Ordinateur infecté par le Win32:TratBHO [trj]

Un bonjour ?

Télécharge puis installe Hijackthis (Trend Micro).
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

Bonjour Angeldark, voila le scan Hijackthis :

Logfile of HijackThis v1.99.1
Scan saved at 15:09, on 2008-02-13
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\program files\internet explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Mi©K\Bureau\kav7.0.1.321.fr.01NET.exe
C:\Program Files\LClock\lclock.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Scanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [combofix] C:\WINDOWS\system32\kmd.exe /c C:\ComboFix\Combobatch.bat
O4 - HKLM\..\RunOnce: [avp6_post_install] msiexec.exe /i"C:\DOCUME~1\MIK~1\LOCALS~1\Temp\KAV7.0.1.321\kav7.0.1.321fr.msi"
O4 - HKCU\..\Run: [MsnMsgr] "C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\lclock.exe
O4 - HKCU\..\Run: [tr_winamp] C:\Program Files\Winamp\winamp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Transfert par Image Converter 3 - C:\PROGRAM FILES\SONY\IMAGE CONVERTER 3\menu.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: nnnnmmj - nnnnmmj.dll (file missing)
O20 - Winlogon Notify: scredir32 - C:\WINDOWS\SYSTEM32\scredir32.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe


Merci pour ton aide

Re,

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.

Double-clique VundoFix.exe afin de le lancer

Clique sur le bouton Scan for Vundo

Lorsque le scan est complété, clique sur le bouton Remove Vundo

Une invite te demandera si tu veux supprimer les fichiers, clique YES

Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers

Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK

Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse
Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".

Re,
excuse moi mais le lien pour VundoFix.exe est mort. Je fais comment?

Ok, on va faire autrement.

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.

Double clique sur combofix.exe afin de le lancer.

Tape sur la touche 1 (Yes) pour démarrer le scan.

Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

C'est bon j'ai trouvé VundoFix a un autre endroit, voici le scan :


VundoFix V6.5.4

Checking Java version...

Sun Java not detected
Scan started at 15:29:41 Mick 2008-02-13

Listing files found while scanning....

No infected files were found.


Beginning removal...


Le second scan hijackthis :

Logfile of HijackThis v1.99.1
Scan saved at 15:33, on 2008-02-13
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\program files\internet explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Mi©K\Bureau\kav7.0.1.321.fr.01NET.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Scanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [combofix] C:\WINDOWS\system32\kmd.exe /c C:\ComboFix\Combobatch.bat
O4 - HKLM\..\RunOnce: [avp6_post_install] msiexec.exe /i"C:\DOCUME~1\MIK~1\LOCALS~1\Temp\KAV7.0.1.321\kav7.0.1.321fr.msi"
O4 - HKCU\..\Run: [MsnMsgr] "C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\lclock.exe
O4 - HKCU\..\Run: [tr_winamp] C:\Program Files\Winamp\winamp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Transfert par Image Converter 3 - C:\PROGRAM FILES\SONY\IMAGE CONVERTER 3\menu.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: nnnnmmj - nnnnmmj.dll (file missing)
O20 - Winlogon Notify: scredir32 - C:\WINDOWS\SYSTEM32\scredir32.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

Encore merci ...  

Combofix  

Voici le log comboFix :

ComboFix 08-02-13.2 - Mi©K 2008-02-13 15:36:16.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.541 [GMT 1:00]
Endroit: C:\Documents and Settings\Mi©K\Bureau\ComboFix.exe

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat

----- BITS: Possible sites infectés -----

hxxp://au.download.windowsupdateõj+|Cü¤Ì›v÷+È@™JŸ:®½‰NêGD_©½ºD˜QÄ{¶ÀzÎtçÒ»ÌHžG†.XóÆéOFXß”ŒJ”MŽG—†n‘WU Client Download S-1-5-18`€HT4?? 6ÚVwoQZC¬¬D¢HÿóMwC:\WINDOWS\SoftwareDistribution\Download\c8378ccca1581319d7b7f3a9d1188607\download\WindowsXP-KB891781-x86-FRA.psf.blob†
.
((((((((((((((((((((((((((((( Fichiers créés 2008-01-13 to 2008-02-13 ))))))))))))))))))))))))))))))))))))
.

2008-02-13 15:29 . 2008-02-13 15:29 <REP> d-------- C:\VundoFix Backups
2008-02-13 14:35 . 2008-02-13 14:35 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-02-13 14:35 . 2008-02-13 14:35 <REP> d--h----- C:\kleaner.tmp
2008-02-13 14:31 . 2008-02-13 14:31 <REP> d-------- C:\WINDOWS\LastGood
2008-02-13 14:07 . 2008-02-13 14:18 60,416 --a------ C:\WINDOWS\system32\drivers\ComboFix.sys
2008-02-13 14:01 . 2006-03-02 13:00 428,032 --a------ C:\kmd.exe
2008-02-10 14:10 . 2008-02-10 14:10 <REP> d-------- C:\Program Files\id Software
2008-02-10 13:05 . 2008-02-10 13:46 1,466,368 --a------ C:\WINDOWS\system32\WinSpooler.exe
2008-02-10 11:38 . 2008-02-10 11:38 <REP> d--hs---- C:\WINDOWS\ftpcache
2008-02-10 11:09 . 2008-02-10 11:09 319 --a------ C:\WINDOWS\game.ini
2008-02-10 11:05 . 2008-02-10 11:05 <REP> d-------- C:\Program Files\Activision
2008-02-10 10:37 . 2008-02-10 10:37 <REP> d-------- C:\Documents and Settings\Mi©K\Application Data\VadeRetro
2008-02-10 10:37 . 2007-08-14 23:16 1,335,296 --a------ C:\WINDOWS\system32\msxml6.dll
2008-02-10 10:37 . 2007-08-14 23:16 2,048 --a------ C:\WINDOWS\system32\msxml6r.dll
2008-02-10 10:36 . 2008-02-10 10:36 <REP> d-------- C:\Program Files\Goto Software
2008-02-10 10:36 . 2008-02-10 10:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\VadeRetro
2008-02-10 10:36 . 1999-02-22 16:46 148,992 --a------ C:\WINDOWS\UNWISE.EXE
2008-02-10 10:36 . 1998-12-23 08:19 5,891 --a------ C:\WINDOWS\UNWISE.INI
2008-02-04 20:22 . 2008-02-04 20:22 <REP> d-------- C:\WINDOWS\Mozilla
2008-02-04 20:22 . 2008-02-04 20:22 <REP> d-------- C:\Documents and Settings\Mi©K\Application Data\fltk.org
2008-02-03 17:49 . 2008-02-13 14:20 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-02-03 17:49 . 2008-02-10 13:48 37,888 --a------ C:\WINDOWS\system32\rar.exe
2008-02-03 14:35 . 2008-02-03 14:35 <REP> d-------- C:\Fichier texte
2008-02-03 13:37 . 2007-09-06 12:09 801,144 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-02-03 13:37 . 2004-01-09 11:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-02-03 13:37 . 2007-09-06 12:00 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-02-03 13:37 . 2007-09-06 12:05 92,848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-02-03 12:01 . 2008-02-03 12:03 <REP> d-------- C:\Program Files\Serious Sam 2
2008-02-02 15:11 . 2008-02-02 15:11 <REP> d-------- C:\Program Files\Lavasoft
2008-02-02 15:11 . 2008-02-02 15:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-02-02 15:09 . 2008-02-02 15:10 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-01-30 17:20 . 2008-01-30 17:20 <REP> d-------- C:\Program Files\K-Lite Codec Pack
2008-01-30 17:20 . 2007-11-29 23:30 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-01-30 17:20 . 2007-12-04 02:33 682,496 --a------ C:\WINDOWS\system32\divx.dll
2008-01-30 17:20 . 2006-09-24 16:11 389,120 --a------ C:\WINDOWS\system32\lameACM.acm
2008-01-30 17:20 . 2004-01-25 17:18 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2008-01-30 17:20 . 2007-09-04 17:56 164,352 --a------ C:\WINDOWS\system32\unrar.dll
2008-01-30 17:20 . 2007-09-21 01:52 118,784 --a------ C:\WINDOWS\system32\ac3acm.acm
2008-01-30 17:20 . 2007-11-29 23:28 81,920 --a------ C:\WINDOWS\system32\dpl100.dll
2008-01-30 17:20 . 2007-12-24 13:49 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-01-30 17:20 . 2007-07-10 17:10 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest
2008-01-30 17:20 . 2007-10-03 16:03 414 --a------ C:\WINDOWS\system32\lame_acm.xml
2008-01-26 19:45 . 2008-01-26 19:46 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\Winamp
2008-01-26 19:45 . 2008-01-26 19:45 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\MiniLyrics
2008-01-25 18:08 . 2008-01-25 18:08 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-01-25 18:07 . 2008-01-25 18:07 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-01-25 18:07 . 2008-01-25 18:07 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-01-25 16:57 . 2008-01-25 16:57 <REP> d-------- C:\Documents and Settings\Alexis\Contacts
2008-01-24 21:17 . 2008-01-24 21:19 <REP> d-------- C:\Program Files\TVAnts
2008-01-23 17:10 . 2008-01-06 12:45 <REP> d--h----- C:\Documents and Settings\Alexis\Voisinage réseau
2008-01-23 17:10 . 2008-01-06 12:45 <REP> d--h----- C:\Documents and Settings\Alexis\Voisinage d'impression
2008-01-23 17:10 . 2008-01-06 12:37 <REP> d--h----- C:\Documents and Settings\Alexis\Modèles
2008-01-23 17:10 . 2008-02-02 21:31 <REP> d---s---- C:\Documents and Settings\Alexis\Mes documents
2008-01-23 17:10 . 2008-01-06 12:45 <REP> dr------- C:\Documents and Settings\Alexis\Menu Démarrer
2008-01-23 17:10 . 2008-01-23 17:10 <REP> d---s---- C:\Documents and Settings\Alexis\Favoris
2008-01-23 17:10 . 2008-02-03 18:37 <REP> d-------- C:\Documents and Settings\Alexis\Bureau
2008-01-22 20:23 . 2008-01-22 20:23 <REP> d-------- C:\Program Files\Everest Ultimate Edition 2007
2008-01-22 20:22 . 2008-01-22 20:22 <REP> d-------- C:\Program Files\Lavalys
2008-01-20 18:34 . 2008-01-20 18:36 <REP> d-------- C:\WINDOWS\NV3348528.TMP
2008-01-20 18:34 . 2007-12-17 13:53 159,458 --a------ C:\WINDOWS\system32\nvapps.nvb
2008-01-20 18:33 . 2008-01-21 20:00 <REP> dr------- C:\NVIDIA
2008-01-20 18:26 . 2008-01-20 18:28 <REP> d-------- C:\Program Files\PhotoFiltre
2008-01-20 18:25 . 2004-10-08 11:59 326,656 --a------ C:\WINDOWS\system32\drivers\Camdrl.sys
2008-01-20 18:10 . 2008-01-20 18:10 <REP> d-------- C:\WINDOWS\system32\Lang
2008-01-20 18:10 . 2008-01-20 18:10 940,794 --a------ C:\WINDOWS\system32\LoopyMusic.wav
2008-01-20 18:10 . 2008-01-20 18:10 146,650 --a------ C:\WINDOWS\system32\BuzzingBee.wav
2008-01-16 19:52 . 2008-02-13 14:50 <REP> d-------- C:\WINDOWS\Downloaded Installations
2008-01-16 19:52 . 2008-01-16 19:52 <REP> d-------- C:\Program Files\Veoh Networks
2008-01-16 15:03 . 2008-01-16 15:05 <REP> d-------- C:\Documents and Settings\Mi©K\Application Data\BitTorrent
2008-01-16 15:02 . 2008-01-16 15:02 <REP> d-------- C:\Program Files\BitTorrent_DNA
2008-01-16 15:02 . 2008-01-16 15:03 <REP> d-------- C:\Program Files\BitTorrent
2008-01-16 15:02 . 2008-01-22 20:53 <REP> d-------- C:\Documents and Settings\Mi©K\Application Data\BitTorrent DNA
2008-01-16 14:57 . 2008-01-16 14:57 <REP> d-------- C:\Program Files\DivX
2008-01-15 19:03 . 2008-02-03 20:36 <REP> d-------- C:\Program Files\Lyrics
2008-01-15 18:59 . 2008-01-15 18:59 <REP> d-------- C:\Documents and Settings\Mi©K\Application Data\Apple Computer
2008-01-15 18:59 . 2008-01-29 18:01 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-15 18:59 . 2008-01-15 18:59 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-15 18:57 . 2008-01-15 18:58 <REP> d-------- C:\Program Files\QuickTime
2008-01-15 18:57 . 2008-01-15 18:57 <REP> d-------- C:\Program Files\Apple Software Update
2008-01-15 18:57 . 2008-01-15 18:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-01-15 18:57 . 2008-01-15 18:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-01-13 18:24 . 2008-01-13 18:24 <REP> d-------- C:\Documents and Settings\All Users\SonicStage
2008-01-13 18:04 . 2008-01-13 18:04 <REP> d-------- C:\Program Files\Common Files
2008-01-13 18:03 . 2008-01-13 18:03 <REP> d-------- C:\Documents and Settings\Mi©K\Application Data\InstallShield
2008-01-13 18:03 . 2001-09-13 02:15 90,112 --------- C:\WINDOWS\snymsico.dll
2008-01-13 18:03 . 2002-08-08 15:51 38,951 --------- C:\WINDOWS\system32\drivers\NETMDUSB.sys
2008-01-13 18:03 . 2005-10-31 10:46 36,679 --------- C:\WINDOWS\system32\drivers\NETMD052.sys
2008-01-13 18:03 . 2003-11-10 12:31 36,232 --------- C:\WINDOWS\system32\drivers\NETMD033.sys
2008-01-13 18:03 . 2003-04-01 18:55 35,319 --------- C:\WINDOWS\system32\drivers\NETMD031.sys
2008-01-13 18:02 . 2007-01-13 08:24 770,048 --a------ C:\WINDOWS\system32\CDDBUISony.dll
2008-01-13 18:02 . 2007-01-13 08:22 655,360 --a------ C:\WINDOWS\system32\CDDBControlSony.dll
2008-01-13 18:02 . 2007-01-13 08:22 589,824 --a------ C:\WINDOWS\system32\CddbMusicIDSony.dll
2008-01-13 18:02 . 2007-01-13 08:25 532,480 --a------ C:\WINDOWS\system32\CddbPlaylist2Sony.dll
2008-01-13 18:02 . 2007-01-13 08:27 98,304 --a------ C:\WINDOWS\system32\CddbLangFRSony.dll
2008-01-13 18:02 . 2007-01-13 08:24 73,728 --a------ C:\WINDOWS\system32\CddbLinkSony.dll
2008-01-13 18:01 . 2008-01-13 18:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sony Corporation
2008-01-13 18:00 . 2008-01-13 18:06 <REP> d-------- C:\Program Files\Fichiers communs\Sony Shared
2008-01-13 18:00 . 2008-01-13 18:36 <REP> d-------- C:\Documents and Settings\Mi©K\Application Data\Sony Corporation
2008-01-13 17:56 . 2005-08-13 05:06 22,486 -ra------ C:\WINDOWS\system32\UnInstall_Driver.ico
2008-01-13 17:55 . 2008-01-13 17:55 <REP> d-------- C:\Program Files\Samsung

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-13 14:33 9,383 ----a-w C:\Program Files\hijackthis.log
2008-02-13 13:35 --------- d-----r C:\Program Files\Alwil Software
2008-02-10 12:14 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\ma-config.com
2008-02-10 12:05 741,376 ----a-w C:\WINDOWS\system32\WinUpdating.exe
2008-02-10 10:09 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-03 17:14 --------- d-----w C:\Program Files\Steam
2008-02-03 16:49 753,664 ----a-w C:\WINDOWS\system32\NTSpool.exe
2008-02-03 13:09 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\MiniLyrics
2008-02-02 20:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-01-22 08:55 --------- d-----r C:\Program Files\Mozilla Thunderbird
2008-01-21 18:58 --------- d-----r C:\Program Files\Intel
2008-01-20 17:24 --------- d-----r C:\Program Files\Logitech
2008-01-15 19:47 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\Winamp
2008-01-13 17:19 --------- d-----r C:\Program Files\Yahoo!
2008-01-12 09:32 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\vlc
2008-01-10 19:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-01-10 19:38 --------- d-----w C:\Program Files\StuffPlug3
2008-01-10 17:46 --------- d-----w C:\Program Files\Microsoft Works
2008-01-10 17:45 --------- d-----w C:\Program Files\MSBuild
2008-01-09 16:22 --------- d-----w C:\Program Files\LClock
2008-01-09 15:22 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\AdobeUM
2008-01-09 14:08 --------- d-----w C:\Program Files\Fichiers communs\Adobe Systems Shared
2008-01-09 14:08 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-01-09 14:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe Systems
2008-01-08 19:26 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\Ahead
2008-01-08 19:24 --------- d-----w C:\Program Files\Nero
2008-01-08 19:24 --------- d-----w C:\Program Files\Fichiers communs\Ahead
2008-01-07 18:35 --------- d-----w C:\Program Files\Dofus
2008-01-07 17:48 --------- d-----r C:\Program Files\Windows Live
2008-01-07 13:39 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-01-07 13:38 --------- d-----w C:\Program Files\MSXML 4.0
2008-01-06 17:59 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-01-06 17:59 --------- d--h--r C:\Documents and Settings\Mi©K\Application Data\SecuROM
2008-01-06 17:42 --------- d-----w C:\Program Files\KONAMI
2008-01-06 17:38 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\DAEMON Tools
2008-01-06 16:57 --------- d-----w C:\Program Files\Fichiers communs\FotoWire
2008-01-06 16:57 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\FotoWire
2008-01-06 16:56 --------- d-----w C:\Program Files\Fichiers communs\Logitech
2008-01-06 16:55 81,920 ------r C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe
2008-01-06 16:46 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\Hewlett-Packard
2008-01-06 16:43 82,380 ----a-w C:\WINDOWS\system32\drivers\AFS2K.SYS
2008-01-06 16:43 --------- d-----w C:\Program Files\Hewlett-Packard
2008-01-06 16:41 --------- d-----w C:\Program Files\Fichiers communs\Hewlett-Packard
2008-01-06 16:36 128 --sha-w C:\Program Files\desktop.ini
2008-01-06 16:36 --------- d-----w C:\Program Files\CaptEcran
2008-01-06 16:32 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\BSplayer Pro
2008-01-06 16:30 --------- d-----w C:\Program Files\Sony
2008-01-06 16:29 --------- d-----r C:\Program Files\OVAO
2008-01-06 15:42 --------- d-----w C:\Program Files\MessengerPlus! 3
2008-01-06 15:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\NVIDIA
2008-01-06 15:26 --------- d-----w C:\Program Files\Minilyrics
2008-01-06 15:11 --------- d-----r C:\Program Files\Winamp
2008-01-06 15:05 --------- d-----w C:\Program Files\ma-config.com
2008-01-06 14:52 --------- d-----w C:\Program Files\AdVantage
2008-01-06 14:47 --------- d-----w C:\Program Files\DAEMON Tools Lite
2008-01-06 14:43 715,248 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-01-06 14:42 128 --sha-w C:\Program Files\Fichiers communs\desktop.ini
2008-01-06 14:42 --------- d-----r C:\Program Files\Winamp Remote
2008-01-06 14:42 --------- d-----r C:\Program Files\Webteh
2008-01-06 14:42 --------- d-----r C:\Program Files\Wanadoo
2008-01-06 14:42 --------- d-----r C:\Program Files\VideoLAN
2008-01-06 14:42 --------- d-----r C:\Program Files\Stardock
2008-01-06 14:42 --------- d-----r C:\Program Files\Services en ligne
2008-01-06 14:42 --------- d-----r C:\Program Files\Securitoo
2008-01-06 14:42 --------- d-----r C:\Program Files\SAGEM
2008-01-06 14:42 --------- d-----r C:\Program Files\Realtek
2008-01-06 14:42 --------- d-----r C:\Program Files\My Company Name
2008-01-06 14:42 --------- d-----r C:\Program Files\microsoft frontpage
2008-01-06 14:42 --------- d-----r C:\Program Files\Messenger Plus! Live
2008-01-06 14:42 --------- d-----r C:\Program Files\GameFace Messenger
2008-01-06 14:42 --------- d-----r C:\Program Files\CCleaner
2008-01-06 14:42 --------- d-----r C:\Program Files\Attansic
2008-01-06 14:42 --------- d-----r C:\Program Files\ASUS
2008-01-06 14:39 81,920 ------r C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe
2008-01-06 14:26 --------- d-----w C:\Program Files\Fichiers communs\Stardock
2008-01-06 14:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\OrbNetworks
2008-01-06 13:58 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\Thunderbird
2008-01-06 13:43 737,280 ----a-w C:\WINDOWS\iun6002.exe
2008-01-06 13:34 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-01-06 12:28 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-01-06 12:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-01-06 11:53 64,419 ----a-w C:\WINDOWS\BricoPackUninst.cmd
2008-01-06 11:53 6,114 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd
2008-01-06 11:53 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll
2008-01-06 11:46 --------- d-----w C:\Program Files\Fichiers communs\SpeechEngines
2008-01-06 11:46 --------- d-----w C:\Program Files\Fichiers communs\ODBC
2008-01-06 11:40 --------- d-----w C:\Program Files\Fichiers communs\MSSoap
2007-12-14 10:32 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
2007-12-05 01:53 356,352 ----a-w C:\WINDOWS\system32\NVUNINST.EXE
2007-12-05 00:41 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll
2007-12-05 00:41 81,920 ----a-w C:\WINDOWS\system32\nvmctray.dll
2007-12-05 00:41 8,523,776 ----a-w C:\WINDOWS\system32\nvcpl.dll
2007-12-05 00:41 753,664 ----a-w C:\WINDOWS\system32\nvcplui.exe
2007-12-05 00:41 6,901,760 ----a-w C:\WINDOWS\system32\nvoglnt.dll
2007-12-05 00:41 6,549,504 ----a-w C:\WINDOWS\system32\nvdisps.dll
2007-12-05 00:41 5,773,568 ----a-w C:\WINDOWS\system32\nv4_disp.dll
2007-12-05 00:41 5,611,520 ----a-w C:\WINDOWS\system32\nvdispsr.dll
2007-12-05 00:41 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll
2007-12-05 00:41 458,752 ----a-w C:\WINDOWS\system32\nvmccssr.dll
2007-12-05 00:41 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe" [2007-05-17 12:11 5729136]
"LClock"="C:\Program Files\LClock\lclock.exe" [2004-09-19 19:27 65536]
"tr_winamp"="C:\Program Files\Winamp\winamp.exe" [2007-12-20 16:17 1327616]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00 15360]
"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2008-01-30 13:11 3497984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2002-11-23 02:15 631362]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2008-01-06 16:42 190024]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"avp6_post_install"="msiexec.exe" [2005-05-04 14:45 78848 C:\WINDOWS\system32\msiexec.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 13:00 15360]

C:\Documents and Settings\Mi¸K\Menu D‚marrer\Programmes\D‚marrage\
Stardock ObjectDock.lnk - C:\Program Files\Stardock\ObjectDock\ObjectDock.exe [2008-01-06 15:26:09 Mick 3450608]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"<NO NAME>"= 1

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
"NTSpool"= NTSpool.exe
"Windows Printing Driver"= WinSpooler.exe
"WinUpdating"= WinUpdating.exe

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{23D44BCF-AA7A-41D6-8905-E808F16322EF}"= C:\WINDOWS\system32\nnnnmmj.dll [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\nnnnmmj]
nnnnmmj.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\scredir32]
scredir32.dll 2004-10-23 06:36 8704 C:\WINDOWS\system32\scredir32.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Acrobat.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Acrobat.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Acrobat.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Mi©K^Menu Démarrer^Programmes^Démarrage^RocketDock.lnk]
path=C:\Documents and Settings\Mi©K\Menu Démarrer\Programmes\Démarrage\RocketDock.lnk
backup=C:\WINDOWS\pss\RocketDock.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Mi©K^Menu Démarrer^Programmes^Démarrage^TransBar.lnk]
path=C:\Documents and Settings\Mi©K\Menu Démarrer\Programmes\Démarrage\TransBar.lnk
backup=C:\WINDOWS\pss\TransBar.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Mi©K^Menu Démarrer^Programmes^Démarrage^UberIcon.lnk]
path=C:\Documents and Settings\Mi©K\Menu Démarrer\Programmes\Démarrage\UberIcon.lnk
backup=C:\WINDOWS\pss\UberIcon.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Mi©K^Menu Démarrer^Programmes^Démarrage^Y'z Shadow.lnk]
path=C:\Documents and Settings\Mi©K\Menu Démarrer\Programmes\Démarrage\Y'z Shadow.lnk
backup=C:\WINDOWS\pss\Y'z Shadow.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
--a------ 2004-12-14 02:12 483328 C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdVantage]
--a------ 2007-06-28 15:19 880080 C:\Program Files\AdVantage\AdVantage.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
-ra------ 2005-05-03 04:43 69632 C:\WINDOWS\ALCMTR.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS SmartDoctor]
--a------ 2006-08-18 18:58 1081344 C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2006-03-02 13:00 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2007-12-15 11:02 482760 C:\Program Files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameFace Messenger]
--a------ 2006-08-02 16:06 2048000 C:\Program Files\GameFace Messenger\GameFace.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
--a------ 2008-01-06 17:55 20480 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
--------- 2002-11-08 10:50 19968 C:\WINDOWS\LOGI_MWX.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2007-12-05 01:41 8523776 C:\WINDOWS\system32\NvCpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2007-12-05 01:41 81920 C:\WINDOWS\system32\NvMcTray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NWEReboot]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
--a------ 2007-12-18 02:02 471040 C:\Program Files\Winamp Remote\bin\OrbTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
-ra------ 2006-08-01 05:10 16049664 C:\WINDOWS\RTHDCPL.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
-ra------ 2006-05-16 04:04 2879488 C:\WINDOWS\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2008-01-10 20:26 1266936 c:\program files\steam\steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VadeRetro Outlook]
--a------ 2007-08-31 16:13 44544 C:\PROGRA~1\GOTOSO~1\VADERE~1\VrMoRegister.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VadeRetro Outlook Express & Windows Mail]
--a------ 2007-10-09 13:28 296448 C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_Oe.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMAAD]
--a------ 2007-02-16 18:41 110592 C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
--a------ 2004-08-23 14:50 122880 C:\PROGRA~1\Wanadoo\Shell.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
--------- 2004-10-14 16:55 32768 C:\PROGRA~1\Wanadoo\GestMaj.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
--------- 2004-08-23 14:49 20480 C:\PROGRA~1\Wanadoo\Watch.exe

R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2006-07-27 22:28]
R3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D32.sys [2005-09-27 10:02]
S1 asusgsb;ASUS Virtual Video Capture Device Driver;C:\WINDOWS\system32\drivers\asusgsb32.sys [2005-10-20 16:25]
S3 ICScsiSV;Image Converter SCSI Service;C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe [2007-01-26 11:39]
S3 IcVzMonLauncher;IcVzMonLauncher;"C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe" [2007-01-26 11:38]
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe [2007-01-26 11:38]
S3 PhilCam8116_XP;Logitech QuickCam Pro 3000(PID_08B1);C:\WINDOWS\system32\DRIVERS\CamDrL20.sys [2004-05-21 20:16]

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-01-31 20:51:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-02-06 16:46:02 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1199637940.job"
- C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe4-I
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-13 15:38:25
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------

PROCESS: C:\WINDOWS\explorer.exe [6.00.2900.3156]
-> C:\Program Files\Stardock\ObjectDock\DockShellHook.dll
.
Temps d'accomplissement: 2008-02-13 15:38:49
ComboFix-quarantined-files.txt 2008-02-13 14:38:41
.
2008-01-26 20:06:56 --- E O F ---

Je dois faire quelque chose d'autre ?
Et la mon PC est sans antivirus donc je sais pas quoi faire
Merci d'avance

Re,

[#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :



Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
[#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]

Re,
Voici le log combofix :

ComboFix 08-02-13.2 - Mi©K 2008-02-13 17:46:35.4 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.525 [GMT 1:00]
Endroit: C:\Documents and Settings\Mi©K\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Mi©K\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

FILE
C:\WINDOWS\system32\nnnnmmj.dll
C:\WINDOWS\system32\NTSpool.exe
C:\WINDOWS\system32\scredir32.dll
C:\WINDOWS\system32\WinSpooler.exe
C:\WINDOWS\system32\WinUpdating.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\jkklk.dll
C:\WINDOWS\system32\qomjhii.dll
C:\WINDOWS\system32\snubejmr.dll
C:\Documents and Settings\All Users\Application Data\storageprotector
C:\Documents and Settings\All Users\Application Data\storageprotector\Data\em
C:\Documents and Settings\All Users\Application Data\storageprotector\Data\oid
C:\Documents and Settings\All Users\Application Data\storageprotector\Data\user
C:\Program Files\Fichiers communs\StorageProtector
C:\Program Files\Fichiers communs\StorageProtector\strpmon.exe
C:\WINDOWS\system32\abkveocv.dll
C:\WINDOWS\system32\aeximwds.dll
C:\WINDOWS\system32\fccbxut.dll
C:\WINDOWS\system32\fkgfxqun.dll
C:\WINDOWS\system32\hufyclnw.dll
C:\WINDOWS\system32\jkklk.dll
C:\WINDOWS\system32\klkkj.ini
C:\WINDOWS\system32\klkkj.ini2
C:\WINDOWS\system32\lltdbwum.ini
C:\WINDOWS\system32\lmpjxetp.dll
C:\WINDOWS\system32\lmpjxetp.dllbox
C:\WINDOWS\system32\nnnkjif.dll
C:\WINDOWS\system32\nofycedn.dll
C:\WINDOWS\system32\NTSpool.exe
C:\WINDOWS\system32\qomjhii.dll
C:\WINDOWS\system32\rqroool(2).dll
C:\WINDOWS\system32\scredir32.dll
C:\WINDOWS\system32\sdwmixea.ini
C:\WINDOWS\system32\snubejmr.dll
C:\WINDOWS\system32\snubejmr.dllbox
C:\WINDOWS\system32\tuvsrqq.dll
C:\WINDOWS\system32\WinSpooler.exe
C:\WINDOWS\system32\WinUpdating.exe

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-01-13 to 2008-02-13 ))))))))))))))))))))))))))))))))))))
.

2008-02-13 17:41 . 2008-02-13 17:41 <REP> dr------- C:\Documents and Settings\All Users\Application Data\SalesMon
2008-02-13 17:20 . 2008-02-13 17:20 <REP> d-------- C:\Lyrics
2008-02-13 16:34 . 2007-09-06 12:02 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-02-13 16:34 . 2007-09-06 12:00 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-02-13 16:34 . 2007-09-06 12:03 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-02-13 16:33 . 2007-09-06 12:05 94,416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-02-13 16:06 . 2008-02-13 16:06 <REP> d-------- C:\Program Files\Kaspersky Lab
2008-02-13 16:06 . 2008-02-13 16:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-02-13 16:06 . 2008-02-13 16:27 59,424 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-02-13 16:06 . 2008-02-13 16:27 4,384 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-02-13 16:06 . 2008-02-13 16:27 3,860 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-02-13 16:06 . 2008-02-13 16:27 1,484 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
2008-02-13 15:29 . 2008-02-13 15:29 <REP> d-------- C:\VundoFix Backups
2008-02-13 14:35 . 2008-02-13 14:35 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-02-13 14:01 . 2006-03-02 13:00 428,032 --a------ C:\kmd.exe
2008-02-10 14:10 . 2008-02-10 14:10 <REP> d-------- C:\Program Files\id Software
2008-02-10 11:38 . 2008-02-10 11:38 <REP> d--hs---- C:\WINDOWS\ftpcache
2008-02-10 11:09 . 2008-02-10 11:09 319 --a------ C:\WINDOWS\game.ini
2008-02-10 11:05 . 2008-02-10 11:05 <REP> d-------- C:\Program Files\Activision
2008-02-10 10:37 . 2007-08-14 23:16 1,335,296 --a------ C:\WINDOWS\system32\msxml6.dll
2008-02-10 10:37 . 2007-08-14 23:16 2,048 --a------ C:\WINDOWS\system32\msxml6r.dll
2008-02-10 10:36 . 2008-02-10 10:36 <REP> d-------- C:\Program Files\Goto Software
2008-02-10 10:36 . 2008-02-10 10:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\VadeRetro
2008-02-10 10:36 . 1999-02-22 16:46 148,992 --a------ C:\WINDOWS\UNWISE.EXE
2008-02-10 10:36 . 1998-12-23 08:19 5,891 --a------ C:\WINDOWS\UNWISE.INI
2008-02-04 20:22 . 2008-02-04 20:22 <REP> d-------- C:\WINDOWS\Mozilla
2008-02-03 17:49 . 2008-02-13 17:37 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-02-03 17:49 . 2008-02-10 13:48 37,888 --a------ C:\WINDOWS\system32\rar.exe
2008-02-03 14:35 . 2008-02-03 14:35 <REP> d-------- C:\Fichier texte
2008-02-03 13:37 . 2007-09-06 12:09 801,144 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-02-03 13:37 . 2004-01-09 11:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-02-03 13:37 . 2007-09-06 12:00 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-02-03 13:37 . 2007-09-06 12:05 92,848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-02-03 12:01 . 2008-02-03 12:03 <REP> d-------- C:\Program Files\Serious Sam 2
2008-02-02 15:11 . 2008-02-02 15:11 <REP> d-------- C:\Program Files\Lavasoft
2008-02-02 15:11 . 2008-02-02 15:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-02-02 15:09 . 2008-02-02 15:10 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-01-30 17:20 . 2008-01-30 17:20 <REP> d-------- C:\Program Files\K-Lite Codec Pack
2008-01-30 17:20 . 2007-11-29 23:30 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-01-30 17:20 . 2007-12-04 02:33 682,496 --a------ C:\WINDOWS\system32\divx.dll
2008-01-30 17:20 . 2006-09-24 16:11 389,120 --a------ C:\WINDOWS\system32\lameACM.acm
2008-01-30 17:20 . 2004-01-25 17:18 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2008-01-30 17:20 . 2007-09-04 17:56 164,352 --a------ C:\WINDOWS\system32\unrar.dll
2008-01-30 17:20 . 2007-09-21 01:52 118,784 --a------ C:\WINDOWS\system32\ac3acm.acm
2008-01-30 17:20 . 2007-11-29 23:28 81,920 --a------ C:\WINDOWS\system32\dpl100.dll
2008-01-30 17:20 . 2007-12-24 13:49 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-01-30 17:20 . 2007-07-10 17:10 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest
2008-01-30 17:20 . 2007-10-03 16:03 414 --a------ C:\WINDOWS\system32\lame_acm.xml
2008-01-26 19:45 . 2008-01-26 19:46 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\Winamp
2008-01-26 19:45 . 2008-01-26 19:45 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\MiniLyrics
2008-01-25 18:08 . 2008-01-25 18:08 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-01-25 18:07 . 2008-01-25 18:07 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-01-25 18:07 . 2008-01-25 18:07 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-01-25 16:57 . 2008-02-13 17:15 <REP> d-------- C:\Documents and Settings\Alexis\Contacts
2008-01-24 21:17 . 2008-01-24 21:19 <REP> d-------- C:\Program Files\TVAnts
2008-01-23 17:10 . 2008-01-06 12:45 <REP> d--h----- C:\Documents and Settings\Alexis\Voisinage r‚seau
2008-01-23 17:10 . 2008-01-06 12:45 <REP> d--h----- C:\Documents and Settings\Alexis\Voisinage d'impression
2008-01-23 17:10 . 2008-01-06 12:37 <REP> d--h----- C:\Documents and Settings\Alexis\ModŠles
2008-01-23 17:10 . 2008-02-13 17:47 <REP> d---s---- C:\Documents and Settings\Alexis\Mes documents
2008-01-23 17:10 . 2008-01-06 12:45 <REP> dr------- C:\Documents and Settings\Alexis\Menu D‚marrer
2008-01-23 17:10 . 2008-01-23 17:10 <REP> d---s---- C:\Documents and Settings\Alexis\Favoris
2008-01-23 17:10 . 2008-02-13 17:21 <REP> d-------- C:\Documents and Settings\Alexis\Bureau
2008-01-22 20:23 . 2008-01-22 20:23 <REP> d-------- C:\Program Files\Everest Ultimate Edition 2007
2008-01-22 20:22 . 2008-01-22 20:22 <REP> d-------- C:\Program Files\Lavalys
2008-01-20 18:34 . 2008-01-20 18:36 <REP> d-------- C:\WINDOWS\NV3348528.TMP
2008-01-20 18:34 . 2007-12-17 13:53 159,458 --a------ C:\WINDOWS\system32\nvapps.nvb
2008-01-20 18:33 . 2008-01-21 20:00 <REP> dr------- C:\NVIDIA
2008-01-20 18:26 . 2008-01-20 18:28 <REP> d-------- C:\Program Files\PhotoFiltre
2008-01-20 18:25 . 2004-10-08 11:59 326,656 --a------ C:\WINDOWS\system32\drivers\Camdrl.sys
2008-01-20 18:10 . 2008-01-20 18:10 <REP> d-------- C:\WINDOWS\system32\Lang
2008-01-20 18:10 . 2008-01-20 18:10 940,794 --a------ C:\WINDOWS\system32\LoopyMusic.wav
2008-01-20 18:10 . 2008-01-20 18:10 146,650 --a------ C:\WINDOWS\system32\BuzzingBee.wav
2008-01-16 19:52 . 2008-02-13 14:50 <REP> d-------- C:\WINDOWS\Downloaded Installations
2008-01-16 19:52 . 2008-01-16 19:52 <REP> d-------- C:\Program Files\Veoh Networks
2008-01-16 15:02 . 2008-01-16 15:02 <REP> d-------- C:\Program Files\BitTorrent_DNA
2008-01-16 15:02 . 2008-01-16 15:03 <REP> d-------- C:\Program Files\BitTorrent
2008-01-16 14:57 . 2008-01-16 14:57 <REP> d-------- C:\Program Files\DivX
2008-01-15 19:03 . 2008-02-03 20:36 <REP> d-------- C:\Program Files\Lyrics
2008-01-15 18:59 . 2008-01-29 18:01 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-15 18:59 . 2008-01-15 18:59 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-15 18:57 . 2008-01-15 18:58 <REP> d-------- C:\Program Files\QuickTime
2008-01-15 18:57 . 2008-01-15 18:57 <REP> d-------- C:\Program Files\Apple Software Update
2008-01-15 18:57 . 2008-01-15 18:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-01-15 18:57 . 2008-01-15 18:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-01-13 18:24 . 2008-01-13 18:24 <REP> d-------- C:\Documents and Settings\All Users\SonicStage
2008-01-13 18:04 . 2008-01-13 18:04 <REP> d-------- C:\Program Files\Common Files
2008-01-13 18:03 . 2001-09-13 02:15 90,112 --------- C:\WINDOWS\snymsico.dll
2008-01-13 18:03 . 2002-08-08 15:51 38,951 --------- C:\WINDOWS\system32\drivers\NETMDUSB.sys
2008-01-13 18:03 . 2005-10-31 10:46 36,679 --------- C:\WINDOWS\system32\drivers\NETMD052.sys
2008-01-13 18:03 . 2003-11-10 12:31 36,232 --------- C:\WINDOWS\system32\drivers\NETMD033.sys
2008-01-13 18:03 . 2003-04-01 18:55 35,319 --------- C:\WINDOWS\system32\drivers\NETMD031.sys
2008-01-13 18:02 . 2007-01-13 08:24 770,048 --a------ C:\WINDOWS\system32\CDDBUISony.dll
2008-01-13 18:02 . 2007-01-13 08:22 655,360 --a------ C:\WINDOWS\system32\CDDBControlSony.dll
2008-01-13 18:02 . 2007-01-13 08:22 589,824 --a------ C:\WINDOWS\system32\CddbMusicIDSony.dll
2008-01-13 18:02 . 2007-01-13 08:25 532,480 --a------ C:\WINDOWS\system32\CddbPlaylist2Sony.dll
2008-01-13 18:02 . 2007-01-13 08:27 98,304 --a------ C:\WINDOWS\system32\CddbLangFRSony.dll
2008-01-13 18:02 . 2007-01-13 08:24 73,728 --a------ C:\WINDOWS\system32\CddbLinkSony.dll
2008-01-13 18:01 . 2008-01-13 18:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sony Corporation
2008-01-13 18:00 . 2008-01-13 18:06 <REP> d-------- C:\Program Files\Fichiers communs\Sony Shared
2008-01-13 17:56 . 2005-08-13 05:06 22,486 -ra------ C:\WINDOWS\system32\UnInstall_Driver.ico

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-13 15:33 --------- d-----r C:\Program Files\Alwil Software
2008-02-13 14:33 9,383 ----a-w C:\Program Files\hijackthis.log
2008-02-10 10:09 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-03 17:14 --------- d-----w C:\Program Files\Steam
2008-02-02 20:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-01-22 08:55 --------- d-----r C:\Program Files\Mozilla Thunderbird
2008-01-21 18:58 --------- d-----r C:\Program Files\Intel
2008-01-20 17:24 --------- d-----r C:\Program Files\Logitech
2008-01-13 17:19 --------- d-----r C:\Program Files\Yahoo!
2008-01-10 19:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-01-10 19:38 --------- d-----w C:\Program Files\StuffPlug3
2008-01-10 17:46 --------- d-----w C:\Program Files\Microsoft Works
2008-01-10 17:45 --------- d-----w C:\Program Files\MSBuild
2008-01-09 16:22 --------- d-----w C:\Program Files\LClock
2008-01-09 14:08 --------- d-----w C:\Program Files\Fichiers communs\Adobe Systems Shared
2008-01-09 14:08 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-01-09 14:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe Systems
2008-01-08 19:24 --------- d-----w C:\Program Files\Nero
2008-01-08 19:24 --------- d-----w C:\Program Files\Fichiers communs\Ahead
2008-01-07 18:35 --------- d-----w C:\Program Files\Dofus
2008-01-07 17:48 --------- d-----r C:\Program Files\Windows Live
2008-01-07 13:39 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-01-07 13:38 --------- d-----w C:\Program Files\MSXML 4.0
2008-01-06 17:42 --------- d-----w C:\Program Files\KONAMI
2008-01-06 16:57 --------- d-----w C:\Program Files\Fichiers communs\FotoWire
2008-01-06 16:56 --------- d-----w C:\Program Files\Fichiers communs\Logitech
2008-01-06 16:55 81,920 ------r C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe
2008-01-06 16:43 82,380 ----a-w C:\WINDOWS\system32\drivers\AFS2K.SYS
2008-01-06 16:43 --------- d-----w C:\Program Files\Hewlett-Packard
2008-01-06 16:41 --------- d-----w C:\Program Files\Fichiers communs\Hewlett-Packard
2008-01-06 16:36 128 --sha-w C:\Program Files\desktop.ini
2008-01-06 16:36 --------- d-----w C:\Program Files\CaptEcran
2008-01-06 16:30 --------- d-----w C:\Program Files\Sony
2008-01-06 16:29 --------- d-----r C:\Program Files\OVAO
2008-01-06 15:42 --------- d-----w C:\Program Files\MessengerPlus! 3
2008-01-06 15:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\NVIDIA
2008-01-06 15:26 --------- d-----w C:\Program Files\Minilyrics
2008-01-06 15:11 --------- d-----r C:\Program Files\Winamp
2008-01-06 15:05 --------- d-----w C:\Program Files\ma-config.com
2008-01-06 14:52 --------- d-----w C:\Program Files\AdVantage
2008-01-06 14:47 --------- d-----w C:\Program Files\DAEMON Tools Lite
2008-01-06 14:43 715,248 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
2008-01-06 14:42 128 --sha-w C:\Program Files\Fichiers communs\desktop.ini
2008-01-06 14:42 --------- d-----r C:\Program Files\Winamp Remote
2008-01-06 14:42 --------- d-----r C:\Program Files\Webteh
2008-01-06 14:42 --------- d-----r C:\Program Files\Wanadoo
2008-01-06 14:42 --------- d-----r C:\Program Files\VideoLAN
2008-01-06 14:42 --------- d-----r C:\Program Files\Stardock
2008-01-06 14:42 --------- d-----r C:\Program Files\Services en ligne
2008-01-06 14:42 --------- d-----r C:\Program Files\Securitoo
2008-01-06 14:42 --------- d-----r C:\Program Files\SAGEM
2008-01-06 14:42 --------- d-----r C:\Program Files\Realtek
2008-01-06 14:42 --------- d-----r C:\Program Files\My Company Name
2008-01-06 14:42 --------- d-----r C:\Program Files\microsoft frontpage
2008-01-06 14:42 --------- d-----r C:\Program Files\Messenger Plus! Live
2008-01-06 14:42 --------- d-----r C:\Program Files\GameFace Messenger
2008-01-06 14:42 --------- d-----r C:\Program Files\CCleaner
2008-01-06 14:42 --------- d-----r C:\Program Files\Attansic
2008-01-06 14:42 --------- d-----r C:\Program Files\ASUS
2008-01-06 14:39 81,920 ------r C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe
2008-01-06 14:26 --------- d-----w C:\Program Files\Fichiers communs\Stardock
2008-01-06 14:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\OrbNetworks
2008-01-06 13:43 737,280 ----a-w C:\WINDOWS\iun6002.exe
2008-01-06 13:34 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-01-06 12:28 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-01-06 12:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-01-06 11:53 64,419 ----a-w C:\WINDOWS\BricoPackUninst.cmd
2008-01-06 11:53 6,114 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd
2008-01-06 11:46 --------- d-----w C:\Program Files\Fichiers communs\SpeechEngines
2008-01-06 11:46 --------- d-----w C:\Program Files\Fichiers communs\ODBC
2008-01-06 11:40 --------- d-----w C:\Program Files\Fichiers communs\MSSoap
2007-12-17 23:43 23,396 ----a-w C:\WINDOWS\system32\drivers\klopp.dat
2007-09-09 13:16 942,080 ----a-w C:\Program Files\Scanner.exe
2007-06-07 08:14 165,888 ----a-w C:\Program Files\ToYcon.exe
2004-03-11 15:32 439,296 ----a-w C:\Program Files\JADgen.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe" [2007-05-17 12:11 5729136]
"LClock"="C:\Program Files\LClock\lclock.exe" [2004-09-19 19:27 65536]
"tr_winamp"="C:\Program Files\Winamp\winamp.exe" [2007-12-20 16:17 1327616]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00 15360]
"Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2008-01-30 13:11 3497984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2002-11-23 02:15 631362]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2008-01-06 16:42 190024]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06 79224]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 13:00 15360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"<NO NAME>"= 1

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\nnnnmmj]
nnnnmmj.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Acrobat.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Acrobat.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Acrobat.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^Mi©K^Menu Démarrer^Programmes^Démarrage^RocketDock.lnk]
path=C:\Documents and Settings\Mi©K\Menu Démarrer\Programmes\Démarrage\RocketDock.lnk
backup=C:\WINDOWS\pss\RocketDock.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Mi©K^Menu Démarrer^Programmes^Démarrage^TransBar.lnk]
path=C:\Documents and Settings\Mi©K\Menu Démarrer\Programmes\Démarrage\TransBar.lnk
backup=C:\WINDOWS\pss\TransBar.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Mi©K^Menu Démarrer^Programmes^Démarrage^UberIcon.lnk]
path=C:\Documents and Settings\Mi©K\Menu Démarrer\Programmes\Démarrage\UberIcon.lnk
backup=C:\WINDOWS\pss\UberIcon.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^Mi©K^Menu Démarrer^Programmes^Démarrage^Y'z Shadow.lnk]
path=C:\Documents and Settings\Mi©K\Menu Démarrer\Programmes\Démarrage\Y'z Shadow.lnk
backup=C:\WINDOWS\pss\Y'z Shadow.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
--a------ 2004-12-14 02:12 483328 C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdVantage]
--a------ 2007-06-28 15:19 880080 C:\Program Files\AdVantage\AdVantage.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
-ra------ 2005-05-03 04:43 69632 C:\WINDOWS\ALCMTR.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS SmartDoctor]
--a------ 2006-08-18 18:58 1081344 C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2006-03-02 13:00 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
--a------ 2007-12-15 11:02 482760 C:\Program Files\DAEMON Tools Lite\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameFace Messenger]
--a------ 2006-08-02 16:06 2048000 C:\Program Files\GameFace Messenger\GameFace.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
--a------ 2008-01-06 17:55 20480 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
--------- 2002-11-08 10:50 19968 C:\WINDOWS\LOGI_MWX.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2007-12-05 01:41 8523776 C:\WINDOWS\system32\NvCpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
--a------ 2007-12-05 01:41 81920 C:\WINDOWS\system32\NvMcTray.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NWEReboot]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
--a------ 2007-12-18 02:02 471040 C:\Program Files\Winamp Remote\bin\OrbTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
-ra------ 2006-08-01 05:10 16049664 C:\WINDOWS\RTHDCPL.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
-ra------ 2006-05-16 04:04 2879488 C:\WINDOWS\SkyTel.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
--a------ 2008-01-10 20:26 1266936 c:\program files\steam\steam.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VadeRetro Outlook]
--a------ 2007-08-31 16:13 44544 C:\PROGRA~1\GOTOSO~1\VADERE~1\VrMoRegister.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VadeRetro Outlook Express & Windows Mail]
--a------ 2007-10-09 13:28 296448 C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_Oe.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMAAD]
--a------ 2007-02-16 18:41 110592 C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
--a------ 2004-08-23 14:50 122880 C:\PROGRA~1\Wanadoo\Shell.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
--------- 2004-10-14 16:55 32768 C:\PROGRA~1\Wanadoo\GestMaj.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
--------- 2004-08-23 14:49 20480 C:\PROGRA~1\Wanadoo\Watch.exe

R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2006-07-27 22:28]
R3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D32.sys [2005-09-27 10:02]
S1 asusgsb;ASUS Virtual Video Capture Device Driver;C:\WINDOWS\system32\drivers\asusgsb32.sys [2005-10-20 16:25]
S3 ICScsiSV;Image Converter SCSI Service;C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe [2007-01-26 11:39]
S3 IcVzMonLauncher;IcVzMonLauncher;"C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe" [2007-01-26 11:38]
S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe [2007-01-26 11:38]
S3 PhilCam8116_XP;Logitech QuickCam Pro 3000(PID_08B1);C:\WINDOWS\system32\DRIVERS\CamDrL20.sys [2004-05-21 20:16]

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-01-31 20:51:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-02-06 16:46:02 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1199637940.job"
- C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe4-I
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-13 17:53:09
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
--------------------- DLLs a charg‚ sous des processus courants ---------------------

PROCESS: C:\WINDOWS\explorer.exe [6.00.2900.3156]
-> C:\Program Files\Stardock\ObjectDock\DockShellHook.dll
-> C:\Program Files\LClock\LC.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\WINDOWS\system32\dwwin.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-02-13 17:55:29 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-13 16:55:27
ComboFix2.txt 2008-02-13 14:38:49
.
2008-01-26 20:06:56 --- E O F ---

Log Hijackthis :

Logfile of HijackThis v1.99.1
Scan saved at 18:09, on 2008-02-13
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\LClock\lclock.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\WINDOWS\explorer.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Scanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\lclock.exe
O4 - HKCU\..\Run: [tr_winamp] C:\Program Files\Winamp\winamp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Transfert par Image Converter 3 - C:\PROGRAM FILES\SONY\IMAGE CONVERTER 3\menu.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: nnnnmmj - nnnnmmj.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

Merci  

Reposte un rapport Hijackthis.

Dans le post d'avant, il y a les deux rapport que vous m'aviez demandé !

C'est mieux déjà ?

Désinstalle correctement Avast! pour le remplacer par AntiVir.
Pourquoi changer ? Avast! vs AntiVir

Fais un scan complet puis poste le rapport en fin d'analyse.
AIDE : Tutorial sur l'antivirus AntiVir Personal Edition Classic

Un grand merci
Mais J'ai avast pro , n'est il pas mieux que AntiVir ?
Je mettrai le rapport demain de l'antivirus.

Tu as acheté la version pro ?

Non je ne l'ai pas acheté personnellement, c'est un collègue qui me la passé mais est-elle plus efficace que antivir qui lui est gratuit ?

Test AntiVir et tu verras.