Fenêtres intempestives PUB

Salut à tous,

J'ai depuis hier, des fenêtres IE qui s'ouvrent toutes seules du style :
"****" avec comme titre "HHTP 404 non trouvé"
ou encore "****" "Advertissement Windows IE " vide
ou des pubs de jeux, "****".
De plus, mon pc rame et plante. Je dirais même qu'il déconne sérieux, là, par exemple, il oublie des lettres ou ne met pas les espaces !
J'ai vraiment besoin d'un docteur
Si quelqu'un peut m'aider, je sais à quel point c'est long et pénible de faire un nettoyage mais je vous remercie d'avance car toute seule, je ne sais pas par où commencer.
J'ai, évidemment, fait tous les scans habituels (Avast, CCleaner, Spybot, AdAware) qui n'ont rien trouvé.
J'ai téléchargé Firefox, je n'ai plus de souci au niveau de l'écriture, moins de pubs mais il en reste.

Merci d'avance au courageux qui s'y collera ;p

**Liens édités par Angeldark**

Salut,
Merci de ta rapidité, je suis en train de faire un scan avec Navilog1 comme tu le préconisais dans un post similaire
Voici le rapport de HiJack (que j'avais déjà):

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:48:32, on 26/04/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\jureg.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Labtec\WebCam10\WebCam10.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\hp\kbd\kbd.exe
C:\Windows\System32\cmd.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Windows NT\Accessories\wordpad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AC53EE7B-265C-4265-85F4-58DBD1DD7B7B} - (no file)
O2 - BHO: (no name) - {EF21B277-AE9F-460C-B3FE-B47AA3A8EBBF} - C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Labtec\WebCam10\WebCam10.exe" /hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll,c
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\OWEN&E~1\AppData\Local\Temp\efCRhGxw.dll,#1
O4 - HKCU\..\Policies\Explorer\Run: [Windows Printing Driver] WinSpooler.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.co [...] crlocx.ocx
O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 10579 bytes

Re,

Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) !

• Télécharge ComboFix (sUBs) sur ton Bureau.
• Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
• Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer

Voilà le rapport de ComboFix, je dois quand même te préciser que je n'ai pas eu de fenêtres pub depuis un petit bout de temps, j'ai pas contre, de temps en temps, un message IE d'erreur me disant "Internet Explorer ne peut pas afficher cette page Web....et doit fermer" ou un truc dans le genre et il me perd la page Oo, c'est grave Docteur? ^^

ComboFix 08-04-24.1 - Owen & Ethan 2008-04-26 18:19:34.2 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.2140 [GMT 2:00]
Endroit: C:\Users\Owen & Ethan\Desktop\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat
C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat
.
---- Previous Run -------
.
C:\Program Files\PlayMP3z
C:\Program Files\PlayMP3z\uninstall.exe
C:\Windows\system32\jusched.exe

----- BITS: Possible sites infect‚s -----

hxxp://h20264.www2.hp.com
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-26 to 2008-04-26 ))))))))))))))))))))))))))))))))))))
.

2008-04-26 16:21 . 2008-04-26 16:21 <REP> d-------- C:\Windows\BDOSCAN8
2008-04-26 15:56 . 2008-04-26 16:14 <REP> d----c--- C:\Windows\System32\DRVSTORE
2008-04-26 14:53 . 2008-04-26 14:53 1,160 --a------ C:\Windows\mozver.dat
2008-04-26 10:22 . 2008-04-26 17:53 <REP> d-------- C:\Program Files\Navilog1
2008-04-25 16:23 . 2008-04-25 16:23 <REP> d-------- C:\Program Files\Lavasoft
2008-04-25 16:22 . 2008-04-25 16:22 <REP> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-25 15:29 . 2008-04-25 15:30 <REP> d-------- C:\Users\All Users\AntiVir PersonalEdition Classic
2008-04-25 15:29 . 2008-04-25 15:30 <REP> d-------- C:\ProgramData\AntiVir PersonalEdition Classic
2008-04-23 17:13 . 2008-04-23 17:13 <REP> d-------- C:\Program Files\San Andreas Mod Installer
2008-04-23 11:50 . 2008-04-23 11:47 691,545 --a------ C:\Windows\unins000.exe
2008-04-23 11:50 . 2008-04-23 11:50 2,545 --a------ C:\Windows\unins000.dat
2008-04-17 16:42 . 2008-04-17 16:42 <REP> d-------- C:\Program Files\Canal
2008-04-17 16:41 . 2008-04-17 16:41 <REP> d-------- C:\Program Files\Common Files\Adobe AIR
2008-04-10 16:56 . 2008-03-05 15:56 3,786,760 --a------ C:\Windows\System32\D3DX9_37.dll
2008-04-10 16:56 . 2008-03-05 15:56 1,420,824 --a------ C:\Windows\System32\D3DCompiler_37.dll
2008-04-10 16:56 . 2008-03-05 16:03 479,752 --a------ C:\Windows\System32\XAudio2_0.dll
2008-04-10 16:56 . 2008-02-05 23:07 462,864 --a------ C:\Windows\System32\d3dx10_37.dll
2008-04-10 16:56 . 2008-03-05 16:03 238,088 --a------ C:\Windows\System32\xactengine3_0.dll
2008-04-10 16:56 . 2008-03-05 16:00 25,608 --a------ C:\Windows\System32\X3DAudio1_3.dll
2008-04-09 18:52 . 2008-04-09 18:52 <REP> d-------- C:\Users\All Users\Media Center Programs
2008-04-09 18:52 . 2008-04-09 18:52 <REP> d-------- C:\ProgramData\Media Center Programs
2008-04-09 18:46 . 2008-04-09 18:54 <REP> d-------- C:\Program Files\Tomb Raider - Anniversary
2008-04-09 18:46 . 2008-02-29 06:16 2,027,008 --a------ C:\Windows\System32\win32k.sys
2008-04-09 18:46 . 2008-02-15 01:19 944,184 --a------ C:\Windows\System32\winload.exe
2008-04-09 18:46 . 2008-02-19 07:10 620,088 --a------ C:\Windows\System32\ci.dll
2008-04-09 18:46 . 2008-02-29 08:39 371,712 --a------ C:\Windows\System32\srcore.dll
2008-04-09 18:46 . 2008-02-29 08:38 313,856 --a------ C:\Windows\System32\rstrui.exe
2008-04-09 18:46 . 2008-02-29 08:51 19,000 --a------ C:\Windows\System32\kd1394.dll
2008-04-09 18:45 . 2008-02-29 08:39 40,960 --a------ C:\Windows\System32\srclient.dll
2008-04-09 18:45 . 2008-02-29 08:38 16,384 --a------ C:\Windows\System32\srdelayed.exe
2008-04-09 18:45 . 2008-02-29 08:34 7,168 --a------ C:\Windows\System32\f3ahvoas.dll
2008-04-09 18:45 . 2008-02-29 08:35 6,656 --a------ C:\Windows\System32\kbd106n.dll
2008-04-09 18:44 . 2008-02-21 06:43 296,448 --a------ C:\Windows\System32\gdi32.dll
2008-04-09 18:44 . 2007-12-16 13:49 84,480 --a------ C:\Windows\System32\dnsrslvr.dll
2008-04-09 18:44 . 2007-12-16 11:41 24,576 --a------ C:\Windows\System32\dnscacheugc.exe
2008-04-08 23:31 . 2008-04-08 23:31 <REP> d-------- C:\Users\votre nom d'utilisateur\Mes documents
2008-04-08 23:31 . 2008-04-08 23:31 <REP> d-------- C:\Users\votre nom d'utilisateur
2008-04-02 21:41 . 2008-04-02 21:41 69 --a------ C:\Windows\NeroDigital.ini
2008-04-02 13:09 . 2008-04-02 13:09 303 --a------ C:\Windows\ST6UNST.001
2008-04-02 13:08 . 2008-04-02 13:09 5,144 --a------ C:\Windows\SETUP.LST
2008-04-02 13:08 . 2008-04-02 13:08 303 --a------ C:\Windows\ST6UNST.000
2008-03-30 16:54 . 2008-03-30 16:54 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\Talkback
2008-03-30 15:43 . 2008-03-30 15:43 <REP> d-------- C:\Users\All Users\eMule
2008-03-30 15:43 . 2008-03-30 15:43 <REP> d-------- C:\ProgramData\eMule
2008-03-30 15:43 . 2008-03-30 15:43 <REP> d-------- C:\Program Files\eMule
2008-03-30 14:39 . 2008-03-30 14:39 <REP> d-------- C:\Windows\System32\URTTEMP
2008-03-30 00:30 . 2008-04-23 17:13 <REP> d-------- C:\Windows\San Andreas Mod Installer
2008-03-29 23:05 . 2008-03-29 23:26 524,288 --ahs---- C:\Users\Owen & Ethan\ntuser.dat{883e363f-fdce-11dc-8444-001e8c5b18f3}.TMContainer00000000000000000002.regtrans-ms
2008-03-29 23:05 . 2008-03-29 23:26 524,288 --ahs---- C:\Users\Owen & Ethan\ntuser.dat{883e363f-fdce-11dc-8444-001e8c5b18f3}.TMContainer00000000000000000001.regtrans-ms
2008-03-29 23:05 . 2008-03-29 23:26 65,536 --ahs---- C:\Users\Owen & Ethan\ntuser.dat{883e363f-fdce-11dc-8444-001e8c5b18f3}.TM.blf
2008-03-28 19:01 . 2008-03-28 19:01 <REP> d-------- C:\Program Files\AC3Filter
2008-03-27 18:14 . 2008-03-27 18:14 <REP> d-------- C:\Program Files\DkZ Studio

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-26 14:50 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\OpenOffice.org2
2008-04-26 14:14 --------- d-----w C:\Program Files\Common Files\PX Storage Engine
2008-04-26 12:35 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\AVG7
2008-04-23 14:10 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-04-23 09:55 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-04-21 15:40 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\LimeWire
2008-04-12 19:06 --------- d-----w C:\Program Files\mz manager1
2008-04-10 08:03 --------- d-----w C:\Program Files\Windows Mail
2008-04-08 12:41 --------- d-----w C:\Program Files\PhotoFiltre
2008-04-07 10:26 --------- d-----w C:\Program Files\Drawing for Children
2008-04-07 10:25 733,696 ----a-w C:\Windows\GPInstall.exe
2008-04-02 18:22 --------- d-----w C:\Users\fred\AppData\Roaming\AVG7
2008-03-31 09:23 --------- d-----w C:\Program Files\SlySoft
2008-03-29 21:01 --------- d-----w C:\ProgramData\avg7
2008-03-29 20:02 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-29 17:32 50,768 ----a-w C:\Windows\system32\drivers\aswMonFlt.sys
2008-03-27 15:47 --------- d-----w C:\Program Files\Internet Download Manager
2008-03-27 15:45 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\IDM
2008-03-27 15:44 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\DMCache
2008-03-21 09:58 --------- d-----w C:\Program Files\Common Files\Real
2008-03-14 21:28 137,344 ----a-w C:\Windows\system32\drivers\litsgt.sys
2008-03-14 21:28 12,032 ----a-w C:\Windows\system32\drivers\tansgt.sys
2008-03-14 21:25 --------- d-----w C:\Program Files\Atari
2008-03-14 16:03 278,984 ----a-w C:\Windows\system32\drivers\atksgt.sys
2008-03-13 09:52 53,768 ----a-w C:\Windows\system32\drivers\avgwfp.sys
2008-03-08 16:52 --------- d-----w C:\Program Files\Java
2008-03-07 14:42 --------- d-----w C:\ProgramData\DVD Shrink
2008-03-03 17:33 --------- d-----w C:\Program Files\Tomb Raider - Legend
2008-03-03 17:23 --------- d-----w C:\Program Files\Core Design
2008-03-02 20:36 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\CyberLink
2008-03-02 20:36 --------- d-----w C:\ProgramData\CyberLink
2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-14 09:07 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-14 09:07 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-14 09:07 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-02-14 09:07 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-14 09:07 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-09 15:15 194 ----a-w C:\Users\Owen & Ethan\AppData\Roaming\wklnhst.dat
2008-02-06 16:43 2,923,520 ----a-w C:\Windows\explorer.exe
2007-12-07 17:57 174 --sha-w C:\Program Files\desktop.ini
2007-11-13 18:11 68,332,489 ----a-w C:\Program Files\openofficeorg3.cab
2007-11-13 18:11 3,395,476 ----a-w C:\Program Files\openofficeorg4.cab
2007-11-13 18:04 17,645,041 ----a-w C:\Program Files\openofficeorg2.cab
2007-11-13 18:03 19,208,747 ----a-w C:\Program Files\openofficeorg1.cab
2007-11-13 18:02 4,369,408 ----a-w C:\Program Files\openofficeorg23.msi
2007-11-13 18:02 217 ----a-w C:\Program Files\setup.ini
2007-11-01 20:57 319,488 ----a-w C:\Program Files\setup.exe
2004-07-22 09:51 3,432,656 ----a-w C:\Program Files\ManagedDX.CAB
2004-07-19 21:58 1,156,363 ----a-w C:\Program Files\BDANT.cab
2004-07-19 21:53 976,020 ----a-w C:\Program Files\BDAXP.cab
2004-07-09 13:17 13,265,040 ----a-w C:\Program Files\dxnt.cab
2004-07-09 08:13 703,080 ----a-w C:\Program Files\BDA.cab
2004-07-09 08:13 15,493,481 ----a-w C:\Program Files\DirectX.cab
2004-07-09 03:08 472,576 ----a-w C:\Program Files\dxsetup.exe
2004-07-09 03:08 2,242,560 ----a-w C:\Program Files\dsetup32.dll
2004-07-09 02:03 62,976 ----a-w C:\Program Files\DSETUP.dll
2002-03-11 09:06 1,822,520 ----a-w C:\Program Files\instmsiw.exe
2002-03-11 08:45 1,708,856 ----a-w C:\Program Files\instmsia.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{267D2125-77C5-4FDD-B343-54C77A9D6E6A}]
C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AC53EE7B-265C-4265-85F4-58DBD1DD7B7B}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-02-06 18:40 1232896]
"cmds"="C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll" [ ]
"MSServer"="C:\Users\OWEN&E~1\AppData\Local\Temp\efCRhGxw.dll" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-12-08 04:28 1006264]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 17:01 65536]
"KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 18:16 65536]
"OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 13:59 118784]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 17:36 178712]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-08-27 20:59 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-08-27 20:59 8473120]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-08-27 20:59 81920]
"HP Health Check Scheduler"="[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [ ]
"SunJavaUpdateReg"="C:\Windows\system32\jureg.exe" [2008-02-22 05:25 54672]
"HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 17:24 54840]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 10:51 1836328]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-03-06 18:48 488984]
"LogitechQuickCamRibbon"="C:\Program Files\Labtec\WebCam10\WebCam10.exe" [2007-03-06 18:58 1060376]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 16:57 153136]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-25 15:52 4702208 C:\Windows\RtHDVCpl.exe]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-04-17 09:04 579584]
"avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-04-02 10:35 327720]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-02-21 17:03 219136]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableLockWorkstation"= 0 (0x0)
"DisableChangePassword"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoLogoff"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
"Windows Printing Driver"= WinSpooler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
avgwlntf.dll 2008-02-21 17:04 9216 C:\Windows\System32\avgwlntf.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3codecp"= l3codecp.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{0C1B9D83-7C06-4A28-91B0-07A36AA64670}"= c:\Program Files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{7906CDA6-1DD0-45DD-911E-9F582507765F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{2A7451E8-0A19-411A-8652-14C41A8DDCC0}C:\\program files\\limewire\\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{B0448270-EAAA-4E2B-8EA1-A770AE7BF97C}C:\\program files\\limewire\\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{06C92084-503E-4FE1-A911-55044D544B25}C:\\program files\\konami\\pro evolution soccer 6\\pes6.exe"= UDP:C:\program files\konami\pro evolution soccer 6\pes6.exees6.exe
"UDP Query User{0D45552C-E281-4940-B642-FC5ED42956AB}C:\\program files\\konami\\pro evolution soccer 6\\pes6.exe"= TCP:C:\program files\konami\pro evolution soccer 6\pes6.exees6.exe
"TCP Query User{999CC55C-DF47-4F8A-88AB-444C9ED771FA}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{A0B5A50B-46DE-44CE-9515-9ADE4C69CBBE}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-03-29 19:31]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-03-29 19:32]
R2 litsgt;litsgt;C:\Windows\system32\DRIVERS\litsgt.sys [2008-03-14 23:28]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43]
R2 tansgt;tansgt;C:\Windows\system32\DRIVERS\tansgt.sys [2008-03-14 23:28]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service;C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 22:55]
R3 AvgWFP;AVG7 Firewall Driver x86;C:\Windows\system32\Drivers\avgwfp.sys [2008-03-13 11:52]
S3 GameConsoleService;GameConsoleService;"C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe" [2008-01-29 19:09]
S3 PCD5SRVC{BD6912E3-AC9D80E8-05040000};PCD5SRVC{BD6912E3-AC9D80E8-05040000} - PCDR Kernel Mode Service Helper Driver;C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms [2007-09-13 03:35]

.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-26 18:23:05
Windows 6.0.6000 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 5

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Windows\System32\audiodg.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Windows\System32\conime.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\schtasks.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
C:\hp\KBD\kbd.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\wbem\WMIADAP.exe
C:\Program Files\Common Files\microsoft shared\Windows Live\WLLoginProxy.exe
C:\Windows\System32\Macromed\Flash\FlashUtil9f.exe
C:\Windows\System32\dllhost.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-04-26 18:28:52 - machine was rebooted [Owen & Ethan]
ComboFix-quarantined-files.txt 2008-04-26 16:28:45

Pre-Run: 340,217,954,304 octets libres
Post-Run: 340,137,619,456 octets libres

256 --- E O F --- 2008-04-25 09:18:54

Tu peux faire un screen de ce problème ?

Je vois le problème. Reposte un rapport Hijackthis.

Re,

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

• Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
• Afin de lancer la recherche, clic sur"Rechercher".
• Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.

AIDE : Tuto en images sur MBAM

No problem.

Re,

Autant pour moi, y'avait un tuto....
Cela ne fonctionne toujours pas, j'ai essayé le précédent, rien, désinstallé puis re-télécharger par ton lien, toujours le même message: "Erreur d'exécution '339': Le composant 'COMCTL32.OCX' ou une de ses dépendances n'est pas correctement enregistré: un fichier est absent ou incorrect."
J'ai l'impression que tout part en sucette, j'ai un souci avec Avast aussi.....

Après, ça me gêne que tu passes autant de temps sur mes problèmes, ne te sens pas obligé d'aller jusqu'au bout ... je comprendrais.

J'ai enfin réussi à faire fonctionner MBAM, Au démarrage, aucune fenêtre d'erreur mis à part Spybot qui me dit "Spybot a decelé qu'un élement important du Registre a été modifié.....rundll32.exe....." Dois-je refuser la modif ou pas?
http://www.servimg.com/image_previ [...] u=11009728

Voici le rapport MBAM:

Malwarebytes' Anti-Malware 1.11
Version de la base de données: 700

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 201482
Temps écoulé: 54 minute(s), 16 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\Software\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Mirar (AdWare.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\ContextProgram (AdWare.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\PlayMP3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MSServer (Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cmds (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMP3z (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
C:\Users\Owen & Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayMP3z (Adware.PlayMP3Z) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMP3z\Run PlayMP3z.lnk (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
C:\Program Files\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.


Il a l'air super efficace ce logiciel, je le garde merci beaucoup
Le "truc" que tu voulais que j'installe dans System32, c'était pour mon impossibilité de faire fonctionner MBAM ?
Je l'ai téléchargé mais je ne sais où le mettre exactement, il ouvre system32 mais il lui faut un dossier en particulier, je pense donc me v'là de nouveau déguisé en blonde

Je ne sais pas si on , enfin tu as fini mais un grand merci pour ta patience

Oops, hihi
http://www.servimg.com/image_previ [...] u=11009728
Boah, il ne te manquait pas grand chose

Non lol, tu veux mes lunettes?
Attends alors....
http://www.servimg.com/image_previ [...] u=11009728
C'est mieux là? lol

EDIT: oooopseuh, je viens de comprendre on ne se moque pas, siouplait ^^
http://www.servimg.com/image_previ [...] u=11009728

Refuse, merci la deuxième image
Reposte un rapport Hijackthis.

Refais un scan Combofix on termine

Re,

Désactive tes protections résidentes (antivirus...) !
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

Ouvre le Bloc-notes (Démarrer>Exécuter...>notepad) puis colle (Ctrl+V) le texte précedemment copié.
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans ComboFix.exe comme ci-dessous :


Cela va relancer ComboFix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport HijackThis.
NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.

ComboFix:

ComboFix 08-04-24.1 - Owen & Ethan 2008-04-30 17:30:17.3 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1962 [GMT 2:00]
Endroit: C:\Users\Owen & Ethan\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((( Fichiers créés 2008-03-28 to 2008-04-30 ))))))))))))))))))))))))))))))))))))
.

2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\Malwarebytes
2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\Users\All Users\Malwarebytes
2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\ProgramData\Malwarebytes
2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-30 13:03 . 2008-04-30 13:03 417,792 --a------ C:\Users\Owen & Ethan\GL4JavbJauGljJNI14.dll
2008-04-29 13:35 . 2008-04-29 13:35 <REP> d-------- C:\Program Files\MZ Manager 2
2008-04-27 22:45 . 2008-04-27 22:45 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\vlc
2008-04-27 22:44 . 2008-04-27 22:44 <REP> d-------- C:\Program Files\VideoLAN
2008-04-26 16:21 . 2008-04-26 16:21 <REP> d-------- C:\Windows\BDOSCAN8
2008-04-26 15:56 . 2008-04-26 16:14 <REP> d----c--- C:\Windows\System32\DRVSTORE
2008-04-26 14:53 . 2008-04-26 14:53 1,160 --a------ C:\Windows\mozver.dat
2008-04-26 10:22 . 2008-04-26 17:53 <REP> d-------- C:\Program Files\Navilog1
2008-04-25 16:23 . 2008-04-25 16:23 <REP> d-------- C:\Program Files\Lavasoft
2008-04-25 16:22 . 2008-04-25 16:22 <REP> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-25 15:29 . 2008-04-25 15:30 <REP> d-------- C:\Users\All Users\AntiVir PersonalEdition Classic
2008-04-25 15:29 . 2008-04-25 15:30 <REP> d-------- C:\ProgramData\AntiVir PersonalEdition Classic
2008-04-23 17:13 . 2008-04-23 17:13 <REP> d-------- C:\Program Files\San Andreas Mod Installer
2008-04-23 11:50 . 2008-04-23 11:47 691,545 --a------ C:\Windows\unins000.exe
2008-04-23 11:50 . 2008-04-23 11:50 2,545 --a------ C:\Windows\unins000.dat
2008-04-17 16:42 . 2008-04-17 16:42 <REP> d-------- C:\Program Files\Canal
2008-04-17 16:41 . 2008-04-17 16:41 <REP> d-------- C:\Program Files\Common Files\Adobe AIR
2008-04-10 16:56 . 2008-03-05 15:56 3,786,760 --a------ C:\Windows\System32\D3DX9_37.dll
2008-04-10 16:56 . 2008-03-05 15:56 1,420,824 --a------ C:\Windows\System32\D3DCompiler_37.dll
2008-04-10 16:56 . 2008-03-05 16:03 479,752 --a------ C:\Windows\System32\XAudio2_0.dll
2008-04-10 16:56 . 2008-02-05 23:07 462,864 --a------ C:\Windows\System32\d3dx10_37.dll
2008-04-10 16:56 . 2008-03-05 16:03 238,088 --a------ C:\Windows\System32\xactengine3_0.dll
2008-04-10 16:56 . 2008-03-05 16:00 25,608 --a------ C:\Windows\System32\X3DAudio1_3.dll
2008-04-09 18:52 . 2008-04-09 18:52 <REP> d-------- C:\Users\All Users\Media Center Programs
2008-04-09 18:52 . 2008-04-09 18:52 <REP> d-------- C:\ProgramData\Media Center Programs
2008-04-09 18:46 . 2008-04-09 18:54 <REP> d-------- C:\Program Files\Tomb Raider - Anniversary
2008-04-09 18:46 . 2008-02-29 06:16 2,027,008 --a------ C:\Windows\System32\win32k.sys
2008-04-09 18:46 . 2008-02-15 01:19 944,184 --a------ C:\Windows\System32\winload.exe
2008-04-09 18:46 . 2008-02-19 07:10 620,088 --a------ C:\Windows\System32\ci.dll
2008-04-09 18:46 . 2008-02-29 08:39 371,712 --a------ C:\Windows\System32\srcore.dll
2008-04-09 18:46 . 2008-02-29 08:38 313,856 --a------ C:\Windows\System32\rstrui.exe
2008-04-09 18:46 . 2008-02-29 08:51 19,000 --a------ C:\Windows\System32\kd1394.dll
2008-04-09 18:45 . 2008-02-29 08:39 40,960 --a------ C:\Windows\System32\srclient.dll
2008-04-09 18:45 . 2008-02-29 08:38 16,384 --a------ C:\Windows\System32\srdelayed.exe
2008-04-09 18:45 . 2008-02-29 08:34 7,168 --a------ C:\Windows\System32\f3ahvoas.dll
2008-04-09 18:45 . 2008-02-29 08:35 6,656 --a------ C:\Windows\System32\kbd106n.dll
2008-04-09 18:44 . 2008-02-21 06:43 296,448 --a------ C:\Windows\System32\gdi32.dll
2008-04-09 18:44 . 2007-12-16 13:49 84,480 --a------ C:\Windows\System32\dnsrslvr.dll
2008-04-09 18:44 . 2007-12-16 11:41 24,576 --a------ C:\Windows\System32\dnscacheugc.exe
2008-04-08 23:31 . 2008-04-08 23:31 <REP> d-------- C:\Users\votre nom d'utilisateur\Mes documents
2008-04-08 23:31 . 2008-04-08 23:31 <REP> d-------- C:\Users\votre nom d'utilisateur
2008-04-02 21:41 . 2008-04-02 21:41 69 --a------ C:\Windows\NeroDigital.ini
2008-04-02 13:09 . 2008-04-02 13:09 303 --a------ C:\Windows\ST6UNST.001
2008-04-02 13:08 . 2008-04-02 13:09 5,144 --a------ C:\Windows\SETUP.LST
2008-04-02 13:08 . 2008-04-02 13:08 303 --a------ C:\Windows\ST6UNST.000
2008-03-30 16:54 . 2008-03-30 16:54 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\Talkback
2008-03-30 15:43 . 2008-03-30 15:43 <REP> d-------- C:\Users\All Users\eMule
2008-03-30 15:43 . 2008-03-30 15:43 <REP> d-------- C:\ProgramData\eMule
2008-03-30 15:43 . 2008-03-30 15:43 <REP> d-------- C:\Program Files\eMule
2008-03-30 14:39 . 2008-03-30 14:39 <REP> d-------- C:\Windows\System32\URTTEMP
2008-03-30 00:30 . 2008-04-23 17:13 <REP> d-------- C:\Windows\San Andreas Mod Installer
2008-03-29 23:05 . 2008-03-29 23:26 524,288 --ahs---- C:\Users\Owen & Ethan\ntuser.dat{883e363f-fdce-11dc-8444-001e8c5b18f3}.TMContainer00000000000000000002.regtrans-ms
2008-03-29 23:05 . 2008-03-29 23:26 524,288 --ahs---- C:\Users\Owen & Ethan\ntuser.dat{883e363f-fdce-11dc-8444-001e8c5b18f3}.TMContainer00000000000000000001.regtrans-ms
2008-03-29 23:05 . 2008-03-29 23:26 65,536 --ahs---- C:\Users\Owen & Ethan\ntuser.dat{883e363f-fdce-11dc-8444-001e8c5b18f3}.TM.blf
2008-03-28 19:01 . 2008-03-28 19:01 <REP> d-------- C:\Program Files\AC3Filter
2008-03-27 18:14 . 2008-03-27 18:14 <REP> d-------- C:\Program Files\DkZ Studio
2008-03-21 11:07 . 2008-03-21 11:58 <REP> d-------- C:\Program Files\Common Files\Real
2008-03-19 18:38 . 2008-03-27 17:45 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\IDM
2008-03-19 18:38 . 2008-03-27 17:44 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\DMCache
2008-03-19 18:38 . 2008-03-27 17:47 <REP> d-------- C:\Program Files\Internet Download Manager
2008-03-14 23:28 . 2008-03-14 23:28 137,344 --a------ C:\Windows\System32\drivers\litsgt.sys
2008-03-14 23:28 . 2008-03-14 23:28 12,032 --a------ C:\Windows\System32\drivers\tansgt.sys
2008-03-14 23:25 . 2008-03-14 23:25 <REP> d-------- C:\Program Files\Atari
2008-03-11 19:36 . 2007-12-17 00:50 1,060,920 --a------ C:\Windows\System32\drivers\ntfs.sys
2008-03-11 19:36 . 2007-12-16 11:56 41,984 --a------ C:\Windows\System32\drivers\monitor.sys
2008-03-08 18:52 . 2008-02-22 05:25 54,672 --a------ C:\Windows\System32\jureg.exe
2008-03-03 19:35 . 2008-03-03 19:35 98,304 --a------ C:\Windows\System32\CmdLineExt.dll
2008-03-03 19:27 . 2008-03-03 19:33 <REP> d-------- C:\Program Files\Tomb Raider - Legend
2008-03-03 19:23 . 2008-03-03 19:23 <REP> d-------- C:\Program Files\Core Design
2008-03-03 19:23 . 1999-08-03 11:50 172,032 --a------ C:\Windows\System32\binkw32.dll
2008-03-03 11:53 . 2008-03-03 12:10 <REP> d-------- C:\RAY
2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\Users\Public\CyberLink
2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\CyberLink
2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\Users\All Users\CyberLink
2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\ProgramData\CyberLink

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-30 14:25 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\AVG7
2008-04-30 13:18 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\OpenOffice.org2
2008-04-29 13:14 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\LimeWire
2008-04-26 14:14 --------- d-----w C:\Program Files\Common Files\PX Storage Engine
2008-04-23 14:10 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-04-23 09:55 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-04-10 08:03 --------- d-----w C:\Program Files\Windows Mail
2008-04-08 12:41 --------- d-----w C:\Program Files\PhotoFiltre
2008-04-07 10:26 --------- d-----w C:\Program Files\Drawing for Children
2008-04-07 10:25 733,696 ----a-w C:\Windows\GPInstall.exe
2008-04-02 18:22 --------- d-----w C:\Users\fred\AppData\Roaming\AVG7
2008-03-31 09:23 --------- d-----w C:\Program Files\SlySoft
2008-03-29 21:01 --------- d-----w C:\ProgramData\avg7
2008-03-29 20:02 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-14 16:03 278,984 ----a-w C:\Windows\system32\drivers\atksgt.sys
2008-03-13 09:52 53,768 ----a-w C:\Windows\system32\drivers\avgwfp.sys
2008-03-08 16:52 --------- d-----w C:\Program Files\Java
2008-03-07 14:42 --------- d-----w C:\ProgramData\DVD Shrink
2008-02-22 03:25 329,104 ----a-w C:\Windows\System32\jucheck.exe
2008-02-21 15:04 9,216 ----a-w C:\Windows\System32\avgwlntf.dll
2008-02-21 11:31 37,888 ----a-w C:\Windows\System32\rar.exe
2008-02-21 04:43 826,368 ----a-w C:\Windows\System32\wininet.dll
2008-02-21 04:43 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-21 04:43 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-14 09:11 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-02-14 09:08 3,505,720 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-02-14 09:08 3,471,928 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-02-14 09:07 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-14 09:07 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-14 09:07 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-14 09:07 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-02-14 09:07 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-02-14 09:07 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-02-14 09:07 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-14 09:07 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-14 09:07 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-02-14 09:07 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-02-09 15:15 194 ----a-w C:\Users\Owen & Ethan\AppData\Roaming\wklnhst.dat
2008-02-07 11:15 92,160 ----a-w C:\Windows\System32\ezUninst.exe
2008-02-07 11:15 85,504 ----a-w C:\Windows\System32\ezShellStart.exe
2008-02-07 11:15 49,152 ----a-w C:\Windows\System32\ezUPBHook.dll
2008-02-07 11:15 33,792 ----a-w C:\Windows\System32\ezntsvc.exe
2008-02-07 11:15 241,664 ----a-w C:\Windows\System32\ezSetup.exe
2008-02-07 11:15 15,360 ----a-w C:\Windows\System32\ezMAPIHelper.exe
2008-02-06 16:43 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
2008-02-06 16:43 67,584 ----a-w C:\Windows\System32\wlanhlp.dll
2008-02-06 16:43 542,720 ----a-w C:\Windows\System32\sysmain.dll
2008-02-06 16:43 502,784 ----a-w C:\Windows\System32\wlansvc.dll
2008-02-06 16:43 47,104 ----a-w C:\Windows\System32\wlanapi.dll
2008-02-06 16:43 297,984 ----a-w C:\Windows\System32\wlansec.dll
2008-02-06 16:43 290,816 ----a-w C:\Windows\System32\wlanmsm.dll
2008-02-06 16:43 24,064 ----a-w C:\Windows\System32\wtsapi32.dll
2008-02-06 16:43 2,923,520 ----a-w C:\Windows\explorer.exe
2008-02-06 16:41 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
2008-02-06 16:41 223,232 ----a-w C:\Windows\System32\WMASF.DLL
2008-02-06 16:41 2,048 ----a-w C:\Windows\System32\asferror.dll
2008-02-06 16:41 1,327,104 ----a-w C:\Windows\System32\quartz.dll
2008-02-06 16:40 11,776 ----a-w C:\Windows\System32\sbunattend.exe
2008-02-06 16:38 2,048 ----a-w C:\Windows\System32\tzres.dll
2008-02-06 16:31 53,080 ----a-w C:\Windows\System32\wuauclt.exe
2008-02-06 16:31 43,352 ----a-w C:\Windows\System32\wups2.dll
2008-02-06 16:31 1,712,984 ----a-w C:\Windows\System32\wuaueng.dll
2008-02-06 16:31 1,524,224 ----a-w C:\Windows\System32\wucltux.dll
2008-02-06 16:30 80,896 ----a-w C:\Windows\System32\wudriver.dll
2008-02-06 16:30 549,720 ----a-w C:\Windows\System32\wuapi.dll
2008-02-06 16:30 33,624 ----a-w C:\Windows\System32\wups.dll
2008-02-06 16:30 31,232 ----a-w C:\Windows\System32\wuapp.exe
2008-02-06 16:30 163,000 ----a-w C:\Windows\System32\wuwebv.dll
2008-01-10 05:50 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
2008-01-04 21:59 524,288 ----a-w C:\Windows\System32\DivXsm.exe
2008-01-04 21:58 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
2008-01-04 21:58 200,704 ----a-w C:\Windows\System32\ssldivx.dll
2008-01-04 21:58 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
2008-01-04 21:57 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
2008-01-04 21:57 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
2008-01-04 21:57 81,920 ----a-w C:\Windows\System32\dpl100.dll
2008-01-04 21:57 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
2008-01-04 21:57 682,496 ----a-w C:\Windows\System32\DivX.dll
2008-01-04 21:57 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
2008-01-04 21:57 57,344 ----a-w C:\Windows\System32\dpv11.dll
2008-01-04 21:57 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll
2008-01-04 21:57 344,064 ----a-w C:\Windows\System32\dpus11.dll
2008-01-04 21:57 294,912 ----a-w C:\Windows\System32\dpu11.dll
2008-01-04 21:57 294,912 ----a-w C:\Windows\System32\dpu10.dll
2008-01-04 21:57 196,608 ----a-w C:\Windows\System32\dtu100.dll
2008-01-04 21:56 156,992 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe
2008-01-04 21:56 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll
2007-12-07 17:57 174 --sha-w C:\Program Files\desktop.ini
2007-11-13 18:11 68,332,489 ----a-w C:\Program Files\openofficeorg3.cab
2007-11-13 18:11 3,395,476 ----a-w C:\Program Files\openofficeorg4.cab
2007-11-13 18:04 17,645,041 ----a-w C:\Program Files\openofficeorg2.cab
2007-11-13 18:03 19,208,747 ----a-w C:\Program Files\openofficeorg1.cab
2007-11-13 18:02 4,369,408 ----a-w C:\Program Files\openofficeorg23.msi
2007-11-13 18:02 217 ----a-w C:\Program Files\setup.ini
2004-07-22 09:51 3,432,656 ----a-w C:\Program Files\ManagedDX.CAB
2004-07-19 21:58 1,156,363 ----a-w C:\Program Files\BDANT.cab
2004-07-19 21:53 976,020 ----a-w C:\Program Files\BDAXP.cab
2004-07-09 13:17 13,265,040 ----a-w C:\Program Files\dxnt.cab
2004-07-09 08:13 703,080 ----a-w C:\Program Files\BDA.cab
.

((((((((((((((((((((((((((((( snapshot@2008-04-26_18.28.23.62 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-26 16:22:21 67,584 --s-a-w C:\Windows\bootstat.dat
+ 2008-04-30 14:24:29 67,584 --s-a-w C:\Windows\bootstat.dat
+ 2008-04-30 14:24:29 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-04-30 14:24:29 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2008-04-26 16:13:31 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
+ 2008-04-30 14:39:38 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
- 2008-04-26 16:22:53 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-04-30 14:25:59 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-04-30 14:25:59 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2008-04-26 16:19:35 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
+ 2008-04-30 15:30:22 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
- 2008-04-26 16:22:53 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-04-30 14:26:04 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-04-30 14:26:04 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2008-04-26 16:23:22 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-04-30 14:58:46 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-04-26 16:23:22 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-04-30 14:58:46 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-04-26 16:23:22 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-04-30 14:58:46 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-04-26 16:01:38 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2008-04-30 14:22:39 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2008-04-30 14:22:39 262,144 ---ha-w C:\Windows\System32\config\systemprofile\ntuser.dat.LOG1
- 2008-04-26 16:18:51 107,416 ----a-w C:\Windows\System32\perfc009.dat
+ 2008-04-30 14:30:56 107,416 ----a-w C:\Windows\System32\perfc009.dat
- 2008-04-26 16:18:51 121,814 ----a-w C:\Windows\System32\perfc00C.dat
+ 2008-04-30 14:30:56 121,814 ----a-w C:\Windows\System32\perfc00C.dat
- 2008-04-26 16:18:51 618,272 ----a-w C:\Windows\System32\perfh009.dat
+ 2008-04-30 14:30:56 618,272 ----a-w C:\Windows\System32\perfh009.dat
- 2008-04-26 16:18:51 699,984 ----a-w C:\Windows\System32\perfh00C.dat
+ 2008-04-30 14:30:56 699,984 ----a-w C:\Windows\System32\perfh00C.dat
- 2008-04-26 15:58:34 10,990 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3621014496-419229648-1526199216-1000_UserData.bin
+ 2008-04-30 14:26:24 11,302 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3621014496-419229648-1526199216-1000_UserData.bin
- 2008-04-26 16:14:15 60,664 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-04-30 14:26:24 60,934 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2008-04-26 15:58:33 50,880 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-04-30 14:26:23 51,240 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{267D2125-77C5-4FDD-B343-54C77A9D6E6A}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AC53EE7B-265C-4265-85F4-58DBD1DD7B7B}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-02-06 18:40 1232896]
"cmds"="C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-12-08 04:28 1006264]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 17:01 65536]
"KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 18:16 65536]
"OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 13:59 118784]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 17:36 178712]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-08-27 20:59 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-08-27 20:59 8473120]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-08-27 20:59 81920]
"HP Health Check Scheduler"="[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [ ]
"SunJavaUpdateReg"="C:\Windows\system32\jureg.exe" [2008-02-22 05:25 54672]
"HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 17:24 54840]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 10:51 1836328]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-03-06 18:48 488984]
"LogitechQuickCamRibbon"="C:\Program Files\Labtec\WebCam10\WebCam10.exe" [2007-03-06 18:58 1060376]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 16:57 153136]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-25 15:52 4702208 C:\Windows\RtHDVCpl.exe]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-04-17 09:04 579584]
"avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-04-02 10:35 327720]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-02-21 17:03 219136]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableLockWorkstation"= 0 (0x0)
"DisableChangePassword"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoLogoff"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
"Windows Printing Driver"= WinSpooler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
avgwlntf.dll 2008-02-21 17:04 9216 C:\Windows\System32\avgwlntf.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3codecp"= l3codecp.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{0C1B9D83-7C06-4A28-91B0-07A36AA64670}"= c:\Program Files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{7906CDA6-1DD0-45DD-911E-9F582507765F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{2A7451E8-0A19-411A-8652-14C41A8DDCC0}C:\\program files\\limewire\\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{B0448270-EAAA-4E2B-8EA1-A770AE7BF97C}C:\\program files\\limewire\\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{06C92084-503E-4FE1-A911-55044D544B25}C:\\program files\\konami\\pro evolution soccer 6\\pes6.exe"= UDP:C:\program files\konami\pro evolution soccer 6\pes6.exees6.exe
"UDP Query User{0D45552C-E281-4940-B642-FC5ED42956AB}C:\\program files\\konami\\pro evolution soccer 6\\pes6.exe"= TCP:C:\program files\konami\pro evolution soccer 6\pes6.exees6.exe
"TCP Query User{999CC55C-DF47-4F8A-88AB-444C9ED771FA}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{A0B5A50B-46DE-44CE-9515-9ADE4C69CBBE}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-03-29 19:31]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
R2 litsgt;litsgt;C:\Windows\system32\DRIVERS\litsgt.sys [2008-03-14 23:28]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43]
R2 tansgt;tansgt;C:\Windows\system32\DRIVERS\tansgt.sys [2008-03-14 23:28]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service;C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 22:55]
R3 AvgWFP;AVG7 Firewall Driver x86;C:\Windows\system32\Drivers\avgwfp.sys [2008-03-13 11:52]
S3 GameConsoleService;GameConsoleService;"C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe" [2008-01-29 19:09]
S3 MBAMCatchMe;MBAMCatchMe;C:\Program Files\Malwarebytes' Anti-Malware\catchme.sys [2008-04-07 20:17]
S3 PCD5SRVC{BD6912E3-AC9D80E8-05040000};PCD5SRVC{BD6912E3-AC9D80E8-05040000} - PCDR Kernel Mode Service Helper Driver;C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms [2007-09-13 03:35]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3da222d8-a52c-11dc-8ee6-806e6f6e6963}]
\shell\AutoRun\command - E:\autorun.exe

*Newly Created Service* - CATCHME
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-30 17:32:03
Windows 6.0.6000 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 5

**************************************************************************
.
Temps d'accomplissement: 2008-04-30 17:33:08
ComboFix-quarantined-files.txt 2008-04-30 15:32:54
ComboFix2.txt 2008-04-26 16:28:53

Pre-Run: 338,634,063,872 octets libres
Post-Run: 338,618,834,944 octets libres

317 --- E O F --- 2008-04-30 08:08:14



HiJack:

ComboFix 08-04-24.1 - Owen & Ethan 2008-04-30 17:30:17.3 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1962 [GMT 2:00]
Endroit: C:\Users\Owen & Ethan\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((( Fichiers créés 2008-03-28 to 2008-04-30 ))))))))))))))))))))))))))))))))))))
.

2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\Malwarebytes
2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\Users\All Users\Malwarebytes
2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\ProgramData\Malwarebytes
2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-04-30 13:03 . 2008-04-30 13:03 417,792 --a------ C:\Users\Owen & Ethan\GL4JavbJauGljJNI14.dll
2008-04-29 13:35 . 2008-04-29 13:35 <REP> d-------- C:\Program Files\MZ Manager 2
2008-04-27 22:45 . 2008-04-27 22:45 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\vlc
2008-04-27 22:44 . 2008-04-27 22:44 <REP> d-------- C:\Program Files\VideoLAN
2008-04-26 16:21 . 2008-04-26 16:21 <REP> d-------- C:\Windows\BDOSCAN8
2008-04-26 15:56 . 2008-04-26 16:14 <REP> d----c--- C:\Windows\System32\DRVSTORE
2008-04-26 14:53 . 2008-04-26 14:53 1,160 --a------ C:\Windows\mozver.dat
2008-04-26 10:22 . 2008-04-26 17:53 <REP> d-------- C:\Program Files\Navilog1
2008-04-25 16:23 . 2008-04-25 16:23 <REP> d-------- C:\Program Files\Lavasoft
2008-04-25 16:22 . 2008-04-25 16:22 <REP> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-25 15:29 . 2008-04-25 15:30 <REP> d-------- C:\Users\All Users\AntiVir PersonalEdition Classic
2008-04-25 15:29 . 2008-04-25 15:30 <REP> d-------- C:\ProgramData\AntiVir PersonalEdition Classic
2008-04-23 17:13 . 2008-04-23 17:13 <REP> d-------- C:\Program Files\San Andreas Mod Installer
2008-04-23 11:50 . 2008-04-23 11:47 691,545 --a------ C:\Windows\unins000.exe
2008-04-23 11:50 . 2008-04-23 11:50 2,545 --a------ C:\Windows\unins000.dat
2008-04-17 16:42 . 2008-04-17 16:42 <REP> d-------- C:\Program Files\Canal
2008-04-17 16:41 . 2008-04-17 16:41 <REP> d-------- C:\Program Files\Common Files\Adobe AIR
2008-04-10 16:56 . 2008-03-05 15:56 3,786,760 --a------ C:\Windows\System32\D3DX9_37.dll
2008-04-10 16:56 . 2008-03-05 15:56 1,420,824 --a------ C:\Windows\System32\D3DCompiler_37.dll
2008-04-10 16:56 . 2008-03-05 16:03 479,752 --a------ C:\Windows\System32\XAudio2_0.dll
2008-04-10 16:56 . 2008-02-05 23:07 462,864 --a------ C:\Windows\System32\d3dx10_37.dll
2008-04-10 16:56 . 2008-03-05 16:03 238,088 --a------ C:\Windows\System32\xactengine3_0.dll
2008-04-10 16:56 . 2008-03-05 16:00 25,608 --a------ C:\Windows\System32\X3DAudio1_3.dll
2008-04-09 18:52 . 2008-04-09 18:52 <REP> d-------- C:\Users\All Users\Media Center Programs
2008-04-09 18:52 . 2008-04-09 18:52 <REP> d-------- C:\ProgramData\Media Center Programs
2008-04-09 18:46 . 2008-04-09 18:54 <REP> d-------- C:\Program Files\Tomb Raider - Anniversary
2008-04-09 18:46 . 2008-02-29 06:16 2,027,008 --a------ C:\Windows\System32\win32k.sys
2008-04-09 18:46 . 2008-02-15 01:19 944,184 --a------ C:\Windows\System32\winload.exe
2008-04-09 18:46 . 2008-02-19 07:10 620,088 --a------ C:\Windows\System32\ci.dll
2008-04-09 18:46 . 2008-02-29 08:39 371,712 --a------ C:\Windows\System32\srcore.dll
2008-04-09 18:46 . 2008-02-29 08:38 313,856 --a------ C:\Windows\System32\rstrui.exe
2008-04-09 18:46 . 2008-02-29 08:51 19,000 --a------ C:\Windows\System32\kd1394.dll
2008-04-09 18:45 . 2008-02-29 08:39 40,960 --a------ C:\Windows\System32\srclient.dll
2008-04-09 18:45 . 2008-02-29 08:38 16,384 --a------ C:\Windows\System32\srdelayed.exe
2008-04-09 18:45 . 2008-02-29 08:34 7,168 --a------ C:\Windows\System32\f3ahvoas.dll
2008-04-09 18:45 . 2008-02-29 08:35 6,656 --a------ C:\Windows\System32\kbd106n.dll
2008-04-09 18:44 . 2008-02-21 06:43 296,448 --a------ C:\Windows\System32\gdi32.dll
2008-04-09 18:44 . 2007-12-16 13:49 84,480 --a------ C:\Windows\System32\dnsrslvr.dll
2008-04-09 18:44 . 2007-12-16 11:41 24,576 --a------ C:\Windows\System32\dnscacheugc.exe
2008-04-08 23:31 . 2008-04-08 23:31 <REP> d-------- C:\Users\votre nom d'utilisateur\Mes documents
2008-04-08 23:31 . 2008-04-08 23:31 <REP> d-------- C:\Users\votre nom d'utilisateur
2008-04-02 21:41 . 2008-04-02 21:41 69 --a------ C:\Windows\NeroDigital.ini
2008-04-02 13:09 . 2008-04-02 13:09 303 --a------ C:\Windows\ST6UNST.001
2008-04-02 13:08 . 2008-04-02 13:09 5,144 --a------ C:\Windows\SETUP.LST
2008-04-02 13:08 . 2008-04-02 13:08 303 --a------ C:\Windows\ST6UNST.000
2008-03-30 16:54 . 2008-03-30 16:54 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\Talkback
2008-03-30 15:43 . 2008-03-30 15:43 <REP> d-------- C:\Users\All Users\eMule
2008-03-30 15:43 . 2008-03-30 15:43 <REP> d-------- C:\ProgramData\eMule
2008-03-30 15:43 . 2008-03-30 15:43 <REP> d-------- C:\Program Files\eMule
2008-03-30 14:39 . 2008-03-30 14:39 <REP> d-------- C:\Windows\System32\URTTEMP
2008-03-30 00:30 . 2008-04-23 17:13 <REP> d-------- C:\Windows\San Andreas Mod Installer
2008-03-29 23:05 . 2008-03-29 23:26 524,288 --ahs---- C:\Users\Owen & Ethan\ntuser.dat{883e363f-fdce-11dc-8444-001e8c5b18f3}.TMContainer00000000000000000002.regtrans-ms
2008-03-29 23:05 . 2008-03-29 23:26 524,288 --ahs---- C:\Users\Owen & Ethan\ntuser.dat{883e363f-fdce-11dc-8444-001e8c5b18f3}.TMContainer00000000000000000001.regtrans-ms
2008-03-29 23:05 . 2008-03-29 23:26 65,536 --ahs---- C:\Users\Owen & Ethan\ntuser.dat{883e363f-fdce-11dc-8444-001e8c5b18f3}.TM.blf
2008-03-28 19:01 . 2008-03-28 19:01 <REP> d-------- C:\Program Files\AC3Filter
2008-03-27 18:14 . 2008-03-27 18:14 <REP> d-------- C:\Program Files\DkZ Studio
2008-03-21 11:07 . 2008-03-21 11:58 <REP> d-------- C:\Program Files\Common Files\Real
2008-03-19 18:38 . 2008-03-27 17:45 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\IDM
2008-03-19 18:38 . 2008-03-27 17:44 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\DMCache
2008-03-19 18:38 . 2008-03-27 17:47 <REP> d-------- C:\Program Files\Internet Download Manager
2008-03-14 23:28 . 2008-03-14 23:28 137,344 --a------ C:\Windows\System32\drivers\litsgt.sys
2008-03-14 23:28 . 2008-03-14 23:28 12,032 --a------ C:\Windows\System32\drivers\tansgt.sys
2008-03-14 23:25 . 2008-03-14 23:25 <REP> d-------- C:\Program Files\Atari
2008-03-11 19:36 . 2007-12-17 00:50 1,060,920 --a------ C:\Windows\System32\drivers\ntfs.sys
2008-03-11 19:36 . 2007-12-16 11:56 41,984 --a------ C:\Windows\System32\drivers\monitor.sys
2008-03-08 18:52 . 2008-02-22 05:25 54,672 --a------ C:\Windows\System32\jureg.exe
2008-03-03 19:35 . 2008-03-03 19:35 98,304 --a------ C:\Windows\System32\CmdLineExt.dll
2008-03-03 19:27 . 2008-03-03 19:33 <REP> d-------- C:\Program Files\Tomb Raider - Legend
2008-03-03 19:23 . 2008-03-03 19:23 <REP> d-------- C:\Program Files\Core Design
2008-03-03 19:23 . 1999-08-03 11:50 172,032 --a------ C:\Windows\System32\binkw32.dll
2008-03-03 11:53 . 2008-03-03 12:10 <REP> d-------- C:\RAY
2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\Users\Public\CyberLink
2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\CyberLink
2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\Users\All Users\CyberLink
2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\ProgramData\CyberLink

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-30 14:25 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\AVG7
2008-04-30 13:18 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\OpenOffice.org2
2008-04-29 13:14 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\LimeWire
2008-04-26 14:14 --------- d-----w C:\Program Files\Common Files\PX Storage Engine
2008-04-23 14:10 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-04-23 09:55 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-04-10 08:03 --------- d-----w C:\Program Files\Windows Mail
2008-04-08 12:41 --------- d-----w C:\Program Files\PhotoFiltre
2008-04-07 10:26 --------- d-----w C:\Program Files\Drawing for Children
2008-04-07 10:25 733,696 ----a-w C:\Windows\GPInstall.exe
2008-04-02 18:22 --------- d-----w C:\Users\fred\AppData\Roaming\AVG7
2008-03-31 09:23 --------- d-----w C:\Program Files\SlySoft
2008-03-29 21:01 --------- d-----w C:\ProgramData\avg7
2008-03-29 20:02 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-14 16:03 278,984 ----a-w C:\Windows\system32\drivers\atksgt.sys
2008-03-13 09:52 53,768 ----a-w C:\Windows\system32\drivers\avgwfp.sys
2008-03-08 16:52 --------- d-----w C:\Program Files\Java
2008-03-07 14:42 --------- d-----w C:\ProgramData\DVD Shrink
2008-02-22 03:25 329,104 ----a-w C:\Windows\System32\jucheck.exe
2008-02-21 15:04 9,216 ----a-w C:\Windows\System32\avgwlntf.dll
2008-02-21 11:31 37,888 ----a-w C:\Windows\System32\rar.exe
2008-02-21 04:43 826,368 ----a-w C:\Windows\System32\wininet.dll
2008-02-21 04:43 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-21 04:43 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-14 09:11 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-02-14 09:08 3,505,720 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-02-14 09:08 3,471,928 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-02-14 09:07 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-14 09:07 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-14 09:07 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-14 09:07 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-02-14 09:07 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-02-14 09:07 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-02-14 09:07 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-14 09:07 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-14 09:07 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-02-14 09:07 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-02-09 15:15 194 ----a-w C:\Users\Owen & Ethan\AppData\Roaming\wklnhst.dat
2008-02-07 11:15 92,160 ----a-w C:\Windows\System32\ezUninst.exe
2008-02-07 11:15 85,504 ----a-w C:\Windows\System32\ezShellStart.exe
2008-02-07 11:15 49,152 ----a-w C:\Windows\System32\ezUPBHook.dll
2008-02-07 11:15 33,792 ----a-w C:\Windows\System32\ezntsvc.exe
2008-02-07 11:15 241,664 ----a-w C:\Windows\System32\ezSetup.exe
2008-02-07 11:15 15,360 ----a-w C:\Windows\System32\ezMAPIHelper.exe
2008-02-06 16:43 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
2008-02-06 16:43 67,584 ----a-w C:\Windows\System32\wlanhlp.dll
2008-02-06 16:43 542,720 ----a-w C:\Windows\System32\sysmain.dll
2008-02-06 16:43 502,784 ----a-w C:\Windows\System32\wlansvc.dll
2008-02-06 16:43 47,104 ----a-w C:\Windows\System32\wlanapi.dll
2008-02-06 16:43 297,984 ----a-w C:\Windows\System32\wlansec.dll
2008-02-06 16:43 290,816 ----a-w C:\Windows\System32\wlanmsm.dll
2008-02-06 16:43 24,064 ----a-w C:\Windows\System32\wtsapi32.dll
2008-02-06 16:43 2,923,520 ----a-w C:\Windows\explorer.exe
2008-02-06 16:41 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
2008-02-06 16:41 223,232 ----a-w C:\Windows\System32\WMASF.DLL
2008-02-06 16:41 2,048 ----a-w C:\Windows\System32\asferror.dll
2008-02-06 16:41 1,327,104 ----a-w C:\Windows\System32\quartz.dll
2008-02-06 16:40 11,776 ----a-w C:\Windows\System32\sbunattend.exe
2008-02-06 16:38 2,048 ----a-w C:\Windows\System32\tzres.dll
2008-02-06 16:31 53,080 ----a-w C:\Windows\System32\wuauclt.exe
2008-02-06 16:31 43,352 ----a-w C:\Windows\System32\wups2.dll
2008-02-06 16:31 1,712,984 ----a-w C:\Windows\System32\wuaueng.dll
2008-02-06 16:31 1,524,224 ----a-w C:\Windows\System32\wucltux.dll
2008-02-06 16:30 80,896 ----a-w C:\Windows\System32\wudriver.dll
2008-02-06 16:30 549,720 ----a-w C:\Windows\System32\wuapi.dll
2008-02-06 16:30 33,624 ----a-w C:\Windows\System32\wups.dll
2008-02-06 16:30 31,232 ----a-w C:\Windows\System32\wuapp.exe
2008-02-06 16:30 163,000 ----a-w C:\Windows\System32\wuwebv.dll
2008-01-10 05:50 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
2008-01-04 21:59 524,288 ----a-w C:\Windows\System32\DivXsm.exe
2008-01-04 21:58 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
2008-01-04 21:58 200,704 ----a-w C:\Windows\System32\ssldivx.dll
2008-01-04 21:58 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
2008-01-04 21:57 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
2008-01-04 21:57 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
2008-01-04 21:57 81,920 ----a-w C:\Windows\System32\dpl100.dll
2008-01-04 21:57 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
2008-01-04 21:57 682,496 ----a-w C:\Windows\System32\DivX.dll
2008-01-04 21:57 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
2008-01-04 21:57 57,344 ----a-w C:\Windows\System32\dpv11.dll
2008-01-04 21:57 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll
2008-01-04 21:57 344,064 ----a-w C:\Windows\System32\dpus11.dll
2008-01-04 21:57 294,912 ----a-w C:\Windows\System32\dpu11.dll
2008-01-04 21:57 294,912 ----a-w C:\Windows\System32\dpu10.dll
2008-01-04 21:57 196,608 ----a-w C:\Windows\System32\dtu100.dll
2008-01-04 21:56 156,992 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe
2008-01-04 21:56 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll
2007-12-07 17:57 174 --sha-w C:\Program Files\desktop.ini
2007-11-13 18:11 68,332,489 ----a-w C:\Program Files\openofficeorg3.cab
2007-11-13 18:11 3,395,476 ----a-w C:\Program Files\openofficeorg4.cab
2007-11-13 18:04 17,645,041 ----a-w C:\Program Files\openofficeorg2.cab
2007-11-13 18:03 19,208,747 ----a-w C:\Program Files\openofficeorg1.cab
2007-11-13 18:02 4,369,408 ----a-w C:\Program Files\openofficeorg23.msi
2007-11-13 18:02 217 ----a-w C:\Program Files\setup.ini
2004-07-22 09:51 3,432,656 ----a-w C:\Program Files\ManagedDX.CAB
2004-07-19 21:58 1,156,363 ----a-w C:\Program Files\BDANT.cab
2004-07-19 21:53 976,020 ----a-w C:\Program Files\BDAXP.cab
2004-07-09 13:17 13,265,040 ----a-w C:\Program Files\dxnt.cab
2004-07-09 08:13 703,080 ----a-w C:\Program Files\BDA.cab
.

((((((((((((((((((((((((((((( snapshot@2008-04-26_18.28.23.62 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-04-26 16:22:21 67,584 --s-a-w C:\Windows\bootstat.dat
+ 2008-04-30 14:24:29 67,584 --s-a-w C:\Windows\bootstat.dat
+ 2008-04-30 14:24:29 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-04-30 14:24:29 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2008-04-26 16:13:31 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
+ 2008-04-30 14:39:38 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
- 2008-04-26 16:22:53 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-04-30 14:25:59 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-04-30 14:25:59 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2008-04-26 16:19:35 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
+ 2008-04-30 15:30:22 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
- 2008-04-26 16:22:53 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-04-30 14:26:04 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-04-30 14:26:04 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2008-04-26 16:23:22 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-04-30 14:58:46 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-04-26 16:23:22 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-04-30 14:58:46 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-04-26 16:23:22 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-04-30 14:58:46 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-04-26 16:01:38 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2008-04-30 14:22:39 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2008-04-30 14:22:39 262,144 ---ha-w C:\Windows\System32\config\systemprofile\ntuser.dat.LOG1
- 2008-04-26 16:18:51 107,416 ----a-w C:\Windows\System32\perfc009.dat
+ 2008-04-30 14:30:56 107,416 ----a-w C:\Windows\System32\perfc009.dat
- 2008-04-26 16:18:51 121,814 ----a-w C:\Windows\System32\perfc00C.dat
+ 2008-04-30 14:30:56 121,814 ----a-w C:\Windows\System32\perfc00C.dat
- 2008-04-26 16:18:51 618,272 ----a-w C:\Windows\System32\perfh009.dat
+ 2008-04-30 14:30:56 618,272 ----a-w C:\Windows\System32\perfh009.dat
- 2008-04-26 16:18:51 699,984 ----a-w C:\Windows\System32\perfh00C.dat
+ 2008-04-30 14:30:56 699,984 ----a-w C:\Windows\System32\perfh00C.dat
- 2008-04-26 15:58:34 10,990 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3621014496-419229648-1526199216-1000_UserData.bin
+ 2008-04-30 14:26:24 11,302 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3621014496-419229648-1526199216-1000_UserData.bin
- 2008-04-26 16:14:15 60,664 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-04-30 14:26:24 60,934 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2008-04-26 15:58:33 50,880 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-04-30 14:26:23 51,240 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{267D2125-77C5-4FDD-B343-54C77A9D6E6A}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AC53EE7B-265C-4265-85F4-58DBD1DD7B7B}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-02-06 18:40 1232896]
"cmds"="C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-12-08 04:28 1006264]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 17:01 65536]
"KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 18:16 65536]
"OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 13:59 118784]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 17:36 178712]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-08-27 20:59 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-08-27 20:59 8473120]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-08-27 20:59 81920]
"HP Health Check Scheduler"="[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [ ]
"SunJavaUpdateReg"="C:\Windows\system32\jureg.exe" [2008-02-22 05:25 54672]
"HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 17:24 54840]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 10:51 1836328]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-03-06 18:48 488984]
"LogitechQuickCamRibbon"="C:\Program Files\Labtec\WebCam10\WebCam10.exe" [2007-03-06 18:58 1060376]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 16:57 153136]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-25 15:52 4702208 C:\Windows\RtHDVCpl.exe]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-04-17 09:04 579584]
"avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-04-02 10:35 327720]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-02-21 17:03 219136]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableLockWorkstation"= 0 (0x0)
"DisableChangePassword"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoLogoff"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
"Windows Printing Driver"= WinSpooler.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
avgwlntf.dll 2008-02-21 17:04 9216 C:\Windows\System32\avgwlntf.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3codecp"= l3codecp.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{0C1B9D83-7C06-4A28-91B0-07A36AA64670}"= c:\Program Files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{7906CDA6-1DD0-45DD-911E-9F582507765F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{2A7451E8-0A19-411A-8652-14C41A8DDCC0}C:\\program files\\limewire\\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire
"UDP Query User{B0448270-EAAA-4E2B-8EA1-A770AE7BF97C}C:\\program files\\limewire\\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire
"TCP Query User{06C92084-503E-4FE1-A911-55044D544B25}C:\\program files\\konami\\pro evolution soccer 6\\pes6.exe"= UDP:C:\program files\konami\pro evolution soccer 6\pes6.exees6.exe
"UDP Query User{0D45552C-E281-4940-B642-FC5ED42956AB}C:\\program files\\konami\\pro evolution soccer 6\\pes6.exe"= TCP:C:\program files\konami\pro evolution soccer 6\pes6.exees6.exe
"TCP Query User{999CC55C-DF47-4F8A-88AB-444C9ED771FA}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{A0B5A50B-46DE-44CE-9515-9ADE4C69CBBE}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-03-29 19:31]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
R2 litsgt;litsgt;C:\Windows\system32\DRIVERS\litsgt.sys [2008-03-14 23:28]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43]
R2 tansgt;tansgt;C:\Windows\system32\DRIVERS\tansgt.sys [2008-03-14 23:28]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service;C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 22:55]
R3 AvgWFP;AVG7 Firewall Driver x86;C:\Windows\system32\Drivers\avgwfp.sys [2008-03-13 11:52]
S3 GameConsoleService;GameConsoleService;"C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe" [2008-01-29 19:09]
S3 MBAMCatchMe;MBAMCatchMe;C:\Program Files\Malwarebytes' Anti-Malware\catchme.sys [2008-04-07 20:17]
S3 PCD5SRVC{BD6912E3-AC9D80E8-05040000};PCD5SRVC{BD6912E3-AC9D80E8-05040000} - PCDR Kernel Mode Service Helper Driver;C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms [2007-09-13 03:35]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3da222d8-a52c-11dc-8ee6-806e6f6e6963}]
\shell\AutoRun\command - E:\autorun.exe

*Newly Created Service* - CATCHME
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-30 17:32:03
Windows 6.0.6000 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 5

**************************************************************************
.
Temps d'accomplissement: 2008-04-30 17:33:08
ComboFix-quarantined-files.txt 2008-04-30 15:32:54
ComboFix2.txt 2008-04-26 16:28:53

Pre-Run: 338,634,063,872 octets libres
Post-Run: 338,618,834,944 octets libres

317 --- E O F --- 2008-04-30 08:08:14

Je recommence alors ^^

Tu peux installer Combofix et CFScript à la racine de ton disque (C:\) ?

Je ne parviens pas à choisir l'endroit où télécharger donc j'ai copié le ComboFix du bureau et coller dans C:\, j'ai recréé ton bloc-note et glissé dans C:`\
Maintenant, je réessaie la manip' et je te dis quoi !

C'est ce qu'il faut faire

Hey, t'as pas la tête comme une pastèque à cause de moi?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:48:32, on 26/04/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\jureg.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Labtec\WebCam10\WebCam10.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\hp\kbd\kbd.exe
C:\Windows\System32\cmd.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Windows NT\Accessories\wordpad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AC53EE7B-265C-4265-85F4-58DBD1DD7B7B} - (no file)
O2 - BHO: (no name) - {EF21B277-AE9F-460C-B3FE-B47AA3A8EBBF} - C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Labtec\WebCam10\WebCam10.exe" /hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll,c
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\OWEN&E~1\AppData\Local\Temp\efCRhGxw.dll,#1
O4 - HKCU\..\Policies\Explorer\Run: [Windows Printing Driver] WinSpooler.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.co [...] crlocx.ocx
O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 10579 bytes

Salut,
J'ai pas le temps mais je passe vite fait pour te dire que je n'ai pas trouvé toutes les lignes dans HiJack, je suis là cet aprem, je te raconterai
à plus
Voici le rapport de OTMovelt:

File/Folder C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll not found.
File/Folder C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll not found.
File/Folder C:\Users\OWEN&E~1\AppData\Local\Temp\efCRhGxw.dll not found.

OTMoveIt2 by OldTimer - Version 1.0.4.1 log created on 05012008_095748

Oops, j'étais pô là hier, alors pour raccourcir, je n'ai pas les mêmes lignes sur le rapport et sur le scan seul, bizarre, non? je n'ai donc pas pu tout coché mais même après avoir "fix machin" les lignes trouvées, elles réapparaissaient sur le rapport suivant!
Quant à la manip' d'OTMovelt, je comprends pas, ça semble fonctionnait à part qu'à aucun moment je ne peux taper "1" et "entrée" et il semblerait que la manip ne soit pas prise en compte.....

voici le rapport HiJack, bon courage


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:48:32, on 26/04/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\jureg.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Labtec\WebCam10\WebCam10.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\hp\kbd\kbd.exe
C:\Windows\System32\cmd.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Windows NT\Accessories\wordpad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AC53EE7B-265C-4265-85F4-58DBD1DD7B7B} - (no file)
O2 - BHO: (no name) - {EF21B277-AE9F-460C-B3FE-B47AA3A8EBBF} - C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Labtec\WebCam10\WebCam10.exe" /hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll,c
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\OWEN&E~1\AppData\Local\Temp\efCRhGxw.dll,#1
O4 - HKCU\..\Policies\Explorer\Run: [Windows Printing Driver] WinSpooler.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ [...] wflash.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.co [...] crlocx.ocx
O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 10579 bytes

Ton rapport Hijackthis n'est pas récent...