teufeyl

Je n'ai plus de problèmes d'infection sur mon PC. Je te remercie Pear d'avoir consacré du temps à moi et à mon problème d'infection. Grand merci à toi.

Voici le nouveau rapport : ComboFix 09-02-26.02 - akkara 2009-02-28 12:11:09.4 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.3070.2523 [GMT 1:00] Lancé depuis: c:\documents and settings\akkara\Bureau\10136.exe Commutateurs utilisés :: c:\documents and settings\akkara\Bureau\CFScript.txt.txt AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) * Un nouveau point de restauration a été créé FILE :: c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} C:\sqmdata01.sqm C:\sqmdata02.sqm C:\sqmnoopt01.sqm C:\sqmnoopt02.sqm c:\windows\siterskainSISW-991201kamui.sav . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Bonjour c:\program files\Bonjour\mdnsNSP.dll c:\program files\Bonjour\mDNSResponder.exe C:\sqmdata01.sqm C:\sqmdata02.sqm C:\sqmnoopt01.sqm C:\sqmnoopt02.sqm c:\windows\siterskainSISW-991201kamui.sav . ((((((((((((((((((((((((((((( Fichiers créés du 2009-01-28 au 2009-02-28 )))))))))))))))))))))))))))))))))))) . 2009-02-27 21:23 . 2009-02-27 21:23 <REP> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-02-27 20:58 . 2009-02-27 20:59 <REP> d-------- C:\Load-CF 2009-02-27 20:56 . 2009-02-27 21:00 <REP> d-------- C:\ComboFix 2009-02-26 13:31 . 2009-02-27 21:11 <REP> d-------- c:\program files\Spybot - Search & Destroy 2009-02-26 12:59 . 2009-02-26 12:59 <REP> d-------- c:\program files\Avira 2009-02-26 12:59 . 2009-02-26 12:59 <REP> d-------- c:\documents and settings\All Users\Application Data\Avira 2009-02-25 23:47 . 2009-02-25 23:47 579,584 --a--c--- c:\windows\system32\dllcache\user32.dll 2009-02-25 23:46 . 2009-02-25 23:46 <REP> d-------- c:\windows\ERUNT 2009-02-25 19:48 . 2008-06-19 16:24 28,544 --a------ c:\windows\system32\drivers\pavboot.sys 2009-02-25 19:47 . 2009-02-25 19:47 <REP> d-------- c:\program files\Panda Security 2009-02-25 19:42 . 2009-02-25 19:42 <REP> dr------- c:\documents and settings\LocalService\Favoris 2009-02-25 18:26 . 2009-02-25 18:34 <REP> d-------- c:\documents and settings\All Users\Application Data\Skype 2009-02-25 18:24 . 2009-02-25 18:24 <REP> d-------- c:\program files\Real 2009-02-25 18:24 . 2009-02-25 18:24 <REP> d-------- c:\program files\Fichiers communs\xing shared 2009-02-25 18:24 . 2009-02-25 18:24 <REP> d-------- c:\program files\Fichiers communs\Real 2009-02-25 18:18 . 2009-02-25 18:18 <REP> d-------- c:\windows\system32\runtime 2009-02-25 18:18 . 2009-02-25 18:19 <REP> d-------- c:\program files\Picasa2 2009-02-25 18:17 . 2009-02-25 19:18 <REP> d-------- c:\documents and settings\All Users\Application Data\Google Updater 2009-02-25 18:04 . 2009-02-25 18:37 <REP> d-a------ c:\documents and settings\All Users\Application Data\TEMP 2009-02-25 17:38 . 2009-02-25 17:38 <REP> d-------- c:\program files\Trend Micro 2009-02-24 23:44 . 2009-02-24 23:44 <REP> d-------- c:\documents and settings\akkara\Application Data\Crayon Physics Deluxe 2009-02-21 02:54 . 2008-04-13 19:33 159,232 --a------ c:\windows\system32\ptpusd.dll 2009-02-21 02:54 . 2008-04-13 11:45 15,104 --a------ c:\windows\system32\drivers\usbscan.sys 2009-02-21 02:54 . 2008-04-13 11:45 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys 2009-02-21 02:54 . 2001-08-23 17:47 5,632 --a------ c:\windows\system32\ptpusb.dll 2009-02-16 22:17 . 2009-02-16 22:24 <REP> d-------- c:\documents and settings\akkara\Application Data\vlc 2009-02-16 22:15 . 2009-02-16 22:15 <REP> d-------- c:\program files\VideoLAN 2009-02-08 15:31 . 2009-02-08 15:38 <REP> d-------- c:\program files\Tomb Raider - Underworld 2009-02-08 15:19 . 2009-02-08 15:20 <REP> d-------- c:\program files\MagicDisc 2009-02-08 15:19 . 2008-07-28 17:19 116,736 --a------ c:\windows\system32\drivers\mcdbus.sys 2009-02-01 04:25 . 2009-02-01 04:25 <REP> d-------- c:\documents and settings\akkara\Application Data\fltk.org 2009-01-30 22:29 . 2009-01-30 22:29 <REP> d-------- c:\program files\iTunes 2009-01-30 22:29 . 2009-01-30 22:29 <REP> d-------- c:\program files\iPod 2009-01-30 22:29 . 2009-01-30 22:29 <REP> d-------- c:\program files\Fichiers communs\Apple 2009-01-30 22:29 . 2009-01-30 22:29 <REP> d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2009-01-30 22:29 . 2008-04-17 13:12 107,368 --a------ c:\windows\system32\GEARAspi.dll 2009-01-30 22:29 . 2008-04-17 13:12 15,464 --a------ c:\windows\system32\drivers\GEARAspiWDM.sys 2009-01-30 22:22 . 2009-01-30 22:23 <REP> d-------- c:\program files\QuickTime 2009-01-30 22:22 . 2009-01-30 22:29 <REP> d-------- c:\documents and settings\All Users\Application Data\Apple Computer . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-02-28 11:14 22,528 ----a-w c:\windows\system32\drivers\nhcDriver.sys 2009-02-26 20:57 --------- d-----w c:\program files\FlashGet 2009-02-25 18:11 --------- d-----w c:\program files\Google 2009-02-25 12:49 --------- d-----w c:\program files\Vuze 2009-02-24 23:39 --------- d-----w c:\documents and settings\akkara\Application Data\Azureus 2009-01-30 21:30 --------- d-----w c:\documents and settings\akkara\Application Data\Apple Computer 2009-01-24 13:48 --------- d-----w c:\program files\Windows Media Connect 2 2009-01-23 21:40 --------- d-----w c:\documents and settings\akkara\Application Data\gtk-2.0 2009-01-18 17:16 --------- d-----w c:\program files\GIMP-2.0 2009-01-15 22:15 --------- d-----w c:\program files\CAPCOM 2009-01-11 16:34 --------- d-----w c:\program files\Rectangle 2009-01-03 12:12 --------- d-----w c:\program files\SpeedFan 2008-12-31 21:17 --------- d--h--w c:\program files\InstallShield Installation Information 2008-12-31 21:13 --------- d-----w c:\documents and settings\All Users\Application Data\Micro Application 2008-12-31 20:45 --------- d-----w c:\program files\Micro Application 2008-12-31 20:44 --------- d-----w c:\program files\Fichiers communs\InstallShield 2008-12-31 11:37 --------- d-----w c:\program files\movies 2008-12-31 00:24 --------- d-----w c:\documents and settings\akkara\Application Data\OHBADO 2008-12-28 23:29 --------- d-----w c:\program files\Notebook Hardware Control 2008-12-09 17:53 114 ----a-w c:\documents and settings\akkara\Application Data\wklnhst.dat 2008-10-22 22:16 74 --sh--r c:\windows\CT4CET.bin . ((((((((((((((((((((((((((((( SnapShot@2009-02-27_21.02.37,71 ))))))))))))))))))))))))))))))))))))))))) . + 2009-02-28 11:13:14 16,384 ----atw c:\windows\temp\Perflib_Perfdata_790.dat . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "ISUSPM"="c:\program files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" [2007-08-30 205480] "DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-14 206064] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] "Jnskdfmf9eldfd"="c:\windows\TEMP\csrssc.exe" [bU] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-02-21 159744] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-07-01 13537280] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-07-01 86016] "OEM13Mon.exe"="c:\windows\OEM13Mon.exe" [2008-07-16 36864] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-04 136600] "DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784] "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-06-30 2220032] "Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2008-02-22 1245184] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-05-23 128296] "DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-14 206064] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952] "IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2008-04-14 44032] "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168] "NotebookHardwareControl"="c:\program files\Notebook Hardware Control\nhc.exe" [2007-05-04 2629632] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2009-02-25 185896] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "RTHDCPL"="RTHDCPL.EXE" [2008-02-21 c:\windows\RTHDCPL.EXE] "nwiz"="nwiz.exe" [2008-07-01 c:\windows\system32\nwiz.exe] "NVHotkey"="nvHotkey.dll" [2008-07-01 c:\windows\system32\nvhotkey.dll] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\akkara\Menu D‚marrer\Programmes\D‚marrage\ MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2009-02-08 575488] OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-09-12 384000] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.divxa32"= msaud32_divx.acm [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\FlashGet\\flashget.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-02-25 28544] R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2008-10-23 51288] R3 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [2008-10-23 43608] R3 OEM13Afx;Provides a software interface to control audio effects of OEM013 camera.;c:\windows\system32\drivers\OEM13Afx.sys [2008-10-23 141376] R3 OEM13Vfx;Creative Camera OEM013 Video VFX Driver;c:\windows\system32\drivers\OEM13Vfx.sys [2008-10-23 7424] R3 OEM13Vid;Creative Camera OEM013 Driver;c:\windows\system32\drivers\OEM13Vid.sys [2008-10-23 235840] . Contenu du dossier 'Tâches planifiées' 2009-02-20 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] 2009-02-28 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-25 18:17] . . ------- Examen supplémentaire ------- . mWindow Title = uInternet Settings,ProxyOverride = *.local IE: &Tout télécharger avec FlashGet - c:\program files\FlashGet\jc_all.htm IE: &Télécharger avec FlashGet - c:\program files\FlashGet\jc_link.htm FF - ProfilePath - c:\documents and settings\akkara\Application Data\Mozilla\Firefox\Profiles\3mz07yb3.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ FF - prefs.js: keyword.URL - hxxp://xeoo.com/?p=url&a=firefox&k= FF - plugin: c:\program files\Google\Google Updater\2.4.1508.6312\npCIDetect13.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll FF - plugin: c:\program files\Picasa2\npPicasa2.dll ---- PARAMETRES FIREFOX ---- c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("pref.browser.homepage.disable_button.bookmark_page", false); c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("pref.browser.homepage.disable_button.current_page", false); c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("pref.browser.homepage.disable_button.restore_default", false); c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("browser.places.importBookmarksHTML", true); c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("browser.places.importDefaults", false); c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("browser.search.selectedEngine", "xeoo.com"); c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("keyword.URL", "http://xeoo.com/?p=url&a=firefox&k="); c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("browser.startup.homepage", "http://www.xeoo.com/?p=h&a=firefox"); . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-02-28 12:14:58 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ð0¤0¯0Ð0ó0Ç0£0Ã0Ä0 *¢0ó0¤0ó0¹0È0ü0ë0] "SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00, 00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ "Changed"=dword:00000000 [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Uninstall\Ð0¤0¯0Ð0ó0Ç0£0Ã0Ä0 *¢0ó0¤0ó0¹0È0ü0ë0] "UninstallString"="c:\\WINDOWS\\IsUn0411.exe -f\"c:\\Program Files\\??????\\?????????\\Uninst.isu\"" "DisplayName"="?????????" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(796) c:\windows\System32\BCMLogon.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\WLTRYSVC.EXE c:\windows\system32\BCMWLTRY.EXE c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\drivers\o2flash.exe c:\program files\Dell Support Center\bin\sprtsvc.exe c:\program files\DellTPad\ApMsgFwd.exe c:\program files\DellTPad\hidfind.exe c:\program files\DellTPad\ApntEx.exe c:\windows\system32\rundll32.exe c:\windows\system32\rundll32.exe c:\windows\system32\wscntfy.exe c:\program files\iPod\bin\iPodService.exe . ************************************************************************** . Heure de fin: 2009-02-28 12:17:06 - La machine a redémarré ComboFix-quarantined-files.txt 2009-02-28 11:17:04 ComboFix2.txt 2009-02-28 11:06:17 ComboFix3.txt 2009-02-27 20:08:35 ComboFix4.txt 2009-02-27 20:03:23 Avant-CF: 242 579 820 544 octets libres Après-CF: 242,567,618,560 octets libres 240 --- E O F --- 2009-02-27 20:51:30

voici le rapport de ComboFix ComboFix 09-02-26.02 - akkara 2009-02-27 21:06:59.2 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.3070.2506 [GMT 1:00] Lancé depuis: c:\load-cf\10136\10136.exe AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated) . ((((((((((((((((((((((((((((( Fichiers créés du 2009-01-27 au 2009-02-27 )))))))))))))))))))))))))))))))))))) . 2009-02-27 20:58 . 2009-02-27 20:59 <REP> d-------- C:\Load-CF 2009-02-27 20:56 . 2009-02-27 21:00 <REP> d-------- C:\ComboFix 2009-02-26 13:31 . 2009-02-27 21:05 <REP> d-------- c:\program files\Spybot - Search & Destroy 2009-02-26 13:31 . 2009-02-27 21:05 <REP> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-02-26 12:59 . 2009-02-26 12:59 <REP> d-------- c:\program files\Avira 2009-02-26 12:59 . 2009-02-26 12:59 <REP> d-------- c:\documents and settings\All Users\Application Data\Avira 2009-02-25 23:47 . 2009-02-25 23:47 579,584 --a--c--- c:\windows\system32\dllcache\user32.dll 2009-02-25 23:46 . 2009-02-25 23:46 <REP> d-------- c:\windows\ERUNT 2009-02-25 19:48 . 2008-06-19 16:24 28,544 --a------ c:\windows\system32\drivers\pavboot.sys 2009-02-25 19:47 . 2009-02-25 19:47 <REP> d-------- c:\program files\Panda Security 2009-02-25 19:42 . 2009-02-25 19:42 <REP> dr------- c:\documents and settings\LocalService\Favoris 2009-02-25 18:26 . 2009-02-25 18:34 <REP> d-------- c:\documents and settings\All Users\Application Data\Skype 2009-02-25 18:24 . 2009-02-25 18:24 <REP> d-------- c:\program files\Real 2009-02-25 18:24 . 2009-02-25 18:24 <REP> d-------- c:\program files\Fichiers communs\xing shared 2009-02-25 18:24 . 2009-02-25 18:24 <REP> d-------- c:\program files\Fichiers communs\Real 2009-02-25 18:19 . 2009-02-25 18:19 <REP> d-------- c:\program files\Norton Security Scan 2009-02-25 18:19 . 2009-02-25 18:19 <REP> d-------- c:\program files\Fichiers communs\Symantec Shared 2009-02-25 18:18 . 2009-02-25 18:18 <REP> d-------- c:\windows\system32\runtime 2009-02-25 18:18 . 2009-02-25 18:19 <REP> d-------- c:\program files\Picasa2 2009-02-25 18:17 . 2009-02-25 19:18 <REP> d-------- c:\documents and settings\All Users\Application Data\Google Updater 2009-02-25 18:04 . 2009-02-25 18:37 <REP> d-a------ c:\documents and settings\All Users\Application Data\TEMP 2009-02-25 17:38 . 2009-02-25 17:38 <REP> d-------- c:\program files\Trend Micro 2009-02-25 00:39 . 2009-02-25 00:39 15,000 --a------ C:\ARK328.tmp 2009-02-24 23:44 . 2009-02-24 23:44 <REP> d-------- c:\documents and settings\akkara\Application Data\Crayon Physics Deluxe 2009-02-21 02:54 . 2008-04-13 19:33 159,232 --a------ c:\windows\system32\ptpusd.dll 2009-02-21 02:54 . 2008-04-13 11:45 15,104 --a------ c:\windows\system32\drivers\usbscan.sys 2009-02-21 02:54 . 2008-04-13 11:45 15,104 --a--c--- c:\windows\system32\dllcache\usbscan.sys 2009-02-21 02:54 . 2001-08-23 17:47 5,632 --a------ c:\windows\system32\ptpusb.dll 2009-02-16 22:17 . 2009-02-16 22:24 <REP> d-------- c:\documents and settings\akkara\Application Data\vlc 2009-02-16 22:15 . 2009-02-16 22:15 <REP> d-------- c:\program files\VideoLAN 2009-02-08 15:31 . 2009-02-08 15:38 <REP> d-------- c:\program files\Tomb Raider - Underworld 2009-02-08 15:19 . 2009-02-08 15:20 <REP> d-------- c:\program files\MagicDisc 2009-02-08 15:19 . 2008-07-28 17:19 116,736 --a------ c:\windows\system32\drivers\mcdbus.sys 2009-02-07 01:32 . 2009-02-07 01:32 268 --ah----- C:\sqmdata02.sqm 2009-02-07 01:32 . 2009-02-07 01:32 244 --ah----- C:\sqmnoopt02.sqm 2009-02-06 00:55 . 2009-02-06 00:55 268 --ah----- C:\sqmdata01.sqm 2009-02-06 00:55 . 2009-02-06 00:55 244 --ah----- C:\sqmnoopt01.sqm 2009-02-01 04:25 . 2009-02-01 04:25 <REP> d-------- c:\documents and settings\akkara\Application Data\fltk.org 2009-01-31 20:46 . 2009-02-01 02:17 3,296 --a------ c:\windows\siterskainSISW-991201kamui.sav 2009-01-30 22:29 . 2009-01-30 22:29 <REP> d-------- c:\program files\iTunes 2009-01-30 22:29 . 2009-01-30 22:29 <REP> d-------- c:\program files\iPod 2009-01-30 22:29 . 2009-01-30 22:29 <REP> d-------- c:\program files\Fichiers communs\Apple 2009-01-30 22:29 . 2009-02-25 17:12 <REP> d-------- c:\program files\Bonjour 2009-01-30 22:29 . 2009-01-30 22:29 <REP> d-------- c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2009-01-30 22:29 . 2008-04-17 13:12 107,368 --a------ c:\windows\system32\GEARAspi.dll 2009-01-30 22:29 . 2008-04-17 13:12 15,464 --a------ c:\windows\system32\drivers\GEARAspiWDM.sys 2009-01-30 22:22 . 2009-01-30 22:23 <REP> d-------- c:\program files\QuickTime 2009-01-30 22:22 . 2009-01-30 22:29 <REP> d-------- c:\documents and settings\All Users\Application Data\Apple Computer . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2009-02-27 09:00 22,528 ----a-w c:\windows\system32\drivers\nhcDriver.sys 2009-02-26 20:57 --------- d-----w c:\program files\FlashGet 2009-02-25 18:11 --------- d-----w c:\program files\Google 2009-02-25 17:24 499,712 ----a-w c:\windows\system32\msvcp71.dll 2009-02-25 17:24 348,160 ----a-w c:\windows\system32\msvcr71.dll 2009-02-25 12:49 --------- d-----w c:\program files\Vuze 2009-02-24 23:39 --------- d-----w c:\documents and settings\akkara\Application Data\Azureus 2009-01-30 21:30 --------- d-----w c:\documents and settings\akkara\Application Data\Apple Computer 2009-01-24 13:48 --------- d-----w c:\program files\Windows Media Connect 2 2009-01-23 21:40 --------- d-----w c:\documents and settings\akkara\Application Data\gtk-2.0 2009-01-18 17:16 --------- d-----w c:\program files\GIMP-2.0 2009-01-15 22:15 --------- d-----w c:\program files\CAPCOM 2009-01-11 16:34 --------- d-----w c:\program files\Rectangle 2009-01-03 12:12 --------- d-----w c:\program files\SpeedFan 2008-12-31 21:17 --------- d--h--w c:\program files\InstallShield Installation Information 2008-12-31 21:13 --------- d-----w c:\documents and settings\All Users\Application Data\Micro Application 2008-12-31 20:45 --------- d-----w c:\program files\Micro Application 2008-12-31 20:44 --------- d-----w c:\program files\Fichiers communs\InstallShield 2008-12-31 11:37 --------- d-----w c:\program files\movies 2008-12-31 00:24 --------- d-----w c:\documents and settings\akkara\Application Data\OHBADO 2008-12-28 23:29 --------- d-----w c:\program files\Notebook Hardware Control 2008-12-09 20:40 107,888 ----a-w c:\windows\system32\CmdLineExt.dll 2008-12-09 17:53 114 ----a-w c:\documents and settings\akkara\Application Data\wklnhst.dat 2008-12-04 17:38 410,984 ----a-w c:\windows\system32\deploytk.dll 2008-10-22 22:16 74 --sh--r c:\windows\CT4CET.bin . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] "ISUSPM"="c:\program files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" [2007-08-30 205480] "DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-14 206064] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952] "MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184] "Jnskdfmf9eldfd"="c:\windows\TEMP\csrssc.exe" [bU] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="c:\program files\DellTPad\Apoint.exe" [2008-02-21 159744] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-07-01 13537280] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-07-01 86016] "OEM13Mon.exe"="c:\windows\OEM13Mon.exe" [2008-07-16 36864] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-12-04 136600] "DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784] "Broadcom Wireless Manager UI"="c:\windows\system32\WLTRAY.exe" [2008-06-30 2220032] "Dell QuickSet"="c:\program files\Dell\QuickSet\quickset.exe" [2008-02-22 1245184] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672] "dscactivate"="c:\program files\Dell Support Center\gs_agent\custom\dsca.exe" [2008-03-11 16384] "PDVDDXSrv"="c:\program files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" [2008-05-23 128296] "DellSupportCenter"="c:\program files\Dell Support Center\bin\sprtcmd.exe" [2008-08-14 206064] "IMJPMIG8.1"="c:\windows\IME\imjp8_1\IMJPMIG.EXE" [2008-04-14 208952] "IMEKRMIG6.1"="c:\windows\ime\imkr6_1\IMEKRMIG.EXE" [2008-04-14 44032] "MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2008-04-14 59392] "PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168] "PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2008-04-14 455168] "NotebookHardwareControl"="c:\program files\Notebook Hardware Control\nhc.exe" [2007-05-04 2629632] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-01-06 290088] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2009-02-25 185896] "avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497] "RTHDCPL"="RTHDCPL.EXE" [2008-02-21 c:\windows\RTHDCPL.EXE] "nwiz"="nwiz.exe" [2008-07-01 c:\windows\system32\nwiz.exe] "NVHotkey"="nvHotkey.dll" [2008-07-01 c:\windows\system32\nvhotkey.dll] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] c:\documents and settings\akkara\Menu D‚marrer\Programmes\D‚marrage\ MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2009-02-08 575488] OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-09-12 384000] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "msacm.divxa32"= msaud32_divx.acm [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "c:\\Program Files\\FlashGet\\flashget.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= R0 pavboot;pavboot;c:\windows\system32\drivers\pavboot.sys [2009-02-25 28544] R3 O2MDRDR;O2MDRDR;c:\windows\system32\drivers\o2media.sys [2008-10-23 51288] R3 O2SDRDR;O2SDRDR;c:\windows\system32\drivers\o2sd.sys [2008-10-23 43608] R3 OEM13Afx;Provides a software interface to control audio effects of OEM013 camera.;c:\windows\system32\drivers\OEM13Afx.sys [2008-10-23 141376] R3 OEM13Vfx;Creative Camera OEM013 Video VFX Driver;c:\windows\system32\drivers\OEM13Vfx.sys [2008-10-23 7424] R3 OEM13Vid;Creative Camera OEM013 Driver;c:\windows\system32\drivers\OEM13Vid.sys [2008-10-23 235840] . Contenu du dossier 'Tâches planifiées' 2009-02-20 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34] 2009-02-27 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-25 18:17] 2009-02-25 c:\windows\Tasks\Norton Security Scan for akkara.job - c:\program files\Norton Security Scan\Nss.exe [2008-09-19 04:18] . . ------- Examen supplémentaire ------- . mWindow Title = uInternet Settings,ProxyOverride = *.local IE: &Tout télécharger avec FlashGet - c:\program files\FlashGet\jc_all.htm IE: &Télécharger avec FlashGet - c:\program files\FlashGet\jc_link.htm FF - ProfilePath - c:\documents and settings\akkara\Application Data\Mozilla\Firefox\Profiles\3mz07yb3.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ FF - prefs.js: keyword.URL - hxxp://xeoo.com/?p=url&a=firefox&k= FF - plugin: c:\program files\Google\Google Updater\2.4.1508.6312\npCIDetect13.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll FF - plugin: c:\program files\Picasa2\npPicasa2.dll ---- PARAMETRES FIREFOX ---- c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("pref.browser.homepage.disable_button.bookmark_page", false); c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("pref.browser.homepage.disable_button.current_page", false); c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("pref.browser.homepage.disable_button.restore_default", false); c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("browser.places.importBookmarksHTML", true); c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("browser.places.importDefaults", false); c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("browser.search.selectedEngine", "xeoo.com"); c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("keyword.URL", "http://xeoo.com/?p=url&a=firefox&k="); c:\program files\Mozilla Firefox\defaults\profile\prefs.js - user_pref("browser.startup.homepage", "http://www.xeoo.com/?p=h&a=firefox"); . ************************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-02-27 21:07:32 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Ð0¤0¯0Ð0ó0Ç0£0Ã0Ä0 *¢0ó0¤0ó0¹0È0ü0ë0] "SlowInfoCache"=hex:28,02,00,00,00,00,00,00,ff,ff,ff,ff,ff,ff,ff,ff,00,00,00, 00,00,00,00,00,ff,ff,ff,ff,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ "Changed"=dword:00000000 [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Uninstall\Ð0¤0¯0Ð0ó0Ç0£0Ã0Ä0 *¢0ó0¤0ó0¹0È0ü0ë0] "UninstallString"="c:\\WINDOWS\\IsUn0411.exe -f\"c:\\Program Files\\??????\\?????????\\Uninst.isu\"" "DisplayName"="?????????" . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(792) c:\windows\System32\BCMLogon.dll . Heure de fin: 2009-02-27 21:08:34 ComboFix-quarantined-files.txt 2009-02-27 20:08:32 ComboFix2.txt 2009-02-27 20:03:23 Avant-CF: 242 664 759 296 octets libres Après-CF: 242,651,873,280 octets libres 208 --- E O F --- 2009-02-26 23:32:46

Je te remercie d'avoir répondu. Voici les rapports que tu m'as demandé. -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Processeur Intel Pentium III Xeon ) BIOS : Ver 1.00 USER : akkara ( Administrator ) BOOT : Fail-safe boot C:\ (Local Disk) - NTFS - Total:270 Go (Free:235 Go) D:\ (CD or DVD) E:\ (CD or DVD) F:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [2] ( 26/02/2009|12:36 ) -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\windows\\system32\\blank.htm" "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"'>http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Local Page"="C:\\windows\\system32\\blank.htm" "Start Page"="http://www.msn.com/"'>http://www.msn.com/" "Home_Page"="http://www1.euro.dell.com/content/default.aspx?c=fr&l=fr&s=gen"'>http://www1.euro.dell.com/content/default.aspx?c=fr&l=fr&s=gen" "Help_Page"="http://support.euro.dell.com/support/index.aspx?c=fr&l=fr&s=gen"'>http://support.euro.dell.com/support/index.aspx?c=fr&l=fr&s=gen" --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! 1 - "C:\ToolBar SD\TB_1.txt" - 25/02/2009|23:16 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 25/02/2009|23:18 - Option : [2] 3 - "C:\ToolBar SD\TB_3.txt" - 26/02/2009|12:34 - Option : [1] 4 - "C:\ToolBar SD\TB_4.txt" - 26/02/2009|12:36 - Option : [2] -----------\\ Fin du rapport a 12:36:16,43 Le 2ème rapport de ToolBar S&D -----------\\ ToolBar S&D 1.2.8 XP/Vista Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3 X86-based PC ( Multiprocessor Free : Processeur Intel Pentium III Xeon ) BIOS : Ver 1.00 USER : akkara ( Administrator ) BOOT : Fail-safe boot C:\ (Local Disk) - NTFS - Total:270 Go (Free:235 Go) D:\ (CD or DVD) E:\ (CD or DVD) F:\ (CD or DVD) "C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 ) Option : [2] ( 26/02/2009|12:36 ) -----------\\ Recherche de Fichiers / Dossiers ... -----------\\ [..\Internet Explorer\Main] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Local Page"="C:\\windows\\system32\\blank.htm" "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch" "Local Page"="C:\\windows\\system32\\blank.htm" "Start Page"="http://www.msn.com/" "Home_Page"="http://www1.euro.dell.com/content/default.aspx?c=fr&l=fr&s=gen" "Help_Page"="http://support.euro.dell.com/support/index.aspx?c=fr&l=fr&s=gen" --------------------\\ Recherche d'autres infections Aucune autre infection trouvée ! 1 - "C:\ToolBar SD\TB_1.txt" - 25/02/2009|23:16 - Option : [1] 2 - "C:\ToolBar SD\TB_2.txt" - 25/02/2009|23:18 - Option : [2] 3 - "C:\ToolBar SD\TB_3.txt" - 26/02/2009|12:34 - Option : [1] 4 - "C:\ToolBar SD\TB_4.txt" - 26/02/2009|12:36 - Option : [2] -----------\\ Fin du rapport a 12:36:16,43 Le 1er rapport SmitFraudFix v2.398 Rapport fait à 12:41:40,04, 26/02/2009 Executé à partir de C:\Documents and Settings\akkara\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{C5BF49A2-94F3-42BD-F434-3604812C8955}"="jgzfkj9w38rksndfi7r4" [HKEY_CLASSES_ROOT\CLSID\{C5BF49A2-94F3-42BD-F434-3604812C8955}\InProcServer32] @="C:\WINDOWS\system32\hhs3ijndfd.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{C5BF49A2-94F3-42BD-F434-3604812C8955}\InProcServer32] @="C:\WINDOWS\system32\hhs3ijndfd.dll" »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» VACFix VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix S!Ri's WS2Fix: LSP not Found. »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés »»»»»»»»»»»»»»»»»»»»»»»» IEDFix IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix Agent.OMZ.Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» RK »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CS3\Services\Tcpip\..\{F8152A39-F016-43D7-B1D2-13F715FAAB77}: DhcpNameServer=212.27.40.241 212.27.40.240 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240 »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{C5BF49A2-94F3-42BD-F434-3604812C8955}"="jgzfkj9w38rksndfi7r4" [HKEY_CLASSES_ROOT\CLSID\{C5BF49A2-94F3-42BD-F434-3604812C8955}\InProcServer32] @="C:\WINDOWS\system32\hhs3ijndfd.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{C5BF49A2-94F3-42BD-F434-3604812C8955}\InProcServer32] @="C:\WINDOWS\system32\hhs3ijndfd.dll" »»»»»»»»»»»»»»»»»»»»»»»» Fin Le 2ème rapport SmitFraudFix v2.398 Rapport fait à 12:41:40,04, 26/02/2009 Executé à partir de C:\Documents and Settings\akkara\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode sans echec »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{C5BF49A2-94F3-42BD-F434-3604812C8955}"="jgzfkj9w38rksndfi7r4" [HKEY_CLASSES_ROOT\CLSID\{C5BF49A2-94F3-42BD-F434-3604812C8955}\InProcServer32] @="C:\WINDOWS\system32\hhs3ijndfd.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{C5BF49A2-94F3-42BD-F434-3604812C8955}\InProcServer32] @="C:\WINDOWS\system32\hhs3ijndfd.dll" »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» VACFix VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix S!Ri's WS2Fix: LSP not Found. »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés »»»»»»»»»»»»»»»»»»»»»»»» IEDFix IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix Agent.OMZ.Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» RK »»»»»»»»»»»»»»»»»»»»»»»» DNS HKLM\SYSTEM\CS3\Services\Tcpip\..\{F8152A39-F016-43D7-B1D2-13F715FAAB77}: DhcpNameServer=212.27.40.241 212.27.40.240 HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240 »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{C5BF49A2-94F3-42BD-F434-3604812C8955}"="jgzfkj9w38rksndfi7r4" [HKEY_CLASSES_ROOT\CLSID\{C5BF49A2-94F3-42BD-F434-3604812C8955}\InProcServer32] @="C:\WINDOWS\system32\hhs3ijndfd.dll" [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{C5BF49A2-94F3-42BD-F434-3604812C8955}\InProcServer32] @="C:\WINDOWS\system32\hhs3ijndfd.dll" »»»»»»»»»»»»»»»»»»»»»»»» Fin Et le report de SDFIX SDFix: Version 1.240 Run by akkara on 26/02/2009 at 12:49 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Checking Services : Restoring Default Security Values Restoring Default Hosts File Rebooting Checking Files : No Trojan Files Found Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-02-26 12:53:34 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s1"=dword:2df9c43f "s2"=dword:110480d0 "h0"=dword:00000001 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "p0"="C:\Program Files\DAEMON Tools Lite\" "h0"=dword:00000000 "khjeh"=hex:3b,78,e6,5e,6f,ab,6a,f8,3c,fa,f2,c8,2e,fb,b6,31,3a,07,ef,72,9e,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,d0,11,12,0a,00,55,d0,28,00,69,58,c7,84,87,f6,9b,06,.. "khjeh"=hex:7d,f8,b9,9a,d4,7c,ed,53,9e,bf,e5,1d,ad,2a,df,f6,f4,e7,ad,88,3d,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:a9,8f,40,f0,bd,44,0c,0d,0c,b0,1b,dc,b2,72,7d,2a,20,ec,d5,3e,ff,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "p0"="C:\Program Files\DAEMON Tools Lite\" "h0"=dword:00000000 "khjeh"=hex:3b,78,e6,5e,6f,ab,6a,f8,3c,fa,f2,c8,2e,fb,b6,31,3a,07,ef,72,9e,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,d0,11,12,0a,00,55,d0,28,00,69,58,c7,84,87,f6,9b,06,.. "khjeh"=hex:7d,f8,b9,9a,d4,7c,ed,53,9e,bf,e5,1d,ad,2a,df,f6,f4,e7,ad,88,3d,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:a9,8f,40,f0,bd,44,0c,0d,0c,b0,1b,dc,b2,72,7d,2a,20,ec,d5,3e,ff,.. scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Vuze\\Azureus.exe"="C:\\Program Files\\Vuze\\Azureus.exe:*:Enabled:Azureus" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\\Program Files\\FlashGet\\flashget.exe"="C:\\Program Files\\FlashGet\\flashget.exe:*:Enabled:Flashget" "C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour" "C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Remaining Files : Files with Hidden Attributes : Wed 25 Feb 2009 6,108,728 A..H. --- "C:\Program Files\Picasa2\setup.exe" Sat 24 Jan 2009 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp" Finished!

Salut à tout le monde, Problème de virus depuis hier soir et ne connaissant presque rien en informatique, je vous demande votre aide si vous plaît. Je vous remercie de votre aide. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:03:41, on 25/02/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\DRIVERS\o2flash.exe C:\Program Files\Dell Support Center\bin\sprtsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\DellTPad\Apoint.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\OEM13Mon.exe C:\Program Files\DellTPad\ApMsgFwd.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\DellTPad\HidFind.exe C:\WINDOWS\system32\WLTRAY.exe C:\Program Files\DellTPad\Apntex.exe C:\Program Files\Dell\QuickSet\quickset.exe C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe C:\Program Files\Dell Support Center\bin\sprtcmd.exe C:\Program Files\Notebook Hardware Control\nhc.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://partnerpage.google.com/smallbiz.del...amp;ibd=5081023 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default....;l=fr&s=gen R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.euro.dell.com/content/default....;l=fr&s=gen R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/hws/sb/dell-row/fr/si...?channel=fr-smb R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = http://partnerpage.google.com/smallbiz.del...amp;ibd=5081023 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: C:\WINDOWS\system32\hhs3ijndfd.dll - {C5BF49A2-94F3-42BD-F434-3604812C8955} - C:\WINDOWS\system32\hhs3ijndfd.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [NVHotkey] rundll32.exe nvHotkey.dll,Start O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [OEM13Mon.exe] C:\WINDOWS\OEM13Mon.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s O4 - HKLM\..\Run: [broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe" O4 - HKLM\..\Run: [PDVDDXSrv] "C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe" O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [iMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [NotebookHardwareControl] "C:\Program Files\Notebook Hardware Control\nhc.exe" -quiet O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [jsf8uiw3jnjgffght] C:\DOCUME~1\akkara\LOCALS~1\Temp\winlognn.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [iSUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [jsf8uiw3jnjgffght] C:\DOCUME~1\akkara\LOCALS~1\Temp\winlognn.exe O4 - HKCU\..\Run: [Jnskdfmf9eldfd] C:\WINDOWS\TEMP\csrssc.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1228411756169 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1228424522421 O22 - SharedTaskScheduler: jgzfkj9w38rksndfi7r4 - {C5BF49A2-94F3-42BD-F434-3604812C8955} - C:\WINDOWS\system32\hhs3ijndfd.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O2FLASH - O2Micro International - C:\WINDOWS\system32\DRIVERS\o2flash.exe O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Fichiers communs\SureThing Shared\stllssvr.exe O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE -- End of file - 9390 bytes

Salut tout le monde, Ne connaissant pas grand en informatique, je m'inscris suite à une infection de mon PC . Je trouve ce forum d'aide d'une bonne initiative. Je vais de ce pas poster mon rapport hijackthis.