infection smitfraud core cache

Bonjour,

Quel emplacement ?

Télécharge puis installe Hijackthis (Trend Micro).
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

bonjour angeldark,

merci pour ta réponse trés rapide, il se trouve dans C:\WINDOWS\system32\drivers

je te poste le rapport hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 19:48:25, on 29/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O8 - Extra context menu item: Consulter les dictionnaires (SYSTRAN) - res://G:\Program Files\SYSTRAN\6\\GUIres.dll/lookup.js
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Traduire (SYSTRAN) - res://G:\Program Files\SYSTRAN\6\\GUIres.dll/translate.js
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Re,

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.

Double clique sur combofix.exe afin de le lancer.

Tape sur la touche 1 (Yes) pour démarrer le scan.

Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

scan terminé,et voilà

ComboFix 08-01-29.3 - laurent 2008-01-29 20:03:24.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1436 [GMT 1:00]
Endroit: C:\Documents and Settings\laurent\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\drivers\core.cache.dsk . . . . Echec de suppression

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-12-28 to 2008-01-29 ))))))))))))))))))))))))))))))))))))
.

2008-01-29 19:45 . 2008-01-29 19:45 <REP> d-------- C:\Program Files\Freeplayer
2008-01-29 19:11 . 2008-01-29 19:48 <REP> d-------- C:\Program Files\Hijackthis Version Fran‡aise
2008-01-29 19:11 . 2008-01-29 19:47 <REP> d-------- C:\Documents and Settings\laurent\Application Data\vlc
2008-01-28 23:35 . 2008-01-29 00:15 265 --a------ C:\WINDOWS\wininit.ini
2008-01-28 23:00 . 2008-01-28 23:00 86,144 --a------ C:\WINDOWS\system32\drivers\mrxsmbb.sys
2008-01-28 23:00 . 2008-01-29 20:08 932 --a------ C:\WINDOWS\system32\drivers\core.cache.dsk
2008-01-27 22:23 . 2008-01-27 22:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Aspyr
2008-01-27 01:49 . 2008-01-27 01:49 <REP> d--h----- C:\Program Files\Zero G Registry
2008-01-27 01:48 . 2008-01-27 01:48 <REP> d--h----- C:\Documents and Settings\laurent\InstallAnywhere
2008-01-25 20:01 . 2008-01-25 20:02 14,565,344 --a------ C:\France 2 - 05-01-2008 21h09 2h.ts
2008-01-25 19:48 . 2008-01-25 19:48 <REP> d-------- C:\Program Files\IZArc
2008-01-24 18:39 . 2008-01-24 18:39 <REP> d-------- C:\Documents and Settings\laurent\Application Data\SEGA
2008-01-23 18:09 . 2008-01-23 18:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-01-23 18:04 . 2007-03-14 01:57 144,896 -ra------ C:\WINDOWS\system32\libsyslic1.original.dll
2008-01-23 11:58 . 1998-09-02 09:02 194,320 --a------ C:\WINDOWS\system32\qcut.dll
2008-01-23 11:58 . 1998-08-27 05:51 182,032 --a------ C:\WINDOWS\system32\dxtmsft3.dll
2008-01-23 11:58 . 1998-08-20 12:02 140,800 --a------ C:\WINDOWS\system32\tm20dec.ax
2008-01-23 11:58 . 1998-09-02 09:28 63,488 --a------ C:\WINDOWS\system32\unam4ie.exe
2008-01-23 11:58 . 1998-09-02 09:28 38,160 --a------ C:\WINDOWS\system32\LMRTREND.dll
2008-01-23 11:58 . 1998-08-17 10:21 11,776 --a------ C:\WINDOWS\system32\mciqtz.drv
2008-01-23 11:58 . 1998-08-17 10:21 10,240 --a------ C:\WINDOWS\system32\vidx16.dll
2008-01-23 11:58 . 1998-08-17 10:21 5,672 --a------ C:\WINDOWS\system32\quartz.vxd
2008-01-23 11:58 . 2008-01-23 11:58 4,608 --a------ C:\WINDOWS\system32\w95inf32.dll
2008-01-23 11:58 . 2008-01-23 11:58 2,272 --a------ C:\WINDOWS\system32\w95inf16.dll
2008-01-23 11:57 . 2008-01-25 18:27 11 --a------ C:\trace.ini
2008-01-23 00:30 . 2008-01-23 00:30 <REP> d-------- C:\Program Files\Red Kawa
2008-01-22 23:35 . 2008-01-22 23:51 <REP> d-------- C:\Program Files\Videora
2008-01-22 23:29 . 2004-05-25 17:06 417,792 --a------ C:\WINDOWS\system32\ac3filter.ax
2008-01-22 23:29 . 2005-02-27 21:48 356,352 --a------ C:\WINDOWS\system32\RealMediaSplitter.ax
2008-01-22 23:29 . 2004-01-10 17:02 258,048 --a------ C:\WINDOWS\system32\GplMpgDec.ax
2008-01-22 22:56 . 2008-01-22 22:56 <REP> d-------- C:\Program Files\iTunes
2008-01-22 22:56 . 2008-01-22 22:56 <REP> d-------- C:\Program Files\iPod
2008-01-22 22:56 . 2008-01-29 19:36 <REP> d-------- C:\Program Files\Bonjour
2008-01-22 22:56 . 2008-01-22 22:56 <REP> d-------- C:\Documents and Settings\laurent\Application Data\Apple Computer
2008-01-22 22:56 . 2008-01-29 20:08 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-22 22:56 . 2008-01-22 22:56 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-22 22:55 . 2008-01-22 22:56 <REP> d-------- C:\Program Files\QuickTime
2008-01-22 22:55 . 2008-01-22 22:55 <REP> d-------- C:\Program Files\Apple Software Update
2008-01-22 22:55 . 2008-01-22 22:56 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-01-22 22:55 . 2008-01-15 02:39 30,464 --a------ C:\WINDOWS\system32\drivers\usbaapl.sys
2008-01-22 22:54 . 2008-01-22 22:54 <REP> d-------- C:\Program Files\Fichiers communs\Apple
2008-01-22 22:54 . 2008-01-22 22:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-01-21 00:04 . 2008-01-21 00:04 <REP> d-------- C:\Program Files\Diskeeper Corporation
2008-01-21 00:04 . 2008-01-21 00:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Diskeeper Corporation
2008-01-20 23:58 . 2008-01-20 23:58 <REP> d-------- C:\Diskeeper Pro Premier2007 (11.0.701.0)
2008-01-20 22:11 . 2008-01-20 22:11 <REP> d-------- C:\Program Files\Windows Live
2008-01-20 22:11 . 2008-01-20 22:11 268 --ah----- C:\sqmdata01.sqm
2008-01-20 22:11 . 2008-01-20 22:11 244 --ah----- C:\sqmnoopt01.sqm
2008-01-20 17:47 . 2008-01-28 23:07 116 --a------ C:\WINDOWS\NeroDigital.ini
2008-01-20 17:08 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-01-20 15:38 . 2008-01-20 15:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-01-20 12:16 . 2008-01-20 17:52 <REP> d-------- C:\WINDOWS\SxsCaPendDel
2008-01-20 12:14 . 2008-01-24 18:44 <REP> d-------- C:\Documents and Settings\laurent\Tracing
2008-01-20 12:13 . 2008-01-20 12:13 268 --ah----- C:\sqmdata00.sqm
2008-01-20 12:13 . 2008-01-20 12:13 244 --ah----- C:\sqmnoopt00.sqm
2008-01-20 12:11 . 2008-01-23 18:06 878,080 --a------ C:\WINDOWS\system32\iconv.dll
2008-01-20 12:11 . 2008-01-23 18:06 721,920 --a------ C:\WINDOWS\system32\libxml2.dll
2008-01-20 12:11 . 2008-01-23 18:06 170,432 --a------ C:\WINDOWS\system32\libsyslic1.pd
2008-01-20 12:11 . 2008-01-23 18:06 150,016 --a------ C:\WINDOWS\system32\libxslt.dll
2008-01-20 12:11 . 2007-03-24 12:45 57,344 -ra------ C:\WINDOWS\system32\libsyslic1.dll
2008-01-20 12:11 . 2008-01-23 18:06 51,200 --a------ C:\WINDOWS\system32\libexslt.dll
2008-01-20 12:11 . 2008-01-23 16:25 192 --a------ C:\WINDOWS\system32\libsyslic1.ls
2008-01-20 12:09 . 2008-01-23 18:09 <REP> d-------- C:\Documents and Settings\laurent\Application Data\SYSTRAN
2008-01-20 12:09 . 2008-01-20 12:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SYSTRAN
2008-01-20 12:07 . 2008-01-20 12:07 <REP> d-------- C:\WINDOWS\system32\URTTemp
2008-01-20 11:43 . 2008-01-29 19:38 <REP> d-------- C:\Program Files\ewido anti-spyware 4.0
2008-01-20 11:39 . 2008-01-20 11:39 <REP> d-------- C:\Program Files\MSBuild
2008-01-20 11:39 . 2008-01-20 11:39 <REP> d-------- C:\Program Files\Microsoft Works
2008-01-20 11:36 . 2008-01-20 11:39 <REP> d-------- C:\WINDOWS\SHELLNEW
2008-01-20 11:36 . 2008-01-20 11:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-01-20 11:35 . 2008-01-20 11:35 <REP> dr-h----- C:\MSOCache
2008-01-20 10:16 . 2008-01-20 10:16 <REP> d-------- C:\Program Files\Lavasoft
2008-01-20 10:16 . 2008-01-20 10:16 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-01-20 10:16 . 2008-01-20 10:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-17 21:40 . 2008-01-17 21:40 <REP> d-------- C:\Documents and Settings\laurent\Application Data\Ahead
2008-01-17 21:39 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-01-17 21:38 . 2008-01-17 21:38 <REP> d-------- C:\Program Files\Nero
2008-01-17 21:38 . 2008-01-17 21:38 <REP> d-------- C:\Program Files\Fichiers communs\Ahead
2008-01-17 21:35 . 2008-01-17 21:35 <REP> d-------- C:\Program Files\DAEMON Tools
2008-01-17 21:19 . 2008-01-17 21:19 682,232 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-01-17 20:11 . 2008-01-17 20:11 <REP> d-------- C:\Documents and Settings\laurent\Application Data\ESET
2008-01-17 20:11 . 2008-01-07 14:29 352 --ah----- C:\WINDOWS\nod32fixtemdono.reg
2008-01-17 20:09 . 2008-01-17 20:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ESET
2008-01-17 19:53 . 2008-01-17 19:53 <REP> d--h----- C:\WINDOWS\system32\GroupPolicy
2008-01-17 19:35 . 2008-01-17 19:35 <REP> d-------- C:\Program Files\QuickPar
2008-01-17 19:08 . 2008-01-28 22:33 <REP> d-------- C:\Documents and Settings\laurent\Application Data\GrabIt
2008-01-17 18:54 . 2008-01-17 18:54 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-01-17 18:52 . 2008-01-17 18:59 <REP> d-------- C:\Program Files\GrabIt
2008-01-17 18:41 . 2008-01-17 18:41 <REP> d-------- C:\WINDOWS\system32\drivers\umdf
2008-01-17 18:37 . 2008-01-17 18:37 <REP> d-------- C:\Documents and Settings\laurent\Application Data\TuneUp Software
2008-01-17 18:36 . 2008-01-23 00:30 <REP> d-------- C:\Program Files\AviSynth 2.5
2008-01-17 18:36 . 2006-10-07 17:43 502,784 --a------ C:\WINDOWS\x2.64.exe
2008-01-17 18:36 . 2007-05-14 15:24 394,240 --a------ C:\WINDOWS\system32\Smab.dll
2008-01-17 18:36 . 2005-02-28 13:16 240,128 --a------ C:\WINDOWS\system32\x.264.exe
2008-01-17 18:36 . 2006-04-12 09:47 217,073 --a------ C:\WINDOWS\meta4.exe
2008-01-17 18:36 . 2004-01-25 00:00 70,656 --a------ C:\WINDOWS\system32\yv12vfw.dll
2008-01-17 18:36 . 2004-01-25 00:00 70,656 --a------ C:\WINDOWS\system32\i420vfw.dll
2008-01-17 18:36 . 2006-04-05 08:09 66,560 --a------ C:\WINDOWS\MOTA113.exe
2008-01-17 18:36 . 2005-07-14 12:31 27,648 --a------ C:\WINDOWS\system32\AVSredirect.dll
2008-01-17 18:35 . 2008-01-17 18:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-29 18:48 --------- d-----w C:\Program Files\Hijackthis Version Française
2008-01-20 09:21 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-01-17 16:59 --------- d-----w C:\Documents and Settings\laurent\Application Data\ma-config.com
2008-01-17 15:20 --------- d-----w C:\Program Files\Fichiers communs\SpeechEngines
2008-01-17 15:20 --------- d-----w C:\Program Files\Fichiers communs\ODBC
2008-01-17 15:12 --------- d-----w C:\Program Files\ma-config.com
2008-01-17 14:43 --------- d-----w C:\Program Files\Sunbelt Software
2008-01-17 14:36 --------- d--h--w C:\Program Files\Uninstall Information
2008-01-17 14:33 --------- d-----w C:\Program Files\microsoft frontpage
2008-01-17 14:31 --------- d-----w C:\Program Files\Services en ligne
2008-01-17 14:30 --------- d-----w C:\Program Files\Fichiers communs\MSSoap
2008-01-07 21:39 49,444,403 ----a-w C:\WINDOWS\inf\TousLesPilotes.EXE
2007-12-21 07:21 33,800 ----a-w C:\WINDOWS\system32\drivers\epfwtdir.sys
2007-12-21 07:20 30,216 ----a-w C:\WINDOWS\system32\drivers\easdrv.sys
2007-12-21 07:19 39,944 ----a-w C:\WINDOWS\system32\drivers\eamon.sys
2007-12-05 00:41 753,664 ----a-w C:\WINDOWS\system32\nvcplui.exe
2007-12-05 00:41 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll
2007-12-05 00:41 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll
2007-12-05 00:41 442,368 ----a-w C:\WINDOWS\system32\nvappbar.exe
2007-12-05 00:41 425,984 ----a-w C:\WINDOWS\system32\keystone.exe
2007-12-05 00:41 307,200 ----a-w C:\WINDOWS\system32\nvexpbar.dll
2007-12-05 00:41 147,456 ----a-w C:\WINDOWS\system32\nvcolor.exe
2007-12-05 00:41 1,703,936 ----a-w C:\WINDOWS\system32\nvwdmcpl.dll
2007-12-05 00:41 1,626,112 ----a-w C:\WINDOWS\system32\nwiz.exe
2007-12-05 00:41 1,474,560 ----a-w C:\WINDOWS\system32\nview.dll
2007-12-05 00:41 1,339,392 ----a-w C:\WINDOWS\system32\nvdspsch.exe
2007-12-05 00:41 1,089,536 ----a-w C:\WINDOWS\system32\nvcuda.dll
2007-12-05 00:41 1,073,152 ----a-w C:\WINDOWS\system32\nvcpluir.dll
2007-12-05 00:41 1,019,904 ----a-w C:\WINDOWS\system32\nvwimg.dll
2007-11-19 09:27 269,312 ----a-w C:\WINDOWS\inf\yk51x86.sys
2007-11-07 14:34 51,736 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-26 10:20 4,124,352 ----a-r C:\WINDOWS\inf\alcxwdm.sys
2007-10-05 13:25 81,920 ----a-w C:\WINDOWS\inf\nvwddi.dll
2007-10-05 13:25 81,920 ----a-w C:\WINDOWS\inf\nvmctray.dll
2007-10-05 13:25 8,491,008 ----a-w C:\WINDOWS\inf\nvcpl.dll
2007-10-05 13:25 6,854,368 ----a-w C:\WINDOWS\inf\nv4_mini.sys
2007-10-05 13:25 6,750,208 ----a-w C:\WINDOWS\inf\nvoglnt.dll
2007-10-05 13:25 6,344,704 ----a-w C:\WINDOWS\inf\nvdisps.dll
2007-10-05 13:25 5,755,520 ----a-w C:\WINDOWS\inf\nv4_disp.dll
2007-10-05 13:25 5,509,120 ----a-w C:\WINDOWS\inf\nvdispsr.dll
2007-10-05 13:25 458,752 ----a-w C:\WINDOWS\inf\nvmccssr.dll
2007-10-05 13:25 364,544 ----a-w C:\WINDOWS\inf\nvapi.dll
2007-10-05 13:25 36,864 ----a-w C:\WINDOWS\inf\nvcodins.dll
2007-10-05 13:25 36,864 ----a-w C:\WINDOWS\inf\nvcod.dll
2007-10-05 13:25 3,629,056 ----a-w C:\WINDOWS\inf\nvvitvsr.dll
2007-10-05 13:25 3,551,232 ----a-w C:\WINDOWS\inf\nvvitvs.dll
2007-10-05 13:25 3,334,144 ----a-w C:\WINDOWS\inf\nvgames.dll
2007-10-05 13:25 3,166,208 ----a-w C:\WINDOWS\inf\nvgamesr.dll
2007-10-05 13:25 286,720 ----a-w C:\WINDOWS\inf\nvnt4cpl.dll
2007-10-05 13:25 229,376 ----a-w C:\WINDOWS\inf\nvmccs.dll
2007-10-05 13:25 2,854,912 ----a-w C:\WINDOWS\inf\nvmoblsr.dll
2007-10-05 13:25 2,441,216 ----a-w C:\WINDOWS\inf\nvwssr.dll
2007-10-05 13:25 2,371,584 ----a-w C:\WINDOWS\inf\nvwss.dll
2007-10-05 13:25 188,416 ----a-w C:\WINDOWS\inf\nvmccss.dll
2007-10-05 13:25 155,716 ----a-w C:\WINDOWS\inf\nvsvc32.exe
2007-10-05 13:25 1,150,976 ----a-w C:\WINDOWS\inf\nvmobls.dll
2007-04-16 14:28 577,536 ----a-w C:\WINDOWS\inf\SoundMan.exe
2007-02-07 17:30 209,200 ----a-w C:\WINDOWS\inf\Si3114r5.sys
2007-01-30 22:17 28,768 ----a-w C:\WINDOWS\inf\tifsfilt.sys
2006-12-08 14:20 10,528,768 ----a-w C:\WINDOWS\inf\RTLCPL.exe
2006-10-18 20:20 5,504 ----a-w C:\WINDOWS\inf\SiRemFil.sys
2006-10-18 01:53 147,456 ----a-w C:\WINDOWS\inf\RtlCPAPI.dll
2006-07-31 10:27 217,088 ----a-w C:\WINDOWS\inf\alcrmv.exe
2006-07-01 21:42 43,520 ----a-w C:\WINDOWS\inf\AmdK8.sys
2006-04-20 14:20 19,456 ----a-w C:\WINDOWS\inf\wf2ktunr.sys
2006-04-20 13:50 59,776 ----a-w C:\WINDOWS\inf\wf2kvcap.sys
2005-08-29 23:49 94,000 ----a-w C:\WINDOWS\inf\ssm_mdm.sys
2005-08-29 23:49 8,336 ----a-w C:\WINDOWS\inf\ssm_mdfl.sys
2005-08-29 23:49 6,176 ----a-w C:\WINDOWS\inf\ssm_cmnt.sys
2005-08-29 23:49 6,176 ----a-w C:\WINDOWS\inf\ssm_cm.sys
2005-08-29 23:47 6,768 ----a-w C:\WINDOWS\inf\ssm_wh95.sys
2005-08-29 23:47 58,320 ----a-w C:\WINDOWS\inf\ssm_bus.sys
2005-08-29 23:47 5,840 ----a-w C:\WINDOWS\inf\ssm_whnt.sys
2005-08-29 23:47 5,840 ----a-w C:\WINDOWS\inf\ssm_wh.sys
2005-05-27 09:36 372,736 ----a-r C:\WINDOWS\inf\LVUI2RC.dll
2005-05-27 09:32 1,317,152 ----a-r C:\WINDOWS\inf\lvcm.sys
2005-05-27 09:31 22,016 ----a-r C:\WINDOWS\inf\LVUSBSta.sys
2005-05-27 09:29 204,800 ----a-r C:\WINDOWS\inf\LVUI2.dll
2005-05-27 09:26 204,800 ----a-r C:\WINDOWS\inf\lvcodec2.dll
2005-05-27 09:23 2,180,096 ----a-r C:\WINDOWS\inf\lvsvf2.sys
2005-05-27 09:19 106,496 ----a-r C:\WINDOWS\inf\lvcoinst.dll
2004-11-11 03:56 33,408 ----a-r C:\WINDOWS\inf\NVENETFD.sys
2004-11-11 03:56 274,944 ----a-r C:\WINDOWS\inf\nvnrm.sys
2004-11-11 03:56 208,128 ----a-r C:\WINDOWS\inf\nvsnpu.sys
2004-11-11 03:56 12,928 ----a-r C:\WINDOWS\inf\nvnetbus.sys
2004-11-11 03:54 9,728 ----a-r C:\WINDOWS\inf\bdco1ins.dll
2004-11-11 03:54 9,728 ----a-r C:\WINDOWS\inf\bdco1.dll
2004-11-11 03:54 200,192 ----a-r C:\WINDOWS\inf\fdco1ins.dll
2004-11-11 03:54 200,192 ----a-r C:\WINDOWS\inf\fdco1.dll
2004-11-01 17:21 10,368 ----a-w C:\WINDOWS\inf\SiWinAcc.sys
2004-10-29 22:26 32,256 ----a-r C:\WINDOWS\inf\nvconrm.dll
2004-10-04 11:34 10,005 ----a-w C:\WINDOWS\inf\wf2kXbar.sys
2004-08-13 10:56 5,810 ----a-r C:\WINDOWS\inf\ASACPI.sys
2004-08-03 23:54 54,784 ----a-w C:\WINDOWS\inf\vfwwdm32.dll
2004-02-14 11:01 159,744 ----a-r C:\WINDOWS\inf\lvWIAext.dll
2001-09-17 03:00 871,936 ----a-w C:\WINDOWS\inf\E_DI05ME.DLL
2001-09-09 23:00 17,976 ----a-w C:\WINDOWS\inf\epusbsto.sys
2001-09-03 04:00 268,758 ----a-w C:\WINDOWS\inf\E_DU15CE.DLL
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-10-05 14:25 8491008]
"nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184]
"NWEReboot"="" []
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-10-05 14:25 81920]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2007-12-21 08:21 1443072]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-10 15:27 385024]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-01-15 03:22 267048]
"ISUSPM"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 17:34 213936]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 01:54 15360]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 22:18 443968]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoFavoritesMenu"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
--a------ 2007-04-03 23:29 165784 C:\Program Files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
--a------ 2005-06-08 14:44 196608 C:\Program Files\Logitech\Video\ManifestEngine.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
--a------ 2005-06-08 15:24 458752 C:\Program Files\Logitech\Video\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
--a------ 2005-06-08 15:14 217088 C:\Program Files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2008-01-24 18:47 3739672 C:\Program Files\Windows Live\Messenger\MsnMsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2007-10-05 14:25 81920 C:\WINDOWS\system32\NvMcTray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVMixerTray]
--a------ 2004-12-20 17:12 131072 C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe

R0 nvgts;nvgts;C:\WINDOWS\system32\DRIVERS\nvgts.sys [2007-08-09 11:11]
R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-12-21 08:21]
R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys [2006-07-18 12:02]
R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys [2006-07-18 12:02]
R1 mrxsmbb;mrxsmbb;C:\WINDOWS\system32\drivers\mrxsmbb.sys [2008-01-28 23:00]

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-29 20:08:53
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-01-29 20:10:37 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-29 19:10:30
.
2008-01-21 18:11:24 --- E O F ---

Re,

[#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :



Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
[#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]

ComboFix 08-01-29.3 - laurent 2008-01-29 20:29:51.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1535 [GMT 1:00]
Endroit: C:\Documents and Settings\laurent\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\laurent\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\drivers\core.cache.dsk
C:\WINDOWS\system32\drivers\core.cache.dsk . . . . Echec de suppression

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-12-28 to 2008-01-29 ))))))))))))))))))))))))))))))))))))
.

2008-01-29 19:45 . 2008-01-29 19:45 <REP> d-------- C:\Program Files\Freeplayer
2008-01-29 19:11 . 2008-01-29 19:48 <REP> d-------- C:\Program Files\Hijackthis Version Fran‡aise
2008-01-29 19:11 . 2008-01-29 19:47 <REP> d-------- C:\Documents and Settings\laurent\Application Data\vlc
2008-01-28 23:35 . 2008-01-29 00:15 265 --a------ C:\WINDOWS\wininit.ini
2008-01-28 23:00 . 2008-01-28 23:00 86,144 --a------ C:\WINDOWS\system32\drivers\mrxsmbb.sys
2008-01-28 23:00 . 2008-01-29 20:34 932 --a------ C:\WINDOWS\system32\drivers\core.cache.dsk
2008-01-27 22:23 . 2008-01-27 22:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Aspyr
2008-01-27 01:49 . 2008-01-27 01:49 <REP> d--h----- C:\Program Files\Zero G Registry
2008-01-27 01:48 . 2008-01-27 01:48 <REP> d--h----- C:\Documents and Settings\laurent\InstallAnywhere
2008-01-25 20:01 . 2008-01-25 20:02 14,565,344 --a------ C:\France 2 - 05-01-2008 21h09 2h.ts
2008-01-25 19:48 . 2008-01-25 19:48 <REP> d-------- C:\Program Files\IZArc
2008-01-24 18:39 . 2008-01-24 18:39 <REP> d-------- C:\Documents and Settings\laurent\Application Data\SEGA
2008-01-23 18:09 . 2008-01-23 18:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-01-23 18:04 . 2007-03-14 01:57 144,896 -ra------ C:\WINDOWS\system32\libsyslic1.original.dll
2008-01-23 11:58 . 1998-09-02 09:02 194,320 --a------ C:\WINDOWS\system32\qcut.dll
2008-01-23 11:58 . 1998-08-27 05:51 182,032 --a------ C:\WINDOWS\system32\dxtmsft3.dll
2008-01-23 11:58 . 1998-08-20 12:02 140,800 --a------ C:\WINDOWS\system32\tm20dec.ax
2008-01-23 11:58 . 1998-09-02 09:28 63,488 --a------ C:\WINDOWS\system32\unam4ie.exe
2008-01-23 11:58 . 1998-09-02 09:28 38,160 --a------ C:\WINDOWS\system32\LMRTREND.dll
2008-01-23 11:58 . 1998-08-17 10:21 11,776 --a------ C:\WINDOWS\system32\mciqtz.drv
2008-01-23 11:58 . 1998-08-17 10:21 10,240 --a------ C:\WINDOWS\system32\vidx16.dll
2008-01-23 11:58 . 1998-08-17 10:21 5,672 --a------ C:\WINDOWS\system32\quartz.vxd
2008-01-23 11:58 . 2008-01-23 11:58 4,608 --a------ C:\WINDOWS\system32\w95inf32.dll
2008-01-23 11:58 . 2008-01-23 11:58 2,272 --a------ C:\WINDOWS\system32\w95inf16.dll
2008-01-23 11:57 . 2008-01-25 18:27 11 --a------ C:\trace.ini
2008-01-23 00:30 . 2008-01-23 00:30 <REP> d-------- C:\Program Files\Red Kawa
2008-01-22 23:35 . 2008-01-22 23:51 <REP> d-------- C:\Program Files\Videora
2008-01-22 23:29 . 2004-05-25 17:06 417,792 --a------ C:\WINDOWS\system32\ac3filter.ax
2008-01-22 23:29 . 2005-02-27 21:48 356,352 --a------ C:\WINDOWS\system32\RealMediaSplitter.ax
2008-01-22 23:29 . 2004-01-10 17:02 258,048 --a------ C:\WINDOWS\system32\GplMpgDec.ax
2008-01-22 22:56 . 2008-01-22 22:56 <REP> d-------- C:\Program Files\iTunes
2008-01-22 22:56 . 2008-01-22 22:56 <REP> d-------- C:\Program Files\iPod
2008-01-22 22:56 . 2008-01-29 19:36 <REP> d-------- C:\Program Files\Bonjour
2008-01-22 22:56 . 2008-01-22 22:56 <REP> d-------- C:\Documents and Settings\laurent\Application Data\Apple Computer
2008-01-22 22:56 . 2008-01-29 20:35 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-22 22:56 . 2008-01-22 22:56 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-22 22:55 . 2008-01-22 22:56 <REP> d-------- C:\Program Files\QuickTime
2008-01-22 22:55 . 2008-01-22 22:55 <REP> d-------- C:\Program Files\Apple Software Update
2008-01-22 22:55 . 2008-01-22 22:56 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-01-22 22:55 . 2008-01-15 02:39 30,464 --a------ C:\WINDOWS\system32\drivers\usbaapl.sys
2008-01-22 22:54 . 2008-01-22 22:54 <REP> d-------- C:\Program Files\Fichiers communs\Apple
2008-01-22 22:54 . 2008-01-22 22:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-01-21 00:04 . 2008-01-21 00:04 <REP> d-------- C:\Program Files\Diskeeper Corporation
2008-01-21 00:04 . 2008-01-21 00:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Diskeeper Corporation
2008-01-20 23:58 . 2008-01-20 23:58 <REP> d-------- C:\Diskeeper Pro Premier2007 (11.0.701.0)
2008-01-20 22:11 . 2008-01-20 22:11 <REP> d-------- C:\Program Files\Windows Live
2008-01-20 22:11 . 2008-01-20 22:11 268 --ah----- C:\sqmdata01.sqm
2008-01-20 22:11 . 2008-01-20 22:11 244 --ah----- C:\sqmnoopt01.sqm
2008-01-20 17:47 . 2008-01-28 23:07 116 --a------ C:\WINDOWS\NeroDigital.ini
2008-01-20 17:08 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-01-20 15:38 . 2008-01-20 15:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-01-20 12:16 . 2008-01-20 17:52 <REP> d-------- C:\WINDOWS\SxsCaPendDel
2008-01-20 12:14 . 2008-01-24 18:44 <REP> d-------- C:\Documents and Settings\laurent\Tracing
2008-01-20 12:13 . 2008-01-20 12:13 268 --ah----- C:\sqmdata00.sqm
2008-01-20 12:13 . 2008-01-20 12:13 244 --ah----- C:\sqmnoopt00.sqm
2008-01-20 12:11 . 2008-01-23 18:06 878,080 --a------ C:\WINDOWS\system32\iconv.dll
2008-01-20 12:11 . 2008-01-23 18:06 721,920 --a------ C:\WINDOWS\system32\libxml2.dll
2008-01-20 12:11 . 2008-01-23 18:06 170,432 --a------ C:\WINDOWS\system32\libsyslic1.pd
2008-01-20 12:11 . 2008-01-23 18:06 150,016 --a------ C:\WINDOWS\system32\libxslt.dll
2008-01-20 12:11 . 2007-03-24 12:45 57,344 -ra------ C:\WINDOWS\system32\libsyslic1.dll
2008-01-20 12:11 . 2008-01-23 18:06 51,200 --a------ C:\WINDOWS\system32\libexslt.dll
2008-01-20 12:11 . 2008-01-23 16:25 192 --a------ C:\WINDOWS\system32\libsyslic1.ls
2008-01-20 12:09 . 2008-01-23 18:09 <REP> d-------- C:\Documents and Settings\laurent\Application Data\SYSTRAN
2008-01-20 12:09 . 2008-01-20 12:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SYSTRAN
2008-01-20 12:07 . 2008-01-20 12:07 <REP> d-------- C:\WINDOWS\system32\URTTemp
2008-01-20 11:43 . 2008-01-29 19:38 <REP> d-------- C:\Program Files\ewido anti-spyware 4.0
2008-01-20 11:39 . 2008-01-20 11:39 <REP> d-------- C:\Program Files\MSBuild
2008-01-20 11:39 . 2008-01-20 11:39 <REP> d-------- C:\Program Files\Microsoft Works
2008-01-20 11:36 . 2008-01-20 11:39 <REP> d-------- C:\WINDOWS\SHELLNEW
2008-01-20 11:36 . 2008-01-20 11:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-01-20 11:35 . 2008-01-20 11:35 <REP> dr-h----- C:\MSOCache
2008-01-20 10:16 . 2008-01-20 10:16 <REP> d-------- C:\Program Files\Lavasoft
2008-01-20 10:16 . 2008-01-20 10:16 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-01-20 10:16 . 2008-01-20 10:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-17 21:40 . 2008-01-17 21:40 <REP> d-------- C:\Documents and Settings\laurent\Application Data\Ahead
2008-01-17 21:39 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-01-17 21:38 . 2008-01-17 21:38 <REP> d-------- C:\Program Files\Nero
2008-01-17 21:38 . 2008-01-17 21:38 <REP> d-------- C:\Program Files\Fichiers communs\Ahead
2008-01-17 21:35 . 2008-01-17 21:35 <REP> d-------- C:\Program Files\DAEMON Tools
2008-01-17 21:19 . 2008-01-17 21:19 682,232 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-01-17 20:11 . 2008-01-17 20:11 <REP> d-------- C:\Documents and Settings\laurent\Application Data\ESET
2008-01-17 20:11 . 2008-01-07 14:29 352 --ah----- C:\WINDOWS\nod32fixtemdono.reg
2008-01-17 20:09 . 2008-01-17 20:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ESET
2008-01-17 19:53 . 2008-01-17 19:53 <REP> d--h----- C:\WINDOWS\system32\GroupPolicy
2008-01-17 19:35 . 2008-01-17 19:35 <REP> d-------- C:\Program Files\QuickPar
2008-01-17 19:08 . 2008-01-28 22:33 <REP> d-------- C:\Documents and Settings\laurent\Application Data\GrabIt
2008-01-17 18:54 . 2008-01-17 18:54 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-01-17 18:52 . 2008-01-17 18:59 <REP> d-------- C:\Program Files\GrabIt
2008-01-17 18:41 . 2008-01-17 18:41 <REP> d-------- C:\WINDOWS\system32\drivers\umdf
2008-01-17 18:37 . 2008-01-17 18:37 <REP> d-------- C:\Documents and Settings\laurent\Application Data\TuneUp Software
2008-01-17 18:36 . 2008-01-23 00:30 <REP> d-------- C:\Program Files\AviSynth 2.5
2008-01-17 18:36 . 2006-10-07 17:43 502,784 --a------ C:\WINDOWS\x2.64.exe
2008-01-17 18:36 . 2007-05-14 15:24 394,240 --a------ C:\WINDOWS\system32\Smab.dll
2008-01-17 18:36 . 2005-02-28 13:16 240,128 --a------ C:\WINDOWS\system32\x.264.exe
2008-01-17 18:36 . 2006-04-12 09:47 217,073 --a------ C:\WINDOWS\meta4.exe
2008-01-17 18:36 . 2004-01-25 00:00 70,656 --a------ C:\WINDOWS\system32\yv12vfw.dll
2008-01-17 18:36 . 2004-01-25 00:00 70,656 --a------ C:\WINDOWS\system32\i420vfw.dll
2008-01-17 18:36 . 2006-04-05 08:09 66,560 --a------ C:\WINDOWS\MOTA113.exe
2008-01-17 18:36 . 2005-07-14 12:31 27,648 --a------ C:\WINDOWS\system32\AVSredirect.dll
2008-01-17 18:35 . 2008-01-17 18:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-29 18:48 --------- d-----w C:\Program Files\Hijackthis Version Française
2008-01-20 09:21 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-01-17 16:59 --------- d-----w C:\Documents and Settings\laurent\Application Data\ma-config.com
2008-01-17 15:20 --------- d-----w C:\Program Files\Fichiers communs\SpeechEngines
2008-01-17 15:20 --------- d-----w C:\Program Files\Fichiers communs\ODBC
2008-01-17 15:12 --------- d-----w C:\Program Files\ma-config.com
2008-01-17 14:43 --------- d-----w C:\Program Files\Sunbelt Software
2008-01-17 14:36 --------- d--h--w C:\Program Files\Uninstall Information
2008-01-17 14:33 --------- d-----w C:\Program Files\microsoft frontpage
2008-01-17 14:31 --------- d-----w C:\Program Files\Services en ligne
2008-01-17 14:30 --------- d-----w C:\Program Files\Fichiers communs\MSSoap
2008-01-07 21:39 49,444,403 ----a-w C:\WINDOWS\inf\TousLesPilotes.EXE
2007-12-21 07:21 33,800 ----a-w C:\WINDOWS\system32\drivers\epfwtdir.sys
2007-12-21 07:20 30,216 ----a-w C:\WINDOWS\system32\drivers\easdrv.sys
2007-12-21 07:19 39,944 ----a-w C:\WINDOWS\system32\drivers\eamon.sys
2007-12-05 00:41 753,664 ----a-w C:\WINDOWS\system32\nvcplui.exe
2007-12-05 00:41 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll
2007-12-05 00:41 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll
2007-12-05 00:41 442,368 ----a-w C:\WINDOWS\system32\nvappbar.exe
2007-12-05 00:41 425,984 ----a-w C:\WINDOWS\system32\keystone.exe
2007-12-05 00:41 307,200 ----a-w C:\WINDOWS\system32\nvexpbar.dll
2007-12-05 00:41 147,456 ----a-w C:\WINDOWS\system32\nvcolor.exe
2007-12-05 00:41 1,703,936 ----a-w C:\WINDOWS\system32\nvwdmcpl.dll
2007-12-05 00:41 1,626,112 ----a-w C:\WINDOWS\system32\nwiz.exe
2007-12-05 00:41 1,474,560 ----a-w C:\WINDOWS\system32\nview.dll
2007-12-05 00:41 1,339,392 ----a-w C:\WINDOWS\system32\nvdspsch.exe
2007-12-05 00:41 1,089,536 ----a-w C:\WINDOWS\system32\nvcuda.dll
2007-12-05 00:41 1,073,152 ----a-w C:\WINDOWS\system32\nvcpluir.dll
2007-12-05 00:41 1,019,904 ----a-w C:\WINDOWS\system32\nvwimg.dll
2007-11-19 09:27 269,312 ----a-w C:\WINDOWS\inf\yk51x86.sys
2007-11-07 14:34 51,736 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-26 10:20 4,124,352 ----a-r C:\WINDOWS\inf\alcxwdm.sys
2007-10-05 13:25 81,920 ----a-w C:\WINDOWS\inf\nvwddi.dll
2007-10-05 13:25 81,920 ----a-w C:\WINDOWS\inf\nvmctray.dll
2007-10-05 13:25 8,491,008 ----a-w C:\WINDOWS\inf\nvcpl.dll
2007-10-05 13:25 6,854,368 ----a-w C:\WINDOWS\inf\nv4_mini.sys
2007-10-05 13:25 6,750,208 ----a-w C:\WINDOWS\inf\nvoglnt.dll
2007-10-05 13:25 6,344,704 ----a-w C:\WINDOWS\inf\nvdisps.dll
2007-10-05 13:25 5,755,520 ----a-w C:\WINDOWS\inf\nv4_disp.dll
2007-10-05 13:25 5,509,120 ----a-w C:\WINDOWS\inf\nvdispsr.dll
2007-10-05 13:25 458,752 ----a-w C:\WINDOWS\inf\nvmccssr.dll
2007-10-05 13:25 364,544 ----a-w C:\WINDOWS\inf\nvapi.dll
2007-10-05 13:25 36,864 ----a-w C:\WINDOWS\inf\nvcodins.dll
2007-10-05 13:25 36,864 ----a-w C:\WINDOWS\inf\nvcod.dll
2007-10-05 13:25 3,629,056 ----a-w C:\WINDOWS\inf\nvvitvsr.dll
2007-10-05 13:25 3,551,232 ----a-w C:\WINDOWS\inf\nvvitvs.dll
2007-10-05 13:25 3,334,144 ----a-w C:\WINDOWS\inf\nvgames.dll
2007-10-05 13:25 3,166,208 ----a-w C:\WINDOWS\inf\nvgamesr.dll
2007-10-05 13:25 286,720 ----a-w C:\WINDOWS\inf\nvnt4cpl.dll
2007-10-05 13:25 229,376 ----a-w C:\WINDOWS\inf\nvmccs.dll
2007-10-05 13:25 2,854,912 ----a-w C:\WINDOWS\inf\nvmoblsr.dll
2007-10-05 13:25 2,441,216 ----a-w C:\WINDOWS\inf\nvwssr.dll
2007-10-05 13:25 2,371,584 ----a-w C:\WINDOWS\inf\nvwss.dll
2007-10-05 13:25 188,416 ----a-w C:\WINDOWS\inf\nvmccss.dll
2007-10-05 13:25 155,716 ----a-w C:\WINDOWS\inf\nvsvc32.exe
2007-10-05 13:25 1,150,976 ----a-w C:\WINDOWS\inf\nvmobls.dll
2007-04-16 14:28 577,536 ----a-w C:\WINDOWS\inf\SoundMan.exe
2007-02-07 17:30 209,200 ----a-w C:\WINDOWS\inf\Si3114r5.sys
2007-01-30 22:17 28,768 ----a-w C:\WINDOWS\inf\tifsfilt.sys
2006-12-08 14:20 10,528,768 ----a-w C:\WINDOWS\inf\RTLCPL.exe
2006-10-18 20:20 5,504 ----a-w C:\WINDOWS\inf\SiRemFil.sys
2006-10-18 01:53 147,456 ----a-w C:\WINDOWS\inf\RtlCPAPI.dll
2006-07-31 10:27 217,088 ----a-w C:\WINDOWS\inf\alcrmv.exe
2006-07-01 21:42 43,520 ----a-w C:\WINDOWS\inf\AmdK8.sys
2006-04-20 14:20 19,456 ----a-w C:\WINDOWS\inf\wf2ktunr.sys
2006-04-20 13:50 59,776 ----a-w C:\WINDOWS\inf\wf2kvcap.sys
2005-08-29 23:49 94,000 ----a-w C:\WINDOWS\inf\ssm_mdm.sys
2005-08-29 23:49 8,336 ----a-w C:\WINDOWS\inf\ssm_mdfl.sys
2005-08-29 23:49 6,176 ----a-w C:\WINDOWS\inf\ssm_cmnt.sys
2005-08-29 23:49 6,176 ----a-w C:\WINDOWS\inf\ssm_cm.sys
2005-08-29 23:47 6,768 ----a-w C:\WINDOWS\inf\ssm_wh95.sys
2005-08-29 23:47 58,320 ----a-w C:\WINDOWS\inf\ssm_bus.sys
2005-08-29 23:47 5,840 ----a-w C:\WINDOWS\inf\ssm_whnt.sys
2005-08-29 23:47 5,840 ----a-w C:\WINDOWS\inf\ssm_wh.sys
2005-05-27 09:36 372,736 ----a-r C:\WINDOWS\inf\LVUI2RC.dll
2005-05-27 09:32 1,317,152 ----a-r C:\WINDOWS\inf\lvcm.sys
2005-05-27 09:31 22,016 ----a-r C:\WINDOWS\inf\LVUSBSta.sys
2005-05-27 09:29 204,800 ----a-r C:\WINDOWS\inf\LVUI2.dll
2005-05-27 09:26 204,800 ----a-r C:\WINDOWS\inf\lvcodec2.dll
2005-05-27 09:23 2,180,096 ----a-r C:\WINDOWS\inf\lvsvf2.sys
2005-05-27 09:19 106,496 ----a-r C:\WINDOWS\inf\lvcoinst.dll
2004-11-11 03:56 33,408 ----a-r C:\WINDOWS\inf\NVENETFD.sys
2004-11-11 03:56 274,944 ----a-r C:\WINDOWS\inf\nvnrm.sys
2004-11-11 03:56 208,128 ----a-r C:\WINDOWS\inf\nvsnpu.sys
2004-11-11 03:56 12,928 ----a-r C:\WINDOWS\inf\nvnetbus.sys
2004-11-11 03:54 9,728 ----a-r C:\WINDOWS\inf\bdco1ins.dll
2004-11-11 03:54 9,728 ----a-r C:\WINDOWS\inf\bdco1.dll
2004-11-11 03:54 200,192 ----a-r C:\WINDOWS\inf\fdco1ins.dll
2004-11-11 03:54 200,192 ----a-r C:\WINDOWS\inf\fdco1.dll
2004-11-01 17:21 10,368 ----a-w C:\WINDOWS\inf\SiWinAcc.sys
2004-10-29 22:26 32,256 ----a-r C:\WINDOWS\inf\nvconrm.dll
2004-10-04 11:34 10,005 ----a-w C:\WINDOWS\inf\wf2kXbar.sys
2004-08-13 10:56 5,810 ----a-r C:\WINDOWS\inf\ASACPI.sys
2004-08-03 23:54 54,784 ----a-w C:\WINDOWS\inf\vfwwdm32.dll
2004-02-14 11:01 159,744 ----a-r C:\WINDOWS\inf\lvWIAext.dll
2001-09-17 03:00 871,936 ----a-w C:\WINDOWS\inf\E_DI05ME.DLL
2001-09-09 23:00 17,976 ----a-w C:\WINDOWS\inf\epusbsto.sys
2001-09-03 04:00 268,758 ----a-w C:\WINDOWS\inf\E_DU15CE.DLL
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-10-05 14:25 8491008]
"nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184]
"NWEReboot"="" []
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-10-05 14:25 81920]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2007-12-21 08:21 1443072]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-10 15:27 385024]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-01-15 03:22 267048]
"ISUSPM"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 17:34 213936]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 01:54 15360]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 22:18 443968]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoFavoritesMenu"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
--a------ 2007-04-03 23:29 165784 C:\Program Files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
--a------ 2005-06-08 14:44 196608 C:\Program Files\Logitech\Video\ManifestEngine.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
--a------ 2005-06-08 15:24 458752 C:\Program Files\Logitech\Video\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
--a------ 2005-06-08 15:14 217088 C:\Program Files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2008-01-24 18:47 3739672 C:\Program Files\Windows Live\Messenger\MsnMsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2007-10-05 14:25 81920 C:\WINDOWS\system32\NvMcTray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVMixerTray]
--a------ 2004-12-20 17:12 131072 C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe

R0 nvgts;nvgts;C:\WINDOWS\system32\DRIVERS\nvgts.sys [2007-08-09 11:11]
R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-12-21 08:21]
R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys [2006-07-18 12:02]
R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys [2006-07-18 12:02]
R1 mrxsmbb;mrxsmbb;C:\WINDOWS\system32\drivers\mrxsmbb.sys [2008-01-28 23:00]

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-29 20:35:12
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-01-29 20:36:51 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-29 19:36:44
ComboFix2.txt 2008-01-29 19:10:38
.
2008-01-21 18:11:24 --- E O F ---




Logfile of HijackThis v1.99.1
Scan saved at 20:40:43, on 29/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O8 - Extra context menu item: Consulter les dictionnaires (SYSTRAN) - res://G:\Program Files\SYSTRAN\6\\GUIres.dll/lookup.js
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Traduire (SYSTRAN) - res://G:\Program Files\SYSTRAN\6\\GUIres.dll/translate.js
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Tu as essayé le scan Nod32 en sans échec ?

non, je redemarre en mode sans echec ,je fais le scan, et je te tiens au courant....

petite question angeldark,
est-ce que c'est normal que le scan se fasse via la console en mode sans echec?

C'est possible.

re,
le scan en mode sans echec n'a rien donné!!

Donc le driver n'est plus présent ?

re-bonjour,
si ,il est toujours present,crois-tu que smitfraudfix pourrait faire quelque chose, j'essayerais en rentrant chez moi ce soir ,
si tu as d'autres propositions je suis preneur car c'est un peu penible toutes ces fenetres qui s'ouvrent en plus je suis sur mozilla
merci pour ton aide

re-bonjour,
si ,il est toujours present,crois-tu que smitfraudfix pourrait faire quelque chose, j'essayerais en rentrant chez moi ce soir ,
si tu as d'autres propositions je suis preneur car c'est un peu penible toutes ces fenetres qui s'ouvrent en plus je suis sur mozilla
merci pour ton aide

Smitfraudfix n'a rien à voir.
Refais un scan Combofix.

ComboFix 08-01-29.3 - laurent 2008-01-30 19:50:39.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1563 [GMT 1:00]
Endroit: C:\Documents and Settings\laurent\Bureau\ComboFix.exe

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\drivers\core.cache.dsk . . . . Echec de suppression

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-12-28 to 2008-01-30 ))))))))))))))))))))))))))))))))))))
.

2008-01-29 21:49 . 2008-01-30 19:55 932 --a------ C:\WINDOWS\system32\drivers\core.cache.dsk
2008-01-29 20:59 . 2008-01-17 16:20 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage r‚seau
2008-01-29 20:59 . 2008-01-17 16:20 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-01-29 20:59 . 2008-01-17 15:29 <REP> d--h----- C:\Documents and Settings\Administrateur\ModŠles
2008-01-29 20:59 . 2008-01-17 16:20 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents
2008-01-29 20:59 . 2008-01-17 16:20 <REP> dr------- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-01-29 20:59 . 2008-01-17 16:20 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris
2008-01-29 20:59 . 2008-01-17 16:20 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-01-29 20:59 . 2008-01-29 20:59 165 --a------ C:\WINDOWS\system32\drivers\fwdrv.err
2008-01-29 19:45 . 2008-01-29 19:45 <REP> d-------- C:\Program Files\Freeplayer
2008-01-29 19:11 . 2008-01-29 20:40 <REP> d-------- C:\Program Files\Hijackthis Version Fran‡aise
2008-01-29 19:11 . 2008-01-29 19:47 <REP> d-------- C:\Documents and Settings\laurent\Application Data\vlc
2008-01-28 23:35 . 2008-01-29 00:15 265 --a------ C:\WINDOWS\wininit.ini
2008-01-28 23:00 . 2008-01-28 23:00 86,144 --a------ C:\WINDOWS\system32\drivers\mrxsmbb.sys
2008-01-27 22:23 . 2008-01-27 22:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Aspyr
2008-01-27 01:49 . 2008-01-27 01:49 <REP> d--h----- C:\Program Files\Zero G Registry
2008-01-27 01:48 . 2008-01-27 01:48 <REP> d--h----- C:\Documents and Settings\laurent\InstallAnywhere
2008-01-25 20:01 . 2008-01-25 20:02 14,565,344 --a------ C:\France 2 - 05-01-2008 21h09 2h.ts
2008-01-25 19:48 . 2008-01-25 19:48 <REP> d-------- C:\Program Files\IZArc
2008-01-24 18:39 . 2008-01-24 18:39 <REP> d-------- C:\Documents and Settings\laurent\Application Data\SEGA
2008-01-23 18:09 . 2008-01-23 18:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-01-23 18:04 . 2007-03-14 01:57 144,896 -ra------ C:\WINDOWS\system32\libsyslic1.original.dll
2008-01-23 11:58 . 1998-09-02 09:02 194,320 --a------ C:\WINDOWS\system32\qcut.dll
2008-01-23 11:58 . 1998-08-27 05:51 182,032 --a------ C:\WINDOWS\system32\dxtmsft3.dll
2008-01-23 11:58 . 1998-08-20 12:02 140,800 --a------ C:\WINDOWS\system32\tm20dec.ax
2008-01-23 11:58 . 1998-09-02 09:28 63,488 --a------ C:\WINDOWS\system32\unam4ie.exe
2008-01-23 11:58 . 1998-09-02 09:28 38,160 --a------ C:\WINDOWS\system32\LMRTREND.dll
2008-01-23 11:58 . 1998-08-17 10:21 11,776 --a------ C:\WINDOWS\system32\mciqtz.drv
2008-01-23 11:58 . 1998-08-17 10:21 10,240 --a------ C:\WINDOWS\system32\vidx16.dll
2008-01-23 11:58 . 1998-08-17 10:21 5,672 --a------ C:\WINDOWS\system32\quartz.vxd
2008-01-23 11:58 . 2008-01-23 11:58 4,608 --a------ C:\WINDOWS\system32\w95inf32.dll
2008-01-23 11:58 . 2008-01-23 11:58 2,272 --a------ C:\WINDOWS\system32\w95inf16.dll
2008-01-23 11:57 . 2008-01-25 18:27 11 --a------ C:\trace.ini
2008-01-23 00:30 . 2008-01-23 00:30 <REP> d-------- C:\Program Files\Red Kawa
2008-01-22 23:35 . 2008-01-22 23:51 <REP> d-------- C:\Program Files\Videora
2008-01-22 23:29 . 2004-05-25 17:06 417,792 --a------ C:\WINDOWS\system32\ac3filter.ax
2008-01-22 23:29 . 2005-02-27 21:48 356,352 --a------ C:\WINDOWS\system32\RealMediaSplitter.ax
2008-01-22 23:29 . 2004-01-10 17:02 258,048 --a------ C:\WINDOWS\system32\GplMpgDec.ax
2008-01-22 22:56 . 2008-01-22 22:56 <REP> d-------- C:\Program Files\iTunes
2008-01-22 22:56 . 2008-01-22 22:56 <REP> d-------- C:\Program Files\iPod
2008-01-22 22:56 . 2008-01-29 19:36 <REP> d-------- C:\Program Files\Bonjour
2008-01-22 22:56 . 2008-01-22 22:56 <REP> d-------- C:\Documents and Settings\laurent\Application Data\Apple Computer
2008-01-22 22:56 . 2008-01-30 19:55 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-22 22:56 . 2008-01-22 22:56 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-22 22:55 . 2008-01-22 22:56 <REP> d-------- C:\Program Files\QuickTime
2008-01-22 22:55 . 2008-01-22 22:55 <REP> d-------- C:\Program Files\Apple Software Update
2008-01-22 22:55 . 2008-01-22 22:56 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-01-22 22:55 . 2008-01-15 02:39 30,464 --a------ C:\WINDOWS\system32\drivers\usbaapl.sys
2008-01-22 22:54 . 2008-01-22 22:54 <REP> d-------- C:\Program Files\Fichiers communs\Apple
2008-01-22 22:54 . 2008-01-22 22:54 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-01-21 00:04 . 2008-01-21 00:04 <REP> d-------- C:\Program Files\Diskeeper Corporation
2008-01-21 00:04 . 2008-01-21 00:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Diskeeper Corporation
2008-01-20 23:58 . 2008-01-20 23:58 <REP> d-------- C:\Diskeeper Pro Premier2007 (11.0.701.0)
2008-01-20 22:11 . 2008-01-20 22:11 <REP> d-------- C:\Program Files\Windows Live
2008-01-20 22:11 . 2008-01-20 22:11 268 --ah----- C:\sqmdata01.sqm
2008-01-20 22:11 . 2008-01-20 22:11 244 --ah----- C:\sqmnoopt01.sqm
2008-01-20 17:47 . 2008-01-28 23:07 116 --a------ C:\WINDOWS\NeroDigital.ini
2008-01-20 17:08 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-01-20 15:38 . 2008-01-20 15:38 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-01-20 12:16 . 2008-01-20 17:52 <REP> d-------- C:\WINDOWS\SxsCaPendDel
2008-01-20 12:14 . 2008-01-24 18:44 <REP> d-------- C:\Documents and Settings\laurent\Tracing
2008-01-20 12:13 . 2008-01-20 12:13 268 --ah----- C:\sqmdata00.sqm
2008-01-20 12:13 . 2008-01-20 12:13 244 --ah----- C:\sqmnoopt00.sqm
2008-01-20 12:11 . 2008-01-23 18:06 878,080 --a------ C:\WINDOWS\system32\iconv.dll
2008-01-20 12:11 . 2008-01-23 18:06 721,920 --a------ C:\WINDOWS\system32\libxml2.dll
2008-01-20 12:11 . 2008-01-23 18:06 170,432 --a------ C:\WINDOWS\system32\libsyslic1.pd
2008-01-20 12:11 . 2008-01-23 18:06 150,016 --a------ C:\WINDOWS\system32\libxslt.dll
2008-01-20 12:11 . 2007-03-24 12:45 57,344 -ra------ C:\WINDOWS\system32\libsyslic1.dll
2008-01-20 12:11 . 2008-01-23 18:06 51,200 --a------ C:\WINDOWS\system32\libexslt.dll
2008-01-20 12:11 . 2008-01-23 16:25 192 --a------ C:\WINDOWS\system32\libsyslic1.ls
2008-01-20 12:09 . 2008-01-23 18:09 <REP> d-------- C:\Documents and Settings\laurent\Application Data\SYSTRAN
2008-01-20 12:09 . 2008-01-20 12:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\SYSTRAN
2008-01-20 12:07 . 2008-01-20 12:07 <REP> d-------- C:\WINDOWS\system32\URTTemp
2008-01-20 11:43 . 2008-01-29 19:38 <REP> d-------- C:\Program Files\ewido anti-spyware 4.0
2008-01-20 11:39 . 2008-01-20 11:39 <REP> d-------- C:\Program Files\MSBuild
2008-01-20 11:39 . 2008-01-20 11:39 <REP> d-------- C:\Program Files\Microsoft Works
2008-01-20 11:36 . 2008-01-20 11:39 <REP> d-------- C:\WINDOWS\SHELLNEW
2008-01-20 11:36 . 2008-01-20 11:40 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-01-20 11:35 . 2008-01-20 11:35 <REP> dr-h----- C:\MSOCache
2008-01-20 10:16 . 2008-01-20 10:16 <REP> d-------- C:\Program Files\Lavasoft
2008-01-20 10:16 . 2008-01-20 10:16 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-01-20 10:16 . 2008-01-20 10:16 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-17 21:40 . 2008-01-17 21:40 <REP> d-------- C:\Documents and Settings\laurent\Application Data\Ahead
2008-01-17 21:39 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-01-17 21:38 . 2008-01-17 21:38 <REP> d-------- C:\Program Files\Nero
2008-01-17 21:38 . 2008-01-17 21:38 <REP> d-------- C:\Program Files\Fichiers communs\Ahead
2008-01-17 21:35 . 2008-01-17 21:35 <REP> d-------- C:\Program Files\DAEMON Tools
2008-01-17 21:19 . 2008-01-17 21:19 682,232 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-01-17 20:11 . 2008-01-17 20:11 <REP> d-------- C:\Documents and Settings\laurent\Application Data\ESET
2008-01-17 20:11 . 2008-01-07 14:29 352 --ah----- C:\WINDOWS\nod32fixtemdono.reg
2008-01-17 20:09 . 2008-01-17 20:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ESET
2008-01-17 19:53 . 2008-01-17 19:53 <REP> d--h----- C:\WINDOWS\system32\GroupPolicy
2008-01-17 19:35 . 2008-01-17 19:35 <REP> d-------- C:\Program Files\QuickPar
2008-01-17 19:08 . 2008-01-28 22:33 <REP> d-------- C:\Documents and Settings\laurent\Application Data\GrabIt
2008-01-17 18:54 . 2008-01-17 18:54 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-01-17 18:52 . 2008-01-17 18:59 <REP> d-------- C:\Program Files\GrabIt
2008-01-17 18:41 . 2008-01-17 18:41 <REP> d-------- C:\WINDOWS\system32\drivers\umdf
2008-01-17 18:37 . 2008-01-17 18:37 <REP> d-------- C:\Documents and Settings\laurent\Application Data\TuneUp Software
2008-01-17 18:36 . 2008-01-23 00:30 <REP> d-------- C:\Program Files\AviSynth 2.5
2008-01-17 18:36 . 2006-10-07 17:43 502,784 --a------ C:\WINDOWS\x2.64.exe

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-29 19:40 --------- d-----w C:\Program Files\Hijackthis Version Française
2008-01-20 09:21 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2008-01-17 16:59 --------- d-----w C:\Documents and Settings\laurent\Application Data\ma-config.com
2008-01-17 15:20 --------- d-----w C:\Program Files\Fichiers communs\SpeechEngines
2008-01-17 15:20 --------- d-----w C:\Program Files\Fichiers communs\ODBC
2008-01-17 15:12 --------- d-----w C:\Program Files\ma-config.com
2008-01-17 14:43 --------- d-----w C:\Program Files\Sunbelt Software
2008-01-17 14:36 --------- d--h--w C:\Program Files\Uninstall Information
2008-01-17 14:33 --------- d-----w C:\Program Files\microsoft frontpage
2008-01-17 14:31 --------- d-----w C:\Program Files\Services en ligne
2008-01-17 14:30 --------- d-----w C:\Program Files\Fichiers communs\MSSoap
2008-01-07 21:39 49,444,403 ----a-w C:\WINDOWS\inf\TousLesPilotes.EXE
2007-12-05 00:41 753,664 ----a-w C:\WINDOWS\system32\nvcplui.exe
2007-12-05 00:41 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll
2007-12-05 00:41 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll
2007-12-05 00:41 442,368 ----a-w C:\WINDOWS\system32\nvappbar.exe
2007-12-05 00:41 425,984 ----a-w C:\WINDOWS\system32\keystone.exe
2007-12-05 00:41 307,200 ----a-w C:\WINDOWS\system32\nvexpbar.dll
2007-12-05 00:41 147,456 ----a-w C:\WINDOWS\system32\nvcolor.exe
2007-12-05 00:41 1,703,936 ----a-w C:\WINDOWS\system32\nvwdmcpl.dll
2007-12-05 00:41 1,626,112 ----a-w C:\WINDOWS\system32\nwiz.exe
2007-12-05 00:41 1,474,560 ----a-w C:\WINDOWS\system32\nview.dll
2007-12-05 00:41 1,339,392 ----a-w C:\WINDOWS\system32\nvdspsch.exe
2007-12-05 00:41 1,089,536 ----a-w C:\WINDOWS\system32\nvcuda.dll
2007-12-05 00:41 1,073,152 ----a-w C:\WINDOWS\system32\nvcpluir.dll
2007-12-05 00:41 1,019,904 ----a-w C:\WINDOWS\system32\nvwimg.dll
2007-11-19 09:27 269,312 ----a-w C:\WINDOWS\inf\yk51x86.sys
2007-11-07 14:34 51,736 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-26 10:20 4,124,352 ----a-r C:\WINDOWS\inf\alcxwdm.sys
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-22 02:39 267,272 ----a-w C:\WINDOWS\system32\xactengine2_10.dll
2007-10-22 02:37 17,928 ----a-w C:\WINDOWS\system32\X3DAudio1_2.dll
2007-10-12 14:14 3,734,536 ----a-w C:\WINDOWS\system32\d3dx9_36.dll
2007-10-12 14:14 1,374,232 ----a-w C:\WINDOWS\system32\D3DCompiler_36.dll
2007-10-11 06:13 663,552 ----a-w C:\WINDOWS\system32\wininet.dll
2007-10-05 13:25 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll
2007-10-05 13:25 81,920 ----a-w C:\WINDOWS\system32\nvmctray.dll
2007-10-05 13:25 81,920 ----a-w C:\WINDOWS\inf\nvwddi.dll
2007-10-05 13:25 81,920 ----a-w C:\WINDOWS\inf\nvmctray.dll
2007-10-05 13:25 8,491,008 ----a-w C:\WINDOWS\system32\nvcpl.dll
2007-10-05 13:25 8,491,008 ----a-w C:\WINDOWS\inf\nvcpl.dll
2007-10-05 13:25 6,854,368 ----a-w C:\WINDOWS\inf\nv4_mini.sys
2007-10-05 13:25 6,750,208 ----a-w C:\WINDOWS\system32\nvoglnt.dll
2007-10-05 13:25 6,750,208 ----a-w C:\WINDOWS\inf\nvoglnt.dll
2007-10-05 13:25 6,344,704 ----a-w C:\WINDOWS\system32\nvdisps.dll
2007-10-05 13:25 6,344,704 ----a-w C:\WINDOWS\inf\nvdisps.dll
2007-10-05 13:25 5,755,520 ----a-w C:\WINDOWS\system32\nv4_disp.dll
2007-10-05 13:25 5,755,520 ----a-w C:\WINDOWS\inf\nv4_disp.dll
2007-10-05 13:25 5,509,120 ----a-w C:\WINDOWS\system32\nvdispsr.dll
2007-10-05 13:25 5,509,120 ----a-w C:\WINDOWS\inf\nvdispsr.dll
2007-10-05 13:25 458,752 ----a-w C:\WINDOWS\system32\nvmccssr.dll
2007-10-05 13:25 458,752 ----a-w C:\WINDOWS\inf\nvmccssr.dll
2007-10-05 13:25 364,544 ----a-w C:\WINDOWS\system32\nvapi.dll
2007-10-05 13:25 364,544 ----a-w C:\WINDOWS\inf\nvapi.dll
2007-10-05 13:25 36,864 ----a-w C:\WINDOWS\system32\nvcodins.dll
2007-10-05 13:25 36,864 ----a-w C:\WINDOWS\system32\nvcod.dll
2007-10-05 13:25 36,864 ----a-w C:\WINDOWS\inf\nvcodins.dll
2007-10-05 13:25 36,864 ----a-w C:\WINDOWS\inf\nvcod.dll
2007-10-05 13:25 3,629,056 ----a-w C:\WINDOWS\system32\nvvitvsr.dll
2007-10-05 13:25 3,629,056 ----a-w C:\WINDOWS\inf\nvvitvsr.dll
2007-10-05 13:25 3,551,232 ----a-w C:\WINDOWS\system32\nvvitvs.dll
2007-10-05 13:25 3,551,232 ----a-w C:\WINDOWS\inf\nvvitvs.dll
2007-10-05 13:25 3,334,144 ----a-w C:\WINDOWS\system32\nvgames.dll
2007-10-05 13:25 3,334,144 ----a-w C:\WINDOWS\inf\nvgames.dll
2007-10-05 13:25 3,166,208 ----a-w C:\WINDOWS\system32\nvgamesr.dll
2007-10-05 13:25 3,166,208 ----a-w C:\WINDOWS\inf\nvgamesr.dll
2007-10-05 13:25 286,720 ----a-w C:\WINDOWS\system32\nvnt4cpl.dll
2007-10-05 13:25 286,720 ----a-w C:\WINDOWS\inf\nvnt4cpl.dll
2007-10-05 13:25 229,376 ----a-w C:\WINDOWS\system32\nvmccs.dll
2007-10-05 13:25 229,376 ----a-w C:\WINDOWS\inf\nvmccs.dll
2007-10-05 13:25 2,854,912 ----a-w C:\WINDOWS\system32\nvmoblsr.dll
2007-10-05 13:25 2,854,912 ----a-w C:\WINDOWS\inf\nvmoblsr.dll
2007-10-05 13:25 2,441,216 ----a-w C:\WINDOWS\system32\nvwssr.dll
2007-10-05 13:25 2,441,216 ----a-w C:\WINDOWS\inf\nvwssr.dll
2007-10-05 13:25 2,371,584 ----a-w C:\WINDOWS\system32\nvwss.dll
2007-10-05 13:25 2,371,584 ----a-w C:\WINDOWS\inf\nvwss.dll
2007-10-05 13:25 188,416 ----a-w C:\WINDOWS\system32\nvmccss.dll
2007-10-05 13:25 188,416 ----a-w C:\WINDOWS\inf\nvmccss.dll
2007-10-05 13:25 155,716 ----a-w C:\WINDOWS\system32\nvsvc32.exe
2007-10-05 13:25 155,716 ----a-w C:\WINDOWS\inf\nvsvc32.exe
2007-10-05 13:25 1,150,976 ----a-w C:\WINDOWS\system32\nvmobls.dll
2007-10-05 13:25 1,150,976 ----a-w C:\WINDOWS\inf\nvmobls.dll
2007-10-02 08:56 444,776 ----a-w C:\WINDOWS\system32\d3dx10_36.dll
2007-04-16 14:28 577,536 ----a-w C:\WINDOWS\inf\SoundMan.exe
2007-02-07 17:30 209,200 ----a-w C:\WINDOWS\inf\Si3114r5.sys
2007-01-30 22:17 28,768 ----a-w C:\WINDOWS\inf\tifsfilt.sys
2006-12-08 14:20 10,528,768 ----a-w C:\WINDOWS\inf\RTLCPL.exe
2006-10-18 20:20 5,504 ----a-w C:\WINDOWS\inf\SiRemFil.sys
2006-10-18 01:53 147,456 ----a-w C:\WINDOWS\inf\RtlCPAPI.dll
2006-07-31 10:27 217,088 ----a-w C:\WINDOWS\inf\alcrmv.exe
2006-07-01 21:42 43,520 ----a-w C:\WINDOWS\inf\AmdK8.sys
2006-04-20 14:20 19,456 ----a-w C:\WINDOWS\inf\wf2ktunr.sys
2006-04-20 13:50 59,776 ----a-w C:\WINDOWS\inf\wf2kvcap.sys
2005-08-29 23:49 94,000 ----a-w C:\WINDOWS\inf\ssm_mdm.sys
2005-08-29 23:49 8,336 ----a-w C:\WINDOWS\inf\ssm_mdfl.sys
2005-08-29 23:49 6,176 ----a-w C:\WINDOWS\inf\ssm_cmnt.sys
2005-08-29 23:49 6,176 ----a-w C:\WINDOWS\inf\ssm_cm.sys
2005-08-29 23:47 6,768 ----a-w C:\WINDOWS\inf\ssm_wh95.sys
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-10-05 14:25 8491008]
"nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184]
"NWEReboot"="" []
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-10-05 14:25 81920]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2007-12-21 08:21 1443072]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-10 15:27 385024]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-01-15 03:22 267048]
"ISUSPM"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" [2006-03-20 17:34 213936]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 01:54 15360]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 22:18 443968]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoFavoritesMenu"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
--a------ 2007-04-03 23:29 165784 C:\Program Files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
--a------ 2005-06-08 14:44 196608 C:\Program Files\Logitech\Video\ManifestEngine.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
--a------ 2005-06-08 15:24 458752 C:\Program Files\Logitech\Video\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
--a------ 2005-06-08 15:14 217088 C:\Program Files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2008-01-24 18:47 3739672 C:\Program Files\Windows Live\Messenger\MsnMsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2007-10-05 14:25 81920 C:\WINDOWS\system32\NvMcTray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NVMixerTray]
--a------ 2004-12-20 17:12 131072 C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe

R0 nvgts;nvgts;C:\WINDOWS\system32\DRIVERS\nvgts.sys [2007-08-09 11:11]
R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys [2007-12-21 08:21]
R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys [2006-07-18 12:02]
R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys [2006-07-18 12:02]
R1 mrxsmbb;mrxsmbb;C:\WINDOWS\system32\drivers\mrxsmbb.sys [2008-01-28 23:00]

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-30 19:56:01
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-01-30 19:57:42 - machine was rebooted
ComboFix-quarantined-files.txt 2008-01-30 18:57:35
ComboFix2.txt 2008-01-29 19:36:52
ComboFix3.txt 2008-01-29 19:10:38
.
2008-01-21 18:11:24 --- E O F ---

Les gros moyens  

1/ Télécharge The Avenger (par Swandog46) sur ton Bureau.
Dézippe-le ensuite sur ton Bureau.

2/ Copie tout le texte en rouge[/#f] ci-dessous :

Citation :

[#ff1c00]Files to delete:
C:\WINDOWS\system32\drivers\core.cache.dsk

---> Clique-droit puis Copier

Note: Le code ci-dessus a été intentionnellement rédigé pour CET utilisateur.
si vous n'êtes pas CET utilisateur, NE PAS appliquer ces directives : elles pourraient endommager votre système.

3/ Maintenant, lance The Avenger en cliquant sur l'icône présente sur le Bureau.
Sous "Script file to execute" choisis "Input Script Manually".
Puis clique sur l'icône en forme de loupe qui va ouvrir une nouvelle fenêtre "View/edit script"
Dans cette fenêtre, colle le texte précedemment copié sur le bureau.
Clique sur "Done"
Ensuite clique sur l'icône en forme de Feu Vert pour démarrer l'exécution du script.
Réponds par "Yes" deux fois quand cela te sera demandé.

4/ The Avenger va automatiquement faire ce qui suit :
Il va redémarrer le système. ( Dans les cas où le script contient un/des "Drivers to Unload", The Avenger redémarrera votre système 2 fois)
Pendant le redémarrage, il apparaitra brièvement une fenêtre de commande de Windows noire sur votre bureau, ceci est NORMAL.
Après le redémarrage, il crée un fichier log qui s'ouvrira, faisant apparaitre les actions exécutées par The Avenger. Ce fichier log se trouve ici : C:\avenger.txt
The Avenger aura également sauvegardé tous les fichiers, etc., que vous lui avez demandé de supprimer, les aura compactés (zipped) et tranféré l'archive zip ici : C:\avenger\backup.zip.

5/ Pour finir copie/colle le contenu du ficher c:\avenger.txt dans votre réponse avec un nouveau rapport HijackThis.

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\kfmggjwq

*******************

Script file located at: fqmfluit

Could not open script file! Error

Could not open script file! Status: 0xc000003b Abort!







Logfile of HijackThis v1.99.1
Scan saved at 20:43:05, on 30/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O8 - Extra context menu item: Consulter les dictionnaires (SYSTRAN) - res://G:\Program Files\SYSTRAN\6\\GUIres.dll/lookup.js
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Traduire (SYSTRAN) - res://G:\Program Files\SYSTRAN\6\\GUIres.dll/translate.js
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

Tu peux réessayer la procédure ?

Logfile of The Avenger version 1, by Swandog46
Running from registry key:
\Registry\Machine\System\CurrentControlSet\Services\cebvrrgf

*******************

Script file located at: \??\C:\Documents and Settings\uhggqqlb.txt
Script file opened successfully.

Script file read successfully

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

File C:\WINDOWS\system32\drivers\core.cache.dsk deleted successfully.

Completed script processing.

*******************

Finished! Terminate.

Logfile of HijackThis v1.99.1
Scan saved at 21:11:19, on 30/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\Program Files\ESET\ESET Smart Security\ekrn.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: SYSTRAN Toolbar - {95daa571-4def-4a6d-97d8-98a346672a24} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O8 - Extra context menu item: Consulter les dictionnaires (SYSTRAN) - res://G:\Program Files\SYSTRAN\6\\GUIres.dll/lookup.js
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Traduire (SYSTRAN) - res://G:\Program Files\SYSTRAN\6\\GUIres.dll/translate.js
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe


le script a l'air d'avoir fonctionné d'après avenger ,mais le fichier apparait toujours dans driver et les fenetres d'IE aussi

probleme résolu via un autre forum
merci encore pour ton aide angeldark

Evite de poster sur plusieurs forums, c'est juste se foutre de la gueule des personnes qui aident...

pas du tout, c'est juste pour que ça aille plus vite,eviter que cela traine plusieurs jours et profiter des competences de chacun, personne n'a le monopole et l'exclusivite et d'ailleurs tout le monde poste sur plusieurs forums,
fais un tour sur les differents sites,tu retrouveras ceux qui ont postés ici.
merci quand même.......