winsecure

j'ai oublié le résumé d'hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:07:40, on 01/03/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Common Files\aol\1175254069\ee\aolsoftware.exe
E:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
E:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\WinSecure.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\WinSecure.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\AOL 9.0 VRa\waol.exe
C:\Program Files\AOL 9.0 VRa\shellmon.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
R3 - URLSearchHook: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_6_0_1.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_6_0_1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1175254069\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [RemoteControl] "e:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.0 VRa\AOL.EXE" -b
O4 - HKCU\..\Policies\Explorer\Run: [Windows Security Tool] WinSecure.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 4.0\resources\fr-FR\local\search.html
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_03) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-win...
O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_activex/fr/TSE...
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - E:\nero8\Nero 8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - e:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe

--
End of file - 9389 bytes

Bonjour,

Télécharge Lop S&D.exe sur ton Bureau.

Double-clique dessus pour lancer l'installation

Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau

Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)

Patiente jusqu'à la fin du scan

Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

Salut. Merci de me donner un coup de main. Je vais faire ce que tu me conseil. A+

Voilà le rapport.

-----------------------------[ Lop S&D 4.0.2 ]---------------------------

[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : lionel ] [ "C:\Lop SD" ]
[ 02/03/2008 | 10:28:46,53 ] [ PC : PC-DE-LIONEL ]
[ MAJ : 30-02-2008 | 00:12 ]
[ UAC => 0 ]

-------------[ Listing des dossiers dans Application Data ]------------

[14/09/2007|14:12] C:\Users\lionel\AppData\Roaming\ACD Systems\..
[14/09/2007|14:12] C:\Users\lionel\AppData\Roaming\ACD Systems\Catalogs
[14/09/2007|14:12] C:\Users\lionel\AppData\Roaming\ACD Systems\.
[14/09/2007|14:12] C:\Users\lionel\AppData\Roaming\ACD Systems\ACDSee

[04/02/2008|15:22] C:\Users\lionel\AppData\Roaming\Adobe\..
[04/02/2008|15:22] C:\Users\lionel\AppData\Roaming\Adobe\Flash Player
[04/02/2008|15:22] C:\Users\lionel\AppData\Roaming\Adobe\.
[07/09/2007|12:24] C:\Users\lionel\AppData\Roaming\Adobe\ESD
[07/09/2007|12:24] C:\Users\lionel\AppData\Roaming\Adobe\Acrobat

[12/06/2007|12:31] C:\Users\lionel\AppData\Roaming\AdobeUM\..
[12/06/2007|12:31] C:\Users\lionel\AppData\Roaming\AdobeUM\.

[23/08/2007|20:15] C:\Users\lionel\AppData\Roaming\Ahead\Nero WaveEditor
[01/06/2007|10:50] C:\Users\lionel\AppData\Roaming\Ahead\..
[01/06/2007|10:50] C:\Users\lionel\AppData\Roaming\Ahead\.
[06/05/2007|12:39] C:\Users\lionel\AppData\Roaming\Ahead\NeroShowTime.bmk
[06/05/2007|09:05] C:\Users\lionel\AppData\Roaming\Ahead\NeroVision
[05/05/2007|13:52] C:\Users\lionel\AppData\Roaming\Ahead\Nero Burning ROM
[05/05/2007|08:13] C:\Users\lionel\AppData\Roaming\Ahead\Nero BackItUp

[03/10/2007|12:26] C:\Users\lionel\AppData\Roaming\AOL\..
[03/10/2007|12:26] C:\Users\lionel\AppData\Roaming\AOL\ACS
[03/10/2007|12:26] C:\Users\lionel\AppData\Roaming\AOL\.
[23/08/2007|17:25] C:\Users\lionel\AppData\Roaming\AOL\C_AOL 9.0 VRa
[30/03/2007|12:29] C:\Users\lionel\AppData\Roaming\AOL\C_AOL 9.0 VR

[18/02/2008|16:44] C:\Users\lionel\AppData\Roaming\Apple Computer\iTunes
[23/09/2007|20:12] C:\Users\lionel\AppData\Roaming\Apple Computer\..
[23/09/2007|20:12] C:\Users\lionel\AppData\Roaming\Apple Computer\.

[02/03/2008|09:10] C:\Users\lionel\AppData\Roaming\Application Data\Spyware Terminator
[23/09/2007|09:14] C:\Users\lionel\AppData\Roaming\Application Data\..
[23/09/2007|09:14] C:\Users\lionel\AppData\Roaming\Application Data\.

[30/05/2007|10:16] C:\Users\lionel\AppData\Roaming\BitTorrent\bittorrent.log
[30/05/2007|10:16] C:\Users\lionel\AppData\Roaming\BitTorrent\data
[22/05/2007|08:20] C:\Users\lionel\AppData\Roaming\BitTorrent\..
[22/05/2007|08:20] C:\Users\lionel\AppData\Roaming\BitTorrent\.
[22/05/2007|08:20] C:\Users\lionel\AppData\Roaming\BitTorrent\locale

[25/09/2007|12:54] C:\Users\lionel\AppData\Roaming\CyberLink\PowerDVD
[14/09/2007|14:06] C:\Users\lionel\AppData\Roaming\CyberLink\..
[14/09/2007|14:06] C:\Users\lionel\AppData\Roaming\CyberLink\.
[14/09/2007|14:06] C:\Users\lionel\AppData\Roaming\CyberLink\PowerCinema

[10/02/2008|11:35] C:\Users\lionel\AppData\Roaming\DivX\DivX Player
[09/04/2007|15:57] C:\Users\lionel\AppData\Roaming\DivX\..
[09/04/2007|15:57] C:\Users\lionel\AppData\Roaming\DivX\.
[30/03/2007|13:39] C:\Users\lionel\AppData\Roaming\DivX\DivX Codec

[30/01/2008|19:38] C:\Users\lionel\AppData\Roaming\dvdcss\CACHEDIR.TAG
[05/11/2007|13:51] C:\Users\lionel\AppData\Roaming\dvdcss\CN30EUW1-2006122217132800-2e97321f51
[05/11/2007|13:51] C:\Users\lionel\AppData\Roaming\dvdcss\..
[05/11/2007|13:51] C:\Users\lionel\AppData\Roaming\dvdcss\.

[13/12/2007|14:37] C:\Users\lionel\AppData\Roaming\EPSON\EPFB5
[13/12/2007|14:37] C:\Users\lionel\AppData\Roaming\EPSON\..
[13/12/2007|14:37] C:\Users\lionel\AppData\Roaming\EPSON\.

[04/01/2008|09:53] C:\Users\lionel\AppData\Roaming\Google\Local Search History
[18/08/2007|10:45] C:\Users\lionel\AppData\Roaming\Google\GoogleEarth
[17/06/2007|08:41] C:\Users\lionel\AppData\Roaming\Google\..
[17/06/2007|08:41] C:\Users\lionel\AppData\Roaming\Google\.

[31/01/2008|18:23] C:\Users\lionel\AppData\Roaming\Home Sweet Home\camille0
[31/01/2008|18:23] C:\Users\lionel\AppData\Roaming\Home Sweet Home\..
[31/01/2008|18:23] C:\Users\lionel\AppData\Roaming\Home Sweet Home\.

[30/03/2007|11:31] C:\Users\lionel\AppData\Roaming\Identities\..
[30/03/2007|11:31] C:\Users\lionel\AppData\Roaming\Identities\{EB9F6FC9-114F-4883-9690-848FF88000EE}
[30/03/2007|11:31] C:\Users\lionel\AppData\Roaming\Identities\.

[30/09/2007|08:35] C:\Users\lionel\AppData\Roaming\inst.exe\inst.exe

[09/07/2007|12:14] C:\Users\lionel\AppData\Roaming\InstallShield\..
[09/07/2007|12:14] C:\Users\lionel\AppData\Roaming\InstallShield\ISEngine12.0
[09/07/2007|12:14] C:\Users\lionel\AppData\Roaming\InstallShield\.

[29/01/2008|18:47] C:\Users\lionel\AppData\Roaming\iWin\Shopmania
[29/01/2008|18:47] C:\Users\lionel\AppData\Roaming\iWin\..
[29/01/2008|18:47] C:\Users\lionel\AppData\Roaming\iWin\.

[02/09/2007|07:49] C:\Users\lionel\AppData\Roaming\Lavasoft\..
[02/09/2007|07:49] C:\Users\lionel\AppData\Roaming\Lavasoft\.

[01/03/2008|11:30] C:\Users\lionel\AppData\Roaming\Macromedia\Flash Player
[25/08/2007|13:13] C:\Users\lionel\AppData\Roaming\Macromedia\Shockwave Player
[20/04/2007|19:30] C:\Users\lionel\AppData\Roaming\Macromedia\..
[20/04/2007|19:30] C:\Users\lionel\AppData\Roaming\Macromedia\.

[02/11/2006|13:37] C:\Users\lionel\AppData\Roaming\Media Center Programs\..
[02/11/2006|13:37] C:\Users\lionel\AppData\Roaming\Media Center Programs\.

[01/03/2008|13:29] C:\Users\lionel\AppData\Roaming\Microsoft\ModŠles
[23/02/2008|14:16] C:\Users\lionel\AppData\Roaming\Microsoft\Word
[23/02/2008|14:01] C:\Users\lionel\AppData\Roaming\Microsoft\preuve
[24/01/2008|13:19] C:\Users\lionel\AppData\Roaming\Microsoft\MSN Messenger
[09/01/2008|17:14] C:\Users\lionel\AppData\Roaming\Microsoft\Office
[26/11/2007|16:09] C:\Users\lionel\AppData\Roaming\Microsoft\Credentials
[02/09/2007|08:11] C:\Users\lionel\AppData\Roaming\Microsoft\Installer
[17/08/2007|10:40] C:\Users\lionel\AppData\Roaming\Microsoft\eHome
[31/07/2007|17:55] C:\Users\lionel\AppData\Roaming\Microsoft\Windows Photo Gallery
[02/07/2007|09:59] C:\Users\lionel\AppData\Roaming\Microsoft\Internet Explorer
[19/06/2007|08:58] C:\Users\lionel\AppData\Roaming\Microsoft\SystemCertificates
[19/06/2007|08:58] C:\Users\lionel\AppData\Roaming\Microsoft\Crypto
[07/06/2007|08:00] C:\Users\lionel\AppData\Roaming\Microsoft\Templates
[07/06/2007|07:54] C:\Users\lionel\AppData\Roaming\Microsoft\.
[07/06/2007|07:54] C:\Users\lionel\AppData\Roaming\Microsoft\Proof
[07/06/2007|07:54] C:\Users\lionel\AppData\Roaming\Microsoft\..
[05/06/2007|10:12] C:\Users\lionel\AppData\Roaming\Microsoft\AddIns
[30/05/2007|21:39] C:\Users\lionel\AppData\Roaming\Microsoft\Speech
[29/05/2007|18:50] C:\Users\lionel\AppData\Roaming\Microsoft\FrontPage
[09/05/2007|08:19] C:\Users\lionel\AppData\Roaming\Microsoft\MMC
[03/05/2007|19:37] C:\Users\lionel\AppData\Roaming\Microsoft\Media Catalog
[03/05/2007|19:33] C:\Users\lionel\AppData\Roaming\Microsoft\IdentityCRL
[03/05/2007|17:45] C:\Users\lionel\AppData\Roaming\Microsoft\PowerPoint
[22/04/2007|13:54] C:\Users\lionel\AppData\Roaming\Microsoft\HTML Help
[31/03/2007|13:18] C:\Users\lionel\AppData\Roaming\Microsoft\Windows Live Call
[30/03/2007|15:31] C:\Users\lionel\AppData\Roaming\Microsoft\Excel
[30/03/2007|15:29] C:\Users\lionel\AppData\Roaming\Microsoft\Macros compl‚mentaires
[30/03/2007|13:05] C:\Users\lionel\AppData\Roaming\Microsoft\Windows
[30/03/2007|12:36] C:\Users\lionel\AppData\Roaming\Microsoft\Network
[30/03/2007|11:31] C:\Users\lionel\AppData\Roaming\Microsoft\Protect

[30/03/2007|15:25] C:\Users\lionel\AppData\Roaming\Microsoft Web Folders\..
[30/03/2007|15:25] C:\Users\lionel\AppData\Roaming\Microsoft Web Folders\.

[01/02/2008|15:41] C:\Users\lionel\AppData\Roaming\My Games\..
[01/02/2008|15:41] C:\Users\lionel\AppData\Roaming\My Games\.

[29/02/2008|15:20] C:\Users\lionel\AppData\Roaming\NASA\World Wind
[29/02/2008|15:20] C:\Users\lionel\AppData\Roaming\NASA\..
[29/02/2008|15:20] C:\Users\lionel\AppData\Roaming\NASA\.

[18/12/2007|18:15] C:\Users\lionel\AppData\Roaming\Nero\Nero8
[21/11/2007|17:37] C:\Users\lionel\AppData\Roaming\Nero\..
[21/11/2007|17:37] C:\Users\lionel\AppData\Roaming\Nero\.

[20/04/2007|14:39] C:\Users\lionel\AppData\Roaming\nView_Wallpaper\..
[20/04/2007|14:39] C:\Users\lionel\AppData\Roaming\nView_Wallpaper\.

[30/09/2007|08:35] C:\Users\lionel\AppData\Roaming\pcouffin.cat\pcouffin.cat

[30/09/2007|08:35] C:\Users\lionel\AppData\Roaming\pcouffin.inf\pcouffin.inf

[30/09/2007|08:35] C:\Users\lionel\AppData\Roaming\pcouffin.log\pcouffin.log

[30/09/2007|08:35] C:\Users\lionel\AppData\Roaming\pcouffin.sys\pcouffin.sys

[17/12/2007|18:55] C:\Users\lionel\AppData\Roaming\PeerNetworking\..
[17/12/2007|18:55] C:\Users\lionel\AppData\Roaming\PeerNetworking\.

[29/01/2008|17:32] C:\Users\lionel\AppData\Roaming\PlayFirst\weddingdash
[28/01/2008|20:10] C:\Users\lionel\AppData\Roaming\PlayFirst\..
[28/01/2008|20:10] C:\Users\lionel\AppData\Roaming\PlayFirst\.
[24/01/2008|14:38] C:\Users\lionel\AppData\Roaming\PlayFirst\dinerdash2
[19/01/2008|15:03] C:\Users\lionel\AppData\Roaming\PlayFirst\dinerdashfloonthego

[22/09/2007|10:52] C:\Users\lionel\AppData\Roaming\ubi.com\Core
[22/09/2007|10:48] C:\Users\lionel\AppData\Roaming\ubi.com\..
[22/09/2007|10:48] C:\Users\lionel\AppData\Roaming\ubi.com\.

[17/12/2007|18:55] C:\Users\lionel\AppData\Roaming\UserTile.png\UserTile.png

[01/03/2008|15:36] C:\Users\lionel\AppData\Roaming\vlc\vlcrc
[18/02/2008|16:19] C:\Users\lionel\AppData\Roaming\vlc\cache
[30/03/2007|12:35] C:\Users\lionel\AppData\Roaming\vlc\..
[30/03/2007|12:35] C:\Users\lionel\AppData\Roaming\vlc\.

[30/09/2007|08:35] C:\Users\lionel\AppData\Roaming\Vso\..
[30/09/2007|08:35] C:\Users\lionel\AppData\Roaming\Vso\.
[30/09/2007|08:32] C:\Users\lionel\AppData\Roaming\Vso\ConvertXtoDVD.log

----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

[02/03/2008 10:28][--ah-----] C:\Windows\tasks\SA.DAT
[02/03/2008 10:27][--a------] C:\Windows\tasks\SCHEDLGU.TXT

------[ Listing des dossiers dans C:\ProgramData ]------

[02/03/2008|09:31] C:\ProgramData\.
[02/03/2008|09:31] C:\ProgramData\..
[14/09/2007|14:10] C:\ProgramData\ACD Systems
[07/09/2007|12:35] C:\ProgramData\Adobe
[12/09/2007|16:48] C:\ProgramData\Ahead
[18/02/2008|16:02] C:\ProgramData\AOL
[23/08/2007|17:13] C:\ProgramData\AOL Downloads
[23/09/2007|20:08] C:\ProgramData\Apple
[23/09/2007|20:11] C:\ProgramData\Apple Computer
[02/11/2006|14:02] C:\ProgramData\Application Data
[30/03/2007|11:28] C:\ProgramData\Bureau
[13/09/2007|12:22] C:\ProgramData\CyberLink
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[30/01/2008|11:47] C:\ProgramData\Escape From Paradise
[30/03/2007|11:28] C:\ProgramData\Favoris
[02/11/2006|14:02] C:\ProgramData\Favorites
[27/01/2008|19:39] C:\ProgramData\Fugazo
[01/03/2008|08:11] C:\ProgramData\GamesBar
[19/04/2007|15:59] C:\ProgramData\Google
[14/07/2007|11:10] C:\ProgramData\GRAW2
[29/01/2008|18:47] C:\ProgramData\iWin
[02/09/2007|07:59] C:\ProgramData\Lavasoft
[30/03/2007|12:29] C:\ProgramData\Macromedia
[14/07/2007|11:07] C:\ProgramData\Media Center Programs
[30/03/2007|11:28] C:\ProgramData\Menu D‚marrer
[02/09/2007|07:49] C:\ProgramData\Microsoft
[24/01/2008|11:09] C:\ProgramData\MinigolfAdventures
[30/03/2007|11:28] C:\ProgramData\ModŠles
[12/07/2007|18:38] C:\ProgramData\NannyMania
[21/11/2007|17:30] C:\ProgramData\Nero
[01/03/2008|10:23] C:\ProgramData\ntuser.pol
[25/02/2008|09:35] C:\ProgramData\NVIDIA
[20/04/2007|14:39] C:\ProgramData\nView_Profiles
[28/01/2008|20:10] C:\ProgramData\PlayFirst
[02/03/2008|09:44] C:\ProgramData\Spybot - Search & Destroy
[02/03/2008|09:11] C:\ProgramData\Spyware Terminator
[02/11/2006|14:02] C:\ProgramData\Start Menu
[02/03/2008|10:28] C:\ProgramData\TEMP
[02/11/2006|14:02] C:\ProgramData\Templates
[30/03/2007|12:28] C:\ProgramData\Viewpoint

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[01/03/2008|10:29] C:\Program Files\.
[01/03/2008|10:29] C:\Program Files\..
[10/05/2007|07:12] C:\Program Files\Acronis
[07/09/2007|12:21] C:\Program Files\Adobe
[14/07/2007|11:08] C:\Program Files\AGEIA Technologies
[30/03/2007|12:17] C:\Program Files\Alwil Software
[23/08/2007|17:24] C:\Program Files\AOL
[23/08/2007|17:26] C:\Program Files\AOL 9.0 VR
[18/02/2008|16:19] C:\Program Files\AOL 9.0 VRa
[23/09/2007|20:09] C:\Program Files\Apple Software Update
[01/04/2007|17:34] C:\Program Files\ArcSoft
[28/09/2007|10:31] C:\Program Files\AskTBar
[19/09/2007|17:30] C:\Program Files\BitTorrent Fastest Tool
[06/11/2007|14:44] C:\Program Files\Bullfrog
[12/09/2007|13:23] C:\Program Files\CDex_170b2
[01/03/2008|10:28] C:\Program Files\Common Files
[21/10/2007|09:21] C:\Program Files\Crawler
[12/09/2007|17:45] C:\Program Files\CyberLink
[30/08/2007|11:07] C:\Program Files\desktop.ini
[25/09/2007|13:18] C:\Program Files\DivX
[01/03/2008|08:35] C:\Program Files\Duke Nukem - Manhattan Project
[26/01/2008|11:44] C:\Program Files\EA GAMES
[09/07/2007|12:03] C:\Program Files\EPSON
[30/03/2007|11:28] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[27/02/2008|13:59] C:\Program Files\Gamenext
[01/03/2008|09:21] C:\Program Files\GamesBar
[03/06/2007|09:00] C:\Program Files\GigaByte
[17/06/2007|08:40] C:\Program Files\Google
[01/03/2008|09:06] C:\Program Files\Greatis
[22/02/2008|12:00] C:\Program Files\InstallShield Installation Information
[14/02/2008|11:17] C:\Program Files\Internet Explorer
[07/11/2007|20:30] C:\Program Files\iPod
[01/03/2008|10:29] C:\Program Files\Java
[22/02/2008|12:00] C:\Program Files\JoWood
[02/09/2007|08:54] C:\Program Files\Lavasoft
[07/02/2008|16:14] C:\Program Files\Lyrics Power
[13/10/2007|08:42] C:\Program Files\Micro Application
[30/03/2007|15:26] C:\Program Files\Microsoft FrontPage
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[16/11/2007|14:41] C:\Program Files\Microsoft Visual Studio
[02/11/2006|13:42] C:\Program Files\Movie Maker
[02/11/2006|13:37] C:\Program Files\MSBuild
[02/11/2006|13:37] C:\Program Files\MSN
[25/10/2007|19:29] C:\Program Files\MSN Messenger
[30/03/2007|12:18] C:\Program Files\MSN Toolbar
[06/05/2007|02:00] C:\Program Files\MSXML 4.0
[21/12/2007|17:07] C:\Program Files\Multi_Media_France
[02/10/2007|14:53] C:\Program Files\Neuf
[10/04/2007|14:17] C:\Program Files\PC Inspector File Recovery
[02/07/2007|08:45] C:\Program Files\Player Tool
[07/11/2007|20:27] C:\Program Files\QuickTime
[03/06/2007|10:01] C:\Program Files\RADVideo
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[02/03/2008|09:11] C:\Program Files\Spyware Terminator
[03/01/2008|11:31] C:\Program Files\SystemGuards.com
[25/02/2008|09:25] C:\Program Files\SystemRequirementsLab
[01/03/2008|08:50] C:\Program Files\Trend Micro
[22/09/2007|10:48] C:\Program Files\Ubi Soft
[02/11/2006|14:01] C:\Program Files\Uninstall Information
[30/03/2007|12:15] C:\Program Files\VideoLAN
[30/03/2007|12:28] C:\Program Files\Viewpoint
[02/03/2008|09:11] C:\Program Files\WinClamAVShield
[30/08/2007|11:06] C:\Program Files\Windows Calendar
[02/11/2006|13:42] C:\Program Files\Windows Collaboration
[11/04/2007|09:30] C:\Program Files\Windows Defender
[02/11/2006|13:42] C:\Program Files\Windows Journal
[10/01/2008|15:18] C:\Program Files\Windows Mail
[11/10/2007|16:17] C:\Program Files\Windows Media Player
[30/03/2007|11:28] C:\Program Files\Windows NT
[02/11/2006|13:42] C:\Program Files\Windows Photo Gallery
[10/01/2008|15:18] C:\Program Files\Windows Sidebar
[23/04/2007|16:30] C:\Program Files\WinRAR
[21/04/2007|16:54] C:\Program Files\Yahoo!

------[ Listing des dossiers dans C:\Program Files\Common Files ]------

[01/03/2008|10:28] C:\Program Files\Common Files\.
[01/03/2008|10:28] C:\Program Files\Common Files\..
[10/05/2007|07:12] C:\Program Files\Common Files\Acronis
[12/06/2007|12:31] C:\Program Files\Common Files\Adobe
[15/11/2007|18:02] C:\Program Files\Common Files\Ahead
[23/08/2007|17:29] C:\Program Files\Common Files\aol
[23/08/2007|17:23] C:\Program Files\Common Files\aolshare
[23/09/2007|20:08] C:\Program Files\Common Files\Apple
[16/11/2007|14:41] C:\Program Files\Common Files\Designer
[04/06/2007|10:40] C:\Program Files\Common Files\EasyInfo
[30/03/2007|12:20] C:\Program Files\Common Files\FDEUnInstaller.exe
[02/04/2007|08:38] C:\Program Files\Common Files\InstallShield
[01/03/2008|10:28] C:\Program Files\Common Files\Java
[16/11/2007|14:41] C:\Program Files\Common Files\microsoft shared
[21/11/2007|17:34] C:\Program Files\Common Files\Nero
[30/03/2007|12:29] C:\Program Files\Common Files\Nullsoft
[14/11/2007|13:41] C:\Program Files\Common Files\Oberon Media
[22/09/2007|10:48] C:\Program Files\Common Files\PocketSoft
[25/09/2007|13:18] C:\Program Files\Common Files\PX Storage Engine
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[02/06/2007|10:35] C:\Program Files\Common Files\SWF Studio
[03/09/2007|14:51] C:\Program Files\Common Files\System
[29/12/2007|09:33] C:\Program Files\Common Files\Wise Installation Wizard

----------------------[ Recherche avec S_Lop ]---------------------

C:\ProgramData\AOL Downloads\waol_fr\0.4327.47.1\waol-fr-0.4327.47.1.exe
C:\ProgramData\AOL Downloads\WAOL_FR_0.4327.26.1\waol-fr-0.4327.26.1.exe
C:\ProgramData\AOL Downloads\WAOL_FR_0.4327.26.1\comps\acs\acssetup.exe

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Bitdownload
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Bitdownload\BitDownload.lnk
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Bitdownload\Uninstall BitDownload.lnk
C:\Program Files\Multi_Media_France
C:\Program Files\Multi_Media_France\INSTALL.LOG
C:\Program Files\Multi_Media_France\tbMul0.dll
C:\Program Files\Multi_Media_France\tbMul1.dll
C:\Program Files\Multi_Media_France\tbMult.dll
C:\Program Files\Multi_Media_France\toolbar.cfg
C:\Program Files\Multi_Media_France\UNWISE.EXE
C:\Program Files\Multi_Media_France\UNWISE.INI

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-02 10:35:54
Windows 6.0.6000 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

/!\ [Fich:7][Doss:5] C:\Users\lionel\AppData\Local\Temp
/!\ [Fich:75][Doss:1] C:\Users\lionel\AppData\Roaming\MICROS~1\Windows\Cookies
/!\ [Fich:2062][Doss:7] C:\Users\lionel\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5

[ UAC => 1 ]

--------------------[ Fin du rapport a 10:36:01,53 ]----------------------

Re,

Relance Lop S&D

Choisis cette fois ci l'Option 2 (Suppression)

Ne ferme pas la fenêtre lors de la suppression !

Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparît pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

&

Télécharge BTFix ([#ff0000]Bibi26[/#f]).
Dézippe l'archive sur ton Bureau.

Ouvre le dossier BTFix.

Double clique sur BTFix.exe.

Clique sur Rechercher.

Un rapport va apparaître, copie/colle-le dans ta prochaine réponse.

alut voilà les réponse.
BTFix 1.081 (par bibi26) - 02/03/2008 11:45:08 - Analyse
Lancé depuis C:\Users\lionel\Desktop\BTFix\BTFix.exe

---> Fichiers/Dossiers trouvés

- C:\Windows\system32\bitsprx4.dll
- C:\Program Files\AskTBar\
- C:\Program Files\GamesBar\
- C:\ProgramData\Application Data\GamesBar\
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamesBar\

---> Analyse terminée
-----------------------------[ Lop S&D 4.0.2 ]---------------------------

[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : lionel ] [ "C:\Lop SD" ]
[ 02/03/2008 | 11:34:52,73 ] [ PC : PC-DE-LIONEL ]
[ MAJ : 30-02-2008 | 00:12 ]
[ UAC => 0 ]

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

Supprimé! - C:\Program Files\Multi_Media_France\INSTALL.LOG
Supprimé! - C:\Program Files\Multi_Media_France\tbMul0.dll
Supprimé! - C:\Program Files\Multi_Media_France\tbMul1.dll
Supprimé! - C:\Program Files\Multi_Media_France\tbMult.dll
Supprimé! - C:\Program Files\Multi_Media_France\toolbar.cfg
Supprimé! - C:\Program Files\Multi_Media_France\UNWISE.EXE
Supprimé! - C:\Program Files\Multi_Media_France\UNWISE.INI
Supprimé! - C:\ProgramData\AOL Downloads\waol_fr\0.4327.47.1\waol-fr-0.4327.47.1.exe
Supprimé! - C:\ProgramData\AOL Downloads\WAOL_FR_0.4327.26.1\waol-fr-0.4327.26.1.exe
Supprimé! - C:\ProgramData\AOL Downloads\WAOL_FR_0.4327.26.1\comps\acs\acssetup.exe
Supprimé! - C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Bitdownload
Supprimé! - C:\Program Files\Multi_Media_France
Restauré! - Fichier Hosts

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

Supprimé! - C:\Program Files\Viewpoint
Supprimé! - C:\PROGRA~2\Viewpoint

//////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


-------------[ Listing des dossiers dans Application Data ]------------

[14/09/2007|14:12] C:\Users\lionel\AppData\Roaming\ACD Systems\..
[14/09/2007|14:12] C:\Users\lionel\AppData\Roaming\ACD Systems\Catalogs
[14/09/2007|14:12] C:\Users\lionel\AppData\Roaming\ACD Systems\.
[14/09/2007|14:12] C:\Users\lionel\AppData\Roaming\ACD Systems\ACDSee

[04/02/2008|15:22] C:\Users\lionel\AppData\Roaming\Adobe\..
[04/02/2008|15:22] C:\Users\lionel\AppData\Roaming\Adobe\Flash Player
[04/02/2008|15:22] C:\Users\lionel\AppData\Roaming\Adobe\.
[07/09/2007|12:24] C:\Users\lionel\AppData\Roaming\Adobe\ESD
[07/09/2007|12:24] C:\Users\lionel\AppData\Roaming\Adobe\Acrobat

[12/06/2007|12:31] C:\Users\lionel\AppData\Roaming\AdobeUM\..
[12/06/2007|12:31] C:\Users\lionel\AppData\Roaming\AdobeUM\.

[23/08/2007|20:15] C:\Users\lionel\AppData\Roaming\Ahead\Nero WaveEditor
[01/06/2007|10:50] C:\Users\lionel\AppData\Roaming\Ahead\..
[01/06/2007|10:50] C:\Users\lionel\AppData\Roaming\Ahead\.
[06/05/2007|12:39] C:\Users\lionel\AppData\Roaming\Ahead\NeroShowTime.bmk
[06/05/2007|09:05] C:\Users\lionel\AppData\Roaming\Ahead\NeroVision
[05/05/2007|13:52] C:\Users\lionel\AppData\Roaming\Ahead\Nero Burning ROM
[05/05/2007|08:13] C:\Users\lionel\AppData\Roaming\Ahead\Nero BackItUp

[03/10/2007|12:26] C:\Users\lionel\AppData\Roaming\AOL\..
[03/10/2007|12:26] C:\Users\lionel\AppData\Roaming\AOL\ACS
[03/10/2007|12:26] C:\Users\lionel\AppData\Roaming\AOL\.
[23/08/2007|17:25] C:\Users\lionel\AppData\Roaming\AOL\C_AOL 9.0 VRa
[30/03/2007|12:29] C:\Users\lionel\AppData\Roaming\AOL\C_AOL 9.0 VR

[18/02/2008|16:44] C:\Users\lionel\AppData\Roaming\Apple Computer\iTunes
[23/09/2007|20:12] C:\Users\lionel\AppData\Roaming\Apple Computer\..
[23/09/2007|20:12] C:\Users\lionel\AppData\Roaming\Apple Computer\.

[02/03/2008|09:10] C:\Users\lionel\AppData\Roaming\Application Data\Spyware Terminator
[23/09/2007|09:14] C:\Users\lionel\AppData\Roaming\Application Data\..
[23/09/2007|09:14] C:\Users\lionel\AppData\Roaming\Application Data\.

[30/05/2007|10:16] C:\Users\lionel\AppData\Roaming\BitTorrent\bittorrent.log
[30/05/2007|10:16] C:\Users\lionel\AppData\Roaming\BitTorrent\data
[22/05/2007|08:20] C:\Users\lionel\AppData\Roaming\BitTorrent\..
[22/05/2007|08:20] C:\Users\lionel\AppData\Roaming\BitTorrent\.
[22/05/2007|08:20] C:\Users\lionel\AppData\Roaming\BitTorrent\locale

[25/09/2007|12:54] C:\Users\lionel\AppData\Roaming\CyberLink\PowerDVD
[14/09/2007|14:06] C:\Users\lionel\AppData\Roaming\CyberLink\..
[14/09/2007|14:06] C:\Users\lionel\AppData\Roaming\CyberLink\.
[14/09/2007|14:06] C:\Users\lionel\AppData\Roaming\CyberLink\PowerCinema

[10/02/2008|11:35] C:\Users\lionel\AppData\Roaming\DivX\DivX Player
[09/04/2007|15:57] C:\Users\lionel\AppData\Roaming\DivX\..
[09/04/2007|15:57] C:\Users\lionel\AppData\Roaming\DivX\.
[30/03/2007|13:39] C:\Users\lionel\AppData\Roaming\DivX\DivX Codec

[30/01/2008|19:38] C:\Users\lionel\AppData\Roaming\dvdcss\CACHEDIR.TAG
[05/11/2007|13:51] C:\Users\lionel\AppData\Roaming\dvdcss\CN30EUW1-2006122217132800-2e97321f51
[05/11/2007|13:51] C:\Users\lionel\AppData\Roaming\dvdcss\..
[05/11/2007|13:51] C:\Users\lionel\AppData\Roaming\dvdcss\.

[13/12/2007|14:37] C:\Users\lionel\AppData\Roaming\EPSON\EPFB5
[13/12/2007|14:37] C:\Users\lionel\AppData\Roaming\EPSON\..
[13/12/2007|14:37] C:\Users\lionel\AppData\Roaming\EPSON\.

[04/01/2008|09:53] C:\Users\lionel\AppData\Roaming\Google\Local Search History
[18/08/2007|10:45] C:\Users\lionel\AppData\Roaming\Google\GoogleEarth
[17/06/2007|08:41] C:\Users\lionel\AppData\Roaming\Google\..
[17/06/2007|08:41] C:\Users\lionel\AppData\Roaming\Google\.

[31/01/2008|18:23] C:\Users\lionel\AppData\Roaming\Home Sweet Home\camille0
[31/01/2008|18:23] C:\Users\lionel\AppData\Roaming\Home Sweet Home\..
[31/01/2008|18:23] C:\Users\lionel\AppData\Roaming\Home Sweet Home\.

[30/03/2007|11:31] C:\Users\lionel\AppData\Roaming\Identities\..
[30/03/2007|11:31] C:\Users\lionel\AppData\Roaming\Identities\{EB9F6FC9-114F-4883-9690-848FF88000EE}
[30/03/2007|11:31] C:\Users\lionel\AppData\Roaming\Identities\.

[30/09/2007|08:35] C:\Users\lionel\AppData\Roaming\inst.exe\inst.exe

[09/07/2007|12:14] C:\Users\lionel\AppData\Roaming\InstallShield\..
[09/07/2007|12:14] C:\Users\lionel\AppData\Roaming\InstallShield\ISEngine12.0
[09/07/2007|12:14] C:\Users\lionel\AppData\Roaming\InstallShield\.

[29/01/2008|18:47] C:\Users\lionel\AppData\Roaming\iWin\Shopmania
[29/01/2008|18:47] C:\Users\lionel\AppData\Roaming\iWin\..
[29/01/2008|18:47] C:\Users\lionel\AppData\Roaming\iWin\.

[02/09/2007|07:49] C:\Users\lionel\AppData\Roaming\Lavasoft\..
[02/09/2007|07:49] C:\Users\lionel\AppData\Roaming\Lavasoft\.

[01/03/2008|11:30] C:\Users\lionel\AppData\Roaming\Macromedia\Flash Player
[25/08/2007|13:13] C:\Users\lionel\AppData\Roaming\Macromedia\Shockwave Player
[20/04/2007|19:30] C:\Users\lionel\AppData\Roaming\Macromedia\..
[20/04/2007|19:30] C:\Users\lionel\AppData\Roaming\Macromedia\.

[02/11/2006|13:37] C:\Users\lionel\AppData\Roaming\Media Center Programs\..
[02/11/2006|13:37] C:\Users\lionel\AppData\Roaming\Media Center Programs\.

[01/03/2008|13:29] C:\Users\lionel\AppData\Roaming\Microsoft\ModŠles
[23/02/2008|14:16] C:\Users\lionel\AppData\Roaming\Microsoft\Word
[23/02/2008|14:01] C:\Users\lionel\AppData\Roaming\Microsoft\preuve
[24/01/2008|13:19] C:\Users\lionel\AppData\Roaming\Microsoft\MSN Messenger
[09/01/2008|17:14] C:\Users\lionel\AppData\Roaming\Microsoft\Office
[26/11/2007|16:09] C:\Users\lionel\AppData\Roaming\Microsoft\Credentials
[02/09/2007|08:11] C:\Users\lionel\AppData\Roaming\Microsoft\Installer
[17/08/2007|10:40] C:\Users\lionel\AppData\Roaming\Microsoft\eHome
[31/07/2007|17:55] C:\Users\lionel\AppData\Roaming\Microsoft\Windows Photo Gallery
[02/07/2007|09:59] C:\Users\lionel\AppData\Roaming\Microsoft\Internet Explorer
[19/06/2007|08:58] C:\Users\lionel\AppData\Roaming\Microsoft\SystemCertificates
[19/06/2007|08:58] C:\Users\lionel\AppData\Roaming\Microsoft\Crypto
[07/06/2007|08:00] C:\Users\lionel\AppData\Roaming\Microsoft\Templates
[07/06/2007|07:54] C:\Users\lionel\AppData\Roaming\Microsoft\.
[07/06/2007|07:54] C:\Users\lionel\AppData\Roaming\Microsoft\Proof
[07/06/2007|07:54] C:\Users\lionel\AppData\Roaming\Microsoft\..
[05/06/2007|10:12] C:\Users\lionel\AppData\Roaming\Microsoft\AddIns
[30/05/2007|21:39] C:\Users\lionel\AppData\Roaming\Microsoft\Speech
[29/05/2007|18:50] C:\Users\lionel\AppData\Roaming\Microsoft\FrontPage
[09/05/2007|08:19] C:\Users\lionel\AppData\Roaming\Microsoft\MMC
[03/05/2007|19:37] C:\Users\lionel\AppData\Roaming\Microsoft\Media Catalog
[03/05/2007|19:33] C:\Users\lionel\AppData\Roaming\Microsoft\IdentityCRL
[03/05/2007|17:45] C:\Users\lionel\AppData\Roaming\Microsoft\PowerPoint
[22/04/2007|13:54] C:\Users\lionel\AppData\Roaming\Microsoft\HTML Help
[31/03/2007|13:18] C:\Users\lionel\AppData\Roaming\Microsoft\Windows Live Call
[30/03/2007|15:31] C:\Users\lionel\AppData\Roaming\Microsoft\Excel
[30/03/2007|15:29] C:\Users\lionel\AppData\Roaming\Microsoft\Macros compl‚mentaires
[30/03/2007|13:05] C:\Users\lionel\AppData\Roaming\Microsoft\Windows
[30/03/2007|12:36] C:\Users\lionel\AppData\Roaming\Microsoft\Network
[30/03/2007|11:31] C:\Users\lionel\AppData\Roaming\Microsoft\Protect

[30/03/2007|15:25] C:\Users\lionel\AppData\Roaming\Microsoft Web Folders\..
[30/03/2007|15:25] C:\Users\lionel\AppData\Roaming\Microsoft Web Folders\.

[01/02/2008|15:41] C:\Users\lionel\AppData\Roaming\My Games\..
[01/02/2008|15:41] C:\Users\lionel\AppData\Roaming\My Games\.

[29/02/2008|15:20] C:\Users\lionel\AppData\Roaming\NASA\World Wind
[29/02/2008|15:20] C:\Users\lionel\AppData\Roaming\NASA\..
[29/02/2008|15:20] C:\Users\lionel\AppData\Roaming\NASA\.

[18/12/2007|18:15] C:\Users\lionel\AppData\Roaming\Nero\Nero8
[21/11/2007|17:37] C:\Users\lionel\AppData\Roaming\Nero\..
[21/11/2007|17:37] C:\Users\lionel\AppData\Roaming\Nero\.

[20/04/2007|14:39] C:\Users\lionel\AppData\Roaming\nView_Wallpaper\..
[20/04/2007|14:39] C:\Users\lionel\AppData\Roaming\nView_Wallpaper\.

[30/09/2007|08:35] C:\Users\lionel\AppData\Roaming\pcouffin.cat\pcouffin.cat

[30/09/2007|08:35] C:\Users\lionel\AppData\Roaming\pcouffin.inf\pcouffin.inf

[30/09/2007|08:35] C:\Users\lionel\AppData\Roaming\pcouffin.log\pcouffin.log

[30/09/2007|08:35] C:\Users\lionel\AppData\Roaming\pcouffin.sys\pcouffin.sys

[17/12/2007|18:55] C:\Users\lionel\AppData\Roaming\PeerNetworking\..
[17/12/2007|18:55] C:\Users\lionel\AppData\Roaming\PeerNetworking\.

[29/01/2008|17:32] C:\Users\lionel\AppData\Roaming\PlayFirst\weddingdash
[28/01/2008|20:10] C:\Users\lionel\AppData\Roaming\PlayFirst\..
[28/01/2008|20:10] C:\Users\lionel\AppData\Roaming\PlayFirst\.
[24/01/2008|14:38] C:\Users\lionel\AppData\Roaming\PlayFirst\dinerdash2
[19/01/2008|15:03] C:\Users\lionel\AppData\Roaming\PlayFirst\dinerdashfloonthego

[22/09/2007|10:52] C:\Users\lionel\AppData\Roaming\ubi.com\Core
[22/09/2007|10:48] C:\Users\lionel\AppData\Roaming\ubi.com\..
[22/09/2007|10:48] C:\Users\lionel\AppData\Roaming\ubi.com\.

[17/12/2007|18:55] C:\Users\lionel\AppData\Roaming\UserTile.png\UserTile.png

[01/03/2008|15:36] C:\Users\lionel\AppData\Roaming\vlc\vlcrc
[18/02/2008|16:19] C:\Users\lionel\AppData\Roaming\vlc\cache
[30/03/2007|12:35] C:\Users\lionel\AppData\Roaming\vlc\..
[30/03/2007|12:35] C:\Users\lionel\AppData\Roaming\vlc\.

[30/09/2007|08:35] C:\Users\lionel\AppData\Roaming\Vso\..
[30/09/2007|08:35] C:\Users\lionel\AppData\Roaming\Vso\.
[30/09/2007|08:32] C:\Users\lionel\AppData\Roaming\Vso\ConvertXtoDVD.log

----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

[02/03/2008 11:34][--ah-----] C:\Windows\tasks\SA.DAT
[02/03/2008 11:33][--a------] C:\Windows\tasks\SCHEDLGU.TXT

------[ Listing des dossiers dans C:\ProgramData ]------

[02/03/2008|11:35] C:\ProgramData\.
[02/03/2008|11:35] C:\ProgramData\..
[14/09/2007|14:10] C:\ProgramData\ACD Systems
[07/09/2007|12:35] C:\ProgramData\Adobe
[12/09/2007|16:48] C:\ProgramData\Ahead
[18/02/2008|16:02] C:\ProgramData\AOL
[23/08/2007|17:13] C:\ProgramData\AOL Downloads
[23/09/2007|20:08] C:\ProgramData\Apple
[23/09/2007|20:11] C:\ProgramData\Apple Computer
[02/11/2006|14:02] C:\ProgramData\Application Data
[30/03/2007|11:28] C:\ProgramData\Bureau
[13/09/2007|12:22] C:\ProgramData\CyberLink
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[30/01/2008|11:47] C:\ProgramData\Escape From Paradise
[30/03/2007|11:28] C:\ProgramData\Favoris
[02/11/2006|14:02] C:\ProgramData\Favorites
[27/01/2008|19:39] C:\ProgramData\Fugazo
[01/03/2008|08:11] C:\ProgramData\GamesBar
[19/04/2007|15:59] C:\ProgramData\Google
[14/07/2007|11:10] C:\ProgramData\GRAW2
[29/01/2008|18:47] C:\ProgramData\iWin
[02/09/2007|07:59] C:\ProgramData\Lavasoft
[30/03/2007|12:29] C:\ProgramData\Macromedia
[14/07/2007|11:07] C:\ProgramData\Media Center Programs
[30/03/2007|11:28] C:\ProgramData\Menu D‚marrer
[02/09/2007|07:49] C:\ProgramData\Microsoft
[24/01/2008|11:09] C:\ProgramData\MinigolfAdventures
[30/03/2007|11:28] C:\ProgramData\ModŠles
[12/07/2007|18:38] C:\ProgramData\NannyMania
[21/11/2007|17:30] C:\ProgramData\Nero
[01/03/2008|10:23] C:\ProgramData\ntuser.pol
[25/02/2008|09:35] C:\ProgramData\NVIDIA
[20/04/2007|14:39] C:\ProgramData\nView_Profiles
[28/01/2008|20:10] C:\ProgramData\PlayFirst
[02/03/2008|09:44] C:\ProgramData\Spybot - Search & Destroy
[02/03/2008|09:11] C:\ProgramData\Spyware Terminator
[02/11/2006|14:02] C:\ProgramData\Start Menu
[02/03/2008|11:34] C:\ProgramData\TEMP
[02/11/2006|14:02] C:\ProgramData\Templates

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[02/03/2008|11:35] C:\Program Files\.
[02/03/2008|11:35] C:\Program Files\..
[10/05/2007|07:12] C:\Program Files\Acronis
[07/09/2007|12:21] C:\Program Files\Adobe
[14/07/2007|11:08] C:\Program Files\AGEIA Technologies
[30/03/2007|12:17] C:\Program Files\Alwil Software
[23/08/2007|17:24] C:\Program Files\AOL
[23/08/2007|17:26] C:\Program Files\AOL 9.0 VR
[18/02/2008|16:19] C:\Program Files\AOL 9.0 VRa
[23/09/2007|20:09] C:\Program Files\Apple Software Update
[01/04/2007|17:34] C:\Program Files\ArcSoft
[28/09/2007|10:31] C:\Program Files\AskTBar
[19/09/2007|17:30] C:\Program Files\BitTorrent Fastest Tool
[06/11/2007|14:44] C:\Program Files\Bullfrog
[12/09/2007|13:23] C:\Program Files\CDex_170b2
[01/03/2008|10:28] C:\Program Files\Common Files
[21/10/2007|09:21] C:\Program Files\Crawler
[12/09/2007|17:45] C:\Program Files\CyberLink
[30/08/2007|11:07] C:\Program Files\desktop.ini
[25/09/2007|13:18] C:\Program Files\DivX
[01/03/2008|08:35] C:\Program Files\Duke Nukem - Manhattan Project
[26/01/2008|11:44] C:\Program Files\EA GAMES
[09/07/2007|12:03] C:\Program Files\EPSON
[30/03/2007|11:28] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[27/02/2008|13:59] C:\Program Files\Gamenext
[01/03/2008|09:21] C:\Program Files\GamesBar
[03/06/2007|09:00] C:\Program Files\GigaByte
[17/06/2007|08:40] C:\Program Files\Google
[01/03/2008|09:06] C:\Program Files\Greatis
[22/02/2008|12:00] C:\Program Files\InstallShield Installation Information
[14/02/2008|11:17] C:\Program Files\Internet Explorer
[07/11/2007|20:30] C:\Program Files\iPod
[01/03/2008|10:29] C:\Program Files\Java
[22/02/2008|12:00] C:\Program Files\JoWood
[02/09/2007|08:54] C:\Program Files\Lavasoft
[07/02/2008|16:14] C:\Program Files\Lyrics Power
[13/10/2007|08:42] C:\Program Files\Micro Application
[30/03/2007|15:26] C:\Program Files\Microsoft FrontPage
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[16/11/2007|14:41] C:\Program Files\Microsoft Visual Studio
[02/11/2006|13:42] C:\Program Files\Movie Maker
[02/11/2006|13:37] C:\Program Files\MSBuild
[02/11/2006|13:37] C:\Program Files\MSN
[25/10/2007|19:29] C:\Program Files\MSN Messenger
[30/03/2007|12:18] C:\Program Files\MSN Toolbar
[06/05/2007|02:00] C:\Program Files\MSXML 4.0
[02/10/2007|14:53] C:\Program Files\Neuf
[10/04/2007|14:17] C:\Program Files\PC Inspector File Recovery
[02/07/2007|08:45] C:\Program Files\Player Tool
[07/11/2007|20:27] C:\Program Files\QuickTime
[03/06/2007|10:01] C:\Program Files\RADVideo
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[02/03/2008|09:11] C:\Program Files\Spyware Terminator
[03/01/2008|11:31] C:\Program Files\SystemGuards.com
[25/02/2008|09:25] C:\Program Files\SystemRequirementsLab
[01/03/2008|08:50] C:\Program Files\Trend Micro
[22/09/2007|10:48] C:\Program Files\Ubi Soft
[02/11/2006|14:01] C:\Program Files\Uninstall Information
[30/03/2007|12:15] C:\Program Files\VideoLAN
[02/03/2008|09:11] C:\Program Files\WinClamAVShield
[30/08/2007|11:06] C:\Program Files\Windows Calendar
[02/11/2006|13:42] C:\Program Files\Windows Collaboration
[11/04/2007|09:30] C:\Program Files\Windows Defender
[02/11/2006|13:42] C:\Program Files\Windows Journal
[10/01/2008|15:18] C:\Program Files\Windows Mail
[11/10/2007|16:17] C:\Program Files\Windows Media Player
[30/03/2007|11:28] C:\Program Files\Windows NT
[02/11/2006|13:42] C:\Program Files\Windows Photo Gallery
[10/01/2008|15:18] C:\Program Files\Windows Sidebar
[23/04/2007|16:30] C:\Program Files\WinRAR
[21/04/2007|16:54] C:\Program Files\Yahoo!

------[ Listing des dossiers dans C:\Program Files\Common Files ]------

[01/03/2008|10:28] C:\Program Files\Common Files\.
[01/03/2008|10:28] C:\Program Files\Common Files\..
[10/05/2007|07:12] C:\Program Files\Common Files\Acronis
[12/06/2007|12:31] C:\Program Files\Common Files\Adobe
[15/11/2007|18:02] C:\Program Files\Common Files\Ahead
[23/08/2007|17:29] C:\Program Files\Common Files\aol
[23/08/2007|17:23] C:\Program Files\Common Files\aolshare
[23/09/2007|20:08] C:\Program Files\Common Files\Apple
[16/11/2007|14:41] C:\Program Files\Common Files\Designer
[04/06/2007|10:40] C:\Program Files\Common Files\EasyInfo
[30/03/2007|12:20] C:\Program Files\Common Files\FDEUnInstaller.exe
[02/04/2007|08:38] C:\Program Files\Common Files\InstallShield
[01/03/2008|10:28] C:\Program Files\Common Files\Java
[16/11/2007|14:41] C:\Program Files\Common Files\microsoft shared
[21/11/2007|17:34] C:\Program Files\Common Files\Nero
[30/03/2007|12:29] C:\Program Files\Common Files\Nullsoft
[14/11/2007|13:41] C:\Program Files\Common Files\Oberon Media
[22/09/2007|10:48] C:\Program Files\Common Files\PocketSoft
[25/09/2007|13:18] C:\Program Files\Common Files\PX Storage Engine
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[02/06/2007|10:35] C:\Program Files\Common Files\SWF Studio
[03/09/2007|14:51] C:\Program Files\Common Files\System
[29/12/2007|09:33] C:\Program Files\Common Files\Wise Installation Wizard

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-02 11:39:18
Windows 6.0.6000 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

/!\ [Fich:16][Doss:5] C:\Users\lionel\AppData\Local\Temp
/!\ [Fich:84][Doss:1] C:\Users\lionel\AppData\Roaming\MICROS~1\Windows\Cookies
/!\ [Fich:2251][Doss:7] C:\Users\lionel\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5

[ UAC => 1 ]

--------------------[ Fin du rapport a 11:39:26,40 ]----------------------

On va continuer  

Ouvre à nouveau BTFix.

Clique sur Nettoyer.

Un rapport va apparaître, copie/colle-le dans ta prochaine réponse.

voila le rapportBTFix 1.081 (par bibi26) - 02/03/2008 13:05:32 - Nettoyage - Mode normal
Lancé depuis C:\Users\lionel\Desktop\BTFix\BTFix.exe

---> Fichiers/dossiers supprimés (Première passe)

- Fichiers temporaires effacés
- C:\Windows\system32\bitsprx4.dll (erreur lors de la suppression)
- C:\Program Files\AskTBar\bar\1.bin\
- C:\Program Files\AskTBar\bar\Cache\
- C:\Program Files\AskTBar\bar\History\
- C:\Program Files\AskTBar\bar\Settings\
- C:\Program Files\AskTBar\bar\
- C:\Program Files\AskTBar\PopSwatr\History\
- C:\Program Files\AskTBar\PopSwatr\
- C:\Program Files\AskTBar\
- C:\Program Files\GamesBar\
- C:\ProgramData\Application Data\GamesBar\ (erreur lors de la suppression)
- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GamesBar\

---> Fichiers/dossiers supprimés (Seconde passe - Redémarrage de l'ordinateur)

- Fichiers temporaires effacés
- C:\Windows\system32\bitsprx4.dll (erreur lors de la suppression)
- C:\ProgramData\Application Data\GamesBar\ (erreur lors de la suppression)

---> Nettoyage terminé
. mais la fenètre winserure n'apparait plus. impeccable!!!

Refais un scan Combofix et Hijackthis  

voici leLogfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:07:40, on 01/03/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Common Files\aol\1175254069\ee\aolsoftware.exe
E:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
E:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\WinSecure.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\WinSecure.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\AOL 9.0 VRa\waol.exe
C:\Program Files\AOL 9.0 VRa\shellmon.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
R3 - URLSearchHook: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_6_0_1.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_6_0_1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1175254069\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [RemoteControl] "e:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.0 VRa\AOL.EXE" -b
O4 - HKCU\..\Policies\Explorer\Run: [Windows Security Tool] WinSecure.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 4.0\resources\fr-FR\local\search.html
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_03) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-win...
O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_activex/fr/TSE...
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - E:\nero8\Nero 8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - e:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe

--
End of file - 9389 bytes
s scans.
c'est quoi combofix? la fenetre est revenue

Je pensais que tu avais fait Combofix, désolé.

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.

Double clique sur combofix.exe afin de le lancer.

Tape sur la touche 1 (Yes) pour démarrer le scan.

Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

salut. dit impossible d'ouvrir combofix qui est sur le burreau. il me dit "une référence a été envoyé par le serveur" ??

Tu peux essayer en sans échec ?

Ca yComboFix 08-03-05.3 - lionel 2008-03-06 15:34:50.1 - NTFSx86 MINIMAL
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.2673 [GMT 1:00]
Endroit: C:\Users\lionel\Desktop\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\InternetGameBox
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\InternetGameBox\Conditions générales.lnk
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\InternetGameBox\Confidentialité.lnk
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\InternetGameBox\InternetGameBox.lnk
C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\InternetGameBox\Website.lnk
C:\Users\lionel\AppData\Local\mljbogeejj.dat
C:\Users\lionel\AppData\Local\mljbogeejj.exe
C:\Users\lionel\AppData\Local\mljbogeejj_nav.dat
C:\Users\lionel\AppData\Local\mljbogeejj_navps.dat
C:\Users\lionel\AppData\Roaming\inst.exe
C:\Windows\system32\koos.exe
C:\Windows\system32\kprof
C:\Windows\system32\poof

.
((((((((((((((((((((((((((((( Fichiers créés 2008-02-06 to 2008-03-06 ))))))))))))))))))))))))))))))))))))
.

Pas de nouveau fichier créé dans cet espace de temps

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-06 14:38 --------- d---a-w C:\PROGRA~2\TEMP
2008-03-06 14:31 --------- d-----w C:\Program Files\Spyware Terminator
2008-03-06 14:28 --------- d-----w C:\PROGRA~2\Spyware Terminator
2008-03-02 12:05 --------- d-----w C:\PROGRA~2\GamesBar
2008-03-02 10:40 --------- d-----w C:\Program Files\Viewpoint
2008-03-02 10:40 --------- d-----w C:\PROGRA~2\Viewpoint
2008-03-02 08:44 --------- d-----w C:\PROGRA~2\Spybot - Search & Destroy
2008-03-02 08:11 --------- d-----w C:\Program Files\WinClamAVShield
2008-03-01 09:29 --------- d-----w C:\Program Files\Java
2008-03-01 09:28 --------- d-----w C:\Program Files\Common Files\Java
2008-03-01 08:20 25,773 ----a-w C:\Windows\system32\drivers\regguard.sys
2008-03-01 08:06 --------- d-----w C:\Program Files\Greatis
2008-03-01 07:50 --------- d-----w C:\Program Files\Trend Micro
2008-03-01 07:35 --------- d-----w C:\Program Files\Duke Nukem - Manhattan Project
2008-02-27 12:59 --------- d-----w C:\Program Files\Gamenext
2008-02-25 08:35 --------- d-----w C:\PROGRA~2\NVIDIA
2008-02-25 08:25 --------- d-----w C:\Program Files\SystemRequirementsLab
2008-02-22 11:00 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-22 11:00 --------- d-----w C:\Program Files\JoWood
2008-02-18 15:19 --------- d-----w C:\Program Files\AOL 9.0 VRa
2008-02-18 15:02 --------- d-----w C:\PROGRA~2\AOL
2008-02-14 10:11 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
2008-02-14 10:09 54,784 ----a-w C:\Windows\system32\drivers\i8042prt.sys
2008-02-14 10:09 495,160 ----a-w C:\Windows\system32\drivers\Wdf01000.sys
2008-02-14 10:09 35,384 ----a-w C:\Windows\system32\drivers\WdfLdr.sys
2008-02-14 10:09 35,384 ----a-w C:\Windows\system32\drivers\kbdclass.sys
2008-02-14 10:09 34,360 ----a-w C:\Windows\system32\drivers\mouclass.sys
2008-02-14 10:09 19,968 ----a-w C:\Windows\system32\drivers\sermouse.sys
2008-02-14 10:05 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-02-14 10:05 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-02-14 10:05 17,464 ----a-w C:\Windows\system32\drivers\intelide.sys
2008-02-14 10:05 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-02-14 10:05 15,928 ----a-w C:\Windows\system32\drivers\pciide.sys
2008-02-14 10:05 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-02-14 10:04 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-02-14 10:04 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-14 10:04 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-14 10:04 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
2008-02-14 10:04 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-14 10:04 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-14 10:00 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-07 15:14 --------- d-----w C:\Program Files\Lyrics Power
2008-02-01 14:41 --------- d-----w C:\Users\lionel\AppData\Roaming\My Games
2008-01-31 17:23 --------- d-----w C:\Users\lionel\AppData\Roaming\Home Sweet Home
2008-01-30 10:47 --------- d-----w C:\PROGRA~2\Escape From Paradise
2008-01-29 17:47 --------- d-----w C:\Users\lionel\AppData\Roaming\iWin
2008-01-29 17:47 --------- d-----w C:\PROGRA~2\iWin
2008-01-28 19:10 --------- d-----w C:\Users\lionel\AppData\Roaming\PlayFirst
2008-01-28 19:10 --------- d-----w C:\PROGRA~2\PlayFirst
2008-01-27 18:39 --------- d-----w C:\PROGRA~2\Fugazo
2008-01-26 10:44 --------- d-----w C:\Program Files\EA GAMES
2008-01-24 10:09 --------- d-----w C:\PROGRA~2\MinigolfAdventures
2008-01-10 14:18 --------- d-----w C:\Program Files\Windows Sidebar
2008-01-10 14:18 --------- d-----w C:\Program Files\Windows Mail
2008-01-10 14:11 211,000 ----a-w C:\Windows\system32\drivers\volsnap.sys
2008-01-10 14:11 1,060,920 ----a-w C:\Windows\system32\drivers\ntfs.sys
2007-09-30 07:35 47,360 ----a-w C:\Users\lionel\AppData\Roaming\pcouffin.sys
2007-08-30 10:07 174 --sha-w C:\Program Files\desktop.ini
2007-03-30 11:20 278,528 ----a-w C:\Program Files\Common Files\FDEUnInstaller.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="e:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-04-30 18:45 171448]
"AOL Fast Start"="C:\Program Files\AOL 9.0 VRa\AOL.exe" [2007-06-21 12:44 50480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-04-11 09:25 1006264]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"HostManager"="C:\Program Files\Common Files\AOL\1175254069\ee\AOLSoftware.exe" [2006-11-14 14:55 50736]
"RemoteControl"="e:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2006-12-06 17:37 69216]
"iTunesHelper"="E:\Program Files\iTunes\iTunesHelper.exe" [2007-11-02 18:36 267048]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-12-11 17:06 86016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 11:55 5674352]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ValidateAdminCodeSignatures"= 1 (0x1)
"FilterAdministratorToken"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"LogonHoursAction"= 2 (0x2)
"DontDisplayLogonHoursWarnings"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"DontSetAutoplayCheckbox"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
"Windows Security Tool"= WinSecure.exe

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=C:\Windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
C:\Program Files\Ahead\InCD\InCD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-04-30 18:45 171448 C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{81C6A8A2-B737-4C7A-96ED-B08806D84D8D}D:\program files\emule\emule.exe"= UDP :\program files\emule\emule.exe:eMule|Desc=eMule
"UDP Query User{9879B70A-2856-423D-8DBB-31000FEE3961}D:\program files\emule\emule.exe"= TCP :\program files\emule\emule.exe:eMule|Desc=eMule
"{61B57434-2297-4273-A1A9-DAACB2FD8DDB}"= UDP:C:\Program Files\Common Files\aol\acs\AOLDial.exe:AOL Autoconnect
"{B626847F-BCD3-4F38-B083-89F717CB8074}"= TCP:C:\Program Files\Common Files\aol\acs\AOLDial.exe:AOL Autoconnect
"{DBDB9015-F8A5-4AA6-9771-91687B1D2577}"= UDP:C:\Program Files\Common Files\aol\acs\AOLacsd.exe:module de connexion AOL
"{E165CEED-13D4-4DAA-B026-6881A5B2F173}"= TCP:C:\Program Files\Common Files\aol\acs\AOLacsd.exe:module de connexion AOL
"{8E4936B5-6D1C-47D7-8EEA-A91F30DDD30B}"= UDP:C:\Program Files\AOL 9.0 VR\waol.exe:AOL
"{0D48B9F3-2536-4187-9AA8-A712ECB4C150}"= TCP:C:\Program Files\AOL 9.0 VR\waol.exe:AOL
"{DD53F42F-CAE3-4FC7-BA7E-B439A6D298BB}"= UDP:C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:AOL TopSpeed
"{753AA61F-CFBA-4588-B9CB-8B1E92DA2083}"= TCP:C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:AOL TopSpeed
"{129D2F9A-AEF1-461E-8B98-C1867AEC804D}"= UDP:C:\Program Files\Common Files\aol\Loader\aolload.exe:AOL Loader
"{AD097789-9C47-461F-B944-153B527EC6CE}"= TCP:C:\Program Files\Common Files\aol\Loader\aolload.exe:AOL Loader
"{6ACB8A63-66B1-48DA-9A61-CA7E3E7C5E79}"= UDP:C:\Program Files\Common Files\aol\System Information\sinf.exe:AOL System Information
"{720A026E-183B-4478-84D1-8795310C3550}"= TCP:C:\Program Files\Common Files\aol\System Information\sinf.exe:AOL System Information
"{79836F32-1BF6-4207-BA82-5599D72978FA}"= UDP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{A6BD6E22-7255-4F7D-9FC7-059D2AA48352}"= TCP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{9F6DE241-8586-4720-92B4-938590A59FBD}"= UDP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{E8923872-2BF7-403A-81B9-821C78B99B6F}"= TCP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{68113006-9242-4735-977D-002C30CE6D49}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)|Edge=TRUE|
"{2E36CD78-EB34-4543-B1C9-06E9BA051D1C}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)|Edge=TRUE|
"{B11461FF-9D6A-43EA-A539-5CCB48E2806A}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)|Edge=TRUE|
"TCP Query User{308E6DC4-B49D-4AB9-9996-F77EE9603621}G:\emule\emule.exe"= UDP:G:\emule\emule.exe:eMule|Desc=eMule
"UDP Query User{7CF9D6AF-3BAF-4B87-802E-6D41D97B57FC}G:\emule\emule.exe"= TCP:G:\emule\emule.exe:eMule|Desc=eMule
"{FEE18921-BE5E-4449-AABB-C73AF9EE2C01}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)|Edge=TRUE|
"{97EF33AF-7AFE-4FB5-A298-9323AE100E4D}"= UDP:G:\jeux\Civilization4.exe:Sid Meier's Civilization 4
"{DC94B30F-2ACB-4769-AD5A-DF0F56B2F85B}"= TCP:G:\jeux\Civilization4.exe:Sid Meier's Civilization 4
"TCP Query User{A61A6367-4952-4571-8A59-E6832B59B786}C:\program files\bittorrent\bittorrent.exe"= UDP:C:\program files\bittorrent\bittorrent.exe:bittorrent|Desc=bittorrent
"UDP Query User{22A28363-B5C9-456B-B499-6A64D4FCEB5F}C:\program files\bittorrent\bittorrent.exe"= TCP:C:\program files\bittorrent\bittorrent.exe:bittorrent|Desc=bittorrent
"TCP Query User{00D390C9-BFFB-45D8-B185-13E1B5EE0976}E:\program files\ea games\mohda\mohaa.exe"= UDP:E:\program files\ea games\mohda\mohaa.exe:Medal of Honor Allied Assault(tm)|Desc=Medal of Honor Allied Assault(tm)
"UDP Query User{307E46B7-FCA6-4A30-9535-CB58D3DC28AB}E:\program files\ea games\mohda\mohaa.exe"= TCP:E:\program files\ea games\mohda\mohaa.exe:Medal of Honor Allied Assault(tm)|Desc=Medal of Honor Allied Assault(tm)
"TCP Query User{2336C7C3-BCC8-449D-9C1E-15F4F8A05CE1}E:\program files\ea games\mohda\moh_spearhead.exe"= UDP:E:\program files\ea games\mohda\moh_spearhead.exe:Medal of Honor Allied Assault(tm) Spearhead|Desc=Medal of Honor Allied Assault(tm) Spearhead
"UDP Query User{FAEAB83F-8BF7-41A0-B23F-B83A9F8868EA}E:\program files\ea games\mohda\moh_spearhead.exe"= TCP:E:\program files\ea games\mohda\moh_spearhead.exe:Medal of Honor Allied Assault(tm) Spearhead|Desc=Medal of Honor Allied Assault(tm) Spearhead
"TCP Query User{576C8F82-5824-4713-A4DD-A6C1913C1D70}C:\program files\gigabyte\@bios\gwf32.exe"= UDP:C:\program files\gigabyte\@bios\gwf32.exe:gwflash|Desc=gwflash
"UDP Query User{42F9838E-2EB3-4F68-9049-C36EDE09354F}C:\program files\gigabyte\@bios\gwf32.exe"= TCP:C:\program files\gigabyte\@bios\gwf32.exe:gwflash|Desc=gwflash
"{49601469-A2C6-4D1D-9F1D-BE2FA2DD1856}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)|Edge=TRUE|
"TCP Query User{3903A9AE-F4FA-40A0-A54F-09049E86F838}E:\program files\ubisoft\blue byte\the settlers - l'héritage des rois\bin\settlershok.exe"= UDP:E:\program files\ubisoft\blue byte\the settlers - l'héritage des rois\bin\settlershok.exe:THE SETTLERS - Heritage of Kings|Desc=THE SETTLERS - Heritage of Kings
"UDP Query User{C5FD3D44-6718-431C-B572-4B5D43ED577D}E:\program files\ubisoft\blue byte\the settlers - l'héritage des rois\bin\settlershok.exe"= TCP:E:\program files\ubisoft\blue byte\the settlers - l'héritage des rois\bin\settlershok.exe:THE SETTLERS - Heritage of Kings|Desc=THE SETTLERS - Heritage of Kings
"{A7184DEC-DAFD-4EB0-A1F9-EF3D510DF884}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)|Edge=TRUE|
"{BEAB994C-CE3D-4EAD-8C77-728DE603B21B}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)|Edge=TRUE|
"{67D7E694-3635-44AD-B763-A3AE639DE964}"= UDP:E:\ghost reco\Ghost Recon Advanced Warfighter 2\graw2.exe:Ghost Recon Advanced Warfighter® 2
"{AEBFD0FD-B948-4198-823B-3E2CA03F5F5C}"= TCP:E:\ghost reco\Ghost Recon Advanced Warfighter 2\graw2.exe:Ghost Recon Advanced Warfighter® 2
"{5314CF07-4203-493A-89FA-35D34C5613D6}"= UDP:E:\ghost reco\Ghost Recon Advanced Warfighter 2\graw2_dedicated.exe:Ghost Recon Advanced Warfighter® 2 Dedicated Server
"{650AF499-D8B9-4653-BB33-9CE8F6D7AA3C}"= TCP:E:\ghost reco\Ghost Recon Advanced Warfighter 2\graw2_dedicated.exe:Ghost Recon Advanced Warfighter® 2 Dedicated Server
"{4DCFA31B-23A5-49D3-A8EF-AFCDA96238EC}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)|Edge=TRUE|
"{F3A8D48F-A7CE-4310-B6E0-A0E2A0AF360F}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)|Edge=TRUE|
"{25E37ABB-DEA8-4196-A3C4-5B7B041F98D4}"= UDP:C:\Program Files\Common Files\aol\1175254069\ee\aolsoftware.exe:AOL Shared Components
"{694351B5-BC3E-4AAB-BA55-E4BAF68A591F}"= TCP:C:\Program Files\Common Files\aol\1175254069\ee\aolsoftware.exe:AOL Shared Components
"{57BE8586-7057-41C1-8270-82D775E6296A}"= UDP:C:\Program Files\AOL 9.0 VRa\waol.exe:AOL
"{26B88617-77B5-4D96-910E-29501CFBBD04}"= TCP:C:\Program Files\AOL 9.0 VRa\waol.exe:AOL
"TCP Query User{651ADD0E-0A88-4DBB-8C88-5B697D2B3FBF}C:\program files\common files\ahead\nero web\setupx.exe"= UDP:C:\program files\common files\ahead\nero web\setupx.exe:MSI starter|Desc=MSI starter
"UDP Query User{E8ACB1A4-0299-49D3-A66A-FF4B708EC449}C:\program files\common files\ahead\nero web\setupx.exe"= TCP:C:\program files\common files\ahead\nero web\setupx.exe:MSI starter|Desc=MSI starter
"TCP Query User{017DA2E8-3C9A-4C3E-9526-CD25E17A572A}C:\program files\emule\emule.exe"= Disabled:UDP:C:\program files\emule\emule.exe:eMule Plus|Desc=eMule Plus
"UDP Query User{1174DA59-D68C-4F76-8483-E47CE4E65C9D}C:\program files\emule\emule.exe"= Disabled:TCP:C:\program files\emule\emule.exe:eMule Plus|Desc=eMule Plus
"TCP Query User{DA2C1C04-CA8D-4D68-B233-A9E4042CCE1E}E:\program files\emule\emule.exe"= Disabled:UDP:E:\program files\emule\emule.exe:eMule Plus|Desc=eMule Plus
"UDP Query User{0AD63C55-8CD4-477A-9670-193FBD00D1A3}E:\program files\emule\emule.exe"= Disabled:TCP:E:\program files\emule\emule.exe:eMule Plus|Desc=eMule Plus
"{7D65E83C-4678-4940-9F65-5F3CF190CB84}"= UDP:E:\Program Files\iTunes\iTunes.exe:iTunes
"{DF319407-957E-4D8D-B2C2-72A119885C2E}"= TCP:E:\Program Files\iTunes\iTunes.exe:iTunes
"TCP Query User{57554957-CD67-4839-AA08-A764012CA1AE}C:\program files\aol 9.0 vra\waol.exe"= UDP:C:\program files\aol 9.0 vra\waol.exe:AOL Software|Desc=AOL Software
"UDP Query User{794F25B9-C790-4517-8000-972BAAE646F3}C:\program files\aol 9.0 vra\waol.exe"= TCP:C:\program files\aol 9.0 vra\waol.exe:AOL Software|Desc=AOL Software
"TCP Query User{69885719-D9B7-4A11-B998-52E794795CB4}G:\emule\emule.exe"= UDP:G:\emule\emule.exe:eMule|Desc=eMule
"UDP Query User{EF355857-98EE-406C-A77F-080C66571BCA}G:\emule\emule.exe"= TCP:G:\emule\emule.exe:eMule|Desc=eMule
"{3CAF0294-C18D-4FD3-9C3D-AA7D6403F9E2}"= UDP:20000:emule1
"{4B4DD8FC-9077-4DA9-B5F4-66403907806C}"= TCP:20010:emule2
"{A07D49BC-13DA-48F4-9F20-60444485042F}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)|Edge=TRUE|
"{96751ACE-AC1C-42C3-B271-BA18CD1134C9}"= UDP:E:\Program Files\iTunes\iTunes.exe:iTunes
"{DACE51CB-ADFF-48EA-9C17-CDA4A097B206}"= TCP:E:\Program Files\iTunes\iTunes.exe:iTunes
"TCP Query User{083986E4-3B4A-41E9-AAEB-B3CAD1662737}E:\nero8\nero 8\nero home\nerohome.exe"= UDP:E:\nero8\nero 8\nero home\nerohome.exe:Nero Home|Desc=Nero Home
"UDP Query User{94751433-BDF6-4C38-9437-56F417984245}E:\nero8\nero 8\nero home\nerohome.exe"= TCP:E:\nero8\nero 8\nero home\nerohome.exe:Nero Home|Desc=Nero Home
"TCP Query User{714F3273-2362-4864-BC26-08ABED4BF271}E:\ghost reco\ghost recon advanced warfighter 2\graw2.exe"= UDP:E:\ghost reco\ghost recon advanced warfighter 2\graw2.exe:Ghost Recon Advanced Warfighter® 2|Desc=Ghost Recon Advanced Warfighter® 2
"UDP Query User{21D6EA6A-E0C8-43D3-BE12-4A712A06605A}E:\ghost reco\ghost recon advanced warfighter 2\graw2.exe"= TCP:E:\ghost reco\ghost recon advanced warfighter 2\graw2.exe:Ghost Recon Advanced Warfighter® 2|Desc=Ghost Recon Advanced Warfighter® 2
"TCP Query User{77BE2BDD-9A60-466A-909F-C6AAB66E0C40}F:\emule\emule.exe"= UDP:F:\emule\emule.exe:eMule|Desc=eMule
"UDP Query User{1D6EC93F-0F9E-40A2-9312-2BE8C50C9726}F:\emule\emule.exe"= TCP:F:\emule\emule.exe:eMule|Desc=eMule
"{8CAE6A35-9366-4099-9B9A-56F4F5A41ECF}"= UDP:E:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{0DDCCF91-D0FA-489F-B723-F7D795DAEA26}"= TCP:E:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"TCP Query User{0603A348-7B2B-46B4-9E8F-6A1CB063EE46}E:\program files\call of duty game of the year edition\codmp.exe"= UDP:E:\program files\call of duty game of the year edition\codmp.exe:CoDMP|Desc=CoDMP
"UDP Query User{FE317C7A-3E50-42B5-8FC2-1C403088C78F}E:\program files\call of duty game of the year edition\codmp.exe"= TCP:E:\program files\call of duty game of the year edition\codmp.exe:CoDMP|Desc=CoDMP

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B};e:\Program Files\CyberLink\PowerDVD\000.fcl [2006-11-02 15:51]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2007-12-04 15:52]
R2 SBSDWSCService;SBSD Security Center Service;e:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43]
R3 yukonwlh;Pilote miniport NDIS6.0 pour contrôleur Ethernet Marvell Yukon;C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 08:30]
S3 RegGuard;RegGuard;C:\Windows\system32\Drivers\regguard.sys [2008-03-01 09:20]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{036e3793-7bf4-11dc-9f4d-00038a000015}]
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{338dd1aa-11ac-11dc-b5e7-0016e65e60b2}]
\shell\AutoRun\command - G:\Autorun.exe

*Newly Created Service* - ATWPKT2
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-06 15:38:36
Windows 6.0.6000 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
E:\nero8\Nero 8\Nero BackItUp\NBService.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
e:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Windows\system32\conime.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\WinSecure.exe
C:\Windows\System32\WinSecure.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\AOL 9.0 VRa\waol.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-03-06 15:41:55 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-06 14:41:48
.
2008-02-29 06:56:21 --- E O F ---
est. voici le rapport.

Reposte un rapport Hijackthis.

salut voila le rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:07:40, on 01/03/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Common Files\aol\1175254069\ee\aolsoftware.exe
E:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
E:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\WinSecure.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\WinSecure.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\AOL 9.0 VRa\waol.exe
C:\Program Files\AOL 9.0 VRa\shellmon.exe
C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
R3 - URLSearchHook: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_6_0_1.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\fr\msntb.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_6_0_1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1175254069\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [RemoteControl] "e:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [iTunesHelper] "E:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.0 VRa\AOL.EXE" -b
O4 - HKCU\..\Policies\Explorer\Run: [Windows Security Tool] WinSecure.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - c:\program files\aol\aol toolbar 4.0\resources\fr-FR\local\search.html
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: AOL Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AOL Toolbar 4.0\aoltb.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/2.0.0....
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_03) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-win...
O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_activex/fr/TSE...
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - E:\nero8\Nero 8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - e:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe

--
End of file - 9389 bytes

salut c'est encore moi. depuis un problème est survenu il m'est impossible d'installer un programe. il me dit"une référence a été renvoyé par le serveur"??

Refais un scan Combofix.

ComboFix 08-03-05.3 - lionel 2008-03-11 13:36:16.1 - NTFSx86 MINIMAL
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.2670 [GMT 1:00]
Endroit: C:\Users\lionel\Desktop\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\system32\koos.exe
C:\Windows\system32\kprof
C:\Windows\system32\poof

.
((((((((((((((((((((((((((((( Fichiers créés 2008-02-11 to 2008-03-11 ))))))))))))))))))))))))))))))))))))
.

Pas de nouveau fichier créé dans cet espace de temps

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-09 10:41 --------- d-----w C:\Program Files\Spyware Terminator
2008-03-09 10:41 --------- d-----w C:\PROGRA~2\Spyware Terminator
2008-03-09 10:13 --------- d-----w C:\PROGRA~2\Spybot - Search & Destroy
2008-03-06 14:38 --------- d---a-w C:\PROGRA~2\TEMP
2008-03-02 12:05 --------- d-----w C:\PROGRA~2\GamesBar
2008-03-02 10:40 --------- d-----w C:\Program Files\Viewpoint
2008-03-02 10:40 --------- d-----w C:\PROGRA~2\Viewpoint
2008-03-02 08:11 --------- d-----w C:\Program Files\WinClamAVShield
2008-03-01 09:29 --------- d-----w C:\Program Files\Java
2008-03-01 09:28 --------- d-----w C:\Program Files\Common Files\Java
2008-03-01 08:20 25,773 ----a-w C:\Windows\system32\drivers\regguard.sys
2008-03-01 08:06 --------- d-----w C:\Program Files\Greatis
2008-03-01 07:50 --------- d-----w C:\Program Files\Trend Micro
2008-03-01 07:35 --------- d-----w C:\Program Files\Duke Nukem - Manhattan Project
2008-02-27 12:59 --------- d-----w C:\Program Files\Gamenext
2008-02-25 08:35 --------- d-----w C:\PROGRA~2\NVIDIA
2008-02-25 08:25 --------- d-----w C:\Program Files\SystemRequirementsLab
2008-02-22 11:00 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-22 11:00 --------- d-----w C:\Program Files\JoWood
2008-02-18 15:19 --------- d-----w C:\Program Files\AOL 9.0 VRa
2008-02-18 15:02 --------- d-----w C:\PROGRA~2\AOL
2008-02-14 10:11 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
2008-02-14 10:09 54,784 ----a-w C:\Windows\system32\drivers\i8042prt.sys
2008-02-14 10:09 495,160 ----a-w C:\Windows\system32\drivers\Wdf01000.sys
2008-02-14 10:09 35,384 ----a-w C:\Windows\system32\drivers\WdfLdr.sys
2008-02-14 10:09 35,384 ----a-w C:\Windows\system32\drivers\kbdclass.sys
2008-02-14 10:09 34,360 ----a-w C:\Windows\system32\drivers\mouclass.sys
2008-02-14 10:09 19,968 ----a-w C:\Windows\system32\drivers\sermouse.sys
2008-02-14 10:05 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-02-14 10:05 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-02-14 10:05 17,464 ----a-w C:\Windows\system32\drivers\intelide.sys
2008-02-14 10:05 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-02-14 10:05 15,928 ----a-w C:\Windows\system32\drivers\pciide.sys
2008-02-14 10:05 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-02-14 10:04 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-02-14 10:04 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-14 10:04 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-14 10:04 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
2008-02-14 10:04 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-14 10:04 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-14 10:00 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-07 15:14 --------- d-----w C:\Program Files\Lyrics Power
2008-02-01 14:41 --------- d-----w C:\Users\lionel\AppData\Roaming\My Games
2008-01-31 17:23 --------- d-----w C:\Users\lionel\AppData\Roaming\Home Sweet Home
2008-01-30 10:47 --------- d-----w C:\PROGRA~2\Escape From Paradise
2008-01-29 17:47 --------- d-----w C:\Users\lionel\AppData\Roaming\iWin
2008-01-29 17:47 --------- d-----w C:\PROGRA~2\iWin
2008-01-28 19:10 --------- d-----w C:\Users\lionel\AppData\Roaming\PlayFirst
2008-01-28 19:10 --------- d-----w C:\PROGRA~2\PlayFirst
2008-01-27 18:39 --------- d-----w C:\PROGRA~2\Fugazo
2008-01-26 10:44 --------- d-----w C:\Program Files\EA GAMES
2008-01-24 10:09 --------- d-----w C:\PROGRA~2\MinigolfAdventures
2007-09-30 07:35 47,360 ----a-w C:\Users\lionel\AppData\Roaming\pcouffin.sys
2007-08-30 10:07 174 --sha-w C:\Program Files\desktop.ini
2007-03-30 11:20 278,528 ----a-w C:\Program Files\Common Files\FDEUnInstaller.exe
.

((((((((((((((((((((((((((((( snapshot@2008-03-06_15.41.01.77 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-03-06 14:38:02 67,584 --s-a-w C:\Windows\bootstat.dat
+ 2008-03-11 12:39:19 67,584 --s-a-w C:\Windows\bootstat.dat
- 2008-03-06 14:22:36 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
+ 2008-03-11 12:31:49 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
- 2008-03-06 14:38:31 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-03-11 12:39:48 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-03-11 12:39:48 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2008-03-06 12:10:44 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
+ 2008-03-11 12:20:11 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
- 2008-03-06 14:38:31 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-03-11 12:39:48 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-03-11 12:39:48 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2008-03-06 14:38:28 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-03-11 12:39:46 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-03-06 14:38:28 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-03-11 12:39:46 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-03-06 14:38:28 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-03-11 12:39:46 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-03-06 12:06:15 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2008-03-09 10:11:52 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
- 2008-03-06 12:09:18 12,786 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2187180528-3365436841-3743459222-1000_UserData.bin
+ 2008-03-11 12:18:52 12,786 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-2187180528-3365436841-3743459222-1000_UserData.bin
- 2008-03-06 12:09:18 69,978 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-03-11 12:18:52 70,728 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2008-03-06 11:30:01 53,672 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-03-11 12:18:50 53,888 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="e:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2007-04-30 18:45 171448]
"AOL Fast Start"="C:\Program Files\AOL 9.0 VRa\AOL.exe" [2007-06-21 12:44 50480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-04-11 09:25 1006264]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"HostManager"="C:\Program Files\Common Files\AOL\1175254069\ee\AOLSoftware.exe" [2006-11-14 14:55 50736]
"RemoteControl"="e:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2006-12-06 17:37 69216]
"iTunesHelper"="E:\Program Files\iTunes\iTunesHelper.exe" [2007-11-02 18:36 267048]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-12-11 17:06 86016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 11:55 5674352]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ValidateAdminCodeSignatures"= 1 (0x1)
"FilterAdministratorToken"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"LogonHoursAction"= 2 (0x2)
"DontDisplayLogonHoursWarnings"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"DontSetAutoplayCheckbox"= 1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
"Windows Security Tool"= WinSecure.exe

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
path=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
backup=C:\Windows\pss\Microsoft Office.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
C:\Program Files\Ahead\InCD\InCD.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-04-30 18:45 171448 C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{81C6A8A2-B737-4C7A-96ED-B08806D84D8D}D:\program files\emule\emule.exe"= UDP :\program files\emule\emule.exe:eMule|Desc=eMule
"UDP Query User{9879B70A-2856-423D-8DBB-31000FEE3961}D:\program files\emule\emule.exe"= TCP :\program files\emule\emule.exe:eMule|Desc=eMule
"{61B57434-2297-4273-A1A9-DAACB2FD8DDB}"= UDP:C:\Program Files\Common Files\aol\acs\AOLDial.exe:AOL Autoconnect
"{B626847F-BCD3-4F38-B083-89F717CB8074}"= TCP:C:\Program Files\Common Files\aol\acs\AOLDial.exe:AOL Autoconnect
"{DBDB9015-F8A5-4AA6-9771-91687B1D2577}"= UDP:C:\Program Files\Common Files\aol\acs\AOLacsd.exe:module de connexion AOL
"{E165CEED-13D4-4DAA-B026-6881A5B2F173}"= TCP:C:\Program Files\Common Files\aol\acs\AOLacsd.exe:module de connexion AOL
"{8E4936B5-6D1C-47D7-8EEA-A91F30DDD30B}"= UDP:C:\Program Files\AOL 9.0 VR\waol.exe:AOL
"{0D48B9F3-2536-4187-9AA8-A712ECB4C150}"= TCP:C:\Program Files\AOL 9.0 VR\waol.exe:AOL
"{DD53F42F-CAE3-4FC7-BA7E-B439A6D298BB}"= UDP:C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:AOL TopSpeed
"{753AA61F-CFBA-4588-B9CB-8B1E92DA2083}"= TCP:C:\Program Files\Common Files\aol\TopSpeed\3.0\aoltpsd3.exe:AOL TopSpeed
"{129D2F9A-AEF1-461E-8B98-C1867AEC804D}"= UDP:C:\Program Files\Common Files\aol\Loader\aolload.exe:AOL Loader
"{AD097789-9C47-461F-B944-153B527EC6CE}"= TCP:C:\Program Files\Common Files\aol\Loader\aolload.exe:AOL Loader
"{6ACB8A63-66B1-48DA-9A61-CA7E3E7C5E79}"= UDP:C:\Program Files\Common Files\aol\System Information\sinf.exe:AOL System Information
"{720A026E-183B-4478-84D1-8795310C3550}"= TCP:C:\Program Files\Common Files\aol\System Information\sinf.exe:AOL System Information
"{79836F32-1BF6-4207-BA82-5599D72978FA}"= UDP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{A6BD6E22-7255-4F7D-9FC7-059D2AA48352}"= TCP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{9F6DE241-8586-4720-92B4-938590A59FBD}"= UDP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{E8923872-2BF7-403A-81B9-821C78B99B6F}"= TCP:C:\Program Files\MSN Messenger\msnmsgr.exe:MSN Messenger 7.0
"{68113006-9242-4735-977D-002C30CE6D49}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)|Edge=TRUE|
"{2E36CD78-EB34-4543-B1C9-06E9BA051D1C}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)|Edge=TRUE|
"{B11461FF-9D6A-43EA-A539-5CCB48E2806A}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)|Edge=TRUE|
"TCP Query User{308E6DC4-B49D-4AB9-9996-F77EE9603621}G:\emule\emule.exe"= UDP:G:\emule\emule.exe:eMule|Desc=eMule
"UDP Query User{7CF9D6AF-3BAF-4B87-802E-6D41D97B57FC}G:\emule\emule.exe"= TCP:G:\emule\emule.exe:eMule|Desc=eMule
"{FEE18921-BE5E-4449-AABB-C73AF9EE2C01}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)|Edge=TRUE|
"{97EF33AF-7AFE-4FB5-A298-9323AE100E4D}"= UDP:G:\jeux\Civilization4.exe:Sid Meier's Civilization 4
"{DC94B30F-2ACB-4769-AD5A-DF0F56B2F85B}"= TCP:G:\jeux\Civilization4.exe:Sid Meier's Civilization 4
"TCP Query User{A61A6367-4952-4571-8A59-E6832B59B786}C:\program files\bittorrent\bittorrent.exe"= UDP:C:\program files\bittorrent\bittorrent.exe:bittorrent|Desc=bittorrent
"UDP Query User{22A28363-B5C9-456B-B499-6A64D4FCEB5F}C:\program files\bittorrent\bittorrent.exe"= TCP:C:\program files\bittorrent\bittorrent.exe:bittorrent|Desc=bittorrent
"TCP Query User{00D390C9-BFFB-45D8-B185-13E1B5EE0976}E:\program files\ea games\mohda\mohaa.exe"= UDP:E:\program files\ea games\mohda\mohaa.exe:Medal of Honor Allied Assault(tm)|Desc=Medal of Honor Allied Assault(tm)
"UDP Query User{307E46B7-FCA6-4A30-9535-CB58D3DC28AB}E:\program files\ea games\mohda\mohaa.exe"= TCP:E:\program files\ea games\mohda\mohaa.exe:Medal of Honor Allied Assault(tm)|Desc=Medal of Honor Allied Assault(tm)
"TCP Query User{2336C7C3-BCC8-449D-9C1E-15F4F8A05CE1}E:\program files\ea games\mohda\moh_spearhead.exe"= UDP:E:\program files\ea games\mohda\moh_spearhead.exe:Medal of Honor Allied Assault(tm) Spearhead|Desc=Medal of Honor Allied Assault(tm) Spearhead
"UDP Query User{FAEAB83F-8BF7-41A0-B23F-B83A9F8868EA}E:\program files\ea games\mohda\moh_spearhead.exe"= TCP:E:\program files\ea games\mohda\moh_spearhead.exe:Medal of Honor Allied Assault(tm) Spearhead|Desc=Medal of Honor Allied Assault(tm) Spearhead
"TCP Query User{576C8F82-5824-4713-A4DD-A6C1913C1D70}C:\program files\gigabyte\@bios\gwf32.exe"= UDP:C:\program files\gigabyte\@bios\gwf32.exe:gwflash|Desc=gwflash
"UDP Query User{42F9838E-2EB3-4F68-9049-C36EDE09354F}C:\program files\gigabyte\@bios\gwf32.exe"= TCP:C:\program files\gigabyte\@bios\gwf32.exe:gwflash|Desc=gwflash
"{49601469-A2C6-4D1D-9F1D-BE2FA2DD1856}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)|Edge=TRUE|
"TCP Query User{3903A9AE-F4FA-40A0-A54F-09049E86F838}E:\program files\ubisoft\blue byte\the settlers - l'héritage des rois\bin\settlershok.exe"= UDP:E:\program files\ubisoft\blue byte\the settlers - l'héritage des rois\bin\settlershok.exe:THE SETTLERS - Heritage of Kings|Desc=THE SETTLERS - Heritage of Kings
"UDP Query User{C5FD3D44-6718-431C-B572-4B5D43ED577D}E:\program files\ubisoft\blue byte\the settlers - l'héritage des rois\bin\settlershok.exe"= TCP:E:\program files\ubisoft\blue byte\the settlers - l'héritage des rois\bin\settlershok.exe:THE SETTLERS - Heritage of Kings|Desc=THE SETTLERS - Heritage of Kings
"{A7184DEC-DAFD-4EB0-A1F9-EF3D510DF884}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)|Edge=TRUE|
"{BEAB994C-CE3D-4EAD-8C77-728DE603B21B}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)|Edge=TRUE|
"{67D7E694-3635-44AD-B763-A3AE639DE964}"= UDP:E:\ghost reco\Ghost Recon Advanced Warfighter 2\graw2.exe:Ghost Recon Advanced Warfighter® 2
"{AEBFD0FD-B948-4198-823B-3E2CA03F5F5C}"= TCP:E:\ghost reco\Ghost Recon Advanced Warfighter 2\graw2.exe:Ghost Recon Advanced Warfighter® 2
"{5314CF07-4203-493A-89FA-35D34C5613D6}"= UDP:E:\ghost reco\Ghost Recon Advanced Warfighter 2\graw2_dedicated.exe:Ghost Recon Advanced Warfighter® 2 Dedicated Server
"{650AF499-D8B9-4653-BB33-9CE8F6D7AA3C}"= TCP:E:\ghost reco\Ghost Recon Advanced Warfighter 2\graw2_dedicated.exe:Ghost Recon Advanced Warfighter® 2 Dedicated Server
"{4DCFA31B-23A5-49D3-A8EF-AFCDA96238EC}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)|Edge=TRUE|
"{F3A8D48F-A7CE-4310-B6E0-A0E2A0AF360F}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)|Edge=TRUE|
"{25E37ABB-DEA8-4196-A3C4-5B7B041F98D4}"= UDP:C:\Program Files\Common Files\aol\1175254069\ee\aolsoftware.exe:AOL Shared Components
"{694351B5-BC3E-4AAB-BA55-E4BAF68A591F}"= TCP:C:\Program Files\Common Files\aol\1175254069\ee\aolsoftware.exe:AOL Shared Components
"{57BE8586-7057-41C1-8270-82D775E6296A}"= UDP:C:\Program Files\AOL 9.0 VRa\waol.exe:AOL
"{26B88617-77B5-4D96-910E-29501CFBBD04}"= TCP:C:\Program Files\AOL 9.0 VRa\waol.exe:AOL
"TCP Query User{651ADD0E-0A88-4DBB-8C88-5B697D2B3FBF}C:\program files\common files\ahead\nero web\setupx.exe"= UDP:C:\program files\common files\ahead\nero web\setupx.exe:MSI starter|Desc=MSI starter
"UDP Query User{E8ACB1A4-0299-49D3-A66A-FF4B708EC449}C:\program files\common files\ahead\nero web\setupx.exe"= TCP:C:\program files\common files\ahead\nero web\setupx.exe:MSI starter|Desc=MSI starter
"TCP Query User{017DA2E8-3C9A-4C3E-9526-CD25E17A572A}C:\program files\emule\emule.exe"= Disabled:UDP:C:\program files\emule\emule.exe:eMule Plus|Desc=eMule Plus
"UDP Query User{1174DA59-D68C-4F76-8483-E47CE4E65C9D}C:\program files\emule\emule.exe"= Disabled:TCP:C:\program files\emule\emule.exe:eMule Plus|Desc=eMule Plus
"TCP Query User{DA2C1C04-CA8D-4D68-B233-A9E4042CCE1E}E:\program files\emule\emule.exe"= Disabled:UDP:E:\program files\emule\emule.exe:eMule Plus|Desc=eMule Plus
"UDP Query User{0AD63C55-8CD4-477A-9670-193FBD00D1A3}E:\program files\emule\emule.exe"= Disabled:TCP:E:\program files\emule\emule.exe:eMule Plus|Desc=eMule Plus
"{7D65E83C-4678-4940-9F65-5F3CF190CB84}"= UDP:E:\Program Files\iTunes\iTunes.exe:iTunes
"{DF319407-957E-4D8D-B2C2-72A119885C2E}"= TCP:E:\Program Files\iTunes\iTunes.exe:iTunes
"TCP Query User{57554957-CD67-4839-AA08-A764012CA1AE}C:\program files\aol 9.0 vra\waol.exe"= UDP:C:\program files\aol 9.0 vra\waol.exe:AOL Software|Desc=AOL Software
"UDP Query User{794F25B9-C790-4517-8000-972BAAE646F3}C:\program files\aol 9.0 vra\waol.exe"= TCP:C:\program files\aol 9.0 vra\waol.exe:AOL Software|Desc=AOL Software
"TCP Query User{69885719-D9B7-4A11-B998-52E794795CB4}G:\emule\emule.exe"= UDP:G:\emule\emule.exe:eMule|Desc=eMule
"UDP Query User{EF355857-98EE-406C-A77F-080C66571BCA}G:\emule\emule.exe"= TCP:G:\emule\emule.exe:eMule|Desc=eMule
"{3CAF0294-C18D-4FD3-9C3D-AA7D6403F9E2}"= UDP:20000:emule1
"{4B4DD8FC-9077-4DA9-B5F4-66403907806C}"= TCP:20010:emule2
"{A07D49BC-13DA-48F4-9F20-60444485042F}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)|Edge=TRUE|
"{96751ACE-AC1C-42C3-B271-BA18CD1134C9}"= UDP:E:\Program Files\iTunes\iTunes.exe:iTunes
"{DACE51CB-ADFF-48EA-9C17-CDA4A097B206}"= TCP:E:\Program Files\iTunes\iTunes.exe:iTunes
"TCP Query User{083986E4-3B4A-41E9-AAEB-B3CAD1662737}E:\nero8\nero 8\nero home\nerohome.exe"= UDP:E:\nero8\nero 8\nero home\nerohome.exe:Nero Home|Desc=Nero Home
"UDP Query User{94751433-BDF6-4C38-9437-56F417984245}E:\nero8\nero 8\nero home\nerohome.exe"= TCP:E:\nero8\nero 8\nero home\nerohome.exe:Nero Home|Desc=Nero Home
"TCP Query User{714F3273-2362-4864-BC26-08ABED4BF271}E:\ghost reco\ghost recon advanced warfighter 2\graw2.exe"= UDP:E:\ghost reco\ghost recon advanced warfighter 2\graw2.exe:Ghost Recon Advanced Warfighter® 2|Desc=Ghost Recon Advanced Warfighter® 2
"UDP Query User{21D6EA6A-E0C8-43D3-BE12-4A712A06605A}E:\ghost reco\ghost recon advanced warfighter 2\graw2.exe"= TCP:E:\ghost reco\ghost recon advanced warfighter 2\graw2.exe:Ghost Recon Advanced Warfighter® 2|Desc=Ghost Recon Advanced Warfighter® 2
"TCP Query User{77BE2BDD-9A60-466A-909F-C6AAB66E0C40}F:\emule\emule.exe"= UDP:F:\emule\emule.exe:eMule|Desc=eMule
"UDP Query User{1D6EC93F-0F9E-40A2-9312-2BE8C50C9726}F:\emule\emule.exe"= TCP:F:\emule\emule.exe:eMule|Desc=eMule
"{8CAE6A35-9366-4099-9B9A-56F4F5A41ECF}"= UDP:E:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{0DDCCF91-D0FA-489F-B723-F7D795DAEA26}"= TCP:E:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"TCP Query User{0603A348-7B2B-46B4-9E8F-6A1CB063EE46}E:\program files\call of duty game of the year edition\codmp.exe"= UDP:E:\program files\call of duty game of the year edition\codmp.exe:CoDMP|Desc=CoDMP
"UDP Query User{FE317C7A-3E50-42B5-8FC2-1C403088C78F}E:\program files\call of duty game of the year edition\codmp.exe"= TCP:E:\program files\call of duty game of the year edition\codmp.exe:CoDMP|Desc=CoDMP

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R2 {95808DC4-FA4A-4c74-92FE-5B863F82066B};{95808DC4-FA4A-4c74-92FE-5B863F82066B};e:\Program Files\CyberLink\PowerDVD\000.fcl [2006-11-02 15:51]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2007-12-04 15:52]
R2 SBSDWSCService;SBSD Security Center Service;e:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43]
R3 yukonwlh;Pilote miniport NDIS6.0 pour contrôleur Ethernet Marvell Yukon;C:\Windows\system32\DRIVERS\yk60x86.sys [2006-11-02 08:30]
S3 RegGuard;RegGuard;C:\Windows\system32\Drivers\regguard.sys [2008-03-01 09:20]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{036e3793-7bf4-11dc-9f4d-00038a000015}]
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{338dd1aa-11ac-11dc-b5e7-0016e65e60b2}]
\shell\AutoRun\command - G:\Autorun.exe

*Newly Created Service* - ATWPKT2
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-11 13:40:02
Windows 6.0.6000 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
E:\nero8\Nero 8\Nero BackItUp\NBService.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
e:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Windows\system32\conime.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\AOL 9.0 VRa\waol.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-03-11 13:42:50 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-11 12:42:43
ComboFix2.txt 2008-03-06 14:41:57
.
2008-03-07 15:21:33 --- E O F ---

Re,

Télécharge Lop S&D.exe sur ton Bureau.

Double-clique dessus pour lancer l'installation

Puis double-clique sur le raccourci Lop S&D présent sur ton Bureau

Séléctionne la langue souhaitée , puis choisis l'option 1 (Recherche)

Patiente jusqu'à la fin du scan

Poste le rapport généré (C:\lopR.txt)

(Si le Bureau ne réapparait pas presse Ctrl + Alt + Suppr , Onglet Fichier , Nouvelle tâche , tape explorer.exe et valide)

-----------------------------[ Lop S&D 4.0.2 ]---------------------------

[ Windows 'Longhorn' (NT 6.0) Workstation Build 6000 ]
[ USER : lionel ] [ "C:\Lop SD" ]
[ 12/03/2008 | 17:31:56,78 ] [ PC : PC-DE-LIONEL ]
[ MAJ : 30-02-2008 | 00:12 ]
[ UAC => 0 ]

-------------[ Listing des dossiers dans Application Data ]------------

[14/09/2007|14:12] C:\Users\lionel\AppData\Roaming\ACD Systems\..
[14/09/2007|14:12] C:\Users\lionel\AppData\Roaming\ACD Systems\Catalogs
[14/09/2007|14:12] C:\Users\lionel\AppData\Roaming\ACD Systems\.
[14/09/2007|14:12] C:\Users\lionel\AppData\Roaming\ACD Systems\ACDSee

[04/02/2008|15:22] C:\Users\lionel\AppData\Roaming\Adobe\..
[04/02/2008|15:22] C:\Users\lionel\AppData\Roaming\Adobe\Flash Player
[04/02/2008|15:22] C:\Users\lionel\AppData\Roaming\Adobe\.
[07/09/2007|12:24] C:\Users\lionel\AppData\Roaming\Adobe\ESD
[07/09/2007|12:24] C:\Users\lionel\AppData\Roaming\Adobe\Acrobat

[12/06/2007|12:31] C:\Users\lionel\AppData\Roaming\AdobeUM\..
[12/06/2007|12:31] C:\Users\lionel\AppData\Roaming\AdobeUM\.

[23/08/2007|20:15] C:\Users\lionel\AppData\Roaming\Ahead\Nero WaveEditor
[01/06/2007|10:50] C:\Users\lionel\AppData\Roaming\Ahead\..
[01/06/2007|10:50] C:\Users\lionel\AppData\Roaming\Ahead\.
[06/05/2007|12:39] C:\Users\lionel\AppData\Roaming\Ahead\NeroShowTime.bmk
[06/05/2007|09:05] C:\Users\lionel\AppData\Roaming\Ahead\NeroVision
[05/05/2007|13:52] C:\Users\lionel\AppData\Roaming\Ahead\Nero Burning ROM
[05/05/2007|08:13] C:\Users\lionel\AppData\Roaming\Ahead\Nero BackItUp

[03/10/2007|12:26] C:\Users\lionel\AppData\Roaming\AOL\..
[03/10/2007|12:26] C:\Users\lionel\AppData\Roaming\AOL\ACS
[03/10/2007|12:26] C:\Users\lionel\AppData\Roaming\AOL\.
[23/08/2007|17:25] C:\Users\lionel\AppData\Roaming\AOL\C_AOL 9.0 VRa
[30/03/2007|12:29] C:\Users\lionel\AppData\Roaming\AOL\C_AOL 9.0 VR

[18/02/2008|16:44] C:\Users\lionel\AppData\Roaming\Apple Computer\iTunes
[23/09/2007|20:12] C:\Users\lionel\AppData\Roaming\Apple Computer\..
[23/09/2007|20:12] C:\Users\lionel\AppData\Roaming\Apple Computer\.

[09/03/2008|11:41] C:\Users\lionel\AppData\Roaming\Application Data\Spyware Terminator
[23/09/2007|09:14] C:\Users\lionel\AppData\Roaming\Application Data\..
[23/09/2007|09:14] C:\Users\lionel\AppData\Roaming\Application Data\.

[30/05/2007|10:16] C:\Users\lionel\AppData\Roaming\BitTorrent\bittorrent.log
[30/05/2007|10:16] C:\Users\lionel\AppData\Roaming\BitTorrent\data
[22/05/2007|08:20] C:\Users\lionel\AppData\Roaming\BitTorrent\..
[22/05/2007|08:20] C:\Users\lionel\AppData\Roaming\BitTorrent\.
[22/05/2007|08:20] C:\Users\lionel\AppData\Roaming\BitTorrent\locale

[25/09/2007|12:54] C:\Users\lionel\AppData\Roaming\CyberLink\PowerDVD
[14/09/2007|14:06] C:\Users\lionel\AppData\Roaming\CyberLink\..
[14/09/2007|14:06] C:\Users\lionel\AppData\Roaming\CyberLink\.
[14/09/2007|14:06] C:\Users\lionel\AppData\Roaming\CyberLink\PowerCinema

[10/02/2008|11:35] C:\Users\lionel\AppData\Roaming\DivX\DivX Player
[09/04/2007|15:57] C:\Users\lionel\AppData\Roaming\DivX\..
[09/04/2007|15:57] C:\Users\lionel\AppData\Roaming\DivX\.
[30/03/2007|13:39] C:\Users\lionel\AppData\Roaming\DivX\DivX Codec

[30/01/2008|19:38] C:\Users\lionel\AppData\Roaming\dvdcss\CACHEDIR.TAG
[05/11/2007|13:51] C:\Users\lionel\AppData\Roaming\dvdcss\CN30EUW1-2006122217132800-2e97321f51
[05/11/2007|13:51] C:\Users\lionel\AppData\Roaming\dvdcss\..
[05/11/2007|13:51] C:\Users\lionel\AppData\Roaming\dvdcss\.

[13/12/2007|14:37] C:\Users\lionel\AppData\Roaming\EPSON\EPFB5
[13/12/2007|14:37] C:\Users\lionel\AppData\Roaming\EPSON\..
[13/12/2007|14:37] C:\Users\lionel\AppData\Roaming\EPSON\.

[04/03/2008|18:07] C:\Users\lionel\AppData\Roaming\Google\Local Search History
[18/08/2007|10:45] C:\Users\lionel\AppData\Roaming\Google\GoogleEarth
[17/06/2007|08:41] C:\Users\lionel\AppData\Roaming\Google\..
[17/06/2007|08:41] C:\Users\lionel\AppData\Roaming\Google\.

[31/01/2008|18:23] C:\Users\lionel\AppData\Roaming\Home Sweet Home\camille0
[31/01/2008|18:23] C:\Users\lionel\AppData\Roaming\Home Sweet Home\..
[31/01/2008|18:23] C:\Users\lionel\AppData\Roaming\Home Sweet Home\.

[30/03/2007|11:31] C:\Users\lionel\AppData\Roaming\Identities\..
[30/03/2007|11:31] C:\Users\lionel\AppData\Roaming\Identities\{EB9F6FC9-114F-4883-9690-848FF88000EE}
[30/03/2007|11:31] C:\Users\lionel\AppData\Roaming\Identities\.

[09/07/2007|12:14] C:\Users\lionel\AppData\Roaming\InstallShield\..
[09/07/2007|12:14] C:\Users\lionel\AppData\Roaming\InstallShield\ISEngine12.0
[09/07/2007|12:14] C:\Users\lionel\AppData\Roaming\InstallShield\.

[29/01/2008|18:47] C:\Users\lionel\AppData\Roaming\iWin\Shopmania
[29/01/2008|18:47] C:\Users\lionel\AppData\Roaming\iWin\..
[29/01/2008|18:47] C:\Users\lionel\AppData\Roaming\iWin\.

[02/09/2007|07:49] C:\Users\lionel\AppData\Roaming\Lavasoft\..
[02/09/2007|07:49] C:\Users\lionel\AppData\Roaming\Lavasoft\.

[01/03/2008|11:30] C:\Users\lionel\AppData\Roaming\Macromedia\Flash Player
[25/08/2007|13:13] C:\Users\lionel\AppData\Roaming\Macromedia\Shockwave Player
[20/04/2007|19:30] C:\Users\lionel\AppData\Roaming\Macromedia\..
[20/04/2007|19:30] C:\Users\lionel\AppData\Roaming\Macromedia\.

[02/11/2006|13:37] C:\Users\lionel\AppData\Roaming\Media Center Programs\..
[02/11/2006|13:37] C:\Users\lionel\AppData\Roaming\Media Center Programs\.

[09/03/2008|09:28] C:\Users\lionel\AppData\Roaming\Microsoft\Credentials
[01/03/2008|13:29] C:\Users\lionel\AppData\Roaming\Microsoft\ModŠles
[23/02/2008|14:16] C:\Users\lionel\AppData\Roaming\Microsoft\Word
[23/02/2008|14:01] C:\Users\lionel\AppData\Roaming\Microsoft\preuve
[24/01/2008|13:19] C:\Users\lionel\AppData\Roaming\Microsoft\MSN Messenger
[09/01/2008|17:14] C:\Users\lionel\AppData\Roaming\Microsoft\Office
[02/09/2007|08:11] C:\Users\lionel\AppData\Roaming\Microsoft\Installer
[17/08/2007|10:40] C:\Users\lionel\AppData\Roaming\Microsoft\eHome
[31/07/2007|17:55] C:\Users\lionel\AppData\Roaming\Microsoft\Windows Photo Gallery
[02/07/2007|09:59] C:\Users\lionel\AppData\Roaming\Microsoft\Internet Explorer
[19/06/2007|08:58] C:\Users\lionel\AppData\Roaming\Microsoft\SystemCertificates
[19/06/2007|08:58] C:\Users\lionel\AppData\Roaming\Microsoft\Crypto
[07/06/2007|08:00] C:\Users\lionel\AppData\Roaming\Microsoft\Templates
[07/06/2007|07:54] C:\Users\lionel\AppData\Roaming\Microsoft\.
[07/06/2007|07:54] C:\Users\lionel\AppData\Roaming\Microsoft\Proof
[07/06/2007|07:54] C:\Users\lionel\AppData\Roaming\Microsoft\..
[05/06/2007|10:12] C:\Users\lionel\AppData\Roaming\Microsoft\AddIns
[30/05/2007|21:39] C:\Users\lionel\AppData\Roaming\Microsoft\Speech
[29/05/2007|18:50] C:\Users\lionel\AppData\Roaming\Microsoft\FrontPage
[09/05/2007|08:19] C:\Users\lionel\AppData\Roaming\Microsoft\MMC
[03/05/2007|19:37] C:\Users\lionel\AppData\Roaming\Microsoft\Media Catalog
[03/05/2007|19:33] C:\Users\lionel\AppData\Roaming\Microsoft\IdentityCRL
[03/05/2007|17:45] C:\Users\lionel\AppData\Roaming\Microsoft\PowerPoint
[22/04/2007|13:54] C:\Users\lionel\AppData\Roaming\Microsoft\HTML Help
[31/03/2007|13:18] C:\Users\lionel\AppData\Roaming\Microsoft\Windows Live Call
[30/03/2007|15:31] C:\Users\lionel\AppData\Roaming\Microsoft\Excel
[30/03/2007|15:29] C:\Users\lionel\AppData\Roaming\Microsoft\Macros compl‚mentaires
[30/03/2007|13:05] C:\Users\lionel\AppData\Roaming\Microsoft\Windows
[30/03/2007|12:36] C:\Users\lionel\AppData\Roaming\Microsoft\Network
[30/03/2007|11:31] C:\Users\lionel\AppData\Roaming\Microsoft\Protect

[30/03/2007|15:25] C:\Users\lionel\AppData\Roaming\Microsoft Web Folders\..
[30/03/2007|15:25] C:\Users\lionel\AppData\Roaming\Microsoft Web Folders\.

[01/02/2008|15:41] C:\Users\lionel\AppData\Roaming\My Games\..
[01/02/2008|15:41] C:\Users\lionel\AppData\Roaming\My Games\.

[18/12/2007|18:15] C:\Users\lionel\AppData\Roaming\Nero\Nero8
[21/11/2007|17:37] C:\Users\lionel\AppData\Roaming\Nero\..
[21/11/2007|17:37] C:\Users\lionel\AppData\Roaming\Nero\.

[20/04/2007|14:39] C:\Users\lionel\AppData\Roaming\nView_Wallpaper\..
[20/04/2007|14:39] C:\Users\lionel\AppData\Roaming\nView_Wallpaper\.

[30/09/2007|08:35] C:\Users\lionel\AppData\Roaming\pcouffin.cat\pcouffin.cat

[30/09/2007|08:35] C:\Users\lionel\AppData\Roaming\pcouffin.inf\pcouffin.inf

[30/09/2007|08:35] C:\Users\lionel\AppData\Roaming\pcouffin.log\pcouffin.log

[30/09/2007|08:35] C:\Users\lionel\AppData\Roaming\pcouffin.sys\pcouffin.sys

[17/12/2007|18:55] C:\Users\lionel\AppData\Roaming\PeerNetworking\..
[17/12/2007|18:55] C:\Users\lionel\AppData\Roaming\PeerNetworking\.

[29/01/2008|17:32] C:\Users\lionel\AppData\Roaming\PlayFirst\weddingdash
[28/01/2008|20:10] C:\Users\lionel\AppData\Roaming\PlayFirst\..
[28/01/2008|20:10] C:\Users\lionel\AppData\Roaming\PlayFirst\.
[24/01/2008|14:38] C:\Users\lionel\AppData\Roaming\PlayFirst\dinerdash2
[19/01/2008|15:03] C:\Users\lionel\AppData\Roaming\PlayFirst\dinerdashfloonthego

[22/09/2007|10:52] C:\Users\lionel\AppData\Roaming\ubi.com\Core
[22/09/2007|10:48] C:\Users\lionel\AppData\Roaming\ubi.com\..
[22/09/2007|10:48] C:\Users\lionel\AppData\Roaming\ubi.com\.

[17/12/2007|18:55] C:\Users\lionel\AppData\Roaming\UserTile.png\UserTile.png

[12/03/2008|15:48] C:\Users\lionel\AppData\Roaming\vlc\vlcrc
[09/03/2008|11:11] C:\Users\lionel\AppData\Roaming\vlc\cache
[30/03/2007|12:35] C:\Users\lionel\AppData\Roaming\vlc\..
[30/03/2007|12:35] C:\Users\lionel\AppData\Roaming\vlc\.

[30/09/2007|08:35] C:\Users\lionel\AppData\Roaming\Vso\..
[30/09/2007|08:35] C:\Users\lionel\AppData\Roaming\Vso\.
[30/09/2007|08:32] C:\Users\lionel\AppData\Roaming\Vso\ConvertXtoDVD.log

----------------[ Tâches planifiées dans C:\Windows\tasks ]---------------

[12/03/2008 17:31][--ah-----] C:\Windows\tasks\SA.DAT
[12/03/2008 17:31][--a------] C:\Windows\tasks\SCHEDLGU.TXT

------[ Listing des dossiers dans C:\ProgramData ]------

[02/03/2008|11:40] C:\ProgramData\.
[02/03/2008|11:40] C:\ProgramData\..
[14/09/2007|14:10] C:\ProgramData\ACD Systems
[07/09/2007|12:35] C:\ProgramData\Adobe
[12/09/2007|16:48] C:\ProgramData\Ahead
[18/02/2008|16:02] C:\ProgramData\AOL
[23/08/2007|17:13] C:\ProgramData\AOL Downloads
[23/09/2007|20:08] C:\ProgramData\Apple
[23/09/2007|20:11] C:\ProgramData\Apple Computer
[02/11/2006|14:02] C:\ProgramData\Application Data
[30/03/2007|11:28] C:\ProgramData\Bureau
[13/09/2007|12:22] C:\ProgramData\CyberLink
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[30/01/2008|11:47] C:\ProgramData\Escape From Paradise
[30/03/2007|11:28] C:\ProgramData\Favoris
[02/11/2006|14:02] C:\ProgramData\Favorites
[27/01/2008|19:39] C:\ProgramData\Fugazo
[02/03/2008|13:05] C:\ProgramData\GamesBar
[19/04/2007|15:59] C:\ProgramData\Google
[14/07/2007|11:10] C:\ProgramData\GRAW2
[29/01/2008|18:47] C:\ProgramData\iWin
[02/09/2007|07:59] C:\ProgramData\Lavasoft
[30/03/2007|12:29] C:\ProgramData\Macromedia
[14/07/2007|11:07] C:\ProgramData\Media Center Programs
[30/03/2007|11:28] C:\ProgramData\Menu D‚marrer
[02/09/2007|07:49] C:\ProgramData\Microsoft
[24/01/2008|11:09] C:\ProgramData\MinigolfAdventures
[30/03/2007|11:28] C:\ProgramData\ModŠles
[12/07/2007|18:38] C:\ProgramData\NannyMania
[21/11/2007|17:30] C:\ProgramData\Nero
[01/03/2008|10:23] C:\ProgramData\ntuser.pol
[25/02/2008|09:35] C:\ProgramData\NVIDIA
[20/04/2007|14:39] C:\ProgramData\nView_Profiles
[28/01/2008|20:10] C:\ProgramData\PlayFirst
[09/03/2008|11:13] C:\ProgramData\Spybot - Search & Destroy
[09/03/2008|11:41] C:\ProgramData\Spyware Terminator
[02/11/2006|14:02] C:\ProgramData\Start Menu
[06/03/2008|15:38] C:\ProgramData\TEMP
[02/11/2006|14:02] C:\ProgramData\Templates
[02/03/2008|11:40] C:\ProgramData\Viewpoint

---------------[ Listing des dossiers dans C:\Program Files ]--------------

[02/03/2008|13:05] C:\Program Files\.
[02/03/2008|13:05] C:\Program Files\..
[10/05/2007|07:12] C:\Program Files\Acronis
[07/09/2007|12:21] C:\Program Files\Adobe
[14/07/2007|11:08] C:\Program Files\AGEIA Technologies
[30/03/2007|12:17] C:\Program Files\Alwil Software
[23/08/2007|17:24] C:\Program Files\AOL
[23/08/2007|17:26] C:\Program Files\AOL 9.0 VR
[18/02/2008|16:19] C:\Program Files\AOL 9.0 VRa
[23/09/2007|20:09] C:\Program Files\Apple Software Update
[01/04/2007|17:34] C:\Program Files\ArcSoft
[19/09/2007|17:30] C:\Program Files\BitTorrent Fastest Tool
[06/11/2007|14:44] C:\Program Files\Bullfrog
[12/09/2007|13:23] C:\Program Files\CDex_170b2
[01/03/2008|10:28] C:\Program Files\Common Files
[21/10/2007|09:21] C:\Program Files\Crawler
[12/09/2007|17:45] C:\Program Files\CyberLink
[30/08/2007|11:07] C:\Program Files\desktop.ini
[25/09/2007|13:18] C:\Program Files\DivX
[01/03/2008|08:35] C:\Program Files\Duke Nukem - Manhattan Project
[26/01/2008|11:44] C:\Program Files\EA GAMES
[09/07/2007|12:03] C:\Program Files\EPSON
[30/03/2007|11:28] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[27/02/2008|13:59] C:\Program Files\Gamenext
[03/06/2007|09:00] C:\Program Files\GigaByte
[17/06/2007|08:40] C:\Program Files\Google
[01/03/2008|09:06] C:\Program Files\Greatis
[22/02/2008|12:00] C:\Program Files\InstallShield Installation Information
[14/02/2008|11:17] C:\Program Files\Internet Explorer
[07/11/2007|20:30] C:\Program Files\iPod
[01/03/2008|10:29] C:\Program Files\Java
[22/02/2008|12:00] C:\Program Files\JoWood
[02/09/2007|08:54] C:\Program Files\Lavasoft
[07/02/2008|16:14] C:\Program Files\Lyrics Power
[13/10/2007|08:42] C:\Program Files\Micro Application
[30/03/2007|15:26] C:\Program Files\Microsoft FrontPage
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[16/11/2007|14:41] C:\Program Files\Microsoft Visual Studio
[02/11/2006|13:42] C:\Program Files\Movie Maker
[02/11/2006|13:37] C:\Program Files\MSBuild
[02/11/2006|13:37] C:\Program Files\MSN
[25/10/2007|19:29] C:\Program Files\MSN Messenger
[30/03/2007|12:18] C:\Program Files\MSN Toolbar
[06/05/2007|02:00] C:\Program Files\MSXML 4.0
[02/10/2007|14:53] C:\Program Files\Neuf
[10/04/2007|14:17] C:\Program Files\PC Inspector File Recovery
[02/07/2007|08:45] C:\Program Files\Player Tool
[07/11/2007|20:27] C:\Program Files\QuickTime
[03/06/2007|10:01] C:\Program Files\RADVideo
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[09/03/2008|11:41] C:\Program Files\Spyware Terminator
[03/01/2008|11:31] C:\Program Files\SystemGuards.com
[25/02/2008|09:25] C:\Program Files\SystemRequirementsLab
[01/03/2008|08:50] C:\Program Files\Trend Micro
[22/09/2007|10:48] C:\Program Files\Ubi Soft
[02/11/2006|14:01] C:\Program Files\Uninstall Information
[30/03/2007|12:15] C:\Program Files\VideoLAN
[02/03/2008|11:40] C:\Program Files\Viewpoint
[02/03/2008|09:11] C:\Program Files\WinClamAVShield
[30/08/2007|11:06] C:\Program Files\Windows Calendar
[02/11/2006|13:42] C:\Program Files\Windows Collaboration
[11/04/2007|09:30] C:\Program Files\Windows Defender
[02/11/2006|13:42] C:\Program Files\Windows Journal
[10/01/2008|15:18] C:\Program Files\Windows Mail
[11/10/2007|16:17] C:\Program Files\Windows Media Player
[30/03/2007|11:28] C:\Program Files\Windows NT
[02/11/2006|13:42] C:\Program Files\Windows Photo Gallery
[10/01/2008|15:18] C:\Program Files\Windows Sidebar
[23/04/2007|16:30] C:\Program Files\WinRAR
[21/04/2007|16:54] C:\Program Files\Yahoo!

------[ Listing des dossiers dans C:\Program Files\Common Files ]------

[01/03/2008|10:28] C:\Program Files\Common Files\.
[01/03/2008|10:28] C:\Program Files\Common Files\..
[10/05/2007|07:12] C:\Program Files\Common Files\Acronis
[12/06/2007|12:31] C:\Program Files\Common Files\Adobe
[15/11/2007|18:02] C:\Program Files\Common Files\Ahead
[23/08/2007|17:29] C:\Program Files\Common Files\aol
[23/08/2007|17:23] C:\Program Files\Common Files\aolshare
[23/09/2007|20:08] C:\Program Files\Common Files\Apple
[16/11/2007|14:41] C:\Program Files\Common Files\Designer
[04/06/2007|10:40] C:\Program Files\Common Files\EasyInfo
[30/03/2007|12:20] C:\Program Files\Common Files\FDEUnInstaller.exe
[02/04/2007|08:38] C:\Program Files\Common Files\InstallShield
[01/03/2008|10:28] C:\Program Files\Common Files\Java
[16/11/2007|14:41] C:\Program Files\Common Files\microsoft shared
[21/11/2007|17:34] C:\Program Files\Common Files\Nero
[30/03/2007|12:29] C:\Program Files\Common Files\Nullsoft
[14/11/2007|13:41] C:\Program Files\Common Files\Oberon Media
[22/09/2007|10:48] C:\Program Files\Common Files\PocketSoft
[25/09/2007|13:18] C:\Program Files\Common Files\PX Storage Engine
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[02/06/2007|10:35] C:\Program Files\Common Files\SWF Studio
[03/09/2007|14:51] C:\Program Files\Common Files\System
[29/12/2007|09:33] C:\Program Files\Common Files\Wise Installation Wizard

----------------------[ Recherche avec S_Lop ]---------------------

Aucun fichier / dossier Lop trouvé !

-----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

Aucun fichier / dossier Lop trouvé !

----------------------[ Verification du Registre ]----------------------

..... OK !

--------------------[ Verification du fichier Hosts ]---------------------

Fichier Hosts PROPRE


----------------[ Recherche de fichiers avec Catchme ]-----------------

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-12 18:07:09
Windows 6.0.6000 NTFS
scanning hidden files ...
scan completed successfully
hidden files: 0

--------------------[ Recherche d'autres infections ]---------------------

Aucune autre infection trouvée !

/!\ [Fich:7][Doss:2] C:\Users\lionel\AppData\Local\Temp
/!\ [Fich:209][Doss:1] C:\Users\lionel\AppData\Roaming\MICROS~1\Windows\Cookies
/!\ [Fich:2174][Doss:4] C:\Users\lionel\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5

[ UAC => 1 ]

--------------------[ Fin du rapport a 18:07:17,57 ]----------------------

Re,

Supprime ce dossier :
C:\ProgramData\GamesBar

salut. je ne trouve pas le dossier"C:\programData\GamesBar"??

re. je viens de supprimer "gamesBar" mais pas c:\programdata.

C'est pas grave. Reposte un rapport Hijackthis.

Bon ecouter jai fais caremant plus simple

Ce virus se situe dans : C/windows/system32

Je l'ai renomer en .rar , puis je l'ai supprimer , et voila ^^.

Esseyer