [08/06/2007|20:44] C:\Users\Seb\AppData\Local\Protexis
   [04/11/2007|22:29] C:\Users\Seb\AppData\Local\SupportSoft
   [16/10/2008|23:15] C:\Users\Seb\AppData\Local\Temp
   [05/06/2007|19:03] C:\Users\Seb\AppData\Local\Temporary Internet Files 
   [14/10/2008|23:41] C:\Users\Seb\AppData\Local\VirtualStore
   [21/03/2008|12:43] C:\Users\Seb\AppData\Local\WindowsUpdate
 
   --------------------\  Tâches planifiées dans C:\Windows	asks

   [15/03/2008 02:00][--a------] C:\Windows	asks\McDefragTask.job
   [01/12/2007 02:00][--a------] C:\Windows	asks\McQcTask.job
   [16/10/2008 22:02][--ah-----] C:\Windows	asks\SA.DAT
   [16/10/2008 22:01][--a------] C:\Windows	asks\SCHEDLGU.TXT

   --------------------\  Listing des dossiers dans C:\ProgramData
   
   [01/06/2007|02:36] C:\ProgramData\Adobe
   [16/10/2008|22:02] C:\ProgramData\AppEnSys
   [05/06/2007|19:01] C:\ProgramData\Application Data 
   [07/07/2008|00:20] C:\ProgramData\AVS4YOU
   [17/07/2008|21:25] C:\ProgramData\Azureus
   [05/06/2007|19:01] C:\ProgramData\Bureau 
   [01/06/2007|02:38] C:\ProgramData\Corel
   [01/06/2007|02:50] C:\ProgramData\CyberLink
   [04/11/2007|22:32] C:\ProgramData\Dell
   [05/06/2007|19:01] C:\ProgramData\Documents 
   [05/06/2007|19:01] C:\ProgramData\Favoris 
   [01/06/2007|02:49] C:\ProgramData\Google
   [14/10/2008|23:41] C:\ProgramData\gryvepyf
   [01/06/2007|02:49] C:\ProgramData\Gtek
   [30/09/2008|00:05] C:\ProgramData\Installations
   [01/06/2007|02:41] C:\ProgramData\InstallShield
   [15/10/2008|22:52] C:\ProgramData\Malwarebytes
   [01/06/2007|02:47] C:\ProgramData\McAfee
   [05/06/2007|19:01] C:\ProgramData\Menu D‚marrer 
   [13/06/2007|20:14] C:\ProgramData\Microsoft
   [05/06/2007|19:01] C:\ProgramData\ModŠles 
   [22/06/2008|17:37] C:\ProgramData\Nokia
   [07/06/2007|21:08] C:\ProgramData\PC Suite
   [01/04/2008|22:16] C:\ProgramData\Roxio
   [01/06/2007|02:41] C:\ProgramData\Sonic
   [04/11/2007|22:28] C:\ProgramData\SupportSoft
   [14/10/2008|23:41] C:\ProgramData\ulipqdav
   [20/01/2008|19:54] C:\ProgramData\ZoomBrowser

   --------------------\  Listing des dossiers dans C:\Program Files

   [01/06/2007|02:36] C:\Program Files\Adobe
   [01/06/2007|02:27] C:\Program Files\ATI Technologies
   [07/07/2008|21:41] C:\Program Files\AVS4YOU
   [15/10/2008|21:06] C:\Program Files\Azureus
   [01/06/2007|02:49] C:\Program Files\BAE
   [20/01/2008|19:36] C:\Program Files\Canon
   [30/09/2008|00:06] C:\Program Files\Common Files
   [01/06/2007|02:14] C:\Program Files\CONEXANT
   [01/06/2007|02:39] C:\Program Files\Corel
   [01/06/2007|02:50] C:\Program Files\CyberLink
   [08/06/2007|19:11] C:\Program Files\Dell
   [04/11/2007|22:27] C:\Program Files\Dell Support Center
   [01/06/2007|02:48] C:\Program Files\DellSupport
   [07/06/2007|20:21] C:\Program Files\DIFX
   [01/06/2007|02:31] C:\Program Files\Digital Line Detect
   [13/01/2008|23:04] C:\Program Files\DivX
   [10/02/2008|16:44] C:\Program Files\e-Carte Bleue
   [05/06/2007|19:01] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
   [12/05/2008|18:48] C:\Program Files\FLV Player
   [13/01/2008|23:59] C:\Program Files\Google
   [08/06/2007|19:49] C:\Program Files\HardwareDetection
   [27/10/2007|16:21] C:\Program Files\InstallShield Installation Information
   [21/03/2008|15:03] C:\Program Files\Internet Explorer
   [01/06/2007|02:27] C:\Program Files\Java
   [27/10/2007|16:05] C:\Program Files\KONAMI
   [15/10/2008|22:52] C:\Program Files\Malwarebytes' Anti-Malware
   [12/09/2008|21:03] C:\Program Files\McAfee
   [01/06/2007|02:45] C:\Program Files\McAfee.com
   [02/11/2006|14:37] C:\Program Files\Microsoft Games
   [01/06/2007|02:36] C:\Program Files\Microsoft Office
   [10/09/2008|20:33] C:\Program Files\Microsoft Works
   [01/06/2007|02:30] C:\Program Files\Modem Diagnostic Tool
   [21/03/2008|15:03] C:\Program Files\Movie Maker
   [07/10/2008|21:15] C:\Program Files\Mozilla Firefox
   [08/07/2008|21:29] C:\Program Files\mp3DirectCut
   [02/11/2006|14:37] C:\Program Files\MSBuild
   [05/06/2007|21:27] C:\Program Files\MSN Messenger
   [01/06/2007|02:27] C:\Program Files\MSXML 4.0
   [01/06/2007|02:28] C:\Program Files\NetWaiting
   [30/09/2008|00:10] C:\Program Files\Nokia
   [01/07/2007|18:31] C:\Program Files\OpenOffice.org 2.2
   [07/06/2007|20:19] C:\Program Files\PC Connectivity Solution
   [03/08/2008|13:18] C:\Program Filesacer
   [02/11/2006|14:37] C:\Program Files\Reference Assemblies
   [12/06/2007|19:41] C:\Program Files\Roxio
   [11/03/2008|22:03] C:\Program Files\SigmaTel
   [01/06/2007|10:07] C:\Program Files\Synaptics
   [01/01/2008|19:05] C:\Program Files\SystemRequirementsLab
   [02/11/2006|15:01] C:\Program Files\Uninstall Information
   [10/06/2007|21:03] C:\Program Files\VideoLAN
   [01/06/2007|02:32] C:\Program Files\WIDCOMM
   [21/03/2008|15:03] C:\Program Files\Windows Calendar
   [21/03/2008|15:03] C:\Program Files\Windows Collaboration
   [21/03/2008|15:03] C:\Program Files\Windows Defender
   [21/03/2008|15:03] C:\Program Files\Windows Journal
   [16/10/2008|03:11] C:\Program Files\Windows Mail
   [21/03/2008|15:03] C:\Program Files\Windows Media Player
   [05/06/2007|19:01] C:\Program Files\Windows NT
   [21/03/2008|15:03] C:\Program Files\Windows Photo Gallery
   [21/03/2008|15:03] C:\Program Files\Windows Sidebar
   [29/10/2007|00:26] C:\Program Files\WinRAR

   --------------------\  Listing des dossiers dans C:\Program Files\Common Files

   [01/06/2007|02:36] C:\Program Files\Common Files\Adobe
   [07/07/2008|21:41] C:\Program Files\Common Files\AVSMedia
   [20/01/2008|19:31] C:\Program Files\Common Files\Canon
   [01/06/2007|02:39] C:\Program Files\Common Files\Corel
   [01/06/2007|02:42] C:\Program Files\Common Files\InstallShield
   [01/06/2007|02:27] C:\Program Files\Common Files\Java
   [14/03/2008|15:08] C:\Program Files\Common Files\McAfee
   [07/07/2008|00:19] C:\Program Files\Common Files\microsoft shared
   [30/09/2008|00:06] C:\Program Files\Common Files\Nokia
   [22/06/2008|17:34] C:\Program Files\Common Files\PCSuite
   [05/08/2007|16:25] C:\Program Files\Common Files\PX Storage Engine
   [01/06/2007|02:41] C:\Program Files\Common Files\Roxio Shared
   [02/11/2006|13:18] C:\Program Files\Common Files\Services
   [01/06/2007|02:43] C:\Program Files\Common Files\Sonic Shared
   [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
   [04/11/2007|22:27] C:\Program Files\Common Files\supportsoft
   [01/06/2007|02:41] C:\Program Files\Common Files\SureThing Shared
   [21/03/2008|15:03] C:\Program Files\Common Files\System

   --------------------\  Process

   ( 83 Processes )

   ... OK !

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-10-16 23:15:37
   Windows 6.0.6001 Service Pack 1 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 9
 
   --------------------\  Recherche d'autres infections

   --------------------\  Cracks & Keygens ..

   C:\Users\Seb\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NDLCPJJZ\keyGen[1].htm


   [F:5873][D:442]-> C:\Users\Seb\AppData\Local\Temp
   [F:121][D:1]-> C:\Users\Seb\AppData\Roaming\MICROS~1\Windows\Cookies
   [F:54][D:5]-> C:\Users\Seb\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
   [F:1180][D:38]-> C:\$Recycle.Bin

   1 - "C:\Lop SD\LopR_1.txt" - 16/10/2008|22:49 - Option : [1]
   2 - "C:\Lop SD\LopR_2.txt" - 16/10/2008|23:23 - Option : [2]

   --------------------\  Fin du rapport a 23:23:01
   [ UAC => 1 ]

seb67 · Answer

Voila le résultat:

   --------------------\  Lop S&D 4.2.4-5   XP/Vista

   Microsoft® Windows Vista™ Édition Familiale Premium  ( v6.0.6001 ) Service Pack 1
   X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU         T5600  @ 1.83GHz )
   BIOS : Phoenix ROM BIOS PLUS Version 1.10 A08
   USER : Seb ( Not Administrator ! )
   BOOT : Normal boot
   C:\ (Local Disk) - NTFS - Total : 136 Go Free : 72 Go
   D:\ (Local Disk) - NTFS - Total : 9 Go Free : 6 Go
   E:\ (CD or DVD) - UDF - Total : 5 Go Free : 0 Go

   "C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
   Option : [2] ( 16/10/2008|23:15 )

   [ UAC => 1 ]


   \\\\\\\\\\\\\\\ SUPPRESSION

   Supprime! - C:\Users\Seb\AppData\Local\Temp\NSU_db0bb2299e924b3d12dba8
   Supprime! - C:\Users\Seb\AppData\Local\Temp\NSU_e1bfd8bbf8c0423812dba8
   -
   [ Fichier Hosts ] .. Restaure!
 
   \\\\\\\\\\\\\\\ 

 
   --------------------\  Listing des dossiers dans Local  

   [27/06/2007|22:56] C:\Users\Seb\AppData\Local\Adobe
   [05/06/2007|19:03] C:\Users\Seb\AppData\Local\Application Data 
   [05/06/2007|19:06] C:\Users\Seb\AppData\Local\ATI
   [08/05/2008|10:01] C:\Users\Seb\AppData\Local\d3d9caps.dat
   [14/09/2008|15:15] C:\Users\Seb\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
   [02/07/2007|19:51] C:\Users\Seb\AppData\Local\GDIPFONTCACHEV1.DAT
   [14/01/2008|00:00] C:\Users\Seb\AppData\Local\Google
   [05/06/2007|19:03] C:\Users\Seb\AppData\Local\Historique 
   [16/10/2008|07:10] C:\Users\Seb\AppData\Local\IconCache.db
   [30/06/2007|19:34] C:\Users\Seb\AppData\Local\MediaDirect
   [15/08/2008|14:54] C:\Users\Seb\AppData\Local\Microsoft
   [06/06/2007|22:04] C:\Users\Seb\AppData\Local\Microsoft Games
   [29/09/2007|18:13] C:\Users\Seb\AppData\Local\Mozilla
   [30/06/2007|01:22] C:\Users\Seb\AppData\Local\Powercinema
   [08/06/2007|20:44] C:\Users\Seb\AppData\Local\Protexis
   [04/11/2007|22:29] C:\Users\Seb\AppData\Local\SupportSoft
   [16/10/2008|23:15] C:\Users\Seb\AppData\Local\Temp
   [05/06/2007|19:03] C:\Users\Seb\AppData\Local\Temporary Internet Files 
   [14/10/2008|23:41] C:\Users\Seb\AppData\Local\VirtualStore
   [21/03/2008|12:43] C:\Users\Seb\AppData\Local\WindowsUpdate
 
   --------------------\  Tâches planifiées dans C:\Windows	asks

   [15/03/2008 02:00][--a------] C:\Windows	asks\McDefragTask.job
   [01/12/2007 02:00][--a------] C:\Windows	asks\McQcTask.job
   [16/10/2008 22:02][--ah-----] C:\Windows	asks\SA.DAT
   [16/10/2008 22:01][--a------] C:\Windows	asks\SCHEDLGU.TXT

   --------------------\  Listing des dossiers dans C:\ProgramData
   
   [01/06/2007|02:36] C:\ProgramData\Adobe
   [16/10/2008|22:02] C:\ProgramData\AppEnSys
   [05/06/2007|19:01] C:\ProgramData\Application Data 
   [07/07/2008|00:20] C:\ProgramData\AVS4YOU
   [17/07/2008|21:25] C:\ProgramData\Azureus
   [05/06/2007|19:01] C:\ProgramData\Bureau 
   [01/06/2007|02:38] C:\ProgramData\Corel
   [01/06/2007|02:50] C:\ProgramData\CyberLink
   [04/11/2007|22:32] C:\ProgramData\Dell
   [05/06/2007|19:01] C:\ProgramData\Documents 
   [05/06/2007|19:01] C:\ProgramData\Favoris 
   [01/06/2007|02:49] C:\ProgramData\Google
   [14/10/2008|23:41] C:\ProgramData\gryvepyf
   [01/06/2007|02:49] C:\ProgramData\Gtek
   [30/09/2008|00:05] C:\ProgramData\Installations
   [01/06/2007|02:41] C:\ProgramData\InstallShield
   [15/10/2008|22:52] C:\ProgramData\Malwarebytes
   [01/06/2007|02:47] C:\ProgramData\McAfee
   [05/06/2007|19:01] C:\ProgramData\Menu D‚marrer 
   [13/06/2007|20:14] C:\ProgramData\Microsoft
   [05/06/2007|19:01] C:\ProgramData\ModŠles 
   [22/06/2008|17:37] C:\ProgramData\Nokia
   [07/06/2007|21:08] C:\ProgramData\PC Suite
   [01/04/2008|22:16] C:\ProgramData\Roxio
   [01/06/2007|02:41] C:\ProgramData\Sonic
   [04/11/2007|22:28] C:\ProgramData\SupportSoft
   [14/10/2008|23:41] C:\ProgramData\ulipqdav
   [20/01/2008|19:54] C:\ProgramData\ZoomBrowser

   --------------------\  Listing des dossiers dans C:\Program Files

   [01/06/2007|02:36] C:\Program Files\Adobe
   [01/06/2007|02:27] C:\Program Files\ATI Technologies
   [07/07/2008|21:41] C:\Program Files\AVS4YOU
   [15/10/2008|21:06] C:\Program Files\Azureus
   [01/06/2007|02:49] C:\Program Files\BAE
   [20/01/2008|19:36] C:\Program Files\Canon
   [30/09/2008|00:06] C:\Program Files\Common Files
   [01/06/2007|02:14] C:\Program Files\CONEXANT
   [01/06/2007|02:39] C:\Program Files\Corel
   [01/06/2007|02:50] C:\Program Files\CyberLink
   [08/06/2007|19:11] C:\Program Files\Dell
   [04/11/2007|22:27] C:\Program Files\Dell Support Center
   [01/06/2007|02:48] C:\Program Files\DellSupport
   [07/06/2007|20:21] C:\Program Files\DIFX
   [01/06/2007|02:31] C:\Program Files\Digital Line Detect
   [13/01/2008|23:04] C:\Program Files\DivX
   [10/02/2008|16:44] C:\Program Files\e-Carte Bleue
   [05/06/2007|19:01] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
   [12/05/2008|18:48] C:\Program Files\FLV Player
   [13/01/2008|23:59] C:\Program Files\Google
   [08/06/2007|19:49] C:\Program Files\HardwareDetection
   [27/10/2007|16:21] C:\Program Files\InstallShield Installation Information
   [21/03/2008|15:03] C:\Program Files\Internet Explorer
   [01/06/2007|02:27] C:\Program Files\Java
   [27/10/2007|16:05] C:\Program Files\KONAMI
   [15/10/2008|22:52] C:\Program Files\Malwarebytes' Anti-Malware
   [12/09/2008|21:03] C:\Program Files\McAfee
   [01/06/2007|02:45] C:\Program Files\McAfee.com
   [02/11/2006|14:37] C:\Program Files\Microsoft Games
   [01/06/2007|02:36] C:\Program Files\Microsoft Office
   [10/09/2008|20:33] C:\Program Files\Microsoft Works
   [01/06/2007|02:30] C:\Program Files\Modem Diagnostic Tool
   [21/03/2008|15:03] C:\Program Files\Movie Maker
   [07/10/2008|21:15] C:\Program Files\Mozilla Firefox
   [08/07/2008|21:29] C:\Program Files\mp3DirectCut
   [02/11/2006|14:37] C:\Program Files\MSBuild
   [05/06/2007|21:27] C:\Program Files\MSN Messenger
   [01/06/2007|02:27] C:\Program Files\MSXML 4.0
   [01/06/2007|02:28] C:\Program Files\NetWaiting
   [30/09/2008|00:10] C:\Program Files\Nokia
   [01/07/2007|18:31] C:\Program Files\OpenOffice.org 2.2
   [07/06/2007|20:19] C:\Program Files\PC Connectivity Solution
   [03/08/2008|13:18] C:\Program Filesacer
   [02/11/2006|14:37] C:\Program Files\Reference Assemblies
   [12/06/2007|19:41] C:\Program Files\Roxio
   [11/03/2008|22:03] C:\Program Files\SigmaTel
   [01/06/2007|10:07] C:\Program Files\Synaptics
   [01/01/2008|19:05] C:\Program Files\SystemRequirementsLab
   [02/11/2006|15:01] C:\Program Files\Uninstall Information
   [10/06/2007|21:03] C:\Program Files\VideoLAN
   [01/06/2007|02:32] C:\Program Files\WIDCOMM
   [21/03/2008|15:03] C:\Program Files\Windows Calendar
   [21/03/2008|15:03] C:\Program Files\Windows Collaboration
   [21/03/2008|15:03] C:\Program Files\Windows Defender
   [21/03/2008|15:03] C:\Program Files\Windows Journal
   [16/10/2008|03:11] C:\Program Files\Windows Mail
   [21/03/2008|15:03] C:\Program Files\Windows Media Player
   [05/06/2007|19:01] C:\Program Files\Windows NT
   [21/03/2008|15:03] C:\Program Files\Windows Photo Gallery
   [21/03/2008|15:03] C:\Program Files\Windows Sidebar
   [29/10/2007|00:26] C:\Program Files\WinRAR

   --------------------\  Listing des dossiers dans C:\Program Files\Common Files

   [01/06/2007|02:36] C:\Program Files\Common Files\Adobe
   [07/07/2008|21:41] C:\Program Files\Common Files\AVSMedia
   [20/01/2008|19:31] C:\Program Files\Common Files\Canon
   [01/06/2007|02:39] C:\Program Files\Common Files\Corel
   [01/06/2007|02:42] C:\Program Files\Common Files\InstallShield
   [01/06/2007|02:27] C:\Program Files\Common Files\Java
   [14/03/2008|15:08] C:\Program Files\Common Files\McAfee
   [07/07/2008|00:19] C:\Program Files\Common Files\microsoft shared
   [30/09/2008|00:06] C:\Program Files\Common Files\Nokia
   [22/06/2008|17:34] C:\Program Files\Common Files\PCSuite
   [05/08/2007|16:25] C:\Program Files\Common Files\PX Storage Engine
   [01/06/2007|02:41] C:\Program Files\Common Files\Roxio Shared
   [02/11/2006|13:18] C:\Program Files\Common Files\Services
   [01/06/2007|02:43] C:\Program Files\Common Files\Sonic Shared
   [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
   [04/11/2007|22:27] C:\Program Files\Common Files\supportsoft
   [01/06/2007|02:41] C:\Program Files\Common Files\SureThing Shared
   [21/03/2008|15:03] C:\Program Files\Common Files\System

   --------------------\  Process

   ( 83 Processes )

   ... OK !

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-10-16 23:15:37
   Windows 6.0.6001 Service Pack 1 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 9
 
   --------------------\  Recherche d'autres infections

   --------------------\  Cracks & Keygens ..

   C:\Users\Seb\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NDLCPJJZ\keyGen[1].htm


   [F:5873][D:442]-> C:\Users\Seb\AppData\Local\Temp
   [F:121][D:1]-> C:\Users\Seb\AppData\Roaming\MICROS~1\Windows\Cookies
   [F:54][D:5]-> C:\Users\Seb\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
   [F:1180][D:38]-> C:\$Recycle.Bin

   1 - "C:\Lop SD\LopR_1.txt" - 16/10/2008|22:49 - Option : [1]
   2 - "C:\Lop SD\LopR_2.txt" - 16/10/2008|23:23 - Option : [2]

   --------------------\  Fin du rapport a 23:23:01
   [ UAC => 1 ]

seb67 · Answer

Voila le résultat:

   --------------------\  Lop S&D 4.2.4-5   XP/Vista

   Microsoft® Windows Vista™ Édition Familiale Premium  ( v6.0.6001 ) Service Pack 1
   X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU         T5600  @ 1.83GHz )
   BIOS : Phoenix ROM BIOS PLUS Version 1.10 A08
   USER : Seb ( Not Administrator ! )
   BOOT : Normal boot
   C:\ (Local Disk) - NTFS - Total : 136 Go Free : 72 Go
   D:\ (Local Disk) - NTFS - Total : 9 Go Free : 6 Go
   E:\ (CD or DVD) - UDF - Total : 5 Go Free : 0 Go

   "C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
   Option : [2] ( 16/10/2008|23:15 )

   [ UAC => 1 ]


   \\\\\\\\\\\\\\\ SUPPRESSION

   Supprime! - C:\Users\Seb\AppData\Local\Temp\NSU_db0bb2299e924b3d12dba8
   Supprime! - C:\Users\Seb\AppData\Local\Temp\NSU_e1bfd8bbf8c0423812dba8
   -
   [ Fichier Hosts ] .. Restaure!
 
   \\\\\\\\\\\\\\\ 

 
   --------------------\  Listing des dossiers dans Local  

   [27/06/2007|22:56] C:\Users\Seb\AppData\Local\Adobe
   [05/06/2007|19:03] C:\Users\Seb\AppData\Local\Application Data 
   [05/06/2007|19:06] C:\Users\Seb\AppData\Local\ATI
   [08/05/2008|10:01] C:\Users\Seb\AppData\Local\d3d9caps.dat
   [14/09/2008|15:15] C:\Users\Seb\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
   [02/07/2007|19:51] C:\Users\Seb\AppData\Local\GDIPFONTCACHEV1.DAT
   [14/01/2008|00:00] C:\Users\Seb\AppData\Local\Google
   [05/06/2007|19:03] C:\Users\Seb\AppData\Local\Historique 
   [16/10/2008|07:10] C:\Users\Seb\AppData\Local\IconCache.db
   [30/06/2007|19:34] C:\Users\Seb\AppData\Local\MediaDirect
   [15/08/2008|14:54] C:\Users\Seb\AppData\Local\Microsoft
   [06/06/2007|22:04] C:\Users\Seb\AppData\Local\Microsoft Games
   [29/09/2007|18:13] C:\Users\Seb\AppData\Local\Mozilla
   [30/06/2007|01:22] C:\Users\Seb\AppData\Local\Powercinema
   [08/06/2007|20:44] C:\Users\Seb\AppData\Local\Protexis
   [04/11/2007|22:29] C:\Users\Seb\AppData\Local\SupportSoft
   [16/10/2008|23:15] C:\Users\Seb\AppData\Local\Temp
   [05/06/2007|19:03] C:\Users\Seb\AppData\Local\Temporary Internet Files 
   [14/10/2008|23:41] C:\Users\Seb\AppData\Local\VirtualStore
   [21/03/2008|12:43] C:\Users\Seb\AppData\Local\WindowsUpdate
 
   --------------------\  Tâches planifiées dans C:\Windows	asks

   [15/03/2008 02:00][--a------] C:\Windows	asks\McDefragTask.job
   [01/12/2007 02:00][--a------] C:\Windows	asks\McQcTask.job
   [16/10/2008 22:02][--ah-----] C:\Windows	asks\SA.DAT
   [16/10/2008 22:01][--a------] C:\Windows	asks\SCHEDLGU.TXT

   --------------------\  Listing des dossiers dans C:\ProgramData
   
   [01/06/2007|02:36] C:\ProgramData\Adobe
   [16/10/2008|22:02] C:\ProgramData\AppEnSys
   [05/06/2007|19:01] C:\ProgramData\Application Data 
   [07/07/2008|00:20] C:\ProgramData\AVS4YOU
   [17/07/2008|21:25] C:\ProgramData\Azureus
   [05/06/2007|19:01] C:\ProgramData\Bureau 
   [01/06/2007|02:38] C:\ProgramData\Corel
   [01/06/2007|02:50] C:\ProgramData\CyberLink
   [04/11/2007|22:32] C:\ProgramData\Dell
   [05/06/2007|19:01] C:\ProgramData\Documents 
   [05/06/2007|19:01] C:\ProgramData\Favoris 
   [01/06/2007|02:49] C:\ProgramData\Google
   [14/10/2008|23:41] C:\ProgramData\gryvepyf
   [01/06/2007|02:49] C:\ProgramData\Gtek
   [30/09/2008|00:05] C:\ProgramData\Installations
   [01/06/2007|02:41] C:\ProgramData\InstallShield
   [15/10/2008|22:52] C:\ProgramData\Malwarebytes
   [01/06/2007|02:47] C:\ProgramData\McAfee
   [05/06/2007|19:01] C:\ProgramData\Menu D‚marrer 
   [13/06/2007|20:14] C:\ProgramData\Microsoft
   [05/06/2007|19:01] C:\ProgramData\ModŠles 
   [22/06/2008|17:37] C:\ProgramData\Nokia
   [07/06/2007|21:08] C:\ProgramData\PC Suite
   [01/04/2008|22:16] C:\ProgramData\Roxio
   [01/06/2007|02:41] C:\ProgramData\Sonic
   [04/11/2007|22:28] C:\ProgramData\SupportSoft
   [14/10/2008|23:41] C:\ProgramData\ulipqdav
   [20/01/2008|19:54] C:\ProgramData\ZoomBrowser

   --------------------\  Listing des dossiers dans C:\Program Files

   [01/06/2007|02:36] C:\Program Files\Adobe
   [01/06/2007|02:27] C:\Program Files\ATI Technologies
   [07/07/2008|21:41] C:\Program Files\AVS4YOU
   [15/10/2008|21:06] C:\Program Files\Azureus
   [01/06/2007|02:49] C:\Program Files\BAE
   [20/01/2008|19:36] C:\Program Files\Canon
   [30/09/2008|00:06] C:\Program Files\Common Files
   [01/06/2007|02:14] C:\Program Files\CONEXANT
   [01/06/2007|02:39] C:\Program Files\Corel
   [01/06/2007|02:50] C:\Program Files\CyberLink
   [08/06/2007|19:11] C:\Program Files\Dell
   [04/11/2007|22:27] C:\Program Files\Dell Support Center
   [01/06/2007|02:48] C:\Program Files\DellSupport
   [07/06/2007|20:21] C:\Program Files\DIFX
   [01/06/2007|02:31] C:\Program Files\Digital Line Detect
   [13/01/2008|23:04] C:\Program Files\DivX
   [10/02/2008|16:44] C:\Program Files\e-Carte Bleue
   [05/06/2007|19:01] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
   [12/05/2008|18:48] C:\Program Files\FLV Player
   [13/01/2008|23:59] C:\Program Files\Google
   [08/06/2007|19:49] C:\Program Files\HardwareDetection
   [27/10/2007|16:21] C:\Program Files\InstallShield Installation Information
   [21/03/2008|15:03] C:\Program Files\Internet Explorer
   [01/06/2007|02:27] C:\Program Files\Java
   [27/10/2007|16:05] C:\Program Files\KONAMI
   [15/10/2008|22:52] C:\Program Files\Malwarebytes' Anti-Malware
   [12/09/2008|21:03] C:\Program Files\McAfee
   [01/06/2007|02:45] C:\Program Files\McAfee.com
   [02/11/2006|14:37] C:\Program Files\Microsoft Games
   [01/06/2007|02:36] C:\Program Files\Microsoft Office
   [10/09/2008|20:33] C:\Program Files\Microsoft Works
   [01/06/2007|02:30] C:\Program Files\Modem Diagnostic Tool
   [21/03/2008|15:03] C:\Program Files\Movie Maker
   [07/10/2008|21:15] C:\Program Files\Mozilla Firefox
   [08/07/2008|21:29] C:\Program Files\mp3DirectCut
   [02/11/2006|14:37] C:\Program Files\MSBuild
   [05/06/2007|21:27] C:\Program Files\MSN Messenger
   [01/06/2007|02:27] C:\Program Files\MSXML 4.0
   [01/06/2007|02:28] C:\Program Files\NetWaiting
   [30/09/2008|00:10] C:\Program Files\Nokia
   [01/07/2007|18:31] C:\Program Files\OpenOffice.org 2.2
   [07/06/2007|20:19] C:\Program Files\PC Connectivity Solution
   [03/08/2008|13:18] C:\Program Filesacer
   [02/11/2006|14:37] C:\Program Files\Reference Assemblies
   [12/06/2007|19:41] C:\Program Files\Roxio
   [11/03/2008|22:03] C:\Program Files\SigmaTel
   [01/06/2007|10:07] C:\Program Files\Synaptics
   [01/01/2008|19:05] C:\Program Files\SystemRequirementsLab
   [02/11/2006|15:01] C:\Program Files\Uninstall Information
   [10/06/2007|21:03] C:\Program Files\VideoLAN
   [01/06/2007|02:32] C:\Program Files\WIDCOMM
   [21/03/2008|15:03] C:\Program Files\Windows Calendar
   [21/03/2008|15:03] C:\Program Files\Windows Collaboration
   [21/03/2008|15:03] C:\Program Files\Windows Defender
   [21/03/2008|15:03] C:\Program Files\Windows Journal
   [16/10/2008|03:11] C:\Program Files\Windows Mail
   [21/03/2008|15:03] C:\Program Files\Windows Media Player
   [05/06/2007|19:01] C:\Program Files\Windows NT
   [21/03/2008|15:03] C:\Program Files\Windows Photo Gallery
   [21/03/2008|15:03] C:\Program Files\Windows Sidebar
   [29/10/2007|00:26] C:\Program Files\WinRAR

   --------------------\  Listing des dossiers dans C:\Program Files\Common Files

   [01/06/2007|02:36] C:\Program Files\Common Files\Adobe
   [07/07/2008|21:41] C:\Program Files\Common Files\AVSMedia
   [20/01/2008|19:31] C:\Program Files\Common Files\Canon
   [01/06/2007|02:39] C:\Program Files\Common Files\Corel
   [01/06/2007|02:42] C:\Program Files\Common Files\InstallShield
   [01/06/2007|02:27] C:\Program Files\Common Files\Java
   [14/03/2008|15:08] C:\Program Files\Common Files\McAfee
   [07/07/2008|00:19] C:\Program Files\Common Files\microsoft shared
   [30/09/2008|00:06] C:\Program Files\Common Files\Nokia
   [22/06/2008|17:34] C:\Program Files\Common Files\PCSuite
   [05/08/2007|16:25] C:\Program Files\Common Files\PX Storage Engine
   [01/06/2007|02:41] C:\Program Files\Common Files\Roxio Shared
   [02/11/2006|13:18] C:\Program Files\Common Files\Services
   [01/06/2007|02:43] C:\Program Files\Common Files\Sonic Shared
   [02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
   [04/11/2007|22:27] C:\Program Files\Common Files\supportsoft
   [01/06/2007|02:41] C:\Program Files\Common Files\SureThing Shared
   [21/03/2008|15:03] C:\Program Files\Common Files\System

   --------------------\  Process

   ( 83 Processes )

   ... OK !

   --------------------\  Recherche avec S_Lop

   Aucun fichier / dossier Lop trouvé !
 
   --------------------\  Recherche de Fichiers / Dossiers Lop

   Aucun fichier / dossier Lop trouvé ! 
 
   --------------------\  Verification du Registre
 
   ..... OK !

   --------------------\  Verification du fichier Hosts

   Fichier Hosts PROPRE


   --------------------\  Recherche de fichiers avec Catchme
 
   catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
   Rootkit scan 2008-10-16 23:15:37
   Windows 6.0.6001 Service Pack 1 NTFS
   scanning hidden processes ...
   scanning hidden files ...
   scan completed successfully
   hidden processes: 0
   hidden files: 9
 
   --------------------\  Recherche d'autres infections

   --------------------\  Cracks & Keygens ..

   C:\Users\Seb\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NDLCPJJZ\keyGen[1].htm


   [F:5873][D:442]-> C:\Users\Seb\AppData\Local\Temp
   [F:121][D:1]-> C:\Users\Seb\AppData\Roaming\MICROS~1\Windows\Cookies
   [F:54][D:5]-> C:\Users\Seb\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
   [F:1180][D:38]-> C:\$Recycle.Bin

   1 - "C:\Lop SD\LopR_1.txt" - 16/10/2008|22:49 - Option : [1]
   2 - "C:\Lop SD\LopR_2.txt" - 16/10/2008|23:23 - Option : [2]

   --------------------\  Fin du rapport a 23:23:01
   [ UAC => 1 ]

crapoulou · Answer

Supprime ce crack qui pourrait être source d'infection :
C:\Users\Seb\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\NDLCPJJZ\keyGen[1].htm

Poste un nouveau rapport hijackthis stp.

seb67 · Answer

Et le voici:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:33:10, on 16/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32	askeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\e-Carte Bleue\LA BANQUE POSTALE\CVD ADESIO\ECB.exe
C:\Windows\sttray.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Users\Seb\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Snapfire Plus\PhotoDownloader.exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe
O4 - HKLM\..\Run: [eCarteBleue-LP-P1] "C:\Program Files\e-Carte Bleue\LA BANQUE POSTALE\CVD ADESIO\ECB.exe"  /dontopenmycards
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [RDsl12vg7H] C:\Users\Seb\AppData\Local\Temp\windfr.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin
pjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin
pjpi160.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix: 
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/5.0.15.0/ImageUploader5.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

crapoulou · Answer

Télécharge Malwarebytes' Anti-Malware: https://www.malekal.com/tutoriel-malwarebyte-anti-malware/¬ 

- Sur la page cliques sur Télécharger Malwarebyte's Anti-Malware 
- Enregistres le sur le bureau
- Double cliques sur le fichier téléchargé pour lancer le processus d'installation. 
- Dans l'onglet "mise à jour", cliques sur le bouton Recherche de mise à jour
- Si le pare-feu demande l'autorisation de se connecter pour malwarebytes, acceptes
- Une fois la mise à jour terminée, fermes Malwarebytes 
- Redémarres en mode sans échec pour savoir comment au cas ou tu ne saurais pas regarde plus bas 
- Une fois en mode sans échec tu double-cliques sur l'icône de malwarebytes 
- Une fois ouvert rend-toi dans l'onglet, Recherche
- Sélectionnes Exécuter un examen complet
- Cliques sur Rechercher
- Le scan démarre. 
- A la fin de l'analyse, un message s'affiche : L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés. 
- Cliques sur Ok pour poursuivre. 
- Si des malwares ont été détectés, cliques sur Afficher les résultats
- Sélectionnes tout (ou laisses cochés) et cliques sur Supprimer la sélection Malwarebytes va détruire les fichiers et clés de registre et en mettre une copie dans la quarantaine. 
- Malwarebytes va ouvrir le bloc-notes et y copier le rapport d'analyse. 
- Redémarre le PC
- Une fois redémarré en mode normal double-cliques sur malwarebytes 
- Rends toi dans l'onglet rapport/log
- Tu cliques dessus pour l'afficher une fois affiché
- Tu cliques sur édition en haut du boc notes, et puis sur sélectionner tous
- Tu recliques sur édition et puis sur copier et tu reviens sur le forum et dans ta réponse
- Tu cliques droit dans le cadre de la réponse et coller 


Si tu as besoin d'aide regarde ce tutorial : 
https://www.malekal.com/tutoriel-malwarebyte-anti-malware/ 


(attention : pas de connexion possible en mode sans échec, donc copies ou imprimes bien la manipe pour éviter les erreurs ...) 
Pour redémarrer en mode sans échec : 

Cliques sur Démarrer
. Cliques sur Arrêter
. Sélectionnes Redémarrer et au redémarrage
. Appuis sur la touche F8 sans discontinuer "1 appuis seconde" dès qu'un écran de texte apparaît puis disparaît
. Utilise les touches de direction pour sélectionner mode sans échec
. Puis appuis sur ENTRÉE
. Il faudra choisir ta session habituelle, pas le compte "Administrateur" ou une autre 
une fois démarré ne t'inquiète pas si les couleurs et les icônes ne sont pas comme d'habitude.

seb67 · Answer

Voila le rapport généré (il n'a rien trouvé je crois):
C'est effectivement bon signe?

Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1274
Windows 6.0.6001 Service Pack 1

16/10/2008 23:58:39
mbam-log-2008-10-16 (23-58-39).txt

Type de recherche: Examen rapide
Eléments examinés: 111693
Temps écoulé: 10 minute(s), 21 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)

crapoulou · Answer

ok, fais un examen complet.

seb67 · Answer

Voila le rapport complet,2 detections / suppressions:
Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1274
Windows 6.0.6001 Service Pack 1

17/10/2008 01:06:29
mbam-log-2008-10-17 (01-06-29).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 242190
Temps écoulé: 55 minute(s), 23 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\Users\Seb\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4SHYE1TI
d82m0[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Users\Seb\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SP6YMF5C\upd105320[1] (Trojan.Vundo) -> Quarantined and deleted successfully.

crapoulou · Answer

-> Télécharge Ccleaner (n'installe pas la barre d'outil Yahoo): 

http://www.commentcamarche.net/telecharger/telecharger 168 ccleaner 

-> L´installer.

->  « nettoyeur » 

Quitte ton navigateur Internet avant de le lancer, décoche la dernière case (Avancé si elle est cochée) puis click sur "lancer le nettoyage" quand il aura terminé le scan cliques en bas à droite sur "lancer le nettoyage" et accepte par oui.
Attention, il risque de vider ta corbeille : si tu veux récupérer des fichiers effacés par erreur, mieux vaut le faire maintenant.

-> Tutorial en image : 
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php

clic aussi sur l'onglet "registre" et supprime toutes les erreurs sélectionnées.

seb67 · Answer

Voila, j'ai fait la manip!
Y'a t il une autre étape?

Merci bcp

crapoulou · Answer

Poste un nouveau rapport hijackthis stp.

seb67 · Answer

oili le résultat:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:13:47, on 17/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32	askeng.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\e-Carte Bleue\LA BANQUE POSTALE\CVD ADESIO\ECB.exe
C:\Windows\sttray.exe
C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Windows\ehome\ehmsas.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Users\Seb\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [ECenter] c:\dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe
O4 - HKLM\..\Run: [eCarteBleue-LP-P1] "C:\Program Files\e-Carte Bleue\LA BANQUE POSTALE\CVD ADESIO\ECB.exe"  /dontopenmycards
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [NSLauncher] C:\Program Files\Nokia\Nokia Software Launcher\NSLauncher.exe /startup
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Readereader_sl.exe
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin
pjpi160.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin
pjpi160.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix: 
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - https://www.touslesdrivers.com/index.php?v_page=29
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/5.0.15.0/ImageUploader5.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\common files\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee SpamKiller Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

crapoulou · Answer

Relance hijackthis.
Clic sur "Do a system scan only".
Coche cette ligne :
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)!
Clic ensuite sur fix checked.

Remarque tu des problèmes sur ton ordi ?

seb67 · Answer

Ree

Voili, j'ai fait la manip ci-dessus..

Pour répondre à ta question, non je ne remarque plus rien maintenant, plus ces pop up vers des liens anti virus, plus d'alerte trojan!!!
C'est génial (je touche ma tête!!!!)

Penses tu que je sois guéri?

Que faire également de tous les fichiers qui sont en quarantaine dans anti-malware?


Merci bcp pour l'aide

crapoulou · Answer

Les supprimer.

Pour supprimer toutes les traces des logiciels qui ont servi à traiter les infections spécifiques : 

Télécharge toolscleaner sur ton Bureau : 
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner 
* Double-clique sur ToolsCleaner2.exe et laisse le travailler 
* Clique sur Recherche et laisse le scan se terminer. 
* Clique sur Suppression pour finaliser. 
* Tu peux, si tu le souhaites, te servir des Options facultatives. 
* Clique sur Quitter, pour que le rapport puisse se créer. 
* Le rapport (TCleaner.txt) se trouve à la racine de votre disque dur (C:\)...colle le dans ta réponse.

seb67 · Answer

Oki super c'est en cours!
Je te tiens au courant de ce que ca aura donné des le scan fini...

Sinon, les rapports te semblent clean?

crapoulou · Answer

oui ça me semble clean.

seb67 · Answer

Super!

Je viens de supprimer les fichiers trouvés le prog!

Par contre j'ai la quarantain anti-malware encore pleine

Dois je supprimer via anti-malware?

crapoulou · Answer

oui.

seb67 · Answer

Okiii c'est fait!!!

Crapoulou, je tiens réellement à te remercier pour l'aide que tu m'as apporté à résoudre mon pb et le temps que tu m'as consacré... je trouve ça génial que des personnes comme toi avec de la connaissance mettent à disposition leur savoir pour aider d'autres personnes...

Bravo pour tes conseils et instructions précises et détaillées!

Le résultat est pour l'instant parfait! 

Encore une fois merci

Sébastien

crapoulou · Answer

Je t'en pris, bonne soirée.
Tiens moi au courant si t'as un souci ;-) !

seb67 · Answer

Oki avec plaisir (sans te déranger bien entendu)...
Par Mail? ou tu as toujours le même pseudo???

Très bonne soirée à toi également, bon weekend, et merci encore

crapoulou · Answer

Par message privé si tu le désires ou bien sur le forum : ce sera moi ou quelqu'un d'autre, pas de souci.
Mais message privé sur le forum sans souci : c'est toujours ce même pseudo ;-) (en tant que membre bien sûr).
Bonne soirée.

seb67 · Answer

Oki c'est noté

MErci bonne soirée

Analyse rapport hijackthis suite anti-malware

29 réponses

Discussions similaires

Newsletters