francescaC

OK. Merci encore pour votre aide précieuse et vos conseils utiles! -Francesca

Bonjour, Voici les rapports suivants (AVG AS, HijackThis, & ToolsCleaner) : Pour info, tout seble normal au niveau fonctionnement PC. Avant, Windows Explorer n'ouvrait pas, mais j'arrivais à voir mes fichiers par biais du desktop et/ou les logiciels associés. Maintenant Explorer ouvre sans problème. En revanche, je vois que le fichier NAPiNSP.dll est toujours là. Impossible de le supprimer. Merci bien pour votre aide. -F --------------------------------------------------------- AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 20:39:12 14/03/2008 + Scan result: C:\DATA\Parametres_Perso\GAMES\surpresa.exe -> Downloader.Agent.fgm : Cleaned with backup (quarantined). :mozilla.425:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned. :mozilla.426:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned. :mozilla.427:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned. :mozilla.111:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.112:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.113:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.114:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.115:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.116:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.117:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.118:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.119:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.120:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.121:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.122:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.123:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.124:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.126:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.127:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.129:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.130:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.131:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.416:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.437:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.858:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.941:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. C:\Users\Francesca\AppData\Roaming\Microsoft\Windows\Cookies\Low\francesca@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Users\Francesca\AppData\Roaming\Microsoft\Windows\Cookies\francesca@2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Users\Francesca\AppData\Roaming\Microsoft\Windows\Cookies\francesca@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. :mozilla.452:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.453:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.356:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.357:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.358:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.359:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.360:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.361:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.362:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.363:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.182:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.73:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.74:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.75:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.76:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.77:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.54:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Adviva : Cleaned. :mozilla.30:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned. C:\Users\Francesca\AppData\Roaming\Microsoft\Windows\Cookies\Low\francesca@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned. C:\Users\Francesca\AppData\Roaming\Microsoft\Windows\Cookies\francesca@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned. :mozilla.51:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned. C:\Users\Francesca\AppData\Roaming\Microsoft\Windows\Cookies\francesca@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned. :mozilla.918:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned. :mozilla.919:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned. :mozilla.62:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.63:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.64:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.65:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.66:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.67:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.68:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.69:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.70:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.71:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.72:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.300:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.301:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.302:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Comclick : Cleaned. :mozilla.838:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned. :mozilla.812:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Dealtime : Cleaned. :mozilla.813:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Dealtime : Cleaned. :mozilla.32:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. C:\Users\Francesca\AppData\Roaming\Microsoft\Windows\Cookies\francesca@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.86:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Estat : Cleaned. :mozilla.242:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.243:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.244:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.245:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.763:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.764:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.765:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.766:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.198:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.297:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.606:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.675:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.676:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.347:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned. :mozilla.348:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned. :mozilla.379:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned. :mozilla.10:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Netflame : Cleaned. :mozilla.11:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Netflame : Cleaned. :mozilla.9:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Netflame : Cleaned. :mozilla.511:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Overture : Cleaned. :mozilla.666:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.667:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.668:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.669:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.670:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.671:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.672:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.420:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.421:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. C:\Users\Francesca\AppData\Roaming\Microsoft\Windows\Cookies\francesca@real[2].txt -> TrackingCookie.Real : Cleaned. :mozilla.142:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.143:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.144:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.145:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.146:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.147:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.148:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.149:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Revsci : Cleaned. :mozilla.221:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.222:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.223:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.224:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.225:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.226:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.227:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. C:\Users\Francesca\AppData\Roaming\Microsoft\Windows\Cookies\francesca@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned. C:\Users\Francesca\AppData\Roaming\Microsoft\Windows\Cookies\francesca@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.57:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.58:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.59:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.60:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.61:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned. :mozilla.100:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.101:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.102:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.103:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.104:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.105:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.106:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.107:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.108:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.92:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.93:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.94:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.95:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.96:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.97:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.98:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.99:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.345:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.346:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.351:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.352:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.246:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.247:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.248:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.249:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.250:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.150:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.151:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.152:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.153:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.288:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.289:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.290:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.291:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.304:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned. C:\Users\Francesca\AppData\Roaming\Microsoft\Windows\Cookies\francesca@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned. :mozilla.110:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned. :mozilla.25:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.26:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.27:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.28:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.29:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.31:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.444:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.449:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.450:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.451:C:\Users\Francesca\AppData\Roaming\Mozilla\Firefox\Profiles\tglfve3n.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. ::Report end RAPPORT HIJACKTHIS Logfile of HijackThis v1.99.0 Scan saved at 21:00:40, on 14/03/2008 Platform: Unknown Windows (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16575) Running processes: C:\PROGRA~1\McAfee.com\Agent\mcagent.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\WindowsMobile\wmdc.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\DATA\Soft\Hijack This\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O11 - Options group: [iNTERNATIONAL] International* O13 - Gopher Prefix: O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O23 - Service: McAfee Application Installer Cleanup (0142961205311711) - Unknown - C:\Windows\TEMP\014296~1.EXE (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: McAfee Services - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 - Unknown - %windir%\system32\svchost.exe (file missing) O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 - Unknown - %windir%\system32\svchost.exe (file missing) O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: stllssvr - Unknown - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 - Unknown - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing) RAPPORT TOOLSCLEANER -->- Recherche: C:\Combofix: trouvé ! C:\Qoobox: trouvé ! C:\DATA\Soft\HijackThis.exe: trouvé ! C:\DATA\Soft\Debbuging tools\LSPFix.exe: trouvé ! C:\DATA\Soft\Hijack This\HijackThis.exe: trouvé ! C:\lucho\HijackThis.exe: trouvé ! C:\QooBox\Quarantine\C\Combofix: trouvé ! C:\Users\Francesca\Desktop\ComboFix.exe: trouvé !

Rebonjour, OK, j'ai modifié le registre et j'ai téléchargé/lancé LSPfix. J'ai réussi à déplacer les 2 dll en "remove". En revanche, impossible de supprimer les fichiers mêmes par la suite (ni en mode Safe ni en mode Normal). Les fichiers y sont toujours, même si HijackThis ne les évoque pas dans le dernier log qui suit: Encore un grand merci pour votre aide. -Francesca Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:02:15, on 13/03/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16575) Boot mode: Normal Running processes: C:\PROGRA~1\McAfee.com\Agent\mcagent.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\RtHDVCpl.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\WindowsMobile\wmdc.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Windows\System32\mobsync.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\SearchFilterHost.exe C:\lucho\hijackthis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O23 - Service: McAfee Application Installer Cleanup (0142961205311711) (0142961205311711mcinstcleanup) - Unknown owner - C:\Windows\TEMP\014296~1.EXE (file missing) O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: Norton Save and Restore - Symantec Corporation - C:\Program Files\Norton Save and Restore\Agent\VProSvc.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- End of file - 9765 bytes

Re-bonjour, Voici le nouveau log HijackThis: Logfile of HijackThis v1.99.0 Scan saved at 15:05:03, on 13/03/2008 Platform: Unknown Windows (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16575) Running processes: C:\PROGRA~1\McAfee.com\Agent\mcagent.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\WindowsMobile\wmdc.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\System32\mobsync.exe C:\Program Files\McAfee\MSC\mcuimgr.exe C:\DATA\Soft\Hijack This\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://partnerpage.google.com/smallbiz.del...amp;ibd=3071221 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - C:\Program Files\McAfee\MSK\mcapbho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - c:\PROGRA~1\mcafee\VIRUSS~1\scriptsn.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll O11 - Options group: [iNTERNATIONAL] International* O13 - Gopher Prefix: O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/d...can_unicode.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O23 - Service: McAfee Application Installer Cleanup (0142961205311711) - Unknown - C:\Windows\TEMP\014296~1.EXE (file missing) O23 - Service: Ad-Aware 2007 Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: McAfee Services - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: Norton Save and Restore - Symantec Corporation - C:\Program Files\Norton Save and Restore\Agent\VProSvc.exe O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 - Unknown - %windir%\system32\svchost.exe (file missing) O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 - Unknown - %windir%\system32\svchost.exe (file missing) O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 - Unknown - %ProgramFiles%\Windows Media Player\wmpnetwk.exe (file missing)

Bonjour, Merci pour votre aide. OK, voici le rapport ComboFix. Je vous envoie le rapport HijackThis par la suite. -FC ComboFix 08-03-10.1 - Francesca 2008-03-13 14:38:06.3 - NTFSx86 Microsoft® Windows Vista™ Business 6.0.6000.0.1252.1.1033.18.2454 [GMT 1:00] Running from: C:\Users\Francesca\Desktop\ComboFix.exe Command switches used :: C:\Users\Francesca\Desktop\CFScript.txt * Created a new restore point FILE :: C:\Windows\QTFont.for C:\Windows\QTFont.qfn C:\Windows\System32\umteyjnx.ini C:\Windows\System32\xbalphdl.ini . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Windows\QTFont.for C:\Windows\QTFont.qfn C:\Windows\System32\umteyjnx.ini C:\Windows\System32\xbalphdl.ini . ((((((((((((((((((((((((( Files Created from 2008-02-13 to 2008-03-13 ))))))))))))))))))))))))))))))) . 2008-03-12 01:25 . 2008-03-12 01:25 <DIR> d-------- C:\Program Files\Debugging Tools for Windows 2008-03-12 00:39 . 2008-03-12 01:40 <DIR> d-------- C:\Users\All Users\Kaspersky Lab 2008-03-12 00:39 . 2008-03-12 01:40 <DIR> d-------- C:\ProgramData\Kaspersky Lab 2008-03-11 19:15 . 2008-03-11 19:15 <DIR> d-------- C:\Windows\System32\Kaspersky Lab 2008-03-10 17:35 . 2008-03-10 17:35 <DIR> d-------- C:\kav 2008-03-10 17:06 . 2008-03-10 17:08 <DIR> d-------- C:\Users\All Users\Lavasoft 2008-03-10 17:06 . 2008-03-10 17:08 <DIR> d-------- C:\ProgramData\Lavasoft 2008-03-10 17:06 . 2008-03-10 17:06 <DIR> d-------- C:\Program Files\Lavasoft 2008-03-10 17:05 . 2008-03-10 17:05 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-03-09 23:57 . 2008-03-10 12:38 <DIR> d-------- C:\Users\Francesca\AppData\Roaming\uTorrent 2008-03-09 23:57 . 2008-03-10 00:14 <DIR> d-------- C:\Program Files\uTorrent 2008-02-23 00:59 . 2008-02-23 00:59 <DIR> d-------- C:\Program Files\UUD32Win 2008-02-20 11:32 . 2008-03-04 14:14 69 --a------ C:\Windows\NeroDigital.ini 2008-02-20 01:05 . 2008-02-20 01:05 <DIR> d-------- C:\Users\All Users\Apple Computer 2008-02-20 01:05 . 2008-02-20 01:05 <DIR> d-------- C:\Users\All Users\Apple 2008-02-20 01:05 . 2008-02-20 01:05 <DIR> d-------- C:\ProgramData\Apple Computer 2008-02-20 01:05 . 2008-02-20 01:05 <DIR> d-------- C:\ProgramData\Apple 2008-02-20 01:05 . 2008-02-20 01:05 <DIR> d-------- C:\Program Files\QuickTime 2008-02-20 01:05 . 2008-02-20 01:05 <DIR> d-------- C:\Program Files\Apple Software Update 2008-02-19 22:43 . 2008-02-19 22:43 <DIR> d-------- C:\Users\Francesca\AppData\Roaming\Nero 2008-02-19 22:40 . 2008-02-19 22:40 <DIR> d-------- C:\Users\All Users\Nero 2008-02-19 22:40 . 2008-02-19 22:40 <DIR> d-------- C:\ProgramData\Nero 2008-02-19 22:40 . 2008-02-19 22:40 <DIR> d-------- C:\Program Files\Nero 2008-02-19 22:40 . 2008-02-19 22:42 <DIR> d-------- C:\Program Files\Common Files\Nero 2008-02-19 20:48 . 2008-02-28 00:20 67 --a------ C:\Windows\DVDRegionFreeLite.INI 2008-02-19 17:16 . 2008-02-19 17:16 <DIR> d-------- C:\Program Files\Windows Live Toolbar 2008-02-19 17:16 . 2008-02-19 17:16 <DIR> d-------- C:\Program Files\Windows Live Favorites 2008-02-19 17:05 . 2008-02-19 21:32 <DIR> d-------- C:\Program Files\Windows Live 2008-02-19 17:05 . 2008-02-19 17:12 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller 2008-02-19 17:04 . 2008-02-19 17:04 <DIR> d-------- C:\Users\All Users\WLInstaller 2008-02-19 17:04 . 2008-02-19 17:04 <DIR> d-------- C:\ProgramData\WLInstaller 2008-02-19 08:36 . 2008-02-19 08:36 <DIR> d-------- C:\Windows\Sun 2008-02-18 22:18 . 2007-09-25 12:45 184,320 --a------ C:\Windows\System32\igfxres.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-12 08:48 --------- d-----w C:\Program Files\McAfee 2008-03-09 15:00 --------- d-----w C:\ProgramData\DVD Shrink 2008-03-09 13:29 --------- d-----w C:\Users\Francesca\AppData\Roaming\FileZilla 2008-02-26 18:34 --------- d-----w C:\ProgramData\Dell 2008-02-19 21:32 --------- d-----w C:\Program Files\Ahead 2008-02-03 13:41 --------- d-----w C:\Program Files\Picasa2 2008-01-29 13:51 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-01-29 13:50 --------- d-----w C:\Users\Francesca\AppData\Roaming\AgipaMaster 2008-01-29 13:50 --------- d-----w C:\Program Files\APLI-AGIPA 2008-01-22 17:02 --------- d-----w C:\Program Files\Common Files\xing shared 2008-01-22 17:01 --------- d-----w C:\Program Files\Real 2008-01-22 17:01 --------- d-----w C:\Program Files\Common Files\Real 2008-01-15 19:52 --------- d-----w C:\Program Files\Microsoft ActiveSync 2008-01-15 19:51 --------- d-----w C:\Program Files\Microsoft.NET 2008-01-15 12:23 --------- d-----w C:\Users\Francesca\AppData\Roaming\CyberLink 2008-01-15 12:23 --------- d-----w C:\ProgramData\CyberLink 2008-01-14 00:03 --------- d-----w C:\Program Files\Microsoft Games 2008-01-13 23:58 --------- d-----w C:\Users\Francesca\AppData\Roaming\Goodsol 2008-01-13 23:57 --------- d-----w C:\Program Files\FreeCell Wizard 2008-01-13 21:41 --------- d-----w C:\Users\Francesca\AppData\Roaming\vlc 2007-12-27 19:58 1,327,104 ----a-w C:\Windows\System32\quartz.dll 2007-12-27 19:57 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL 2007-12-27 19:57 824,832 ----a-w C:\Windows\System32\wininet.dll 2007-12-27 19:57 56,320 ----a-w C:\Windows\System32\iesetup.dll 2007-12-27 19:57 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll 2007-12-27 19:57 26,624 ----a-w C:\Windows\System32\ieUnatt.exe 2007-12-27 19:57 223,232 ----a-w C:\Windows\System32\WMASF.DLL 2007-12-27 19:56 3,504,824 ----a-w C:\Windows\System32\ntkrnlpa.exe 2007-12-27 19:56 3,470,520 ----a-w C:\Windows\System32\ntoskrnl.exe 2007-12-27 19:50 53,080 ----a-w C:\Windows\System32\wuauclt.exe 2007-12-27 19:50 43,352 ----a-w C:\Windows\System32\wups2.dll 2007-12-27 19:50 1,712,984 ----a-w C:\Windows\System32\wuaueng.dll 2007-12-27 19:50 1,524,224 ----a-w C:\Windows\System32\wucltux.dll 2007-12-27 19:49 80,896 ----a-w C:\Windows\System32\wudriver.dll 2007-12-27 19:49 549,720 ----a-w C:\Windows\System32\wuapi.dll 2007-12-27 19:49 33,624 ----a-w C:\Windows\System32\wups.dll 2007-12-27 19:48 31,232 ----a-w C:\Windows\System32\wuapp.exe 2007-12-27 19:48 163,000 ----a-w C:\Windows\System32\wuwebv.dll 2007-12-21 09:34 229,888 ----a-w C:\Windows\System32\msshsq.dll 2007-12-21 09:33 87,040 ----a-w C:\Windows\System32\msoert2.dll 2007-12-21 09:33 750,080 ----a-w C:\Windows\System32\qmgr.dll 2007-12-21 09:33 39,424 ----a-w C:\Windows\System32\ACCTRES.dll 2007-12-21 09:33 205,824 ----a-w C:\Windows\System32\msoeacct.dll 2007-12-21 09:33 1,335,296 ----a-w C:\Windows\System32\msxml6.dll 2007-12-21 09:31 974,336 ----a-w C:\Windows\System32\crypt32.dll 2007-12-21 09:31 8,704 ----a-w C:\Windows\System32\hcrstco.dll 2007-12-21 09:31 8,704 ----a-w C:\Windows\System32\hccoin.dll 2007-12-21 09:31 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL 2007-12-21 09:31 788,992 ----a-w C:\Windows\System32\rpcrt4.dll 2007-12-21 09:31 7,680 ----a-w C:\Windows\System32\spwmp.dll 2007-12-21 09:31 633,856 ----a-w C:\Windows\System32\user32.dll 2007-12-21 09:31 4,096 ----a-w C:\Windows\System32\dxmasf.dll 2007-12-21 09:31 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll 2007-12-21 09:31 2,026,496 ----a-w C:\Windows\System32\win32k.sys 2007-12-21 09:28 84,480 ----a-w C:\Windows\System32\INETRES.dll 2007-12-21 09:28 737,792 ----a-w C:\Windows\System32\inetcomm.dll 2007-12-21 09:28 1,191,936 ----a-w C:\Windows\System32\msxml3.dll 2007-12-21 09:26 98,304 ----a-w C:\Windows\System32\mssitlb.dll 2007-12-21 09:25 22,016 ----a-w C:\Windows\System32\netiougc.exe 2007-12-21 09:25 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll 2007-12-21 09:25 160,872 ----a-w C:\Windows\System32\halmacpi.dll 2007-12-21 09:25 134,760 ----a-w C:\Windows\System32\halacpi.dll 2007-12-21 09:25 134,144 ----a-w C:\Windows\System32\rdpdd.dll 2007-12-21 01:39 174 --sha-w C:\Program Files\desktop.ini 2007-12-14 10:32 12,632 ----a-w C:\Windows\System32\lsdelete.exe 2005-08-04 20:40 19,684,864 ----a-w C:\Windows\Media\Themes\Aura\Aura_2_3_1_51.exe 2002-11-14 16:31 36,864 ----a-w C:\Windows\Media\Themes\Babbling Brook v1-5 dir\saver1.dll 2002-11-14 16:31 18,192 ----a-w C:\Windows\Media\Themes\Babbling Brook v1-5 dir\saver2.dll 1999-06-28 18:42 196,334 ----a-w C:\Windows\Media\Themes\MC Escher\MC Escher Logos\MC Escher Logo Setup.exe 1999-06-28 18:37 1,742,795 ----a-w C:\Windows\Media\Themes\MC Escher\MC Escher Screen Saver\MC Escher Screen Saver Setup.exe . ((((((((((((((((((((((((((((( snapshot@2008-03-12_21.15.59.53 ))))))))))))))))))))))))))))))))))))))))) . - 2008-03-12 18:53:02 67,584 --s-a-w C:\Windows\bootstat.dat + 2008-03-13 06:29:50 67,584 --s-a-w C:\Windows\bootstat.dat - 2008-03-12 18:58:16 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat + 2008-03-13 10:57:14 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat - 2008-03-12 18:58:16 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat + 2008-03-13 10:57:14 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat - 2008-03-12 18:58:16 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat + 2008-03-13 10:57:14 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 10:23 202544] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [ ] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-09-20 15:35 202024] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 13:36 201728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-12-21 10:27 1006264] "RtHDVCpl"="RtHDVCpl.exe" [2007-05-14 10:03 4452352 C:\Windows\RtHDVCpl.exe] "IgfxTray"="C:\Windows\system32\igfxtray.exe" [2007-09-25 12:46 141848] "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2007-09-25 12:45 154136] "Persistence"="C:\Windows\system32\igfxpers.exe" [2007-09-25 12:45 129560] "Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe" [ ] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496] "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 14:00 174872] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 12:37 81920] "RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 12:22 221184] "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-12-21 02:54 1838592] "mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-08-03 22:33 582992] "dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 10:24 16384] "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-06-13 08:16 528384] "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136] "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 09:51 1836328] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-31 23:13 385024] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-01-22 18:01 185896] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{93994DE8-8239-4655-B1D1-5F4E91300429}"= C:\DATA\Soft\DVD Region+CSS Free Lite\DVDShell.dll [2004-10-09 14:18 49152] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acrobat Assistant.lnk] path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acrobat Assistant.lnk backup=C:\Windows\pss\Acrobat Assistant.lnk.CommonStartup backupExtension=.CommonStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2007-05-11 04:06 40048 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Save and Restore 2.0] --a------ 2007-02-13 19:57 2020968 C:\Program Files\Norton Save and Restore\Agent\VProTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv] --------- 2006-10-20 18:23 118784 C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] --a------ 2003-10-27 02:04 32768 C:\Program Files\Roxio\Roxio DVDMax Player\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RestartNeroSetup] C:\Users\FRANCE~1\AppData\Local\Temp\NERO13969\Setupx.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a------ 2008-01-22 18:01 185896 C:\Program Files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] --a------ 2007-12-20 16:16 37376 C:\Program Files\Winamp\winampa.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{CEB8F087-BCD1-4C9D-99D6-95D890B2530B}"= Profile=Private|Profile=Public|C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent|Desc=McAfee Network Agent "{CE952F5E-11AF-4A69-9F07-4F0D25DB78B0}"= TCP:2799:Altova License Metering Port (UDP) "{46D582E4-CD89-431D-99BB-41B441778370}"= UDP:2799:Altova License Metering Port (TCP) "{C4DFD80F-9175-4A97-9000-E5904C8A4C33}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)|Edge=TRUE| "{827537F2-DF2B-4797-8D90-B36A90CC2654}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent "{3EE09781-0978-445B-B191-9C84B22891F6}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) "DisableUnicastResponsesToMulticastBroadcast"= 1 (0x1) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic| [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) R2 Norton Save and Restore;Norton Save and Restore;C:\Program Files\Norton Save and Restore\Agent\VProSvc.exe [2007-02-13 19:57] R2 RapiMgr;Windows Mobile-based device connectivity;C:\Windows\system32\svchost.exe [2006-11-02 10:45] R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-11-15 10:23] R2 WcesComm;Windows Mobile-2003-based device connectivity;C:\Windows\system32\svchost.exe [2006-11-02 10:45] R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-09-25 12:45] S2 0142961205311711mcinstcleanup;McAfee Application Installer Cleanup (0142961205311711);C:\Windows\TEMP\014296~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini [] S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 08:36] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc bthsvcs REG_MULTI_SZ BthServ WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr . Contents of the 'Scheduled Tasks' folder "2008-03-13 13:31:00 C:\Windows\Tasks\Check Updates for Windows Live Toolbar.job" - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE "2008-01-15 00:00:00 C:\Windows\Tasks\McDefragTask.job" - c:\PROGRA~1\mcafee\mqc\QcConsol.exe' "2008-02-29 23:59:59 C:\Windows\Tasks\McQcTask.job" - c:\PROGRA~1\mcafee\mqc\QcConsol.exe . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-13 14:39:12 Windows 6.0.6000 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . Completion time: 2008-03-13 14:39:49 ComboFix-quarantined-files.txt 2008-03-13 13:39:47 ComboFix2.txt 2008-03-13 12:57:27 ComboFix3.txt 2008-03-12 20:16:24 . 2007-12-27 19:58:16 --- E O F ---

Bonjour, OK, en fait j'avais pas encore scanné avec ComboFix, juste avec Kaspersky. C'est le rapport Kaspersky qui était impossible à sauvegarder. Voici le rapport Combo-Fix : (merci d'avance pour votre aide) ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Windows\BMdd016084.xml C:\Windows\pskt.ini C:\Windows\system32\brcgkfhe.dll C:\Windows\system32\cyiteqkx.dll C:\Windows\system32\ddcyw.dll C:\Windows\system32\jdjfgjfy.dll C:\Windows\system32\mdtgjawg.dll C:\Windows\system32\ndbgworn.dll C:\Windows\System32\onmoq.ini C:\Windows\System32\onmoq.ini2 C:\Windows\system32\qomno.dll C:\Windows\system32\sdijwnlq.dll C:\Windows\system32\sstqo.dll C:\Windows\System32\stvut.ini C:\Windows\System32\stvut.ini2 C:\Windows\system32\tuvts.dll C:\Windows\System32\wycdd.ini C:\Windows\System32\wycdd.ini2 C:\Windows\System32\yfjgfjdj.ini . ((((((((((((((((((((((((( Files Created from 2008-02-12 to 2008-03-12 ))))))))))))))))))))))))))))))) . 2008-03-12 01:25 . 2008-03-12 01:25 <DIR> d-------- C:\Program Files\Debugging Tools for Windows 2008-03-12 00:39 . 2008-03-12 01:40 <DIR> d-------- C:\Users\All Users\Kaspersky Lab 2008-03-12 00:39 . 2008-03-12 01:40 <DIR> d-------- C:\ProgramData\Kaspersky Lab 2008-03-11 19:15 . 2008-03-11 19:15 <DIR> d-------- C:\Windows\System32\Kaspersky Lab 2008-03-10 17:35 . 2008-03-10 17:35 <DIR> d-------- C:\kav 2008-03-10 17:06 . 2008-03-10 17:08 <DIR> d-------- C:\Users\All Users\Lavasoft 2008-03-10 17:06 . 2008-03-10 17:08 <DIR> d-------- C:\ProgramData\Lavasoft 2008-03-10 17:06 . 2008-03-10 17:06 <DIR> d-------- C:\Program Files\Lavasoft 2008-03-10 17:05 . 2008-03-10 17:05 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2008-03-10 12:53 . 2008-03-10 13:30 1,318,147 ---hs---- C:\Windows\System32\xbalphdl.ini 2008-03-10 12:31 . 2008-03-10 12:42 1,317,855 ---hs---- C:\Windows\System32\umteyjnx.ini 2008-03-09 23:57 . 2008-03-10 12:38 <DIR> d-------- C:\Users\Francesca\AppData\Roaming\uTorrent 2008-03-09 23:57 . 2008-03-10 00:14 <DIR> d-------- C:\Program Files\uTorrent 2008-02-23 00:59 . 2008-02-23 00:59 <DIR> d-------- C:\Program Files\UUD32Win 2008-02-20 11:32 . 2008-03-04 14:14 69 --a------ C:\Windows\NeroDigital.ini 2008-02-20 01:06 . 2008-03-06 19:11 54,156 --ah----- C:\Windows\QTFont.qfn 2008-02-20 01:06 . 2008-02-20 01:06 1,409 --a------ C:\Windows\QTFont.for 2008-02-20 01:05 . 2008-02-20 01:05 <DIR> d-------- C:\Users\All Users\Apple Computer 2008-02-20 01:05 . 2008-02-20 01:05 <DIR> d-------- C:\Users\All Users\Apple 2008-02-20 01:05 . 2008-02-20 01:05 <DIR> d-------- C:\ProgramData\Apple Computer 2008-02-20 01:05 . 2008-02-20 01:05 <DIR> d-------- C:\ProgramData\Apple 2008-02-20 01:05 . 2008-02-20 01:05 <DIR> d-------- C:\Program Files\QuickTime 2008-02-20 01:05 . 2008-02-20 01:05 <DIR> d-------- C:\Program Files\Apple Software Update 2008-02-19 22:43 . 2008-02-19 22:43 <DIR> d-------- C:\Users\Francesca\AppData\Roaming\Nero 2008-02-19 22:40 . 2008-02-19 22:40 <DIR> d-------- C:\Users\All Users\Nero 2008-02-19 22:40 . 2008-02-19 22:40 <DIR> d-------- C:\ProgramData\Nero 2008-02-19 22:40 . 2008-02-19 22:40 <DIR> d-------- C:\Program Files\Nero 2008-02-19 22:40 . 2008-02-19 22:42 <DIR> d-------- C:\Program Files\Common Files\Nero 2008-02-19 20:48 . 2008-02-28 00:20 67 --a------ C:\Windows\DVDRegionFreeLite.INI 2008-02-19 17:16 . 2008-02-19 17:16 <DIR> d-------- C:\Program Files\Windows Live Toolbar 2008-02-19 17:16 . 2008-02-19 17:16 <DIR> d-------- C:\Program Files\Windows Live Favorites 2008-02-19 17:05 . 2008-02-19 21:32 <DIR> d-------- C:\Program Files\Windows Live 2008-02-19 17:05 . 2008-02-19 17:12 <DIR> d--hsc--- C:\Program Files\Common Files\WindowsLiveInstaller 2008-02-19 17:04 . 2008-02-19 17:04 <DIR> d-------- C:\Users\All Users\WLInstaller 2008-02-19 17:04 . 2008-02-19 17:04 <DIR> d-------- C:\ProgramData\WLInstaller 2008-02-19 08:36 . 2008-02-19 08:36 <DIR> d-------- C:\Windows\Sun 2008-02-18 22:18 . 2007-09-25 12:45 184,320 --a------ C:\Windows\System32\igfxres.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-03-12 08:48 --------- d-----w C:\Program Files\McAfee 2008-03-09 15:00 --------- d-----w C:\ProgramData\DVD Shrink 2008-03-09 13:29 --------- d-----w C:\Users\Francesca\AppData\Roaming\FileZilla 2008-02-26 18:34 --------- d-----w C:\ProgramData\Dell 2008-02-19 21:32 --------- d-----w C:\Program Files\Ahead 2008-02-03 13:41 --------- d-----w C:\Program Files\Picasa2 2008-01-29 13:51 --------- d--h--w C:\Program Files\InstallShield Installation Information 2008-01-29 13:50 --------- d-----w C:\Users\Francesca\AppData\Roaming\AgipaMaster 2008-01-29 13:50 --------- d-----w C:\Program Files\APLI-AGIPA 2008-01-22 17:02 --------- d-----w C:\Program Files\Common Files\xing shared 2008-01-22 17:01 --------- d-----w C:\Program Files\Real 2008-01-22 17:01 --------- d-----w C:\Program Files\Common Files\Real 2008-01-15 19:52 --------- d-----w C:\Program Files\Microsoft ActiveSync 2008-01-15 19:51 --------- d-----w C:\Program Files\Microsoft.NET 2008-01-15 12:23 --------- d-----w C:\Users\Francesca\AppData\Roaming\CyberLink 2008-01-15 12:23 --------- d-----w C:\ProgramData\CyberLink 2008-01-14 00:03 --------- d-----w C:\Program Files\Microsoft Games 2008-01-13 23:58 --------- d-----w C:\Users\Francesca\AppData\Roaming\Goodsol 2008-01-13 23:57 --------- d-----w C:\Program Files\FreeCell Wizard 2008-01-13 21:41 --------- d-----w C:\Users\Francesca\AppData\Roaming\vlc 2008-01-12 18:04 --------- d-----w C:\Program Files\Micro Application 2008-01-12 07:51 --------- d-----w C:\Users\Francesca\AppData\Roaming\Teleca 2007-12-27 19:58 1,327,104 ----a-w C:\Windows\System32\quartz.dll 2007-12-27 19:57 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL 2007-12-27 19:57 824,832 ----a-w C:\Windows\System32\wininet.dll 2007-12-27 19:57 56,320 ----a-w C:\Windows\System32\iesetup.dll 2007-12-27 19:57 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll 2007-12-27 19:57 26,624 ----a-w C:\Windows\System32\ieUnatt.exe 2007-12-27 19:57 223,232 ----a-w C:\Windows\System32\WMASF.DLL 2007-12-27 19:56 3,504,824 ----a-w C:\Windows\System32\ntkrnlpa.exe 2007-12-27 19:56 3,470,520 ----a-w C:\Windows\System32\ntoskrnl.exe 2007-12-27 19:50 53,080 ----a-w C:\Windows\System32\wuauclt.exe 2007-12-27 19:50 43,352 ----a-w C:\Windows\System32\wups2.dll 2007-12-27 19:50 1,712,984 ----a-w C:\Windows\System32\wuaueng.dll 2007-12-27 19:50 1,524,224 ----a-w C:\Windows\System32\wucltux.dll 2007-12-27 19:49 80,896 ----a-w C:\Windows\System32\wudriver.dll 2007-12-27 19:49 549,720 ----a-w C:\Windows\System32\wuapi.dll 2007-12-27 19:49 33,624 ----a-w C:\Windows\System32\wups.dll 2007-12-27 19:48 31,232 ----a-w C:\Windows\System32\wuapp.exe 2007-12-27 19:48 163,000 ----a-w C:\Windows\System32\wuwebv.dll 2007-12-21 09:34 229,888 ----a-w C:\Windows\System32\msshsq.dll 2007-12-21 09:33 87,040 ----a-w C:\Windows\System32\msoert2.dll 2007-12-21 09:33 750,080 ----a-w C:\Windows\System32\qmgr.dll 2007-12-21 09:33 39,424 ----a-w C:\Windows\System32\ACCTRES.dll 2007-12-21 09:33 205,824 ----a-w C:\Windows\System32\msoeacct.dll 2007-12-21 09:33 1,335,296 ----a-w C:\Windows\System32\msxml6.dll 2007-12-21 09:31 974,336 ----a-w C:\Windows\System32\crypt32.dll 2007-12-21 09:31 8,704 ----a-w C:\Windows\System32\hcrstco.dll 2007-12-21 09:31 8,704 ----a-w C:\Windows\System32\hccoin.dll 2007-12-21 09:31 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL 2007-12-21 09:31 788,992 ----a-w C:\Windows\System32\rpcrt4.dll 2007-12-21 09:31 7,680 ----a-w C:\Windows\System32\spwmp.dll 2007-12-21 09:31 633,856 ----a-w C:\Windows\System32\user32.dll 2007-12-21 09:31 4,096 ----a-w C:\Windows\System32\dxmasf.dll 2007-12-21 09:31 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll 2007-12-21 09:31 2,026,496 ----a-w C:\Windows\System32\win32k.sys 2007-12-21 09:28 84,480 ----a-w C:\Windows\System32\INETRES.dll 2007-12-21 09:28 737,792 ----a-w C:\Windows\System32\inetcomm.dll 2007-12-21 09:28 1,191,936 ----a-w C:\Windows\System32\msxml3.dll 2007-12-21 09:26 98,304 ----a-w C:\Windows\System32\mssitlb.dll 2007-12-21 09:25 22,016 ----a-w C:\Windows\System32\netiougc.exe 2007-12-21 09:25 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll 2007-12-21 09:25 160,872 ----a-w C:\Windows\System32\halmacpi.dll 2007-12-21 09:25 134,760 ----a-w C:\Windows\System32\halacpi.dll 2007-12-21 09:25 134,144 ----a-w C:\Windows\System32\rdpdd.dll 2007-12-21 01:39 174 --sha-w C:\Program Files\desktop.ini 2007-12-14 10:32 12,632 ----a-w C:\Windows\System32\lsdelete.exe 2005-08-04 20:40 19,684,864 ----a-w C:\Windows\Media\Themes\Aura\Aura_2_3_1_51.exe 2002-11-14 16:31 36,864 ----a-w C:\Windows\Media\Themes\Babbling Brook v1-5 dir\saver1.dll 2002-11-14 16:31 18,192 ----a-w C:\Windows\Media\Themes\Babbling Brook v1-5 dir\saver2.dll 1999-06-28 18:42 196,334 ----a-w C:\Windows\Media\Themes\MC Escher\MC Escher Logos\MC Escher Logo Setup.exe 1999-06-28 18:37 1,742,795 ----a-w C:\Windows\Media\Themes\MC Escher\MC Escher Screen Saver\MC Escher Screen Saver Setup.exe . <pre> ----a-r 409,600 2002-02-02 18:22:00 C:\DATA\Parametres_Perso\GAMES\pompier .exe </pre> ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0B3588E8-F285-49B2-8CE2-A073EABCB106}] C:\Windows\system32\tuvts.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{84bac754-c446-4b6d-95ec-913b394e9a3d}] C:\Windows\system32\ndbgworn.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B7B2B56B-F890-42E0-AD44-1616650DD13D}] C:\Windows\system32\ddcyw.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DellSupportCenter"="C:\Program Files\Dell Support Center\bin\sprtcmd.exe" [2007-11-15 10:23 202544] "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [ ] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-09-20 15:35 202024] "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 13:36 201728] "de325318"="C:\Windows\system32\jdjfgjfy.dll" [ ] "BMdd016084"="C:\Windows\system32\brcgkfhe.dll" [ ] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-12-21 10:27 1006264] "RtHDVCpl"="RtHDVCpl.exe" [2007-05-14 10:03 4452352 C:\Windows\RtHDVCpl.exe] "IgfxTray"="C:\Windows\system32\igfxtray.exe" [2007-09-25 12:46 141848] "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2007-09-25 12:45 154136] "Persistence"="C:\Windows\system32\igfxpers.exe" [2007-09-25 12:45 129560] "Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe" [ ] "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496] "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 14:00 174872] "ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2006-10-03 12:37 81920] "@"="" [] "RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" [2006-11-05 12:22 221184] "Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-12-21 02:54 1838592] "mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe" [2007-08-03 22:33 582992] "dscactivate"="C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" [2007-11-15 10:24 16384] "Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-06-13 08:16 528384] "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 15:57 153136] "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 09:51 1836328] "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-31 23:13 385024] "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-01-22 18:01 185896] "MSServer"="C:\Windows\system32\sstqo.dll" [ ] "BMdd016084"="C:\Windows\system32\brcgkfhe.dll" [ ] "de325318"="C:\Windows\system32\jdjfgjfy.dll" [ ] "combofix"="C:\Windows\system32\CF507.exe" [2006-11-02 10:44 320000] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{93994DE8-8239-4655-B1D1-5F4E91300429}"= C:\DATA\Soft\DVD Region+CSS Free Lite\DVDShell.dll [2004-10-09 14:18 49152] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL "LoadAppInit_DLLs"=1 (0x1) [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Acrobat Assistant.lnk] path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acrobat Assistant.lnk backup=C:\Windows\pss\Acrobat Assistant.lnk.CommonStartup backupExtension=.CommonStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] --a------ 2007-05-11 04:06 40048 C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Norton Save and Restore 2.0] --a------ 2007-02-13 19:57 2020968 C:\Program Files\Norton Save and Restore\Agent\VProTray.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv] --------- 2006-10-20 18:23 118784 C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl] --a------ 2003-10-27 02:04 32768 C:\Program Files\Roxio\Roxio DVDMax Player\PDVDServ.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RestartNeroSetup] C:\Users\FRANCE~1\AppData\Local\Temp\NERO13969\Setupx.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe] --a------ 2008-01-22 18:01 185896 C:\Program Files\Common Files\Real\Update_OB\realsched.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] --a------ 2007-12-20 16:16 37376 C:\Program Files\Winamp\winampa.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{CEB8F087-BCD1-4C9D-99D6-95D890B2530B}"= Profile=Private|Profile=Public|C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe:McAfee Network Agent|Desc=McAfee Network Agent "{CE952F5E-11AF-4A69-9F07-4F0D25DB78B0}"= TCP:2799:Altova License Metering Port (UDP) "{46D582E4-CD89-431D-99BB-41B441778370}"= UDP:2799:Altova License Metering Port (TCP) "{C4DFD80F-9175-4A97-9000-E5904C8A4C33}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)|Edge=TRUE| "{827537F2-DF2B-4797-8D90-B36A90CC2654}"= UDP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent "{3EE09781-0978-445B-B191-9C84B22891F6}"= TCP:C:\Program Files\uTorrent\uTorrent.exe:µTorrent [HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile] "EnableFirewall"= 0 (0x0) "DisableUnicastResponsesToMulticastBroadcast"= 1 (0x1) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System] "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic| [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile] "EnableFirewall"= 0 (0x0) R2 Norton Save and Restore;Norton Save and Restore;C:\Program Files\Norton Save and Restore\Agent\VProSvc.exe [2007-02-13 19:57] R2 RapiMgr;Windows Mobile-based device connectivity;C:\Windows\system32\svchost.exe [2006-11-02 10:45] R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter);C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2007-11-15 10:23] R2 WcesComm;Windows Mobile-2003-based device connectivity;C:\Windows\system32\svchost.exe [2006-11-02 10:45] R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-09-25 12:45] S2 0142961205311711mcinstcleanup;McAfee Application Installer Cleanup (0142961205311711);C:\Windows\TEMP\014296~1.EXE C:\PROGRA~1\COMMON~1\McAfee\INSTAL~1\cleanup.ini [] S3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 08:36] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc bthsvcs REG_MULTI_SZ BthServ WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr . Contents of the 'Scheduled Tasks' folder "2008-03-12 19:31:00 C:\Windows\Tasks\Check Updates for Windows Live Toolbar.job" - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE "2008-01-15 00:00:00 C:\Windows\Tasks\McDefragTask.job" - c:\PROGRA~1\mcafee\mqc\QcConsol.exe' "2008-02-29 23:59:59 C:\Windows\Tasks\McQcTask.job" - c:\PROGRA~1\mcafee\mqc\QcConsol.exe . ************************************************************************** catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-03-12 21:15:27 Windows 6.0.6000 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe C:\Program Files\McAfee\MPF\MPFSrv.exe C:\Program Files\McAfee\MSK\MskSrver.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe C:\Windows\system32\WUDFHost.exe C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe C:\PROGRA~1\McAfee.com\Agent\mcagent.exe C:\Windows\system32\conime.exe C:\Windows\WindowsMobile\wmdc.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\PROGRA~1\McAfee\VIRUSS~1\mcvsshld.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe . ************************************************************************** . Completion time: 2008-03-12 21:16:23 - machine was rebooted ComboFix-quarantined-files.txt 2008-03-12 20:16:20 . 2007-12-27 19:58:16 --- E O F ---

Bonjour, Merci de votre réponse. J'ai bien réalisé ce que vous indiquez, mais il m'est impossible de sauvegarder le rapport. Un message me dit que la sécurité de mon oridnateur n'autorise pas l'enregistrement de ce fichier sauf dans le "Temporary Internet Files", or il ne s'y trouve pas. Auriez vous une idée de ce qui peut me bloquer ? Pour information mon OS est Windows Vista. merci,

Bonjour, Suite à une infection par le virus Defense-Net-Surfage", qqn pourrait m'aider à analyser le logfile suivant et me donner des instructions pour éradiquer le virus, si possible? Pour info, je suis assez à l'aise dans le domaine informatique. merci, FC Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 13:32:03, on 11/03/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16575) Boot mode: Normal Running processes: C:\PROGRA~1\McAfee.com\Agent\mcagent.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Windows\WindowsMobile\wmdc.exe C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\Windows\system32\rundll32.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\rundll32.exe C:\Program Files\Windows Live Toolbar\msn_sl.exe C:\DATA\Soft\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://partnerpage.google.com/smallbiz.del...amp;ibd=3071221 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\sstqo.dll,#1 O4 - HKLM\..\Run: [bMdd016084] Rundll32.exe "C:\Windows\system32\brcgkfhe.dll",s O4 - HKLM\..\Run: [de325318] rundll32.exe "C:\Windows\system32\jdjfgjfy.dll",b O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\FRANCE~1\AppData\Local\Temp\cbxww.dll,#1 O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [MS Juan] rundll32 "C:\Users\FRANCE~1\AppData\Local\Temp\txcglybx.dll",run O4 - HKCU\..\Run: [bMdd016084] Rundll32.exe "C:\Users\FRANCE~1\AppData\Local\Temp\akdbwmyq.dll",s O4 - HKCU\..\Run: [de325318] rundll32.exe "C:\Users\FRANCE~1\AppData\Local\Temp\egpadtme.dll",b O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O13 - Gopher Prefix: O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL O23 - Service: McAfee Application Installer Cleanup (0325101205216945) (0325101205216945mcinstcleanup) - Unknown owner - C:\Windows\TEMP\032510~1.EXE (file missing) O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: Norton Save and Restore - Symantec Corporation - C:\Program Files\Norton Save and Restore\Agent\VProSvc.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe -- End of file - 9592 bytes