Je pense être infesté par un virus ... [Résolu]

Bonsoir,

J'ai quelques soucis avec mon pc, puisque parfois mon internet explorer se plante sans aucune raisons.

Voila mon rapport Hijackthis:
Si vous pouviez y jeter un coup d'oeil sa me soulagerai ...


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:31:12, on 15/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
D:\Dossier Julien\Logiciels\Logiciels\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
D:\Dossier Julien\Logiciels\Logiciels\Kerio\kpf4ss.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
D:\Dossier Julien\Logiciels\Logiciels\Kerio\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Dossier Julien\Logiciels\Logiciels\Kerio\kpf4gui.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
D:\Dossier Julien\Logiciels\Logiciels\Satsuki Decoder Pack\mpc\mplayerc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adssite Search Assistant - {1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} - C:\WINDOWS\system32\adssite_sidebar.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {971C3384-F75E-4562-95B3-CBE7417529BC} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Adssite Toolbar - {41C29B07-6F91-4966-91BE-2E2841643C83} - C:\Program Files\Adssite Advanced Toolbar\toolbar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Dossier Julien\Logiciels\Logiciels\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [hid_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\gzmrotate.dll" DllVerify
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [ccleaner] "D:\Dossier Julien\Logiciels\Logiciels\CCleaner\ccleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: hpothb07.dat (User 'Default user')
O4 - .DEFAULT User Startup: hpothb07.tif (User 'Default user')
O4 - Global Startup: officejet 6100.lnk = ?
O8 - Extra context menu item: &Clean Traces - D:\Dossier Julien\Logiciels\Logiciels\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - D:\Dossier Julien\Logiciels\Logiciels\DAP\dapextie.htm
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Download &all with DAP - D:\Dossier Julien\Logiciels\Logiciels\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger les tous avec Free Download Manager - file://D:\Dossier Julien\Logiciels\Free Download Manager\dlselected.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\$hf_mig$\KB887472\SP2QFE\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\$hf_mig$\KB887472\SP2QFE\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mut: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .xmz: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: Interface Chat Voila - http://chat9.x-echo.com/version7/Applet/vchatsign.cab
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://regulus.upmf-grenoble.fr/qp2.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game09.zylom.com/activex/zylomgamesplayer.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{83485FC9-4DF6-469F-B069-B3CA96DADC4D}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Dossier Julien\Logiciels\Logiciels\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - D:\Dossier Julien\Logiciels\Logiciels\Kerio\kpf4ss.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe (file missing)

--
End of file - 9148 bytes

ComboFix 07-12-15.5 - Utilisateur 2007-12-15 19:43:34.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.595 [GMT 1:00]
Running from: C:\Documents and Settings\Utilisateur\Bureau\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((( Fichiers créés 2007-11-15 to 2007-12-15 ))))))))))))))))))))))))))))))))))))
.

2007-12-15 17:30 . 2007-12-15 17:30 <REP> d-------- C:\Program Files\Trend Micro
2007-12-15 13:10 . 2007-12-15 13:10 <REP> d-------- C:\Documents and Settings\Utilisateur\Application Data\Jane s Hotel
2007-12-15 13:09 . 2007-12-15 17:29 <REP> d-------- C:\Program Files\Zylom Games
2007-12-15 11:46 . 2007-12-15 17:30 <REP> d-------- C:\Documents and Settings\Utilisateur\Application Data\PlayFirst
2007-12-15 11:46 . 2007-12-15 17:30 <REP> d-------- C:\Documents and Settings\All Users\Application Data\PlayFirst
2007-12-12 15:38 . 2007-12-12 15:38 <REP> d-------- C:\Program Files\Winamp Toolbar
2007-12-12 15:38 . 2007-12-12 15:38 <REP> d-------- C:\Program Files\Winamp Remote
2007-12-12 15:38 . 2007-12-12 15:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Winamp Toolbar
2007-12-12 15:38 . 2007-12-12 15:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\OrbNetworks
2007-12-12 15:30 . 2007-12-12 15:53 <REP> d-------- C:\Program Files\Winamp
2007-12-12 15:30 . 2007-12-12 15:54 <REP> d-------- C:\Documents and Settings\Utilisateur\Application Data\Winamp
2007-12-10 19:52 . 2007-12-10 19:52 303,104 --a------ C:\WINDOWS\system32\adssite_sidebar.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-15 16:30 --------- d-----w C:\Documents and Settings\Utilisateur\Application Data\Zylom
2007-12-15 10:37 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-14 18:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2007-12-12 15:29 --------- d-----w C:\Documents and Settings\Utilisateur\Application Data\LimeWire
2007-12-12 14:27 --------- d-----w C:\Program Files\World of Warcraft
2007-12-11 16:32 59,223 ----a-w C:\WINDOWS\system32\adssite_sidebar_uninstall.exe
2007-12-10 18:21 --------- d-----w C:\Program Files\Wanadoo
2007-12-09 19:04 --------- d-----w C:\Documents and Settings\Utilisateur\Application Data\OpenOffice.org2
2007-12-04 14:56 93,264 -c--a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-11-13 10:25 20,480 ------w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-04 10:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Zylom
2007-11-01 08:34 --------- d-----w C:\Program Files\Alcohol Soft
2007-11-01 08:00 685,816 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2007-11-01 07:49 --------- d-----w C:\Program Files\WinISO
2007-10-31 17:13 --------- d-----w C:\Program Files\MediaCoder
2007-10-31 13:40 --------- d-----w C:\Program Files\Smart Projects
2007-10-30 17:13 --------- d-----w C:\Program Files\InterLok
2007-10-29 22:43 1,293,824 ------w C:\WINDOWS\system32\quartz.dll
2007-10-29 17:43 --------- d-----w C:\Program Files\Blender Foundation
2007-10-29 17:40 --------- d-----w C:\Documents and Settings\Utilisateur\Application Data\gtk-2.0
2007-10-27 19:54 --------- d-----w C:\Program Files\Picasa2
2007-10-26 19:15 --------- d-----w C:\Documents and Settings\Utilisateur\Application Data\EasyView
2007-10-26 17:50 --------- d-----w C:\Program Files\Artoonix
2007-10-25 18:36 32,336 -c--a-w C:\Documents and Settings\Utilisateur\Application Data\GDIPFONTCACHEV1.DAT
2007-10-25 17:28 --------- d-----w C:\Program Files\Arturia
2007-10-25 08:28 222,720 ------w C:\WINDOWS\system32\wmasf.dll
2007-10-20 20:27 --------- d-----w C:\Program Files\emagic
2007-10-20 15:06 --------- d-----w C:\Program Files\Fichiers communs\xing shared
2007-10-20 15:06 --------- d-----w C:\Program Files\Fichiers communs\Real
2007-10-20 10:24 --------- d-----w C:\Program Files\Clavia
2007-10-19 22:23 --------- d-----w C:\Documents and Settings\Utilisateur\Application Data\Clavia
2007-10-18 16:44 --------- d-----w C:\Program Files\Pro-53
2007-10-16 16:30 --------- d-----w C:\Documents and Settings\Utilisateur\Application Data\Propellerhead Software
2007-10-16 16:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Propellerhead Software
2007-10-15 20:13 --------- d-----w C:\Program Files\Way Out Ware
2007-10-11 18:58 786 ---ha-w C:\hpothb07.dat
2007-02-12 15:02 81,920 ----a-w C:\Documents and Settings\Utilisateur\Application Data\ezpinst.exe
2007-02-12 15:02 47,360 -c--a-w C:\Documents and Settings\Utilisateur\Application Data\pcouffin.sys
2007-01-20 14:43 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2006-06-21 12:08 560 -c--a-w C:\Documents and Settings\Utilisateur\Application Data\ViewerApp.dat
2006-06-17 06:10 0 -c-ha-w C:\Documents and Settings\Utilisateur\hpothb07.dat
2006-05-12 20:39 0 -c-ha-w C:\Documents and Settings\Utilisateur\Application Data\hpothb07.dat
2006-05-12 20:38 0 -c-ha-w C:\Documents and Settings\NetworkService\hpothb07.dat
2006-05-12 20:38 0 -c-ha-w C:\Documents and Settings\LocalService\hpothb07.dat
2006-05-12 20:37 0 -c-ha-w C:\Documents and Settings\Default User\hpothb07.dat
2006-05-12 20:37 0 -c-ha-w C:\Documents and Settings\Default User\Application Data\hpothb07.dat
2006-05-12 20:37 0 -c-ha-w C:\Documents and Settings\All Users\Application Data\hpothb07.dat
.

((((((((((((((((((((((((((((( snapshot@2007-12-09_19.51.45.39 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-07-06 09:52:38 72,960 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqac.sys
+ 2007-07-06 13:09:51 138,240 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqad.dll
+ 2007-07-06 13:09:51 47,104 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqdscli.dll
+ 2007-07-06 13:09:51 16,896 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqise.dll
+ 2007-07-06 13:09:51 660,992 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqqm.dll
+ 2007-07-06 13:09:51 177,152 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqrt.dll
+ 2007-07-06 13:09:51 95,744 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqsec.dll
+ 2007-07-06 13:09:51 48,640 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqupgrd.dll
+ 2007-07-06 13:09:51 527,360 ----a-w C:\WINDOWS\$hf_mig$\KB937894\SP2QFE\mqutil.dll
+ 2005-10-12 23:15:25 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB937894\spmsg.dll
+ 2005-10-12 23:15:26 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB937894\spuninst.exe
+ 2005-10-12 23:15:25 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\spcustom.dll
+ 2005-10-12 23:15:28 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\update.exe
+ 2005-10-12 23:15:45 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB937894\update\updspapi.dll
+ 2007-10-29 22:36:31 1,293,824 ----a-w C:\WINDOWS\$hf_mig$\KB941568\SP2QFE\quartz.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB941568\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB941568\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB941568\update\updspapi.dll
+ 2007-10-11 05:59:18 1,024,512 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\browseui.dll
+ 2007-10-11 05:59:18 152,064 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\cdfview.dll
+ 2007-10-11 05:59:21 1,056,768 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\danim.dll
+ 2007-10-11 05:59:22 357,888 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\dxtmsft.dll
+ 2007-10-11 05:59:22 205,824 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\dxtrans.dll
+ 2007-10-11 05:59:22 55,808 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\extmgr.dll
+ 2007-10-10 10:48:23 18,432 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\iedw.exe
+ 2007-10-11 05:59:22 251,904 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\iepeers.dll
+ 2007-10-11 05:59:22 96,768 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\inseng.dll
+ 2007-10-11 05:59:22 16,384 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\jsproxy.dll
+ 2007-10-30 09:57:54 3,086,848 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\mshtml.dll
+ 2007-10-11 05:59:26 449,024 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\mshtmled.dll
+ 2007-10-11 05:59:26 146,432 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\msrating.dll
+ 2007-10-11 05:59:27 532,480 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\mstime.dll
+ 2007-10-11 05:59:27 39,424 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\pngfilt.dll
+ 2007-10-11 05:59:28 1,498,624 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\shdocvw.dll
+ 2007-10-11 05:59:28 474,624 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\shlwapi.dll
+ 2007-10-10 23:36:44 369,152 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\spru040c.dll
+ 2007-10-11 05:59:29 620,032 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\urlmon.dll
+ 2007-10-11 05:59:29 670,208 ----a-w C:\WINDOWS\$hf_mig$\KB942615\SP2QFE\wininet.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB942615\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB942615\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942615\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB942615\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB942615\update\updspapi.dll
+ 2007-11-13 11:02:46 60,416 ----a-w C:\WINDOWS\$hf_mig$\KB942763\SP2QFE\tzchange.exe
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB942763\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB942763\update\updspapi.dll
+ 2007-11-14 07:19:25 450,560 ----a-w C:\WINDOWS\$hf_mig$\KB942840\SP2QFE\jscript.dll
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB942840\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB942840\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB942840\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB942840\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB942840\update\updspapi.dll
+ 2007-11-13 08:47:45 20,480 ----a-w C:\WINDOWS\$hf_mig$\KB944653\SP2QFE\secdrv.sys
+ 2007-03-06 01:34:33 15,072 ----a-w C:\WINDOWS\$hf_mig$\KB944653\spmsg.dll
+ 2007-03-06 01:34:38 216,800 ----a-w C:\WINDOWS\$hf_mig$\KB944653\spuninst.exe
+ 2007-03-06 01:34:31 22,752 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\spcustom.dll
+ 2007-03-06 01:34:56 727,776 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\update.exe
+ 2007-03-06 01:35:48 394,976 ----a-w C:\WINDOWS\$hf_mig$\KB944653\update\updspapi.dll
- 2007-08-22 13:13:05 1,023,488 ------w C:\WINDOWS\system32\browseui.dll
+ 2007-10-11 06:13:38 1,024,000 ----a-w C:\WINDOWS\system32\browseui.dll
- 2007-08-22 13:13:05 152,064 ------w C:\WINDOWS\system32\cdfview.dll
+ 2007-10-11 06:13:38 152,064 ------w C:\WINDOWS\system32\cdfview.dll
- 2007-08-22 13:13:05 1,056,768 ------w C:\WINDOWS\system32\danim.dll
+ 2007-10-11 06:13:38 1,056,768 ------w C:\WINDOWS\system32\danim.dll
- 2007-08-22 13:13:05 1,023,488 -c----w C:\WINDOWS\system32\dllcache\browseui.dll
+ 2007-10-11 06:13:38 1,024,000 -c----w C:\WINDOWS\system32\dllcache\browseui.dll
- 2007-08-22 13:13:05 152,064 -c----w C:\WINDOWS\system32\dllcache\cdfview.dll
+ 2007-10-11 06:13:38 152,064 -c----w C:\WINDOWS\system32\dllcache\cdfview.dll
- 2007-08-22 13:13:05 1,056,768 -c----w C:\WINDOWS\system32\dllcache\danim.dll
+ 2007-10-11 06:13:38 1,056,768 -c----w C:\WINDOWS\system32\dllcache\danim.dll
- 2007-08-22 13:13:05 357,888 -c----w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2007-10-11 06:13:39 357,888 -c----w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2007-08-22 13:13:05 205,312 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2007-10-11 06:13:39 205,312 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2007-08-22 13:13:05 55,808 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2007-10-11 06:13:39 55,808 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2007-08-21 10:30:45 18,432 -c----w C:\WINDOWS\system32\dllcache\iedw.exe
+ 2007-10-10 11:16:27 18,432 -c----w C:\WINDOWS\system32\dllcache\iedw.exe
- 2007-08-22 13:13:05 251,392 -c----w C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2007-10-11 06:13:39 251,392 -c----w C:\WINDOWS\system32\dllcache\iepeers.dll
- 2007-08-22 13:13:06 96,768 -c----w C:\WINDOWS\system32\dllcache\inseng.dll
+ 2007-10-11 06:13:39 96,768 -c----w C:\WINDOWS\system32\dllcache\inseng.dll
- 2006-05-18 05:31:21 450,560 -c----w C:\WINDOWS\system32\dllcache\jscript.dll
+ 2007-11-14 07:28:02 450,560 -c----w C:\WINDOWS\system32\dllcache\jscript.dll
- 2007-08-22 13:13:06 16,384 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2007-10-11 06:13:39 16,384 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2004-08-03 21:58:22 72,960 -c----w C:\WINDOWS\system32\dllcache\mqac.sys
+ 2007-07-06 10:05:47 72,960 -c----w C:\WINDOWS\system32\dllcache\mqac.sys
+ 2007-07-06 12:50:47 138,240 -c----w C:\WINDOWS\system32\dllcache\mqad.dll
+ 2007-07-06 12:50:47 47,104 -c----w C:\WINDOWS\system32\dllcache\mqdscli.dll
+ 2007-07-06 12:50:47 16,896 -c----w C:\WINDOWS\system32\dllcache\mqise.dll
+ 2007-07-06 12:50:47 660,992 -c----w C:\WINDOWS\system32\dllcache\mqqm.dll
+ 2007-07-06 12:50:47 177,152 -c----w C:\WINDOWS\system32\dllcache\mqrt.dll
+ 2007-07-06 12:50:47 95,744 -c----w C:\WINDOWS\system32\dllcache\mqsec.dll
+ 2007-07-06 12:50:47 48,640 -c----w C:\WINDOWS\system32\dllcache\mqupgrd.dll
+ 2007-07-06 12:50:47 527,360 -c----w C:\WINDOWS\system32\dllcache\mqutil.dll
- 2007-08-22 13:13:07 3,079,168 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2007-10-30 10:18:16 3,079,680 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2007-08-22 13:13:07 449,024 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2007-10-11 06:13:40 449,024 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2007-08-22 13:13:07 146,432 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2007-10-11 06:13:40 146,432 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
- 2007-08-22 13:13:07 532,480 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2007-10-11 06:13:40 532,480 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
- 2007-08-22 13:13:07 39,424 -c----w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2007-10-11 06:13:40 39,424 -c----w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2007-10-29 22:43:32 1,293,824 -c----w C:\WINDOWS\system32\dllcache\quartz.dll
- 2007-08-22 13:13:08 1,495,040 -c----w C:\WINDOWS\system32\dllcache\shdocvw.dll
+ 2007-10-11 06:13:40 1,495,040 -c----w C:\WINDOWS\system32\dllcache\shdocvw.dll
- 2006-12-19 21:49:47 8,509,952 -c----w C:\WINDOWS\system32\dllcache\shell32.dll
+ 2007-10-25 16:56:24 8,510,976 -c----w C:\WINDOWS\system32\dllcache\shell32.dll
- 2007-08-22 13:13:08 474,624 -c----w C:\WINDOWS\system32\dllcache\shlwapi.dll
+ 2007-10-11 06:13:41 474,624 -c----w C:\WINDOWS\system32\dllcache\shlwapi.dll
- 2007-08-22 13:13:08 617,472 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2007-10-11 06:13:41 617,472 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2007-08-22 13:13:08 663,040 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2007-10-11 06:13:41 663,552 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
- 2006-10-18 20:47:18 222,208 -c----w C:\WINDOWS\system32\dllcache\WMASF.dll
+ 2007-10-25 08:28:30 222,720 -c----w C:\WINDOWS\system32\dllcache\wmasf.dll
- 2004-08-03 21:58:22 72,960 -c----w C:\WINDOWS\system32\drivers\mqac.sys
+ 2007-07-06 10:05:47 72,960 ------w C:\WINDOWS\system32\drivers\mqac.sys
- 2007-08-22 13:13:05 357,888 ------w C:\WINDOWS\system32\dxtmsft.dll
+ 2007-10-11 06:13:39 357,888 ------w C:\WINDOWS\system32\dxtmsft.dll
- 2007-08-22 13:13:05 205,312 ------w C:\WINDOWS\system32\dxtrans.dll
+ 2007-10-11 06:13:39 205,312 ------w C:\WINDOWS\system32\dxtrans.dll
- 2007-08-22 13:13:05 55,808 ------w C:\WINDOWS\system32\extmgr.dll
+ 2007-10-11 06:13:39 55,808 ------w C:\WINDOWS\system32\extmgr.dll
- 2007-02-06 19:19:59 1,490,024 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2007-12-10 17:27:19 1,489,944 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2007-08-22 13:13:05 251,392 ------w C:\WINDOWS\system32\iepeers.dll
+ 2007-10-11 06:13:39 251,392 ------w C:\WINDOWS\system32\iepeers.dll
- 2007-08-22 13:13:06 96,768 ------w C:\WINDOWS\system32\inseng.dll
+ 2007-10-11 06:13:39 96,768 ------w C:\WINDOWS\system32\inseng.dll
- 2006-05-18 05:31:21 450,560 ------w C:\WINDOWS\system32\jscript.dll
+ 2007-11-14 07:28:02 450,560 ------w C:\WINDOWS\system32\jscript.dll
- 2007-08-22 13:13:06 16,384 ------w C:\WINDOWS\system32\jsproxy.dll
+ 2007-10-11 06:13:39 16,384 ------w C:\WINDOWS\system32\jsproxy.dll
- 2004-08-19 15:09:32 138,240 ------w C:\WINDOWS\system32\mqad.dll
+ 2007-07-06 12:50:47 138,240 ------w C:\WINDOWS\system32\mqad.dll
- 2004-08-19 15:09:32 47,104 ------w C:\WINDOWS\system32\mqdscli.dll
+ 2007-07-06 12:50:47 47,104 ------w C:\WINDOWS\system32\mqdscli.dll
- 2004-08-19 15:09:32 16,896 ------w C:\WINDOWS\system32\mqise.dll
+ 2007-07-06 12:50:47 16,896 ------w C:\WINDOWS\system32\mqise.dll
- 2004-08-19 15:09:32 660,992 ------w C:\WINDOWS\system32\mqqm.dll
+ 2007-07-06 12:50:47 660,992 ------w C:\WINDOWS\system32\mqqm.dll
- 2004-08-19 15:09:32 177,152 ------w C:\WINDOWS\system32\mqrt.dll
+ 2007-07-06 12:50:47 177,152 ------w C:\WINDOWS\system32\mqrt.dll
- 2004-08-19 15:09:32 95,744 ------w C:\WINDOWS\system32\mqsec.dll
+ 2007-07-06 12:50:47 95,744 ------w C:\WINDOWS\system32\mqsec.dll
- 2004-08-19 15:09:34 48,640 ------w C:\WINDOWS\system32\mqupgrd.dll
+ 2007-07-06 12:50:47 48,640 ------w C:\WINDOWS\system32\mqupgrd.dll
- 2004-08-19 15:09:34 527,360 ------w C:\WINDOWS\system32\mqutil.dll
+ 2007-07-06 12:50:47 527,360 ------w C:\WINDOWS\system32\mqutil.dll
- 2007-09-28 05:19:39 18,089,592 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2007-12-02 23:00:05 18,684,536 ----a-w C:\WINDOWS\system32\MRT.exe
- 2007-08-22 13:13:07 3,079,168 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2007-10-30 10:18:16 3,079,680 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2007-08-22 13:13:07 449,024 ------w C:\WINDOWS\system32\mshtmled.dll
+ 2007-10-11 06:13:40 449,024 ------w C:\WINDOWS\system32\mshtmled.dll
- 2007-08-22 13:13:07 146,432 ------w C:\WINDOWS\system32\msrating.dll
+ 2007-10-11 06:13:40 146,432 ------w C:\WINDOWS\system32\msrating.dll
- 2007-08-22 13:13:07 532,480 ------w C:\WINDOWS\system32\mstime.dll
+ 2007-10-11 06:13:40 532,480 ------w C:\WINDOWS\system32\mstime.dll
- 2007-08-22 13:13:07 39,424 ------w C:\WINDOWS\system32\pngfilt.dll
+ 2007-10-11 06:13:40 39,424 ------w C:\WINDOWS\system32\pngfilt.dll
- 2007-08-22 13:13:08 1,495,040 ----a-w C:\WINDOWS\system32\shdocvw.dll
+ 2007-10-11 06:13:40 1,495,040 ----a-w C:\WINDOWS\system32\shdocvw.dll
- 2006-12-19 21:49:47 8,509,952 ------w C:\WINDOWS\system32\shell32.dll
+ 2007-10-25 16:56:24 8,510,976 ----a-w C:\WINDOWS\system32\shell32.dll
- 2007-08-22 13:13:08 474,624 ----a-w C:\WINDOWS\system32\shlwapi.dll
+ 2007-10-11 06:13:41 474,624 ----a-w C:\WINDOWS\system32\shlwapi.dll
- 2007-07-22 17:39:27 279,552 ----a-w C:\WINDOWS\system32\swreg.exe
+ 2007-12-13 20:26:50 156,160 ----a-w C:\WINDOWS\system32\swreg.exe
- 2007-07-18 12:42:22 60,416 ------w C:\WINDOWS\system32\tzchange.exe
+ 2007-11-13 11:31:11 60,416 ------w C:\WINDOWS\system32\tzchange.exe
- 2007-08-22 13:13:08 617,472 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2007-10-11 06:13:41 617,472 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2007-08-22 13:13:08 663,040 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2007-10-11 06:13:41 663,552 ----a-w C:\WINDOWS\system32\wininet.dll
- 2007-08-21 10:53:25 121,856 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2007-10-29 15:35:14 121,856 ----a-w C:\WINDOWS\system32\xpsp3res.dll
+ 2007-12-13 17:09:55 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_690.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1648E328-3E5A-4EA5-A9C6-E5F09EE272DA}]
2007-12-10 19:52 303104 --a------ C:\WINDOWS\system32\adssite_sidebar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
2007-10-04 21:06 1135968 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{971C3384-F75E-4562-95B3-CBE7417529BC}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11D4-9B18-009027A5CD4F}
{41C29B07-6F91-4966-91BE-2E2841643C83}
{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}

[HKEY_CLASSES_ROOT\clsid\{41c29b07-6f91-4966-91be-2e2841643c83}]
[HKEY_CLASSES_ROOT\CoolToolBar.IEBarLogic.1]
[HKEY_CLASSES_ROOT\TypeLib\{6B4FA1DD-A353-49F8-A650-79C21D6B4824}]
[HKEY_CLASSES_ROOT\CoolToolBar.IEBarLogic]

[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"="D:\Dossier Julien\Logiciels\Logiciels\CCleaner\ccleaner.exe" [2007-09-28 09:05]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-19 16:10 C:\WINDOWS\system32\rundll32.exe]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-05-21 18:11]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 14:28 C:\WINDOWS\soundman.exe]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 13:49]
"!AVG Anti-Spyware"="D:\Dossier Julien\Logiciels\Logiciels\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]
"hid_start"="C:\WINDOWS\System32\Rundll32.exe" [2004-08-19 16:10]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-10-20 16:06]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 16:09]

C:\Documents and Settings\Default User\Menu D‚marrer\Programmes\D‚marrage\
hpothb07.dat [2006-05-12 21:38:20]
hpothb07.tif [2006-05-12 21:38:20]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
officejet 6100.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe [2002-06-11 09:32:22]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="LogonUI.EXE"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Picture Package Menu.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Picture Package Menu.lnk
backup=C:\WINDOWS\pss\Picture Package Menu.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Picture Package VCD Maker.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Picture Package VCD Maker.lnk
backup=C:\WINDOWS\pss\Picture Package VCD Maker.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2005-06-23 19:33 57344 --a------ C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
C:\Program Files\Logitech\Video\ManifestEngine.exe boot

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 11:50 155648 --------- C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
SOUNDMAN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Valve\Steam\Steam.exe -silent

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot

R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys
R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys
R2 NMSAccessU;NMSAccessU;C:\Program Files\CDBurnerXP\NMSAccessU.exe
S3 oUltraf;oUltraf;\??\C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\oUltraf.sys
S3 SE2Bbus;Sony Ericsson Device 043 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\SE2Bbus.sys
S3 SE2Bmdfl;Sony Ericsson Device 043 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\SE2Bmdfl.sys
S3 SE2Bmdm;Sony Ericsson Device 043 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\SE2Bmdm.sys
S3 SE2Bmgmt;Sony Ericsson Device 043 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\SE2Bmgmt.sys
S3 se2Bnd5;Sony Ericsson Device 043 USB Ethernet Emulation SEMC43 (NDIS);C:\WINDOWS\system32\DRIVERS\se2Bnd5.sys
S3 se2Bunic;Sony Ericsson Device 043 USB Ethernet Emulation SEMC43 (WDM);C:\WINDOWS\system32\DRIVERS\se2Bunic.sys
S3 StMp3Rec;Pilote de périphérique de la restauration de lecteur;C:\WINDOWS\system32\Drivers\StMp3Rec.sys

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-12-11 05:35:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-12-15 11:54:00 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 2200 series#1146998818.job"
- C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe4-I
.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-15 19:50:38
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-15 19:52:43
C:\ComboFix2.txt ... 2007-12-09 19:53
.
2007-12-13 17:03:31 --- E O F ---


Et voila le rapport Hijack


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:48:06, on 15/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
D:\Dossier Julien\Logiciels\Logiciels\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\LVCOMSX.EXE
D:\Dossier Julien\Logiciels\Logiciels\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
D:\Dossier Julien\Logiciels\Logiciels\Kerio\kpf4ss.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
D:\Dossier Julien\Logiciels\Logiciels\Kerio\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Dossier Julien\Logiciels\Logiciels\Kerio\kpf4gui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adssite Search Assistant - {1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} - C:\WINDOWS\system32\adssite_sidebar.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {971C3384-F75E-4562-95B3-CBE7417529BC} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Adssite Toolbar - {41C29B07-6F91-4966-91BE-2E2841643C83} - C:\Program Files\Adssite Advanced Toolbar\toolbar.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Dossier Julien\Logiciels\Logiciels\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [hid_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\gzmrotate.dll" DllVerify
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ccleaner] "D:\Dossier Julien\Logiciels\Logiciels\CCleaner\ccleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: hpothb07.dat (User 'Default user')
O4 - .DEFAULT User Startup: hpothb07.tif (User 'Default user')
O4 - Global Startup: officejet 6100.lnk = ?
O8 - Extra context menu item: &Clean Traces - D:\Dossier Julien\Logiciels\Logiciels\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - D:\Dossier Julien\Logiciels\Logiciels\DAP\dapextie.htm
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Download &all with DAP - D:\Dossier Julien\Logiciels\Logiciels\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger les tous avec Free Download Manager - file://D:\Dossier Julien\Logiciels\Free Download Manager\dlselected.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\$hf_mig$\KB887472\SP2QFE\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\$hf_mig$\KB887472\SP2QFE\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mut: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .xmz: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: Interface Chat Voila - http://chat9.x-echo.com/version7/Applet/vchatsign.cab
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://regulus.upmf-grenoble.fr/qp2.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game09.zylom.com/activex/zylomgamesplayer.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{83485FC9-4DF6-469F-B069-B3CA96DADC4D}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Dossier Julien\Logiciels\Logiciels\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - D:\Dossier Julien\Logiciels\Logiciels\Kerio\kpf4ss.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe (file missing)

--
End of file - 9209 bytes


>Voila merci de ton aide

ComboFix 07-12-15.5 - Utilisateur 2007-12-15 22:06:57.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.759 [GMT 1:00]
Running from: C:\Documents and Settings\Utilisateur\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Utilisateur\Bureau\CFScript.txt
* Created a new restore point

FILE
C:\WINDOWS\system32\adssite_sidebar.dll
C:\WINDOWS\system32\adssite_sidebar_uninstall.exe
C:\WINDOWS\system32\gzmrotate.dll
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Adssite Advanced Toolbar
C:\Program Files\Adssite Advanced Toolbar\buttons.xml
C:\Program Files\Adssite Advanced Toolbar\search.xml
C:\Program Files\Adssite Advanced Toolbar\toolbar.dll
C:\Program Files\Adssite Advanced Toolbar\uninstall.exe
C:\WINDOWS\system32\adssite_sidebar.dll
C:\WINDOWS\system32\adssite_sidebar_uninstall.exe

.
((((((((((((((((((((((((((((( Fichiers créés 2007-11-15 to 2007-12-15 ))))))))))))))))))))))))))))))))))))
.

2007-12-15 17:30 . 2007-12-15 17:30 <REP> d-------- C:\Program Files\Trend Micro
2007-12-15 13:10 . 2007-12-15 13:10 <REP> d-------- C:\Documents and Settings\Utilisateur\Application Data\Jane s Hotel
2007-12-15 13:09 . 2007-12-15 17:29 <REP> d-------- C:\Program Files\Zylom Games
2007-12-15 11:46 . 2007-12-15 17:30 <REP> d-------- C:\Documents and Settings\Utilisateur\Application Data\PlayFirst
2007-12-15 11:46 . 2007-12-15 17:30 <REP> d-------- C:\Documents and Settings\All Users\Application Data\PlayFirst
2007-12-12 15:38 . 2007-12-12 15:38 <REP> d-------- C:\Program Files\Winamp Toolbar
2007-12-12 15:38 . 2007-12-12 15:38 <REP> d-------- C:\Program Files\Winamp Remote
2007-12-12 15:38 . 2007-12-12 15:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Winamp Toolbar
2007-12-12 15:38 . 2007-12-12 15:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\OrbNetworks
2007-12-12 15:30 . 2007-12-12 15:53 <REP> d-------- C:\Program Files\Winamp
2007-12-12 15:30 . 2007-12-12 15:54 <REP> d-------- C:\Documents and Settings\Utilisateur\Application Data\Winamp

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-15 18:55 --------- d-----w C:\Program Files\Wanadoo
2007-12-15 16:30 --------- d-----w C:\Documents and Settings\Utilisateur\Application Data\Zylom
2007-12-15 10:37 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-14 18:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2007-12-12 15:29 --------- d-----w C:\Documents and Settings\Utilisateur\Application Data\LimeWire
2007-12-12 14:27 --------- d-----w C:\Program Files\World of Warcraft
2007-12-09 19:04 --------- d-----w C:\Documents and Settings\Utilisateur\Application Data\OpenOffice.org2
2007-12-04 14:56 93,264 -c--a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-11-13 10:25 20,480 ------w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-04 10:55 --------- d-----w C:\Documents and Settings\All Users\Application Data\Zylom
2007-11-01 08:34 --------- d-----w C:\Program Files\Alcohol Soft
2007-11-01 08:00 685,816 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2007-11-01 07:49 --------- d-----w C:\Program Files\WinISO
2007-10-31 17:13 --------- d-----w C:\Program Files\MediaCoder
2007-10-31 13:40 --------- d-----w C:\Program Files\Smart Projects
2007-10-30 17:13 --------- d-----w C:\Program Files\InterLok
2007-10-29 22:43 1,293,824 ------w C:\WINDOWS\system32\quartz.dll
2007-10-29 17:43 --------- d-----w C:\Program Files\Blender Foundation
2007-10-29 17:40 --------- d-----w C:\Documents and Settings\Utilisateur\Application Data\gtk-2.0
2007-10-27 19:54 --------- d-----w C:\Program Files\Picasa2
2007-10-26 19:15 --------- d-----w C:\Documents and Settings\Utilisateur\Application Data\EasyView
2007-10-26 17:50 --------- d-----w C:\Program Files\Artoonix
2007-10-25 18:36 32,336 -c--a-w C:\Documents and Settings\Utilisateur\Application Data\GDIPFONTCACHEV1.DAT
2007-10-25 17:28 --------- d-----w C:\Program Files\Arturia
2007-10-25 08:28 222,720 ------w C:\WINDOWS\system32\wmasf.dll
2007-10-20 20:27 --------- d-----w C:\Program Files\emagic
2007-10-20 15:06 --------- d-----w C:\Program Files\Fichiers communs\xing shared
2007-10-20 15:06 --------- d-----w C:\Program Files\Fichiers communs\Real
2007-10-20 10:24 --------- d-----w C:\Program Files\Clavia
2007-10-19 22:23 --------- d-----w C:\Documents and Settings\Utilisateur\Application Data\Clavia
2007-10-18 16:44 --------- d-----w C:\Program Files\Pro-53
2007-10-16 16:30 --------- d-----w C:\Documents and Settings\Utilisateur\Application Data\Propellerhead Software
2007-10-16 16:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Propellerhead Software
2007-10-15 20:13 --------- d-----w C:\Program Files\Way Out Ware
2007-10-11 18:58 786 ---ha-w C:\hpothb07.dat
2007-02-12 15:02 81,920 ----a-w C:\Documents and Settings\Utilisateur\Application Data\ezpinst.exe
2007-02-12 15:02 47,360 -c--a-w C:\Documents and Settings\Utilisateur\Application Data\pcouffin.sys
2007-01-20 14:43 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2006-06-21 12:08 560 -c--a-w C:\Documents and Settings\Utilisateur\Application Data\ViewerApp.dat
2006-06-17 06:10 0 -c-ha-w C:\Documents and Settings\Utilisateur\hpothb07.dat
2006-05-12 20:39 0 -c-ha-w C:\Documents and Settings\Utilisateur\Application Data\hpothb07.dat
2006-05-12 20:38 0 -c-ha-w C:\Documents and Settings\NetworkService\hpothb07.dat
2006-05-12 20:38 0 -c-ha-w C:\Documents and Settings\LocalService\hpothb07.dat
2006-05-12 20:37 0 -c-ha-w C:\Documents and Settings\Default User\hpothb07.dat
2006-05-12 20:37 0 -c-ha-w C:\Documents and Settings\Default User\Application Data\hpothb07.dat
2006-05-12 20:37 0 -c-ha-w C:\Documents and Settings\All Users\Application Data\hpothb07.dat
.

((((((((((((((((((((((((((((( snapshot_2007-12-15_19.51.19,28 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-12-15 19:44:44 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_694.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
2007-10-04 21:06 1135968 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11D4-9B18-009027A5CD4F}
{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}

[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ccleaner"="D:\Dossier Julien\Logiciels\Logiciels\CCleaner\ccleaner.exe" [2007-09-28 09:05]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-19 16:10 C:\WINDOWS\system32\rundll32.exe]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-05-21 18:11]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 14:28 C:\WINDOWS\soundman.exe]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 13:49]
"!AVG Anti-Spyware"="D:\Dossier Julien\Logiciels\Logiciels\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-10-20 16:06]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 16:09]

C:\Documents and Settings\Default User\Menu D‚marrer\Programmes\D‚marrage\
hpothb07.dat [2006-05-12 21:38:20]
hpothb07.tif [2006-05-12 21:38:20]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
officejet 6100.lnk - C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe [2002-06-11 09:32:22]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="LogonUI.EXE"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Picture Package Menu.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Picture Package Menu.lnk
backup=C:\WINDOWS\pss\Picture Package Menu.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Picture Package VCD Maker.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Picture Package VCD Maker.lnk
backup=C:\WINDOWS\pss\Picture Package VCD Maker.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader]
2005-06-23 19:33 57344 --a------ C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
C:\Program Files\Logitech\Video\ManifestEngine.exe boot

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 11:50 155648 --------- C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
SOUNDMAN.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
C:\Program Files\Valve\Steam\Steam.exe -silent

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe -osboot

R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys
R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys
R2 NMSAccessU;NMSAccessU;C:\Program Files\CDBurnerXP\NMSAccessU.exe
S3 oUltraf;oUltraf;\??\C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\oUltraf.sys
S3 SE2Bbus;Sony Ericsson Device 043 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\SE2Bbus.sys
S3 SE2Bmdfl;Sony Ericsson Device 043 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\SE2Bmdfl.sys
S3 SE2Bmdm;Sony Ericsson Device 043 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\SE2Bmdm.sys
S3 SE2Bmgmt;Sony Ericsson Device 043 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\SE2Bmgmt.sys
S3 se2Bnd5;Sony Ericsson Device 043 USB Ethernet Emulation SEMC43 (NDIS);C:\WINDOWS\system32\DRIVERS\se2Bnd5.sys
S3 se2Bunic;Sony Ericsson Device 043 USB Ethernet Emulation SEMC43 (WDM);C:\WINDOWS\system32\DRIVERS\se2Bunic.sys
S3 StMp3Rec;Pilote de périphérique de la restauration de lecteur;C:\WINDOWS\system32\Drivers\StMp3Rec.sys

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-12-11 05:35:00 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-12-15 11:54:00 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 2200 series#1146998818.job"
- C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe
.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-15 22:19:03
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-15 22:22:49
C:\ComboFix2.txt ... 2007-12-15 19:52
C:\ComboFix3.txt ... 2007-12-09 19:53
.
2007-12-13 17:03:31 --- E O F ---


Et le rapport Hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:14:58, on 16/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
D:\Dossier Julien\Logiciels\Logiciels\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\SOUNDMAN.EXE
D:\Dossier Julien\Logiciels\Logiciels\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
D:\Dossier Julien\Logiciels\Logiciels\Kerio\kpf4ss.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
D:\Dossier Julien\Logiciels\Logiciels\Kerio\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Dossier Julien\Logiciels\Logiciels\Kerio\kpf4gui.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\Dossier Julien\Logiciels\Logiciels\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ccleaner] "D:\Dossier Julien\Logiciels\Logiciels\CCleaner\ccleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - .DEFAULT User Startup: hpothb07.dat (User 'Default user')
O4 - .DEFAULT User Startup: hpothb07.tif (User 'Default user')
O4 - Global Startup: officejet 6100.lnk = ?
O8 - Extra context menu item: &Clean Traces - D:\Dossier Julien\Logiciels\Logiciels\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - D:\Dossier Julien\Logiciels\Logiciels\DAP\dapextie.htm
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Download &all with DAP - D:\Dossier Julien\Logiciels\Logiciels\DAP\dapextie2.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger les tous avec Free Download Manager - file://D:\Dossier Julien\Logiciels\Free Download Manager\dlselected.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\$hf_mig$\KB887472\SP2QFE\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\$hf_mig$\KB887472\SP2QFE\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O12 - Plugin for .mu3: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mus: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .mut: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .myr: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O12 - Plugin for .xmz: C:\Program Files\Internet Explorer\Plugins\NPMyrMus.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: Interface Chat Voila - http://chat9.x-echo.com/version7/Applet/vchatsign.cab
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://regulus.upmf-grenoble.fr/qp2.cab
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537 [...] scan53.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game09.zylom.com/activex/zylomgamesplayer.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{83485FC9-4DF6-469F-B069-B3CA96DADC4D}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\Dossier Julien\Logiciels\Logiciels\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - D:\Dossier Julien\Logiciels\Logiciels\Kerio\kpf4ss.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe (file missing)

--
End of file - 8836 bytes


Voila, Merci.

Bon je ne pourrai pas m'en occuper cette semaine, je repart.
Bonne semaine a tous.
Ciao

KASPERSKY ON-LINE SCANNER REPORT
Tuesday, December 25, 2007 12:41:17 PM
Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 25/12/2007
Enregistrements dans la base antivirus Kaspersky : 493321
Paramètres d'analyse
Analyser avec la base antivirus suivante étendue
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
Statistiques de l'analyse
Total d'objets analysés 166155
Nombre de virus trouvés 3
Nombre d'objets infectés 6 / 0
Nombre d'objets suspects 0
Durée de l'analyse 02:28:11

Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\Utilisateur\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\Utilisateur\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Utilisateur\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Utilisateur\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\Utilisateur\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\integ\avast.int L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log L'objet est verrouillé ignoré
C:\Program Files\Alwil Software\Avast4\DATA\report\Protection résidente.txt L'objet est verrouillé ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{C380B4C9-14E7-4B69-890C-1EF1F97C67DC}\RP1589\A0171792.exe Infecté : not-a-virus:RiskTool.Win32.PsKill.k ignoré
C:\System Volume Information\_restore{C380B4C9-14E7-4B69-890C-1EF1F97C67DC}\RP1602\change.log L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\EventCache\{ABC49040-7875-4113-9513-843990753C53}.bin L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Antivirus.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\sptd.sys L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\Temp\Perflib_Perfdata_6b4.dat L'objet est verrouillé ignoré
C:\WINDOWS\Temp\_avast4_\Webshlock.txt L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
D:\Dossier Julien\Logiciels\clean.zip/clean/pskill.exe Infecté : not-a-virus:RiskTool.Win32.PsKill.k ignoré
D:\Dossier Julien\Logiciels\clean.zip ZIP: infecté - 1 ignoré
D:\Dossier Julien\Logiciels\Logiciels\Kerio\logs\debug.log L'objet est verrouillé ignoré
D:\Dossier Julien\Logiciels\Logiciels\Kerio\logs\debug.log.idx L'objet est verrouillé ignoré
D:\Dossier Julien\Logiciels\Logiciels\Kerio\logs\error.log L'objet est verrouillé ignoré
D:\Dossier Julien\Logiciels\Logiciels\Kerio\logs\error.log.idx L'objet est verrouillé ignoré
D:\Dossier Julien\Logiciels\Logiciels\Kerio\logs\hips.log L'objet est verrouillé ignoré
D:\Dossier Julien\Logiciels\Logiciels\Kerio\logs\hips.log.idx L'objet est verrouillé ignoré
D:\Dossier Julien\Logiciels\Logiciels\Kerio\logs\ids.log L'objet est verrouillé ignoré
D:\Dossier Julien\Logiciels\Logiciels\Kerio\logs\ids.log.idx L'objet est verrouillé ignoré
D:\Dossier Julien\Logiciels\Logiciels\Kerio\logs\network.log L'objet est verrouillé ignoré
D:\Dossier Julien\Logiciels\Logiciels\Kerio\logs\network.log.idx L'objet est verrouillé ignoré
D:\Dossier Julien\Logiciels\Logiciels\Kerio\logs\system.log L'objet est verrouillé ignoré
D:\Dossier Julien\Logiciels\Logiciels\Kerio\logs\system.log.idx L'objet est verrouillé ignoré
D:\Dossier Julien\Logiciels\Logiciels\Kerio\logs\warning.log L'objet est verrouillé ignoré
D:\Dossier Julien\Logiciels\Logiciels\Kerio\logs\warning.log.idx L'objet est verrouillé ignoré
D:\Dossier Julien\Logiciels\Logiciels\Kerio\logs\web.log L'objet est verrouillé ignoré
D:\Dossier Julien\Logiciels\Logiciels\Kerio\logs\web.log.idx L'objet est verrouillé ignoré
D:\Dossier Vincent\mes DL\eMule\Temp\050.part/setup.exe Infecté : P2P-Worm.Win32.Kapucen.ac ignoré
D:\Dossier Vincent\mes DL\eMule\Temp\050.part RAR: infecté - 1 ignoré
D:\Dossier Vincent\Mes Logiciels\logiciels musique-compo-arr\logiciels divers\DAEMON Tools\SetupDTSB.exe Infecté : not-a-virus:AdTool.Win32.WhenU.a ignoré
D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
D:\System Volume Information\_restore{C380B4C9-14E7-4B69-890C-1EF1F97C67DC}\RP1602\change.log L'objet est verrouillé ignoré
Analyse terminée.


Voila j'ai fait ce que vous m'avez demandé.
Pardon pour les laps de tps tres long.
Je vous remercie

C:\System Volume Information\_restore{C380B4C9-14E7-4B69-890C-1EF1F97C67DC}\RP1589\A0171792.exe moved successfully.
File/Folder D:\Dossier Vincent\mes DL\eMule\Temp\050.part/setup.exe not found.
D:\Dossier Vincent\mes DL\eMule\Temp\050.part moved successfully.
D:\Dossier Vincent\Mes Logiciels\logiciels musique-compo-arr\logiciels divers\DAEMON Tools\SetupDTSB.exe moved successfully.
File/Folder D:\Dossier Julien\Logiciels\clean.zip not found.

Created on 12/26/2007 00:59:26

Voila, pour le moment je croi ke tout va mieu.
Enfin, je ne sait pas s'il y a un rapport mais mon ccleaner refuse de telecharger la version la plus recente. arrivé sur le site, firefox s'arrette...

En tout cas merci pour tout, bonnes fetes de noel.
Ciao