[resolu] impossible de se debarasser "ads served by adssite"

Bonjour


Télécharge HijackThis v2.0.2
http://www.trendsecure.com/portal/ [...] ckThis.exe
Démo en image
http://perso.orange.fr/rginformati [...] hijack.htm

Fais un scan et poste l'analyse ici.

Re


Télécharge Combofix.exe (par sUBs) sur ton Bureau
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Double clique combofix.exe et suis les invites.
Lorsque le scan sera complété, un rapport apparaîtra.

Copie/colle ce rapport dans ta prochaine réponse avec un nouveau HijackThis.

et le rappor hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:26:30, on 22/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\PROGRA~1\Wanadoo\taskbaricon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Anthony\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.carrefour.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.cegetel.net/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: optimizer by rightonadz - {AB71E94E-3DC4-41eb-BBD5-31E82C9FD1D4} - C:\WINDOWS\system32\gzmrotate.dll (file missing)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\taskbaricon.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [service.exe] C:\WINDOWS\service.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\RunOnce: [gi819766163] "C:\DOCUME~1\Anthony\LOCALS~1\Temp\gi44PIO5.exe" /resume:"C:\DOCUME~1\Anthony\LOCALS~1\Temp\2H44PI6F" /exename:"C:\Documents and Settings\Anthony\Application Data\Mozilla\Firefox\Profiles\s9ma7shr.default\extensions\{bb628310-0ab7-11db-9cd8-0800200c9a66}\setup.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [] "C:\WINDOWS\SYSTEM\Rename.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [] "C:\WINDOWS\SYSTEM\Rename.exe" (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.carrefour.fr/
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/ [...] NPUpld.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft. [...] 7743015284
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://charon777.free.fr/plugins/hardwaredetection.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {94EB57FE-2720-496C-B33F-D9353C6E23F7} (F-Secure Online Scanner 2.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/bina [...] b32846.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{90EFEA42-6472-4424-8CEF-722F7CFCFB95}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates International Inc. - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates International Inc. - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\CyberLink\PowerCinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\RpcSandraSrv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 11931 bytes

up

ComboFix 07-12-21.4 - Anthony 2007-12-25 20:21:19.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.502 [GMT 1:00]
Running from: C:\Documents and Settings\Anthony\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Anthony\Bureau\CFScript.txt
* Created a new restore point

FILE
C:\WINDOWS\service.exe
C:\WINDOWS\system32\adssite-remove.exe
C:\WINDOWS\system32\gzmrotate.dll
C:\WINDOWS\system32\rightonadz-uninst.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Adssite Advanced Toolbar
C:\Program Files\Adssite Advanced Toolbar\uninstall.exe
C:\Program Files\AskSBar
C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.JAR
C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.MANIFEST
C:\Program Files\AskSBar\bar\1.bin\A2HIGHIN.EXE
C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.JAR
C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.MANIFEST
C:\Program Files\AskSBar\bar\1.bin\A2PLUGIN.DLL
C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
C:\Program Files\AskSBar\bar\1.bin\NPASKSBR.DLL
C:\Program Files\AskSBar\bar\Cache\0006E254
C:\Program Files\AskSBar\bar\Cache\0008D9AF.bin
C:\Program Files\AskSBar\bar\Cache\0008DBF1.bin
C:\Program Files\AskSBar\bar\Cache\0008DE82.bin
C:\Program Files\AskSBar\bar\Cache\files.ini
C:\Program Files\AskSBar\bar\History\search2
C:\Program Files\AskSBar\bar\Settings\LogTrace.log
C:\Program Files\AskSBar\bar\Settings\prevcfg2.htm
C:\Program Files\ContextTool
C:\Program Files\ContextTool\ContextHelper.dat
C:\Program Files\ContextTool\pcre3.dll
C:\Program Files\ContextTool\uninstall.exe
C:\WINDOWS\system32\adssite-remove.exe
C:\WINDOWS\system32\rightonadz-uninst.exe

.
((((((((((((((((((((((((((((( Fichiers créés 2007-11-25 to 2007-12-25 ))))))))))))))))))))))))))))))))))))
.

2007-12-22 16:12 . 2007-12-22 16:11 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys
2007-12-22 16:12 . 2007-12-22 16:11 298,104 --a------ C:\WINDOWS\system32\imon.dll
2007-12-22 16:12 . 2007-12-22 16:11 15,424 --a------ C:\WINDOWS\system32\drivers\nod32drv.sys
2007-12-14 23:19 . 2007-12-14 23:19 <REP> d-------- C:\Program Files\Lavasoft
2007-12-14 23:19 . 2007-12-14 23:19 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-12-08 21:03 . 2007-12-08 21:03 <REP> d-------- C:\Documents and Settings\NetworkService\Application Data\X10 Commander
2007-12-01 10:58 . 2007-12-14 23:18 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-12-01 10:57 . 2007-12-01 10:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2007-12-01 09:46 . 2007-12-01 09:46 <REP> d-------- C:\Program Files\Windows Live
2007-11-25 20:53 . 2007-11-26 20:49 <REP> d-------- C:\Program Files\PCPitstop
2007-11-25 13:28 . 2007-12-02 00:11 <REP> d-------- C:\Program Files\DivX

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-25 19:09 --------- d-----w C:\Program Files\Wanadoo
2007-12-22 15:13 --------- d-----w C:\Program Files\Pack Sécurité
2007-12-22 15:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\F-Secure
2007-12-22 14:46 --------- d-----w C:\Documents and Settings\All Users\Application Data\fssg
2007-12-22 08:21 13,440 ----a-w C:\WINDOWS\system32\drivers\USBCRFT.SYS
2007-12-15 13:29 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2007-12-15 13:29 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
2007-12-14 22:19 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2007-12-08 15:18 --------- d-----w C:\Documents and Settings\Anthony\Application Data\AdobeUM
2007-12-01 10:16 --------- d-----w C:\Program Files\PlayMP3z
2007-12-01 10:03 --------- d-----w C:\Program Files\Everest Poker
2007-12-01 08:46 --------- d-----w C:\Program Files\MSN Messenger
2007-12-01 08:46 --------- d-----w C:\Program Files\Messenger Plus! Live
2007-12-01 08:36 --------- d-----w C:\Program Files\CA
2007-12-01 08:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\CA
2007-12-01 08:32 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2007-12-01 08:22 --------- d-----w C:\Documents and Settings\Anthony\Application Data\CallingID
2007-11-26 19:55 --------- d-----w C:\Program Files\VideoLAN
2007-11-25 12:54 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-25 10:45 --------- d-----w C:\Program Files\FrostWire
2007-11-25 10:45 --------- d-----w C:\Documents and Settings\Anthony\Application Data\FrostWire
2007-11-24 12:53 --------- d-----w C:\Documents and Settings\Anthony\Application Data\Nokia
2007-11-18 12:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nokia
2007-11-18 12:55 --------- d-----w C:\Program Files\Nokia
2007-11-18 12:55 --------- d-----w C:\Program Files\Fichiers communs\Nokia
2007-11-18 12:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
2007-11-18 11:30 --------- d-----w C:\Program Files\Fichiers communs\PCSuite
2007-11-18 11:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Downloaded Installations
2007-11-18 11:29 --------- d-----w C:\Program Files\PC Connectivity Solution
2007-11-17 22:10 --------- d-----w C:\Documents and Settings\Anthony\Application Data\Nokia Multimedia Player
2007-11-17 21:50 --------- d-----w C:\Documents and Settings\Anthony\Application Data\PC Suite
2007-11-17 21:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite
2007-11-17 21:43 --------- d-----w C:\Program Files\DIFX
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-08 19:12 --------- d-----w C:\Program Files\Java
2007-11-08 19:04 --------- d-----w C:\Documents and Settings\Anthony\Application Data\Azureus
2007-11-06 17:50 --------- d-----w C:\Documents and Settings\Anthony\Application Data\vlc
2007-11-06 17:47 --------- d-----w C:\Documents and Settings\Anthony\Application Data\LimeWire
2007-11-04 18:01 89,816 ----a-w C:\Documents and Settings\Anthony\Application Data\GDIPFONTCACHEV1.DAT
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-09-29 15:26 1,560 ----a-w C:\Documents and Settings\Anthony\Application Data\wklnhst.dat
2005-11-24 20:10 0 ----a-w C:\Program Files\uninstall.uif
2005-09-03 21:52 1,313 ----a-w C:\Documents and Settings\Anthony\file1.exe
2004-08-05 12:00 65,024 --sha-w C:\WINDOWS\system32\asycfilt.dll
2006-08-25 15:51 617,472 --sha-w C:\WINDOWS\system32\comctl32.dll
2004-08-05 12:00 1,028,096 --sha-w C:\WINDOWS\system32\mfc42.dll
2004-08-05 12:00 57,344 --sha-w C:\WINDOWS\system32\mfc42loc.dll
2004-08-05 12:00 413,696 --sha-w C:\WINDOWS\system32\msvcp60.dll
2004-08-05 12:00 343,040 --sha-w C:\WINDOWS\system32\msvcrt.dll
2004-08-05 12:00 253,952 --sha-w C:\WINDOWS\system32\msvcrt20.dll
2007-05-17 11:29 549,376 --sha-w C:\WINDOWS\system32\oleaut32.dll
2004-08-05 12:00 83,456 --sha-w C:\WINDOWS\system32\olepro32.dll
2004-08-05 12:00 30,749 --sha-w C:\WINDOWS\system32\vbajet32.dll
.

((((((((((((((((((((((((((((( snapshot@2007-12-22_ 9.22.00.40 )))))))))))))))))))))))))))))))))))))))))
.
+ 2004-08-05 12:00:00 61,440 -c----w C:\WINDOWS\ie7\admparse.dll
+ 2004-08-05 12:00:00 101,888 -c----w C:\WINDOWS\ie7\advpack.dll
+ 2004-08-05 12:00:00 35,328 -c----w C:\WINDOWS\ie7\corpol.dll
+ 2006-06-02 19:32:20 33,792 -c----w C:\WINDOWS\ie7\custsat.dll
+ 2007-10-11 05:59:22 357,888 -c----w C:\WINDOWS\ie7\dxtmsft.dll
+ 2007-10-11 05:59:22 205,824 -c----w C:\WINDOWS\ie7\dxtrans.dll
+ 2007-10-11 05:59:22 55,808 -c----w C:\WINDOWS\ie7\extmgr.dll
+ 2004-08-05 12:00:00 38,912 -c----w C:\WINDOWS\ie7\hmmapi.dll
+ 2004-08-05 12:00:00 34,304 -c----w C:\WINDOWS\ie7\ie4uinit.exe
+ 2004-08-05 12:00:00 139,264 -c----w C:\WINDOWS\ie7\ieakeng.dll
+ 2004-08-05 12:00:00 221,696 -c----w C:\WINDOWS\ie7\ieaksie.dll
+ 2004-08-05 12:00:00 245,760 -c----w C:\WINDOWS\ie7\ieakui.dll
+ 2004-08-05 12:00:00 323,584 -c----w C:\WINDOWS\ie7\iedkcs32.dll
+ 2007-10-10 10:48:23 18,432 -c----w C:\WINDOWS\ie7\iedw.exe
+ 2004-08-05 12:00:00 81,920 -c----w C:\WINDOWS\ie7\ieencode.dll
+ 2007-10-11 05:59:22 251,904 -c----w C:\WINDOWS\ie7\iepeers.dll
+ 2004-08-05 12:00:00 49,152 -c----w C:\WINDOWS\ie7\iernonce.dll
+ 2004-08-05 12:00:00 63,488 -c----w C:\WINDOWS\ie7\iesetup.dll
+ 2004-08-05 12:00:00 2,779,648 -c----w C:\WINDOWS\ie7\iexplore.exe
+ 2004-08-05 12:00:00 35,840 -c----w C:\WINDOWS\ie7\imgutil.dll
+ 2007-10-11 05:59:22 96,768 -c----w C:\WINDOWS\ie7\inseng.dll
+ 2007-11-14 07:28:02 450,560 -c----w C:\WINDOWS\ie7\jscript.dll
+ 2007-10-11 05:59:22 16,384 -c----w C:\WINDOWS\ie7\jsproxy.dll
+ 2004-08-05 12:00:00 22,528 -c----w C:\WINDOWS\ie7\licmgr10.dll
+ 2004-08-05 12:00:00 29,184 -c----w C:\WINDOWS\ie7\mshta.exe
+ 2007-10-30 09:57:54 3,086,848 -c----w C:\WINDOWS\ie7\mshtml.dll
+ 2007-10-11 05:59:26 449,024 -c----w C:\WINDOWS\ie7\mshtmled.dll
+ 2004-08-05 12:00:00 57,344 -c----w C:\WINDOWS\ie7\mshtmler.dll
+ 2004-08-05 12:00:00 146,432 -c----w C:\WINDOWS\ie7\msls31.dll
+ 2007-10-11 05:59:26 146,432 -c----w C:\WINDOWS\ie7\msrating.dll
+ 2007-10-11 05:59:27 532,480 -c----w C:\WINDOWS\ie7\mstime.dll
+ 2004-08-05 12:00:00 702,976 -c----w C:\WINDOWS\ie7\occache.dll
+ 2007-10-11 05:59:27 39,424 -c----w C:\WINDOWS\ie7\pngfilt.dll
+ 2007-09-26 17:34:42 33,472 -c----w C:\WINDOWS\ie7\spuninst\iecustom.dll
+ 2007-09-26 17:32:30 66,048 -c--a-w C:\WINDOWS\ie7\spuninst\ieResetIcons.exe
+ 2006-09-06 16:43:28 216,800 -c----w C:\WINDOWS\ie7\spuninst\spuninst.exe
+ 2006-09-06 16:43:30 394,976 -c----w C:\WINDOWS\ie7\spuninst\updspapi.dll
+ 2004-08-05 12:00:00 193,024 -c----w C:\WINDOWS\ie7\url.dll
+ 2007-10-11 05:59:29 620,032 -c----w C:\WINDOWS\ie7\urlmon.dll
+ 2004-08-09 19:27:06 438,272 -c----w C:\WINDOWS\ie7\vbscript.dll
+ 2007-06-26 13:56:54 851,968 -c----w C:\WINDOWS\ie7\vgx.dll
+ 2004-08-05 12:00:00 921,088 -c----w C:\WINDOWS\ie7\webcheck.dll
+ 2007-10-11 05:59:29 670,208 -c----w C:\WINDOWS\ie7\wininet.dll
+ 2007-08-13 17:39:00 123,904 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\advpack.dll
+ 2007-08-13 17:35:38 214,528 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\dxtrans.dll
+ 2007-08-13 17:54:10 131,584 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\extmgr.dll
+ 2007-08-13 17:36:26 61,952 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\icardie.dll
+ 2007-08-13 17:39:06 54,784 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ie4uinit.exe
+ 2007-08-13 17:39:26 152,064 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakeng.dll
+ 2007-08-13 17:39:54 229,376 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieaksie.dll
+ 2007-08-13 16:56:54 161,792 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieakui.dll
+ 2007-02-12 15:10:12 2,451,312 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieapfltr.dat
+ 2007-07-11 11:27:48 383,488 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieapfltr.dll
+ 2007-08-13 17:39:50 382,976 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iedkcs32.dll
+ 2007-08-13 17:54:10 6,049,280 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieframe.dll
+ 2007-08-13 17:39:10 43,008 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iernonce.dll
+ 2007-08-13 17:34:04 266,752 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iertutil.dll
+ 2007-08-13 17:39:10 13,312 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\ieudinit.exe
+ 2007-08-13 17:43:56 622,080 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iexplore.exe
+ 2007-08-13 17:43:56 622,080 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\iexplore.exe.000
+ 2007-08-13 17:54:10 27,136 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\jsproxy.dll
+ 2007-08-13 17:54:10 458,752 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeeds.dll
+ 2007-08-13 17:54:10 50,688 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msfeedsbs.dll
+ 2007-08-13 17:54:12 3,578,368 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtml.dll
+ 2007-08-13 17:54:10 475,648 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mshtmled.dll
+ 2007-08-13 17:44:26 192,000 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\msrating.dll
+ 2007-08-13 17:54:10 670,720 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\mstime.dll
+ 2007-08-13 17:44:06 101,376 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\occache.dll
+ 2007-08-13 17:44:06 101,376 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\occache.dll.000
+ 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\spuninst.exe
+ 2007-06-30 20:24:42 394,976 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\spuninst\updspapi.dll
+ 2007-08-13 17:44:30 105,984 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\url.dll
+ 2007-08-13 17:44:30 105,984 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\url.dll.000
+ 2007-08-13 17:54:10 1,162,240 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\urlmon.dll
+ 2007-08-13 17:54:10 231,424 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\webcheck.dll
+ 2007-08-13 17:54:10 231,424 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\webcheck.dll.000
+ 2007-08-13 17:54:10 818,688 -c----w C:\WINDOWS\ie7updates\KB942615-IE7\wininet.dll
- 2004-08-05 12:00:00 61,440 ----a-w C:\WINDOWS\system32\admparse.dll
+ 2007-08-13 17:39:20 71,680 ----a-w C:\WINDOWS\system32\admparse.dll
- 2004-08-05 12:00:00 101,888 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2007-10-10 23:49:42 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2004-08-05 12:00:00 61,440 -c--a-w C:\WINDOWS\system32\dllcache\admparse.dll
+ 2007-08-13 17:39:20 71,680 -c--a-w C:\WINDOWS\system32\dllcache\admparse.dll
- 2004-08-05 12:00:00 101,888 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2007-10-10 23:49:42 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
- 2006-06-02 19:32:20 33,792 -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll
+ 2007-08-13 17:54:10 33,792 -c--a-w C:\WINDOWS\system32\dllcache\custsat.dll
- 2007-10-11 05:59:22 357,888 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2007-08-13 17:35:46 346,624 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2007-10-11 05:59:22 205,824 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2007-10-10 23:49:42 214,528 -c----w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2007-10-11 05:59:22 55,808 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2007-10-10 23:49:42 132,608 -c----w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2004-08-05 12:00:00 38,912 -c--a-w C:\WINDOWS\system32\dllcache\hmmapi.dll
+ 2007-08-13 17:18:02 60,416 -c--a-w C:\WINDOWS\system32\dllcache\hmmapi.dll
- 2007-08-20 09:59:29 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2007-10-10 23:49:42 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
- 2004-08-05 12:00:00 34,304 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2007-10-10 11:00:41 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2004-08-05 12:00:00 139,264 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2007-10-10 23:49:42 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2004-08-05 12:00:00 221,696 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2007-10-10 23:49:42 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2004-08-05 12:00:00 245,760 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2007-10-10 05:46:55 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2007-08-20 09:59:29 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2007-10-10 23:49:42 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2004-08-05 12:00:00 323,584 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2007-10-10 23:49:42 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2007-10-10 10:48:23 18,432 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
+ 2007-08-13 17:44:02 69,120 -c--a-w C:\WINDOWS\system32\dllcache\iedw.exe
- 2004-08-05 12:00:00 81,920 -c--a-w C:\WINDOWS\system32\dllcache\ieencode.dll
+ 2007-08-13 17:45:18 78,336 -c--a-w C:\WINDOWS\system32\dllcache\ieencode.dll
- 2007-08-20 09:59:29 6,058,496 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2007-10-10 23:49:43 6,065,664 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2007-10-11 05:59:22 251,904 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
+ 2007-08-13 17:54:10 191,488 -c--a-w C:\WINDOWS\system32\dllcache\iepeers.dll
- 2004-08-05 12:00:00 49,152 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2007-10-10 23:49:43 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2007-08-20 09:59:30 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2007-10-10 23:49:43 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2004-08-05 12:00:00 63,488 -c--a-w C:\WINDOWS\system32\dllcache\iesetup.dll
+ 2007-08-13 17:39:12 55,296 -c--a-w C:\WINDOWS\system32\dllcache\iesetup.dll
- 2007-08-17 10:20:54 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2007-10-10 10:59:40 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2004-08-05 12:00:00 2,779,648 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2007-10-10 11:00:59 625,152 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2004-08-05 12:00:00 35,840 -c--a-w C:\WINDOWS\system32\dllcache\imgutil.dll
+ 2007-08-13 17:36:06 36,352 -c--a-w C:\WINDOWS\system32\dllcache\imgutil.dll
- 2007-10-11 05:59:22 96,768 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
+ 2007-08-13 17:39:02 92,672 -c--a-w C:\WINDOWS\system32\dllcache\inseng.dll
- 2007-11-14 07:28:02 450,560 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
+ 2007-08-13 17:38:04 491,520 -c--a-w C:\WINDOWS\system32\dllcache\jscript.dll
- 2007-10-11 05:59:22 16,384 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2007-10-10 23:49:44 27,648 -c----w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2004-08-05 12:00:00 22,528 -c--a-w C:\WINDOWS\system32\dllcache\licmgr10.dll
+ 2007-08-13 17:44:18 40,960 -c--a-w C:\WINDOWS\system32\dllcache\licmgr10.dll
- 2007-08-20 09:59:30 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2007-10-10 23:49:44 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2007-08-20 09:59:30 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2007-10-10 23:49:44 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2004-08-05 12:00:00 29,184 -c--a-w C:\WINDOWS\system32\dllcache\mshta.exe
+ 2007-08-13 17:32:30 45,568 -c--a-w C:\WINDOWS\system32\dllcache\mshta.exe
- 2007-10-30 09:57:54 3,086,848 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2007-10-31 03:53:50 3,590,656 -c----w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2007-10-11 05:59:26 449,024 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2007-10-10 23:49:44 478,208 -c----w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2004-08-05 12:00:00 57,344 -c--a-w C:\WINDOWS\system32\dllcache\mshtmler.dll
+ 2007-08-13 17:01:12 48,128 -c--a-w C:\WINDOWS\system32\dllcache\mshtmler.dll
- 2004-08-05 12:00:00 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msls31.dll
+ 2007-08-13 17:54:10 156,160 -c--a-w C:\WINDOWS\system32\dllcache\msls31.dll
- 2007-10-11 05:59:26 146,432 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2007-10-10 23:49:44 193,024 -c----w C:\WINDOWS\system32\dllcache\msrating.dll
- 2007-10-11 05:59:27 532,480 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2007-10-10 23:49:45 671,232 -c----w C:\WINDOWS\system32\dllcache\mstime.dll
- 2004-08-05 12:00:00 702,976 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
+ 2007-10-10 23:49:45 102,400 -c----w C:\WINDOWS\system32\dllcache\occache.dll
- 2007-10-11 05:59:27 39,424 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2007-08-13 17:36:12 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2004-08-05 12:00:00 193,024 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
+ 2007-10-10 23:49:45 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
- 2007-10-11 05:59:29 620,032 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2007-10-10 23:49:45 1,159,680 -c----w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2004-08-09 19:27:06 438,272 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll
+ 2007-08-13 17:54:10 413,696 -c--a-w C:\WINDOWS\system32\dllcache\vbscript.dll
- 2007-06-26 13:56:54 851,968 -c--a-w C:\WINDOWS\system32\dllcache\vgx.dll
+ 2007-07-12 23:30:52 765,952 -c--a-w C:\WINDOWS\system32\dllcache\vgx.dll
- 2004-08-05 12:00:00 921,088 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2007-10-10 23:49:45 232,960 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2007-10-11 05:59:29 670,208 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2007-10-10 23:49:45 824,832 -c----w C:\WINDOWS\system32\dllcache\wininet.dll
- 2007-10-11 05:59:22 357,888 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2007-08-13 17:35:46 346,624 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2007-10-11 05:59:22 205,824 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2007-10-10 23:49:42 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2007-10-11 05:59:22 55,808 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2007-10-10 23:49:42 132,608 ------w C:\WINDOWS\system32\extmgr.dll
+ 2007-10-10 23:49:42 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2004-08-05 12:00:00 34,304 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2007-10-10 11:00:41 70,656 ------w C:\WINDOWS\system32\ie4uinit.exe
- 2004-08-05 12:00:00 139,264 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2007-10-10 23:49:42 153,088 ------w C:\WINDOWS\system32\ieakeng.dll
- 2004-08-05 12:00:00 221,696 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2007-10-10 23:49:42 230,400 ------w C:\WINDOWS\system32\ieaksie.dll
- 2004-08-05 12:00:00 245,760 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2007-10-10 05:46:55 161,792 ------w C:\WINDOWS\system32\ieakui.dll
+ 2007-07-01 03:31:33 2,455,488 ----a-w C:\WINDOWS\system32\ieapfltr.dat
+ 2007-10-10 23:49:42 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2004-08-05 12:00:00 323,584 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2007-10-10 23:49:42 384,512 ------w C:\WINDOWS\system32\iedkcs32.dll
- 2004-08-05 12:00:00 81,920 ----a-w C:\WINDOWS\system32\ieencode.dll
+ 2007-08-13 17:45:18 78,336 ----a-w C:\WINDOWS\system32\ieencode.dll
+ 2007-10-10 23:49:43 6,065,664 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2007-10-11 05:59:22 251,904 ----a-w C:\WINDOWS\system32\iepeers.dll
+ 2007-08-13 17:54:10 191,488 ----a-w C:\WINDOWS\system32\iepeers.dll
- 2004-08-05 12:00:00 49,152 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2007-10-10 23:49:43 44,544 ------w C:\WINDOWS\system32\iernonce.dll
+ 2007-10-10 23:49:43 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2004-08-05 12:00:00 63,488 ----a-w C:\WINDOWS\system32\iesetup.dll
+ 2007-08-13 17:39:12 55,296 ----a-w C:\WINDOWS\system32\iesetup.dll
- 2007-08-17 10:20:54 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2007-10-10 10:59:40 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2007-08-13 17:54:10 180,736 ------w C:\WINDOWS\system32\ieui.dll
- 2004-08-05 12:00:00 35,840 ----a-w C:\WINDOWS\system32\imgutil.dll
+ 2007-08-13 17:36:06 36,352 ----a-w C:\WINDOWS\system32\imgutil.dll
- 2007-10-11 05:59:22 96,768 ----a-w C:\WINDOWS\system32\inseng.dll
+ 2007-08-13 17:39:02 92,672 ----a-w C:\WINDOWS\system32\inseng.dll
- 2007-11-14 07:28:02 450,560 ----a-w C:\WINDOWS\system32\jscript.dll
+ 2007-08-13 17:38:04 491,520 ----a-w C:\WINDOWS\system32\jscript.dll
- 2007-10-11 05:59:22 16,384 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2007-10-10 23:49:44 27,648 ------w C:\WINDOWS\system32\jsproxy.dll
- 2004-08-05 12:00:00 22,528 ----a-w C:\WINDOWS\system32\licmgr10.dll
+ 2007-08-13 17:44:18 40,960 ----a-w C:\WINDOWS\system32\licmgr10.dll
+ 2007-10-10 23:49:44 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2007-10-10 23:49:44 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2007-08-13 17:36:40 12,288 ------w C:\WINDOWS\system32\msfeedssync.exe
- 2004-08-05 12:00:00 29,184 ----a-w C:\WINDOWS\system32\mshta.exe
+ 2007-08-13 17:32:30 45,568 ----a-w C:\WINDOWS\system32\mshta.exe
- 2007-10-30 09:57:54 3,086,848 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2007-10-31 03:53:50 3,590,656 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2007-10-11 05:59:26 449,024 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2007-10-10 23:49:44 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2004-08-05 12:00:00 57,344 ----a-w C:\WINDOWS\system32\mshtmler.dll
+ 2007-08-13 17:01:12 48,128 ----a-w C:\WINDOWS\system32\mshtmler.dll
- 2004-08-05 12:00:00 146,432 ----a-w C:\WINDOWS\system32\msls31.dll
+ 2007-08-13 17:54:10 156,160 ----a-w C:\WINDOWS\system32\msls31.dll
- 2007-10-11 05:59:26 146,432 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2007-10-10 23:49:44 193,024 ------w C:\WINDOWS\system32\msrating.dll
- 2007-10-11 05:59:27 532,480 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2007-10-10 23:49:45 671,232 ------w C:\WINDOWS\system32\mstime.dll
- 2004-08-05 12:00:00 97,280 ----a-w C:\WINDOWS\system32\occache.dll
+ 2007-10-10 23:49:45 102,400 ------w C:\WINDOWS\system32\occache.dll
- 2007-10-11 05:59:27 39,424 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2007-08-13 17:36:12 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2004-08-05 12:00:00 37,888 ----a-w C:\WINDOWS\system32\url.dll
+ 2007-10-10 23:49:45 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2007-10-11 05:59:29 620,032 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2007-10-10 23:49:45 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2004-08-09 19:27:06 438,272 ----a-w C:\WINDOWS\system32\vbscript.dll
+ 2007-08-13 17:54:10 413,696 ----a-w C:\WINDOWS\system32\vbscript.dll
- 2004-08-05 12:00:00 281,600 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2007-10-10 23:49:45 232,960 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2007-08-13 17:45:16 206,336 ------w C:\WINDOWS\system32\WinFXDocObj.exe
- 2007-10-11 05:59:29 670,208 ----a-w C:\WINDOWS\system32\wininet.dll
+ 2007-10-10 23:49:45 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AB71E94E-3DC4-41eb-BBD5-31E82C9FD1D4}]
C:\WINDOWS\system32\gzmrotate.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AutoCAD Digital Signatures Icon Overlay Handler]
@={36A21736-36C2-4C11-8ACB-D4136F2B57BD}

[HKEY_CLASSES_ROOT\CLSID\{36A21736-36C2-4C11-8ACB-D4136F2B57BD}]
2005-03-05 13:18 136312 --a------ C:\WINDOWS\system32\AcSignIcon.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2004-07-26 18:14]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-17 09:10]
"WOOKIT"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 15:55]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"gi819766163"="C:\DOCUME~1\Anthony\LOCALS~1\Temp\gi44PIO5.exe" []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-05 13:00 C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2004-09-29 12:23 C:\WINDOWS\system32\nwiz.exe]
"Cmaudio"="RunDll32 cmicnfg.cpl" []
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 08:06 C:\WINDOWS\AGRSMMSG.exe]
"Dit"="Dit.exe" [2004-04-02 12:31 C:\WINDOWS\Dit.exe]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
"CHotkey"="mHotkey.exe" [2002-07-23 10:09 C:\WINDOWS\mHotkey.exe]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2004-10-14 11:00]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2007-01-20 08:09]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 13:49]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\taskbaricon.exe" [2004-10-05 16:00]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10]
"nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-12-22 16:11]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"@"="C:\WINDOWS\SYSTEM\Rename.exe" [2002-05-16 11:17]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2007-02-23 23:02:58]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"AllowLegacyWebView"= 1 (0x1)
"AllowUnhashedWebView"= 1 (0x1)

R2 CA_LIC_CLNT;CA License Client;"C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe" [2003-10-12 23:20]
R2 LogWatch;Event Log Watch;"C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe" [2002-09-20 20:29]
R2 U3SHLPDR;U3SHLPDR;C:\WINDOWS\System32\Drivers\U3SHLPDR.SYS [2006-01-05 17:35]
R3 Cap7134;MEDION (7134) WDM Video Capture;C:\WINDOWS\system32\DRIVERS\Cap7134.sys [2003-06-05 08:04]
R3 CardReaderFilter;Card Reader Filter;C:\WINDOWS\system32\Drivers\USBCRFT.SYS [2007-12-22 09:21]
R3 cmudax;C-Media High Definition Audio Interface;C:\WINDOWS\system32\drivers\cmudax.sys [2004-10-01 13:58]
R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;C:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2003-06-12 08:47]
S3 CA_LIC_SRVR;CA License Server;"C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe" [2003-04-07 19:45]
S3 DCamUSBPremier;Premier USB Video Camera;C:\WINDOWS\system32\Drivers\mpixvid.sys [2004-06-29 16:19]
S3 SDVC04;USB DVC Service;C:\WINDOWS\system32\Drivers\SDVC04.sys [2003-05-22 11:02]
S3 TIEHDUSB;TIEHDUSB;C:\WINDOWS\system32\drivers\tiehdusb.sys [2004-02-04 17:27]
S3 U2SP;USB to Serial Converter Driver(Philips);C:\WINDOWS\system32\DRIVERS\u2s2kxp.sys [2003-05-14 11:29]
S3 v800bus;Sony Ericsson V800-Vodafone 802SE driver (WDM);C:\WINDOWS\system32\DRIVERS\v800bus.sys [2004-08-09 13:51]
S3 v800mdfl;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\v800mdfl.sys [2004-08-09 13:52]
S3 v800mdm;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\v800mdm.sys [2004-08-09 13:53]
S3 v800mgmt;Sony Ericsson V800-Vodafone 802SE USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\v800mgmt.sys [2004-08-09 13:54]
S3 v800obex;Sony Ericsson V800-Vodafone 802SE USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\v800obex.sys [2004-08-09 13:55]
S3 VendorJoystickEnabler;XCtrl XBOX Control HID Minidriver r1;C:\WINDOWS\system32\Drivers\xctrl.sys [2002-12-05 10:31]
S3 xbreader;ActionReplay XBox Driver (xbreader.sys);C:\WINDOWS\system32\Drivers\xbreader.sys [2001-01-02 21:53]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\Shell\AutoRun\command - G:\setup.exe
\Shell\install\command - G:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\L]
\Shell\AutoRun\command - L:\autorun.exe
\Shell\directx\command - L:\DirectX9\dxsetup.exe
\Shell\setup\command - L:\install.exe

.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-25 20:23:49
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]
-> C:\Program Files\Eset\pr_imon.dll
.
Completion time: 2007-12-25 20:24:17
C:\ComboFix2.txt ... 2007-12-22 09:22
.
2007-12-22 08:34:52 --- E O F ---


voila le resultat du scan que faire maintenant??

Wednesday, December 26, 2007 1:26:58 PM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 26/12/2007
Enregistrements dans la base antivirus Kaspersky : 462111
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
A:\
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\
L:\
M:\
Statistiques de l'analyse
Total d'objets analysés 137816
Nombre de virus trouvés 0
Nombre d'objets infectés 0 / 0
Nombre d'objets suspects 0
Durée de l'analyse 02:00:23

Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\Anthony\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Anthony\Local Settings\Application Data\Microsoft\Messenger\drake88@hotmail.fr\SharingMetadata\Logs\Dfsr00005.log L'objet est verrouillé ignoré
C:\Documents and Settings\Anthony\Local Settings\Application Data\Microsoft\Messenger\drake88@hotmail.fr\SharingMetadata\pending.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Anthony\Local Settings\Application Data\Microsoft\Messenger\drake88@hotmail.fr\SharingMetadata\Working\database_6EB8_A464_B8A4_2C91\dfsr.db L'objet est verrouillé ignoré
C:\Documents and Settings\Anthony\Local Settings\Application Data\Microsoft\Messenger\drake88@hotmail.fr\SharingMetadata\Working\database_6EB8_A464_B8A4_2C91\fsr.log L'objet est verrouillé ignoré
C:\Documents and Settings\Anthony\Local Settings\Application Data\Microsoft\Messenger\drake88@hotmail.fr\SharingMetadata\Working\database_6EB8_A464_B8A4_2C91\fsrtmp.log L'objet est verrouillé ignoré
C:\Documents and Settings\Anthony\Local Settings\Application Data\Microsoft\Messenger\drake88@hotmail.fr\SharingMetadata\Working\database_6EB8_A464_B8A4_2C91\tmp.edb L'objet est verrouillé ignoré
C:\Documents and Settings\Anthony\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Anthony\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\Anthony\Local Settings\Application Data\Microsoft\Windows Live Contacts\drake88@hotmail.fr\real\members.stg L'objet est verrouillé ignoré
C:\Documents and Settings\Anthony\Local Settings\Application Data\Microsoft\Windows Live Contacts\drake88@hotmail.fr\shadow\members.stg L'objet est verrouillé ignoré
C:\Documents and Settings\Anthony\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Anthony\Local Settings\Temp\~DF1E70.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Anthony\Local Settings\Temp\~DF1EC7.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Anthony\Local Settings\Temp\~DFFE79.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Anthony\Local Settings\Temp\~DFFE92.tmp L'objet est verrouillé ignoré
C:\Documents and Settings\Anthony\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Anthony\ntuser.dat L'objet est verrouillé ignoré
C:\Documents and Settings\Anthony\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Cookies\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat L'objet est verrouillé ignoré
C:\Documents and Settings\LocalService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\NTUSER.DAT L'objet est verrouillé ignoré
C:\Documents and Settings\NetworkService\ntuser.dat.LOG L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_AGENT_LOG1.txt L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_AUDIO\CLML.db L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_AUDIO\CLML.db-journal L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_BINARY\CLML.db L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_BLOB\CLML.db L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_BLOB\CLML.db-journal L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_GLOBAL\CLML.db L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_GLOBAL\CLML.db-journal L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_IMAGE\CLML.db L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_IMAGE\CLML.db-journal L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_MAIN\CLML.db L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_MAIN\CLML.db-journal L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_TV\CLML.db L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_TV\CLML.db-journal L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_VIDEO\CLML.db L'objet est verrouillé ignoré
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLML_VIDEO\CLML.db-journal L'objet est verrouillé ignoré
C:\Program Files\ESET\cache\CACHE.NDB L'objet est verrouillé ignoré
C:\Program Files\ESET\logs\virlog.dat L'objet est verrouillé ignoré
C:\Program Files\ESET\logs\warnlog.dat L'objet est verrouillé ignoré
C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP952\change.log L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\EventCache\{8867138C-F80A-4797-9CC7-148769BD04A9}.bin L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\sptd.sys L'objet est verrouillé ignoré
C:\WINDOWS\system32\drivers\sptd1357.sys L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\LogFiles\WUDF\WUDFTrace.etl L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
Analyse terminée.

voila le rapport!! que faire maintenant?

oui je n'en n'avais plus eu jusque hier ou une page c'est ouverte lorsque j'ai utiliser firefox. de plus cela me plante systematiquement firefox et mon pc est relativement lent. c'est une M***e ce virus!!
je crois qu'il va falloir formater non?

bonjour je tiens tout d'abord a vous remercier a l'attention que vous portez a mon probleme.

voici le nouveau rapport combofix

ComboFix 07-12-21.4 - Anthony 2007-12-27 23:21:17.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.485 [GMT 1:00]
Running from: C:\Documents and Settings\Anthony\Bureau\ComboFix.exe
.

((((((((((((((((((((((((((((( Fichiers créés 2007-11-27 to 2007-12-27 ))))))))))))))))))))))))))))))))))))
.

2007-12-27 10:35 . 2007-12-27 10:35 <REP> d-------- C:\WINDOWS\LastGood
2007-12-26 23:53 . 2007-12-27 10:27 152 --a------ C:\Documents and Settings\Anthony\brdgInst.bat
2007-12-26 16:51 . 2007-12-27 10:32 <REP> d-------- C:\Program Files\RALINK
2007-12-26 14:38 . 2007-12-26 14:40 <REP> d-------- C:\GAOPerso 2000
2007-12-26 14:38 . 1997-01-29 17:58 462,848 --a------ C:\WINDOWS\system32\NMW3VWN.DLL
2007-12-26 14:38 . 1997-01-29 17:53 240,640 --a------ C:\WINDOWS\system32\NMOCOD.DLL
2007-12-26 14:38 . 1997-01-29 18:05 169,472 --a------ C:\WINDOWS\system32\HTML.OCX
2007-12-26 14:38 . 1997-03-04 13:44 66,560 --a------ C:\WINDOWS\system32\NMORENU.DLL
2007-12-26 14:38 . 1997-01-29 17:46 48,128 --a------ C:\WINDOWS\system32\NMSCKN.DLL
2007-12-26 14:37 . 2007-12-26 14:37 <REP> d-------- C:\gaopersodemo
2007-12-26 10:50 . 2007-12-26 10:50 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-12-25 23:16 . 2007-12-25 23:24 <REP> d-------- C:\Program Files\WinAVI MP4 Converter
2007-12-14 23:19 . 2007-12-14 23:19 <REP> d-------- C:\Program Files\Lavasoft
2007-12-14 23:19 . 2007-12-14 23:19 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-12-08 21:03 . 2007-12-08 21:03 <REP> d-------- C:\Documents and Settings\NetworkService\Application Data\X10 Commander
2007-12-01 10:58 . 2007-12-14 23:18 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-12-01 10:57 . 2007-12-01 10:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2007-12-01 09:46 . 2007-12-01 09:46 <REP> d-------- C:\Program Files\Windows Live

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-27 22:18 --------- d-----w C:\Program Files\Wanadoo
2007-12-27 13:26 13,440 ----a-w C:\WINDOWS\system32\drivers\USBCRFT.SYS
2007-12-26 18:37 --------- d-----w C:\Program Files\Microsoft Picture It! PhotoPub
2007-12-26 16:57 --------- d-----w C:\Program Files\Nvu
2007-12-26 16:56 --------- d-----w C:\Program Files\SpeedFan
2007-12-26 16:53 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
2007-12-26 15:51 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-22 15:13 --------- d-----w C:\Program Files\Pack Sécurité
2007-12-22 15:06 --------- d-----w C:\Documents and Settings\All Users\Application Data\F-Secure
2007-12-22 14:46 --------- d-----w C:\Documents and Settings\All Users\Application Data\fssg
2007-12-08 15:18 --------- d-----w C:\Documents and Settings\Anthony\Application Data\AdobeUM
2007-12-01 23:11 --------- d-----w C:\Program Files\DivX
2007-12-01 10:16 --------- d-----w C:\Program Files\PlayMP3z
2007-12-01 10:03 --------- d-----w C:\Program Files\Everest Poker
2007-12-01 08:46 --------- d-----w C:\Program Files\MSN Messenger
2007-12-01 08:46 --------- d-----w C:\Program Files\Messenger Plus! Live
2007-12-01 08:36 --------- d-----w C:\Program Files\CA
2007-12-01 08:36 --------- d-----w C:\Documents and Settings\All Users\Application Data\CA
2007-12-01 08:32 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2007-12-01 08:22 --------- d-----w C:\Documents and Settings\Anthony\Application Data\CallingID
2007-11-26 19:55 --------- d-----w C:\Program Files\VideoLAN
2007-11-26 19:49 --------- d-----w C:\Program Files\PCPitstop
2007-11-25 10:45 --------- d-----w C:\Program Files\FrostWire
2007-11-25 10:45 --------- d-----w C:\Documents and Settings\Anthony\Application Data\FrostWire
2007-11-24 12:53 --------- d-----w C:\Documents and Settings\Anthony\Application Data\Nokia
2007-11-18 12:56 --------- d-----w C:\Documents and Settings\All Users\Application Data\Nokia
2007-11-18 12:55 --------- d-----w C:\Program Files\Nokia
2007-11-18 12:55 --------- d-----w C:\Program Files\Fichiers communs\Nokia
2007-11-18 12:54 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
2007-11-18 11:30 --------- d-----w C:\Program Files\Fichiers communs\PCSuite
2007-11-18 11:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Downloaded Installations
2007-11-18 11:29 --------- d-----w C:\Program Files\PC Connectivity Solution
2007-11-17 22:10 --------- d-----w C:\Documents and Settings\Anthony\Application Data\Nokia Multimedia Player
2007-11-17 21:50 --------- d-----w C:\Documents and Settings\Anthony\Application Data\PC Suite
2007-11-17 21:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\PC Suite
2007-11-17 21:43 --------- d-----w C:\Program Files\DIFX
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-08 19:12 --------- d-----w C:\Program Files\Java
2007-11-08 19:04 --------- d-----w C:\Documents and Settings\Anthony\Application Data\Azureus
2007-11-06 17:50 --------- d-----w C:\Documents and Settings\Anthony\Application Data\vlc
2007-11-06 17:47 --------- d-----w C:\Documents and Settings\Anthony\Application Data\LimeWire
2007-11-04 18:01 89,816 ----a-w C:\Documents and Settings\Anthony\Application Data\GDIPFONTCACHEV1.DAT
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-09-29 15:26 1,560 ----a-w C:\Documents and Settings\Anthony\Application Data\wklnhst.dat
2005-11-24 20:10 0 ----a-w C:\Program Files\uninstall.uif
2005-09-03 21:52 1,313 ----a-w C:\Documents and Settings\Anthony\file1.exe
2004-08-05 12:00 65,024 --sha-w C:\WINDOWS\system32\asycfilt.dll
2006-08-25 15:51 617,472 --sha-w C:\WINDOWS\system32\comctl32.dll
2004-08-05 12:00 1,028,096 --sha-w C:\WINDOWS\system32\mfc42.dll
2004-08-05 12:00 57,344 --sha-w C:\WINDOWS\system32\mfc42loc.dll
2004-08-05 12:00 413,696 --sha-w C:\WINDOWS\system32\msvcp60.dll
2004-08-05 12:00 343,040 --sha-w C:\WINDOWS\system32\msvcrt.dll
2004-08-05 12:00 253,952 --sha-w C:\WINDOWS\system32\msvcrt20.dll
2007-05-17 11:29 549,376 --sha-w C:\WINDOWS\system32\oleaut32.dll
2004-08-05 12:00 83,456 --sha-w C:\WINDOWS\system32\olepro32.dll
2004-08-05 12:00 30,749 --sha-w C:\WINDOWS\system32\vbajet32.dll
.

((((((((((((((((((((((((((((( snapshot_2007-12-25_20.23.52,17 )))))))))))))))))))))))))))))))))))))))))
.
+ 2005-10-27 14:06:30 356,096 ----a-w C:\WINDOWS\system32\drivers\rt61.sys
+ 2005-05-16 18:34:48 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2006-03-20 12:17:24 65,536 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2006-03-20 12:17:20 798,720 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
- 2007-11-04 19:12:05 52,434 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2007-12-26 15:57:55 52,434 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2007-11-04 19:12:05 62,964 ----a-w C:\WINDOWS\system32\perfc00C.dat
+ 2007-12-26 15:57:55 62,964 ----a-w C:\WINDOWS\system32\perfc00C.dat
- 2007-11-04 19:12:05 376,636 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2007-12-26 15:57:55 376,636 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2007-11-04 19:12:05 441,278 ----a-w C:\WINDOWS\system32\perfh00C.dat
+ 2007-12-26 15:57:55 441,278 ----a-w C:\WINDOWS\system32\perfh00C.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AB71E94E-3DC4-41eb-BBD5-31E82C9FD1D4}]
C:\WINDOWS\system32\gzmrotate.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AutoCAD Digital Signatures Icon Overlay Handler]
@={36A21736-36C2-4C11-8ACB-D4136F2B57BD}

[HKEY_CLASSES_ROOT\CLSID\{36A21736-36C2-4C11-8ACB-D4136F2B57BD}]
2005-03-05 13:18 136312 --a------ C:\WINDOWS\system32\AcSignIcon.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2004-07-26 18:14]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-17 09:10]
"WOOKIT"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 15:55]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"gi819766163"="C:\DOCUME~1\Anthony\LOCALS~1\Temp\gi44PIO5.exe" []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-05 13:00 C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2004-09-29 12:23 C:\WINDOWS\system32\nwiz.exe]
"Cmaudio"="RunDll32 cmicnfg.cpl" []
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 08:06 C:\WINDOWS\AGRSMMSG.exe]
"Dit"="Dit.exe" [2004-04-02 12:31 C:\WINDOWS\Dit.exe]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
"CHotkey"="mHotkey.exe" [2002-07-23 10:09 C:\WINDOWS\mHotkey.exe]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2004-10-14 11:00]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2007-01-20 08:09]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 13:49]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\taskbaricon.exe" [2004-10-05 16:00]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 10:17]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"@"="C:\WINDOWS\SYSTEM\Rename.exe" [2002-05-16 11:17]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2007-02-23 23:02:58]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"AllowLegacyWebView"= 1 (0x1)
"AllowUnhashedWebView"= 1 (0x1)

R2 CA_LIC_CLNT;CA License Client;"C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe" [2003-10-12 23:20]
R2 LogWatch;Event Log Watch;"C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe" [2002-09-20 20:29]
R2 U3SHLPDR;U3SHLPDR;C:\WINDOWS\System32\Drivers\U3SHLPDR.SYS [2006-01-05 17:35]
R3 Cap7134;MEDION (7134) WDM Video Capture;C:\WINDOWS\system32\DRIVERS\Cap7134.sys [2003-06-05 08:04]
R3 CardReaderFilter;Card Reader Filter;C:\WINDOWS\system32\Drivers\USBCRFT.SYS [2007-12-27 14:26]
R3 cmudax;C-Media High Definition Audio Interface;C:\WINDOWS\system32\drivers\cmudax.sys [2004-10-01 13:58]
R3 PhTVTune;MEDION TV-TUNER 7134 MK2/3;C:\WINDOWS\system32\DRIVERS\PhTVTune.sys [2003-06-12 08:47]
S3 CA_LIC_SRVR;CA License Server;"C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe" [2003-04-07 19:45]
S3 DCamUSBPremier;Premier USB Video Camera;C:\WINDOWS\system32\Drivers\mpixvid.sys [2004-06-29 16:19]
S3 SDVC04;USB DVC Service;C:\WINDOWS\system32\Drivers\SDVC04.sys [2003-05-22 11:02]
S3 TIEHDUSB;TIEHDUSB;C:\WINDOWS\system32\drivers\tiehdusb.sys [2004-02-04 17:27]
S3 U2SP;USB to Serial Converter Driver(Philips);C:\WINDOWS\system32\DRIVERS\u2s2kxp.sys [2003-05-14 11:29]
S3 v800bus;Sony Ericsson V800-Vodafone 802SE driver (WDM);C:\WINDOWS\system32\DRIVERS\v800bus.sys [2004-08-09 13:51]
S3 v800mdfl;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\v800mdfl.sys [2004-08-09 13:52]
S3 v800mdm;Sony Ericsson V800-Vodafone 802SE USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\v800mdm.sys [2004-08-09 13:53]
S3 v800mgmt;Sony Ericsson V800-Vodafone 802SE USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\v800mgmt.sys [2004-08-09 13:54]
S3 v800obex;Sony Ericsson V800-Vodafone 802SE USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\v800obex.sys [2004-08-09 13:55]
S3 VendorJoystickEnabler;XCtrl XBOX Control HID Minidriver r1;C:\WINDOWS\system32\Drivers\xctrl.sys [2002-12-05 10:31]
S3 xbreader;ActionReplay XBox Driver (xbreader.sys);C:\WINDOWS\system32\Drivers\xbreader.sys [2001-01-02 21:53]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\Shell\AutoRun\command - G:\setup.exe
\Shell\install\command - G:\setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\L]
\Shell\AutoRun\command - L:\autorun.exe
\Shell\directx\command - L:\DirectX9\dxsetup.exe
\Shell\setup\command - L:\install.exe

*Newly Created Service* - SYSMONLOG
.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-27 23:23:57
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-27 23:24:28
C:\ComboFix2.txt ... 2007-12-25 20:24
C:\ComboFix3.txt ... 2007-12-22 09:22
.
2007-12-22 08:34:52 --- E O F ---


ps: que regardez vous dans ce rapport??

Re


Relance un scan HijackThis et coche les lignes ci-dessous :

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: optimizer by rightonadz - {AB71E94E-3DC4-41eb-BBD5-31E82C9FD1D4} - C:\WINDOWS\system32\gzmrotate.dll (file missing)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [] "C:\WINDOWS\SYSTEM\Rename.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.mail.live.com/mail/w1/ [...] NPUpld.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {94EB57FE-2720-496C-B33F-D9353C6E23F7} (F-Secure Online Scanner 2.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/bina [...] b32846.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/bina [...] b31267.cab

Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »


Télécharge OTMoveIt (de Old_Timer) sur ton Bureau.
http://download.bleepingcomputer.c [...] MoveIt.exe
Double-clique sur OTMoveIt.exe pour le lancer.
Copie la liste qui se trouve ci-dessous, et colle-la dans le cadre de gauche de OTMoveIt aste List of Files/Folders to be moved.

C:\Program Files\Mozilla Firefox\components\nsBrowserOpt.dll
C:\WINDOWS\system32\gzmrotate.dll

Clique sur MoveIt! pour lancer la suppression.
Le résultat apparaitra dans le cadre Results.
Clique sur Exit pour fermer.

Il te sera peut-être demander de redémarrer le PC pour achever la suppression. Si c'est le cas accepte par Yes.

Poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

As tu encore ces pages ?

Encore deux choses.

Va sur ce lien pour mieux sécuriser ton PC
http://www.infos-du-net.com/forum/ [...] ordinateur

Edite ton premier message et ajoute Résolu à côté de ton titre.