probleme avec kesenjangansocial.exe

Salut.

Poste un rapport Hijackthis comme expliqué sur ce lien :
http://www.infos-du-net.com/forum/271838-11-tuto-utilis...
Il est essentiel qu'Hijackthis ait été renommé en Hjt avant de lancer le scan et qu'il soit placé dans son propre dossier ailleurs que sur ton bureau ou dans un fichier temporaire .

++

Bonjour,

Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.

Double clique sur combofix.exe afin de le lancer.

Tape sur la touche 1 (Yes) pour démarrer le scan.

Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

&

Télécharge puis installe Hijackthis ([#ff0000]Trend Micro

).
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

Je t'en prie Angeldark, prend la suite.  

Merci.

voici le rapport combofix

ComboFix 08-02-18.1 - cindy 2008-02-18 21:53:06.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.1.1252.1.1036.18.43 [GMT 1:00]
Endroit: C:\Documents and Settings\cindy\Bureau\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Documents and Settings\cindy\Application Data\DOBE~1
C:\Documents and Settings\cindy\Local Settings\Application Data\rnjfjfbd.dat
C:\Documents and Settings\cindy\Local Settings\Application Data\rnjfjfbd.exe
C:\Documents and Settings\cindy\Local Settings\Application Data\rnjfjfbd_nav.dat
C:\Documents and Settings\cindy\Local Settings\Application Data\rnjfjfbd_navps.dat
C:\Documents and Settings\cindy\ResErrors.log
C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\NetMon
C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\NetMon\domains.txt
C:\Documents and Settings\LocalService.AUTORITE NT\Application Data\NetMon\log.txt
C:\Documents and Settings\NetworkService.AUTORITE NT\Application Data\NetMon
C:\Documents and Settings\NetworkService.AUTORITE NT\Application Data\NetMon\domains.txt
C:\Documents and Settings\NetworkService.AUTORITE NT\Application Data\NetMon\log.txt
C:\Program Files\network monitor
C:\WINDOWS\a3Vyb3dpYWs\
C:\WINDOWS\cookies.ini
C:\WINDOWS\Downloaded Program Files\UGESV_0001_N122M2811NetInstaller.exe
C:\WINDOWS\system32\atmtd.dll._
C:\WINDOWS\system32\awtsqnk.dll
C:\WINDOWS\system32\caohhmyu.tmp
C:\WINDOWS\system32\cbcdd.ini
C:\WINDOWS\system32\cbcdd.ini2
C:\WINDOWS\system32\cyrdclvm.dll
C:\WINDOWS\system32\ddcbc.dll
C:\WINDOWS\system32\efcbaxy.dll
C:\WINDOWS\system32\eiruybbp.dll
C:\WINDOWS\system32\exmianlc.ini
C:\WINDOWS\system32\kquviprr.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\msssc.dll
C:\WINDOWS\system32\nGpxx01
C:\WINDOWS\system32\nGpxx01\nGpxx011065.exe
C:\WINDOWS\system32\nvs2.inf
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\tpgsyfjx.ini
C:\WINDOWS\system32\uymhhoac.dll
C:\WINDOWS\system32\vgbxyowe.dllbox
C:\WINDOWS\system32\windows
C:\WINDOWS\uninstall_nmon.vbs

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_CMDSERVICE
-------\LEGACY_NETWORK_MONITOR
-------\cmdService
-------\Network Monitor




((((((((((((((((((((((((((((( Fichiers créés 2008-01-18 to 2008-02-18 ))))))))))))))))))))))))))))))))))))
.

2008-02-18 20:34 . 2002-12-06 17:37 503,808 --a------ C:\WINDOWS\system32\xreglib.dll.tmppnd
2008-02-18 20:34 . 2008-02-18 20:34 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2008-02-18 15:01 . 2008-02-18 15:01 71,040 --a------ C:\WINDOWS\system32\drivers\bdfndisf.sys.avxpnd
2008-02-18 14:41 . 2008-02-18 14:41 <REP> d-------- C:\Documents and Settings\cindy\Application Data\Bitdefender
2008-02-18 14:11 . 2008-02-18 15:01 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\BitDefender
2008-02-18 14:10 . 2008-02-18 14:10 <REP> d-------- C:\Program Files\Softwin
2008-02-18 14:09 . 2008-02-18 14:10 <REP> d-------- C:\Program Files\Fichiers communs\Softwin
2008-02-18 14:05 . 2008-02-18 14:05 268 --ah----- C:\sqmdata19.sqm
2008-02-18 14:05 . 2008-02-18 14:05 244 --ah----- C:\sqmnoopt19.sqm
2008-02-18 13:58 . 2008-02-18 13:58 268 --ah----- C:\sqmdata18.sqm
2008-02-18 13:58 . 2008-02-18 13:58 244 --ah----- C:\sqmnoopt18.sqm
2008-02-18 13:42 . 2008-02-18 13:42 2,676 --a------ C:\WINDOWS\system32\tmp.reg
2008-02-18 13:41 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-02-18 13:41 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-02-18 13:41 . 2008-02-16 19:46 85,504 --a------ C:\WINDOWS\system32\VACFix.exe
2008-02-18 13:41 . 2008-02-08 10:37 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-02-18 13:41 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-02-18 13:41 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-02-18 13:39 . 2008-02-18 13:39 172 --ah----- C:\sqmnoopt17.sqm
2008-02-18 13:39 . 2008-02-18 13:39 172 --ah----- C:\sqmdata17.sqm
2008-02-18 13:35 . 2008-02-18 13:35 268 --ah----- C:\sqmdata16.sqm
2008-02-18 13:35 . 2008-02-18 13:35 244 --ah----- C:\sqmnoopt16.sqm
2008-02-18 13:29 . 2008-02-18 13:29 172 --ah----- C:\sqmnoopt15.sqm
2008-02-18 13:29 . 2008-02-18 13:29 172 --ah----- C:\sqmdata15.sqm
2008-02-18 13:28 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-02-18 12:26 . 2008-02-18 12:26 268 --ah----- C:\sqmdata14.sqm
2008-02-18 12:26 . 2008-02-18 12:26 244 --ah----- C:\sqmnoopt14.sqm
2008-02-18 12:06 . 2008-02-18 18:58 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Google Updater
2008-02-18 11:58 . 2008-02-18 11:58 268 --ah----- C:\sqmdata13.sqm
2008-02-18 11:58 . 2008-02-18 11:58 244 --ah----- C:\sqmnoopt13.sqm
2008-02-18 10:40 . 2008-02-18 10:40 268 --ah----- C:\sqmdata12.sqm
2008-02-18 10:40 . 2008-02-18 10:40 244 --ah----- C:\sqmnoopt12.sqm
2008-02-18 10:18 . 2008-02-18 10:18 268 --ah----- C:\sqmdata11.sqm
2008-02-18 10:18 . 2008-02-18 10:18 244 --ah----- C:\sqmnoopt11.sqm
2008-02-17 20:25 . 2008-02-17 20:25 268 --ah----- C:\sqmdata10.sqm
2008-02-17 20:25 . 2008-02-17 20:25 244 --ah----- C:\sqmnoopt10.sqm
2008-02-17 18:05 . 2008-02-17 18:05 268 --ah----- C:\sqmdata09.sqm
2008-02-17 18:05 . 2008-02-17 18:05 244 --ah----- C:\sqmnoopt09.sqm
2008-02-17 16:44 . 2008-02-17 16:44 <REP> d-------- C:\Program Files\Alwil Software
2008-02-17 15:41 . 2008-02-17 15:39 691,545 --a------ C:\WINDOWS\unins000.exe
2008-02-17 15:41 . 2008-02-17 15:41 3,465 --a------ C:\WINDOWS\unins000.dat
2008-02-17 15:34 . 2008-02-17 17:56 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-02-17 15:16 . 2008-02-17 20:26 <REP> d-------- C:\Documents and Settings\cindy\Contacts
2008-02-17 14:47 . 2008-02-17 14:47 <REP> d-------- C:\Documents and Settings\cindy\Application Data\AntivirusOrdi
2008-02-17 14:47 . 2008-02-17 14:47 <REP> dr------- C:\Documents and Settings\All Users.WINDOWS\Application Data\SalesMon
2008-02-17 14:46 . 2008-02-17 14:46 191,512 --a------ C:\Documents and Settings\cindy\Application Data\install_fr[1].exe
2008-02-17 14:46 . 2004-10-07 13:39 89,088 --a------ C:\WINDOWS\system32\atl71.dll
2008-02-17 14:46 . 2001-03-08 18:30 24,064 --a------ C:\WINDOWS\system32\msxml3a.dll
2008-02-17 13:20 . 2008-02-17 13:20 9,662 --a------ C:\WINDOWS\system32\ZoneAlarmIconFR.ico
2008-02-16 13:08 . 2008-02-17 17:24 <REP> d-------- C:\WINDOWS\system32\yw3
2008-02-16 13:08 . 2008-02-17 17:23 <REP> d-------- C:\WINDOWS\system32\rp1
2008-02-16 13:08 . 2008-02-16 13:08 <REP> d-------- C:\WINDOWS\system32\mq9
2008-02-11 20:55 . 2008-02-11 20:55 <REP> d-------- C:\Documents and Settings\cindy\Application Data\Apple Computer
2008-02-11 20:54 . 2008-02-11 20:55 <REP> d-------- C:\Program Files\iTunes
2008-02-11 20:54 . 2008-02-11 20:54 <REP> d-------- C:\Program Files\iPod
2008-02-11 20:52 . 2008-02-11 20:53 <REP> d-------- C:\Program Files\QuickTime
2008-02-11 20:52 . 2008-02-11 20:54 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2008-02-11 20:51 . 2008-02-11 20:51 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
2008-02-10 17:17 . 2008-02-10 17:18 <REP> d-------- C:\Documents and Settings\cindy\Application Data\MSN6
2008-02-10 17:17 . 2008-02-10 17:17 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\MSN6
2008-02-10 16:37 . 2008-02-10 16:37 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft
2008-02-10 15:11 . 2008-02-10 15:11 0 --a------ C:\WINDOWS\khooker.INI
2008-02-10 13:21 . 2008-02-10 20:57 <REP> d-a------ C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2008-02-09 17:27 . 2008-02-11 18:46 <REP> d-------- C:\WINDOWS\ShellNew
2008-02-09 13:15 . 2008-02-18 21:49 268 --ah----- C:\sqmdata05.sqm
2008-02-09 13:15 . 2008-02-18 21:49 244 --ah----- C:\sqmnoopt05.sqm
2008-02-09 13:15 . 2008-02-09 13:15 208 --ah----- C:\sqmdata07.sqm
2008-02-09 13:15 . 2008-02-09 13:15 172 --ah----- C:\sqmnoopt08.sqm
2008-02-09 13:15 . 2008-02-09 13:15 172 --ah----- C:\sqmnoopt07.sqm
2008-02-09 13:15 . 2008-02-09 13:15 172 --ah----- C:\sqmdata08.sqm
2008-02-09 13:15 . 2008-02-09 13:15 148 --ah----- C:\sqmdata06.sqm
2008-02-09 13:15 . 2008-02-09 13:15 136 --ah----- C:\sqmnoopt06.sqm
2008-02-08 19:05 . 2008-02-08 19:05 <REP> d-------- C:\Documents and Settings\cindy\Application Data\Yahoo!
2008-02-08 19:04 . 2008-02-08 19:04 <REP> d-------- C:\Program Files\DivX
2008-02-08 09:17 . 2008-02-18 20:55 268 --ah----- C:\sqmdata04.sqm
2008-02-08 09:17 . 2008-02-18 20:55 244 --ah----- C:\sqmnoopt04.sqm
2008-02-07 11:11 . 2008-02-18 20:36 172 --ah----- C:\sqmnoopt03.sqm
2008-02-07 11:11 . 2008-02-18 20:36 172 --ah----- C:\sqmdata03.sqm
2008-02-06 12:37 . 2008-02-18 19:44 268 --ah----- C:\sqmdata02.sqm
2008-02-06 12:37 . 2008-02-18 19:44 244 --ah----- C:\sqmnoopt02.sqm
2008-02-04 22:15 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
2008-02-04 22:15 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
2008-02-04 22:15 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
2008-02-04 22:15 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
2008-02-04 22:15 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
2008-02-04 22:15 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
2008-02-04 22:15 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
2008-02-04 22:15 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
2008-02-04 14:53 . 2008-02-04 14:53 <REP> d-------- C:\Documents and Settings\cindy\Application Data\Template
2008-02-03 14:45 . 2008-02-03 14:45 <REP> d-------- C:\WINDOWS\Sun
2008-02-03 14:43 . 2008-02-18 18:58 <REP> d-------- C:\Program Files\Google
2008-02-03 14:42 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-02-03 14:41 . 2008-02-03 14:42 <REP> d-------- C:\Program Files\Java
2008-02-03 14:40 . 2008-02-03 14:40 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-02-03 13:52 . 2007-07-30 19:19 549,720 --a------ C:\WINDOWS\system32\wuapi.dll
2008-02-03 13:52 . 2007-07-30 19:19 325,976 --a------ C:\WINDOWS\system32\wucltui.dll
2008-02-03 13:52 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl
2008-02-03 13:52 . 2007-07-30 19:19 43,352 --a------ C:\WINDOWS\system32\wups2.dll
2008-02-03 13:52 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-02-03 13:52 . 2007-07-30 19:18 33,624 --a------ C:\WINDOWS\system32\wups.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-18 14:01 913,408 ----a-w C:\WINDOWS\system32\xreglib.dll
2008-02-17 14:33 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-15 14:00 --------- d-----w C:\Program Files\Norton Security Scan
2008-02-11 19:51 --------- d-----w C:\Program Files\Apple Software Update
2008-02-11 18:45 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-02-10 12:28 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-04 13:40 --------- d-----w C:\Program Files\Microsoft Works
2008-02-02 14:22 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-02-02 13:59 --------- d-----w C:\Program Files\SiSVGA
2008-02-01 17:36 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2008-02-01 14:19 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-02-01 13:52 --------- d-----w C:\Program Files\uTorrent
2008-01-10 19:32 --------- d-----w C:\Program Files\Macrogaming
2007-11-29 22:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-11-29 22:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2003-07-22 16:44 1,388,544 --sh--r C:\WINDOWS\system32\msvbvm60.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{23C10E04-21BC-4E0E-C391-F71E77A9B5CD}]
C:\Program Files\Windows Media Player\qujaxiji.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D81BA243-8839-496E-A3E0-C17266E0AFE5}]
2008-02-08 02:07 217088 --a------ C:\Program Files\MSN\giquxaba89104.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Tok-Cirrhatus"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2003-07-22 17:32 13312]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-18 12:06 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"smapp"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 08:57 143360]
"SiSUSBRG"="C:\WINDOWS\SiSUSBrg.exe" [2002-07-12 17:15 106496]
"SiS Tray"="C:\WINDOWS\System32\sistray.EXE" [2003-06-26 11:35 303104]
"SiS KHooker"="C:\WINDOWS\System32\khooker.exe" [2003-05-29 03:23 294912]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-14 10:00 267064]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06 40048]
"BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2006-08-04 16:22 376832]
"BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2006-06-20 14:35 49152]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-02-18 19:00 1836544]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2003-07-22 17:32 13312]

C:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-02-18 12:06:49 125624]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vgbxyowe]
vgbxyowe.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=sockspy.dll


*Newly Created Service* - ALG
*Newly Created Service* - IPNAT
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-18 18:48:10 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-02-15 14:00:27 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-18 21:56:26
Windows 5.1.2600 Service Pack 1 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-02-18 21:59:19
ComboFix-quarantined-files.txt 2008-02-18 20:59:10

et voici le rapport hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 22:01:16, on 18/02/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\WINDOWS\System32\sistray.EXE
C:\WINDOWS\System32\khooker.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\cindy\Bureau\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: 0 - {23C10E04-21BC-4E0E-C391-F71E77A9B5CD} - C:\Program Files\Windows Media Player\qujaxiji.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: (no name) - {D81BA243-8839-496E-A3E0-C17266E0AFE5} - C:\Program Files\MSN\giquxaba89104.dll
O3 - Toolbar: (no name) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [Tok-Cirrhatus] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\System32\shdocvw.dll
O15 - Trusted Zone: *.amaena.com
O15 - Trusted Zone: *.avsystemcare.com
O15 - Trusted Zone: *.gomyhit.com
O15 - Trusted Zone: *.imageservr.com
O15 - Trusted Zone: *.imagesrvr.com
O15 - Trusted Zone: *.onerateld.com
O15 - Trusted Zone: *.safetydownload.com
O15 - Trusted Zone: *.storageguardsoft.com
O15 - Trusted Zone: *.trustedantivirus.com
O15 - Trusted Zone: *.virusschlacht.com
O15 - Trusted Zone: *.amaena.com (HKLM)
O15 - Trusted Zone: *.avsystemcare.com (HKLM)
O15 - Trusted Zone: *.gomyhit.com (HKLM)
O15 - Trusted Zone: *.imageservr.com (HKLM)
O15 - Trusted Zone: *.imagesrvr.com (HKLM)
O15 - Trusted Zone: *.onerateld.com (HKLM)
O15 - Trusted Zone: *.safetydownload.com (HKLM)
O15 - Trusted Zone: *.storageguardsoft.com (HKLM)
O15 - Trusted Zone: *.trustedantivirus.com (HKLM)
O15 - Trusted Zone: *.virusschlacht.com (HKLM)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {B164C1FC-1BEE-A33B-E3B6-67C8F421E94B} - http://performanceoptimizer.com/files/PerformanceOptimi...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flas...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: vgbxyowe - vgbxyowe.dll (file missing)
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

Merci!!!!

Re,

Télécharge [#FF0000]DelDomains.inf[/#F] (de Mike Burgess) sur ton Bureau.
**Si tu utilises FireFox : fais un clic droit sur le lien et choisis "Enregistrer la cible du lien sous..."**

Fais un clique droit sur le fichier, puis choisis "Installer" du menu contextuel.

Le script s'installe rapidement et aucune confirmation ne sera affichée à l'écran, ceci est normal.

voila c'est fait il me donne ca :

; DelDomains.inf © 11-28-04 | Revised 01-15-06
; Created by: Mike Burgess Microsoft MVP
; http://mvps.org/winhelp2002/
;
; Warning: Deletes all entries in the Restricted & Trusted Zone list
; http://mvps.org/winhelp2002/restricted.htm
;
; Revised to include the EscDomains key
;
; To execute this file: in Explorer - right-click (this file)
; Select Install from the Menu.
; Note: you will not see any onscreen action.

[version]
signature="$CHICAGO$"

[DefaultInstall]
DelReg=DelTemps
AddReg=AddTemps

[DelTemps]
HKCU,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains"
HKLM,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains"
HKCU,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges"
HKLM,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges"
HKCU,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains"

; Recreate the keys to avoid a restart

[AddTemps]
HKCU,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains"
HKLM,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains"
HKCU,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges"
HKLM,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Ranges"
HKCU,"Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\EscDomains"

**Si tu utilises FireFox : fais un clic droit sur le lien et choisis "Enregistrer la cible du lien sous..."**
-> Tu as bien fait ça ?

J'utilise pas firefox, donc j'ai cliqué dessus je l'ai enregistré sous mon bureau...et quand je l'ai ouvert il m'a donné ca.

**Si tu utilises FireFox : fais un clic droit sur le lien et choisis "Enregistrer la cible du lien sous..."**
-> fais-le, même avec Internet Explorer alors

Voila j'ai installer deldomains en suivant les étapes que tu m'as enoncé.

Reposte un rapport Hijackthis  

Bonjour, Voila le nouveau rapport  

Logfile of HijackThis v1.99.1
Scan saved at 10:58:47, on 20/02/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\WINDOWS\System32\sistray.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\khooker.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\cindy\Bureau\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: (no name) - {D81BA243-8839-496E-A3E0-C17266E0AFE5} - C:\Program Files\MSN\giquxaba89104.dll
O3 - Toolbar: (no name) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [Tok-Cirrhatus] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\System32\shdocvw.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {B164C1FC-1BEE-A33B-E3B6-67C8F421E94B} - http://performanceoptimizer.com/files/PerformanceOptimi...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flas...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: vgbxyowe - vgbxyowe.dll (file missing)
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

Refais un scan Combofix  

voila, apres mon scan combofix :

ComboFix 08-02-18.1 - cindy 2008-02-20 18:49:14.3 - NTFSx86
Endroit: C:\Documents and Settings\cindy\Bureau\ComboFix.exe
.
The following files were disabled during the run:
C:\WINDOWS\system32\sockspy.dll


((((((((((((((((((((((((((((( Fichiers créés 2008-01-20 to 2008-02-20 ))))))))))))))))))))))))))))))))))))
.

2008-02-19 10:28 . 2008-02-18 15:01 913,408 --a------ C:\WINDOWS\system32\xreglib.dll
2008-02-18 22:31 . 2008-02-19 13:15 1,432 --a------ C:\DelDomains.inf
2008-02-18 20:34 . 2008-02-20 18:54 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2008-02-18 14:41 . 2008-02-18 14:41 <REP> d-------- C:\Documents and Settings\cindy\Application Data\Bitdefender
2008-02-18 14:11 . 2008-02-18 15:01 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\BitDefender
2008-02-18 14:10 . 2008-02-18 14:10 <REP> d-------- C:\Program Files\Softwin
2008-02-18 14:09 . 2008-02-18 14:10 <REP> d-------- C:\Program Files\Fichiers communs\Softwin
2008-02-18 14:05 . 2008-02-18 14:05 268 --ah----- C:\sqmdata19.sqm
2008-02-18 14:05 . 2008-02-18 14:05 244 --ah----- C:\sqmnoopt19.sqm
2008-02-18 13:58 . 2008-02-18 13:58 268 --ah----- C:\sqmdata18.sqm
2008-02-18 13:58 . 2008-02-18 13:58 244 --ah----- C:\sqmnoopt18.sqm
2008-02-18 13:42 . 2008-02-18 13:42 2,676 --a------ C:\WINDOWS\system32\tmp.reg
2008-02-18 13:41 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-02-18 13:41 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-02-18 13:41 . 2008-02-16 19:46 85,504 --a------ C:\WINDOWS\system32\VACFix.exe
2008-02-18 13:41 . 2008-02-08 10:37 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-02-18 13:41 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-02-18 13:41 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-02-18 13:39 . 2008-02-18 13:39 172 --ah----- C:\sqmnoopt17.sqm
2008-02-18 13:39 . 2008-02-18 13:39 172 --ah----- C:\sqmdata17.sqm
2008-02-18 13:35 . 2008-02-18 13:35 268 --ah----- C:\sqmdata16.sqm
2008-02-18 13:35 . 2008-02-18 13:35 244 --ah----- C:\sqmnoopt16.sqm
2008-02-18 13:29 . 2008-02-18 13:29 172 --ah----- C:\sqmnoopt15.sqm
2008-02-18 13:29 . 2008-02-18 13:29 172 --ah----- C:\sqmdata15.sqm
2008-02-18 13:28 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-02-18 12:26 . 2008-02-20 18:16 304 --ah----- C:\sqmdata14.sqm
2008-02-18 12:26 . 2008-02-20 18:16 244 --ah----- C:\sqmnoopt14.sqm
2008-02-18 12:06 . 2008-02-20 11:22 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Google Updater
2008-02-18 11:58 . 2008-02-20 16:38 268 --ah----- C:\sqmdata13.sqm
2008-02-18 11:58 . 2008-02-20 16:38 244 --ah----- C:\sqmnoopt13.sqm
2008-02-18 10:40 . 2008-02-20 16:09 172 --ah----- C:\sqmnoopt12.sqm
2008-02-18 10:40 . 2008-02-20 16:10 172 --ah----- C:\sqmdata12.sqm
2008-02-18 10:18 . 2008-02-20 15:56 268 --ah----- C:\sqmdata11.sqm
2008-02-18 10:18 . 2008-02-20 15:56 244 --ah----- C:\sqmnoopt11.sqm
2008-02-17 20:25 . 2008-02-20 10:40 268 --ah----- C:\sqmdata10.sqm
2008-02-17 20:25 . 2008-02-20 10:40 244 --ah----- C:\sqmnoopt10.sqm
2008-02-17 18:05 . 2008-02-19 19:08 268 --ah----- C:\sqmdata09.sqm
2008-02-17 18:05 . 2008-02-19 19:08 244 --ah----- C:\sqmnoopt09.sqm
2008-02-17 16:44 . 2008-02-17 16:44 <REP> d-------- C:\Program Files\Alwil Software
2008-02-17 15:41 . 2008-02-17 15:39 691,545 --a------ C:\WINDOWS\unins000.exe
2008-02-17 15:41 . 2008-02-17 15:41 3,465 --a------ C:\WINDOWS\unins000.dat
2008-02-17 15:34 . 2008-02-17 17:56 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-02-17 15:16 . 2008-02-20 18:07 <REP> d-------- C:\Documents and Settings\cindy\Contacts
2008-02-17 14:47 . 2008-02-17 14:47 <REP> d-------- C:\Documents and Settings\cindy\Application Data\AntivirusOrdi
2008-02-17 14:47 . 2008-02-17 14:47 <REP> dr------- C:\Documents and Settings\All Users.WINDOWS\Application Data\SalesMon
2008-02-17 14:46 . 2008-02-17 14:46 191,512 --a------ C:\Documents and Settings\cindy\Application Data\install_fr[1].exe
2008-02-17 14:46 . 2004-10-07 13:39 89,088 --a------ C:\WINDOWS\system32\atl71.dll
2008-02-17 14:46 . 2001-03-08 18:30 24,064 --a------ C:\WINDOWS\system32\msxml3a.dll
2008-02-17 13:20 . 2008-02-17 13:20 9,662 --a------ C:\WINDOWS\system32\ZoneAlarmIconFR.ico
2008-02-16 13:08 . 2008-02-17 17:24 <REP> d-------- C:\WINDOWS\system32\yw3
2008-02-16 13:08 . 2008-02-17 17:23 <REP> d-------- C:\WINDOWS\system32\rp1
2008-02-16 13:08 . 2008-02-16 13:08 <REP> d-------- C:\WINDOWS\system32\mq9
2008-02-11 20:55 . 2008-02-11 20:55 <REP> d-------- C:\Documents and Settings\cindy\Application Data\Apple Computer
2008-02-11 20:54 . 2008-02-11 20:55 <REP> d-------- C:\Program Files\iTunes
2008-02-11 20:54 . 2008-02-11 20:54 <REP> d-------- C:\Program Files\iPod
2008-02-11 20:52 . 2008-02-11 20:53 <REP> d-------- C:\Program Files\QuickTime
2008-02-11 20:52 . 2008-02-11 20:54 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2008-02-11 20:51 . 2008-02-11 20:51 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
2008-02-10 17:17 . 2008-02-10 17:18 <REP> d-------- C:\Documents and Settings\cindy\Application Data\MSN6
2008-02-10 17:17 . 2008-02-10 17:17 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\MSN6
2008-02-10 16:37 . 2008-02-10 16:37 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft
2008-02-10 15:11 . 2008-02-10 15:11 0 --a------ C:\WINDOWS\khooker.INI
2008-02-10 13:21 . 2008-02-10 20:57 <REP> d-a------ C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2008-02-09 17:27 . 2008-02-11 18:46 <REP> d-------- C:\WINDOWS\ShellNew
2008-02-09 13:15 . 2008-02-19 17:23 268 --ah----- C:\sqmdata08.sqm
2008-02-09 13:15 . 2008-02-19 11:50 268 --ah----- C:\sqmdata07.sqm
2008-02-09 13:15 . 2008-02-18 21:49 268 --ah----- C:\sqmdata05.sqm
2008-02-09 13:15 . 2008-02-19 17:23 244 --ah----- C:\sqmnoopt08.sqm
2008-02-09 13:15 . 2008-02-19 11:50 244 --ah----- C:\sqmnoopt07.sqm
2008-02-09 13:15 . 2008-02-18 21:49 244 --ah----- C:\sqmnoopt05.sqm
2008-02-09 13:15 . 2008-02-18 23:16 172 --ah----- C:\sqmnoopt06.sqm
2008-02-09 13:15 . 2008-02-18 23:16 172 --ah----- C:\sqmdata06.sqm
2008-02-08 19:05 . 2008-02-08 19:05 <REP> d-------- C:\Documents and Settings\cindy\Application Data\Yahoo!
2008-02-08 19:04 . 2008-02-08 19:04 <REP> d-------- C:\Program Files\DivX
2008-02-08 09:17 . 2008-02-18 20:55 268 --ah----- C:\sqmdata04.sqm
2008-02-08 09:17 . 2008-02-18 20:55 244 --ah----- C:\sqmnoopt04.sqm
2008-02-07 11:11 . 2008-02-18 20:36 172 --ah----- C:\sqmnoopt03.sqm
2008-02-07 11:11 . 2008-02-18 20:36 172 --ah----- C:\sqmdata03.sqm
2008-02-06 12:37 . 2008-02-18 19:44 268 --ah----- C:\sqmdata02.sqm
2008-02-06 12:37 . 2008-02-18 19:44 244 --ah----- C:\sqmnoopt02.sqm
2008-02-04 22:15 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
2008-02-04 22:15 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
2008-02-04 22:15 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
2008-02-04 22:15 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
2008-02-04 22:15 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
2008-02-04 22:15 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
2008-02-04 22:15 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
2008-02-04 22:15 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
2008-02-04 14:53 . 2008-02-04 14:53 <REP> d-------- C:\Documents and Settings\cindy\Application Data\Template
2008-02-03 14:45 . 2008-02-03 14:45 <REP> d-------- C:\WINDOWS\Sun
2008-02-03 14:43 . 2008-02-19 11:03 <REP> d-------- C:\Program Files\Google
2008-02-03 14:42 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-02-03 14:41 . 2008-02-03 14:42 <REP> d-------- C:\Program Files\Java
2008-02-03 14:40 . 2008-02-03 14:40 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-02-03 13:52 . 2007-07-30 19:19 549,720 --a------ C:\WINDOWS\system32\wuapi.dll
2008-02-03 13:52 . 2007-07-30 19:19 325,976 --a------ C:\WINDOWS\system32\wucltui.dll
2008-02-03 13:52 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl
2008-02-03 13:52 . 2007-07-30 19:19 43,352 --a------ C:\WINDOWS\system32\wups2.dll
2008-02-03 13:52 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-02-03 13:52 . 2007-07-30 19:18 33,624 --a------ C:\WINDOWS\system32\wups.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-18 14:01 71,040 ----a-w C:\WINDOWS\system32\drivers\bdfndisf.sys
2008-02-17 14:33 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-15 14:00 --------- d-----w C:\Program Files\Norton Security Scan
2008-02-11 19:51 --------- d-----w C:\Program Files\Apple Software Update
2008-02-11 18:45 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-02-10 12:28 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-04 13:40 --------- d-----w C:\Program Files\Microsoft Works
2008-02-02 14:22 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-02-02 13:59 --------- d-----w C:\Program Files\SiSVGA
2008-02-01 17:36 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2008-02-01 14:19 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-02-01 13:52 --------- d-----w C:\Program Files\uTorrent
2008-01-10 19:32 --------- d-----w C:\Program Files\Macrogaming
2007-11-29 22:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-11-29 22:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2003-07-22 16:44 1,388,544 --sh--r C:\WINDOWS\system32\msvbvm60.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D81BA243-8839-496E-A3E0-C17266E0AFE5}]
2008-02-08 02:07 217088 --a------ C:\Program Files\MSN\giquxaba89104.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Tok-Cirrhatus"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2003-07-22 17:32 13312]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-18 12:06 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"smapp"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 08:57 143360]
"SiSUSBRG"="C:\WINDOWS\SiSUSBrg.exe" [2002-07-12 17:15 106496]
"SiS Tray"="C:\WINDOWS\System32\sistray.EXE" [2003-06-26 11:35 303104]
"SiS KHooker"="C:\WINDOWS\System32\khooker.exe" [2003-05-29 03:23 294912]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-14 10:00 267064]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06 40048]
"BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2008-02-18 15:00 290816]
"BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2008-02-18 15:00 69632]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-02-18 19:00 1836544]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2003-07-22 17:32 13312]

C:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-02-18 12:06:49 125624]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vgbxyowe]
vgbxyowe.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=sockspy.dll

R1 bdftdif;BitDefender Firewall TDI Filter;C:\Program Files\Fichiers communs\Softwin\BitDefender Firewall\bdftdif.sys [2008-02-18 14:59]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\System32\DRIVERS\bdfndisf.sys [2008-02-18 15:01]
R3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;C:\WINDOWS\System32\DRIVERS\sis163u.sys [2006-03-01 19:37]
S3 SISNICXP;SiS PCI Fast Ethernet Adapter Driver for NDIS51;C:\WINDOWS\System32\DRIVERS\sisnicxp.sys []
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\System32\DRIVERS\usbscan.sys [2002-08-29 01:48]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2002-08-29 01:32]

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-18 18:48:10 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-02-15 14:00:27 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-20 18:57:52
Windows 5.1.2600 Service Pack 1 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-02-20 19:03:12
ComboFix-quarantined-files.txt 2008-02-20 18:03:02
ComboFix2.txt 2008-02-18 20:59:20

Merci encore  

Re,

[#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :



Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
[#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]

voila j'ai fait ce que tu m'a demandé

rapport combofix :

ComboFix 08-02-18.1 - cindy 2008-02-20 21:31:25.5 - NTFSx86
Endroit: C:\Documents and Settings\cindy\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\cindy\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

FILE ::
C:\Program Files\MSN\giquxaba89104.dll
.
The following files were disabled during the run:
C:\WINDOWS\system32\sockspy.dll


((((((((((((((((((((((((((((( Fichiers créés 2008-01-20 to 2008-02-20 ))))))))))))))))))))))))))))))))))))
.

2008-02-19 10:28 . 2008-02-18 15:01 913,408 --a------ C:\WINDOWS\system32\xreglib.dll
2008-02-18 22:31 . 2008-02-19 13:15 1,432 --a------ C:\DelDomains.inf
2008-02-18 20:34 . 2008-02-20 21:38 81,984 --a------ C:\WINDOWS\system32\bdod.bin
2008-02-18 14:41 . 2008-02-18 14:41 <REP> d-------- C:\Documents and Settings\cindy\Application Data\Bitdefender
2008-02-18 14:11 . 2008-02-18 15:01 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\BitDefender
2008-02-18 14:10 . 2008-02-18 14:10 <REP> d-------- C:\Program Files\Softwin
2008-02-18 14:09 . 2008-02-18 14:10 <REP> d-------- C:\Program Files\Fichiers communs\Softwin
2008-02-18 14:05 . 2008-02-18 14:05 268 --ah----- C:\sqmdata19.sqm
2008-02-18 14:05 . 2008-02-20 21:20 244 --ah----- C:\sqmnoopt19.sqm
2008-02-18 13:58 . 2008-02-20 21:20 268 --ah----- C:\sqmdata18.sqm
2008-02-18 13:58 . 2008-02-20 21:19 244 --ah----- C:\sqmnoopt18.sqm
2008-02-18 13:42 . 2008-02-18 13:42 2,676 --a------ C:\WINDOWS\system32\tmp.reg
2008-02-18 13:41 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-02-18 13:41 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-02-18 13:41 . 2008-02-16 19:46 85,504 --a------ C:\WINDOWS\system32\VACFix.exe
2008-02-18 13:41 . 2008-02-08 10:37 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-02-18 13:41 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-02-18 13:41 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-02-18 13:39 . 2008-02-20 20:59 268 --ah----- C:\sqmdata17.sqm
2008-02-18 13:39 . 2008-02-20 20:59 244 --ah----- C:\sqmnoopt17.sqm
2008-02-18 13:35 . 2008-02-20 20:11 172 --ah----- C:\sqmnoopt16.sqm
2008-02-18 13:35 . 2008-02-20 20:11 172 --ah----- C:\sqmdata16.sqm
2008-02-18 13:29 . 2008-02-20 20:11 268 --ah----- C:\sqmdata15.sqm
2008-02-18 13:29 . 2008-02-20 20:11 244 --ah----- C:\sqmnoopt15.sqm
2008-02-18 13:28 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-02-18 12:26 . 2008-02-20 18:16 304 --ah----- C:\sqmdata14.sqm
2008-02-18 12:26 . 2008-02-20 18:16 244 --ah----- C:\sqmnoopt14.sqm
2008-02-18 12:06 . 2008-02-20 11:22 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Google Updater
2008-02-18 11:58 . 2008-02-20 16:38 268 --ah----- C:\sqmdata13.sqm
2008-02-18 11:58 . 2008-02-20 16:38 244 --ah----- C:\sqmnoopt13.sqm
2008-02-18 10:40 . 2008-02-20 16:09 172 --ah----- C:\sqmnoopt12.sqm
2008-02-18 10:40 . 2008-02-20 16:10 172 --ah----- C:\sqmdata12.sqm
2008-02-18 10:18 . 2008-02-20 15:56 268 --ah----- C:\sqmdata11.sqm
2008-02-18 10:18 . 2008-02-20 15:56 244 --ah----- C:\sqmnoopt11.sqm
2008-02-17 20:25 . 2008-02-20 10:40 268 --ah----- C:\sqmdata10.sqm
2008-02-17 20:25 . 2008-02-20 10:40 244 --ah----- C:\sqmnoopt10.sqm
2008-02-17 18:05 . 2008-02-19 19:08 268 --ah----- C:\sqmdata09.sqm
2008-02-17 18:05 . 2008-02-19 19:08 244 --ah----- C:\sqmnoopt09.sqm
2008-02-17 16:44 . 2008-02-17 16:44 <REP> d-------- C:\Program Files\Alwil Software
2008-02-17 15:41 . 2008-02-17 15:39 691,545 --a------ C:\WINDOWS\unins000.exe
2008-02-17 15:41 . 2008-02-17 15:41 3,465 --a------ C:\WINDOWS\unins000.dat
2008-02-17 15:34 . 2008-02-17 17:56 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-02-17 15:16 . 2008-02-20 18:07 <REP> d-------- C:\Documents and Settings\cindy\Contacts
2008-02-17 14:47 . 2008-02-17 14:47 <REP> d-------- C:\Documents and Settings\cindy\Application Data\AntivirusOrdi
2008-02-17 14:47 . 2008-02-17 14:47 <REP> dr------- C:\Documents and Settings\All Users.WINDOWS\Application Data\SalesMon
2008-02-17 14:46 . 2008-02-17 14:46 191,512 --a------ C:\Documents and Settings\cindy\Application Data\install_fr[1].exe
2008-02-17 14:46 . 2004-10-07 13:39 89,088 --a------ C:\WINDOWS\system32\atl71.dll
2008-02-17 14:46 . 2001-03-08 18:30 24,064 --a------ C:\WINDOWS\system32\msxml3a.dll
2008-02-17 13:20 . 2008-02-17 13:20 9,662 --a------ C:\WINDOWS\system32\ZoneAlarmIconFR.ico
2008-02-16 13:08 . 2008-02-17 17:24 <REP> d-------- C:\WINDOWS\system32\yw3
2008-02-16 13:08 . 2008-02-17 17:23 <REP> d-------- C:\WINDOWS\system32\rp1
2008-02-16 13:08 . 2008-02-16 13:08 <REP> d-------- C:\WINDOWS\system32\mq9
2008-02-11 20:55 . 2008-02-11 20:55 <REP> d-------- C:\Documents and Settings\cindy\Application Data\Apple Computer
2008-02-11 20:54 . 2008-02-11 20:55 <REP> d-------- C:\Program Files\iTunes
2008-02-11 20:54 . 2008-02-11 20:54 <REP> d-------- C:\Program Files\iPod
2008-02-11 20:52 . 2008-02-11 20:53 <REP> d-------- C:\Program Files\QuickTime
2008-02-11 20:52 . 2008-02-11 20:54 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple Computer
2008-02-11 20:51 . 2008-02-11 20:51 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Apple
2008-02-10 17:17 . 2008-02-10 17:18 <REP> d-------- C:\Documents and Settings\cindy\Application Data\MSN6
2008-02-10 17:17 . 2008-02-10 17:17 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\MSN6
2008-02-10 16:37 . 2008-02-10 16:37 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Grisoft
2008-02-10 15:11 . 2008-02-10 15:11 0 --a------ C:\WINDOWS\khooker.INI
2008-02-10 13:21 . 2008-02-10 20:57 <REP> d-a------ C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
2008-02-09 17:27 . 2008-02-11 18:46 <REP> d-------- C:\WINDOWS\ShellNew
2008-02-09 13:15 . 2008-02-19 17:23 268 --ah----- C:\sqmdata08.sqm
2008-02-09 13:15 . 2008-02-19 11:50 268 --ah----- C:\sqmdata07.sqm
2008-02-09 13:15 . 2008-02-18 21:49 268 --ah----- C:\sqmdata05.sqm
2008-02-09 13:15 . 2008-02-19 17:23 244 --ah----- C:\sqmnoopt08.sqm
2008-02-09 13:15 . 2008-02-19 11:50 244 --ah----- C:\sqmnoopt07.sqm
2008-02-09 13:15 . 2008-02-18 21:49 244 --ah----- C:\sqmnoopt05.sqm
2008-02-09 13:15 . 2008-02-18 23:16 172 --ah----- C:\sqmnoopt06.sqm
2008-02-09 13:15 . 2008-02-18 23:16 172 --ah----- C:\sqmdata06.sqm
2008-02-08 19:05 . 2008-02-08 19:05 <REP> d-------- C:\Documents and Settings\cindy\Application Data\Yahoo!
2008-02-08 19:04 . 2008-02-08 19:04 <REP> d-------- C:\Program Files\DivX
2008-02-08 09:17 . 2008-02-18 20:55 268 --ah----- C:\sqmdata04.sqm
2008-02-08 09:17 . 2008-02-18 20:55 244 --ah----- C:\sqmnoopt04.sqm
2008-02-07 11:11 . 2008-02-18 20:36 172 --ah----- C:\sqmnoopt03.sqm
2008-02-07 11:11 . 2008-02-18 20:36 172 --ah----- C:\sqmdata03.sqm
2008-02-06 12:37 . 2008-02-18 19:44 268 --ah----- C:\sqmdata02.sqm
2008-02-06 12:37 . 2008-02-18 19:44 244 --ah----- C:\sqmnoopt02.sqm
2008-02-04 22:15 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
2008-02-04 22:15 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
2008-02-04 22:15 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
2008-02-04 22:15 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
2008-02-04 22:15 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
2008-02-04 22:15 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
2008-02-04 22:15 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
2008-02-04 22:15 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
2008-02-04 14:53 . 2008-02-04 14:53 <REP> d-------- C:\Documents and Settings\cindy\Application Data\Template
2008-02-03 14:45 . 2008-02-03 14:45 <REP> d-------- C:\WINDOWS\Sun
2008-02-03 14:43 . 2008-02-19 11:03 <REP> d-------- C:\Program Files\Google
2008-02-03 14:42 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-02-03 14:41 . 2008-02-03 14:42 <REP> d-------- C:\Program Files\Java
2008-02-03 14:40 . 2008-02-03 14:40 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-02-03 13:52 . 2007-07-30 19:19 549,720 --a------ C:\WINDOWS\system32\wuapi.dll
2008-02-03 13:52 . 2007-07-30 19:19 325,976 --a------ C:\WINDOWS\system32\wucltui.dll
2008-02-03 13:52 . 2007-07-30 19:19 216,408 --a------ C:\WINDOWS\system32\wuaucpl.cpl
2008-02-03 13:52 . 2007-07-30 19:19 43,352 --a------ C:\WINDOWS\system32\wups2.dll
2008-02-03 13:52 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-02-03 13:52 . 2007-07-30 19:18 33,624 --a------ C:\WINDOWS\system32\wups.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-18 14:01 71,040 ----a-w C:\WINDOWS\system32\drivers\bdfndisf.sys
2008-02-17 14:33 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-15 14:00 --------- d-----w C:\Program Files\Norton Security Scan
2008-02-11 19:51 --------- d-----w C:\Program Files\Apple Software Update
2008-02-11 18:45 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-02-10 12:28 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-04 13:40 --------- d-----w C:\Program Files\Microsoft Works
2008-02-02 14:22 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-02-02 13:59 --------- d-----w C:\Program Files\SiSVGA
2008-02-01 17:36 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2008-02-01 14:19 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-02-01 13:52 --------- d-----w C:\Program Files\uTorrent
2008-01-10 19:32 --------- d-----w C:\Program Files\Macrogaming
2007-11-29 22:30 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-11-29 22:30 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2003-07-22 16:44 1,388,544 --sh--r C:\WINDOWS\system32\msvbvm60.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Tok-Cirrhatus"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2003-07-22 17:32 13312]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-02-18 12:06 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"smapp"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 08:57 143360]
"SiSUSBRG"="C:\WINDOWS\SiSUSBrg.exe" [2002-07-12 17:15 106496]
"SiS Tray"="C:\WINDOWS\System32\sistray.EXE" [2003-06-26 11:35 303104]
"SiS KHooker"="C:\WINDOWS\System32\khooker.exe" [2003-05-29 03:23 294912]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-14 10:00 267064]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06 40048]
"BDMCon"="C:\Program Files\Softwin\BitDefender10\bdmcon.exe" [2008-02-18 15:00 290816]
"BDAgent"="C:\Program Files\Softwin\BitDefender10\bdagent.exe" [2008-02-18 15:00 69632]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-02-18 19:00 1836544]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2003-07-22 17:32 13312]

C:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-02-18 12:06:49 125624]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=sockspy.dll


.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-18 18:48:10 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-02-15 14:00:27 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-20 21:39:28
Windows 5.1.2600 Service Pack 1 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-02-20 21:44:14
ComboFix-quarantined-files.txt 2008-02-20 20:44:05
ComboFix2.txt 2008-02-20 19:27:26
ComboFix3.txt 2008-02-20 18:03:14
ComboFix4.txt 2008-02-18 20:59:20

et voila l'autre rapport :

Logfile of HijackThis v1.99.1
Scan saved at 21:47:44, on 20/02/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Inventel\Gateway\wlancfg.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\WINDOWS\System32\sistray.EXE
C:\WINDOWS\System32\khooker.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Documents and Settings\cindy\Bureau\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: (no name) - {D0943516-5076-4020-A3B5-AEFAF26AB263} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [SiS Tray] C:\WINDOWS\System32\sistray.EXE
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [Tok-Cirrhatus] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\WINDOWS\System32\shdocvw.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {B164C1FC-1BEE-A33B-E3B6-67C8F421E94B} - http://performanceoptimizer.com/files/PerformanceOptimi...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flas...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender10\vsserv.exe" /service (file missing)
O23 - Service: Service de lancement de WlanCfg (Wlancfg) - Inventel - C:\Program Files\Inventel\Gateway\wlancfg.exe
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)

mon ordi n'a pas redemarré au fait...en tout cas merci encore  

C'est mieux ?

oui largement, j'ai plus le message au demarreg, j'ai plus les nombreuses pubs qui venaient et mon ordi va plus vite.

C'est bon?!

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Trust\Trust R-Series Mouse\KMWDSrv.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Bandoo\Bandoo.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\lg_fwupdate\fwupdate.exe
C:\Program Files\Trust\Trust R-Series Mouse\StartAutorun.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\documents and settings\sipmlice\local settings\application data\hxjba.exe
C:\Program Files\Trust\Trust R-Series Mouse\KMConfig.exe
C:\Program Files\Trust\Trust R-Series Mouse\KMProcess.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\Iexplore.exe
C:\Program Files\Internet Explorer\Iexplore.exe
C:\Documents and Settings\sipmlice\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://breedband.telenet.be
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://quicknews.info/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Telenet Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://pac.telenet.be:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: Shell=Explorer.exe "C:\WINDOWS\KesenjanganSosial.exe"
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
O1 - Hosts: <html>
O1 - Hosts: <head>
O1 - Hosts: <title>Welcome to 20mbweb.com!</title>
O1 - Hosts: <style type="text/css">
O1 - Hosts: body,div,dl,dt,dd,ul,ol,li,h1,h2,h3,h4,h5,h6,pre,form,fieldset,input,textarea,p,blockquote,th,td,img,span {margin:0; padding:0;}
O1 - Hosts: body
O1 - Hosts: {
O1 - Hosts: font-family:arial,helvetica,sans serif;
O1 - Hosts: font-size:12px;
O1 - Hosts: font-weight:normal;
O1 - Hosts: }
O1 - Hosts: .clear { clear:both;}
O1 - Hosts: .buttonb {float: left;}
O1 - Hosts: .footerlink1{font-size: 11px; color: #1637AA;}
O1 - Hosts: .footerlink2{font-size: 11px; color: #000000;}
O1 - Hosts: .blackbullet{margin-bottom: 3px; margin-left: 7px; margin-right: 7px;}
O1 - Hosts: a.extralink{text-decoration: none; color: #000000;}
O1 - Hosts: a.extralink:link{text-decoration: none; color: #000000;}
O1 - Hosts: a.extralink:visited{text-decoration: none; color: #000000;}
O1 - Hosts: a.extralink:hover{text-decoration: none; color: #000000;}
O1 - Hosts: a.prodadvlink{text-decoration: none; color: #000000;font-size: 11px;font-weight: bold;}
O1 - Hosts: a.prodadvlink:link{text-decoration: none; color: #000000;font-size: 11px;font-weight: bold;}
O1 - Hosts: a.prodadvlink:visited{text-decoration: none; color: #000000;font-size: 11px;font-weight: bold;}
O1 - Hosts: a.prodadvlink:hover{text-decoration: none; color: #000000;font-size: 11px;font-weight: bold;}
O1 - Hosts: a.prodadvorlink{text-decoration: none; color: #EB4A06;font-size: 11px;font-weight: bold;}
O1 - Hosts: a.prodadvorlink:link{text-decoration: none; color: #EB4A06;font-size: 11px;font-weight: bold;}
O1 - Hosts: a.prodadvorlink:visited{text-decoration: none; color: #EB4A06;font-size: 11px;font-weight: bold;}
O1 - Hosts: a.prodadvorlink:hover{text-decoration: none; color: #EB4A06;font-size: 11px;font-weight: bold;}
O1 - Hosts: a.bluelink {color: #0000ff;}
O1 - Hosts: a.bluelink:link {color: #0000ff;}
O1 - Hosts: a.bluelink:visited {color: #0000ff;}
O1 - Hosts: a.bluelink:hover {color: #0000ff;}
O1 - Hosts: a.whitelink {color: #ffffff;}
O1 - Hosts: a.whitelink:link {color: #ffffff;}
O1 - Hosts: a.whitelink:visited {color: #ffffff;}
O1 - Hosts: a.whitelink:hover {color: #ffffff;}
O1 - Hosts: a.pricelink{text-decoration: none; color: #FF5500;}
O1 - Hosts: a.pricelink:link{text-decoration: none; color: #FF5500;}
O1 - Hosts: a.pricelink:visited{text-decoration: none; color: #FF5500;}
O1 - Hosts: a.pricelink:hover{text-decoration: none; color: #FF5500;}
O1 - Hosts: .celebbarimg {margin-right: 5px; border: 0px;}
O1 - Hosts: .leftad { padding-top: 4px; text-align: center;overflow: hidden;}
O1 - Hosts: .leftad1 { padding-top: 10px; text-align: center;overflow: hidden;}
O1 - Hosts: </style>
O1 - Hosts: <script language="javascript" type="text/javascript">
O1 - Hosts: var agt=navigator.userAgent.toLowerCase();
O1 - Hosts: var is_opera = (agt.indexOf("opera") != -1);
O1 - Hosts: function ShowHelp(obj,field,hide)
O1 - Hosts: {
O1 - Hosts: //Get help object
O1 - Hosts: var helpObj;
O1 - Hosts: if (document.all){
O1 - Hosts: helpObj = document.all[field+"_help"];}
O1 - Hosts: else if (document.getElementById){
O1 - Hosts: helpObj = document.getElementById(field+"_help");}
O1 - Hosts: if (helpObj) {
O1 - Hosts: //if help object is shown, hide it ; if object hidden, show it
O1 - Hosts: if (hide){
O1 - Hosts: helpObj.style.display = "none";}
O1 - Hosts: else{
O1 - Hosts: helpObj.style.display = "";} }
O1 - Hosts: }
O1 - Hosts: </script>
O1 - Hosts: <script language="javascript" src="http://as.casalemedia.com/sd?s=95331&f=1"></script>
O1 - Hosts: </head>
O1 - Hosts: <body>
O1 - Hosts: <div style="display:none;visibility:hidden;">
O1 - Hosts: <a href="/st.aspx"><img src="http://images-pw.secureserver.net/images/061703/spc_tra..." style="border:none" height="1" width="1" alt="" /></a>
O1 - Hosts: </div>
O1 - Hosts: <div id="header">
O1 - Hosts: <div><img src="http://images-pw.secureserver.net/images/gd/header.gif" border="0" usemap="#headerMap"/>
O1 - Hosts: <map id="headerMap" name="headerMap">
O1 - Hosts: <area shape="rect" coords="39,1,192,73" alt="GoDaddy.com" href="https://www.godaddy.com?isc=GPPGT03&ci=13109&domain=20m..."/>
O1 - Hosts: <area shape="rect" coords="243,1, 421, 42" href="https://www.godaddy.com?isc=GPPGT03&ci=13110&domain=20m..." alt="This Web page is parked FREE, courtesy of GoDaddy.com"/>
O1 - Hosts: <area shape="rect" coords="439,8,506,38" href="https://www.godaddy.com/gdshop/hotdeals/landing.asp?isc..." alt="SALE!"/>
O1 - Hosts: </map>
O1 - Hosts: </div>
O1 - Hosts: <div id="todaysoffer">
O1 - Hosts: <img style="position: relative; top: 1px;" src="http://images-pw.secureserver.net/images/gd/img_arrows_..." border="0" alt="GoDaddy.com"/>
O1 - Hosts: <span style="font-weight: bold;position: relative; top: 1px;"><a class="bluelink" href="https://www.godaddy.com/gdshop/hotdeals/landing.asp?isc...">Today's offers at GoDaddy.com</a></span>
O1 - Hosts: </div>
O1 - Hosts: <div id="domainname">
O1 - Hosts: <span style="font-size: 12px; color: #fff;">20mbweb.com</span>
O1 - Hosts: </div>
O1 - Hosts: <div id="topDomainSearch">
O1 - Hosts: <form id="LookupForm" name="LookupForm" method="post" action="https://www.godaddy.com/gdshop/registrar/search.asp?isc...">
O1 - Hosts: <input type="text" name="domaintocheck" maxlength="63" style="width:170px;" />
O1 - Hosts: <select name="tld" style="height: 21px;">
O1 - Hosts: <option value=".com">.com</option>
O1 - Hosts: <option value=".net">.net</option>
O1 - Hosts: <option value=".info">.info</option>
O1 - Hosts: <option value=".org">.org</option>
O1 - Hosts: <option value=".me">.me</option>
O1 - Hosts: <option value=".mobi">.mobi</option>
O1 - Hosts: <option value=".biz">.biz</option>
O1 - Hosts: <option value=".us">.us</option>
O1 - Hosts: <option value=".ca">.ca</option>
O1 - Hosts: <option value=".asia">.asia</option>
O1 - Hosts: <option value=".ws">.ws</option>
O1 - Hosts: <option value=".tv">.tv</option>
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [LGODDFU] "C:\Program Files\lg_fwupdate\fwupdate.exe" blrun
O4 - HKLM\..\Run: [KMCONFIG] C:\Program Files\Trust\Trust R-Series Mouse\StartAutorun.exe KMConfig.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Bron-Spizaetus] "C:\WINDOWS\ShellNew\RakyatKelaparan.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [cdoosoft] C:\DOCUME~1\sipmlice\LOCALS~1\Temp\herss.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [QUAD Windows service] C:\Program Files\QUAD Utilities\QUAD RegistryCleaner\QUAD RegistryCleaner.exe -h
O4 - HKCU\..\Run: [settdebugx.exe] C:\DOCUME~1\sipmlice\LOCALS~1\Temp\settdebugx.exe
O4 - HKCU\..\Run: [Malware Defense] "C:\Program Files\Malware Defense\mdefense.exe" -noscan
O4 - HKCU\..\Run: [hxjba] "c:\documents and settings\sipmlice\local settings\application data\hxjba.exe" hxjba
O4 - HKCU\..\Run: [Tok-Cirrhatus-2520] "C:\Documents and Settings\sipmlice\Local Settings\Application Data\br6063on.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O20 - AppInit_DLLs: c:\progra~1\bandoo\bndhook.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bandoo Coordinator - Discordia Limited - C:\PROGRA~1\Bandoo\Bandoo.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Keyboard And Mouse Communication Service (KMWDSERVICE) - UASSOFT.COM - C:\Program Files\Trust\Trust R-Series Mouse\KMWDSrv.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O24 - Desktop Component 0: (no name) - http://images.hi5.com/images/1x1_trans.gif