envahit de virus plein de fonction ne marche plus

Bonjour,

Télécharge combofix.exe (par sUBs) sur ton Bureau.

Double clique combofix.exe.

Tape sur la touche 1 (Yes) pour démarrer le scan.

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

voila apres le scan le log :

ComboFix 07-08-17.2 - "aurele" 2007-08-21 14:21:02.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.473 [GMT 2:00]
* Created a new restore point

/wow section not completed

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\d.exe
C:\WINDOWS\system32\4_exception.nls
C:\WINDOWS\system32\drivers\ip6fw.sys
C:\WINDOWS\system32\drivers\runtime2.sys
C:\WINDOWS\system32\llnmp.bak1
C:\WINDOWS\system32\llnmp.ini
C:\WINDOWS\system32\ntio256.sys
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\protector.exe
C:\WINDOWS\system32\vturr.dll
C:\WINDOWS\system32\xpdx.sys
C:\WINDOWS\system32\ylylffx.dat
C:\WINDOWS\system32\ylylffx.exe
C:\WINDOWS\system32\ylylffx_nav.dat
C:\WINDOWS\system32\ylylffx_navps.dat
D:\Autorun.inf
D:\DOCUME~1\aurele\APPLIC~1\..\new.txt
D:\DOCUME~1\aurele\APPLIC~1\install.dat
D:\DOCUME~1\olive\APPLIC~1\..\new.txt


((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


-------\LEGACY_CORE
-------\LEGACY_NTIO256
-------\LEGACY_NTMLSVC
-------\LEGACY_RUNTIME
-------\LEGACY_RUNTIME2
-------\core
-------\ntio256
-------\NtmlSvc
-------\runtime


((((((((((((((((((((((((( Files Created from 2007-07-21 to 2007-08-21 )))))))))))))))))))))))))))))))


2007-08-21 14:20 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-21 11:51 6,486 ---hs---- C:\WINDOWS\system32\sttss.bak1
2007-08-21 11:51 <REP> d-------- C:\Program Files\3B Software
2007-08-21 11:33 <REP> d-------- D:\DOCUME~1\aurele\APPLIC~1\Uniblue
2007-08-21 11:26 59,392 --a------ C:\arca.exe
2007-08-21 11:26 20,992 --a------ C:\aicxlt.exe
2007-08-21 11:26 <REP> d-------- C:\Program Files\Dealio
2007-08-21 11:25 <REP> d-------- C:\WINDOWS\Web Download
2007-08-19 20:42 2,463,976 --a------ C:\WINDOWS\system32\NPSWF32.dll
2007-08-19 20:42 190,696 --a------ C:\WINDOWS\system32\NPSWF32_FlashUtil.exe
2007-08-19 17:58 105,680 --a------ D:\DOCUME~1\olive\APPLIC~1\GDIPFONTCACHEV1.DAT
2007-08-19 17:23 <REP> d-------- C:\Program Files\Bonjour
2007-08-19 17:16 <REP> d-------- C:\Program Files\Fichiers communs\Macrovision Shared
2007-08-18 13:40 <REP> d-------- D:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
2007-08-17 19:45 <REP> d-------- D:\DOCUME~1\aurele\.DownloadManager
2007-08-14 20:19 <REP> d-------- C:\Program Files\iTunes
2007-08-14 20:19 <REP> d-------- C:\Program Files\iPod
2007-08-13 15:37 <REP> d-------- D:\DOCUME~1\LOCALS~1.004\APPLIC~1\X10 Commander
2007-08-13 15:30 1,572,864 --ah----- D:\DOCUME~1\NETWOR~1.004\NTUSER.DAT
2007-08-13 15:30 1,572,864 --ah----- D:\DOCUME~1\LOCALS~1.004\NTUSER.DAT
2007-08-11 20:01 8,388,608 --a------ D:\DOCUME~1\aurele\ntuser.dat
2007-08-11 12:32 <REP> d-------- D:\DOCUME~1\aurele\APPLIC~1\Azureus
2007-08-11 12:32 <REP> d-------- C:\Program Files\Azureus
2007-08-08 16:20 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll
2007-08-08 16:20 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll
2007-08-08 16:20 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll
2007-08-08 16:20 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll
2007-08-08 16:20 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2007-08-08 16:20 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-08-08 16:20 266,088 --a------ C:\WINDOWS\system32\xactengine2_8.dll
2007-08-08 16:20 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll
2007-08-08 16:20 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll
2007-08-08 16:20 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2007-08-08 16:20 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2007-08-08 16:20 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2007-08-08 16:20 18,280 --a------ C:\WINDOWS\system32\x3daudio1_2.dll
2007-08-08 16:20 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2007-08-08 16:20 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll
2007-08-08 16:20 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll
2007-08-08 16:19 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2007-08-08 16:19 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2007-08-07 16:01 <REP> d-------- C:\wamp
2007-08-06 18:05 <REP> d-------- D:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
2007-08-06 18:05 <REP> d-------- C:\Program Files\Skyline
2007-08-05 23:10 <REP> d-------- D:\DOCUME~1\olive\APPLIC~1\Google
2007-07-27 21:24 <REP> d-a------ D:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
2007-07-27 21:23 <REP> d-------- C:\Fraps
2007-07-27 20:56 <REP> d-------- C:\Program Files\VideoMach-3.4.1
2007-07-25 10:04 356,352 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2007-07-25 10:04 <REP> d-------- C:\NVIDIA
2007-07-24 11:43 <REP> d-------- C:\Program Files\Valve
2007-07-22 12:55 737,280 --a------ C:\WINDOWS\iun6002.exe
2007-07-22 12:55 135,168 --a------ C:\WINDOWS\system32\DSKernel2.dll
2007-07-22 12:55 1,936,528 --a------ C:\WINDOWS\system32\ltmm15.dll
2007-07-22 12:54 <REP> d-------- C:\Program Files\Replay Converter


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-08-21 14:25 0 --a------ C:\WINDOWS\system32\drivers\lvuvc.hs
2007-08-21 12:30 --------- d-------- C:\Program Files\UltimateZip
2007-08-21 12:09 --------- d-------- C:\Program Files\BitTorrent
2007-08-20 20:54 --------- d-------- C:\Program Files\mIRC
2007-08-20 19:37 --------- d-------- C:\Program Files\HLSW
2007-08-19 12:47 --------- d---s---- C:\Program Files\Xfire
2007-08-19 12:47 --------- d-------- D:\DOCUME~1\aurele\APPLIC~1\Xfire
2007-08-18 13:49 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-08-18 11:29 --------- d-------- D:\DOCUME~1\aurele\APPLIC~1\BitTorrent
2007-08-18 11:11 --------- d-------- C:\Program Files\WiPen
2007-08-16 20:55 --------- d-------- C:\Program Files\eMule
2007-08-14 20:18 --------- d-------- C:\Program Files\Apple Software Update
2007-08-06 19:32 --------- d-------- C:\Program Files\Google
2007-07-28 00:07 783224 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-07-28 00:02 94416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-07-28 00:02 92848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-07-28 00:00 23152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-07-27 23:59 42912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-07-27 23:58 26624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-07-27 23:57 95608 --a------ C:\WINDOWS\system32\AVASTSS.scr
2007-07-24 20:56 --------- d-------- D:\DOCUME~1\aurele\APPLIC~1\AdobeUM
2007-07-19 08:58 3583488 --a------ C:\WINDOWS\system32\dllcache\mshtml.dll
2007-07-15 12:07 --------- d-------- C:\Program Files\Windows Live
2007-07-15 12:07 --------- d-------- C:\Program Files\MSN Messenger
2007-07-15 11:13 --------- d-------- C:\Program Files\QuickTime
2007-07-15 11:12 --------- d-------- C:\Program Files\Fichiers communs\Apple
2007-07-13 01:30 765952 --------- C:\WINDOWS\system32\dllcache\vgx.dll
2007-07-12 09:12 81920 --a------ C:\WINDOWS\system32\frapsvid.dll
2007-07-05 08:00 22762248 --a------ C:\Program Files\avg75free_472a1024.exe
2007-07-04 18:40 212849 --a------ C:\Program Files\hijackthis.zip
2007-06-29 01:54 356352 --a------ C:\WINDOWS\system32\nvudisp.exe
2007-06-27 15:24 823808 --a------ C:\WINDOWS\system32\dllcache\wininet.dll
2007-06-27 15:24 671232 --a------ C:\WINDOWS\system32\dllcache\mstime.dll
2007-06-27 15:24 477696 --a------ C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-06-27 15:24 232960 --------- C:\WINDOWS\system32\dllcache\webcheck.dll
2007-06-27 15:24 193024 --a------ C:\WINDOWS\system32\dllcache\msrating.dll
2007-06-27 15:24 1152000 --a------ C:\WINDOWS\system32\dllcache\urlmon.dll
2007-06-27 15:24 105984 --------- C:\WINDOWS\system32\dllcache\url.dll
2007-06-27 15:24 102400 --------- C:\WINDOWS\system32\dllcache\occache.dll
2007-06-27 15:23 6058496 --------- C:\WINDOWS\system32\dllcache\ieframe.dll
2007-06-27 15:23 52224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-06-27 15:23 459264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-06-27 15:23 44544 --------- C:\WINDOWS\system32\dllcache\iernonce.dll
2007-06-27 15:23 27648 --a------ C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-06-27 15:23 267776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll
2007-06-27 15:22 384512 --------- C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-06-27 15:22 383488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-06-27 15:22 230400 --------- C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-06-27 15:22 153088 --------- C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-06-27 15:22 132608 --a------ C:\WINDOWS\system32\dllcache\extmgr.dll
2007-06-27 15:22 124928 --------- C:\WINDOWS\system32\dllcache\advpack.dll
2007-06-27 10:28 625152 --------- C:\WINDOWS\system32\dllcache\iexplore.exe
2007-06-27 10:27 63488 --------- C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-06-27 10:27 13824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-06-27 09:00 161792 --------- C:\WINDOWS\system32\dllcache\ieakui.dll
2007-06-26 10:27 366592 --a------ C:\WINDOWS\system32\dllcache\w3svc.dll
2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
2007-06-26 08:09 1104896 --------- C:\WINDOWS\system32\dllcache\msxml3.dll
2007-06-19 15:32 282112 --a------ C:\WINDOWS\system32\gdi32.dll
2007-06-19 15:32 282112 --------- C:\WINDOWS\system32\dllcache\gdi32.dll
2007-06-13 15:22 1037312 --a------ C:\WINDOWS\explorer.exe
2007-06-13 15:22 1037312 --------- C:\WINDOWS\system32\dllcache\explorer.exe
2007-06-01 08:20 51568 --a------ C:\WINDOWS\system32\sirenacm.dll
2007-05-31 19:43 703258 --a------ C:\Program Files\JUN2007_d3dx10_34_x64.cab
2007-05-31 19:43 701218 --a------ C:\Program Files\JUN2007_d3dx10_34_x86.cab
2007-05-31 19:43 44687 --a------ C:\Program Files\dxdllreg_x86.cab
2007-05-31 19:43 200646 --a------ C:\Program Files\JUN2007_XACT_x64.cab
2007-05-31 19:43 1611772 --a------ C:\Program Files\JUN2007_d3dx9_34_x64.cab
2007-05-31 19:43 1610203 --a------ C:\Program Files\JUN2007_d3dx9_34_x86.cab
2007-05-31 19:43 155892 --a------ C:\Program Files\JUN2007_XACT_x86.cab
2007-05-31 19:23 976020 --------- C:\Program Files\BDAXP.cab
2007-05-31 19:23 917318 --------- C:\Program Files\Apr2006_MDX1_x86.cab
2007-05-31 19:23 88102 --------- C:\Program Files\AUG2006_xinput_x64.cab
2007-05-31 19:23 87989 --------- C:\Program Files\Apr2006_xinput_x64.cab
2007-05-31 19:23 86925 --------- C:\Program Files\Oct2005_xinput_x64.cab
2007-05-31 19:23 86401 --a------ C:\Program Files\dxupdate.cab
2007-05-31 19:23 77160 --a------ C:\Program Files\DSETUP.dll
2007-05-31 19:23 702212 --------- C:\Program Files\APR2007_d3dx10_33_x64.cab
2007-05-31 19:23 699465 --------- C:\Program Files\APR2007_d3dx10_33_x86.cab
2007-05-31 19:23 56902 --------- C:\Program Files\APR2007_xinput_x86.cab
2007-05-31 19:23 503144 --a------ C:\Program Files\DXSETUP.exe
2007-05-31 19:23 47018 --------- C:\Program Files\AUG2006_xinput_x86.cab
2007-05-31 19:23 46898 --------- C:\Program Files\Apr2006_xinput_x86.cab
2007-05-31 19:23 46247 --------- C:\Program Files\Oct2005_xinput_x86.cab
2007-05-31 19:23 4163518 --------- C:\Program Files\Apr2006_MDX1_x86_Archive.cab
2007-05-31 19:23 213767 --------- C:\Program Files\DEC2006_d3dx10_00_x64.cab
2007-05-31 19:23 199366 --------- C:\Program Files\APR2007_XACT_x64.cab
2007-05-31 19:23 198275 --------- C:\Program Files\FEB2007_XACT_x64.cab
2007-05-31 19:23 193435 --------- C:\Program Files\DEC2006_XACT_x64.cab
2007-05-31 19:23 192680 --------- C:\Program Files\DEC2006_d3dx10_00_x86.cab
2007-05-31 19:23 183863 --------- C:\Program Files\AUG2006_XACT_x64.cab
2007-05-31 19:23 183321 --------- C:\Program Files\OCT2006_XACT_x64.cab
2007-05-31 19:23 181745 --------- C:\Program Files\JUN2006_XACT_x64.cab
2007-05-31 19:23 180021 --------- C:\Program Files\Apr2006_XACT_x64.cab
2007-05-31 19:23 179247 --------- C:\Program Files\Feb2006_XACT_x64.cab
2007-05-31 19:23 1673576 --a------ C:\Program Files\dsetup32.dll
2007-05-31 19:23 1610958 --------- C:\Program Files\APR2007_d3dx9_33_x64.cab
2007-05-31 19:23 1609639 --------- C:\Program Files\APR2007_d3dx9_33_x86.cab
2007-05-31 19:23 1575336 --------- C:\Program Files\DEC2006_d3dx9_32_x86.cab
2007-05-31 19:23 1572114 --------- C:\Program Files\DEC2006_d3dx9_32_x64.cab
2007-03-09 07:12:32 27,648 --sha-w C:\WINDOWS\system32\AVSredirect.dll


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A1CC0E5D-9C1D-4B4D-8FAC-F639A2AC6F01}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FEAC76B1-A6C9-9B33-2B8F-86AE22E3B02F}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PHIME2002A"="-C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" []
"ehTray"="-C:\WINDOWS\ehome\ehtray.exe" []
"IAAnotif"="-C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" []
"NvCplDaemon"="-C:\WINDOWS\system32\NvCpl.dll" []
"nwiz"="-nwiz.exe" []
"High Definition Audio Property Page Shortcut"="-HDAShCut.exe" []
"AzMixerSel"="-C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" []
"SunJavaUpdateSched"="-C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" []
"Vade Retro Outlook Express"="-C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" []
"Ulead AutoDetector v2"="-C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe" []
"IMJPMIG8.1"="-C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" []
"ACTIVBOARD"="-c:\apps\ABoard\ABoard.exe" []
"WiPen"="-C:\Program Files\WiPen\wpmanage.exe" []
"avast!"="-C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" []
"LogitechCommunicationsManager"="-C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" []
"LogitechQuickCamRibbon"="-C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" []
"DAEMON Tools"="-C:\Program Files\DAEMON Tools\daemon.exe" []
"RTHDCPL"="-RTHDCPL.EXE" []
"PHIME2002ASync"="-C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" []
"QuickTime Task"="-C:\Program Files\QuickTime\QTTask.exe" []
"NvMediaCenter"="-C:\WINDOWS\system32\NvMcTray.dll" []
"AVG7_CC"="-C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" []
"iTunesHelper"="-C:\Program Files\iTunes\iTunesHelper.exe" []
"au"="C:\Program Files\Dealio\DealioAU.exe" [2007-06-27 12:46]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 14:00]
"SpybotSD TeaTimer"="-C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" []
"BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" []
"msnmsgr"="-C:\Program Files\Windows Live\Messenger\msnmsgr.exe" []
"Steam"="-c:\progra~1\valve\steam\steam.exe" []
"updateMgr"="-C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" []
"Yahoo! Pager"="-C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" []
"RunDll"="-" []
"swg"="-C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" []
"Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" []
"Windows Registry Repair Pro"="C:\Program Files\3B Software\Windows Registry Repair Pro\RegistryRepairPro.exe" []

D:\Documents and Settings\aurele\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50]

D:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]
Microsoft Office.lnk - C:\Program Files\microsoft office\office10\OSA.EXE [2001-02-13 09:01:04]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoClose"=1 (0x1)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"system32"= {B0A6B7AD-7C01-4ABF-816D-AFCF170FDCD0} - sysprinters.dll [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkkifda]
jkkifda.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sstts]
C:\WINDOWS\system32\sstts.dll

R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP);C:\WINDOWS\system32\inetsrv\inetinfo.exe
R3 3xHybrid;3xHybrid service;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
R3 X10Hid;X10 Hid Device;C:\WINDOWS\system32\Drivers\x10hid.sys
S3 driverhardwarev2;driverhardwarev2;-\??\C:\Program Files\HardwareDetection\driverhardwarev2.sys
S3 iatmunin;iatmunin;\??\D:\DOCUME~1\aurele\LOCALS~1\Temp\iatmunin.sys
S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys
S3 wampapache;wampapache;"c:\wamp\apache2\bin\httpd.exe" -k runservice
S3 wampmysqld;wampmysqld;c:\wamp\mysql\bin\mysqld-nt.exe --defaults-file=c:\wamp\mysql\my.ini wampmysqld
S3 XUIF;X10 USB Wireless Transceiver;C:\WINDOWS\system32\Drivers\x10ufx2.sys


Contents of the 'Scheduled Tasks' folder
2007-08-21 12:00:00 C:\WINDOWS\Tasks\AC84254A93F7CE3E.job - d:\docume~1\aurele\applic~1\gramad~1\4 multi option.exe
2007-08-14 18:18:53 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
2007-08-21 12:00:00 C:\WINDOWS\Tasks\Extension de garantie.job - C:\APPS\SMP\PBCARNOT.EXE
2007-08-21 12:00:00 C:\WINDOWS\Tasks\Master CD_DVD Creator.job - C:\Apps\SMP\MCDCHECK.EXE

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-21 14:26:16
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-08-21 14:27:08 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-08-21 14:27

--- E O F ---

Reposte un rapport Hijackthis.

voila le rapport hijackthis :

Logfile of HijackThis v1.99.1
Scan saved at 15:05:30, on 21/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Valve\Steam\Steam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
c:\program files\valve\steam\steamapps\tmpsteam532\counter-strike source\hl2.exe
C:\PROGRA~1\ULTIMA~1\uzip.exe
D:\DOCUME~1\AURELE\LOCALS~1\TEMP\UZ_6171\HIJACKTHIS.EXE
C:\WINDOWS\system32\taskmgr.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ogame.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb106\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A1CC0E5D-9C1D-4B4D-8FAC-F639A2AC6F01} - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: (no name) - {F156768E-81EF-470C-9057-481BA8380DBA} - (no file)
O2 - BHO: (no name) - {FEAC76B1-A6C9-9B33-2B8F-86AE22E3B02F} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb106\Dealio.dll
O4 - HKLM\..\Run: [PHIME2002A] -C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] -C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [IAAnotif] -C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [NvCplDaemon] -RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] -nwiz.exe /install
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] -HDAShCut.exe
O4 - HKLM\..\Run: [AzMixerSel] -C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] -"C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [Vade Retro Outlook Express] -"C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] -C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] -"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] -c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [WiPen] -C:\Program Files\WiPen\wpmanage.exe
O4 - HKLM\..\Run: [avast!] -C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] -"C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] -"C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [DAEMON Tools] -"C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [RTHDCPL] -RTHDCPL.EXE
O4 - HKLM\..\Run: [PHIME2002ASync] -C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [QuickTime Task] -"C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] -RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG7_CC] -C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [iTunesHelper] -"C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] -C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [msnmsgr] -"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Steam] -"c:\progra~1\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [updateMgr] -C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [Yahoo! Pager] -"C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [RunDll] -
O4 - HKCU\..\Run: [swg] -C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\office10\OSA.EXE
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\Yahoo!\YPSR\Quarantine\ppq64.tmp\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\Yahoo!\YPSR\Quarantine\ppq64.tmp\jc_link.htm
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Program Files\Dealio\kb106\res\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb106\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} -
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} -
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yins...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} -
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: jkkifda - jkkifda.dll (file missing)
O20 - Winlogon Notify: sstts - C:\WINDOWS\system32\sstts.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: system32 - {B0A6B7AD-7C01-4ABF-816D-AFCF170FDCD0} - sysprinters.dll (file missing)
O23 - Service: Adobe LM Service - Unknown owner - -"C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - -C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe (file missing)
O23 - Service: Apple Mobile Device - Unknown owner - -"C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - -"C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (file missing)
O23 - Service: avast! Antivirus - Unknown owner - -"C:\Program Files\Alwil Software\Avast4\ashServ.exe (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - -"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Unknown owner - -"C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Unknown owner - -C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - -"C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe (file missing)
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - -"C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Process Monitor (LVPrcSrv) - Unknown owner - -c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe (file missing)
O23 - Service: LVSrvLauncher - Unknown owner - -C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe (file missing)
O23 - Service: Machine Debug Manager (MDM) - Unknown owner - -"C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Unknown owner - -C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe (file missing)
O23 - Service: Service Messenger Sharing Folders USN Journal Reader (usnjsvc) - Unknown owner - -"C:\Program Files\Windows Live\Messenger\usnsvc.exe (file missing)
O23 - Service: wampapache - Unknown owner - c:\wamp\apache2\bin\httpd.exe" -k runservice (file missing)
O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - -"C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing)
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - -"C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing)
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - -C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe (file missing)

Re,

Petite vérification.

Télécharge Navilog1.exe (IL-MAFIOSO)
Enregistre-le sur ton Bureau.
Lance l'installation en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)

Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
[#ff0000]! N'utilise pas l'option 2, 3 et 4 sans notre accord ![/#f]
Patiente jusqu'à l'apparition de ce message :
"*** Analyse Termine le ..... ***"
Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste-nous son contenu de cette manière :

-> Edition / Sélectionner tout
-> Edition / Copier
-> Clique-Droit / Coller dans ta réponse

NOTE : Le rapport se trouve également ici : C:\fixnavi.txt

Search Navipromo version 2.0.9 commencé le 21/08/2007 à 15:20:43,34

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!

Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 20.08.2007 a 22h30 by IL-MAFIOSO

Executé en mode normal

*** Recherche Programmes installes ***




*** Recherche dossiers dans C:\WINDOWS ***




*** Recherche dossiers dans C:\Program Files ***




*** Recherche dossiers dans D:\Documents and Settings\All Users\Application Data ***




*** Recherche dossiers dans D:\Documents and Settings\aurele\Application Data ***



*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
http://www.f-secure.com/blacklight/blacklight_help.html


F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR
======================================

Copyright 2005-2006 F-Secure Corporation. All rights reserved.
This is a beta version. It will expire on 1st of October, 2007.
Version information: 2.2.1064.

[+] Started on 08/21/07 at 15:20:44.
[+] Initializing ...
[+] Starting scan, press Ctrl-C to abort.
[+] Scanning for hidden items ................................................................
[+] Scan complete.
[+] Summary: 0 hidden item(s) found, 0 scheduled for renaming.
[+] Exited on 08/21/07 at 15:26:11 (return code = 0).


*** Recherche avec GenericNaviSearch ***
!!! Tous Ces résultats peuvent révéler des fichiers légitimes !!!
!!! A verifier impérativement avant toute suppression manuelle !!!

Fichiers trouvés :

Aucun Fichier trouvé !

Fichiers suspects :

Aucun Fichier suspect trouvé !



*** Recherche fichiers ***




*** Recherche cles registre ***


Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]



Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]



Recherche Clé Magic Control



*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche fichiers connus:

C:\WINDOWS\system32\sttss.bak1 trouvé ! infection Vundo possible non traité par cet outil !

2)Recherche Heuristique :
*
**
***
****
*****
******
*******
********


3)Recherche Certificats :

Certificat Egroup absent !


*** Analyse Terminé le 21/08/2007 à 15:27:31,31 ***

Plus de Egdaccess.

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.

Double-clique VundoFix.exe afin de le lancer

Clique sur le bouton Scan for Vundo

Lorsque le scan est complété, clique sur le bouton Remove Vundo

Une invite te demandera si tu veux supprimer les fichiers, clique YES

Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers

Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK

Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse
Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".

j'ai lancé ton logiciel et il n'a rien trouvé donc je n'ai pas eu besoin de faire remove undo. Mon bouton arreter l'ordinateur est reaparru seulement les autres erreurs sont toujours presentes. Je poste le rapport hijackthis quand même :

Logfile of HijackThis v1.99.1
Scan saved at 16:11:47, on 21/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Valve\Steam\Steam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\ULTIMA~1\uzip.exe
D:\DOCUME~1\AURELE\LOCALS~1\TEMP\UZ_8480\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ogame.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb106\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A1CC0E5D-9C1D-4B4D-8FAC-F639A2AC6F01} - (no file)
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: (no name) - {F156768E-81EF-470C-9057-481BA8380DBA} - (no file)
O2 - BHO: (no name) - {FEAC76B1-A6C9-9B33-2B8F-86AE22E3B02F} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb106\Dealio.dll
O4 - HKLM\..\Run: [PHIME2002A] -C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] -C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [IAAnotif] -C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [NvCplDaemon] -RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] -nwiz.exe /install
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] -HDAShCut.exe
O4 - HKLM\..\Run: [AzMixerSel] -C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] -"C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [Vade Retro Outlook Express] -"C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] -C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] -"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] -c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [WiPen] -C:\Program Files\WiPen\wpmanage.exe
O4 - HKLM\..\Run: [avast!] -C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] -"C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] -"C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [DAEMON Tools] -"C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [RTHDCPL] -RTHDCPL.EXE
O4 - HKLM\..\Run: [PHIME2002ASync] -C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [QuickTime Task] -"C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] -RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG7_CC] -C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [iTunesHelper] -"C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] -C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [msnmsgr] -"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Steam] -"c:\progra~1\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [updateMgr] -C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [Yahoo! Pager] -"C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [RunDll] -
O4 - HKCU\..\Run: [swg] -C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\office10\OSA.EXE
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\Yahoo!\YPSR\Quarantine\ppq64.tmp\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\Yahoo!\YPSR\Quarantine\ppq64.tmp\jc_link.htm
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Program Files\Dealio\kb106\res\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb106\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} -
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} -
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yins...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} -
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: jkkifda - jkkifda.dll (file missing)
O20 - Winlogon Notify: sstts - C:\WINDOWS\system32\sstts.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: system32 - {B0A6B7AD-7C01-4ABF-816D-AFCF170FDCD0} - sysprinters.dll (file missing)
O23 - Service: Adobe LM Service - Unknown owner - -"C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - -C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe (file missing)
O23 - Service: Apple Mobile Device - Unknown owner - -"C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - -"C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (file missing)
O23 - Service: avast! Antivirus - Unknown owner - -"C:\Program Files\Alwil Software\Avast4\ashServ.exe (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - -"C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Unknown owner - -"C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Unknown owner - -C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - -"C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe (file missing)
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - -"C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Process Monitor (LVPrcSrv) - Unknown owner - -c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe (file missing)
O23 - Service: LVSrvLauncher - Unknown owner - -C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe (file missing)
O23 - Service: Machine Debug Manager (MDM) - Unknown owner - -"C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Unknown owner - -C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe (file missing)
O23 - Service: Service Messenger Sharing Folders USN Journal Reader (usnjsvc) - Unknown owner - -"C:\Program Files\Windows Live\Messenger\usnsvc.exe (file missing)
O23 - Service: wampapache - Unknown owner - c:\wamp\apache2\bin\httpd.exe" -k runservice (file missing)
O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - -"C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing)
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - -"C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing)
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - -C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe (file missing)

Refais un scan Combofix.

ComboFix 07-08-17.2 - "aurele" 2007-08-21 17:01:38.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.552 [GMT 2:00]


((((((((((((((((((((((((( Files Created from 2007-07-21 to 2007-08-21 )))))))))))))))))))))))))))))))


2007-08-21 16:06 <REP> d-------- C:\VundoFix Backups
2007-08-21 15:18 <REP> d-------- C:\Program Files\Navilog1
2007-08-21 14:20 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-21 11:51 6,486 --------- C:\WINDOWS\system32\sttss.bak1
2007-08-21 11:51 <REP> d-------- C:\Program Files\3B Software
2007-08-21 11:33 <REP> d-------- D:\DOCUME~1\aurele\APPLIC~1\Uniblue
2007-08-21 11:26 59,392 --a------ C:\arca.exe
2007-08-21 11:26 20,992 --a------ C:\aicxlt.exe
2007-08-21 11:26 <REP> d-------- C:\Program Files\Dealio
2007-08-21 11:25 <REP> d-------- C:\WINDOWS\Web Download
2007-08-19 20:42 2,463,976 --a------ C:\WINDOWS\system32\NPSWF32.dll
2007-08-19 20:42 190,696 --a------ C:\WINDOWS\system32\NPSWF32_FlashUtil.exe
2007-08-19 17:58 105,680 --a------ D:\DOCUME~1\olive\APPLIC~1\GDIPFONTCACHEV1.DAT
2007-08-19 17:23 <REP> d-------- C:\Program Files\Bonjour
2007-08-19 17:16 <REP> d-------- C:\Program Files\Fichiers communs\Macrovision Shared
2007-08-18 13:40 <REP> d-------- D:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
2007-08-17 19:45 <REP> d-------- D:\DOCUME~1\aurele\.DownloadManager
2007-08-14 20:19 <REP> d-------- C:\Program Files\iTunes
2007-08-14 20:19 <REP> d-------- C:\Program Files\iPod
2007-08-13 15:37 <REP> d-------- D:\DOCUME~1\LOCALS~1.004\APPLIC~1\X10 Commander
2007-08-13 15:30 1,572,864 --ah----- D:\DOCUME~1\NETWOR~1.004\NTUSER.DAT
2007-08-13 15:30 1,572,864 --ah----- D:\DOCUME~1\LOCALS~1.004\NTUSER.DAT
2007-08-11 20:01 8,388,608 --a------ D:\DOCUME~1\aurele\ntuser.dat
2007-08-11 12:32 <REP> d-------- D:\DOCUME~1\aurele\APPLIC~1\Azureus
2007-08-11 12:32 <REP> d-------- C:\Program Files\Azureus
2007-08-08 16:20 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll
2007-08-08 16:20 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll
2007-08-08 16:20 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll
2007-08-08 16:20 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll
2007-08-08 16:20 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2007-08-08 16:20 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-08-08 16:20 266,088 --a------ C:\WINDOWS\system32\xactengine2_8.dll
2007-08-08 16:20 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll
2007-08-08 16:20 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll
2007-08-08 16:20 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2007-08-08 16:20 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2007-08-08 16:20 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2007-08-08 16:20 18,280 --a------ C:\WINDOWS\system32\x3daudio1_2.dll
2007-08-08 16:20 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2007-08-08 16:20 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll
2007-08-08 16:20 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll
2007-08-08 16:19 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2007-08-08 16:19 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2007-08-07 16:01 <REP> d-------- C:\wamp
2007-08-06 18:05 <REP> d-------- D:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
2007-08-06 18:05 <REP> d-------- C:\Program Files\Skyline
2007-08-05 23:10 <REP> d-------- D:\DOCUME~1\olive\APPLIC~1\Google
2007-07-27 21:24 <REP> d-a------ D:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
2007-07-27 21:23 <REP> d-------- C:\Fraps
2007-07-27 20:56 <REP> d-------- C:\Program Files\VideoMach-3.4.1
2007-07-25 10:04 356,352 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2007-07-25 10:04 <REP> d-------- C:\NVIDIA
2007-07-24 11:43 <REP> d-------- C:\Program Files\Valve
2007-07-22 12:55 737,280 --a------ C:\WINDOWS\iun6002.exe
2007-07-22 12:55 135,168 --a------ C:\WINDOWS\system32\DSKernel2.dll
2007-07-22 12:55 1,936,528 --a------ C:\WINDOWS\system32\ltmm15.dll
2007-07-22 12:54 <REP> d-------- C:\Program Files\Replay Converter


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-08-21 17:01 --------- d-------- C:\Program Files\HLSW
2007-08-21 16:14 0 --a------ C:\WINDOWS\system32\drivers\lvuvc.hs
2007-08-21 16:11 --------- d-------- C:\Program Files\UltimateZip
2007-08-21 12:09 --------- d-------- C:\Program Files\BitTorrent
2007-08-20 20:54 --------- d-------- C:\Program Files\mIRC
2007-08-19 12:47 --------- d---s---- C:\Program Files\Xfire
2007-08-19 12:47 --------- d-------- D:\DOCUME~1\aurele\APPLIC~1\Xfire
2007-08-18 13:49 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-08-18 11:29 --------- d-------- D:\DOCUME~1\aurele\APPLIC~1\BitTorrent
2007-08-18 11:11 --------- d-------- C:\Program Files\WiPen
2007-08-16 20:55 --------- d-------- C:\Program Files\eMule
2007-08-14 20:18 --------- d-------- C:\Program Files\Apple Software Update
2007-08-06 19:32 --------- d-------- C:\Program Files\Google
2007-07-28 00:07 783224 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-07-28 00:02 94416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-07-28 00:02 92848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-07-28 00:00 23152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-07-27 23:59 42912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-07-27 23:58 26624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-07-27 23:57 95608 --a------ C:\WINDOWS\system32\AVASTSS.scr
2007-07-24 20:56 --------- d-------- D:\DOCUME~1\aurele\APPLIC~1\AdobeUM
2007-07-19 08:58 3583488 --a------ C:\WINDOWS\system32\dllcache\mshtml.dll
2007-07-15 12:07 --------- d-------- C:\Program Files\Windows Live
2007-07-15 12:07 --------- d-------- C:\Program Files\MSN Messenger
2007-07-15 11:13 --------- d-------- C:\Program Files\QuickTime
2007-07-15 11:12 --------- d-------- C:\Program Files\Fichiers communs\Apple
2007-07-13 01:30 765952 --------- C:\WINDOWS\system32\dllcache\vgx.dll
2007-07-12 09:12 81920 --a------ C:\WINDOWS\system32\frapsvid.dll
2007-07-05 08:00 22762248 --a------ C:\Program Files\avg75free_472a1024.exe
2007-07-04 18:40 212849 --a------ C:\Program Files\hijackthis.zip
2007-06-29 01:54 356352 --a------ C:\WINDOWS\system32\nvudisp.exe
2007-06-27 15:24 823808 --a------ C:\WINDOWS\system32\dllcache\wininet.dll
2007-06-27 15:24 671232 --a------ C:\WINDOWS\system32\dllcache\mstime.dll
2007-06-27 15:24 477696 --a------ C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-06-27 15:24 232960 --------- C:\WINDOWS\system32\dllcache\webcheck.dll
2007-06-27 15:24 193024 --a------ C:\WINDOWS\system32\dllcache\msrating.dll
2007-06-27 15:24 1152000 --a------ C:\WINDOWS\system32\dllcache\urlmon.dll
2007-06-27 15:24 105984 --------- C:\WINDOWS\system32\dllcache\url.dll
2007-06-27 15:24 102400 --------- C:\WINDOWS\system32\dllcache\occache.dll
2007-06-27 15:23 6058496 --------- C:\WINDOWS\system32\dllcache\ieframe.dll
2007-06-27 15:23 52224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-06-27 15:23 459264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-06-27 15:23 44544 --------- C:\WINDOWS\system32\dllcache\iernonce.dll
2007-06-27 15:23 27648 --a------ C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-06-27 15:23 267776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll
2007-06-27 15:22 384512 --------- C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-06-27 15:22 383488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-06-27 15:22 230400 --------- C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-06-27 15:22 153088 --------- C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-06-27 15:22 132608 --a------ C:\WINDOWS\system32\dllcache\extmgr.dll
2007-06-27 15:22 124928 --------- C:\WINDOWS\system32\dllcache\advpack.dll
2007-06-27 10:28 625152 --------- C:\WINDOWS\system32\dllcache\iexplore.exe
2007-06-27 10:27 63488 --------- C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-06-27 10:27 13824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-06-27 09:00 161792 --------- C:\WINDOWS\system32\dllcache\ieakui.dll
2007-06-26 10:27 366592 --a------ C:\WINDOWS\system32\dllcache\w3svc.dll
2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
2007-06-26 08:09 1104896 --------- C:\WINDOWS\system32\dllcache\msxml3.dll
2007-06-19 15:32 282112 --a------ C:\WINDOWS\system32\gdi32.dll
2007-06-19 15:32 282112 --------- C:\WINDOWS\system32\dllcache\gdi32.dll
2007-06-13 15:22 1037312 --a------ C:\WINDOWS\explorer.exe
2007-06-13 15:22 1037312 --------- C:\WINDOWS\system32\dllcache\explorer.exe
2007-06-01 08:20 51568 --a------ C:\WINDOWS\system32\sirenacm.dll
2007-05-31 19:43 703258 --a------ C:\Program Files\JUN2007_d3dx10_34_x64.cab
2007-05-31 19:43 701218 --a------ C:\Program Files\JUN2007_d3dx10_34_x86.cab
2007-05-31 19:43 44687 --a------ C:\Program Files\dxdllreg_x86.cab
2007-05-31 19:43 200646 --a------ C:\Program Files\JUN2007_XACT_x64.cab
2007-05-31 19:43 1611772 --a------ C:\Program Files\JUN2007_d3dx9_34_x64.cab
2007-05-31 19:43 1610203 --a------ C:\Program Files\JUN2007_d3dx9_34_x86.cab
2007-05-31 19:43 155892 --a------ C:\Program Files\JUN2007_XACT_x86.cab
2007-05-31 19:23 976020 --------- C:\Program Files\BDAXP.cab
2007-05-31 19:23 917318 --------- C:\Program Files\Apr2006_MDX1_x86.cab
2007-05-31 19:23 88102 --------- C:\Program Files\AUG2006_xinput_x64.cab
2007-05-31 19:23 87989 --------- C:\Program Files\Apr2006_xinput_x64.cab
2007-05-31 19:23 86925 --------- C:\Program Files\Oct2005_xinput_x64.cab
2007-05-31 19:23 86401 --a------ C:\Program Files\dxupdate.cab
2007-05-31 19:23 77160 --a------ C:\Program Files\DSETUP.dll
2007-05-31 19:23 702212 --------- C:\Program Files\APR2007_d3dx10_33_x64.cab
2007-05-31 19:23 699465 --------- C:\Program Files\APR2007_d3dx10_33_x86.cab
2007-05-31 19:23 56902 --------- C:\Program Files\APR2007_xinput_x86.cab
2007-05-31 19:23 503144 --a------ C:\Program Files\DXSETUP.exe
2007-05-31 19:23 47018 --------- C:\Program Files\AUG2006_xinput_x86.cab
2007-05-31 19:23 46898 --------- C:\Program Files\Apr2006_xinput_x86.cab
2007-05-31 19:23 46247 --------- C:\Program Files\Oct2005_xinput_x86.cab
2007-05-31 19:23 4163518 --------- C:\Program Files\Apr2006_MDX1_x86_Archive.cab
2007-05-31 19:23 213767 --------- C:\Program Files\DEC2006_d3dx10_00_x64.cab
2007-05-31 19:23 199366 --------- C:\Program Files\APR2007_XACT_x64.cab
2007-05-31 19:23 198275 --------- C:\Program Files\FEB2007_XACT_x64.cab
2007-05-31 19:23 193435 --------- C:\Program Files\DEC2006_XACT_x64.cab
2007-05-31 19:23 192680 --------- C:\Program Files\DEC2006_d3dx10_00_x86.cab
2007-05-31 19:23 183863 --------- C:\Program Files\AUG2006_XACT_x64.cab
2007-05-31 19:23 183321 --------- C:\Program Files\OCT2006_XACT_x64.cab
2007-05-31 19:23 181745 --------- C:\Program Files\JUN2006_XACT_x64.cab
2007-05-31 19:23 180021 --------- C:\Program Files\Apr2006_XACT_x64.cab
2007-05-31 19:23 179247 --------- C:\Program Files\Feb2006_XACT_x64.cab
2007-05-31 19:23 1673576 --a------ C:\Program Files\dsetup32.dll
2007-05-31 19:23 1610958 --------- C:\Program Files\APR2007_d3dx9_33_x64.cab
2007-05-31 19:23 1609639 --------- C:\Program Files\APR2007_d3dx9_33_x86.cab
2007-05-31 19:23 1575336 --------- C:\Program Files\DEC2006_d3dx9_32_x86.cab
2007-05-31 19:23 1572114 --------- C:\Program Files\DEC2006_d3dx9_32_x64.cab
2007-03-09 07:12:32 27,648 --sha-w C:\WINDOWS\system32\AVSredirect.dll


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A1CC0E5D-9C1D-4B4D-8FAC-F639A2AC6F01}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FEAC76B1-A6C9-9B33-2B8F-86AE22E3B02F}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PHIME2002A"="-C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" []
"ehTray"="-C:\WINDOWS\ehome\ehtray.exe" []
"IAAnotif"="-C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" []
"NvCplDaemon"="-C:\WINDOWS\system32\NvCpl.dll" []
"nwiz"="-nwiz.exe" []
"High Definition Audio Property Page Shortcut"="-HDAShCut.exe" []
"AzMixerSel"="-C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" []
"SunJavaUpdateSched"="-C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" []
"Vade Retro Outlook Express"="-C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" []
"Ulead AutoDetector v2"="-C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe" []
"IMJPMIG8.1"="-C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" []
"ACTIVBOARD"="-c:\apps\ABoard\ABoard.exe" []
"WiPen"="-C:\Program Files\WiPen\wpmanage.exe" []
"avast!"="-C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" []
"LogitechCommunicationsManager"="-C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" []
"LogitechQuickCamRibbon"="-C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" []
"DAEMON Tools"="-C:\Program Files\DAEMON Tools\daemon.exe" []
"RTHDCPL"="-RTHDCPL.EXE" []
"PHIME2002ASync"="-C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" []
"QuickTime Task"="-C:\Program Files\QuickTime\QTTask.exe" []
"NvMediaCenter"="-C:\WINDOWS\system32\NvMcTray.dll" []
"AVG7_CC"="-C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" []
"iTunesHelper"="-C:\Program Files\iTunes\iTunesHelper.exe" []
"au"="C:\Program Files\Dealio\DealioAU.exe" [2007-06-27 12:46]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 14:00]
"SpybotSD TeaTimer"="-C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" []
"BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" []
"msnmsgr"="-C:\Program Files\Windows Live\Messenger\msnmsgr.exe" []
"Steam"="c:\program files\valve\steam\steam.exe" [2007-07-24 12:19]
"updateMgr"="-C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" []
"Yahoo! Pager"="-C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" []
"RunDll"="-" []
"swg"="-C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" []
"Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" []

D:\Documents and Settings\aurele\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50]

D:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]
Microsoft Office.lnk - C:\Program Files\microsoft office\office10\OSA.EXE [2001-02-13 09:01:04]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoClose"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"system32"= {B0A6B7AD-7C01-4ABF-816D-AFCF170FDCD0} - sysprinters.dll [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkkifda]
jkkifda.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sstts]
C:\WINDOWS\system32\sstts.dll

R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP);C:\WINDOWS\system32\inetsrv\inetinfo.exe
R3 3xHybrid;3xHybrid service;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
R3 X10Hid;X10 Hid Device;C:\WINDOWS\system32\Drivers\x10hid.sys
S3 driverhardwarev2;driverhardwarev2;-\??\C:\Program Files\HardwareDetection\driverhardwarev2.sys
S3 iatmunin;iatmunin;\??\D:\DOCUME~1\aurele\LOCALS~1\Temp\iatmunin.sys
S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys
S3 wampapache;wampapache;"c:\wamp\apache2\bin\httpd.exe" -k runservice
S3 wampmysqld;wampmysqld;c:\wamp\mysql\bin\mysqld-nt.exe --defaults-file=c:\wamp\mysql\my.ini wampmysqld
S3 XUIF;X10 USB Wireless Transceiver;C:\WINDOWS\system32\Drivers\x10ufx2.sys


Contents of the 'Scheduled Tasks' folder
2007-08-21 15:00:00 C:\WINDOWS\Tasks\AC84254A93F7CE3E.job - d:\docume~1\aurele\applic~1\gramad~1\4 multi option.exe
2007-08-14 18:18:53 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
2007-08-21 15:00:00 C:\WINDOWS\Tasks\Extension de garantie.job - C:\APPS\SMP\PBCARNOT.EXE
2007-08-21 15:00:00 C:\WINDOWS\Tasks\Master CD_DVD Creator.job - C:\Apps\SMP\MCDCHECK.EXE

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-21 17:05:02
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-08-21 17:05:34
C:\ComboFix-quarantined-files.txt ... 2007-08-21 17:05
C:\ComboFix2.txt ... 2007-08-21 14:27

--- E O F ---

Re,

Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :



Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier ComboFix-Do.txt dans Combofix.exe comme ci-dessous :


Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
[#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]

Il n'y a pas eu de redemarage voici le rapport combofix :

ComboFix 07-08-17.2 - "aurele" 2007-08-21 17:23:10.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.525 [GMT 2:00]
Command switches used :: D:\Documents and Settings\aurele\Bureau\CFScript.txt
* Created a new restore point

FILE::
C:\WINDOWS\system32\sttss.bak1
C:\arca.exe
C:\aicxlt.exe
C:\WINDOWS\iun6002.exe


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\aicxlt.exe
C:\arca.exe
C:\WINDOWS\iun6002.exe
C:\WINDOWS\system32\sttss.bak1


((((((((((((((((((((((((( Files Created from 2007-07-21 to 2007-08-21 )))))))))))))))))))))))))))))))


2007-08-21 16:06 <REP> d-------- C:\VundoFix Backups
2007-08-21 15:18 <REP> d-------- C:\Program Files\Navilog1
2007-08-21 14:20 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-21 11:51 <REP> d-------- C:\Program Files\3B Software
2007-08-21 11:33 <REP> d-------- D:\DOCUME~1\aurele\APPLIC~1\Uniblue
2007-08-21 11:26 <REP> d-------- C:\Program Files\Dealio
2007-08-21 11:25 <REP> d-------- C:\WINDOWS\Web Download
2007-08-19 20:42 2,463,976 --a------ C:\WINDOWS\system32\NPSWF32.dll
2007-08-19 20:42 190,696 --a------ C:\WINDOWS\system32\NPSWF32_FlashUtil.exe
2007-08-19 17:58 105,680 --a------ D:\DOCUME~1\olive\APPLIC~1\GDIPFONTCACHEV1.DAT
2007-08-19 17:23 <REP> d-------- C:\Program Files\Bonjour
2007-08-19 17:16 <REP> d-------- C:\Program Files\Fichiers communs\Macrovision Shared
2007-08-18 13:40 <REP> d-------- D:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
2007-08-17 19:45 <REP> d-------- D:\DOCUME~1\aurele\.DownloadManager
2007-08-14 20:19 <REP> d-------- C:\Program Files\iTunes
2007-08-14 20:19 <REP> d-------- C:\Program Files\iPod
2007-08-13 15:37 <REP> d-------- D:\DOCUME~1\LOCALS~1.004\APPLIC~1\X10 Commander
2007-08-13 15:30 1,572,864 --ah----- D:\DOCUME~1\NETWOR~1.004\NTUSER.DAT
2007-08-13 15:30 1,572,864 --ah----- D:\DOCUME~1\LOCALS~1.004\NTUSER.DAT
2007-08-11 20:01 8,388,608 --a------ D:\DOCUME~1\aurele\ntuser.dat
2007-08-11 12:32 <REP> d-------- D:\DOCUME~1\aurele\APPLIC~1\Azureus
2007-08-11 12:32 <REP> d-------- C:\Program Files\Azureus
2007-08-08 16:20 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll
2007-08-08 16:20 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll
2007-08-08 16:20 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll
2007-08-08 16:20 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll
2007-08-08 16:20 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2007-08-08 16:20 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-08-08 16:20 266,088 --a------ C:\WINDOWS\system32\xactengine2_8.dll
2007-08-08 16:20 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll
2007-08-08 16:20 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll
2007-08-08 16:20 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2007-08-08 16:20 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2007-08-08 16:20 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2007-08-08 16:20 18,280 --a------ C:\WINDOWS\system32\x3daudio1_2.dll
2007-08-08 16:20 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2007-08-08 16:20 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll
2007-08-08 16:20 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll
2007-08-08 16:19 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2007-08-08 16:19 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2007-08-07 16:01 <REP> d-------- C:\wamp
2007-08-06 18:05 <REP> d-------- D:\DOCUME~1\ALLUSE~1\APPLIC~1\Skyline
2007-08-06 18:05 <REP> d-------- C:\Program Files\Skyline
2007-08-05 23:10 <REP> d-------- D:\DOCUME~1\olive\APPLIC~1\Google
2007-07-27 21:24 <REP> d-a------ D:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
2007-07-27 21:23 <REP> d-------- C:\Fraps
2007-07-27 20:56 <REP> d-------- C:\Program Files\VideoMach-3.4.1
2007-07-25 10:04 356,352 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2007-07-25 10:04 <REP> d-------- C:\NVIDIA
2007-07-24 11:43 <REP> d-------- C:\Program Files\Valve
2007-07-22 12:55 135,168 --a------ C:\WINDOWS\system32\DSKernel2.dll
2007-07-22 12:55 1,936,528 --a------ C:\WINDOWS\system32\ltmm15.dll
2007-07-22 12:54 <REP> d-------- C:\Program Files\Replay Converter


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-08-21 17:01 --------- d-------- C:\Program Files\HLSW
2007-08-21 16:14 0 --a------ C:\WINDOWS\system32\drivers\lvuvc.hs
2007-08-21 16:11 --------- d-------- C:\Program Files\UltimateZip
2007-08-21 12:09 --------- d-------- C:\Program Files\BitTorrent
2007-08-20 20:54 --------- d-------- C:\Program Files\mIRC
2007-08-19 12:47 --------- d---s---- C:\Program Files\Xfire
2007-08-19 12:47 --------- d-------- D:\DOCUME~1\aurele\APPLIC~1\Xfire
2007-08-18 13:49 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-08-18 11:29 --------- d-------- D:\DOCUME~1\aurele\APPLIC~1\BitTorrent
2007-08-18 11:11 --------- d-------- C:\Program Files\WiPen
2007-08-16 20:55 --------- d-------- C:\Program Files\eMule
2007-08-14 20:18 --------- d-------- C:\Program Files\Apple Software Update
2007-08-06 19:32 --------- d-------- C:\Program Files\Google
2007-07-28 00:07 783224 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-07-28 00:02 94416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-07-28 00:02 92848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-07-28 00:00 23152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-07-27 23:59 42912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-07-27 23:58 26624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-07-27 23:57 95608 --a------ C:\WINDOWS\system32\AVASTSS.scr
2007-07-24 20:56 --------- d-------- D:\DOCUME~1\aurele\APPLIC~1\AdobeUM
2007-07-19 08:58 3583488 --a------ C:\WINDOWS\system32\dllcache\mshtml.dll
2007-07-15 12:07 --------- d-------- C:\Program Files\Windows Live
2007-07-15 12:07 --------- d-------- C:\Program Files\MSN Messenger
2007-07-15 11:13 --------- d-------- C:\Program Files\QuickTime
2007-07-15 11:12 --------- d-------- C:\Program Files\Fichiers communs\Apple
2007-07-13 01:30 765952 --------- C:\WINDOWS\system32\dllcache\vgx.dll
2007-07-12 09:12 81920 --a------ C:\WINDOWS\system32\frapsvid.dll
2007-07-05 08:00 22762248 --a------ C:\Program Files\avg75free_472a1024.exe
2007-07-04 18:40 212849 --a------ C:\Program Files\hijackthis.zip
2007-06-29 01:54 356352 --a------ C:\WINDOWS\system32\nvudisp.exe
2007-06-27 15:24 823808 --a------ C:\WINDOWS\system32\dllcache\wininet.dll
2007-06-27 15:24 671232 --a------ C:\WINDOWS\system32\dllcache\mstime.dll
2007-06-27 15:24 477696 --a------ C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-06-27 15:24 232960 --------- C:\WINDOWS\system32\dllcache\webcheck.dll
2007-06-27 15:24 193024 --a------ C:\WINDOWS\system32\dllcache\msrating.dll
2007-06-27 15:24 1152000 --a------ C:\WINDOWS\system32\dllcache\urlmon.dll
2007-06-27 15:24 105984 --------- C:\WINDOWS\system32\dllcache\url.dll
2007-06-27 15:24 102400 --------- C:\WINDOWS\system32\dllcache\occache.dll
2007-06-27 15:23 6058496 --------- C:\WINDOWS\system32\dllcache\ieframe.dll
2007-06-27 15:23 52224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-06-27 15:23 459264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-06-27 15:23 44544 --------- C:\WINDOWS\system32\dllcache\iernonce.dll
2007-06-27 15:23 27648 --a------ C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-06-27 15:23 267776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll
2007-06-27 15:22 384512 --------- C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-06-27 15:22 383488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-06-27 15:22 230400 --------- C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-06-27 15:22 153088 --------- C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-06-27 15:22 132608 --a------ C:\WINDOWS\system32\dllcache\extmgr.dll
2007-06-27 15:22 124928 --------- C:\WINDOWS\system32\dllcache\advpack.dll
2007-06-27 10:28 625152 --------- C:\WINDOWS\system32\dllcache\iexplore.exe
2007-06-27 10:27 63488 --------- C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-06-27 10:27 13824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-06-27 09:00 161792 --------- C:\WINDOWS\system32\dllcache\ieakui.dll
2007-06-26 10:27 366592 --a------ C:\WINDOWS\system32\dllcache\w3svc.dll
2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
2007-06-26 08:09 1104896 --------- C:\WINDOWS\system32\dllcache\msxml3.dll
2007-06-19 15:32 282112 --a------ C:\WINDOWS\system32\gdi32.dll
2007-06-19 15:32 282112 --------- C:\WINDOWS\system32\dllcache\gdi32.dll
2007-06-13 15:22 1037312 --a------ C:\WINDOWS\explorer.exe
2007-06-13 15:22 1037312 --------- C:\WINDOWS\system32\dllcache\explorer.exe
2007-06-01 08:20 51568 --a------ C:\WINDOWS\system32\sirenacm.dll
2007-05-31 19:43 703258 --a------ C:\Program Files\JUN2007_d3dx10_34_x64.cab
2007-05-31 19:43 701218 --a------ C:\Program Files\JUN2007_d3dx10_34_x86.cab
2007-05-31 19:43 44687 --a------ C:\Program Files\dxdllreg_x86.cab
2007-05-31 19:43 200646 --a------ C:\Program Files\JUN2007_XACT_x64.cab
2007-05-31 19:43 1611772 --a------ C:\Program Files\JUN2007_d3dx9_34_x64.cab
2007-05-31 19:43 1610203 --a------ C:\Program Files\JUN2007_d3dx9_34_x86.cab
2007-05-31 19:43 155892 --a------ C:\Program Files\JUN2007_XACT_x86.cab
2007-05-31 19:23 976020 --------- C:\Program Files\BDAXP.cab
2007-05-31 19:23 917318 --------- C:\Program Files\Apr2006_MDX1_x86.cab
2007-05-31 19:23 88102 --------- C:\Program Files\AUG2006_xinput_x64.cab
2007-05-31 19:23 87989 --------- C:\Program Files\Apr2006_xinput_x64.cab
2007-05-31 19:23 86925 --------- C:\Program Files\Oct2005_xinput_x64.cab
2007-05-31 19:23 86401 --a------ C:\Program Files\dxupdate.cab
2007-05-31 19:23 77160 --a------ C:\Program Files\DSETUP.dll
2007-05-31 19:23 702212 --------- C:\Program Files\APR2007_d3dx10_33_x64.cab
2007-05-31 19:23 699465 --------- C:\Program Files\APR2007_d3dx10_33_x86.cab
2007-05-31 19:23 56902 --------- C:\Program Files\APR2007_xinput_x86.cab
2007-05-31 19:23 503144 --a------ C:\Program Files\DXSETUP.exe
2007-05-31 19:23 47018 --------- C:\Program Files\AUG2006_xinput_x86.cab
2007-05-31 19:23 46898 --------- C:\Program Files\Apr2006_xinput_x86.cab
2007-05-31 19:23 46247 --------- C:\Program Files\Oct2005_xinput_x86.cab
2007-05-31 19:23 4163518 --------- C:\Program Files\Apr2006_MDX1_x86_Archive.cab
2007-05-31 19:23 213767 --------- C:\Program Files\DEC2006_d3dx10_00_x64.cab
2007-05-31 19:23 199366 --------- C:\Program Files\APR2007_XACT_x64.cab
2007-05-31 19:23 198275 --------- C:\Program Files\FEB2007_XACT_x64.cab
2007-05-31 19:23 193435 --------- C:\Program Files\DEC2006_XACT_x64.cab
2007-05-31 19:23 192680 --------- C:\Program Files\DEC2006_d3dx10_00_x86.cab
2007-05-31 19:23 183863 --------- C:\Program Files\AUG2006_XACT_x64.cab
2007-05-31 19:23 183321 --------- C:\Program Files\OCT2006_XACT_x64.cab
2007-05-31 19:23 181745 --------- C:\Program Files\JUN2006_XACT_x64.cab
2007-05-31 19:23 180021 --------- C:\Program Files\Apr2006_XACT_x64.cab
2007-05-31 19:23 179247 --------- C:\Program Files\Feb2006_XACT_x64.cab
2007-05-31 19:23 1673576 --a------ C:\Program Files\dsetup32.dll
2007-05-31 19:23 1610958 --------- C:\Program Files\APR2007_d3dx9_33_x64.cab
2007-05-31 19:23 1609639 --------- C:\Program Files\APR2007_d3dx9_33_x86.cab
2007-05-31 19:23 1575336 --------- C:\Program Files\DEC2006_d3dx9_32_x86.cab
2007-05-31 19:23 1572114 --------- C:\Program Files\DEC2006_d3dx9_32_x64.cab
2007-03-09 07:12:32 27,648 --sha-w C:\WINDOWS\system32\AVSredirect.dll


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PHIME2002A"="-C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" []
"ehTray"="-C:\WINDOWS\ehome\ehtray.exe" []
"IAAnotif"="-C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" []
"NvCplDaemon"="-C:\WINDOWS\system32\NvCpl.dll" []
"nwiz"="-nwiz.exe" []
"High Definition Audio Property Page Shortcut"="-HDAShCut.exe" []
"AzMixerSel"="-C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" []
"SunJavaUpdateSched"="-C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" []
"Vade Retro Outlook Express"="-C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" []
"Ulead AutoDetector v2"="-C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe" []
"IMJPMIG8.1"="-C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" []
"ACTIVBOARD"="-c:\apps\ABoard\ABoard.exe" []
"WiPen"="-C:\Program Files\WiPen\wpmanage.exe" []
"avast!"="-C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" []
"LogitechCommunicationsManager"="-C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" []
"LogitechQuickCamRibbon"="-C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" []
"DAEMON Tools"="-C:\Program Files\DAEMON Tools\daemon.exe" []
"RTHDCPL"="-RTHDCPL.EXE" []
"PHIME2002ASync"="-C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" []
"QuickTime Task"="-C:\Program Files\QuickTime\QTTask.exe" []
"NvMediaCenter"="-C:\WINDOWS\system32\NvMcTray.dll" []
"AVG7_CC"="-C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" []
"iTunesHelper"="-C:\Program Files\iTunes\iTunesHelper.exe" []
"au"="C:\Program Files\Dealio\DealioAU.exe" [2007-06-27 12:46]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 14:00]
"SpybotSD TeaTimer"="-C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" []
"BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" []
"msnmsgr"="-C:\Program Files\Windows Live\Messenger\msnmsgr.exe" []
"Steam"="c:\program files\valve\steam\steam.exe" [2007-07-24 12:19]
"updateMgr"="-C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" []
"Yahoo! Pager"="-C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" []
"RunDll"="-" []
"swg"="-C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" []
"Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" []

D:\Documents and Settings\aurele\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50]

D:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]
Microsoft Office.lnk - C:\Program Files\microsoft office\office10\OSA.EXE [2001-02-13 09:01:04]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoClose"=0 (0x0)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"system32"= {B0A6B7AD-7C01-4ABF-816D-AFCF170FDCD0} - sysprinters.dll [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkkifda]
jkkifda.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\sstts]
C:\WINDOWS\system32\sstts.dll

R2 SMTPSVC;Simple Mail Transfer Protocol (SMTP);C:\WINDOWS\system32\inetsrv\inetinfo.exe
R3 3xHybrid;3xHybrid service;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
R3 X10Hid;X10 Hid Device;C:\WINDOWS\system32\Drivers\x10hid.sys
S3 driverhardwarev2;driverhardwarev2;-\??\C:\Program Files\HardwareDetection\driverhardwarev2.sys
S3 iatmunin;iatmunin;\??\D:\DOCUME~1\aurele\LOCALS~1\Temp\iatmunin.sys
S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys
S3 wampapache;wampapache;"c:\wamp\apache2\bin\httpd.exe" -k runservice
S3 wampmysqld;wampmysqld;c:\wamp\mysql\bin\mysqld-nt.exe --defaults-file=c:\wamp\mysql\my.ini wampmysqld
S3 XUIF;X10 USB Wireless Transceiver;C:\WINDOWS\system32\Drivers\x10ufx2.sys

*Newly Created Service* - AVAST!_MAIL_SCANNER

Contents of the 'Scheduled Tasks' folder
2007-08-21 15:00:00 C:\WINDOWS\Tasks\AC84254A93F7CE3E.job - d:\docume~1\aurele\applic~1\gramad~1\4 multi option.exe
2007-08-14 18:18:53 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
2007-08-21 15:00:00 C:\WINDOWS\Tasks\Extension de garantie.job - C:\APPS\SMP\PBCARNOT.EXE
2007-08-21 15:00:00 C:\WINDOWS\Tasks\Master CD_DVD Creator.job - C:\Apps\SMP\MCDCHECK.EXE

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-21 17:25:47
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-08-21 17:26:21
C:\ComboFix-quarantined-files.txt ... 2007-08-21 17:26
C:\ComboFix2.txt ... 2007-08-21 17:05
C:\ComboFix3.txt ... 2007-08-21 14:27

--- E O F ---


et voici le rapport hijackthis :



Logfile of HijackThis v1.99.1
Scan saved at 17:28:19, on 21/08/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Valve\Steam\Steam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\explorer.exe
C:\PROGRA~1\ULTIMA~1\uzip.exe
D:\DOCUME~1\AURELE\LOCALS~1\TEMP\UZ_4814\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ogame.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:\Program Files\Dealio\kb106\Dealio.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb106\Dealio.dll
O4 - HKLM\..\Run: [PHIME2002A] -C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ehTray] -C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [IAAnotif] -C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [NvCplDaemon] -RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] -nwiz.exe /install
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] -HDAShCut.exe
O4 - HKLM\..\Run: [AzMixerSel] -C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] -"C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [Vade Retro Outlook Express] -"C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] -C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [IMJPMIG8.1] -"C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] -c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [WiPen] -C:\Program Files\WiPen\wpmanage.exe
O4 - HKLM\..\Run: [avast!] -C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] -"C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] -"C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [DAEMON Tools] -"C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [RTHDCPL] -RTHDCPL.EXE
O4 - HKLM\..\Run: [PHIME2002ASync] -C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [QuickTime Task] -"C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [NvMediaCenter] -RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG7_CC] -C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [iTunesHelper] -"C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] -C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [msnmsgr] -"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [updateMgr] -C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [Yahoo! Pager] -"C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [RunDll] -
O4 - HKCU\..\Run: [swg] -C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\office10\OSA.EXE
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\Program Files\Yahoo!\YPSR\Quarantine\ppq64.tmp\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\Program Files\Yahoo!\YPSR\Quarantine\ppq64.tmp\jc_link.htm
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Program Files\Dealio\kb106\res\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb106\Dealio.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} -
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} -
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yins...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} -
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scan...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: jkkifda - jkkifda.dll (file missing)
O20 - Winlogon Notify: sstts - C:\WINDOWS\system32\sstts.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: system32 - {B0A6B7AD-7C01-4ABF-816D-AFCF170FDCD0} - sysprinters.dll (file missing)
O23 - Service: Adobe LM Service - Unknown owner - -"C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - -C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe (file missing)
O23 - Service: Apple Mobile Device - Unknown owner - -"C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Unknown owner - -"C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Unknown owner - -C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - -"C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe (file missing)
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - -"C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Process Monitor (LVPrcSrv) - Unknown owner - -c:\program files\fichiers communs\logishrd\lvmvfm\LVPrcSrv.exe (file missing)
O23 - Service: LVSrvLauncher - Unknown owner - -C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe (file missing)
O23 - Service: Machine Debug Manager (MDM) - Unknown owner - -"C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Unknown owner - -C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe (file missing)
O23 - Service: Service Messenger Sharing Folders USN Journal Reader (usnjsvc) - Unknown owner - -"C:\Program Files\Windows Live\Messenger\usnsvc.exe (file missing)
O23 - Service: wampapache - Unknown owner - c:\wamp\apache2\bin\httpd.exe" -k runservice (file missing)
O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - -"C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing)
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - -"C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing)
O23 - Service: X10 Device Network Service (x10nets) - Unknown owner - -C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe (file missing)

Re,

Désinstalle correctement Avast! pour le remplacer par Antivir.
Pourquoi changer ? : Avast! vs Antivir

Si tu pense q'avast et meilleur qu'antivir lise le avast vs antivir j'etait aussi un adepte et defendeur d'avast mais plus maintenant