Se connecter avec
S'enregistrer | Connectez-vous

Virus ou pas ?

Dernière réponse : dans Sécurité

Bonjour tous le monde,
Voilà depuis 1 semaine mon pc ram beaucoup il met 5 fois plus de temps pour s'allumer et la premiére fois que je lance une application comme firefox même ralentissement.
Je l'ai reformaté et tous réinstaller mais aprés trois ou quatre jour sa a recommencé.
J'ai pense a une virus bien sur et j'ai fait des analyses avec différent antivirus et spyware en ligne mais ils ne me detectent rien du tout.
Voici ma config si sa peu vous aider à m'aider
Processeur : Intel Dual Core 2x2.6G
Ram : 2x1024
Carte graphique : Nvidia 8800GTS

Autres pages sur : virus

Lassé par la pub ? Créez un compte


Bonjour ,

C'est pas forcément un virus , on va regarder

Désactive tes protections résidentes ( Antivirus , ... ) tu les réactivera après le scan

Télécharge ComboFix [:eric_71] < ici

Enregistre le sur ton Bureau et pas ailleurs !
Double clique combofix.exe ( le .exe peut ne pas apparaitre )
Pour démarrer , tape [1] puis valide , attend la fin du scan
il peut y avoir un Redémarrage du PC !

Copie / Colle le rapport généré ( C:\Combofix.txt )

Voici le raport :
ComboFix 08-02.05.3 - David 2008-02-09 15:13:31.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1617 [GMT 1:00]
Endroit: C:\Documents and Settings\David\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat

----- BITS: Possible sites infectés -----

hxxp://www.download.windowsupdate.com
.
((((((((((((((((((((((((((((( Fichiers créés 2008-01-09 to 2008-02-09 ))))))))))))))))))))))))))))))))))))
.

2008-02-09 12:26 . 2008-02-09 12:29 <REP> d-------- C:\Program Files\SPYWAREfighter
2008-02-09 12:26 . 2008-02-09 12:26 <REP> d-------- C:\Program Files\Fichiers communs\Application
2008-02-09 09:46 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-02-09 09:46 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2008-02-08 18:48 . 2008-02-08 18:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2008-02-08 18:47 . 2008-02-08 18:48 <REP> d-------- C:\Program Files\Trojan Remover
2008-02-08 18:47 . 2008-02-08 18:47 <REP> d-------- C:\Documents and Settings\David\Application Data\Simply Super Software
2008-02-08 18:47 . 2008-02-08 18:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Simply Super Software
2008-02-08 18:47 . 2006-05-25 14:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll
2008-02-08 18:47 . 2003-02-02 19:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
2008-02-08 18:47 . 2005-08-26 00:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll
2008-02-08 18:47 . 2002-03-06 00:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
2008-02-08 18:47 . 2006-06-19 12:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll
2008-02-07 21:43 . 1996-08-20 20:37 15,840 --a------ C:\WINDOWS\system32\Machnm1.exe
2008-02-07 21:43 . 2005-09-25 16:37 5,632 --a------ C:\WINDOWS\system32\Machnm64.sys
2008-02-07 21:43 . 2008-02-07 21:43 3,120 --a------ C:\WINDOWS\system32\118290.54
2008-02-07 21:43 . 2008-02-07 21:43 3,120 --a------ C:\WINDOWS\118294.78
2008-02-07 21:43 . 2003-08-13 00:27 2,304 --a------ C:\WINDOWS\system32\Machnm32.sys
2008-02-07 21:42 . 2008-02-07 21:43 <REP> d-------- C:\Program Files\Defenza
2008-02-07 19:03 . 2008-02-07 19:03 <REP> d-------- C:\Documents and Settings\David\DoctorWeb
2008-02-07 18:32 . 2008-02-07 18:32 <REP> d-------- C:\VundoFix Backups
2008-02-07 18:26 . 2008-02-07 18:26 <REP> d--h----- C:\WINDOWS\Copie de $NtServicePackUninstallIDNMitigationAPIs$
2008-02-07 18:26 . 2008-02-07 18:26 <REP> d--h----- C:\WINDOWS\Copie de $MSI31Uninstall_KB893803v2$
2008-02-06 20:12 . 2008-02-06 20:11 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-02-06 20:10 . 2008-02-06 23:21 <REP> d-------- C:\Documents and Settings\David\.housecall6.6
2008-02-06 20:09 . 2008-02-06 20:09 <REP> d-------- C:\WINDOWS\Sun
2008-02-06 20:09 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-02-06 20:07 . 2008-02-06 20:09 <REP> d-------- C:\Program Files\Java
2008-02-06 20:06 . 2008-02-06 20:06 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-02-06 18:17 . 2008-02-06 18:17 <REP> d-------- C:\WINDOWS\nview
2008-02-06 18:17 . 2007-12-05 01:41 356,352 --a------ C:\WINDOWS\system32\nvudisp.exe
2008-02-06 18:17 . 2008-02-06 18:37 163,353 --a------ C:\WINDOWS\system32\nvapps.xml
2008-02-06 18:17 . 2007-12-05 01:41 17,737 --a------ C:\WINDOWS\system32\nvdisp.nvu
2008-02-06 18:15 . 2007-12-05 02:53 356,352 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2008-02-06 16:43 . 2008-02-06 16:43 <REP> d-------- C:\Documents and Settings\David\Application Data\Sierra Entertainment
2008-02-06 16:36 . 2008-02-06 16:36 <REP> d-------- C:\WINDOWS\system32\AGEIA
2008-02-06 16:36 . 2008-02-06 16:37 <REP> d-------- C:\Program Files\AGEIA Technologies
2008-02-06 16:35 . 2008-02-06 16:36 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-02-04 22:08 . 2008-02-06 19:37 <REP> d-------- C:\Program Files\Yahoo!
2008-02-04 22:08 . 2008-02-04 22:08 <REP> d-------- C:\Program Files\CCleaner
2008-02-04 21:52 . 2008-02-04 21:52 691,545 --a------ C:\WINDOWS\unins000.exe
2008-02-04 21:52 . 2008-02-04 21:52 3,457 --a------ C:\WINDOWS\unins000.dat
2008-02-04 19:44 . 2008-02-04 19:44 <REP> d-------- C:\Documents and Settings\David\Application Data\Media Player Classic
2008-02-03 22:33 . 2008-02-03 22:33 <REP> d-------- C:\Program Files\DivX
2008-02-03 22:28 . 2008-02-07 20:32 <REP> d-------- C:\Documents and Settings\David\Application Data\Skype
2008-02-03 22:27 . 2008-02-03 22:27 <REP> d-------- C:\Program Files\Fichiers communs\Skype
2008-02-03 21:30 . 2008-02-03 21:39 <REP> d-------- C:\vcs5BGEffects
2008-02-03 21:28 . 2008-02-04 20:29 <REP> d-------- C:\Program Files\AV Vcs 6.0
2008-02-03 18:34 . 2008-02-03 18:34 <REP> d-------- C:\PunkBuster
2008-02-03 17:52 . 2008-02-03 17:52 <REP> dr-h----- C:\Documents and Settings\David\Application Data\SecuROM
2008-02-03 17:52 . 2008-02-03 17:52 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2008-02-02 12:08 . 2008-02-02 12:08 <REP> d-------- C:\Program Files\GameSpy
2008-02-02 12:07 . 2008-02-02 12:07 <REP> d-------- C:\WINDOWS\system32\URTTemp
2008-02-02 12:06 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll
2008-02-02 12:06 . 2007-07-19 18:14 1,358,192 --a------ C:\WINDOWS\system32\D3DCompiler_35.dll
2008-02-02 12:06 . 2008-02-02 12:06 669,184 --a------ C:\WINDOWS\system32\pbsvc.exe
2008-02-02 12:06 . 2007-07-19 18:14 444,776 --a------ C:\WINDOWS\system32\d3dx10_35.dll
2008-02-02 11:38 . 2008-02-02 11:38 <REP> d-------- C:\Program Files\Electronic Arts
2008-02-02 00:34 . 2008-02-05 15:42 69 --a------ C:\WINDOWS\NeroDigital.ini
2008-02-02 00:15 . 2005-07-16 02:39 374,272 --a------ C:\WINDOWS\system32\mss32.dll
2008-02-02 00:10 . 2008-02-02 00:10 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-02-02 00:10 . 2008-02-06 11:43 107,832 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2008-02-02 00:10 . 2008-02-02 12:06 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2008-02-02 00:10 . 2008-02-06 11:43 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-02-02 00:10 . 2008-02-02 12:06 22,328 --a------ C:\Documents and Settings\David\Application Data\PnkBstrK.sys
2008-02-02 00:10 . 2008-02-02 00:10 319 --a------ C:\WINDOWS\game.ini
2008-02-01 23:53 . 2008-02-01 23:53 <REP> d-------- C:\Program Files\Activision
2008-02-01 23:52 . 2008-02-01 23:52 <REP> d--hs---- C:\WINDOWS\ftpcache
2008-02-01 18:47 . 2008-02-03 21:39 <REP> d-------- C:\Documents and Settings\David\Application Data\skypePM
2008-02-01 18:47 . 2008-02-01 18:47 32 --a------ C:\Documents and Settings\All Users\Application Data\ezsid.dat
2008-02-01 18:44 . 2008-02-03 22:27 <REP> d-------- C:\Program Files\Skype
2008-02-01 18:44 . 2008-02-03 22:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-02-01 17:06 . 2008-02-04 16:44 <REP> d-------- C:\Documents and Settings\David\Application Data\OpenOffice.org2
2008-02-01 16:47 . 2008-02-01 16:48 <REP> d-------- C:\Documents and Settings\David\Application Data\Teleca
2008-02-01 16:47 . 2008-02-01 16:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
2008-02-01 16:46 . 2008-02-01 16:46 <REP> d-------- C:\Program Files\Sony Ericsson
2008-02-01 16:46 . 2008-02-01 16:47 <REP> d-------- C:\Program Files\Fichiers communs\Teleca Shared
2008-02-01 16:46 . 2008-02-01 16:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Teleca
2008-02-01 16:45 . 2008-02-01 16:45 <REP> d-------- C:\WINDOWS\Downloaded Installations
2008-02-01 16:45 . 2008-02-01 16:45 6,176 --a------ C:\WINDOWS\system32\drivers\w810cm.sys
2008-02-01 16:45 . 2008-02-01 16:45 5,808 --a------ C:\WINDOWS\system32\drivers\w810wh.sys
2008-01-31 21:04 . 2008-01-31 21:04 <REP> d-------- C:\Program Files\Fichiers communs\Blizzard Entertainment
2008-01-31 20:02 . 2008-02-03 22:33 1,292 --a------ C:\WINDOWS\mozver.dat
2008-01-31 18:30 . 2008-01-31 18:43 139,264 --a------ C:\WINDOWS\War3Unin.exe
2008-01-31 18:30 . 2008-02-08 18:24 87,649 --a------ C:\WINDOWS\War3Unin.dat
2008-01-31 18:30 . 2008-01-31 18:43 2,829 --a------ C:\WINDOWS\War3Unin.pif
2008-01-31 18:20 . 2008-01-31 18:20 81,920 --a------ C:\WINDOWS\system32\W32N50.dll
2008-01-31 18:20 . 2008-01-31 18:20 17,134 --a------ C:\WINDOWS\system32\PCANDIS5.sys
2008-01-31 18:19 . 2008-01-31 18:19 <REP> d-------- C:\Program Files\Securitoo
2008-01-31 18:12 . 2008-01-31 18:12 <REP> d-------- C:\Program Files\Windows Live Toolbar
2008-01-31 18:12 . 2008-01-31 18:12 <REP> d-------- C:\Program Files\Windows Live Favorites
2008-01-31 18:07 . 2008-01-31 18:11 <REP> d-------- C:\Program Files\Windows Live
2008-01-31 18:07 . 2008-01-31 18:11 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-01-31 18:07 . 2008-01-31 18:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-01-31 18:04 . 2008-01-31 18:12 <REP> d-------- C:\Documents and Settings\David\Contacts
2008-01-31 17:58 . 2008-01-31 17:58 <REP> d-------- C:\Temp
2008-01-31 17:51 . 2008-01-31 17:51 <REP> d-------- C:\Program Files\Kaspersky Lab
2008-01-31 17:51 . 2008-01-31 17:51 <REP> d-------- C:\KAV
2008-01-31 17:51 . 2008-02-09 09:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-01-31 17:51 . 2008-02-09 15:16 6,288,160 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-07 20:42 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-07 20:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-02-01 15:45 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-01-31 11:17 --------- d-----w C:\Program Files\Fichiers communs\SpeechEngines
2008-01-31 11:17 --------- d-----w C:\Program Files\Fichiers communs\ODBC
2008-01-31 10:45 --------- d-----w C:\Program Files\OpenOffice.org 2.2
2008-01-31 10:45 --------- d-----w C:\Program Files\Fichiers communs\Ahead
2008-01-31 10:45 --------- d-----w C:\Program Files\Ahead
2008-01-31 10:44 --------- d-----w C:\Program Files\Satsuki Decoder Pack
2008-01-31 10:44 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-01-31 10:44 --------- d-----w C:\Program Files\Alwil Software
2008-01-31 10:39 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-01-31 10:39 --------- d-----w C:\Program Files\Realtek
2008-01-31 10:38 --------- d-----w C:\Program Files\Intel
2008-01-31 10:33 --------- d-----w C:\Program Files\microsoft frontpage
2008-01-31 10:32 --------- d-----w C:\Program Files\Services en ligne
2008-01-31 10:32 --------- d-----w C:\Program Files\Fichiers communs\MSSoap
2007-12-05 00:41 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll
2007-12-05 00:41 81,920 ----a-w C:\WINDOWS\system32\nvmctray.dll
2007-12-05 00:41 8,523,776 ----a-w C:\WINDOWS\system32\nvcpl.dll
2007-12-05 00:41 753,664 ----a-w C:\WINDOWS\system32\nvcplui.exe
2007-12-05 00:41 6,901,760 ----a-w C:\WINDOWS\system32\nvoglnt.dll
2007-12-05 00:41 6,549,504 ----a-w C:\WINDOWS\system32\nvdisps.dll
2007-12-05 00:41 5,773,568 ----a-w C:\WINDOWS\system32\nv4_disp.dll
2007-12-05 00:41 5,611,520 ----a-w C:\WINDOWS\system32\nvdispsr.dll
2007-12-05 00:41 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll
2007-12-05 00:41 458,752 ----a-w C:\WINDOWS\system32\nvmccssr.dll
2007-12-05 00:41 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll
2007-12-05 00:41 442,368 ----a-w C:\WINDOWS\system32\nvappbar.exe
2007-12-05 00:41 425,984 ----a-w C:\WINDOWS\system32\keystone.exe
2007-12-05 00:41 385,024 ----a-w C:\WINDOWS\system32\nvapi.dll
2007-12-05 00:41 35,328 ----a-w C:\WINDOWS\system32\nvcodins.dll
2007-12-05 00:41 35,328 ----a-w C:\WINDOWS\system32\nvcod.dll
2007-12-05 00:41 335,872 ----a-w C:\WINDOWS\system32\nvwrses.dll
2007-12-05 00:41 335,872 ----a-w C:\WINDOWS\system32\nvwrsel.dll
2007-12-05 00:41 327,680 ----a-w C:\WINDOWS\system32\nvwrsfr.dll
2007-12-05 00:41 327,680 ----a-w C:\WINDOWS\system32\nvwrsesm.dll
2007-12-05 00:41 327,680 ----a-w C:\WINDOWS\system32\nvrshe.dll
2007-12-05 00:41 327,680 ----a-w C:\WINDOWS\system32\nvrsar.dll
2007-12-05 00:41 323,584 ----a-w C:\WINDOWS\system32\nvwrspt.dll
2007-12-05 00:41 323,584 ----a-w C:\WINDOWS\system32\nvwrsit.dll
2007-12-05 00:41 319,488 ----a-w C:\WINDOWS\system32\nvwrsptb.dll
2007-12-05 00:41 319,488 ----a-w C:\WINDOWS\system32\nvwrsnl.dll
2007-12-05 00:41 315,392 ----a-w C:\WINDOWS\system32\nvwrsru.dll
2007-12-05 00:41 315,392 ----a-w C:\WINDOWS\system32\nvwrshu.dll
2007-12-05 00:41 311,296 ----a-w C:\WINDOWS\system32\nvwrsde.dll
2007-12-05 00:41 307,200 ----a-w C:\WINDOWS\system32\nvexpbar.dll
2007-12-05 00:41 303,104 ----a-w C:\WINDOWS\system32\nvwrstr.dll
2007-12-05 00:41 303,104 ----a-w C:\WINDOWS\system32\nvwrssl.dll
2007-12-05 00:41 303,104 ----a-w C:\WINDOWS\system32\nvwrsfi.dll
2007-12-05 00:41 3,715,072 ----a-w C:\WINDOWS\system32\nvvitvsr.dll
2007-12-05 00:41 3,710,976 ----a-w C:\WINDOWS\system32\nvvitvs.dll
2007-12-05 00:41 3,420,160 ----a-w C:\WINDOWS\system32\nvgames.dll
2007-12-05 00:41 3,334,144 ----a-w C:\WINDOWS\system32\nvgamesr.dll
2007-12-05 00:41 299,008 ----a-w C:\WINDOWS\system32\nvwrssk.dll
2007-12-05 00:41 299,008 ----a-w C:\WINDOWS\system32\nvwrsno.dll
2007-12-05 00:41 294,912 ----a-w C:\WINDOWS\system32\nvwrssv.dll
2007-12-05 00:41 294,912 ----a-w C:\WINDOWS\system32\nvwrspl.dll
2007-12-05 00:41 294,912 ----a-w C:\WINDOWS\system32\nvwrsda.dll
2007-12-05 00:41 290,816 ----a-w C:\WINDOWS\system32\nvwrsth.dll
2007-12-05 00:41 286,720 ----a-w C:\WINDOWS\system32\nvwrseng.dll
2007-12-05 00:41 286,720 ----a-w C:\WINDOWS\system32\nvwrscs.dll
2007-12-05 00:41 286,720 ----a-w C:\WINDOWS\system32\nvnt4cpl.dll
2007-12-05 00:41 282,624 ----a-w C:\WINDOWS\system32\nvwrsar.dll
2007-12-05 00:41 282,624 ----a-w C:\WINDOWS\system32\nvrsfr.dll
2007-12-05 00:41 282,624 ----a-w C:\WINDOWS\system32\nvrses.dll
2007-12-05 00:41 282,624 ----a-w C:\WINDOWS\system32\nvrsel.dll
2007-12-05 00:41 278,528 ----a-w C:\WINDOWS\system32\nvwrshe.dll
2007-12-05 00:41 278,528 ----a-w C:\WINDOWS\system32\nvrsit.dll
2007-12-05 00:41 278,528 ----a-w C:\WINDOWS\system32\nvrsde.dll
2007-12-05 00:41 274,432 ----a-w C:\WINDOWS\system32\nvrspt.dll
2007-12-05 00:41 274,432 ----a-w C:\WINDOWS\system32\nvrsnl.dll
2007-12-05 00:41 274,432 ----a-w C:\WINDOWS\system32\nvrsesm.dll
2007-12-05 00:41 270,336 ----a-w C:\WINDOWS\system32\nvrsru.dll
2007-12-05 00:41 266,240 ----a-w C:\WINDOWS\system32\nvrsptb.dll
2007-12-05 00:41 266,240 ----a-w C:\WINDOWS\system32\nvrsja.dll
2007-12-05 00:41 258,048 ----a-w C:\WINDOWS\system32\nvrstr.dll
2007-12-05 00:41 258,048 ----a-w C:\WINDOWS\system32\nvrssl.dll
2007-12-05 00:41 258,048 ----a-w C:\WINDOWS\system32\nvrssk.dll
2007-12-05 00:41 258,048 ----a-w C:\WINDOWS\system32\nvrsko.dll
2007-12-05 00:41 258,048 ----a-w C:\WINDOWS\system32\nvrshu.dll
2007-12-05 00:41 253,952 ----a-w C:\WINDOWS\system32\nvrsth.dll
2007-12-05 00:41 253,952 ----a-w C:\WINDOWS\system32\nvrssv.dll
2007-12-05 00:41 253,952 ----a-w C:\WINDOWS\system32\nvrspl.dll
2007-12-05 00:41 253,952 ----a-w C:\WINDOWS\system32\nvrsno.dll
2007-12-05 00:41 253,952 ----a-w C:\WINDOWS\system32\nvrsda.dll
2007-12-05 00:41 249,856 ----a-w C:\WINDOWS\system32\nvrsfi.dll
2007-12-05 00:41 249,856 ----a-w C:\WINDOWS\system32\nvrscs.dll
2007-12-05 00:41 245,760 ----a-w C:\WINDOWS\system32\nvrseng.dll
2007-12-05 00:41 229,376 ----a-w C:\WINDOWS\system32\nvmccs.dll
2007-12-05 00:41 225,280 ----a-w C:\WINDOWS\system32\nvrszhc.dll
2007-12-05 00:41 212,992 ----a-w C:\WINDOWS\system32\nvwrsja.dll
2007-12-05 00:41 2,854,912 ----a-w C:\WINDOWS\system32\nvmoblsr.dll
2007-12-05 00:41 2,519,040 ----a-w C:\WINDOWS\system32\nvwssr.dll
2007-12-05 00:41 2,498,560 ----a-w C:\WINDOWS\system32\nvwss.dll
2007-12-05 00:41 196,608 ----a-w C:\WINDOWS\system32\nvwrsko.dll
2007-12-05 00:41 188,416 ----a-w C:\WINDOWS\system32\nvmccss.dll
2007-12-05 00:41 167,936 ----a-w C:\WINDOWS\system32\nvwrszht.dll
2007-12-05 00:41 163,840 ----a-w C:\WINDOWS\system32\nvwrszhc.dll
2007-12-05 00:41 155,716 ----a-w C:\WINDOWS\system32\nvsvc32.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-03-21 15:49 16126464 C:\WINDOWS\RTHDCPL.exe]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" [2007-01-29 23:02 200768]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"PCDAS"="C:\Program Files\Defenza\pcd-as.exe" [2006-12-15 10:47 1359872]
"TrojanScanner"="C:\Program Files\Trojan Remover\Trjscan.exe" [2008-02-01 14:42 743504]
"spywarefighterguard"="C:\Program Files\SPYWAREfighter\spftray.exe" [2007-06-08 11:52 115608]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Synchronizer.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Synchronizer.lnk
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^David^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.2.lnk]
path=C:\Documents and Settings\David\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.2.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.2.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
-r------- 2005-05-03 19:43 69632 C:\WINDOWS\Alcmtr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
--a------ 2007-06-29 15:03 36864 C:\Program Files\GameSpy\Comrade\Comrade.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-05 13:00 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 11:34 5724184 C:\Program Files\Windows Live\Messenger\MsnMsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2007-12-05 01:41 8523776 C:\WINDOWS\system32\NvCpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2007-12-05 01:41 81920 C:\WINDOWS\system32\NvMcTray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2003-12-08 17:35 32768 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
-ra------ 2007-08-06 12:43 23165736 C:\Program Files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
-ra------ 2005-10-26 16:17 159744 C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WLSetupSvc"=3 (0x3)
"usnjsvc"=3 (0x3)

R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2007-03-15 15:12]
R3 SpyFighter;SpyFighter Guard Device;C:\Program Files\SPYWAREfighter\spyfighter.sys [2007-06-08 11:52]
R3 SPYWAREfighterRP;SPYWAREfighterRP;"C:\Program Files\SPYWAREfighter\spfprc.exe" [2007-06-08 11:52]

*Newly Created Service* - SPYFIGHTER
*Newly Created Service* - SPYWAREFIGHTERRP
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-09 13:48:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-09 15:17:50
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-02-09 15:18:42
ComboFix-quarantined-files.txt 2008-02-09 14:18:24
.
2008-01-31 13:21:07 --- E O F ---

Re ,

pas grand chose

Séléctionne l'encadré ci dessous en entier , puis clique droit , choisis Copier

File::
C:\WINDOWS\Alcmtr.exe

Folder::
C:\VundoFix Backups

Registry::
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]

Colle le dans le Bloc-Notes
Enregistre le sur ton Bureau et nomme le CFScript ( type fichier texte )
Fait glisser le fichier CFScript sur le fichier ComboFix.exe comme ceci :



Un menu va apparaitre , tape 1 puis valide
Laisse faire le scan et poste le rapport généré ( C:\ComboFix.txt )

---------------------------------------------------------------------

Télécharge Clean [:eric_71:4] < ici

décompresse-le sur ton bureau ( extraire tous les fichiers) , tu obtient un dossier clean
Ouvre le dossier clean, double-clique sur clean.cmd ( le .cmd peut ne pas apparaitre )
choisis l'option 1 puis patiente

un rapport est généré , poste ce rapport ( C:\rapport_clean.txt )

Voice l'autre rapport de Combo :
ComboFix 08-02.05.3 - David 2008-02-09 15:34:19.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.1621 [GMT 1:00]
Endroit: C:\Documents and Settings\David\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\David\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

FILE
C:\WINDOWS\Alcmtr.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\VundoFix Backups
C:\WINDOWS\Alcmtr.exe

.
((((((((((((((((((((((((((((( Fichiers créés 2008-01-09 to 2008-02-09 ))))))))))))))))))))))))))))))))))))
.

2008-02-09 15:11 . 2004-08-05 13:00 400,896 --a------ C:\kmd.exe
2008-02-09 12:26 . 2008-02-09 12:29 <REP> d-------- C:\Program Files\SPYWAREfighter
2008-02-09 12:26 . 2008-02-09 12:26 <REP> d-------- C:\Program Files\Fichiers communs\Application
2008-02-09 09:46 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-02-09 09:46 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2008-02-08 18:48 . 2008-02-08 18:48 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2008-02-08 18:47 . 2008-02-08 18:48 <REP> d-------- C:\Program Files\Trojan Remover
2008-02-08 18:47 . 2008-02-08 18:47 <REP> d-------- C:\Documents and Settings\David\Application Data\Simply Super Software
2008-02-08 18:47 . 2008-02-08 18:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Simply Super Software
2008-02-08 18:47 . 2006-05-25 14:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll
2008-02-08 18:47 . 2003-02-02 19:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
2008-02-08 18:47 . 2005-08-26 00:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll
2008-02-08 18:47 . 2002-03-06 00:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
2008-02-08 18:47 . 2006-06-19 12:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll
2008-02-07 21:43 . 1996-08-20 20:37 15,840 --a------ C:\WINDOWS\system32\Machnm1.exe
2008-02-07 21:43 . 2005-09-25 16:37 5,632 --a------ C:\WINDOWS\system32\Machnm64.sys
2008-02-07 21:43 . 2008-02-07 21:43 3,120 --a------ C:\WINDOWS\system32\118290.54
2008-02-07 21:43 . 2008-02-07 21:43 3,120 --a------ C:\WINDOWS\118294.78
2008-02-07 21:43 . 2003-08-13 00:27 2,304 --a------ C:\WINDOWS\system32\Machnm32.sys
2008-02-07 21:42 . 2008-02-07 21:43 <REP> d-------- C:\Program Files\Defenza
2008-02-07 19:03 . 2008-02-07 19:03 <REP> d-------- C:\Documents and Settings\David\DoctorWeb
2008-02-07 18:26 . 2008-02-07 18:26 <REP> d--h----- C:\WINDOWS\Copie de $NtServicePackUninstallIDNMitigationAPIs$
2008-02-07 18:26 . 2008-02-07 18:26 <REP> d--h----- C:\WINDOWS\Copie de $MSI31Uninstall_KB893803v2$
2008-02-06 20:12 . 2008-02-06 20:11 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-02-06 20:10 . 2008-02-06 23:21 <REP> d-------- C:\Documents and Settings\David\.housecall6.6
2008-02-06 20:09 . 2008-02-06 20:09 <REP> d-------- C:\WINDOWS\Sun
2008-02-06 20:09 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-02-06 20:07 . 2008-02-06 20:09 <REP> d-------- C:\Program Files\Java
2008-02-06 20:06 . 2008-02-06 20:06 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-02-06 18:17 . 2008-02-06 18:17 <REP> d-------- C:\WINDOWS\nview
2008-02-06 18:17 . 2007-12-05 01:41 356,352 --a------ C:\WINDOWS\system32\nvudisp.exe
2008-02-06 18:17 . 2008-02-06 18:37 163,353 --a------ C:\WINDOWS\system32\nvapps.xml
2008-02-06 18:17 . 2007-12-05 01:41 17,737 --a------ C:\WINDOWS\system32\nvdisp.nvu
2008-02-06 18:15 . 2007-12-05 02:53 356,352 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2008-02-06 16:43 . 2008-02-06 16:43 <REP> d-------- C:\Documents and Settings\David\Application Data\Sierra Entertainment
2008-02-06 16:36 . 2008-02-06 16:36 <REP> d-------- C:\WINDOWS\system32\AGEIA
2008-02-06 16:36 . 2008-02-06 16:37 <REP> d-------- C:\Program Files\AGEIA Technologies
2008-02-06 16:35 . 2008-02-06 16:36 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-02-04 22:08 . 2008-02-06 19:37 <REP> d-------- C:\Program Files\Yahoo!
2008-02-04 22:08 . 2008-02-04 22:08 <REP> d-------- C:\Program Files\CCleaner
2008-02-04 21:52 . 2008-02-04 21:52 691,545 --a------ C:\WINDOWS\unins000.exe
2008-02-04 21:52 . 2008-02-04 21:52 3,457 --a------ C:\WINDOWS\unins000.dat
2008-02-04 19:44 . 2008-02-04 19:44 <REP> d-------- C:\Documents and Settings\David\Application Data\Media Player Classic
2008-02-03 22:33 . 2008-02-03 22:33 <REP> d-------- C:\Program Files\DivX
2008-02-03 22:28 . 2008-02-07 20:32 <REP> d-------- C:\Documents and Settings\David\Application Data\Skype
2008-02-03 22:27 . 2008-02-03 22:27 <REP> d-------- C:\Program Files\Fichiers communs\Skype
2008-02-03 21:30 . 2008-02-03 21:39 <REP> d-------- C:\vcs5BGEffects
2008-02-03 21:28 . 2008-02-04 20:29 <REP> d-------- C:\Program Files\AV Vcs 6.0
2008-02-03 18:34 . 2008-02-03 18:34 <REP> d-------- C:\PunkBuster
2008-02-03 17:52 . 2008-02-03 17:52 <REP> dr-h----- C:\Documents and Settings\David\Application Data\SecuROM
2008-02-03 17:52 . 2008-02-03 17:52 107,888 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2008-02-02 12:08 . 2008-02-02 12:08 <REP> d-------- C:\Program Files\GameSpy
2008-02-02 12:07 . 2008-02-02 12:07 <REP> d-------- C:\WINDOWS\system32\URTTemp
2008-02-02 12:06 . 2007-07-19 18:14 3,727,720 --a------ C:\WINDOWS\system32\d3dx9_35.dll
2008-02-02 12:06 . 2007-07-19 18:14 1,358,192 --a------ C:\WINDOWS\system32\D3DCompiler_35.dll
2008-02-02 12:06 . 2008-02-02 12:06 669,184 --a------ C:\WINDOWS\system32\pbsvc.exe
2008-02-02 12:06 . 2007-07-19 18:14 444,776 --a------ C:\WINDOWS\system32\d3dx10_35.dll
2008-02-02 11:38 . 2008-02-02 11:38 <REP> d-------- C:\Program Files\Electronic Arts
2008-02-02 00:34 . 2008-02-05 15:42 69 --a------ C:\WINDOWS\NeroDigital.ini
2008-02-02 00:15 . 2005-07-16 02:39 374,272 --a------ C:\WINDOWS\system32\mss32.dll
2008-02-02 00:10 . 2008-02-02 00:10 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-02-02 00:10 . 2008-02-06 11:43 107,832 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2008-02-02 00:10 . 2008-02-02 12:06 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2008-02-02 00:10 . 2008-02-06 11:43 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-02-02 00:10 . 2008-02-02 12:06 22,328 --a------ C:\Documents and Settings\David\Application Data\PnkBstrK.sys
2008-02-02 00:10 . 2008-02-02 00:10 319 --a------ C:\WINDOWS\game.ini
2008-02-01 23:53 . 2008-02-01 23:53 <REP> d-------- C:\Program Files\Activision
2008-02-01 23:52 . 2008-02-01 23:52 <REP> d--hs---- C:\WINDOWS\ftpcache
2008-02-01 18:47 . 2008-02-03 21:39 <REP> d-------- C:\Documents and Settings\David\Application Data\skypePM
2008-02-01 18:47 . 2008-02-01 18:47 32 --a------ C:\Documents and Settings\All Users\Application Data\ezsid.dat
2008-02-01 18:44 . 2008-02-03 22:27 <REP> d-------- C:\Program Files\Skype
2008-02-01 18:44 . 2008-02-03 22:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-02-01 17:06 . 2008-02-04 16:44 <REP> d-------- C:\Documents and Settings\David\Application Data\OpenOffice.org2
2008-02-01 16:47 . 2008-02-01 16:48 <REP> d-------- C:\Documents and Settings\David\Application Data\Teleca
2008-02-01 16:47 . 2008-02-01 16:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
2008-02-01 16:46 . 2008-02-01 16:46 <REP> d-------- C:\Program Files\Sony Ericsson
2008-02-01 16:46 . 2008-02-01 16:47 <REP> d-------- C:\Program Files\Fichiers communs\Teleca Shared
2008-02-01 16:46 . 2008-02-01 16:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Teleca
2008-02-01 16:45 . 2008-02-01 16:45 <REP> d-------- C:\WINDOWS\Downloaded Installations
2008-02-01 16:45 . 2008-02-01 16:45 6,176 --a------ C:\WINDOWS\system32\drivers\w810cm.sys
2008-02-01 16:45 . 2008-02-01 16:45 5,808 --a------ C:\WINDOWS\system32\drivers\w810wh.sys
2008-01-31 21:04 . 2008-01-31 21:04 <REP> d-------- C:\Program Files\Fichiers communs\Blizzard Entertainment
2008-01-31 20:02 . 2008-02-03 22:33 1,292 --a------ C:\WINDOWS\mozver.dat
2008-01-31 18:30 . 2008-01-31 18:43 139,264 --a------ C:\WINDOWS\War3Unin.exe
2008-01-31 18:30 . 2008-02-08 18:24 87,649 --a------ C:\WINDOWS\War3Unin.dat
2008-01-31 18:30 . 2008-01-31 18:43 2,829 --a------ C:\WINDOWS\War3Unin.pif
2008-01-31 18:20 . 2008-01-31 18:20 81,920 --a------ C:\WINDOWS\system32\W32N50.dll
2008-01-31 18:20 . 2008-01-31 18:20 17,134 --a------ C:\WINDOWS\system32\PCANDIS5.sys
2008-01-31 18:19 . 2008-01-31 18:19 <REP> d-------- C:\Program Files\Securitoo
2008-01-31 18:12 . 2008-01-31 18:12 <REP> d-------- C:\Program Files\Windows Live Toolbar
2008-01-31 18:12 . 2008-01-31 18:12 <REP> d-------- C:\Program Files\Windows Live Favorites
2008-01-31 18:07 . 2008-01-31 18:11 <REP> d-------- C:\Program Files\Windows Live
2008-01-31 18:07 . 2008-01-31 18:11 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-01-31 18:07 . 2008-01-31 18:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-01-31 18:04 . 2008-01-31 18:12 <REP> d-------- C:\Documents and Settings\David\Contacts
2008-01-31 17:58 . 2008-01-31 17:58 <REP> d-------- C:\Temp
2008-01-31 17:51 . 2008-01-31 17:51 <REP> d-------- C:\Program Files\Kaspersky Lab
2008-01-31 17:51 . 2008-01-31 17:51 <REP> d-------- C:\KAV
2008-01-31 17:51 . 2008-02-09 15:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-01-31 17:51 . 2008-02-09 15:35 6,365,216 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-07 20:42 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-07 20:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-02-01 15:45 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-01-31 11:17 --------- d-----w C:\Program Files\Fichiers communs\SpeechEngines
2008-01-31 11:17 --------- d-----w C:\Program Files\Fichiers communs\ODBC
2008-01-31 10:45 --------- d-----w C:\Program Files\OpenOffice.org 2.2
2008-01-31 10:45 --------- d-----w C:\Program Files\Fichiers communs\Ahead
2008-01-31 10:45 --------- d-----w C:\Program Files\Ahead
2008-01-31 10:44 --------- d-----w C:\Program Files\Satsuki Decoder Pack
2008-01-31 10:44 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-01-31 10:44 --------- d-----w C:\Program Files\Alwil Software
2008-01-31 10:39 315,392 ----a-w C:\WINDOWS\HideWin.exe
2008-01-31 10:39 --------- d-----w C:\Program Files\Realtek
2008-01-31 10:38 --------- d-----w C:\Program Files\Intel
2008-01-31 10:33 --------- d-----w C:\Program Files\microsoft frontpage
2008-01-31 10:32 --------- d-----w C:\Program Files\Services en ligne
2008-01-31 10:32 --------- d-----w C:\Program Files\Fichiers communs\MSSoap
2007-12-05 00:41 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll
2007-12-05 00:41 81,920 ----a-w C:\WINDOWS\system32\nvmctray.dll
2007-12-05 00:41 8,523,776 ----a-w C:\WINDOWS\system32\nvcpl.dll
2007-12-05 00:41 753,664 ----a-w C:\WINDOWS\system32\nvcplui.exe
2007-12-05 00:41 6,901,760 ----a-w C:\WINDOWS\system32\nvoglnt.dll
2007-12-05 00:41 6,549,504 ----a-w C:\WINDOWS\system32\nvdisps.dll
2007-12-05 00:41 5,773,568 ----a-w C:\WINDOWS\system32\nv4_disp.dll
2007-12-05 00:41 5,611,520 ----a-w C:\WINDOWS\system32\nvdispsr.dll
2007-12-05 00:41 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll
2007-12-05 00:41 458,752 ----a-w C:\WINDOWS\system32\nvmccssr.dll
2007-12-05 00:41 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll
2007-12-05 00:41 442,368 ----a-w C:\WINDOWS\system32\nvappbar.exe
2007-12-05 00:41 425,984 ----a-w C:\WINDOWS\system32\keystone.exe
2007-12-05 00:41 385,024 ----a-w C:\WINDOWS\system32\nvapi.dll
2007-12-05 00:41 35,328 ----a-w C:\WINDOWS\system32\nvcodins.dll
2007-12-05 00:41 35,328 ----a-w C:\WINDOWS\system32\nvcod.dll
2007-12-05 00:41 335,872 ----a-w C:\WINDOWS\system32\nvwrses.dll
2007-12-05 00:41 335,872 ----a-w C:\WINDOWS\system32\nvwrsel.dll
2007-12-05 00:41 327,680 ----a-w C:\WINDOWS\system32\nvwrsfr.dll
2007-12-05 00:41 327,680 ----a-w C:\WINDOWS\system32\nvwrsesm.dll
2007-12-05 00:41 327,680 ----a-w C:\WINDOWS\system32\nvrshe.dll
2007-12-05 00:41 327,680 ----a-w C:\WINDOWS\system32\nvrsar.dll
2007-12-05 00:41 323,584 ----a-w C:\WINDOWS\system32\nvwrspt.dll
2007-12-05 00:41 323,584 ----a-w C:\WINDOWS\system32\nvwrsit.dll
2007-12-05 00:41 319,488 ----a-w C:\WINDOWS\system32\nvwrsptb.dll
2007-12-05 00:41 319,488 ----a-w C:\WINDOWS\system32\nvwrsnl.dll
2007-12-05 00:41 315,392 ----a-w C:\WINDOWS\system32\nvwrsru.dll
2007-12-05 00:41 315,392 ----a-w C:\WINDOWS\system32\nvwrshu.dll
2007-12-05 00:41 311,296 ----a-w C:\WINDOWS\system32\nvwrsde.dll
2007-12-05 00:41 307,200 ----a-w C:\WINDOWS\system32\nvexpbar.dll
2007-12-05 00:41 303,104 ----a-w C:\WINDOWS\system32\nvwrstr.dll
2007-12-05 00:41 303,104 ----a-w C:\WINDOWS\system32\nvwrssl.dll
2007-12-05 00:41 303,104 ----a-w C:\WINDOWS\system32\nvwrsfi.dll
2007-12-05 00:41 3,715,072 ----a-w C:\WINDOWS\system32\nvvitvsr.dll
2007-12-05 00:41 3,710,976 ----a-w C:\WINDOWS\system32\nvvitvs.dll
2007-12-05 00:41 3,420,160 ----a-w C:\WINDOWS\system32\nvgames.dll
2007-12-05 00:41 3,334,144 ----a-w C:\WINDOWS\system32\nvgamesr.dll
2007-12-05 00:41 299,008 ----a-w C:\WINDOWS\system32\nvwrssk.dll
2007-12-05 00:41 299,008 ----a-w C:\WINDOWS\system32\nvwrsno.dll
2007-12-05 00:41 294,912 ----a-w C:\WINDOWS\system32\nvwrssv.dll
2007-12-05 00:41 294,912 ----a-w C:\WINDOWS\system32\nvwrspl.dll
2007-12-05 00:41 294,912 ----a-w C:\WINDOWS\system32\nvwrsda.dll
2007-12-05 00:41 290,816 ----a-w C:\WINDOWS\system32\nvwrsth.dll
2007-12-05 00:41 286,720 ----a-w C:\WINDOWS\system32\nvwrseng.dll
2007-12-05 00:41 286,720 ----a-w C:\WINDOWS\system32\nvwrscs.dll
2007-12-05 00:41 286,720 ----a-w C:\WINDOWS\system32\nvnt4cpl.dll
2007-12-05 00:41 282,624 ----a-w C:\WINDOWS\system32\nvwrsar.dll
2007-12-05 00:41 282,624 ----a-w C:\WINDOWS\system32\nvrsfr.dll
2007-12-05 00:41 282,624 ----a-w C:\WINDOWS\system32\nvrses.dll
2007-12-05 00:41 282,624 ----a-w C:\WINDOWS\system32\nvrsel.dll
2007-12-05 00:41 278,528 ----a-w C:\WINDOWS\system32\nvwrshe.dll
2007-12-05 00:41 278,528 ----a-w C:\WINDOWS\system32\nvrsit.dll
2007-12-05 00:41 278,528 ----a-w C:\WINDOWS\system32\nvrsde.dll
2007-12-05 00:41 274,432 ----a-w C:\WINDOWS\system32\nvrspt.dll
2007-12-05 00:41 274,432 ----a-w C:\WINDOWS\system32\nvrsnl.dll
2007-12-05 00:41 274,432 ----a-w C:\WINDOWS\system32\nvrsesm.dll
2007-12-05 00:41 270,336 ----a-w C:\WINDOWS\system32\nvrsru.dll
2007-12-05 00:41 266,240 ----a-w C:\WINDOWS\system32\nvrsptb.dll
2007-12-05 00:41 266,240 ----a-w C:\WINDOWS\system32\nvrsja.dll
2007-12-05 00:41 258,048 ----a-w C:\WINDOWS\system32\nvrstr.dll
2007-12-05 00:41 258,048 ----a-w C:\WINDOWS\system32\nvrssl.dll
2007-12-05 00:41 258,048 ----a-w C:\WINDOWS\system32\nvrssk.dll
2007-12-05 00:41 258,048 ----a-w C:\WINDOWS\system32\nvrsko.dll
2007-12-05 00:41 258,048 ----a-w C:\WINDOWS\system32\nvrshu.dll
2007-12-05 00:41 253,952 ----a-w C:\WINDOWS\system32\nvrsth.dll
2007-12-05 00:41 253,952 ----a-w C:\WINDOWS\system32\nvrssv.dll
2007-12-05 00:41 253,952 ----a-w C:\WINDOWS\system32\nvrspl.dll
2007-12-05 00:41 253,952 ----a-w C:\WINDOWS\system32\nvrsno.dll
2007-12-05 00:41 253,952 ----a-w C:\WINDOWS\system32\nvrsda.dll
2007-12-05 00:41 249,856 ----a-w C:\WINDOWS\system32\nvrsfi.dll
2007-12-05 00:41 249,856 ----a-w C:\WINDOWS\system32\nvrscs.dll
2007-12-05 00:41 245,760 ----a-w C:\WINDOWS\system32\nvrseng.dll
2007-12-05 00:41 229,376 ----a-w C:\WINDOWS\system32\nvmccs.dll
2007-12-05 00:41 225,280 ----a-w C:\WINDOWS\system32\nvrszhc.dll
2007-12-05 00:41 212,992 ----a-w C:\WINDOWS\system32\nvwrsja.dll
2007-12-05 00:41 2,854,912 ----a-w C:\WINDOWS\system32\nvmoblsr.dll
2007-12-05 00:41 2,519,040 ----a-w C:\WINDOWS\system32\nvwssr.dll
2007-12-05 00:41 2,498,560 ----a-w C:\WINDOWS\system32\nvwss.dll
2007-12-05 00:41 196,608 ----a-w C:\WINDOWS\system32\nvwrsko.dll
2007-12-05 00:41 188,416 ----a-w C:\WINDOWS\system32\nvmccss.dll
2007-12-05 00:41 167,936 ----a-w C:\WINDOWS\system32\nvwrszht.dll
2007-12-05 00:41 163,840 ----a-w C:\WINDOWS\system32\nvwrszhc.dll
2007-12-05 00:41 155,716 ----a-w C:\WINDOWS\system32\nvsvc32.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2007-03-21 15:49 16126464 C:\WINDOWS\RTHDCPL.exe]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" [2007-01-29 23:02 200768]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"PCDAS"="C:\Program Files\Defenza\pcd-as.exe" [2006-12-15 10:47 1359872]
"TrojanScanner"="C:\Program Files\Trojan Remover\Trjscan.exe" [2008-02-01 14:42 743504]
"spywarefighterguard"="C:\Program Files\SPYWAREfighter\spftray.exe" [2007-06-08 11:52 115608]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Synchronizer.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Synchronizer.lnk
backup=C:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^David^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.2.lnk]
path=C:\Documents and Settings\David\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.2.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.2.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Comrade.exe]
--a------ 2007-06-29 15:03 36864 C:\Program Files\GameSpy\Comrade\Comrade.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-05 13:00 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
--a------ 2007-10-18 11:34 5724184 C:\Program Files\Windows Live\Messenger\MsnMsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
--a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2007-12-05 01:41 8523776 C:\WINDOWS\system32\NvCpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2007-12-05 01:41 81920 C:\WINDOWS\system32\NvMcTray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
--a------ 2003-12-08 17:35 32768 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
-ra------ 2007-08-06 12:43 23165736 C:\Program Files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]
-ra------ 2005-10-26 16:17 159744 C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WLSetupSvc"=3 (0x3)
"usnjsvc"=3 (0x3)

R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2007-03-15 15:12]
R3 SpyFighter;SpyFighter Guard Device;C:\Program Files\SPYWAREfighter\spyfighter.sys [2007-06-08 11:52]
R3 SPYWAREfighterRP;SPYWAREfighterRP;"C:\Program Files\SPYWAREfighter\spfprc.exe" [2007-06-08 11:52]

*Newly Created Service* - SPYFIGHTER
*Newly Created Service* - SPYWAREFIGHTERRP
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-09 13:48:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-09 15:35:23
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-02-09 15:36:22
ComboFix-quarantined-files.txt 2008-02-09 14:36:01
ComboFix2.txt 2008-02-09 14:18:43
.
2008-01-31 13:21:07 --- E O F ---

Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 09/02/2008 a 16:00:16,82

Microsoft Windows XP [version 5.1.2600]

*** Suppression des fichiers dans C:
tentative de suppression de C:\kmd.exe

*** Suppression des fichiers dans C:\WINDOWS\

*** Suppression des fichiers dans C:\WINDOWS\system32

;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-02-09 18:08:39
PROTECTIONS: 1
MALWARE: 6
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Kaspersky Anti-Virus 6.0.2.614 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\David\Cookies\david@atdmt[2].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\David\Cookies\david@xiti[1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\David\Cookies\david@advertising[2].txt
00238695 Application/Pskill.K HackTools No 0 Yes No C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\T4XECWJY\clean[1].zip[clean/pskill.exe]
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\David\Cookies\david@smartadserver[2].txt
01262593 Application/NirCmd.A HackTools No 0 Yes No C:\WINDOWS\Nircmd.exe
;===================================================================================================================================================================================
SUSPECTS
Location
;===================================================================================================================================================================================
;===================================================================================================================================================================================

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:38:23, on 09/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SPYWAREfighter\spfprc.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\0NBJO3IY\HiJackThis[1].exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [PCDAS] C:\Program Files\Defenza\pcd-as.exe /10003
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [spywarefighterguard] C:\Program Files\SPYWAREfighter\spftray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/cabs/ascstubie.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-win...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SPYWAREfighterRP - SpamFighter APS - C:\Program Files\SPYWAREfighter\spfprc.exe

--
End of file - 6156 bytes

Re ,

rien , c'est pas par hasard depuis que tu as installé Kaspersky ( il est un peu gourmand ... ) ?

Relance HiJackThis clique cette fois sur [do a system scan only]
coche dans les cases à gauche les lignes suivantes ( et uniquement celles-ci ) :
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

et clique sur [Fix checked] ( en bas à gauche )
A la demande de confirmation , répond Oui

Lassé par la pub ? Créez un compte

Créer un nouveau sujet

Tom's guide dans le monde