PSW X-Vir .... help !

Bonjour donc comme ca ce voir je suis infecté par le trojan PSW etc etc

donc je post mon rapport de hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 16:32:20, on 11/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\service.exe
C:\WINDOWS\Fonts\svchost.exe
C:\WINDOWS\mrofinu1000106.exe
C:\WINDOWS\Fonts\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\admin\Mes documents\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?linkid=677
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\eogbpqvj.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [MDNS] C:\WINDOWS\system32\service.exe
O4 - HKLM\..\Run: [Host Process] C:\WINDOWS\Fonts\svchost.exe
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu1000106.exe 61A847B5BBF72813329B385772FF01F0B3E35B6638993F4661AA4EBD86D67C56389B284534F310
O4 - HKLM\..\Run: [d83453f0] rundll32.exe "C:\WINDOWS\system32\lhaxdlpt.dll",b
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/webplayer [...] taller.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O18 - Protocol: bw+0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c00E75E9.dat
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\evvggvyh.exe (file missing)
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

j'ai télécharger l'autre programme aussi Ipsfix

Merci de votre futur aide

Je savais bien que j'en avait partout : /

ComboFix 07-11-08.1 - admin 2007-11-11 16:38:07.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1488 [GMT 1:00]
Running from: C:\Documents and Settings\admin\Bureau\ComboFix.exe
* Created a new restore point
.

Incapable d'obtenir les privilèges Système

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\a.exe
C:\Documents and Settings\admin\Bureau\Live Safety Center.lnk
C:\Documents and Settings\admin\Bureau\Online Security Guide.lnk
C:\Documents and Settings\admin\Favoris\Online Security Guide.lnk
C:\Documents and Settings\All Users\Application Data.\salesmonitor
C:\Documents and Settings\All Users\Menu Démarrer\Live Safety Center.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Online Security Guide.lnk
C:\Program Files\Insider
C:\Program Files\WinAble
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\WINDOWS\b122.exe
C:\WINDOWS\b147.exe
C:\WINDOWS\cookies.ini
C:\WINDOWS\mrofinu1188.exe
C:\WINDOWS\system32\__c0031431.dat
C:\WINDOWS\system32\__c00E75E9.dat
C:\WINDOWS\system32\c3
C:\WINDOWS\system32\cowwrecl.dll
C:\WINDOWS\system32\eogbpqvj.dllbox
C:\WINDOWS\system32\hfupkxtv.dll
C:\WINDOWS\system32\k1
C:\WINDOWS\system32\k1\jumper83122.exe
C:\WINDOWS\system32\ldcore.dll
C:\WINDOWS\system32\ldinfo.ldr
C:\WINDOWS\system32\nnnmp.bak1
C:\WINDOWS\system32\nnnmp.bak2
C:\WINDOWS\system32\nnnmp.ini
C:\WINDOWS\system32\nuhbqafn.dll
C:\WINDOWS\system32\o4
C:\WINDOWS\system32\o4\revdrive33b.exe
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\pmnnn.dll
C:\WINDOWS\system32\service.exe
C:\WINDOWS\system32\winnb58.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_DOMAINSERVICE
-------\DomainService


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-10-11 to 2007-11-11 ))))))))))))))))))))))))))))))))))))
.

2007-11-11 16:36 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-11 15:17 35,840 --a------ C:\WINDOWS\mrofinu1000106.exe
2007-11-11 15:16 <REP> d-------- C:\WINDOWS\system32\rMa06yy
2007-11-11 15:16 <REP> d-------- C:\Temp\abW9
2007-11-11 15:16 <REP> d-------- C:\Temp
2007-11-11 15:16 225,290 --a------ C:\Temp\e002A477.exe
2007-11-11 13:56 <REP> d-------- C:\WINDOWS\AU_Temp
2007-11-11 03:07 <REP> d-------- C:\WINDOWS\report
2007-11-11 03:06 <REP> d-------- C:\WINDOWS\AU_Backup
2007-11-11 03:06 1,163,344 --a------ C:\WINDOWS\vsapi32.dll
2007-11-11 03:06 267,845 --a------ C:\WINDOWS\tsc.exe
2007-11-11 03:06 86,094 --a------ C:\WINDOWS\BPMNT.dll
2007-11-11 03:06 71,749 --a------ C:\WINDOWS\hcextoutput.dll
2007-11-11 03:01 <REP> d-------- C:\WINDOWS\AU_Log
2007-11-11 03:01 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL
2007-11-11 03:01 286,720 --a------ C:\WINDOWS\PATCH.EXE
2007-11-11 03:01 69,689 --a------ C:\WINDOWS\UNZIP.DLL
2007-11-11 02:42 81,472 --a------ C:\WINDOWS\system32\pxlaotpc.dll
2007-11-11 02:38 85,056 --a------ C:\WINDOWS\system32\lhaxdlpt.dll
2007-11-11 00:05 36,352 --a------ C:\WINDOWS\system32\cbxxyvu.dll
2007-11-10 22:35 24,064 --a------ C:\WINDOWS\system32\msxml3a.dll
2007-11-10 22:30 145,984 --a------ C:\WINDOWS\system32\eogbpqvj.dll
2007-11-10 22:30 81,472 --a------ C:\WINDOWS\system32\kacyinsc.dll
2007-11-10 22:29 145,984 --a------ C:\WINDOWS\system32\jsspetix.dll
2007-11-10 10:28 36,352 --a------ C:\WINDOWS\system32\awtqomn.dll
2007-11-09 15:46 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll
2007-11-09 15:43 134 --a------ C:\n.bat
2007-11-09 15:42 35,328 --a------ C:\WINDOWS\system32\nnnonkh.dll
2007-11-09 15:42 262 --a------ C:\Documents and Settings\admin\z.dat
2007-11-09 15:42 0 --a------ C:\Documents and Settings\admin\x.dat
2007-11-09 15:39 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-07 12:02 <REP> d-------- C:\WINDOWS\Sun
2007-11-02 11:49 <REP> d-------- C:\Documents and Settings\admin\Application Data\sansendommagement
2007-11-02 11:44 <REP> d-------- C:\Program Files\Fichiers communs\SansenDommagement
2007-11-02 11:44 <REP> dr------- C:\Documents and Settings\All Users\Application Data\sansendommagement
2007-10-28 13:49 <REP> d-------- C:\Documents and Settings\All Users\Application Data\OrbNetworks

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-11 15:44 --------- d-----w C:\Program Files\Steam
2007-11-11 15:09 --------- d-----w C:\Documents and Settings\admin\Application Data\LimeWire
2007-11-11 15:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-10 21:45 --------- d-----w C:\Program Files\TuneUp Utilities 2007
2007-11-10 10:23 --------- d-----w C:\Program Files\Warcraft III
2007-11-01 11:05 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2007-11-01 11:05 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
2007-10-28 13:27 --------- d-----w C:\Program Files\Winamp
2007-10-24 18:01 --------- d-----w C:\Program Files\mIRC
2007-10-13 09:33 --------- d-----w C:\Program Files\World of Warcraft
2007-10-10 10:57 --------- d-----w C:\Program Files\Java
2007-10-09 15:45 --------- d-----w C:\Program Files\Fichiers communs\Java
2007-10-01 11:15 839,690 ----a-w C:\WINDOWS\Fonts\Crack.exe
2007-10-01 11:15 839,689 --sh--w C:\WINDOWS\Fonts\svchost.exe
2007-09-23 14:25 --------- d-----w C:\Documents and Settings\admin\Application Data\teamspeak2
2007-09-14 11:11 --------- d-----w C:\Program Files\Alwil Software
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0D39A900-0F3A-4C29-A254-3E65244FDC34}]
C:\Program Files\ContextTool\ContextTool-1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{34C29F9E-2833-435A-AD35-B5D1F06BFD4F}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{430CEFA0-6918-4E48-92CE-8A2CC2BC8270}]
C:\Program Files\Messenger\hoqezikC:\WINDOWS\system32\k1\jumper83122.exe.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5b3f3836-1d56-44c1-9a80-28de8eabc1e2}]
2007-11-11 02:42 81472 --a------ C:\WINDOWS\system32\pxlaotpc.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}]
2007-11-10 22:30 145984 --a------ C:\WINDOWS\system32\eogbpqvj.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{11A69AE4-FBED-4832-A2BF-45AF82825583}"= C:\WINDOWS\system32\eogbpqvj.dll [2007-11-10 22:30 145984]

[HKEY_CLASSES_ROOT\CLSID\{11A69AE4-FBED-4832-A2BF-45AF82825583}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-18 09:00]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2005-07-26 08:54]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-20 05:05]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-04-20 05:05]
"SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2005-01-24 18:58]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 11:06]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"Host Process"="C:\WINDOWS\Fonts\svchost.exe" [2007-10-01 12:15]
"d83453f0"="C:\WINDOWS\system32\lhaxdlpt.dll" [2007-11-11 02:38]
"QuickTime Task"="C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" [2007-04-27 08:41]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55]
"Steam"="c:\program files\steam\steam.exe" [2007-10-05 15:34]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-07-06 18:59]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\eogbpqvj]
eogbpqvj.dll 2007-11-10 22:30 145984 C:\WINDOWS\system32\eogbpqvj.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\pmnnn.dll

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe -k netsvcs
R3 AEAudioService;AEAudio Service;C:\WINDOWS\system32\drivers\AEAudio.sys
R3 TNET1130;IEEE 802.11g Wireless Cardbus/PCI Adapter;C:\WINDOWS\system32\DRIVERS\tnet1130.sys

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-11-09 16:15:00 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
.

Mais ou sont les gens ?

je suis en pleine "réparation" avec la date déréglé et y'a plus personne ~~?

Tu sais quel jour on est ? Tu n'as pas une vie toi ?
Reposte un rapport Hijackthis.

Encore des infections.

Désinstalle correctement Avast! pour le remplacer par AntiVir.
Pourquoi changer ? Avast! vs AntiVir

Fais un scan complet puis poste le rapport en fin d'analyse.

Antivir me trouve un trojan dans mais aucun choix ne marche, delete quarantaine etc, je dosi faire quoi ? j'ai "ignore"
j'ai fais un scan et il en a trouver partout en faite je repost un report sous peu

(il est préférable de delete ou mettre en quarantaine ?)

SVP on peut enlever le BIP quand il trouve un virus ou pas ? omg j'en suis a 500 + la ... merci :x

Euh je pense que oui la 1er fois je l'ai fais mais sans les mise a jour en fait, la je les bien mis a jour avec les versions et j'en suis a 900 et des brouetes de detections

et sp, est ce qu'on peut modifié le choix qu'on a fait pour les prochain virus trouvés ? j'ai mis "delete" mais en fait je pense que la quarantaine aurait été mieu ..

On peut modifié le choix ? et ok mais je n'est pas finis encore, 1500...

Ah nom de dieu ca va beaucoup mieu plus de spam etc etc !

Par contre j'ai le message suivant qui s'affiche au démarrage du pc :

Erreur du chargement de C: /WINDOWS/system32/lhxdlpt.dll

voila le rapport

ComboFix 07-11-08.1 - admin 2007-11-11 20:39:11.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1547 [GMT 1:00]
Running from: C:\Documents and Settings\admin\Bureau\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\admin\Bureau\Live Safety Center.lnk
C:\Documents and Settings\admin\Bureau\Online Security Guide.lnk
C:\Documents and Settings\admin\Favoris\Online Security Guide.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Live Safety Center.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Online Security Guide.lnk
C:\Program Files\Temporary
C:\Program Files\Temporary\wininstall.exe
C:\Program Files\WinAble
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\eogbpqvj.dllbox
.
---- Previous Run -------
.
C:\a.exe
C:\Documents and Settings\admin\Bureau\Live Safety Center.lnk
C:\Documents and Settings\admin\Bureau\Online Security Guide.lnk
C:\Documents and Settings\admin\Favoris\Online Security Guide.lnk
C:\Documents and Settings\All Users\Application Data.\salesmonitor
C:\Documents and Settings\All Users\Menu Démarrer\Live Safety Center.lnk
C:\Documents and Settings\All Users\Menu Démarrer\Online Security Guide.lnk
C:\Program Files\Insider
C:\Program Files\WinAble
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\WINDOWS\b122.exe
C:\WINDOWS\b147.exe
C:\WINDOWS\cookies.ini
C:\WINDOWS\mrofinu1188.exe
C:\WINDOWS\system32\__c0031431.dat
C:\WINDOWS\system32\__c00E75E9.dat
C:\WINDOWS\system32\c3
C:\WINDOWS\system32\cowwrecl.dll
C:\WINDOWS\system32\eogbpqvj.dllbox
C:\WINDOWS\system32\hfupkxtv.dll
C:\WINDOWS\system32\k1
C:\WINDOWS\system32\k1\jumper83122.exe
C:\WINDOWS\system32\ldcore.dll
C:\WINDOWS\system32\ldinfo.ldr
C:\WINDOWS\system32\nnnmp.bak1
C:\WINDOWS\system32\nnnmp.bak2
C:\WINDOWS\system32\nnnmp.ini
C:\WINDOWS\system32\nuhbqafn.dll
C:\WINDOWS\system32\o4
C:\WINDOWS\system32\o4\revdrive33b.exe
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\pmnnn.dll
C:\WINDOWS\system32\service.exe
C:\WINDOWS\system32\winnb58.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_DOMAINSERVICE
-------\DomainService




((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-10-11 to 2007-11-11 ))))))))))))))))))))))))))))))))))))
.

2007-11-11 19:26 <REP> d-------- C:\Program Files\Avira
2007-11-11 19:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2007-11-11 16:51 6,465 ---hs---- C:\WINDOWS\system32\ihkmp.bak1
2007-11-11 16:46 36,352 --a------ C:\WINDOWS\system32\iifdaxy.dll
2007-11-11 16:36 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-11 15:16 <REP> d-------- C:\WINDOWS\system32\rMa06yy
2007-11-11 15:16 <REP> d-------- C:\Temp\abW9
2007-11-11 15:16 <REP> d-------- C:\Temp
2007-11-11 15:16 225,290 --a------ C:\Temp\e002A477.exe
2007-11-11 13:56 <REP> d-------- C:\WINDOWS\AU_Temp
2007-11-11 03:07 <REP> d-------- C:\WINDOWS\report
2007-11-11 03:06 <REP> d-------- C:\WINDOWS\AU_Backup
2007-11-11 03:06 1,163,344 --a------ C:\WINDOWS\vsapi32.dll
2007-11-11 03:06 267,845 --a------ C:\WINDOWS\tsc.exe
2007-11-11 03:06 86,094 --a------ C:\WINDOWS\BPMNT.dll
2007-11-11 03:06 71,749 --a------ C:\WINDOWS\hcextoutput.dll
2007-11-11 03:01 <REP> d-------- C:\WINDOWS\AU_Log
2007-11-11 03:01 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL
2007-11-11 03:01 286,720 --a------ C:\WINDOWS\PATCH.EXE
2007-11-11 03:01 69,689 --a------ C:\WINDOWS\UNZIP.DLL
2007-11-11 00:05 36,352 --a------ C:\WINDOWS\system32\cbxxyvu.dll
2007-11-10 22:35 24,064 --a------ C:\WINDOWS\system32\msxml3a.dll
2007-11-10 10:28 36,352 --a------ C:\WINDOWS\system32\awtqomn.dll
2007-11-09 15:46 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll
2007-11-09 15:43 134 --a------ C:\n.bat
2007-11-09 15:42 35,328 --a------ C:\WINDOWS\system32\nnnonkh.dll
2007-11-09 15:42 262 --a------ C:\Documents and Settings\admin\z.dat
2007-11-09 15:42 0 --a------ C:\Documents and Settings\admin\x.dat
2007-11-09 15:39 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-07 12:02 <REP> d-------- C:\WINDOWS\Sun
2007-11-02 11:49 <REP> d-------- C:\Documents and Settings\admin\Application Data\sansendommagement
2007-11-02 11:44 <REP> d-------- C:\Program Files\Fichiers communs\SansenDommagement
2007-11-02 11:44 <REP> dr------- C:\Documents and Settings\All Users\Application Data\sansendommagement
2007-10-28 13:49 <REP> d-------- C:\Documents and Settings\All Users\Application Data\OrbNetworks

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-11 19:43 --------- d-----w C:\Program Files\Steam
2007-11-11 18:26 --------- d-----w C:\Documents and Settings\admin\Application Data\LimeWire
2007-11-11 15:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-10 21:45 --------- d-----w C:\Program Files\TuneUp Utilities 2007
2007-11-10 10:23 --------- d-----w C:\Program Files\Warcraft III
2007-11-01 11:05 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2007-11-01 11:05 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
2007-10-28 13:27 --------- d-----w C:\Program Files\Winamp
2007-10-24 18:01 --------- d-----w C:\Program Files\mIRC
2007-10-13 09:33 --------- d-----w C:\Program Files\World of Warcraft
2007-10-10 10:57 --------- d-----w C:\Program Files\Java
2007-10-09 15:45 --------- d-----w C:\Program Files\Fichiers communs\Java
2007-09-23 14:25 --------- d-----w C:\Documents and Settings\admin\Application Data\teamspeak2
2007-09-21 12:34 47,104 ----a-w C:\WINDOWS\system32\KMVIDC32.DLL
2007-09-14 11:11 --------- d-----w C:\Program Files\Alwil Software
2007-09-06 10:09 801,144 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
.

((((((((((((((((((((((((((((( snapshot@2007-11-11_16.45.03.28 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-11 18:19:43 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\NtUser.dat
+ 2007-08-09 12:04:11 40,768 ----a-w C:\WINDOWS\system32\drivers\avgntdd.sys
+ 2007-07-18 13:22:19 21,312 ----a-w C:\WINDOWS\system32\drivers\avgntmgr.sys
+ 2007-11-11 18:38:39 61,632 ----a-w C:\WINDOWS\system32\drivers\avipbb.sys
+ 2007-03-01 09:34:36 28,352 ----a-w C:\WINDOWS\system32\drivers\ssmdrv.sys
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{01CD0B31-9154-45F2-9414-F5D64B74EAF6}]
2007-11-11 16:46 36352 --a------ C:\WINDOWS\system32\iifdaxy.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0D39A900-0F3A-4C29-A254-3E65244FDC34}]
C:\Program Files\ContextTool\ContextTool-1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{34C29F9E-2833-435A-AD35-B5D1F06BFD4F}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{430CEFA0-6918-4E48-92CE-8A2CC2BC8270}]
C:\Program Files\Messenger\hoqezikC:\WINDOWS\system32\k1\jumper83122.exe.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5b3f3836-1d56-44c1-9a80-28de8eabc1e2}]
C:\WINDOWS\system32\pxlaotpc.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FE0D3C52-0C72-491C-B915-C491FE184DD3}]
C:\WINDOWS\system32\pmkhi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-18 09:00]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2005-07-26 08:54]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-20 05:05]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-04-20 05:05]
"SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2005-01-24 18:58]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"Host Process"="C:\WINDOWS\Fonts\svchost.exe" []
"d83453f0"="C:\WINDOWS\system32\lhaxdlpt.dll" []
"QuickTime Task"="C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" [2007-04-27 08:41]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-11-11 19:38]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55]
"Steam"="c:\program files\steam\steam.exe" [2007-10-05 15:34]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-07-06 18:59]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{01CD0B31-9154-45F2-9414-F5D64B74EAF6}"= C:\WINDOWS\system32\iifdaxy.dll [2007-11-11 16:46 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\eogbpqvj]
eogbpqvj.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iifdaxy]
iifdaxy.dll 2007-11-11 16:46 36352 C:\WINDOWS\system32\iifdaxy.dll

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe -k netsvcs
R3 AEAudioService;AEAudio Service;C:\WINDOWS\system32\drivers\AEAudio.sys
R3 TNET1130;IEEE 802.11g Wireless Cardbus/PCI Adapter;C:\WINDOWS\system32\DRIVERS\tnet1130.sys

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-11-09 16:15:00 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
.
**************************************************************************

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-11 20:43:27
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-11 20:45:00 - machine was rebooted
.
--- E O F ---

alors voila le rapport combo

ComboFix 07-11-08.1 - admin 2007-11-12 18:18:59.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1597 [GMT 1:00]
Running from: C:\Documents and Settings\admin\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\admin\Bureau\CFScript.txt.txt
* Created a new restore point
.

((((((((((((((((((((((((((((( Fichiers créés 2007-10-12 to 2007-11-12 ))))))))))))))))))))))))))))))))))))
.

2007-11-11 19:26 <REP> d-------- C:\Program Files\Avira
2007-11-11 19:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2007-11-11 16:51 6,465 ---hs---- C:\WINDOWS\system32\ihkmp.bak1
2007-11-11 16:46 36,352 --a------ C:\WINDOWS\system32\iifdaxy.dll
2007-11-11 16:36 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-11 15:16 <REP> d-------- C:\WINDOWS\system32\rMa06yy
2007-11-11 15:16 <REP> d-------- C:\Temp\abW9
2007-11-11 15:16 <REP> d-------- C:\Temp
2007-11-11 15:16 225,290 --a------ C:\Temp\e002A477.exe
2007-11-11 13:56 <REP> d-------- C:\WINDOWS\AU_Temp
2007-11-11 03:07 <REP> d-------- C:\WINDOWS\report
2007-11-11 03:06 <REP> d-------- C:\WINDOWS\AU_Backup
2007-11-11 03:06 1,163,344 --a------ C:\WINDOWS\vsapi32.dll
2007-11-11 03:06 267,845 --a------ C:\WINDOWS\tsc.exe
2007-11-11 03:06 86,094 --a------ C:\WINDOWS\BPMNT.dll
2007-11-11 03:06 71,749 --a------ C:\WINDOWS\hcextoutput.dll
2007-11-11 03:01 <REP> d-------- C:\WINDOWS\AU_Log
2007-11-11 03:01 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL
2007-11-11 03:01 286,720 --a------ C:\WINDOWS\PATCH.EXE
2007-11-11 03:01 69,689 --a------ C:\WINDOWS\UNZIP.DLL
2007-11-11 00:05 36,352 --a------ C:\WINDOWS\system32\cbxxyvu.dll
2007-11-10 22:35 24,064 --a------ C:\WINDOWS\system32\msxml3a.dll
2007-11-10 10:28 36,352 --a------ C:\WINDOWS\system32\awtqomn.dll
2007-11-09 15:46 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll
2007-11-09 15:43 134 --a------ C:\n.bat
2007-11-09 15:42 35,328 --a------ C:\WINDOWS\system32\nnnonkh.dll
2007-11-09 15:42 262 --a------ C:\Documents and Settings\admin\z.dat
2007-11-09 15:42 0 --a------ C:\Documents and Settings\admin\x.dat
2007-11-09 15:39 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-07 12:02 <REP> d-------- C:\WINDOWS\Sun
2007-11-02 11:49 <REP> d-------- C:\Documents and Settings\admin\Application Data\sansendommagement
2007-11-02 11:44 <REP> d-------- C:\Program Files\Fichiers communs\SansenDommagement
2007-11-02 11:44 <REP> dr------- C:\Documents and Settings\All Users\Application Data\sansendommagement
2007-10-28 13:49 <REP> d-------- C:\Documents and Settings\All Users\Application Data\OrbNetworks

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-12 17:20 313,440 ----a-w C:\WINDOWS\system32\vtutu.dll
2007-11-12 17:15 --------- d-----w C:\Program Files\Steam
2007-11-11 18:26 --------- d-----w C:\Documents and Settings\admin\Application Data\LimeWire
2007-11-11 15:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-10 21:45 --------- d-----w C:\Program Files\TuneUp Utilities 2007
2007-11-10 10:23 --------- d-----w C:\Program Files\Warcraft III
2007-11-01 11:05 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2007-11-01 11:05 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
2007-10-28 13:27 --------- d-----w C:\Program Files\Winamp
2007-10-24 18:01 --------- d-----w C:\Program Files\mIRC
2007-10-13 09:33 --------- d-----w C:\Program Files\World of Warcraft
2007-10-10 10:57 --------- d-----w C:\Program Files\Java
2007-10-09 15:45 --------- d-----w C:\Program Files\Fichiers communs\Java
2007-09-23 14:25 --------- d-----w C:\Documents and Settings\admin\Application Data\teamspeak2
2007-09-21 12:34 47,104 ----a-w C:\WINDOWS\system32\KMVIDC32.DLL
2007-09-14 11:11 --------- d-----w C:\Program Files\Alwil Software
2007-09-06 10:09 801,144 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
.

((((((((((((((((((((((((((((( snapshot@2007-11-11_16.45.03.28 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-11 18:19:43 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\NtUser.dat
+ 2007-08-09 12:04:11 40,768 ----a-w C:\WINDOWS\system32\drivers\avgntdd.sys
+ 2007-07-18 13:22:19 21,312 ----a-w C:\WINDOWS\system32\drivers\avgntmgr.sys
+ 2007-11-11 18:38:39 61,632 ----a-w C:\WINDOWS\system32\drivers\avipbb.sys
+ 2007-03-01 09:34:36 28,352 ----a-w C:\WINDOWS\system32\drivers\ssmdrv.sys
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{01CD0B31-9154-45F2-9414-F5D64B74EAF6}]
2007-11-11 16:46 36352 --a------ C:\WINDOWS\system32\iifdaxy.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0D39A900-0F3A-4C29-A254-3E65244FDC34}]
C:\Program Files\ContextTool\ContextTool-1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{34C29F9E-2833-435A-AD35-B5D1F06BFD4F}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{430CEFA0-6918-4E48-92CE-8A2CC2BC8270}]
C:\Program Files\Messenger\hoqezikC:\WINDOWS\system32\k1\jumper83122.exe.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5b3f3836-1d56-44c1-9a80-28de8eabc1e2}]
C:\WINDOWS\system32\pxlaotpc.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FE0D3C52-0C72-491C-B915-C491FE184DD3}]
C:\WINDOWS\system32\pmkhi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-18 09:00]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2005-07-26 08:54]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-20 05:05]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-04-20 05:05]
"SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2005-01-24 18:58]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"Host Process"="C:\WINDOWS\Fonts\svchost.exe" []
"d83453f0"="C:\WINDOWS\system32\lhaxdlpt.dll" []
"QuickTime Task"="C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" [2007-04-27 08:41]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-11-11 19:38]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55]
"Steam"="c:\program files\steam\steam.exe" [2007-10-05 15:34]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-07-06 18:59]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-07-06 18:59:25]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-07-06 18:58:26]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{01CD0B31-9154-45F2-9414-F5D64B74EAF6}"= C:\WINDOWS\system32\iifdaxy.dll [2007-11-11 16:46 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\eogbpqvj]
eogbpqvj.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iifdaxy]
iifdaxy.dll 2007-11-11 16:46 36352 C:\WINDOWS\system32\iifdaxy.dll

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe -k netsvcs
R3 AEAudioService;AEAudio Service;C:\WINDOWS\system32\drivers\AEAudio.sys
R3 TNET1130;IEEE 802.11g Wireless Cardbus/PCI Adapter;C:\WINDOWS\system32\DRIVERS\tnet1130.sys

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-11-09 16:15:00 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
.
**************************************************************************

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-12 18:21:31
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-12 18:22:15
C:\ComboFix2.txt ... 2007-11-11 20:45
.
--- E O F ---



et hijackthis


Logfile of HijackThis v1.99.1
Scan saved at 18:23:34, on 12/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\admin\Mes documents\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?linkid=677
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {01CD0B31-9154-45F2-9414-F5D64B74EAF6} - C:\WINDOWS\system32\iifdaxy.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-1.dll (file missing)
O2 - BHO: (no name) - {34C29F9E-2833-435A-AD35-B5D1F06BFD4F} - (no file)
O2 - BHO: (no name) - {430CEFA0-6918-4E48-92CE-8A2CC2BC8270} - C:\Program Files\Messenger\hoqezikC:\WINDOWS\system32\k1\jumper83122.exe.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: {2e1cbae8-ed82-08a9-1c44-65d16383f3b5} - {5b3f3836-1d56-44c1-9a80-28de8eabc1e2} - C:\WINDOWS\system32\pxlaotpc.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {FE0D3C52-0C72-491C-B915-C491FE184DD3} - C:\WINDOWS\system32\pmkhi.dll (file missing)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Host Process] C:\WINDOWS\Fonts\svchost.exe
O4 - HKLM\..\Run: [d83453f0] rundll32.exe "C:\WINDOWS\system32\lhaxdlpt.dll",b
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/webplayer [...] taller.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O18 - Protocol: bw+0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: eogbpqvj - eogbpqvj.dll (file missing)
O20 - Winlogon Notify: iifdaxy - C:\WINDOWS\SYSTEM32\iifdaxy.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

je refait un scan combfix avec le txt en moins ?

voila le re scan sans la faute de frappe

ComboFix 07-11-08.1 - admin 2007-11-12 19:39:37.4 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1571 [GMT 1:00]
Running from: C:\Documents and Settings\admin\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\admin\Bureau\CFScript.txt
* Created a new restore point
.

((((((((((((((((((((((((((((( Fichiers créés 2007-10-12 to 2007-11-12 ))))))))))))))))))))))))))))))))))))
.

2007-11-11 19:26 <REP> d-------- C:\Program Files\Avira
2007-11-11 19:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2007-11-11 16:51 6,465 ---hs---- C:\WINDOWS\system32\ihkmp.bak1
2007-11-11 16:46 36,352 --a------ C:\WINDOWS\system32\iifdaxy.dll
2007-11-11 16:36 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-11 15:16 <REP> d-------- C:\WINDOWS\system32\rMa06yy
2007-11-11 15:16 <REP> d-------- C:\Temp\abW9
2007-11-11 15:16 <REP> d-------- C:\Temp
2007-11-11 15:16 225,290 --a------ C:\Temp\e002A477.exe
2007-11-11 13:56 <REP> d-------- C:\WINDOWS\AU_Temp
2007-11-11 03:07 <REP> d-------- C:\WINDOWS\report
2007-11-11 03:06 <REP> d-------- C:\WINDOWS\AU_Backup
2007-11-11 03:06 1,163,344 --a------ C:\WINDOWS\vsapi32.dll
2007-11-11 03:06 267,845 --a------ C:\WINDOWS\tsc.exe
2007-11-11 03:06 86,094 --a------ C:\WINDOWS\BPMNT.dll
2007-11-11 03:06 71,749 --a------ C:\WINDOWS\hcextoutput.dll
2007-11-11 03:01 <REP> d-------- C:\WINDOWS\AU_Log
2007-11-11 03:01 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL
2007-11-11 03:01 286,720 --a------ C:\WINDOWS\PATCH.EXE
2007-11-11 03:01 69,689 --a------ C:\WINDOWS\UNZIP.DLL
2007-11-11 00:05 36,352 --a------ C:\WINDOWS\system32\cbxxyvu.dll
2007-11-10 22:35 24,064 --a------ C:\WINDOWS\system32\msxml3a.dll
2007-11-10 10:28 36,352 --a------ C:\WINDOWS\system32\awtqomn.dll
2007-11-09 15:46 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll
2007-11-09 15:43 134 --a------ C:\n.bat
2007-11-09 15:42 35,328 --a------ C:\WINDOWS\system32\nnnonkh.dll
2007-11-09 15:42 262 --a------ C:\Documents and Settings\admin\z.dat
2007-11-09 15:42 0 --a------ C:\Documents and Settings\admin\x.dat
2007-11-09 15:39 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-07 12:02 <REP> d-------- C:\WINDOWS\Sun
2007-11-02 11:49 <REP> d-------- C:\Documents and Settings\admin\Application Data\sansendommagement
2007-11-02 11:44 <REP> d-------- C:\Program Files\Fichiers communs\SansenDommagement
2007-11-02 11:44 <REP> dr------- C:\Documents and Settings\All Users\Application Data\sansendommagement
2007-10-28 13:49 <REP> d-------- C:\Documents and Settings\All Users\Application Data\OrbNetworks

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-12 17:15 --------- d-----w C:\Program Files\Steam
2007-11-11 18:26 --------- d-----w C:\Documents and Settings\admin\Application Data\LimeWire
2007-11-11 15:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-10 21:45 --------- d-----w C:\Program Files\TuneUp Utilities 2007
2007-11-10 10:23 --------- d-----w C:\Program Files\Warcraft III
2007-11-01 11:05 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2007-11-01 11:05 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
2007-10-28 13:27 --------- d-----w C:\Program Files\Winamp
2007-10-24 18:01 --------- d-----w C:\Program Files\mIRC
2007-10-13 09:33 --------- d-----w C:\Program Files\World of Warcraft
2007-10-10 10:57 --------- d-----w C:\Program Files\Java
2007-10-09 15:45 --------- d-----w C:\Program Files\Fichiers communs\Java
2007-09-23 14:25 --------- d-----w C:\Documents and Settings\admin\Application Data\teamspeak2
2007-09-21 12:34 47,104 ----a-w C:\WINDOWS\system32\KMVIDC32.DLL
2007-09-14 11:11 --------- d-----w C:\Program Files\Alwil Software
2007-09-06 10:09 801,144 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
.

((((((((((((((((((((((((((((( snapshot@2007-11-11_16.45.03.28 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-11 18:19:43 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\NtUser.dat
+ 2007-08-09 12:04:11 40,768 ----a-w C:\WINDOWS\system32\drivers\avgntdd.sys
+ 2007-07-18 13:22:19 21,312 ----a-w C:\WINDOWS\system32\drivers\avgntmgr.sys
+ 2007-11-11 18:38:39 61,632 ----a-w C:\WINDOWS\system32\drivers\avipbb.sys
+ 2007-03-01 09:34:36 28,352 ----a-w C:\WINDOWS\system32\drivers\ssmdrv.sys
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{01CD0B31-9154-45F2-9414-F5D64B74EAF6}]
2007-11-11 16:46 36352 --a------ C:\WINDOWS\system32\iifdaxy.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0D39A900-0F3A-4C29-A254-3E65244FDC34}]
C:\Program Files\ContextTool\ContextTool-1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{34C29F9E-2833-435A-AD35-B5D1F06BFD4F}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{430CEFA0-6918-4E48-92CE-8A2CC2BC8270}]
C:\Program Files\Messenger\hoqezikC:\WINDOWS\system32\k1\jumper83122.exe.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5b3f3836-1d56-44c1-9a80-28de8eabc1e2}]
C:\WINDOWS\system32\pxlaotpc.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FE0D3C52-0C72-491C-B915-C491FE184DD3}]
C:\WINDOWS\system32\pmkhi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-18 09:00]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2005-07-26 08:54]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-20 05:05]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-04-20 05:05]
"SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2005-01-24 18:58]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"Host Process"="C:\WINDOWS\Fonts\svchost.exe" []
"d83453f0"="C:\WINDOWS\system32\lhaxdlpt.dll" []
"QuickTime Task"="C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" [2007-04-27 08:41]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-11-11 19:38]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55]
"Steam"="c:\program files\steam\steam.exe" [2007-10-05 15:34]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-07-06 18:59]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-07-06 18:59:25]
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [2007-07-06 18:58:26]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{01CD0B31-9154-45F2-9414-F5D64B74EAF6}"= C:\WINDOWS\system32\iifdaxy.dll [2007-11-11 16:46 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\eogbpqvj]
eogbpqvj.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iifdaxy]
iifdaxy.dll 2007-11-11 16:46 36352 C:\WINDOWS\system32\iifdaxy.dll

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe -k netsvcs
R3 AEAudioService;AEAudio Service;C:\WINDOWS\system32\drivers\AEAudio.sys
R3 TNET1130;IEEE 802.11g Wireless Cardbus/PCI Adapter;C:\WINDOWS\system32\DRIVERS\tnet1130.sys

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-11-09 16:15:00 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
.
**************************************************************************

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-12 19:41:01
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-12 19:41:40
C:\ComboFix2.txt ... 2007-11-12 18:22
C:\ComboFix3.txt ... 2007-11-11 20:45
.
--- E O F ---

Tu as mis quoi dans le fichier CFScript ?

Tu l'as bien mis dans Combofix par un glisser-déposer ? Ton antivirus était bien désactivé ?

Recommence avec AntiVir désactivé.

Voila le rapport avec antivir en inatif

ComboFix 07-11-08.1 - admin 2007-11-14 11:55:36.5 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1515 [GMT 1:00]
Running from: C:\Documents and Settings\admin\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\admin\Bureau\CFScript.txt
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\ihkmp.bak1
C:\WINDOWS\system32\ihkmp.ini
C:\WINDOWS\system32\jjllm.ini
C:\WINDOWS\system32\jjllm.ini2
C:\WINDOWS\system32\mlljj.dll

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-10-14 to 2007-11-14 ))))))))))))))))))))))))))))))))))))
.

2007-11-11 19:26 <REP> d-------- C:\Program Files\Avira
2007-11-11 19:26 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2007-11-11 16:46 36,352 --a------ C:\WINDOWS\system32\iifdaxy.dll
2007-11-11 16:36 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-11 15:16 <REP> d-------- C:\WINDOWS\system32\rMa06yy
2007-11-11 15:16 <REP> d-------- C:\Temp\abW9
2007-11-11 15:16 <REP> d-------- C:\Temp
2007-11-11 15:16 225,290 --a------ C:\Temp\e002A477.exe
2007-11-11 13:56 <REP> d-------- C:\WINDOWS\AU_Temp
2007-11-11 03:07 <REP> d-------- C:\WINDOWS\report
2007-11-11 03:06 <REP> d-------- C:\WINDOWS\AU_Backup
2007-11-11 03:06 1,163,344 --a------ C:\WINDOWS\vsapi32.dll
2007-11-11 03:06 267,845 --a------ C:\WINDOWS\tsc.exe
2007-11-11 03:06 86,094 --a------ C:\WINDOWS\BPMNT.dll
2007-11-11 03:06 71,749 --a------ C:\WINDOWS\hcextoutput.dll
2007-11-11 03:01 <REP> d-------- C:\WINDOWS\AU_Log
2007-11-11 03:01 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL
2007-11-11 03:01 286,720 --a------ C:\WINDOWS\PATCH.EXE
2007-11-11 03:01 69,689 --a------ C:\WINDOWS\UNZIP.DLL
2007-11-11 00:05 36,352 --a------ C:\WINDOWS\system32\cbxxyvu.dll
2007-11-10 22:35 24,064 --a------ C:\WINDOWS\system32\msxml3a.dll
2007-11-10 10:28 36,352 --a------ C:\WINDOWS\system32\awtqomn.dll
2007-11-09 15:46 147,456 --a------ C:\WINDOWS\system32\vbzip10.dll
2007-11-09 15:43 134 --a------ C:\n.bat
2007-11-09 15:42 35,328 --a------ C:\WINDOWS\system32\nnnonkh.dll
2007-11-09 15:42 262 --a------ C:\Documents and Settings\admin\z.dat
2007-11-09 15:42 0 --a------ C:\Documents and Settings\admin\x.dat
2007-11-09 15:39 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-07 12:02 <REP> d-------- C:\WINDOWS\Sun
2007-11-02 11:49 <REP> d-------- C:\Documents and Settings\admin\Application Data\sansendommagement
2007-11-02 11:44 <REP> d-------- C:\Program Files\Fichiers communs\SansenDommagement
2007-11-02 11:44 <REP> dr------- C:\Documents and Settings\All Users\Application Data\sansendommagement
2007-10-28 13:49 <REP> d-------- C:\Documents and Settings\All Users\Application Data\OrbNetworks

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-14 11:01 --------- d-----w C:\Program Files\Steam
2007-11-14 10:56 --------- d-----w C:\Program Files\World of Warcraft
2007-11-11 18:26 --------- d-----w C:\Documents and Settings\admin\Application Data\LimeWire
2007-11-11 15:00 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-10 21:45 --------- d-----w C:\Program Files\TuneUp Utilities 2007
2007-11-10 10:23 --------- d-----w C:\Program Files\Warcraft III
2007-11-01 11:05 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2007-11-01 11:05 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
2007-10-28 13:27 --------- d-----w C:\Program Files\Winamp
2007-10-24 18:01 --------- d-----w C:\Program Files\mIRC
2007-10-10 10:57 --------- d-----w C:\Program Files\Java
2007-10-09 15:45 --------- d-----w C:\Program Files\Fichiers communs\Java
2007-09-23 14:25 --------- d-----w C:\Documents and Settings\admin\Application Data\teamspeak2
2007-09-21 12:34 47,104 ----a-w C:\WINDOWS\system32\KMVIDC32.DLL
2007-09-14 11:11 --------- d-----w C:\Program Files\Alwil Software
2007-09-06 10:09 801,144 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
.

((((((((((((((((((((((((((((( snapshot@2007-11-11_16.45.03.28 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-11 18:19:43 262,144 ----a-w C:\WINDOWS\system32\config\systemprofile\NtUser.dat
+ 2007-08-09 12:04:11 40,768 ----a-w C:\WINDOWS\system32\drivers\avgntdd.sys
+ 2007-07-18 13:22:19 21,312 ----a-w C:\WINDOWS\system32\drivers\avgntmgr.sys
+ 2007-11-11 18:38:39 61,632 ----a-w C:\WINDOWS\system32\drivers\avipbb.sys
+ 2007-03-01 09:34:36 28,352 ----a-w C:\WINDOWS\system32\drivers\ssmdrv.sys
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{01CD0B31-9154-45F2-9414-F5D64B74EAF6}]
2007-11-11 16:46 36352 --a------ C:\WINDOWS\system32\iifdaxy.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0D39A900-0F3A-4C29-A254-3E65244FDC34}]
C:\Program Files\ContextTool\ContextTool-1.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{34C29F9E-2833-435A-AD35-B5D1F06BFD4F}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{430CEFA0-6918-4E48-92CE-8A2CC2BC8270}]
C:\Program Files\Messenger\hoqezikC:\WINDOWS\system32\k1\jumper83122.exe.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5b3f3836-1d56-44c1-9a80-28de8eabc1e2}]
C:\WINDOWS\system32\pxlaotpc.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FE0D3C52-0C72-491C-B915-C491FE184DD3}]
C:\WINDOWS\system32\pmkhi.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2005-05-18 09:00]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2005-07-26 08:54]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-04-20 05:05]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-04-20 05:05]
"SsAAD.exe"="C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe" [2005-01-24 18:58]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"Host Process"="C:\WINDOWS\Fonts\svchost.exe" []
"d83453f0"="C:\WINDOWS\system32\lhaxdlpt.dll" []
"QuickTime Task"="C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" [2007-04-27 08:41]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-11-11 19:38]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55]
"Steam"="c:\program files\steam\steam.exe" [2007-10-05 15:34]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-07-06 18:59]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{01CD0B31-9154-45F2-9414-F5D64B74EAF6}"= C:\WINDOWS\system32\iifdaxy.dll [2007-11-11 16:46 36352]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\eogbpqvj]
eogbpqvj.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iifdaxy]
iifdaxy.dll 2007-11-11 16:46 36352 C:\WINDOWS\system32\iifdaxy.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\mlljj.dll

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-11-09 16:15:00 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe
.
**************************************************************************

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-14 12:01:19
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-14 12:03:03 - machine was rebooted
C:\ComboFix2.txt ... 2007-11-12 19:41
C:\ComboFix3.txt ... 2007-11-12 18:22
.
--- E O F ---

Il n'y a rien dans Cavenger.txt ...

et hijackthis donne ca

Logfile of HijackThis v1.99.1
Scan saved at 18:09:07, on 14/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\admin\Mes documents\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?linkid=677
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {01CD0B31-9154-45F2-9414-F5D64B74EAF6} - C:\WINDOWS\system32\iifdaxy.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-1.dll (file missing)
O2 - BHO: (no name) - {34C29F9E-2833-435A-AD35-B5D1F06BFD4F} - (no file)
O2 - BHO: (no name) - {430CEFA0-6918-4E48-92CE-8A2CC2BC8270} - C:\Program Files\Messenger\hoqezikC:\WINDOWS\system32\k1\jumper83122.exe.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: {2e1cbae8-ed82-08a9-1c44-65d16383f3b5} - {5b3f3836-1d56-44c1-9a80-28de8eabc1e2} - C:\WINDOWS\system32\pxlaotpc.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {FE0D3C52-0C72-491C-B915-C491FE184DD3} - C:\WINDOWS\system32\pmkhi.dll (file missing)
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Host Process] C:\WINDOWS\Fonts\svchost.exe
O4 - HKLM\..\Run: [d83453f0] rundll32.exe "C:\WINDOWS\system32\lhaxdlpt.dll",b
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/webplayer [...] taller.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O18 - Protocol: bw+0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {467C4ECA-7B23-42A5-80F2-43533FC381C8} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: eogbpqvj - eogbpqvj.dll (file missing)
O20 - Winlogon Notify: iifdaxy - C:\WINDOWS\SYSTEM32\iifdaxy.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe

Oui, avec les txt plus haut ou sans rien ?

Analyse le fichier ci-dessous chez VirusTotal puis poste le rapport :
C:\WINDOWS\system32\drivers\wowtymcy.sys

Tu as accès aux fichiers cachés ?