Message d 'erreur " C:\WINDOWS\eksplorasi.exe

Un bonjour ?

Télécharge puis installe Hijackthis (Trend Micro).
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

bonjour ^^,merci pour cette aide et cette reponse
voici le fameux rapport:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:36:36, on 17/02/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Microsoft Works\WksSb.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\hp center\137903\Program\BackWeb-137903.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\SoftwareDistribution\Download\d3e2cd1aa350dfdef90c91dfc8e90f2d\update\update.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr3.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://srch-fr3.hpwis.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://srch-fr3.hpwis.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr3.hpwis.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe "C:\WINDOWS\eksplorasi.exe"
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb125\SearchSettings.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Nouveau dossier
O4 - Startup: Y'z Toolbar.lnk = ?
O4 - Global Startup: hp center.lnk = C:\Program Files\hp center\137903\Program\BackWeb-137903.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - Unknown owner - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Principal AntiVirus (RspAVService) - Unknown owner - C:\WINDOWS\system32\rspavsvc.exe (file missing)
O23 - Service: RTT CRC Service (RTT_CRC_Service) - Unknown owner - C:\Program Files\R-TT\R-Firewall\Service\RTT_CRC_Service.exe

--
End of file - 8579 bytes


j'espere qu'un pro comme toi poura m'aider!!!!

alors personne ne peut m'aider?:s

Re,

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.

Double clique sur combofix.exe afin de le lancer.

Tape sur la touche 1 (Yes) pour démarrer le scan.

Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

merci pour combofix!
voila son raport:
ComboFix 08-02-17.2 - Propriétaire 2008-02-18 14:27:54.1 - NTFSx86
Endroit: C:\Documents and Settings\Propriétaire\Bureau\ComboFix.exe

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

((((((((((((((((((((((((((((( Fichiers créés 2008-01-18 to 2008-02-18 ))))))))))))))))))))))))))))))))))))
.

2008-02-18 14:22 . 2008-02-18 14:22 6,736 --a------ C:\WINDOWS\SYSTEM32\drivers\PROCEXP90.SYS
2008-02-18 00:13 . 2008-02-18 00:13 <REP> d-------- C:\WINDOWS\Sun
2008-02-17 22:28 . 2008-02-17 22:28 <REP> d-------- C:\Program Files\Lavalys
2008-02-17 22:03 . 2008-02-17 22:16 <REP> d-------- C:\Program Files\Jetico
2008-02-17 21:40 . 2008-02-17 21:40 1,158 --a------ C:\WINDOWS\mozver.dat
2008-02-17 21:02 . 2008-02-17 21:10 <REP> d-------- C:\Program Files\Navilog1
2008-02-17 20:17 . 2008-02-17 20:17 0 --a------ C:\WINDOWS\nsreg.dat
2008-02-17 17:55 . 2008-02-17 17:55 <REP> d-------- C:\Program Files\Avira
2008-02-17 17:55 . 2008-02-17 17:55 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-02-17 17:07 . 2008-02-17 17:07 <REP> d-------- C:\Program Files\Trend Micro
2008-02-17 14:04 . 2008-02-17 14:04 170 --a------ C:\WINDOWS\SYSTEM32\spupdsvc.inf
2008-02-16 01:47 . 2008-02-16 01:47 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\vlc
2008-02-16 01:42 . 2008-02-16 01:42 <REP> d-------- C:\Program Files\VideoLAN
2008-02-16 00:37 . 2008-02-16 00:37 <REP> d-------- C:\WINDOWS\SYSTEM32\bits
2008-02-15 23:48 . 2008-02-15 23:48 3,932,214 --a------ C:\WINDOWS\BricoPack Wallpaper.bmp
2008-02-15 23:42 . 2002-08-29 11:45 4,331,008 --a------ C:\WINDOWS\SYSTEM32\logonui.exe
2008-02-15 23:42 . 2002-08-29 11:45 2,150,912 --a------ C:\WINDOWS\SYSTEM32\zipfldr.dll
2008-02-15 23:40 . 2002-08-29 11:45 2,290,176 --a------ C:\WINDOWS\SYSTEM32\shimgvw.dll
2008-02-15 23:40 . 2002-08-29 11:45 894,976 --a------ C:\WINDOWS\SYSTEM32\sysdm.cpl
2008-02-15 23:40 . 2001-08-24 01:47 875,008 --a------ C:\WINDOWS\SYSTEM32\sysocmgr.exe
2008-02-15 23:40 . 2002-08-29 11:45 677,376 --a------ C:\WINDOWS\SYSTEM32\stobject.dll
2008-02-15 23:40 . 2001-08-24 01:47 601,088 --a------ C:\WINDOWS\SYSTEM32\sndvol32.exe
2008-02-15 23:40 . 2001-08-24 01:47 408,576 --a------ C:\WINDOWS\SYSTEM32\sndrec32.exe
2008-02-15 23:36 . 2002-08-29 11:45 2,686,976 --a------ C:\WINDOWS\explorer.exe
2008-02-15 23:36 . 2001-08-24 01:47 1,383,936 --a------ C:\WINDOWS\SYSTEM32\fontext.dll
2008-02-15 23:36 . 2002-08-29 11:45 1,123,328 --a------ C:\WINDOWS\SYSTEM32\appwiz.cpl
2008-02-15 23:36 . 2001-08-24 01:47 1,035,264 --a------ C:\WINDOWS\SYSTEM32\hdwwiz.cpl
2008-02-15 23:36 . 2001-08-24 01:47 548,864 --a------ C:\WINDOWS\SYSTEM32\cleanmgr.exe
2008-02-15 23:36 . 2001-08-24 01:47 537,088 --a------ C:\WINDOWS\SYSTEM32\cmd.exe
2008-02-15 23:36 . 2002-08-29 11:45 420,352 --a------ C:\WINDOWS\SYSTEM32\desk.cpl
2008-02-15 23:36 . 2002-08-29 11:44 331,776 --a------ C:\WINDOWS\SYSTEM32\credui.dll
2008-02-15 23:36 . 2001-08-24 01:47 266,240 --a------ C:\WINDOWS\SYSTEM32\calc.exe
2008-02-15 23:36 . 2001-08-24 01:47 218,112 --a------ C:\WINDOWS\SYSTEM32\console.dll
2008-02-15 23:36 . 2001-08-24 01:47 205,824 --a------ C:\WINDOWS\SYSTEM32\access.cpl
2008-02-15 23:10 . 2008-02-15 23:13 <REP> d-------- C:\WINDOWS\Packs
2008-02-15 22:43 . 2005-03-02 19:17 2,044,416 --a------ C:\WINDOWS\SYSTEM32\ntoskrnl.exe
2008-02-15 22:43 . 2005-03-02 19:17 1,959,424 --a------ C:\WINDOWS\SYSTEM32\ntkrnlpa.exe
2008-02-15 22:41 . 2004-07-09 03:27 974,848 --a------ C:\WINDOWS\SYSTEM32\dxdiag.exe
2008-02-15 22:40 . 2005-07-26 05:38 1,190,400 --a------ C:\WINDOWS\SYSTEM32\ole32.dll
2008-02-15 22:39 . 2006-08-25 16:54 561,664 --a------ C:\WINDOWS\SYSTEM32\comctl32.dll
2008-02-15 22:39 . 2001-08-24 01:47 446,976 --a------ C:\WINDOWS\SYSTEM32\certmgr.dll
2008-02-15 22:39 . 2001-08-24 01:47 359,936 --a------ C:\WINDOWS\SYSTEM32\cards.dll
2008-02-15 22:39 . 2002-08-29 11:44 333,824 --a------ C:\WINDOWS\SYSTEM32\cmdial32.dll
2008-02-15 22:39 . 2001-08-24 01:47 166,400 --a------ C:\WINDOWS\SYSTEM32\ciadmin.dll
2008-02-15 22:39 . 2001-08-24 01:44 72,192 --a------ C:\WINDOWS\SYSTEM32\acctres.dll
2008-02-15 22:39 . 2001-08-24 01:47 36,864 --a------ C:\WINDOWS\SYSTEM32\odbccp32.cpl
2008-02-15 22:39 . 2001-08-24 01:46 27,136 --a------ C:\WINDOWS\SYSTEM32\batmeter.dll
2008-02-15 22:39 . 2002-08-29 11:44 6,656 --a------ C:\WINDOWS\SYSTEM32\batt.dll
2008-02-15 22:19 . 2008-02-15 22:19 268 --ah----- C:\sqmdata04.sqm
2008-02-15 22:19 . 2008-02-15 22:19 244 --ah----- C:\sqmnoopt04.sqm
2008-02-15 21:17 . 2002-08-29 11:45 204,288 --a------ C:\WINDOWS\SYSTEM32\uxtheme.backup
2008-02-15 20:08 . 2008-02-15 20:08 <REP> d-------- C:\toto
2008-02-15 18:57 . 2008-02-15 18:57 <REP> d-------- C:\Program Files\Alwil Software
2008-02-15 17:48 . 2008-02-15 17:48 479 --a------ C:\WINDOWS\Raccourci vers VBS.lnk
2008-02-15 16:32 . 2008-02-15 16:32 <REP> d-------- C:\WINDOWS\SYSTEM32\LogFiles
2008-02-15 16:07 . 2008-02-15 16:49 <REP> d-------- C:\Program Files\Microsoft Bootvis
2008-02-15 12:21 . 2008-02-15 11:41 368,640 --a------ C:\WINDOWS\VOBSUB.DLL
2008-02-15 11:52 . 2008-02-15 11:52 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Uniblue
2008-02-14 21:43 . 2008-02-14 21:43 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Search Settings
2008-02-14 21:40 . 2008-02-14 21:40 <REP> d-------- C:\Program Files\Search Settings
2008-02-14 21:37 . 2008-02-14 21:37 0 --ah----- C:\WINDOWS\SwSys2.bmp
2008-02-14 21:37 . 2008-02-14 21:37 0 --ah----- C:\WINDOWS\SwSys1.bmp
2008-02-14 21:34 . 2008-02-18 14:05 <REP> d-------- C:\Program Files\Piolet
2008-02-14 17:56 . 2008-02-14 17:56 <REP> d-------- C:\Program Files\uTorrent
2008-02-14 17:56 . 2008-02-18 14:46 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\uTorrent
2008-02-13 17:15 . 2008-02-13 17:15 268 --ah----- C:\sqmdata03.sqm
2008-02-13 17:15 . 2008-02-13 17:15 244 --ah----- C:\sqmnoopt03.sqm
2008-02-13 17:04 . 2008-02-13 19:49 <REP> d-------- C:\Incomplete
2008-02-13 01:18 . 2008-02-13 01:34 <REP> d-------- C:\e9f8cae94798bccf0267
2008-02-12 18:09 . 2008-02-12 18:09 <REP> d-------- C:\Program Files\Kaspersky Lab
2008-02-12 17:58 . 2008-02-17 20:39 <REP> d-------- C:\Program Files\Yahoo!
2008-02-12 17:56 . 2008-02-12 18:01 <REP> d-------- C:\Program Files\CCleaner
2008-02-12 13:06 . 2004-08-03 22:43 20,480 --a------ C:\WINDOWS\SYSTEM32\sprecovr.exe
2008-02-12 12:50 . 2004-07-17 11:40 19,528 --a------ C:\WINDOWS\003623_.tmp
2008-02-12 12:37 . 2002-08-29 11:44 155,648 --a------ C:\WINDOWS\SYSTEM32\encdec.dll
2008-02-12 12:37 . 2002-08-28 23:16 21,343 --a------ C:\WINDOWS\SYSTEM32\drivers\atinttxx.sys
2008-02-12 12:37 . 2002-08-28 23:16 12,047 --a------ C:\WINDOWS\SYSTEM32\drivers\atinpdxx.sys
2008-02-12 12:37 . 2002-08-28 23:16 11,615 --a------ C:\WINDOWS\SYSTEM32\drivers\atinmdxx.sys
2008-02-12 12:37 . 2002-08-29 11:30 3,584 --a------ C:\WINDOWS\SYSTEM32\dsprpres.dll
2008-02-12 12:35 . 2002-08-29 12:04 844,675 --a------ C:\WINDOWS\SYSTEM32\ati3d1ag.dll
2008-02-12 12:35 . 2002-08-29 11:24 450,432 --a------ C:\WINDOWS\SYSTEM32\drivers\ati2mtag.sys
2008-02-12 12:35 . 2002-08-29 11:24 327,168 --a------ C:\WINDOWS\SYSTEM32\drivers\ati2mtaa.sys
2008-02-12 12:35 . 2002-08-29 11:44 172,032 --a------ C:\WINDOWS\SYSTEM32\mssap.dll
2008-02-12 12:35 . 2002-08-28 23:16 56,591 --a------ C:\WINDOWS\SYSTEM32\drivers\atinbtxx.sys
2008-02-12 12:35 . 2002-08-29 01:32 6,912 --a------ C:\WINDOWS\SYSTEM32\drivers\hidir.sys
2008-02-12 12:34 . 2002-08-29 01:11 162,304 --a------ C:\WINDOWS\SYSTEM32\msctfime.ime
2008-02-12 12:34 . 2002-08-28 23:16 36,463 --a------ C:\WINDOWS\SYSTEM32\drivers\atintuxx.sys
2008-02-12 12:34 . 2002-08-29 11:45 31,263 --a------ C:\WINDOWS\SYSTEM32\ativmvxx.ax
2008-02-12 12:34 . 2002-08-28 23:16 29,455 --a------ C:\WINDOWS\SYSTEM32\drivers\atinxbxx.sys
2008-02-12 12:34 . 2002-08-28 23:16 26,367 --a------ C:\WINDOWS\SYSTEM32\drivers\atinsnxx.sys
2008-02-12 12:34 . 2002-08-29 01:32 19,328 --a------ C:\WINDOWS\SYSTEM32\drivers\usbehci.sys
2008-02-12 12:34 . 2002-08-29 11:45 18,944 --a------ C:\WINDOWS\SYSTEM32\faxpatch.exe
2008-02-12 12:34 . 2002-08-29 01:28 13,056 --a------ C:\WINDOWS\SYSTEM32\drivers\wacompen.sys
2008-02-12 12:34 . 2002-08-29 01:28 11,904 --a------ C:\WINDOWS\SYSTEM32\drivers\mutohpen.sys
2008-02-12 12:34 . 2002-08-29 11:45 9,216 --a------ C:\WINDOWS\SYSTEM32\wuauserv.dll
2008-02-12 12:33 . 2004-03-10 19:01 608,256 --a------ C:\WINDOWS\SYSTEM32\dllcache\xpsp2res.dll
2008-02-12 12:33 . 2002-08-29 11:23 115,712 --a------ C:\WINDOWS\SYSTEM32\dpcdll.dll
2008-02-12 12:33 . 2002-08-28 23:16 63,663 --a------ C:\WINDOWS\SYSTEM32\drivers\atinrvxx.sys
2008-02-12 12:33 . 2002-08-29 01:08 27,648 --a------ C:\WINDOWS\SYSTEM32\pidgen.dll
2008-02-12 12:32 . 2004-07-01 23:08 360,960 --a------ C:\WINDOWS\SYSTEM32\qmgr.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-17 19:40 --------- d-----w C:\Program Files\Microsoft Picture It! PhotoPub
2008-02-17 19:34 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-17 19:34 --------- d-----w C:\Program Files\Hewlett-Packard
2008-02-15 21:47 --------- d-----w C:\Program Files\Google
2008-02-15 21:31 --------- d-----w C:\Program Files\Canon
2008-02-15 20:17 204,288 ----a-w C:\WINDOWS\SYSTEM32\uxtheme.dll
2008-02-13 16:49 3,545,425 ----a-w C:\Program Files\for my peace.mp3
2008-02-13 10:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7
2008-02-12 18:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-02-12 17:21 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-02-10 14:58 --------- d-----w C:\Program Files\Services en ligne
2008-02-10 09:34 --------- d-----w C:\Program Files\PCProtector
2008-02-09 21:35 --------- d-----w C:\Program Files\Java
2008-02-09 20:33 --------- d-----w C:\Program Files\QuickTime
2008-02-09 20:29 --------- d-----w C:\Program Files\Vertrix 2
2008-02-09 20:29 --------- d-----w C:\Program Files\Tcl
2008-02-09 10:57 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\AVG7
2008-02-08 22:16 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-01-21 21:10 --------- d-----w C:\Program Files\DivXMachine II
2008-01-16 13:02 24,626 ----a-w C:\WINDOWS\SYSTEM32\ScrrnES.dll
2008-01-16 13:02 1,376,528 ----a-w C:\WINDOWS\SYSTEM32\msvbvm60.dll
2008-01-12 15:26 --------- d-----w C:\Program Files\R-TT
2008-01-12 13:34 118,784 ----a-w C:\WINDOWS\SYSTEM32\MSSTDFMT.DLL
2008-01-12 12:05 --------- d-----w C:\Program Files\ewido
2008-01-12 11:34 65,536 ----a-w C:\WINDOWS\VIPunins.exe
2008-01-12 11:32 995,383 ----a-w C:\WINDOWS\SYSTEM32\MFCTB.DLL
2008-01-12 11:32 290,869 ----a-w C:\WINDOWS\SYSTEM32\MSVCTB.DLL
2008-01-11 20:50 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Apple Computer
2008-01-11 19:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-01-11 19:28 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\AdobeUM
2007-12-30 15:52 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\MSN6
1998-09-29 12:56 10,000 -c--a-w C:\WINDOWS\INF\unregpn.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]
2007-12-06 11:58 1198432 --a------ C:\Program Files\Search Settings\kb125\SearchSettings.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MoneyAgent"="C:\Program Files\Microsoft Money\System\Money Express.exe" [2000-07-19 08:00 180279]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55 5674352]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-02-08 18:52 171448]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46 1460560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 08:04 52736]
"KBD"="C:\HP\KBD\KBD.EXE" [2001-07-06 13:56 61440]
"NvCplDaemon"="NvQTwk" []
"IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [2001-08-07 16:25 143360]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2001-08-07 15:36 90112]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2001-07-03 13:13 81920]
"Microsoft Works Portfolio"="C:\Program Files\Microsoft Works\WksSb.exe" [2000-07-12 14:14 311350]
"Microsoft Works Update Detection"="C:\Program Files\Microsoft Works\WkDetect.exe" [2000-08-04 03:01 28739]
"PCTVOICE"="pctspk.exe" [2001-08-01 17:37 155648 C:\WINDOWS\SYSTEM32\pctspk.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 03:42 144784]
"Easy-PrintToolBox"="C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.exe" [2004-01-14 02:10 409600]
"SearchSettings"="C:\Program Files\Search Settings\SearchSettings.exe" [2007-12-06 11:58 1069920]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-08-31 12:25 249896]
"JeticoPFStartup"="C:\Program Files\Jetico\Jetico Personal Firewall\jpf.exe" [2008-02-01 10:41 418544]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-08-29 11:45 13312]

C:\Documents and Settings\Propri‚taire\Menu D‚marrer\Programmes\D‚marrage\
Y'z Toolbar.lnk - C:\WINDOWS\Packs\Crystal XP\YzToolbar\YzToolbar.exe [2008-02-15 23:47:13 90112]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
hp center.lnk - C:\Program Files\hp center\137903\Program\BackWeb-137903.exe [2001-09-26 19:42:50 16384]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2000-01-21 08:15:56 65588]

R0 avgntmgr;avgntmgr;C:\WINDOWS\System32\DRIVERS\avgntmgr.sys [2007-07-18 14:22]
R1 avgntdd;avgntdd;C:\WINDOWS\System32\DRIVERS\avgntdd.sys [2007-08-09 13:04]
R1 bc_hash_f;BC_HASH_Filter;C:\WINDOWS\System32\drivers\bc_hash_f.sys [2008-02-01 10:43]
R3 BcfilterMP;BcfilterMP;C:\WINDOWS\System32\DRIVERS\bcfilter.sys [2008-02-01 10:43]
S1 RFW;R-Firewall Kernel Driver;C:\WINDOWS\System32\rfwnt.sys []
S2 Jetico Personal Firewall server;Jetico Personal Firewall server;"C:\Program Files\Jetico\Jetico Personal Firewall\jpfsrv.exe" [2008-02-01 10:42]
S2 Pctspk;PCTEL Speaker Phone;C:\WINDOWS\system32\pctspk.exe [2001-08-01 17:37]
S2 SetupNT;SetupNT;C:\WINDOWS\System32\SetupNT.sys []
S3 ADBLOCK.DLL;R-Firewall Plugin(ADBLOCK.DLL);C:\Program Files\R-TT\R-Firewall\Kernel\ADBLOCK.DLL [2005-01-13 17:09]
S3 Bcfilter;Jetico Personal Firewall Network Monitor;C:\WINDOWS\System32\DRIVERS\bcfilter.sys [2008-02-01 10:43]
S3 CONTENT.DLL;R-Firewall Plugin(CONTENT.DLL);C:\Program Files\R-TT\R-Firewall\Kernel\CONTENT.DLL [2005-01-13 17:09]
S3 DNSCACHE.DLL;R-Firewall Plugin(DNSCACHE.DLL);C:\Program Files\R-TT\R-Firewall\Kernel\DNSCACHE.DLL [2005-01-13 17:08]
S3 FTPFILT.DLL;R-Firewall Plugin(FTPFILT.DLL);C:\Program Files\R-TT\R-Firewall\Kernel\FTPFILT.DLL [2005-01-13 17:09]
S3 HTMLFILT.DLL;R-Firewall Plugin(HTMLFILT.DLL);C:\Program Files\R-TT\R-Firewall\Kernel\HTMLFILT.DLL [2005-01-13 17:09]
S3 httpfilt.dll;R-Firewall Plugin(httpfilt.dll);C:\Program Files\R-TT\R-Firewall\Kernel\httpfilt.dll [2005-01-13 17:09]
S3 IMAPFILT.DLL;R-Firewall Plugin(IMAPFILT.DLL);C:\Program Files\R-TT\R-Firewall\Kernel\IMAPFILT.DLL [2005-01-13 17:09]
S3 MAILFILT.DLL;R-Firewall Plugin(MAILFILT.DLL);C:\Program Files\R-TT\R-Firewall\Kernel\MAILFILT.DLL [2005-01-13 17:09]
S3 NNTPFILT.DLL;R-Firewall Plugin(NNTPFILT.DLL);C:\Program Files\R-TT\R-Firewall\Kernel\NNTPFILT.DLL [2005-01-13 17:09]
S3 POP3FILT.DLL;R-Firewall Plugin(POP3FILT.DLL);C:\Program Files\R-TT\R-Firewall\Kernel\POP3FILT.DLL [2005-01-13 17:09]
S3 PROTECT.DLL;R-Firewall Plugin(PROTECT.DLL);C:\Program Files\R-TT\R-Firewall\Kernel\PROTECT.DLL [2005-01-13 17:09]
S3 Ptserlp;PCTEL Serial Device Driver for PCI;C:\WINDOWS\System32\DRIVERS\ptserlp.sys [2001-08-17 20:28]
S3 rspAV;rspAV;C:\WINDOWS\System32\rspav.sys []
S3 RspAVService;Principal AntiVirus;"C:\WINDOWS\system32\rspavsvc.exe" []
S3 RTT_CRC_Service;RTT CRC Service;C:\Program Files\R-TT\R-Firewall\Service\RTT_CRC_Service.exe [2004-09-24 17:02]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2002-08-29 01:32]
S3 w300bus;Sony Ericsson W300 Driver driver (WDM);C:\WINDOWS\System32\DRIVERS\w300bus.sys [2006-03-13 15:49]
S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter;C:\WINDOWS\System32\DRIVERS\w300mdfl.sys [2006-03-13 15:50]
S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver;C:\WINDOWS\System32\DRIVERS\w300mdm.sys [2006-03-13 15:50]
S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM);C:\WINDOWS\System32\DRIVERS\w300mgmt.sys [2006-03-13 15:50]
S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface;C:\WINDOWS\System32\DRIVERS\w300obex.sys [2006-03-13 15:50]

*Newly Created Service* - BCFTDI
*Newly Created Service* - BC_HASH_F
*Newly Created Service* - BC_IP_F
*Newly Created Service* - BC_NGN
*Newly Created Service* - BC_PAT_F
*Newly Created Service* - BC_PRT_F
*Newly Created Service* - BC_TDI_F
*Newly Created Service* - JETICO_PERSONAL_FIREWALL_SERVER
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2002-05-26 18:30:13 C:\WINDOWS\Tasks\Rappel d'abonnement 1 auprès de l'ISP.job"
- C:\WINDOWS\System32\OOBE\oobebaln.exe
"2002-05-28 12:30:12 C:\WINDOWS\Tasks\Rappel d'abonnement 2 auprès de l'ISP.job"
- C:\WINDOWS\System32\OOBE\oobebaln.exe
"2002-05-25 12:39:14 C:\WINDOWS\Tasks\Rappel d'abonnement 3 auprès de l'ISP.job"
- C:\WINDOWS\System32\OOBE\oobebaln.exe
"2002-05-25 12:39:13 C:\WINDOWS\Tasks\Rappel d'enregistrement 2.job"
- C:\WINDOWS\System32\OOBE\oobebaln.exe
"2007-10-27 12:58:58 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
"2008-02-15 08:00:01 C:\WINDOWS\Tasks\XoftSpy.job"
- C:\Program Files\XoftSpy\XoftSpy.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-18 14:44:13
Windows 5.1.2600 Service Pack 1 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-02-18 14:49:54
.
2008-02-17 21:10:34 --- E O F ---

On va faire un petit ménage avant de continuer.

Télécharge ewido anti-spyware micro scanner sur ton bureau.

Double-clique sur le fichier ewido_micro.exe pour l'exécuter.

Le programme va demander dès son lancement un accès internet pour se mettre à jour, accepte.

Puis, un nouvel écran apparaît, assure toi que toutes les cases soient cochées.

Clique sur Start Scan et laisse l'outil travailler.

Quand l'outil à fini, clique sur save report et sauvegarde le rapport sur ton bureau.

Poste le dans ta prochaine réponse.

Nb : ne clique pas tout de suite sur Remove infections; nous devons nous assurer que toutes les détections soient infectieuses car certains utilitaires légitimes pourraient apparaître dans le rapport.

bien ,j'ai suivi tes instructions a la lettre et voici le rapport:
ewido anti-spyware online scanner
http://www.ewido.net
__________________________________________________


Name: Adware.Generic
Path: HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Risk: Medium

Name: Adware.Generic
Path: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Risk: Medium

Name: Adware.Generic
Path: HKU\S-1-5-21-2969962186-3689853989-222395546-1003\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Risk: Medium

Name: Adware.Generic
Path: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Risk: Medium

Name: TrackingCookie.Advertising
Path: :mozilla.12:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Advertising
Path: :mozilla.13:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Advertising
Path: :mozilla.14:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Advertising
Path: :mozilla.15:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Smartadserver
Path: :mozilla.16:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Smartadserver
Path: :mozilla.17:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Smartadserver
Path: :mozilla.18:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Smartadserver
Path: :mozilla.19:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Bluestreak
Path: :mozilla.20:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

j'espere que tu pourra encore me donner un coup de pouce ^^

Re,

Clique sur Remove infections

Au message d'avertissement, clique sur Ok et laisse l'outil travailler.

Quand l'outil à fini, clique sur Save Report et sauvegarde le rapport sur ton bureau.

Poste le dans ta prochaine réponse.

&

[#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

Folder::
C:\Program Files\Search Settings

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E312764E-7706-43F1-8DAB-FCDD2B1E416D}]

Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
[#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]

salut, voila donc le rapport d'ewido:
ewido anti-spyware online scanner
http://www.ewido.net
__________________________________________________


Name: Adware.Generic
Path: HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Risk: Medium

Name: Adware.Generic
Path: HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Risk: Medium

Name: Adware.Generic
Path: HKU\S-1-5-21-2969962186-3689853989-222395546-1003\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Risk: Medium

Name: Adware.Generic
Path: HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a}
Risk: Medium

Name: TrackingCookie.Mediaplex
Path: :mozilla.18:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Smartadserver
Path: :mozilla.22:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Smartadserver
Path: :mozilla.23:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Smartadserver
Path: :mozilla.24:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Smartadserver
Path: :mozilla.25:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Adrevolver
Path: :mozilla.27:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Adrevolver
Path: :mozilla.28:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Adrevolver
Path: :mozilla.29:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Adrevolver
Path: :mozilla.30:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Adrevolver
Path: :mozilla.31:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Adrevolver
Path: :mozilla.32:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Bluestreak
Path: :mozilla.33:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Atdmt
Path: :mozilla.38:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Advertising
Path: :mozilla.62:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Advertising
Path: :mozilla.63:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Advertising
Path: :mozilla.64:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Advertising
Path: :mozilla.65:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Estat
Path: :mozilla.83:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

Name: TrackingCookie.Overture
Path: :mozilla.88:C:\Documents and Settings\Propriétaire\Application Data\Mozilla\Firefox\Profiles\aq7jkngh.default\cookies.txt
Risk: Medium

et le rapport de combofix:
ComboFix 08-02-17.2 - Propriétaire 2008-02-19 13:07:08.2 - NTFSx86
Endroit: C:\Documents and Settings\Propriétaire\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Propriétaire\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Search Settings
C:\Program Files\Search Settings\kb125\res\ErrorPageTemplate.css
C:\Program Files\Search Settings\kb125\res\help.gif
C:\Program Files\Search Settings\kb125\res\pixel.gif
C:\Program Files\Search Settings\kb125\res\tab_icon.png
C:\Program Files\Search Settings\kb125\res\tabdata.js
C:\Program Files\Search Settings\kb125\res\tablib.js
C:\Program Files\Search Settings\kb125\res\tabwelcome_en.html
C:\Program Files\Search Settings\kb125\res\toolbar_background.gif
C:\Program Files\Search Settings\kb125\res\vista_directions.png
C:\Program Files\Search Settings\kb125\res\xp_directions.png
C:\Program Files\Search Settings\kb125\res\yahoo_search.gif
C:\Program Files\Search Settings\kb125\SearchSettings.dll
C:\Program Files\Search Settings\SearchSettings.exe

.
((((((((((((((((((((((((((((( Fichiers créés 2008-01-19 to 2008-02-19 ))))))))))))))))))))))))))))))))))))
.

2008-02-18 00:13 . 2008-02-18 00:13 <REP> d-------- C:\WINDOWS\Sun
2008-02-17 22:28 . 2008-02-17 22:28 <REP> d-------- C:\Program Files\Lavalys
2008-02-17 22:03 . 2008-02-17 22:16 <REP> d-------- C:\Program Files\Jetico
2008-02-17 21:40 . 2008-02-17 21:40 1,158 --a------ C:\WINDOWS\mozver.dat
2008-02-17 21:02 . 2008-02-17 21:10 <REP> d-------- C:\Program Files\Navilog1
2008-02-17 20:17 . 2008-02-17 20:17 0 --a------ C:\WINDOWS\nsreg.dat
2008-02-17 17:55 . 2008-02-17 17:55 <REP> d-------- C:\Program Files\Avira
2008-02-17 17:55 . 2008-02-17 17:55 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-02-17 17:07 . 2008-02-17 17:07 <REP> d-------- C:\Program Files\Trend Micro
2008-02-17 14:04 . 2008-02-17 14:04 170 --a------ C:\WINDOWS\SYSTEM32\spupdsvc.inf
2008-02-16 01:47 . 2008-02-16 01:47 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\vlc
2008-02-16 01:42 . 2008-02-16 01:42 <REP> d-------- C:\Program Files\VideoLAN
2008-02-16 00:37 . 2008-02-16 00:37 <REP> d-------- C:\WINDOWS\SYSTEM32\bits
2008-02-15 23:48 . 2008-02-15 23:48 3,932,214 --a------ C:\WINDOWS\BricoPack Wallpaper.bmp
2008-02-15 23:42 . 2002-08-29 11:45 4,331,008 --a------ C:\WINDOWS\SYSTEM32\logonui.exe
2008-02-15 23:42 . 2002-08-29 11:45 2,150,912 --a------ C:\WINDOWS\SYSTEM32\zipfldr.dll
2008-02-15 23:40 . 2002-08-29 11:45 2,290,176 --a------ C:\WINDOWS\SYSTEM32\shimgvw.dll
2008-02-15 23:40 . 2002-08-29 11:45 894,976 --a------ C:\WINDOWS\SYSTEM32\sysdm.cpl
2008-02-15 23:40 . 2001-08-24 01:47 875,008 --a------ C:\WINDOWS\SYSTEM32\sysocmgr.exe
2008-02-15 23:40 . 2002-08-29 11:45 677,376 --a------ C:\WINDOWS\SYSTEM32\stobject.dll
2008-02-15 23:40 . 2001-08-24 01:47 601,088 --a------ C:\WINDOWS\SYSTEM32\sndvol32.exe
2008-02-15 23:40 . 2001-08-24 01:47 408,576 --a------ C:\WINDOWS\SYSTEM32\sndrec32.exe
2008-02-15 23:36 . 2002-08-29 11:45 2,686,976 --a------ C:\WINDOWS\explorer.exe
2008-02-15 23:36 . 2001-08-24 01:47 1,383,936 --a------ C:\WINDOWS\SYSTEM32\fontext.dll
2008-02-15 23:36 . 2002-08-29 11:45 1,123,328 --a------ C:\WINDOWS\SYSTEM32\appwiz.cpl
2008-02-15 23:36 . 2001-08-24 01:47 1,035,264 --a------ C:\WINDOWS\SYSTEM32\hdwwiz.cpl
2008-02-15 23:36 . 2001-08-24 01:47 548,864 --a------ C:\WINDOWS\SYSTEM32\cleanmgr.exe
2008-02-15 23:36 . 2001-08-24 01:47 537,088 --a------ C:\WINDOWS\SYSTEM32\cmd.exe
2008-02-15 23:36 . 2002-08-29 11:45 420,352 --a------ C:\WINDOWS\SYSTEM32\desk.cpl
2008-02-15 23:36 . 2002-08-29 11:44 331,776 --a------ C:\WINDOWS\SYSTEM32\credui.dll
2008-02-15 23:36 . 2001-08-24 01:47 266,240 --a------ C:\WINDOWS\SYSTEM32\calc.exe
2008-02-15 23:36 . 2001-08-24 01:47 218,112 --a------ C:\WINDOWS\SYSTEM32\console.dll
2008-02-15 23:36 . 2001-08-24 01:47 205,824 --a------ C:\WINDOWS\SYSTEM32\access.cpl
2008-02-15 23:10 . 2008-02-15 23:13 <REP> d-------- C:\WINDOWS\Packs
2008-02-15 22:43 . 2005-03-02 19:17 2,044,416 --a------ C:\WINDOWS\SYSTEM32\ntoskrnl.exe
2008-02-15 22:43 . 2005-03-02 19:17 1,959,424 --a------ C:\WINDOWS\SYSTEM32\ntkrnlpa.exe
2008-02-15 22:41 . 2004-07-09 03:27 974,848 --a------ C:\WINDOWS\SYSTEM32\dxdiag.exe
2008-02-15 22:40 . 2005-07-26 05:38 1,190,400 --a------ C:\WINDOWS\SYSTEM32\ole32.dll
2008-02-15 22:39 . 2006-08-25 16:54 561,664 --a------ C:\WINDOWS\SYSTEM32\comctl32.dll
2008-02-15 22:39 . 2001-08-24 01:47 446,976 --a------ C:\WINDOWS\SYSTEM32\certmgr.dll
2008-02-15 22:39 . 2001-08-24 01:47 359,936 --a------ C:\WINDOWS\SYSTEM32\cards.dll
2008-02-15 22:39 . 2002-08-29 11:44 333,824 --a------ C:\WINDOWS\SYSTEM32\cmdial32.dll
2008-02-15 22:39 . 2001-08-24 01:47 166,400 --a------ C:\WINDOWS\SYSTEM32\ciadmin.dll
2008-02-15 22:39 . 2001-08-24 01:44 72,192 --a------ C:\WINDOWS\SYSTEM32\acctres.dll
2008-02-15 22:39 . 2001-08-24 01:47 36,864 --a------ C:\WINDOWS\SYSTEM32\odbccp32.cpl
2008-02-15 22:39 . 2001-08-24 01:46 27,136 --a------ C:\WINDOWS\SYSTEM32\batmeter.dll
2008-02-15 22:39 . 2002-08-29 11:44 6,656 --a------ C:\WINDOWS\SYSTEM32\batt.dll
2008-02-15 22:19 . 2008-02-15 22:19 268 --ah----- C:\sqmdata04.sqm
2008-02-15 22:19 . 2008-02-15 22:19 244 --ah----- C:\sqmnoopt04.sqm
2008-02-15 21:17 . 2002-08-29 11:45 204,288 --a------ C:\WINDOWS\SYSTEM32\uxtheme.backup
2008-02-15 20:08 . 2008-02-15 20:08 <REP> d-------- C:\toto
2008-02-15 18:57 . 2008-02-15 18:57 <REP> d-------- C:\Program Files\Alwil Software
2008-02-15 17:48 . 2008-02-15 17:48 479 --a------ C:\WINDOWS\Raccourci vers VBS.lnk
2008-02-15 16:32 . 2008-02-15 16:32 <REP> d-------- C:\WINDOWS\SYSTEM32\LogFiles
2008-02-15 16:07 . 2008-02-15 16:49 <REP> d-------- C:\Program Files\Microsoft Bootvis
2008-02-15 12:21 . 2008-02-15 11:41 368,640 --a------ C:\WINDOWS\VOBSUB.DLL
2008-02-15 11:52 . 2008-02-15 11:52 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Uniblue
2008-02-14 21:43 . 2008-02-14 21:43 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\Search Settings
2008-02-14 21:37 . 2008-02-14 21:37 0 --ah----- C:\WINDOWS\SwSys2.bmp
2008-02-14 21:37 . 2008-02-14 21:37 0 --ah----- C:\WINDOWS\SwSys1.bmp
2008-02-14 21:34 . 2008-02-18 14:05 <REP> d-------- C:\Program Files\Piolet
2008-02-14 17:56 . 2008-02-14 17:56 <REP> d-------- C:\Program Files\uTorrent
2008-02-14 17:56 . 2008-02-18 22:43 <REP> d-------- C:\Documents and Settings\Propriétaire\Application Data\uTorrent
2008-02-13 17:15 . 2008-02-13 17:15 268 --ah----- C:\sqmdata03.sqm
2008-02-13 17:15 . 2008-02-13 17:15 244 --ah----- C:\sqmnoopt03.sqm
2008-02-13 17:04 . 2008-02-13 19:49 <REP> d-------- C:\Incomplete
2008-02-13 01:18 . 2008-02-13 01:34 <REP> d-------- C:\e9f8cae94798bccf0267
2008-02-12 18:09 . 2008-02-12 18:09 <REP> d-------- C:\Program Files\Kaspersky Lab
2008-02-12 17:58 . 2008-02-17 20:39 <REP> d-------- C:\Program Files\Yahoo!
2008-02-12 17:56 . 2008-02-12 18:01 <REP> d-------- C:\Program Files\CCleaner
2008-02-12 13:06 . 2004-08-03 22:43 20,480 --a------ C:\WINDOWS\SYSTEM32\sprecovr.exe
2008-02-12 12:50 . 2004-07-17 11:40 19,528 --a------ C:\WINDOWS\003623_.tmp
2008-02-12 12:37 . 2002-08-29 11:44 155,648 --a------ C:\WINDOWS\SYSTEM32\encdec.dll
2008-02-12 12:37 . 2002-08-28 23:16 21,343 --a------ C:\WINDOWS\SYSTEM32\drivers\atinttxx.sys
2008-02-12 12:37 . 2002-08-28 23:16 12,047 --a------ C:\WINDOWS\SYSTEM32\drivers\atinpdxx.sys
2008-02-12 12:37 . 2002-08-28 23:16 11,615 --a------ C:\WINDOWS\SYSTEM32\drivers\atinmdxx.sys
2008-02-12 12:37 . 2002-08-29 11:30 3,584 --a------ C:\WINDOWS\SYSTEM32\dsprpres.dll
2008-02-12 12:35 . 2002-08-29 12:04 844,675 --a------ C:\WINDOWS\SYSTEM32\ati3d1ag.dll
2008-02-12 12:35 . 2002-08-29 11:24 450,432 --a------ C:\WINDOWS\SYSTEM32\drivers\ati2mtag.sys
2008-02-12 12:35 . 2002-08-29 11:24 327,168 --a------ C:\WINDOWS\SYSTEM32\drivers\ati2mtaa.sys
2008-02-12 12:35 . 2002-08-29 11:44 172,032 --a------ C:\WINDOWS\SYSTEM32\mssap.dll
2008-02-12 12:35 . 2002-08-28 23:16 56,591 --a------ C:\WINDOWS\SYSTEM32\drivers\atinbtxx.sys
2008-02-12 12:35 . 2002-08-29 01:32 6,912 --a------ C:\WINDOWS\SYSTEM32\drivers\hidir.sys
2008-02-12 12:34 . 2002-08-29 01:11 162,304 --a------ C:\WINDOWS\SYSTEM32\msctfime.ime
2008-02-12 12:34 . 2002-08-28 23:16 36,463 --a------ C:\WINDOWS\SYSTEM32\drivers\atintuxx.sys
2008-02-12 12:34 . 2002-08-29 11:45 31,263 --a------ C:\WINDOWS\SYSTEM32\ativmvxx.ax
2008-02-12 12:34 . 2002-08-28 23:16 29,455 --a------ C:\WINDOWS\SYSTEM32\drivers\atinxbxx.sys
2008-02-12 12:34 . 2002-08-28 23:16 26,367 --a------ C:\WINDOWS\SYSTEM32\drivers\atinsnxx.sys
2008-02-12 12:34 . 2002-08-29 01:32 19,328 --a------ C:\WINDOWS\SYSTEM32\drivers\usbehci.sys
2008-02-12 12:34 . 2002-08-29 11:45 18,944 --a------ C:\WINDOWS\SYSTEM32\faxpatch.exe
2008-02-12 12:34 . 2002-08-29 01:28 13,056 --a------ C:\WINDOWS\SYSTEM32\drivers\wacompen.sys
2008-02-12 12:34 . 2002-08-29 01:28 11,904 --a------ C:\WINDOWS\SYSTEM32\drivers\mutohpen.sys
2008-02-12 12:34 . 2002-08-29 11:45 9,216 --a------ C:\WINDOWS\SYSTEM32\wuauserv.dll
2008-02-12 12:33 . 2004-03-10 19:01 608,256 --a------ C:\WINDOWS\SYSTEM32\dllcache\xpsp2res.dll
2008-02-12 12:33 . 2002-08-29 11:23 115,712 --a------ C:\WINDOWS\SYSTEM32\dpcdll.dll
2008-02-12 12:33 . 2002-08-28 23:16 63,663 --a------ C:\WINDOWS\SYSTEM32\drivers\atinrvxx.sys
2008-02-12 12:33 . 2002-08-29 01:08 27,648 --a------ C:\WINDOWS\SYSTEM32\pidgen.dll
2008-02-12 12:32 . 2004-07-01 23:08 360,960 --a------ C:\WINDOWS\SYSTEM32\qmgr.dll
2008-02-12 12:32 . 2008-02-10 10:18 166,912 --a------ C:\WINDOWS\SYSTEM32\iuengine.dll
2008-02-12 12:32 . 2008-02-10 10:18 166,912 --a------ C:\WINDOWS\SYSTEM32\dllcache\iuengine.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-17 19:40 --------- d-----w C:\Program Files\Microsoft Picture It! PhotoPub
2008-02-17 19:34 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-17 19:34 --------- d-----w C:\Program Files\Hewlett-Packard
2008-02-15 21:47 --------- d-----w C:\Program Files\Google
2008-02-15 21:31 --------- d-----w C:\Program Files\Canon
2008-02-15 20:17 204,288 ----a-w C:\WINDOWS\SYSTEM32\uxtheme.dll
2008-02-13 16:49 3,545,425 ----a-w C:\Program Files\for my peace.mp3
2008-02-13 10:27 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg7
2008-02-12 18:51 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-02-12 17:21 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-02-10 14:58 --------- d-----w C:\Program Files\Services en ligne
2008-02-10 09:34 --------- d-----w C:\Program Files\PCProtector
2008-02-09 21:35 --------- d-----w C:\Program Files\Java
2008-02-09 20:33 --------- d-----w C:\Program Files\QuickTime
2008-02-09 20:29 --------- d-----w C:\Program Files\Vertrix 2
2008-02-09 20:29 --------- d-----w C:\Program Files\Tcl
2008-02-09 10:57 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\AVG7
2008-02-08 22:16 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-01-21 21:10 --------- d-----w C:\Program Files\DivXMachine II
2008-01-16 13:02 24,626 ----a-w C:\WINDOWS\SYSTEM32\ScrrnES.dll
2008-01-16 13:02 1,376,528 ----a-w C:\WINDOWS\SYSTEM32\msvbvm60.dll
2008-01-12 15:26 --------- d-----w C:\Program Files\R-TT
2008-01-12 13:34 118,784 ----a-w C:\WINDOWS\SYSTEM32\MSSTDFMT.DLL
2008-01-12 12:05 --------- d-----w C:\Program Files\ewido
2008-01-12 11:34 65,536 ----a-w C:\WINDOWS\VIPunins.exe
2008-01-12 11:32 995,383 ----a-w C:\WINDOWS\SYSTEM32\MFCTB.DLL
2008-01-12 11:32 290,869 ----a-w C:\WINDOWS\SYSTEM32\MSVCTB.DLL
2008-01-11 20:50 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\Apple Computer
2008-01-11 19:37 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-01-11 19:28 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\AdobeUM
2007-12-30 15:52 --------- d-----w C:\Documents and Settings\Propriétaire\Application Data\MSN6
1998-09-29 12:56 10,000 -c--a-w C:\WINDOWS\INF\unregpn.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MoneyAgent"="C:\Program Files\Microsoft Money\System\Money Express.exe" [2000-07-19 08:00 180279]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55 5674352]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-02-08 18:52 171448]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46 1460560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 08:04 52736]
"KBD"="C:\HP\KBD\KBD.EXE" [2001-07-06 13:56 61440]
"NvCplDaemon"="NvQTwk" []
"IgfxTray"="C:\WINDOWS\System32\igfxtray.exe" [2001-08-07 16:25 143360]
"HotKeysCmds"="C:\WINDOWS\System32\hkcmd.exe" [2001-08-07 15:36 90112]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2001-07-03 13:13 81920]
"Microsoft Works Portfolio"="C:\Program Files\Microsoft Works\WksSb.exe" [2000-07-12 14:14 311350]
"Microsoft Works Update Detection"="C:\Program Files\Microsoft Works\WkDetect.exe" [2000-08-04 03:01 28739]
"PCTVOICE"="pctspk.exe" [2001-08-01 17:37 155648 C:\WINDOWS\SYSTEM32\pctspk.exe]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 03:42 144784]
"Easy-PrintToolBox"="C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.exe" [2004-01-14 02:10 409600]
"SearchSettings"="C:\Program Files\Search Settings\SearchSettings.exe" [ ]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-08-31 12:25 249896]
"JeticoPFStartup"="C:\Program Files\Jetico\Jetico Personal Firewall\jpf.exe" [2008-02-01 10:41 418544]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-08-29 11:45 13312]

C:\Documents and Settings\Propri‚taire\Menu D‚marrer\Programmes\D‚marrage\
Y'z Toolbar.lnk - C:\WINDOWS\Packs\Crystal XP\YzToolbar\YzToolbar.exe [2008-02-15 23:47:13 90112]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
hp center.lnk - C:\Program Files\hp center\137903\Program\BackWeb-137903.exe [2001-09-26 19:42:50 16384]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2000-01-21 08:15:56 65588]

R0 avgntmgr;avgntmgr;C:\WINDOWS\System32\DRIVERS\avgntmgr.sys [2007-07-18 14:22]
R1 avgntdd;avgntdd;C:\WINDOWS\System32\DRIVERS\avgntdd.sys [2007-08-09 13:04]
R1 bc_hash_f;BC_HASH_Filter;C:\WINDOWS\System32\drivers\bc_hash_f.sys [2008-02-01 10:43]
R2 Jetico Personal Firewall server;Jetico Personal Firewall server;"C:\Program Files\Jetico\Jetico Personal Firewall\jpfsrv.exe" [2008-02-01 10:42]
R3 BcfilterMP;BcfilterMP;C:\WINDOWS\System32\DRIVERS\bcfilter.sys [2008-02-01 10:43]
S1 RFW;R-Firewall Kernel Driver;C:\WINDOWS\System32\rfwnt.sys []
S2 Pctspk;PCTEL Speaker Phone;C:\WINDOWS\system32\pctspk.exe [2001-08-01 17:37]
S2 SetupNT;SetupNT;C:\WINDOWS\System32\SetupNT.sys []
S3 ADBLOCK.DLL;R-Firewall Plugin(ADBLOCK.DLL);C:\Program Files\R-TT\R-Firewall\Kernel\ADBLOCK.DLL [2005-01-13 17:09]
S3 Bcfilter;Jetico Personal Firewall Network Monitor;C:\WINDOWS\System32\DRIVERS\bcfilter.sys [2008-02-01 10:43]
S3 CONTENT.DLL;R-Firewall Plugin(CONTENT.DLL);C:\Program Files\R-TT\R-Firewall\Kernel\CONTENT.DLL [2005-01-13 17:09]
S3 DNSCACHE.DLL;R-Firewall Plugin(DNSCACHE.DLL);C:\Program Files\R-TT\R-Firewall\Kernel\DNSCACHE.DLL [2005-01-13 17:08]
S3 FTPFILT.DLL;R-Firewall Plugin(FTPFILT.DLL);C:\Program Files\R-TT\R-Firewall\Kernel\FTPFILT.DLL [2005-01-13 17:09]
S3 HTMLFILT.DLL;R-Firewall Plugin(HTMLFILT.DLL);C:\Program Files\R-TT\R-Firewall\Kernel\HTMLFILT.DLL [2005-01-13 17:09]
S3 httpfilt.dll;R-Firewall Plugin(httpfilt.dll);C:\Program Files\R-TT\R-Firewall\Kernel\httpfilt.dll [2005-01-13 17:09]
S3 IMAPFILT.DLL;R-Firewall Plugin(IMAPFILT.DLL);C:\Program Files\R-TT\R-Firewall\Kernel\IMAPFILT.DLL [2005-01-13 17:09]
S3 MAILFILT.DLL;R-Firewall Plugin(MAILFILT.DLL);C:\Program Files\R-TT\R-Firewall\Kernel\MAILFILT.DLL [2005-01-13 17:09]
S3 NNTPFILT.DLL;R-Firewall Plugin(NNTPFILT.DLL);C:\Program Files\R-TT\R-Firewall\Kernel\NNTPFILT.DLL [2005-01-13 17:09]
S3 POP3FILT.DLL;R-Firewall Plugin(POP3FILT.DLL);C:\Program Files\R-TT\R-Firewall\Kernel\POP3FILT.DLL [2005-01-13 17:09]
S3 PROTECT.DLL;R-Firewall Plugin(PROTECT.DLL);C:\Program Files\R-TT\R-Firewall\Kernel\PROTECT.DLL [2005-01-13 17:09]
S3 Ptserlp;PCTEL Serial Device Driver for PCI;C:\WINDOWS\System32\DRIVERS\ptserlp.sys [2001-08-17 20:28]
S3 rspAV;rspAV;C:\WINDOWS\System32\rspav.sys []
S3 RspAVService;Principal AntiVirus;"C:\WINDOWS\system32\rspavsvc.exe" []
S3 RTT_CRC_Service;RTT CRC Service;C:\Program Files\R-TT\R-Firewall\Service\RTT_CRC_Service.exe [2004-09-24 17:02]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2002-08-29 01:32]
S3 w300bus;Sony Ericsson W300 Driver driver (WDM);C:\WINDOWS\System32\DRIVERS\w300bus.sys [2006-03-13 15:49]
S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter;C:\WINDOWS\System32\DRIVERS\w300mdfl.sys [2006-03-13 15:50]
S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver;C:\WINDOWS\System32\DRIVERS\w300mdm.sys [2006-03-13 15:50]
S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM);C:\WINDOWS\System32\DRIVERS\w300mgmt.sys [2006-03-13 15:50]
S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface;C:\WINDOWS\System32\DRIVERS\w300obex.sys [2006-03-13 15:50]

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2002-05-26 18:30:13 C:\WINDOWS\Tasks\Rappel d'abonnement 1 auprès de l'ISP.job"
- C:\WINDOWS\System32\OOBE\oobebaln.exe
"2002-05-28 12:30:12 C:\WINDOWS\Tasks\Rappel d'abonnement 2 auprès de l'ISP.job"
- C:\WINDOWS\System32\OOBE\oobebaln.exe
"2002-05-25 12:39:14 C:\WINDOWS\Tasks\Rappel d'abonnement 3 auprès de l'ISP.job"
- C:\WINDOWS\System32\OOBE\oobebaln.exe
"2002-05-25 12:39:13 C:\WINDOWS\Tasks\Rappel d'enregistrement 2.job"
- C:\WINDOWS\System32\OOBE\oobebaln.exe
"2007-10-27 12:58:58 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
"2008-02-15 08:00:01 C:\WINDOWS\Tasks\XoftSpy.job"
- C:\Program Files\XoftSpy\XoftSpy.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-19 13:14:45
Windows 5.1.2600 Service Pack 1 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-02-19 13:17:58
ComboFix-quarantined-files.txt 2008-02-19 12:17:50
ComboFix2.txt 2008-02-18 13:49:59
.
2008-02-18 15:51:08 --- E O F ---

ja t'aporte aussi le rapport Hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:59:47, on 19/02/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Jetico\Jetico Personal Firewall\jpfsrv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Microsoft Works\WksSb.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\Jetico\Jetico Personal Firewall\jpf.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\hp center\137903\Program\BackWeb-137903.exe
C:\WINDOWS\Packs\Crystal XP\YzToolbar\YzToolbar.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [JeticoPFStartup] "C:\Program Files\Jetico\Jetico Personal Firewall\jpf.exe"
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\Money Express.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Nouveau dossier
O4 - Startup: Y'z Toolbar.lnk = ?
O4 - Global Startup: hp center.lnk = C:\Program Files\hp center\137903\Program\BackWeb-137903.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Jetico Personal Firewall server - Jetico, Inc. - C:\Program Files\Jetico\Jetico Personal Firewall\jpfsrv.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk) - Unknown owner - C:\WINDOWS\system32\pctspk.exe
O23 - Service: Principal AntiVirus (RspAVService) - Unknown owner - C:\WINDOWS\system32\rspavsvc.exe (file missing)
O23 - Service: RTT CRC Service (RTT_CRC_Service) - Unknown owner - C:\Program Files\R-TT\R-Firewall\Service\RTT_CRC_Service.exe

--
End of file - 7390 bytes

je te remercie de ton aide,le message ne s'afiche plus et mon pc va plus vite
mais j'ai une petite question que font tous ces cookies dans ces rapports ? ce sont des cookies spyware?

Analyse le fichier suivant sur VirusTotal puis poste le rapport :
C:\WINDOWS\system32\rspavsvc.exe