Infection bagle je ne sais plus quoi faire!!!!

Bonjour,

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

Télécharge Combo-fix ([#ff0000]sUBs[/#f]) sur ton Bureau.

Double clique sur combo-fix.exe afin de le lancer.

Tape sur la touche 1 (Yes) pour démarrer le scan.

Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

ComboFix 08-02-15.1 - Wesley 2008-02-17 18:22:00.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.144 [GMT 1:00]
Endroit: C:\Documents and Settings\Wesley\Bureau\Combo-Fix.exe
* Création d'un nouveau point de restauration

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Wesley\Application Data\WinTouch\WinTouch.exe
C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\mdelk.exe
C:\WINDOWS\system32\mljjj.dll
C:\WINDOWS\system32\opnkjkh.dll
C:\WINDOWS\system32\tzimhhvs.dll
C:\WINDOWS\system32\wintems.exe
C:\Documents and Settings\All Users.WINDOWS\Application Data\storageprotector
C:\Documents and Settings\All Users.WINDOWS\Application Data\storageprotector\Data\ac
C:\Documents and Settings\All Users.WINDOWS\Application Data\storageprotector\Data\em
C:\Documents and Settings\All Users.WINDOWS\Application Data\storageprotector\Data\oid
C:\Documents and Settings\All Users.WINDOWS\Application Data\storageprotector\Data\user
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\StorageProtector
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\StorageProtector\Contact Customer Service.lnk
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\StorageProtector\StorageProtector.lnk
C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer\Programmes\StorageProtector\Uninstall StorageProtector.lnk
C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\NetMon
C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\NetMon\domains.txt
C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\NetMon\log.txt
C:\Documents and Settings\NetworkService.AUTORITE NT\Application Data\NetMon
C:\Documents and Settings\NetworkService.AUTORITE NT\Application Data\NetMon\domains.txt
C:\Documents and Settings\NetworkService.AUTORITE NT\Application Data\NetMon\log.txt
C:\Documents and Settings\Wesley\Application Data\ShoppingReport
C:\Documents and Settings\Wesley\Application Data\ShoppingReport\cs\Config.xml
C:\Documents and Settings\Wesley\Application Data\ShoppingReport\cs\db\Aliases.dbs
C:\Documents and Settings\Wesley\Application Data\ShoppingReport\cs\db\Sites.dbs
C:\Documents and Settings\Wesley\Application Data\ShoppingReport\cs\dwld\WhiteList.xip
C:\Documents and Settings\Wesley\Application Data\ShoppingReport\cs\report\aggr_storage.xml
C:\Documents and Settings\Wesley\Application Data\ShoppingReport\cs\report\send_storage.xml
C:\Documents and Settings\Wesley\Application Data\ShoppingReport\cs\res1\WhiteList.dbs
C:\Documents and Settings\Wesley\Application Data\storageprotector
C:\Documents and Settings\Wesley\Application Data\storageprotector\Logs\update.log
C:\Documents and Settings\Wesley\Application Data\WinTouch\wintouch.cfg
C:\Documents and Settings\Wesley\Application Data\WinTouch\WinTouch.exe
C:\Documents and Settings\Wesley\Application Data\WinTouch\WTUninstaller.exe
C:\Documents and Settings\Wesley\Bureau\StorageProtector.lnk
C:\Documents and Settings\Wesley\Mes documents\PPPATC~1
C:\Documents and Settings\Wesley\Mes documents\PPPATC~1\?ppPatch\
C:\Documents and Settings\Wesley\Mes documents\PPPATC~1\fast.exe
C:\Program Files\Fichiers communs\StorageProtector
C:\Program Files\Fichiers communs\StorageProtector\strpmon.exe
C:\Program Files\Fichiers communs\Yazzle1281OinAdmin.exe
C:\Program Files\Fichiers communs\Yazzle1281OinUninstaller.exe
C:\Program Files\inetget2
C:\Program Files\network monitor
C:\Program Files\network monitor\netmon.exe
C:\Program Files\Router
C:\Program Files\Router\Router.exe
C:\Program Files\Router\UnInstall.exe
C:\Program Files\ShoppingReport
C:\Program Files\ShoppingReport\Bin\2.0.26\ShoppingReport.dll
C:\Program Files\ShoppingReport\Uninst.exe
C:\Program Files\StorageProtector
C:\Program Files\StorageProtector\atl71.dll
C:\Program Files\StorageProtector\kernel.dll
C:\Program Files\StorageProtector\License.rtf
C:\Program Files\StorageProtector\mfc71.dll
C:\Program Files\StorageProtector\msvcp71.dll
C:\Program Files\StorageProtector\msvcr71.dll
C:\Program Files\StorageProtector\Readme.rtf
C:\Program Files\StorageProtector\Res\Main.ico
C:\Program Files\StorageProtector\Res\RecycleBin.ico
C:\Program Files\StorageProtector\rm.url
C:\Program Files\StorageProtector\sr.log
C:\Program Files\StorageProtector\swupd.log
C:\Program Files\StorageProtector\SysRep.exe
C:\Program Files\StorageProtector\SysRep.exe.cer
C:\Program Files\StorageProtector\SysRep.exe.Log
C:\Program Files\StorageProtector\SysRep.exe.xml
C:\Program Files\StorageProtector\SysRep.url
C:\Program Files\StorageProtector\transpaid.exe
C:\Program Files\StorageProtector\ucookw.exe
C:\Program Files\StorageProtector\unins000.dat
C:\Program Files\StorageProtector\unins000.exe
C:\Program Files\StorageProtector\urls.ini
C:\Program Files\Temporary
C:\Program Files\Temporary\InsiDERIns.exe
C:\Program Files\Windows Live\laxuki.dll
C:\Program Files\Windows Live\laxuki511.dll
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\Temp\isgTi19
C:\Temp\isgTi19\lPig.log
C:\WINDOWS\b128.exe
C:\WINDOWS\b138.exe
C:\WINDOWS\b151.exe
C:\WINDOWS\b153.exe
C:\WINDOWS\mrofinu1000106.exe
C:\WINDOWS\mrofinu572.exe
C:\WINDOWS\system32\atmtd.dll
C:\WINDOWS\system32\atmtd.dll._
C:\WINDOWS\system32\bdkrscau.ini
C:\WINDOWS\system32\bmvtbcur.dll
C:\WINDOWS\system32\drivers\down
C:\WINDOWS\system32\drivers\down\100046.exe
C:\WINDOWS\system32\drivers\down\100062.exe
C:\WINDOWS\system32\drivers\down\101593.exe
C:\WINDOWS\system32\drivers\down\105953.exe
C:\WINDOWS\system32\drivers\down\106703.exe
C:\WINDOWS\system32\drivers\down\106968.exe
C:\WINDOWS\system32\drivers\down\107125.exe
C:\WINDOWS\system32\drivers\down\107625.exe
C:\WINDOWS\system32\drivers\down\108062.exe
C:\WINDOWS\system32\drivers\down\108125.exe
C:\WINDOWS\system32\drivers\down\108687.exe
C:\WINDOWS\system32\drivers\down\108781.exe
C:\WINDOWS\system32\drivers\down\108843.exe
C:\WINDOWS\system32\drivers\down\109109.exe
C:\WINDOWS\system32\drivers\down\109187.exe
C:\WINDOWS\system32\drivers\down\110125.exe
C:\WINDOWS\system32\drivers\down\110796.exe
C:\WINDOWS\system32\drivers\down\111234.exe
C:\WINDOWS\system32\drivers\down\111296.exe
C:\WINDOWS\system32\drivers\down\111390.exe
C:\WINDOWS\system32\drivers\down\111765.exe
C:\WINDOWS\system32\drivers\down\113890.exe
C:\WINDOWS\system32\drivers\down\115453.exe
C:\WINDOWS\system32\drivers\down\115734.exe
C:\WINDOWS\system32\drivers\down\115953.exe
C:\WINDOWS\system32\drivers\down\116390.exe
C:\WINDOWS\system32\drivers\down\118000.exe
C:\WINDOWS\system32\drivers\down\118109.exe
C:\WINDOWS\system32\drivers\down\118750.exe
C:\WINDOWS\system32\drivers\down\119421.exe
C:\WINDOWS\system32\drivers\down\119890.exe
C:\WINDOWS\system32\drivers\down\120218.exe
C:\WINDOWS\system32\drivers\down\120312.exe
C:\WINDOWS\system32\drivers\down\120468.exe
C:\WINDOWS\system32\drivers\down\121187.exe
C:\WINDOWS\system32\drivers\down\121375.exe
C:\WINDOWS\system32\drivers\down\122406.exe
C:\WINDOWS\system32\drivers\down\122796.exe
C:\WINDOWS\system32\drivers\down\123609.exe
C:\WINDOWS\system32\drivers\down\124234.exe
C:\WINDOWS\system32\drivers\down\125015.exe
C:\WINDOWS\system32\drivers\down\125171.exe
C:\WINDOWS\system32\drivers\down\125343.exe
C:\WINDOWS\system32\drivers\down\126000.exe
C:\WINDOWS\system32\drivers\down\126187.exe
C:\WINDOWS\system32\drivers\down\126406.exe
C:\WINDOWS\system32\drivers\down\126531.exe
C:\WINDOWS\system32\drivers\down\126984.exe
C:\WINDOWS\system32\drivers\down\127203.exe
C:\WINDOWS\system32\drivers\down\127296.exe
C:\WINDOWS\system32\drivers\down\127875.exe
C:\WINDOWS\system32\drivers\down\128140.exe
C:\WINDOWS\system32\drivers\down\129390.exe
C:\WINDOWS\system32\drivers\down\130046.exe
C:\WINDOWS\system32\drivers\down\131062.exe
C:\WINDOWS\system32\drivers\down\131812.exe
C:\WINDOWS\system32\drivers\down\132015.exe
C:\WINDOWS\system32\drivers\down\132890.exe
C:\WINDOWS\system32\drivers\down\133671.exe
C:\WINDOWS\system32\drivers\down\134406.exe
C:\WINDOWS\system32\drivers\down\134937.exe
C:\WINDOWS\system32\drivers\down\135687.exe
C:\WINDOWS\system32\drivers\down\136343.exe
C:\WINDOWS\system32\drivers\down\138250.exe
C:\WINDOWS\system32\drivers\down\138906.exe
C:\WINDOWS\system32\drivers\down\139421.exe
C:\WINDOWS\system32\drivers\down\140593.exe
C:\WINDOWS\system32\drivers\down\142109.exe
C:\WINDOWS\system32\drivers\down\142203.exe
C:\WINDOWS\system32\drivers\down\14582453.exe
C:\WINDOWS\system32\drivers\down\14584125.exe
C:\WINDOWS\system32\drivers\down\14584875.exe
C:\WINDOWS\system32\drivers\down\14584968.exe
C:\WINDOWS\system32\drivers\down\14585187.exe
C:\WINDOWS\system32\drivers\down\14586046.exe
C:\WINDOWS\system32\drivers\down\14586281.exe
C:\WINDOWS\system32\drivers\down\14586843.exe
C:\WINDOWS\system32\drivers\down\14586859.exe
C:\WINDOWS\system32\drivers\down\14586921.exe
C:\WINDOWS\system32\drivers\down\14587781.exe
C:\WINDOWS\system32\drivers\down\14588421.exe
C:\WINDOWS\system32\drivers\down\14597796.exe
C:\WINDOWS\system32\drivers\down\14599984.exe
C:\WINDOWS\system32\drivers\down\14600968.exe
C:\WINDOWS\system32\drivers\down\14601078.exe
C:\WINDOWS\system32\drivers\down\14602203.exe
C:\WINDOWS\system32\drivers\down\14603140.exe
C:\WINDOWS\system32\drivers\down\146437.exe
C:\WINDOWS\system32\drivers\down\14651031.exe
C:\WINDOWS\system32\drivers\down\146515.exe
C:\WINDOWS\system32\drivers\down\14674625.exe
C:\WINDOWS\system32\drivers\down\14680406.exe
C:\WINDOWS\system32\drivers\down\14710546.exe
C:\WINDOWS\system32\drivers\down\14714625.exe
C:\WINDOWS\system32\drivers\down\14714765.exe
C:\WINDOWS\system32\drivers\down\147187.exe
C:\WINDOWS\system32\drivers\down\147218.exe
C:\WINDOWS\system32\drivers\down\14724593.exe
C:\WINDOWS\system32\drivers\down\14726531.exe
C:\WINDOWS\system32\drivers\down\14733453.exe
C:\WINDOWS\system32\drivers\down\14736109.exe
C:\WINDOWS\system32\drivers\down\14746625.exe
C:\WINDOWS\system32\drivers\down\14747921.exe
C:\WINDOWS\system32\drivers\down\14751031.exe
C:\WINDOWS\system32\drivers\down\14752812.exe
C:\WINDOWS\system32\drivers\down\14753359.exe
C:\WINDOWS\system32\drivers\down\14753687.exe
C:\WINDOWS\system32\drivers\down\14754531.exe
C:\WINDOWS\system32\drivers\down\14757625.exe
C:\WINDOWS\system32\drivers\down\14759343.exe
C:\WINDOWS\system32\drivers\down\14787390.exe
C:\WINDOWS\system32\drivers\down\14803281.exe
C:\WINDOWS\system32\drivers\down\14812328.exe
C:\WINDOWS\system32\drivers\down\14817359.exe
C:\WINDOWS\system32\drivers\down\148781.exe
C:\WINDOWS\system32\drivers\down\149203.exe
C:\WINDOWS\system32\drivers\down\150328.exe
C:\WINDOWS\system32\drivers\down\150843.exe
C:\WINDOWS\system32\drivers\down\151125.exe
C:\WINDOWS\system32\drivers\down\151343.exe
C:\WINDOWS\system32\drivers\down\151406.exe
C:\WINDOWS\system32\drivers\down\151703.exe
C:\WINDOWS\system32\drivers\down\151750.exe
C:\WINDOWS\system32\drivers\down\152187.exe
C:\WINDOWS\system32\drivers\down\152421.exe
C:\WINDOWS\system32\drivers\down\153015.exe
C:\WINDOWS\system32\drivers\down\154875.exe
C:\WINDOWS\system32\drivers\down\155375.exe
C:\WINDOWS\system32\drivers\down\155687.exe
C:\WINDOWS\system32\drivers\down\156937.exe
C:\WINDOWS\system32\drivers\down\157453.exe
C:\WINDOWS\system32\drivers\down\157515.exe
C:\WINDOWS\system32\drivers\down\158437.exe
C:\WINDOWS\system32\drivers\down\158546.exe
C:\WINDOWS\system32\drivers\down\158984.exe
C:\WINDOWS\system32\drivers\down\159656.exe
C:\WINDOWS\system32\drivers\down\161359.exe
C:\WINDOWS\system32\drivers\down\161703.exe
C:\WINDOWS\system32\drivers\down\162046.exe
C:\WINDOWS\system32\drivers\down\162781.exe
C:\WINDOWS\system32\drivers\down\162953.exe
C:\WINDOWS\system32\drivers\down\164093.exe
C:\WINDOWS\system32\drivers\down\165484.exe
C:\WINDOWS\system32\drivers\down\165796.exe
C:\WINDOWS\system32\drivers\down\166546.exe
C:\WINDOWS\system32\drivers\down\166734.exe
C:\WINDOWS\system32\drivers\down\166984.exe
C:\WINDOWS\system32\drivers\down\167015.exe
C:\WINDOWS\system32\drivers\down\168062.exe
C:\WINDOWS\system32\drivers\down\168359.exe
C:\WINDOWS\system32\drivers\down\168531.exe
C:\WINDOWS\system32\drivers\down\168859.exe
C:\WINDOWS\system32\drivers\down\169640.exe
C:\WINDOWS\system32\drivers\down\170234.exe
C:\WINDOWS\system32\drivers\down\171156.exe
C:\WINDOWS\system32\drivers\down\171500.exe
C:\WINDOWS\system32\drivers\down\172031.exe
C:\WINDOWS\system32\drivers\down\172312.exe
C:\WINDOWS\system32\drivers\down\172406.exe
C:\WINDOWS\system32\drivers\down\172953.exe
C:\WINDOWS\system32\drivers\down\173156.exe
C:\WINDOWS\system32\drivers\down\173515.exe
C:\WINDOWS\system32\drivers\down\173593.exe
C:\WINDOWS\system32\drivers\down\173609.exe
C:\WINDOWS\system32\drivers\down\173890.exe
C:\WINDOWS\system32\drivers\down\173937.exe
C:\WINDOWS\system32\drivers\down\174750.exe
C:\WINDOWS\system32\drivers\down\175140.exe
C:\WINDOWS\system32\drivers\down\175468.exe
C:\WINDOWS\system32\drivers\down\175812.exe
C:\WINDOWS\system32\drivers\down\176015.exe
C:\WINDOWS\system32\drivers\down\176390.exe
C:\WINDOWS\system32\drivers\down\176437.exe
C:\WINDOWS\system32\drivers\down\176859.exe
C:\WINDOWS\system32\drivers\down\176890.exe
C:\WINDOWS\system32\drivers\down\176968.exe
C:\WINDOWS\system32\drivers\down\178062.exe
C:\WINDOWS\system32\drivers\down\178296.exe
C:\WINDOWS\system32\drivers\down\178453.exe
C:\WINDOWS\system32\drivers\down\178656.exe
C:\WINDOWS\system32\drivers\down\178765.exe
C:\WINDOWS\system32\drivers\down\178906.exe
C:\WINDOWS\system32\drivers\down\179078.exe
C:\WINDOWS\system32\drivers\down\179218.exe
C:\WINDOWS\system32\drivers\down\179437.exe
C:\WINDOWS\system32\drivers\down\179562.exe
C:\WINDOWS\system32\drivers\down\179718.exe
C:\WINDOWS\system32\drivers\down\179828.exe
C:\WINDOWS\system32\drivers\down\180156.exe
C:\WINDOWS\system32\drivers\down\180515.exe
C:\WINDOWS\system32\drivers\down\180671.exe
C:\WINDOWS\system32\drivers\down\181156.exe
C:\WINDOWS\system32\drivers\down\181187.exe
C:\WINDOWS\system32\drivers\down\181312.exe
C:\WINDOWS\system32\drivers\down\181328.exe
C:\WINDOWS\system32\drivers\down\181453.exe
C:\WINDOWS\system32\drivers\down\181468.exe
C:\WINDOWS\system32\drivers\down\181531.exe
C:\WINDOWS\system32\drivers\down\181562.exe
C:\WINDOWS\system32\drivers\down\181671.exe
C:\WINDOWS\system32\drivers\down\181734.exe
C:\WINDOWS\system32\drivers\down\181875.exe
C:\WINDOWS\system32\drivers\down\181906.exe
C:\WINDOWS\system32\drivers\down\181921.exe
C:\WINDOWS\system32\drivers\down\181984.exe
C:\WINDOWS\system32\drivers\down\182265.exe
C:\WINDOWS\system32\drivers\down\182328.exe
C:\WINDOWS\system32\drivers\down\182375.exe
C:\WINDOWS\system32\drivers\down\182453.exe
C:\WINDOWS\system32\drivers\down\182640.exe
C:\WINDOWS\system32\drivers\down\182734.exe
C:\WINDOWS\system32\drivers\down\182859.exe
C:\WINDOWS\system32\drivers\down\182953.exe
C:\WINDOWS\system32\drivers\down\183125.exe
C:\WINDOWS\system32\drivers\down\183171.exe
C:\WINDOWS\system32\drivers\down\183265.exe
C:\WINDOWS\system32\drivers\down\183296.exe
C:\WINDOWS\system32\drivers\down\183500.exe
C:\WINDOWS\system32\drivers\down\183656.exe
C:\WINDOWS\system32\drivers\down\183671.exe
C:\WINDOWS\system32\drivers\down\183687.exe
C:\WINDOWS\system32\drivers\down\183703.exe
C:\WINDOWS\system32\drivers\down\183765.exe
C:\WINDOWS\system32\drivers\down\183859.exe
C:\WINDOWS\system32\drivers\down\183968.exe
C:\WINDOWS\system32\drivers\down\184312.exe
C:\WINDOWS\system32\drivers\down\184328.exe
C:\WINDOWS\system32\drivers\down\184359.exe
C:\WINDOWS\system32\drivers\down\184593.exe
C:\WINDOWS\system32\drivers\down\184609.exe
C:\WINDOWS\system32\drivers\down\184640.exe
C:\WINDOWS\system32\drivers\down\184750.exe
C:\WINDOWS\system32\drivers\down\184796.exe
C:\WINDOWS\system32\drivers\down\184859.exe
C:\WINDOWS\system32\drivers\down\184953.exe
C:\WINDOWS\system32\drivers\down\185078.exe
C:\WINDOWS\system32\drivers\down\185125.exe
C:\WINDOWS\system32\drivers\down\185453.exe
C:\WINDOWS\system32\drivers\down\185562.exe
C:\WINDOWS\system32\drivers\down\185609.exe
C:\WINDOWS\system32\drivers\down\185859.exe
C:\WINDOWS\system32\drivers\down\185921.exe
C:\WINDOWS\system32\drivers\down\186078.exe
C:\WINDOWS\system32\drivers\down\186093.exe
C:\WINDOWS\system32\drivers\down\186140.exe
C:\WINDOWS\system32\drivers\down\186218.exe
C:\WINDOWS\system32\drivers\down\186359.exe
C:\WINDOWS\system32\drivers\down\186437.exe
C:\WINDOWS\system32\drivers\down\186453.exe
C:\WINDOWS\system32\drivers\down\186593.exe
C:\WINDOWS\system32\drivers\down\186796.exe
C:\WINDOWS\system32\drivers\down\186828.exe
C:\WINDOWS\system32\drivers\down\187156.exe
C:\WINDOWS\system32\drivers\down\187296.exe
C:\WINDOWS\system32\drivers\down\187406.exe
C:\WINDOWS\system32\drivers\down\187421.exe
C:\WINDOWS\system32\drivers\down\187484.exe
C:\WINDOWS\system32\drivers\down\187640.exe
C:\WINDOWS\system32\drivers\down\187718.exe
C:\WINDOWS\system32\drivers\down\187843.exe
C:\WINDOWS\system32\drivers\down\187875.exe
C:\WINDOWS\system32\drivers\down\188000.exe
C:\WINDOWS\system32\drivers\down\188156.exe
C:\WINDOWS\system32\drivers\down\188312.exe
C:\WINDOWS\system32\drivers\down\188359.exe
C:\WINDOWS\system32\drivers\down\188375.exe
C:\WINDOWS\system32\drivers\down\188437.exe
C:\WINDOWS\system32\drivers\down\188671.exe
C:\WINDOWS\system32\drivers\down\188812.exe
C:\WINDOWS\system32\drivers\down\189328.exe
C:\WINDOWS\system32\drivers\down\189515.exe
C:\WINDOWS\system32\drivers\down\189734.exe
C:\WINDOWS\system32\drivers\down\189906.exe
C:\WINDOWS\system32\drivers\down\190062.exe
C:\WINDOWS\system32\drivers\down\190375.exe
C:\WINDOWS\system32\drivers\down\190406.exe
C:\WINDOWS\system32\drivers\down\190703.exe
C:\WINDOWS\system32\drivers\down\190859.exe
C:\WINDOWS\system32\drivers\down\191078.exe
C:\WINDOWS\system32\drivers\down\191453.exe
C:\WINDOWS\system32\drivers\down\191578.exe
C:\WINDOWS\system32\drivers\down\191781.exe
C:\WINDOWS\system32\drivers\down\191859.exe
C:\WINDOWS\system32\drivers\down\191937.exe
C:\WINDOWS\system32\drivers\down\192015.exe
C:\WINDOWS\system32\drivers\down\192406.exe
C:\WINDOWS\system32\drivers\down\192578.exe
C:\WINDOWS\system32\drivers\down\192687.exe
C:\WINDOWS\system32\drivers\down\192812.exe
C:\WINDOWS\system32\drivers\down\193437.exe
C:\WINDOWS\system32\drivers\down\193562.exe
C:\WINDOWS\system32\drivers\down\194250.exe
C:\WINDOWS\system32\drivers\down\194453.exe
C:\WINDOWS\system32\drivers\down\194546.exe
C:\WINDOWS\system32\drivers\down\194718.exe
C:\WINDOWS\system32\drivers\down\194734.exe
C:\WINDOWS\system32\drivers\down\194921.exe
C:\WINDOWS\system32\drivers\down\195000.exe
C:\WINDOWS\system32\drivers\down\195781.exe
C:\WINDOWS\system32\drivers\down\195796.exe
C:\WINDOWS\system32\drivers\down\195984.exe
C:\WINDOWS\system32\drivers\down\196421.exe
C:\WINDOWS\system32\drivers\down\196765.exe
C:\WINDOWS\system32\drivers\down\197078.exe
C:\WINDOWS\system32\drivers\down\197750.exe
C:\WINDOWS\system32\drivers\down\198015.exe
C:\WINDOWS\system32\drivers\down\198218.exe
C:\WINDOWS\system32\drivers\down\198312.exe
C:\WINDOWS\system32\drivers\down\198562.exe
C:\WINDOWS\system32\drivers\down\200015.exe
C:\WINDOWS\system32\drivers\down\200406.exe
C:\WINDOWS\system32\drivers\down\201015.exe
C:\WINDOWS\system32\drivers\down\201078.exe
C:\WINDOWS\system32\drivers\down\201562.exe
C:\WINDOWS\system32\drivers\down\201828.exe
C:\WINDOWS\system32\drivers\down\202000.exe
C:\WINDOWS\system32\drivers\down\202046.exe
C:\WINDOWS\system32\drivers\down\202250.exe
C:\WINDOWS\system32\drivers\down\203375.exe
C:\WINDOWS\system32\drivers\down\204015.exe
C:\WINDOWS\system32\drivers\down\204750.exe
C:\WINDOWS\system32\drivers\down\204828.exe
C:\WINDOWS\system32\drivers\down\204937.exe
C:\WINDOWS\system32\drivers\down\205781.exe
C:\WINDOWS\system32\drivers\down\205875.exe
C:\WINDOWS\system32\drivers\down\205890.exe
C:\WINDOWS\system32\drivers\down\206250.exe
C:\WINDOWS\system32\drivers\down\207000.exe
C:\WINDOWS\system32\drivers\down\207093.exe
C:\WINDOWS\system32\drivers\down\207125.exe
C:\WINDOWS\system32\drivers\down\207828.exe
C:\WINDOWS\system32\drivers\down\208015.exe
C:\WINDOWS\system32\drivers\down\208296.exe
C:\WINDOWS\system32\drivers\down\208312.exe
C:\WINDOWS\system32\drivers\down\209015.exe
C:\WINDOWS\system32\drivers\down\209640.exe
C:\WINDOWS\system32\drivers\down\209734.exe
C:\WINDOWS\system32\drivers\down\210406.exe
C:\WINDOWS\system32\drivers\down\212375.exe
C:\WINDOWS\system32\drivers\down\212812.exe
C:\WINDOWS\system32\drivers\down\214421.exe
C:\WINDOWS\system32\drivers\down\215421.exe
C:\WINDOWS\system32\drivers\down\215593.exe
C:\WINDOWS\system32\drivers\down\216875.exe
C:\WINDOWS\system32\drivers\down\217687.exe
C:\WINDOWS\system32\drivers\down\218531.exe
C:\WINDOWS\system32\drivers\down\219968.exe
C:\WINDOWS\system32\drivers\down\221546.exe
C:\WINDOWS\system32\drivers\down\221828.exe
C:\WINDOWS\system32\drivers\down\222375.exe
C:\WINDOWS\system32\drivers\down\222781.exe
C:\WINDOWS\system32\drivers\down\223234.exe
C:\WINDOWS\system32\drivers\down\226328.exe
C:\WINDOWS\system32\drivers\down\226500.exe
C:\WINDOWS\system32\drivers\down\226687.exe
C:\WINDOWS\system32\drivers\down\226765.exe
C:\WINDOWS\system32\drivers\down\227328.exe
C:\WINDOWS\system32\drivers\down\227421.exe
C:\WINDOWS\system32\drivers\down\228140.exe
C:\WINDOWS\system32\drivers\down\228203.exe
C:\WINDOWS\system32\drivers\down\228593.exe
C:\WINDOWS\system32\drivers\down\229203.exe
C:\WINDOWS\system32\drivers\down\229234.exe
C:\WINDOWS\system32\drivers\down\232312.exe
C:\WINDOWS\system32\drivers\down\232437.exe
C:\WINDOWS\system32\drivers\down\234718.exe
C:\WINDOWS\system32\drivers\down\235640.exe
C:\WINDOWS\system32\drivers\down\236796.exe
C:\WINDOWS\system32\drivers\down\237203.exe
C:\WINDOWS\system32\drivers\down\237343.exe
C:\WINDOWS\system32\drivers\down\238984.exe
C:\WINDOWS\system32\drivers\down\240062.exe
C:\WINDOWS\system32\drivers\down\241000.exe
C:\WINDOWS\system32\drivers\down\244140.exe
C:\WINDOWS\system32\drivers\down\244750.exe
C:\WINDOWS\system32\drivers\down\246718.exe
C:\WINDOWS\system32\drivers\down\253671.exe
C:\WINDOWS\system32\drivers\down\255343.exe
C:\WINDOWS\system32\drivers\down\255937.exe
C:\WINDOWS\system32\drivers\down\256281.exe
C:\WINDOWS\system32\drivers\down\256718.exe
C:\WINDOWS\system32\drivers\down\259125.exe
C:\WINDOWS\system32\drivers\down\261796.exe
C:\WINDOWS\system32\drivers\down\264031.exe
C:\WINDOWS\system32\drivers\down\266375.exe
C:\WINDOWS\system32\drivers\down\267203.exe
C:\WINDOWS\system32\drivers\down\269359.exe
C:\WINDOWS\system32\drivers\down\270281.exe
C:\WINDOWS\system32\drivers\down\274656.exe
C:\WINDOWS\system32\drivers\down\275609.exe
C:\WINDOWS\system32\drivers\down\276640.exe
C:\WINDOWS\system32\drivers\down\278000.exe
C:\WINDOWS\system32\drivers\down\278562.exe
C:\WINDOWS\system32\drivers\down\279078.exe
C:\WINDOWS\system32\drivers\down\283734.exe
C:\WINDOWS\system32\drivers\down\286281.exe
C:\WINDOWS\system32\drivers\down\287406.exe
C:\WINDOWS\system32\drivers\down\287937.exe
C:\WINDOWS\system32\drivers\down\289265.exe
C:\WINDOWS\system32\drivers\down\290500.exe
C:\WINDOWS\system32\drivers\down\290781.exe
C:\WINDOWS\system32\drivers\down\291453.exe
C:\WINDOWS\system32\drivers\down\295468.exe
C:\WINDOWS\system32\drivers\down\295500.exe
C:\WINDOWS\system32\drivers\down\297656.exe
C:\WINDOWS\system32\drivers\down\307953.exe
C:\WINDOWS\system32\drivers\down\310531.exe
C:\WINDOWS\system32\drivers\down\3117328.exe
C:\WINDOWS\system32\drivers\down\3119234.exe
C:\WINDOWS\system32\drivers\down\3120515.exe
C:\WINDOWS\system32\drivers\down\3120640.exe
C:\WINDOWS\system32\drivers\down\3121531.exe
C:\WINDOWS\system32\drivers\down\3122281.exe
C:\WINDOWS\system32\drivers\down\315453.exe
C:\WINDOWS\system32\drivers\down\316406.exe
C:\WINDOWS\system32\drivers\down\319625.exe
C:\WINDOWS\system32\drivers\down\320875.exe
C:\WINDOWS\system32\drivers\down\324015.exe
C:\WINDOWS\system32\drivers\down\324109.exe
C:\WINDOWS\system32\drivers\down\324859.exe
C:\WINDOWS\system32\drivers\down\325656.exe
C:\WINDOWS\system32\drivers\down\326593.exe
C:\WINDOWS\system32\drivers\down\329671.exe
C:\WINDOWS\system32\drivers\down\333093.exe
C:\WINDOWS\system32\drivers\down\333406.exe
C:\WINDOWS\system32\drivers\down\333812.exe
C:\WINDOWS\system32\drivers\down\335171.exe
C:\WINDOWS\system32\drivers\down\335500.exe
C:\WINDOWS\system32\drivers\down\336031.exe
C:\WINDOWS\system32\drivers\down\340125.exe
C:\WINDOWS\system32\drivers\down\348156.exe
C:\WINDOWS\system32\drivers\down\352640.exe
C:\WINDOWS\system32\drivers\down\353031.exe
C:\WINDOWS\system32\drivers\down\356484.exe
C:\WINDOWS\system32\drivers\down\365000.exe
C:\WINDOWS\system32\drivers\down\368875.exe
C:\WINDOWS\system32\drivers\down\374859.exe
C:\WINDOWS\system32\drivers\down\378546.exe
C:\WINDOWS\system32\drivers\down\409484.exe
C:\WINDOWS\system32\drivers\down\424734.exe
C:\WINDOWS\system32\drivers\down\435859.exe
C:\WINDOWS\system32\drivers\down\437796.exe
C:\WINDOWS\system32\drivers\down\438781.exe
C:\WINDOWS\system32\drivers\down\448875.exe
C:\WINDOWS\system32\drivers\down\452593.exe
C:\WINDOWS\system32\drivers\down\454562.exe
C:\WINDOWS\system32\drivers\down\455281.exe
C:\WINDOWS\system32\drivers\down\455375.exe
C:\WINDOWS\system32\drivers\down\456171.exe
C:\WINDOWS\system32\drivers\down\456765.exe
C:\WINDOWS\system32\drivers\down\469703.exe
C:\WINDOWS\system32\drivers\down\62640.exe
C:\WINDOWS\system32\drivers\down\64140.exe
C:\WINDOWS\system32\drivers\down\64765.exe
C:\WINDOWS\system32\drivers\down\64859.exe
C:\WINDOWS\system32\drivers\down\65781.exe
C:\WINDOWS\system32\drivers\down\664015.exe
C:\WINDOWS\system32\drivers\down\66421.exe
C:\WINDOWS\system32\drivers\down\66468.exe
C:\WINDOWS\system32\drivers\down\666875.exe
C:\WINDOWS\system32\drivers\down\667609.exe
C:\WINDOWS\system32\drivers\down\667953.exe
C:\WINDOWS\system32\drivers\down\668781.exe
C:\WINDOWS\system32\drivers\down\669453.exe
C:\WINDOWS\system32\drivers\down\73265.exe
C:\WINDOWS\system32\drivers\down\73718.exe
C:\WINDOWS\system32\drivers\down\74625.exe
C:\WINDOWS\system32\drivers\down\74843.exe
C:\WINDOWS\system32\drivers\down\75640.exe
C:\WINDOWS\system32\drivers\down\76046.exe
C:\WINDOWS\system32\drivers\down\76781.exe
C:\WINDOWS\system32\drivers\down\78640.exe
C:\WINDOWS\system32\drivers\down\79968.exe
C:\WINDOWS\system32\drivers\down\81390.exe
C:\WINDOWS\system32\drivers\down\82359.exe
C:\WINDOWS\system32\drivers\down\83031.exe
C:\WINDOWS\system32\drivers\down\83343.exe
C:\WINDOWS\system32\drivers\down\84984.exe
C:\WINDOWS\system32\drivers\down\85796.exe
C:\WINDOWS\system32\drivers\down\87218.exe
C:\WINDOWS\system32\drivers\down\87796.exe
C:\WINDOWS\system32\drivers\down\88718.exe
C:\WINDOWS\system32\drivers\down\90046.exe
C:\WINDOWS\system32\drivers\down\90531.exe
C:\WINDOWS\system32\drivers\down\92093.exe
C:\WINDOWS\system32\drivers\down\92203.exe
C:\WINDOWS\system32\drivers\down\95031.exe
C:\WINDOWS\system32\drivers\down\95484.exe
C:\WINDOWS\system32\drivers\down\95640.exe
C:\WINDOWS\system32\drivers\down\97609.exe
C:\WINDOWS\system32\drivers\down\98484.exe
C:\WINDOWS\system32\drivers\hldrrr.exe
C:\WINDOWS\system32\drivers\srosa.sys
C:\WINDOWS\system32\jjjlm.ini
C:\WINDOWS\system32\jjjlm.ini2
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\mdelk.exe
C:\WINDOWS\system32\mljjj.dll
C:\WINDOWS\system32\nGpxx01
C:\WINDOWS\system32\nGpxx01\nGpxx011065.exe
C:\WINDOWS\system32\odddspaq.dll
C:\WINDOWS\system32\opnkjkh.dll
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\tzimhhvs.dll
C:\WINDOWS\system32\tzimhhvs.dllbox
C:\WINDOWS\system32\uacsrkdb.dll
C:\WINDOWS\system32\wintems.exe
C:\WINDOWS\tk58.exe
C:\WINDOWS\uninstall_nmon.vbs
C:\WINDOWS\V2VzbGV5\
C:\WINDOWS\V2VzbGV5\\asappsrv.dll
C:\WINDOWS\V2VzbGV5\\command.exe
C:\WINDOWS\V2VzbGV5\\pZpWv3pc.vbs
C:\WINDOWS\V2VzbGV5\command.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_CMDSERVICE
-------\LEGACY_NETWORK_MONITOR
-------\LEGACY_SROSA
-------\cmdService
-------\Network Monitor
-------\srosa


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-01-17 to 2008-02-17 ))))))))))))))))))))))))))))))))))))
.

2008-02-17 16:02 . 2008-02-17 16:02 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-02-17 16:02 . 2008-02-17 16:02 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-02-17 13:44 . 2008-02-17 13:44 <REP> dr------- C:\Documents and Settings\All Users.WINDOWS\Application Data\SalesMon
2008-02-17 13:44 . 2004-10-07 13:39 89,088 --a------ C:\WINDOWS\system32\atl71.dll
2008-02-17 13:36 . 2008-02-17 13:36 <REP> d-------- C:\Program Files\xInsIDE
2008-02-16 16:42 . 2008-02-17 17:14 50 --a------ C:\WINDOWS\MegaManager.INI
2008-02-16 16:06 . 2008-02-16 16:06 <REP> d-------- C:\Documents and Settings\Wesley\Application Data\Megaupload
2008-02-16 16:05 . 2008-02-16 16:05 <REP> d-------- C:\Program Files\MegauploadToolbar
2008-02-16 16:05 . 2008-02-17 14:14 <REP> d-------- C:\Documents and Settings\Wesley\Application Data\MegauploadToolbar
2008-02-16 16:04 . 2008-02-16 16:04 <REP> d-------- C:\Program Files\Megaupload
2008-02-16 16:03 . 2008-02-16 16:03 <REP> d-------- C:\Documents and Settings\Wesley\Application Data\InstallShield
2008-02-16 14:43 . 2008-02-16 14:43 <REP> d-------- C:\Program Files\Zango
2008-02-16 14:43 . 2008-02-16 16:05 <REP> d-------- C:\Documents and Settings\Wesley\Application Data\Zango
2008-02-16 14:43 . 2008-02-16 14:43 <REP> d-------- C:\Documents and Settings\Wesley\Application Data\WeatherDPA
2008-02-16 14:43 . 2008-02-17 17:58 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\ZangoSA
2008-02-16 14:43 . 2008-02-16 14:43 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
2008-02-16 12:48 . 2008-02-16 12:48 <REP> d-------- C:\WINDOWS\system32\rp1
2008-02-16 12:48 . 2008-02-16 12:48 <REP> d-------- C:\WINDOWS\system32\mq9
2008-02-16 12:41 . 2008-02-16 12:55 <REP> d-------- C:\Program Files\MessengerDiscovery
2008-02-16 11:35 . 2006-08-08 18:53 635,520 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-02-16 11:35 . 2004-01-09 11:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-02-16 11:35 . 2006-08-05 08:18 90,112 --a------ C:\WINDOWS\system32\AVASTSS.scr
2008-02-16 11:35 . 2006-08-05 17:25 87,424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-02-16 11:35 . 2006-08-05 17:25 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-02-16 11:35 . 2006-08-05 17:22 36,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-02-16 11:35 . 2006-08-05 17:20 24,304 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-02-16 11:35 . 2006-08-05 17:24 16,352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-02-06 23:32 . 2008-02-06 23:32 268 --ah----- C:\sqmdata17.sqm
2008-02-06 23:32 . 2008-02-06 23:32 244 --ah----- C:\sqmnoopt17.sqm
2008-01-28 23:19 . 2008-01-28 23:19 268 --ah----- C:\sqmdata09.sqm
2008-01-28 23:19 . 2008-01-28 23:19 244 --ah----- C:\sqmnoopt09.sqm
2008-01-25 20:44 . 2008-01-25 20:44 268 --ah----- C:\sqmdata06.sqm
2008-01-25 20:44 . 2008-01-25 20:44 244 --ah----- C:\sqmnoopt06.sqm
2008-01-23 01:50 . 2008-02-15 00:22 <REP> d-------- C:\Program Files\iArt
2008-01-23 01:50 . 2008-01-23 01:50 <REP> d-------- C:\Lyrics
2008-01-23 01:50 . 2008-02-15 00:22 <REP> d-------- C:\Documents and Settings\Wesley\Application Data\MiniLyrics
2008-01-23 01:50 . 2008-01-23 01:50 7 --ahs---- C:\WINDOWS\iTiAN.id.uses
2008-01-23 01:45 . 2008-01-23 01:45 <REP> d-------- C:\WINDOWS\system32\URTTemp
2008-01-23 01:35 . 2008-01-23 01:35 <REP> d-------- C:\Program Files\Minilyrics
2008-01-23 01:09 . 2008-01-23 01:09 <REP> d-------- C:\Documents and Settings\Wesley\Application Data\Todae
2008-01-22 23:19 . 2008-01-22 23:19 <REP> d-------- C:\Program Files\Micro Application
2008-01-22 23:19 . 2008-01-22 23:19 1,057,560 --a------ C:\WINDOWS\system32\O2CPlayer.OCX
2008-01-22 23:19 . 1995-09-20 16:13 977,680 --a------ C:\WINDOWS\system32\msjt3032.dll
2008-01-22 23:19 . 1998-05-18 03:06 368,912 --a------ C:\WINDOWS\system32\vbar332.dll
2008-01-22 23:19 . 1995-09-24 11:02 243,472 --a------ C:\WINDOWS\system32\vbar2232.dll
2008-01-22 23:19 . 1995-09-24 00:53 37,376 --a------ C:\WINDOWS\system32\ven2232.olb
2008-01-22 23:19 . 1995-09-20 16:16 35,088 --a------ C:\WINDOWS\system32\msjint32.dll
2008-01-22 23:19 . 1995-09-20 16:16 23,824 --a------ C:\WINDOWS\system32\msjter32.dll
2008-01-20 23:44 . 2004-01-06 01:50 <REP> d-------- C:\Program Files\Winamp
2008-01-20 23:24 . 2008-01-20 23:24 <REP> d-------- C:\Program Files\Free iPod Video Converter
2008-01-20 20:40 . 2008-01-20 23:37 <REP> d-------- C:\Documents and Settings\Wesley\Application Data\CopyTransPhoto
2008-01-20 20:40 . 2008-01-20 21:14 <REP> d-------- C:\Documents and Settings\Wesley\Application Data\CopyTrans
2008-01-20 20:39 . 2008-01-20 20:39 <REP> d-------- C:\Program Files\WindSolutions
2008-01-18 23:22 . 2008-01-18 23:22 <REP> d-------- C:\Program Files\Red Kawa
2008-01-18 23:22 . 2008-01-18 23:22 <REP> d-------- C:\Program Files\AviSynth 2.5
2008-01-18 22:33 . 2008-01-18 23:24 <REP> d-------- C:\Program Files\EphPod
2008-01-18 19:44 . 2008-01-18 19:44 268 --ah----- C:\sqmdata03.sqm
2008-01-18 19:44 . 2008-01-18 19:44 244 --ah----- C:\sqmnoopt03.sqm
2008-01-18 19:41 . 2008-01-18 19:41 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-18 19:40 . 2008-01-18 19:40 <REP> d-------- C:\Program Files\iPod

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-17 17:38 --------- d-----w C:\Program Files\Windows Live
2008-02-17 12:47 10 ----a-w C:\Program Files\.autoreg
2008-02-16 17:32 --------- d-----w C:\Program Files\eMule
2008-02-16 15:04 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-16 14:31 --------- d-----w C:\Documents and Settings\Wesley\Application Data\Azureus
2008-02-16 11:55 --------- d-----w C:\Program Files\MSN Messenger
2008-02-16 11:48 --------- d-----w C:\Program Files\Apple Software Update
2008-02-16 10:35 --------- d-----w C:\Program Files\Alwil Software
2008-01-22 23:43 --------- d-----w C:\Documents and Settings\Wesley\Application Data\LimeWire
2008-01-22 18:52 --------- d-----w C:\Program Files\Azureus
2008-01-18 18:40 --------- d-----w C:\Program Files\iTunes
2008-01-18 18:38 --------- d-----w C:\Program Files\QuickTime
2008-01-13 20:57 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2008-01-13 14:16 --------- d-----w C:\Program Files\ImTOO
2008-01-10 19:24 --------- d-----w C:\Program Files\HP Photosmart 11
2008-01-07 21:34 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Azureus
2008-01-07 19:26 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Last.fm
2008-01-07 19:14 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-01-07 18:57 --------- d-----w C:\Program Files\Java
2008-01-06 10:29 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Messenger Plus!
2008-01-05 23:29 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-01-05 20:47 --------- d-----w C:\Program Files\LimeWire
2008-01-05 20:46 --------- d-----w C:\Program Files\Fichiers communs\Java
2008-01-05 20:33 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\WLInstaller
2008-01-05 20:07 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-12-31 18:39 --------- d-----w C:\Program Files\WebCamDV
2007-12-31 18:29 --------- d-----w C:\Program Files\Active WebCam
2007-12-31 18:23 --------- d-----w C:\Program Files\Privat-Webcam G3 Server
2007-12-31 18:01 --------- d-----w C:\Program Files\Trust
2007-12-31 18:00 --------- d-----w C:\Program Files\Fichiers communs\snp2std
2007-12-31 18:00 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2007-12-31 15:17 --------- d-----w C:\Program Files\Services en ligne
2007-12-31 11:14 --------- d-----w C:\Documents and Settings\Wesley\Application Data\Thunderbird
2007-12-31 11:14 --------- d-----w C:\Documents and Settings\Wesley\Application Data\Talkback
2007-12-31 11:08 --------- d-----w C:\Program Files\Nero
2007-12-31 11:08 --------- d-----w C:\Documents and Settings\Wesley\Application Data\Ahead
2007-12-31 11:00 --------- d-----w C:\Program Files\Registry Clean Expert
2007-12-31 00:59 --------- d-----w C:\Documents and Settings\Wesley\Application Data\vlc
2007-12-31 00:56 --------- d-----w C:\Program Files\VideoLAN
2007-12-31 00:50 --------- d-----w C:\Program Files\DivX
2007-12-30 17:55 --------- d-----w C:\Program Files\RegCleaner
2007-12-30 17:48 --------- d-----w C:\Program Files\Illustrate
2007-12-30 17:31 --------- d-----w C:\Program Files\Microsoft Works
2007-12-30 17:13 --------- d-----w C:\Program Files\Microsoft.NET
2007-12-30 17:02 --------- d-----w C:\Program Files\totalcmd
2007-12-30 16:55 --------- d-----w C:\Documents and Settings\Wesley_pc\Application Data\XnView
2007-12-30 16:54 --------- d-----w C:\Program Files\TC UP
2007-12-30 16:51 --------- d-----w C:\Documents and Settings\Wesley_pc\Application Data\HEXelon
2007-12-30 16:40 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2007-12-30 16:38 --------- d-----w C:\Program Files\Fichiers communs\Ahead
2007-12-30 16:38 --------- d-----w C:\Documents and Settings\Wesley_pc\Application Data\Ahead
2007-12-30 16:23 --------- d-----w C:\Documents and Settings\Wesley_pc\Application Data\ACD Systems
2007-12-30 16:22 --------- d-----w C:\Program Files\ACD Systems
2007-12-30 15:52 --------- d-----w C:\Program Files\microsoft frontpage
2007-12-30 15:49 --------- d-----w C:\Program Files\Fichiers communs\MSSoap
2004-08-19 15:09 65,024 --sha-w C:\WINDOWS\system32\asycfilt.dll
2006-08-25 15:51 617,472 --sha-w C:\WINDOWS\system32\comctl32.dll
2004-08-19 15:09 1,028,096 --sha-w C:\WINDOWS\system32\mfc42.dll
2001-08-28 12:00 57,344 --sha-w C:\WINDOWS\system32\mfc42loc.dll
2004-08-19 15:09 413,696 --sha-w C:\WINDOWS\system32\msvcp60.dll
2004-08-19 15:09 343,040 --sha-w C:\WINDOWS\system32\msvcrt.dll
2001-08-28 12:00 253,952 --sha-w C:\WINDOWS\system32\msvcrt20.dll
2007-05-17 11:29 549,376 --sha-w C:\WINDOWS\system32\oleaut32.dll
2004-08-19 15:09 83,456 --sha-w C:\WINDOWS\system32\olepro32.dll
2004-08-19 15:09 30,749 --sha-w C:\WINDOWS\system32\vbajet32.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{43C6D079-EA19-402A-9D1C-772385E1118B}]
2008-02-08 02:07 217088 --a------ C:\Program Files\Apple Software Update\potexy89104.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E1BACF55-35E1-4E47-9247-2D48660E5545}]
2007-12-13 20:54 546056 --a------ C:\Program Files\Zango\bin\10.1.181.0\HostIE.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{E1BACF55-35E1-4E47-9247-2D48660E5545}
{4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C}

[HKEY_CLASSES_ROOT\clsid\{e1bacf55-35e1-4e47-9247-2d48660e5545}]
[HKEY_CLASSES_ROOT\HostIE.Bho.1]
[HKEY_CLASSES_ROOT\TypeLib\{087C4054-0A2B-4F35-B0DB-BED3E21650F4}]
[HKEY_CLASSES_ROOT\HostIE.Bho]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{E1BACF55-35E1-4E47-9247-2D48660E5545}"= C:\Program Files\Zango\bin\10.1.181.0\HostIE.dll [2007-12-13 20:54 546056]

[HKEY_CLASSES_ROOT\clsid\{e1bacf55-35e1-4e47-9247-2d48660e5545}]
[HKEY_CLASSES_ROOT\HostIE.Bho.1]
[HKEY_CLASSES_ROOT\TypeLib\{087C4054-0A2B-4F35-B0DB-BED3E21650F4}]
[HKEY_CLASSES_ROOT\HostIE.Bho]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"xInsIDE"="C:\Program Files\xInsIDE\xInsIDE.exe" [2008-02-17 13:36 53248]
"Router"="C:\Program Files\Router\Router.exe" [ ]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nForce Tray Options"="sstray.exe" [2002-11-13 15:34 73728 C:\WINDOWS\system32\sstray.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2003-01-10 22:04 4263936]
"nwiz"="nwiz.exe" [2003-01-10 22:04 315392 C:\WINDOWS\system32\nwiz.exe]
"Trickler"="c:\program files\divx\divx pro codec\gain_trickler_3102a.exe" [ ]
"snp2std"="C:\WINDOWS\vsnp2std.exe" [2005-11-16 16:14 344064]
"OWCWebCamDV"="C:\WINDOWS\system\wcdvtray.exe" [2002-10-07 11:45 41041]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe" [2002-11-22 11:29 188416]
"HPHmon04"="C:\WINDOWS\system32\hphmon04.exe" [2002-11-22 11:28 348160]
"HPHUPD04"="C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe" [ ]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-10 15:27 385024]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-01-15 03:22 267048]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-02-17 18:36 108160]
"ZangoOE"="C:\Program Files\Zango\bin\10.1.181.0\OEAddOn.exe" [2007-12-13 20:53 91400]
"ZangoSA"="C:\Program Files\Zango\bin\10.1.181.0\ZangoSA.exe" [2007-12-13 21:13 724232]
"ucookw"="C:\PROGRA~1\STORAG~1\ucookw.exe" [ ]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 16:09 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegClean Expert Scheduler]
C:\Program Files\Registry Clean Expert\RCScheduler.exe

R2 WebCamDV;WebCamDV DV to Webcam Converter;C:\WINDOWS\system32\DRIVERS\WebCamDV.sys [2002-10-07 11:45]
R3 WCDV_Aud;WevCamDV WDM Virtual Audio Device;C:\WINDOWS\system32\drivers\wcdvaud.sys [2003-01-23 15:38]
S3 NtApm;Pilote d'interface NT APM/hérité;C:\WINDOWS\system32\DRIVERS\NtApm.sys [2001-08-28 13:00]
S3 SNP2STD;USB2.0 PC Camera (SNP2STD);C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2005-11-18 18:29]

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2003-12-31 23:08:38 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-17 18:51:12
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Last.fm\LastFMHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\HPHipm11.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-02-17 18:54:40 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-17 17:54:37
.
2004-01-01 02:02:01 --- E O F ---

Désolé mais le rapport est un peu long.

merci encore.

Reposte un rapport Hijackthis.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:30:39, on 17/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\sstray.exe
C:\WINDOWS\vsnp2std.exe
C:\WINDOWS\system\wcdvtray.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\system32\hphmon04.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Zango\bin\10.1.181.0\OEAddOn.exe
C:\Program Files\Zango\bin\10.1.181.0\ZangoSA.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\xInsIDE\xInsIDE.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Last.fm\LastFMHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Megaupload\Mega Manager\MegaManager.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Wesley\LOCALS~1\Temp\Rar$EX08.484\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {43C6D079-EA19-402A-9D1C-772385E1118B} - C:\Program Files\Apple Software Update\potexy89104.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Zango /fleok=1D8A83A5C2E4197C9EAC6A2A1FBB39BFE4976E26CAEDA120180A196D6093 - {E1BACF55-35E1-4E47-9247-2D48660E5545} - C:\Program Files\Zango\bin\10.1.181.0\HostIE.dll
O2 - BHO: 0 - {E566C0EC-2CBF-47D2-F790-9A3051F9625E} - C:\Program Files\Windows Live\laxuki.dll
O3 - Toolbar: Zango - {E1BACF55-35E1-4E47-9247-2D48660E5545} - C:\Program Files\Zango\bin\10.1.181.0\HostIE.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Trickler] "c:\program files\divx\divx pro codec\gain_trickler_3102a.exe"
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [OWCWebCamDV] C:\WINDOWS\system\wcdvtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe
O4 - HKLM\..\Run: [HPHUPD04] "C:\Program Files\HP Photosmart 11\hphinstall\UniPatch\hphupd04.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ZangoOE] C:\Program Files\Zango\bin\10.1.181.0\OEAddOn.exe
O4 - HKLM\..\Run: [ZangoSA] "C:\Program Files\Zango\bin\10.1.181.0\ZangoSA.exe"
O4 - HKLM\..\Run: [ucookw] "C:\PROGRA~1\STORAG~1\ucookw.exe" -start
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [xInsIDE] C:\Program Files\xInsIDE\xInsIDE.exe
O4 - HKCU\..\Run: [Router] C:\Program Files\Router\Router.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe

--
End of file - 6485 bytes

voila

Je crois que sa va mieux depuis l'analyse de combo-fix.
Mes cleaner remarche mon antivirus aussi.
J'en ai profité pour faire un nettoyage avec CCleaner.
Puis réinstaller avast avec l'analyse du disque dur au démarage et j'ai supprimé pas mal de virus (trojan etc...).

Donc voila.

Je souhaiterais quand même que vous me disiez ce qu'il clochais dans mon rapport hijackthis SVP.

Merci pour l'aide Angeldark!

Re,

[#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :



Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
[#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]

Avec redémarrage.
Voici le rapport Combo-Fix:

ComboFix 08-02-15.1 - Wesley 2008-02-18 14:42:29.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.84 [GMT 1:00]
Endroit: C:\Documents and Settings\Wesley\Bureau\Combo-Fix.exe
Command switches used :: C:\Documents and Settings\Wesley\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

FILE
C:\Program Files\Apple Software Update\potexy89104.dll
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Apple Software Update\potexy89104.dll
C:\Program Files\Zango
C:\Program Files\Zango\bin\10.1.181.0\arrow.ico
C:\Program Files\Zango\bin\10.1.181.0\copyright.txt
C:\Program Files\Zango\bin\10.1.181.0\CoreSrv.dll
C:\Program Files\Zango\bin\10.1.181.0\firefox\extensions\chrome.manifest
C:\Program Files\Zango\bin\10.1.181.0\firefox\extensions\components\npclntax.xpt
C:\Program Files\Zango\bin\10.1.181.0\firefox\extensions\install.rdf
C:\Program Files\Zango\bin\10.1.181.0\firefox\extensions\plugins\npclntax_ZangoSA.dll
C:\Program Files\Zango\bin\10.1.181.0\HostIE.dll
C:\Program Files\Zango\bin\10.1.181.0\HostOE.dll
C:\Program Files\Zango\bin\10.1.181.0\HostOL.dll
C:\Program Files\Zango\bin\10.1.181.0\InstIE.dll
C:\Program Files\Zango\bin\10.1.181.0\link.ico
C:\Program Files\Zango\bin\10.1.181.0\OEAddOn.exe
C:\Program Files\Zango\bin\10.1.181.0\Srv.exe
C:\Program Files\Zango\bin\10.1.181.0\Toolbar.dll
C:\Program Files\Zango\bin\10.1.181.0\Wallpaper.dll
C:\Program Files\Zango\bin\10.1.181.0\Weather.exe
C:\Program Files\Zango\bin\10.1.181.0\WeSkin.dll
C:\Program Files\Zango\bin\10.1.181.0\ZangoSA.exe
C:\Program Files\Zango\bin\10.1.181.0\ZangoSAAX.dll
C:\Program Files\Zango\bin\10.1.181.0\ZangoSADF.exe
C:\Program Files\Zango\bin\10.1.181.0\ZangoSAHook.dll
C:\Program Files\Zango\bin\10.1.181.0\ZangoUninstaller.exe

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-01-18 to 2008-02-18 ))))))))))))))))))))))))))))))))))))
.

2008-02-18 00:36 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-02-18 00:36 . 2004-01-09 11:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-02-18 00:36 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AVASTSS.scr
2008-02-18 00:36 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-02-18 00:36 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-02-18 00:36 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-02-18 00:36 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-02-18 00:36 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-02-18 00:25 . 2008-02-18 00:27 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-02-18 00:19 . 2008-02-18 00:19 <REP> d-------- C:\Documents and Settings\Wesley\WINDOWS
2008-02-18 00:14 . 2008-02-18 00:19 <REP> d-------- C:\Program Files\Yahoo!
2008-02-18 00:13 . 2008-02-18 00:14 <REP> d-------- C:\Program Files\CCleaner
2008-02-17 23:37 . 2008-02-17 23:37 <REP> d-------- C:\Program Files\directx
2008-02-17 22:55 . 2008-02-17 23:02 <REP> d-------- C:\Program Files\Web Media Player
2008-02-17 22:06 . 2008-02-17 22:08 684 --a------ C:\WINDOWS\mozver.dat
2008-02-17 20:23 . 2008-02-18 14:48 <REP> d-------- C:\Program Files\Steam
2008-02-17 16:02 . 2008-02-17 16:02 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-02-17 16:02 . 2008-02-17 20:23 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-02-17 13:44 . 2008-02-17 13:44 <REP> dr------- C:\Documents and Settings\All Users.WINDOWS\Application Data\SalesMon
2008-02-17 13:44 . 2004-10-07 13:39 89,088 --a------ C:\WINDOWS\system32\atl71.dll
2008-02-17 13:36 . 2008-02-17 13:36 <REP> d-------- C:\Program Files\xInsIDE
2008-02-16 16:42 . 2008-02-18 12:57 50 --a------ C:\WINDOWS\MegaManager.INI
2008-02-16 16:06 . 2008-02-16 16:06 <REP> d-------- C:\Documents and Settings\Wesley\Application Data\Megaupload
2008-02-16 16:04 . 2008-02-16 16:04 <REP> d-------- C:\Program Files\Megaupload
2008-02-16 16:03 . 2008-02-16 16:03 <REP> d-------- C:\Documents and Settings\Wesley\Application Data\InstallShield
2008-02-16 14:43 . 2008-02-16 16:05 <REP> d-------- C:\Documents and Settings\Wesley\Application Data\Zango
2008-02-16 14:43 . 2008-02-16 14:43 <REP> d-------- C:\Documents and Settings\Wesley\Application Data\WeatherDPA
2008-02-16 14:43 . 2008-02-18 11:02 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\ZangoSA
2008-02-16 14:43 . 2008-02-16 14:43 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
2008-02-16 12:48 . 2008-02-18 01:06 <REP> d-------- C:\WINDOWS\system32\rp1
2008-02-16 12:48 . 2008-02-16 12:48 <REP> d-------- C:\WINDOWS\system32\mq9
2008-02-16 12:41 . 2008-02-16 12:55 <REP> d-------- C:\Program Files\MessengerDiscovery
2008-02-06 23:32 . 2008-02-06 23:32 268 --ah----- C:\sqmdata17.sqm
2008-02-06 23:32 . 2008-02-06 23:32 244 --ah----- C:\sqmnoopt17.sqm
2008-01-28 23:19 . 2008-01-28 23:19 268 --ah----- C:\sqmdata09.sqm
2008-01-28 23:19 . 2008-01-28 23:19 244 --ah----- C:\sqmnoopt09.sqm
2008-01-25 20:44 . 2008-01-25 20:44 268 --ah----- C:\sqmdata06.sqm
2008-01-25 20:44 . 2008-01-25 20:44 244 --ah----- C:\sqmnoopt06.sqm
2008-01-23 01:50 . 2008-02-15 00:22 <REP> d-------- C:\Program Files\iArt
2008-01-23 01:50 . 2008-01-23 01:50 <REP> d-------- C:\Lyrics
2008-01-23 01:50 . 2008-02-15 00:22 <REP> d-------- C:\Documents and Settings\Wesley\Application Data\MiniLyrics
2008-01-23 01:50 . 2008-01-23 01:50 7 --ahs---- C:\WINDOWS\iTiAN.id.uses
2008-01-23 01:45 . 2008-01-23 01:45 <REP> d-------- C:\WINDOWS\system32\URTTemp
2008-01-23 01:35 . 2008-01-23 01:35 <REP> d-------- C:\Program Files\Minilyrics
2008-01-23 01:09 . 2008-01-23 01:09 <REP> d-------- C:\Documents and Settings\Wesley\Application Data\Todae
2008-01-22 23:19 . 2008-01-22 23:19 <REP> d-------- C:\Program Files\Micro Application
2008-01-22 23:19 . 2008-01-22 23:19 1,057,560 --a------ C:\WINDOWS\system32\O2CPlayer.OCX
2008-01-22 23:19 . 1995-09-20 16:13 977,680 --a------ C:\WINDOWS\system32\msjt3032.dll
2008-01-22 23:19 . 1998-05-18 03:06 368,912 --a------ C:\WINDOWS\system32\vbar332.dll
2008-01-22 23:19 . 1995-09-24 11:02 243,472 --a------ C:\WINDOWS\system32\vbar2232.dll
2008-01-22 23:19 . 1995-09-24 00:53 37,376 --a------ C:\WINDOWS\system32\ven2232.olb
2008-01-22 23:19 . 1995-09-20 16:16 35,088 --a------ C:\WINDOWS\system32\msjint32.dll
2008-01-22 23:19 . 1995-09-20 16:16 23,824 --a------ C:\WINDOWS\system32\msjter32.dll
2008-01-20 23:44 . 2004-01-06 01:50 <REP> d-------- C:\Program Files\Winamp
2008-01-20 23:24 . 2008-01-20 23:24 <REP> d-------- C:\Program Files\Free iPod Video Converter
2008-01-20 20:40 . 2008-01-20 23:37 <REP> d-------- C:\Documents and Settings\Wesley\Application Data\CopyTransPhoto
2008-01-20 20:40 . 2008-01-20 21:14 <REP> d-------- C:\Documents and Settings\Wesley\Application Data\CopyTrans
2008-01-20 20:39 . 2008-02-18 00:17 <REP> d-------- C:\Program Files\WindSolutions
2008-01-18 23:22 . 2008-01-18 23:22 <REP> d-------- C:\Program Files\Red Kawa
2008-01-18 23:22 . 2008-02-18 00:17 <REP> d-------- C:\Program Files\AviSynth 2.5
2008-01-18 22:33 . 2008-01-18 23:24 <REP> d-------- C:\Program Files\EphPod
2008-01-18 19:44 . 2008-01-18 19:44 268 --ah----- C:\sqmdata03.sqm
2008-01-18 19:44 . 2008-01-18 19:44 244 --ah----- C:\sqmnoopt03.sqm
2008-01-18 19:41 . 2008-01-18 19:41 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-18 19:40 . 2008-01-18 19:40 <REP> d-------- C:\Program Files\iPod

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-18 13:43 --------- d-----w C:\Program Files\Apple Software Update
2008-02-18 12:59 --------- d-----w C:\Program Files\eMule
2008-02-17 23:49 --------- d-----w C:\Program Files\Windows Live
2008-02-17 23:19 --------- d-----w C:\Program Files\Privat-Webcam G3 Server
2008-02-17 21:07 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-02-17 21:07 --------- d-----w C:\Program Files\DivX
2008-02-17 12:47 10 ----a-w C:\Program Files\.autoreg
2008-02-16 15:04 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-16 14:31 --------- d-----w C:\Documents and Settings\Wesley\Application Data\Azureus
2008-02-16 11:55 --------- d-----w C:\Program Files\MSN Messenger
2008-02-16 10:35 --------- d-----w C:\Program Files\Alwil Software
2008-01-22 23:43 --------- d-----w C:\Documents and Settings\Wesley\Application Data\LimeWire
2008-01-22 18:52 --------- d-----w C:\Program Files\Azureus
2008-01-18 18:40 --------- d-----w C:\Program Files\iTunes
2008-01-18 18:38 --------- d-----w C:\Program Files\QuickTime
2008-01-13 20:57 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2008-01-13 14:16 --------- d-----w C:\Program Files\ImTOO
2008-01-10 19:24 --------- d-----w C:\Program Files\HP Photosmart 11
2008-01-07 21:34 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Azureus
2008-01-07 19:26 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Last.fm
2008-01-07 19:14 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-01-07 18:57 --------- d-----w C:\Program Files\Java
2008-01-06 10:29 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Messenger Plus!
2008-01-05 20:47 --------- d-----w C:\Program Files\LimeWire
2008-01-05 20:46 --------- d-----w C:\Program Files\Fichiers communs\Java
2008-01-05 20:33 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\WLInstaller
2008-01-05 20:07 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-12-31 18:39 --------- d-----w C:\Program Files\WebCamDV
2007-12-31 18:29 --------- d-----w C:\Program Files\Active WebCam
2007-12-31 18:01 --------- d-----w C:\Program Files\Trust
2007-12-31 18:00 --------- d-----w C:\Program Files\Fichiers communs\snp2std
2007-12-31 18:00 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2007-12-31 15:21 558,142 ----a-w C:\WINDOWS\java\Packages\9BFBF35Z.ZIP
2007-12-31 15:21 155,995 ----a-w C:\WINDOWS\java\Packages\6H3P779J.ZIP
2007-12-31 15:17 --------- d-----w C:\Program Files\Services en ligne
2007-12-31 11:14 --------- d-----w C:\Documents and Settings\Wesley\Application Data\Thunderbird
2007-12-31 11:14 --------- d-----w C:\Documents and Settings\Wesley\Application Data\Talkback
2007-12-31 11:08 --------- d-----w C:\Program Files\Nero
2007-12-31 11:08 --------- d-----w C:\Documents and Settings\Wesley\Application Data\Ahead
2007-12-31 11:00 --------- d-----w C:\Program Files\Registry Clean Expert
2007-12-31 00:59 --------- d-----w C:\Documents and Settings\Wesley\Application Data\vlc
2007-12-31 00:56 --------- d-----w C:\Program Files\VideoLAN
2007-12-30 17:55 --------- d-----w C:\Program Files\RegCleaner
2007-12-30 17:48 --------- d-----w C:\Program Files\Illustrate
2007-12-30 17:31 --------- d-----w C:\Program Files\Microsoft Works
2007-12-30 17:13 --------- d-----w C:\Program Files\Microsoft.NET
2007-12-30 17:02 --------- d-----w C:\Program Files\totalcmd
2007-12-30 16:55 --------- d-----w C:\Documents and Settings\Wesley_pc\Application Data\XnView
2007-12-30 16:54 --------- d-----w C:\Program Files\TC UP
2007-12-30 16:51 --------- d-----w C:\Documents and Settings\Wesley_pc\Application Data\HEXelon
2007-12-30 16:40 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2007-12-30 16:38 --------- d-----w C:\Program Files\Fichiers communs\Ahead
2007-12-30 16:38 --------- d-----w C:\Documents and Settings\Wesley_pc\Application Data\Ahead
2007-12-30 16:23 --------- d-----w C:\Documents and Settings\Wesley_pc\Application Data\ACD Systems
2007-12-30 16:22 --------- d-----w C:\Program Files\ACD Systems
2007-12-30 15:52 --------- d-----w C:\Program Files\microsoft frontpage
2007-12-30 15:49 --------- d-----w C:\Program Files\Fichiers communs\MSSoap
2007-12-27 03:34 118,784 ----a-w C:\WINDOWS\system32\MSSTDFMT.DLL
2007-12-27 03:34 1,386,496 ----a-w C:\WINDOWS\system32\msvbvm60.dll
2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
2007-12-13 21:59 81,920 ----a-w C:\WINDOWS\system32\GkSui20.EXE
2007-12-07 01:07 663,552 ----a-w C:\WINDOWS\system32\wininet.dll
2007-12-04 18:41 550,912 --sha-w C:\WINDOWS\system32\oleaut32.dll
2007-11-29 22:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-11-29 22:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2004-08-19 15:09 65,024 --sha-w C:\WINDOWS\system32\asycfilt.dll
2006-08-25 15:51 617,472 --sha-w C:\WINDOWS\system32\comctl32.dll
2004-08-19 15:09 1,028,096 --sha-w C:\WINDOWS\system32\mfc42.dll
2001-08-28 12:00 57,344 --sha-w C:\WINDOWS\system32\mfc42loc.dll
2004-08-19 15:09 413,696 --sha-w C:\WINDOWS\system32\msvcp60.dll
2004-08-19 15:09 343,040 --sha-w C:\WINDOWS\system32\msvcrt.dll
2001-08-28 12:00 253,952 --sha-w C:\WINDOWS\system32\msvcrt20.dll
2004-08-19 15:09 83,456 --sha-w C:\WINDOWS\system32\olepro32.dll
2004-08-19 15:09 30,749 --sha-w C:\WINDOWS\system32\vbajet32.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{43C6D079-EA19-402A-9D1C-772385E1118B}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E1BACF55-35E1-4E47-9247-2D48660E5545}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E566C0EC-2CBF-47D2-F790-9A3051F9625E}]
C:\Program Files\Windows Live\laxuki.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
"xInsIDE"="C:\Program Files\xInsIDE\xInsIDE.exe" [2008-02-17 13:36 53248]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"Steam"="C:\Program Files\Steam\Steam.exe" [2008-02-17 20:23 1266936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nForce Tray Options"="sstray.exe" [2002-11-13 15:34 73728 C:\WINDOWS\system32\sstray.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2003-01-10 22:04 4263936]
"nwiz"="nwiz.exe" [2003-01-10 22:04 315392 C:\WINDOWS\system32\nwiz.exe]
"snp2std"="C:\WINDOWS\vsnp2std.exe" [2005-11-16 16:14 344064]
"OWCWebCamDV"="C:\WINDOWS\system\wcdvtray.exe" [2002-10-07 11:45 41041]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe" [2002-11-22 11:29 188416]
"HPHmon04"="C:\WINDOWS\system32\hphmon04.exe" [2002-11-22 11:28 348160]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-10 15:27 385024]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-01-15 03:22 267048]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 16:09 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegClean Expert Scheduler]
C:\Program Files\Registry Clean Expert\RCScheduler.exe

R2 WebCamDV;WebCamDV DV to Webcam Converter;C:\WINDOWS\system32\DRIVERS\WebCamDV.sys [2002-10-07 11:45]
R3 WCDV_Aud;WevCamDV WDM Virtual Audio Device;C:\WINDOWS\system32\drivers\wcdvaud.sys [2003-01-23 15:38]
S3 NtApm;Pilote d'interface NT APM/hérité;C:\WINDOWS\system32\DRIVERS\NtApm.sys [2001-08-28 13:00]
S3 SNP2STD;USB2.0 PC Camera (SNP2STD);C:\WINDOWS\system32\DRIVERS\snp2sxp.sys [2005-11-18 18:29]

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2003-12-31 23:08:38 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-18 14:47:59
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\savedump.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Last.fm\LastFMHelper.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\HPHipm11.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-02-18 14:51:32 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-18 13:51:21
ComboFix2.txt 2008-02-17 17:54:41
.
2008-02-17 23:27:56 --- E O F ---

Puis le rapport HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:04:00, on 18/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\sstray.exe
C:\WINDOWS\vsnp2std.exe
C:\WINDOWS\system\wcdvtray.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
C:\WINDOWS\system32\hphmon04.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\xInsIDE\xInsIDE.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Last.fm\LastFMHelper.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\HPHipm11.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Megaupload\Mega Manager\MegaManager.exe
C:\DOCUME~1\Wesley\LOCALS~1\Temp\Rar$EX00.516\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: IeMonitorBho Class - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: (no name) - {E566C0EC-2CBF-47D2-F790-9A3051F9625E} - C:\Program Files\Windows Live\laxuki.dll (file missing)
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exe
O4 - HKLM\..\Run: [OWCWebCamDV] C:\WINDOWS\system\wcdvtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [HPHmon04] C:\WINDOWS\system32\hphmon04.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [xInsIDE] C:\Program Files\xInsIDE\xInsIDE.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPH11 - HP - C:\WINDOWS\system32\HPHipm11.exe

--
End of file - 6000 bytes

merci!

C'est déjà mieux ?

Désinstalle correctement Avast! pour le remplacer par AntiVir.
Pourquoi changer ? Avast! vs AntiVir

Fais un scan complet puis poste le rapport en fin d'analyse.
AIDE : Tutorial sur l'antivirus AntiVir Personal Edition Classic

Désolé pour le retard j'avais des exams blanc donc révisions + épreuve.

Donc j'ai suivi les consige et voici le rapport:



AntiVir PersonalEdition Classic
Report file date: jeudi 1 janvier 2004 01:32

Scanning for 835736 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: WESLEY-2BC669CD

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 14:26:55
ANTIVIR2.VDF : 7.0.0.1 2048 Bytes 13/09/2007 14:27:04
ANTIVIR3.VDF : 7.0.0.2 2048 Bytes 13/09/2007 14:27:13
AVEWIN32.DLL : 7.6.0.15 2806272 Bytes 17/09/2007 17:43:56
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 08:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: F:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: jeudi 1 janvier 2004 01:32

The scan of running processes will be started
Scan process 'update.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'MegaManager.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'hphipm11.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'LastFMHelper.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '1' Module(s) have been scanned
Scan process 'xInsIDE.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'ZangoSA.exe' - '1' Module(s) have been scanned
Scan process 'OEAddOn.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'hphmon04.exe' - '1' Module(s) have been scanned
Scan process 'hpztsb07.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'wcdvtray.exe' - '1' Module(s) have been scanned
Scan process 'vsnp2std.exe' - '1' Module(s) have been scanned
Scan process 'sstray.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'snmp.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
45 processes with 45 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!
Boot sector 'F:\'
[NOTE] No virus was found!

Starting to scan the registry.
The registry was scanned ( '28' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Program Files\TC UP\PLUGINS\wbx\Starter\Starter.wbx
[DETECTION] Contains suspicious code HEUR/Malware
[INFO] The file was moved to '405476eb.qua'!
C:\QooBox\Quarantine\catchme2008-02-17_185107.23.zip
[0] Archive type: ZIP
--> srosa.sys
[DETECTION] Is the Trojan horse TR/Rootkit.Gen
--> wintems.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
--> mdelk.exe
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '40677709.qua'!
C:\QooBox\Quarantine\C\Documents and Settings\Wesley\Application Data\WinTouch\WinTouch.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '40617712.qua'!
C:\QooBox\Quarantine\C\Program Files\Fichiers communs\Yazzle1281OinAdmin.exe.vir
[DETECTION] Contains suspicious code HEUR/Malware
[INFO] The file was moved to '406d770b.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\mdelk.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '40587711.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\mljjj.dll.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '405d771a.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\opnkjkh.dll.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '4061771e.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\wintems.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '40617717.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\hldrrr.exe.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[INFO] The file was moved to '4057771b.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\108062.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '402b76df.qua'!
C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\down\126406.exe.vir
[DETECTION] Is the Trojan horse TR/Bagle.Gen.B
[INFO] The file was moved to '402976e3.qua'!
Begin scan in 'F:\' <Wesley>
F:\arnaud\musique\(Plugins) Massive Collection Of Vst-Vsti & Dx-Dxi Plug-Ins.rar
[0] Archive type: RAR
--> VSTI LM4 Drumkit (1).exe
[1] Archive type: ACE SFX (self extracting)
--> LM-4 Plugin Pack\_file_id.diz
[WARNING] Error creating the file
--> LM-4 Plugin Pack\_PRS_NFO.nfo
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
--> AP.DX.Spectral Design - Q-Metric v.1.exe
[1] Archive type: ACE SFX (self extracting)
--> DX_VST Qmetric v.1.0 - Radium\FILE_ID.DIZ
[WARNING] Error creating the file
--> DX_VST Qmetric v.1.0 - Radium\Damn_NFO_Viewer 2.0.1 (beta-2)\DAMN_NFO_Viewer_v201b2.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
--> AP.DX.Spin Audio - Delay v.1.0.2 - Zone.exe
[1] Archive type: ACE SFX (self extracting)
--> Spin Audio Delay DX-VST1.0.2\Program\SpinDelay.ax
[WARNING] Error creating the file
--> Spin Audio Delay DX-VST1.0.2\Program\Skin\about_back_demo.bmp
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
--> AP.VST.Prosoniq - Dynasone v.1.exe
[1] Archive type: ACE SFX (self extracting)
--> AP.VST - Prosoniq - Dynasone v.1.3 - Paradox\AP.VST - Prosoniq - Dynasone v.1.3 - Paradox\_SETUP.1
[WARNING] Error creating the file
--> AP.VST - Prosoniq - Dynasone v.1.3 - Paradox\AP.VST - Prosoniq - Dynasone v.1.3 - Paradox\file_id.diz
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
--> AP.VSTi_BitHeadz - Retro AS-1 - Zone.exe
[1] Archive type: ACE SFX (self extracting)
--> VSTi = Retro AS-1 VST - Zone\FILE_ID.DIZ
[WARNING] Error creating the file
--> VSTi = Retro AS-1 VST - Zone\Damn_NFO_Viewer 2.0.1 (beta-2)\DAMN_NFO_Viewer_v201b2.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
--> AP.VSTi_S&C Instruments - PRS.exe
[1] Archive type: ACE SFX (self extracting)
--> VSTi - S_&_C - PRS\SC Drums 1.1\file_id.diz
[WARNING] Error creating the file
--> VSTi - S_&_C - PRS\SC Develop Virtual Sampler\file_id.diz
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
--> JunoXý VST v1.3.exe
[1] Archive type: ACE SFX (self extracting)
--> JunoXý VST v1.3\setreFX3.EXE
[WARNING] Error creating the file
--> JunoXý VST v1.3\JunoX2_Eternal_Noise Soundbank\Eternal_Noise.fxb
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
--> Plugins - VST - Steinberg LM-4 AddOn.exe
[1] Archive type: ACE SFX (self extracting)
--> LM-4 Plugin Pack\_file_id.diz
[WARNING] Error creating the file
--> LM-4 Plugin Pack\_PRS_NFO.nfo
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed
--> Spectral Design - Q-Metric v.1.exe
[1] Archive type: ACE SFX (self extracting)
--> DX_VST Qmetric v.1.0 - Radium\FILE_ID.DIZ
[WARNING] Error creating the file
--> DX_VST Qmetric v.1.0 - Radium\Damn_NFO_Viewer 2.0.1 (beta-2)\DAMN_NFO_Viewer_v201b2.exe
[WARNING] No further files can be extracted from this archive. The archive will be closed
[WARNING] No further files can be extracted from this archive. The archive will be closed


End of the scan: jeudi 1 janvier 2004 04:02
Used time: 2:30:12 min

The scan has been canceled!

5193 Scanning directories
470472 Files were scanned
11 viruses and/or unwanted programs were found
2 Files were classified as suspicious:
0 files were deleted
0 files were repaired
11 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
470461 Files not concerned
3279 Archives were scanned
29 Warnings
220 Notes

désolé pour la date et l'heure mon ordinateur remet l'heure et la date a zéro quand je le rallume.

Merci

Help??????