VIRUS google

Bonjour,

• Télécharge Catchme (Gmer) sur ton Bureau.
• Double clique sur catchme.exe (le .exe n'est pas forcément visible) afin de le lancer.
• Lorsque la recherche sera terminée, poste le rapport catchme.log dans ta prochaine réponse.

Re,

http://toolbarsd.googlepages.com/KillTD.zip
Dézippe-le sur ton Bureau, lance kill.cmd.

Refais un scan Catchme.

desolé je me suis trompé :

catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
http://www.gmer.net

scanning hidden processes ...

scanning hidden services ...

HKLM\SYSTEM\CurrentControlSet\Services\TDTCPerv

scanning hidden autostart entries ...

scanning hidden files ...

C:\Documents and Settings\Julien▓\Local Settings\Temp\TDSSf66b.tmp 688128 bytes

et voici le rapport hijack

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:10:50, on 16/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\windows\Explorer.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\ICQLite\ICQLite.exe
c:\program files\a-squared free\a2service.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\windows\vVX3000.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\windows\system32\msiexec.exe
C:\windows\system32\nvsvc32.exe
C:\windows\system32\HPZipm12.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\windows\System32\svchost.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\windows\system32\RUNDLL32.EXE
C:\windows\RTHDCPL.EXE
C:\windows\system32\wscntfy.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\SAGEM\SAGEM F@st800\dslmon.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\windows\system32\NOTEPAD.EXE

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_ [...] TbId=66027
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://loginnet.passport.com/ppsec [...] rf?lc=1036
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: XBTP05231 Class - {031F120A-BBAF-45d8-B306-375F2A6B9398} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A944F455-E460-479C-85C2-FB165E5931AB} - C:\windows\system32\pmnno.dll (file missing)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {C9284271-BBEB-4D42-933D-D95E9F47D0A3} - C:\windows\system32\pmnonnOi.dll (file missing)
O2 - BHO: (no name) - {F9C44C0B-D269-4746-894B-912E3CE1CEE6} - (no file)
O3 - Toolbar: Alcohol Soft - Alcohol 120% Toolbar - {1CE4EE89-2D5C-4361-AF3B-D902AB545381} - C:\Program Files\Alcohol Soft\Alcohol 120% Toolbar\a120_tb.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [VX3000] C:\windows\vVX3000.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ppmate] C:\Program Files\PPMate\PPMate\ppmate.exe -autoplay
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Dart trust] C:\DOCUME~1\JULIEN~1\APPLIC~1\MP3GRE~1\ball inter bows.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - HKCU\..\Policies\Explorer\Run: [{3C52FB74-07DA-1036-1110-051026040021}] "C:\Program Files\Fichiers communs\{3C52FB74-07DA-1036-1110-051026040021}\Update.exe" mc-110-12-0000272
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Morpheus.lnk = C:\Program Files\Morpheus\Morpheus.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Global Startup: DSLMON.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - (no file)
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: CarbonPoker - {e4e8c758-34b4-44bb-8ef9-1f0786e81d2d} - C:\Documents and Settings\Julien²\Menu Démarrer\Programmes\CarbonPoker\CarbonPoker.lnk (HKCU)
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/mi [...] 2961930953
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 2961922812
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InstallShield Licensing Service - Macrovision - C:\Program Files\Fichiers communs\InstallShield Shared\Service\InstallShield Licensing Service.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\windows\system32\HPZipm12.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - Z:\Program Files\NFS p\PB\PnkBstrA.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: VundoFix Service (VundoFixSvc) - Atribune.org - C:\windows\SYSTEM32\VundoFixSVC.exe
O24 - Desktop Component 0: (no name) - file:///CDOCUME~1/JULIEN~1/LOCALS~1/Temp/msohtmlclip1/01/clip_image002.jpg

--
End of file - 11655 bytes

voila j'ai fait tous ca , le problème semble être résolu.je dis semble car avant hier il n'y avait plus le probleme et il est revenu aujourd'hui

voila le rapport
ComboFix 08-09-16.05 - Julien² 2008-09-17 14:25:41.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.546 [GMT 2:00]
Lancé depuis: C:\Documents and Settings\Julien²\Bureau\ComboFix.exe
* Un nouveau point de restauration a été créé

[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Julien²\Menu Démarrer\Programmes\WebMediaPlayer\WebMediaPlayer.lnk
C:\Documents and Settings\Julien²\Menu Démarrer\Programmes\WebMediaPlayer\Website.lnk
C:\Program Files\Fichiers communs\{3C52F~1
C:\windows\BM3f61c847.txt
C:\windows\BM3f61c847.xml
C:\windows\pack.epk
C:\windows\system32\actskn43.ocx
C:\windows\system32\csyopomc.ini
C:\windows\system32\dlutnlrj.ini
C:\WINDOWS\system32\iOnnonmp.ini
C:\WINDOWS\system32\iOnnonmp.ini2
C:\windows\system32\kvhsuhrm.ini
C:\windows\system32\lrtsrwyf.ini
C:\windows\system32\mcrh.tmp
C:\windows\system32\odvjxotq.ini
C:\windows\system32\pxunfwrq.ini
C:\windows\system32\rpdwuesw.ini
C:\windows\system32\tdssinit.dll
C:\windows\system32\tdssl.dll
C:\windows\system32\tdsslog.dll
C:\windows\system32\tdssmain.dll
C:\windows\system32\tdssserf.dll
C:\windows\system32\tdssservers.dat
C:\windows\system32\ugrtzuw.dat
C:\windows\system32\ugrtzuw_nav.dat
C:\windows\system32\ugrtzuw_navps.dat
C:\windows\system32\uninstall.exe
C:\windows\system32\uwyeswrt.ini
C:\windows\system32\vajyvsyi.ini
C:\windows\system32\vlregmsk.ini
C:\windows\system32\vnemkvlj.ini
C:\windows\system32\vrmyrdlv.ini
C:\windows\system32\wguppkqd.ini
C:\windows\system32\xheixsyu.ini
C:\Documents and Settings\Julien²\Application Data\inst.exe . . . . impossible à supprimer

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_DOMAINSERVICE


((((((((((((((((((((((((((((( Fichiers cr‚‚s du 2008-08-17 au 2008-09-17 ))))))))))))))))))))))))))))))))))))
.

2008-09-15 21:38 . 2008-09-16 23:15 <REP> d-------- C:\Program Files\Navilog1
2008-09-15 17:45 . 2008-09-15 18:41 <REP> d-------- C:\fixwareout
2008-09-14 21:36 . 2008-09-14 21:36 940,794 --a------ C:\WINDOWS\system32\LoopyMusic.wav
2008-09-14 21:36 . 2008-09-14 21:36 146,650 --a------ C:\WINDOWS\system32\BuzzingBee.wav
2008-09-14 01:50 . 2005-05-03 20:43 69,632 -r------- C:\WINDOWS\Alcmtr.exe
2008-09-14 01:25 . 2008-09-14 01:25 <REP> d-------- C:\Program Files\Realtek AC97
2008-09-13 20:44 . 2007-11-14 15:18 553 --a------ C:\WINDOWS\USetup.iss
2008-09-13 10:53 . 2008-09-13 10:53 <REP> d-------- C:\Program Files\ma-config.com
2008-09-13 10:53 . 2008-09-13 10:53 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ma-config.com
2008-09-13 04:21 . 2008-09-13 04:21 <REP> d-------- C:\WINDOWS\system32\Attansic
2008-09-13 04:21 . 2008-09-13 04:21 <REP> d-------- C:\Program Files\Attansic
2008-09-13 04:21 . 2007-03-15 16:12 38,656 -ra------ C:\WINDOWS\system32\drivers\atl01_xp.sys
2008-09-13 04:20 . 2007-03-23 21:04 4,423,680 -ra------ C:\WINDOWS\RtHDVCpl.exe
2008-09-13 04:20 . 2007-03-21 20:58 1,844,224 -ra------ C:\WINDOWS\system32\RtkAPO.dll
2008-09-13 04:20 . 2007-03-26 21:18 1,761,696 -ra------ C:\WINDOWS\system32\drivers\RTKVHDA.sys
2008-09-13 04:20 . 2007-03-14 19:10 495,104 -ra------ C:\WINDOWS\system32\RtkPgExt.dll
2008-09-13 04:20 . 2006-12-13 12:30 339,968 -ra------ C:\WINDOWS\system32\SRSTSXT.dll
2008-09-13 04:20 . 2007-03-23 17:34 266,240 -ra------ C:\WINDOWS\system32\RtkApoApi.dll
2008-09-13 04:20 . 2006-11-29 20:47 135,168 -ra------ C:\WINDOWS\system32\SRSWOW.dll
2008-09-13 04:20 . 2007-03-22 16:30 18,432 -ra------ C:\WINDOWS\system32\RtkCoInst.dll
2008-09-13 04:16 . 2008-09-13 04:16 <REP> d-------- C:\WINDOWS\system32\Lang
2008-09-13 04:08 . 2008-09-14 02:01 <REP> d-------- C:\WINDOWS\system32\RTCOM
2008-09-13 04:08 . 2007-03-21 16:49 16,126,464 -r------- C:\WINDOWS\RTHDCPL.exe
2008-09-13 04:08 . 2007-03-23 21:19 9,715,200 -r------- C:\WINDOWS\RTLCPL.exe
2008-09-13 04:08 . 2007-03-26 21:21 4,395,008 -r------- C:\WINDOWS\system32\drivers\RtkHDAud.sys
2008-09-13 04:08 . 2006-05-04 18:26 2,808,832 -r------- C:\WINDOWS\alcwzrd.exe
2008-09-13 04:08 . 2006-10-11 19:42 2,157,568 -r------- C:\WINDOWS\MicCal.exe
2008-09-13 04:08 . 2007-03-16 17:06 1,822,720 -r------- C:\WINDOWS\SkyTel.exe
2008-09-13 04:08 . 2007-01-16 12:39 1,191,936 -r------- C:\WINDOWS\RtlUpd.exe
2008-09-13 04:08 . 2006-08-18 08:58 282,624 -r------- C:\WINDOWS\system32\RTSndMgr.cpl
2008-09-13 04:06 . 2008-09-14 02:00 <REP> d-------- C:\Program Files\Realtek
2008-09-13 04:06 . 2008-07-29 15:42 528,384 --a------ C:\WINDOWS\RtlExUpd.dll
2008-09-13 04:06 . 2008-09-12 23:15 319,488 --a------ C:\WINDOWS\HideWin.exe
2008-09-13 03:57 . 2008-09-13 03:57 <REP> d-------- C:\WINDOWS\ASUSInstAll
2008-09-13 03:52 . 2008-09-13 03:52 <REP> d-------- C:\WINDOWS\system32\drivers\system32
2008-09-13 03:52 . 2008-09-13 03:52 <REP> d-------- C:\WINDOWS\system32\drivers\INF
2008-09-13 03:51 . 2008-09-13 03:51 <REP> d-------- C:\Program Files\Intel
2008-09-13 03:51 . 2008-09-13 03:51 <REP> d-------- C:\Intel
2008-09-13 03:50 . 2008-09-13 04:09 14,923 --a------ C:\WINDOWS\Ascd_log.ini
2008-09-13 03:49 . 2008-09-13 03:49 <REP> dr------- C:\WINDOWS\AsDmiHtm
2008-09-13 03:32 . 2008-09-14 01:57 14,690 --a------ C:\WINDOWS\Ascd_tmp.ini
2008-09-13 03:32 . 2006-10-11 13:33 10,288 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2008-09-13 03:32 . 2004-08-13 20:56 5,810 -ra------ C:\WINDOWS\system32\drivers\ASACPI.sys
2008-09-13 03:22 . 2004-08-03 23:08 20,480 --a------ C:\WINDOWS\system32\drivers\usbuhci.sys
2008-09-13 03:22 . 2004-08-03 23:08 20,480 --a--c--- C:\WINDOWS\system32\dllcache\usbuhci.sys
2008-09-13 03:20 . 2004-08-19 15:59 5,504 --a------ C:\WINDOWS\system32\drivers\intelide.sys
2008-09-13 03:20 . 2004-08-19 15:59 5,504 --a--c--- C:\WINDOWS\system32\dllcache\intelide.sys
2008-09-13 03:12 . 2007-10-04 18:14 136,260 --a------ C:\WINDOWS\system32\nvapps.nvb
2008-09-13 03:06 . 2004-08-03 23:10 61,056 --a------ C:\WINDOWS\system32\drivers\ohci1394.sys
2008-09-13 03:06 . 2004-08-03 23:10 61,056 --a--c--- C:\WINDOWS\system32\dllcache\ohci1394.sys
2008-09-13 03:06 . 2004-08-03 23:10 53,248 --a------ C:\WINDOWS\system32\drivers\1394bus.sys
2008-09-13 03:06 . 2004-08-03 23:10 53,248 --a--c--- C:\WINDOWS\system32\dllcache\1394bus.sys
2008-09-13 03:06 . 2001-08-17 21:46 6,400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys
2008-09-13 03:06 . 2001-08-17 21:46 6,400 --a--c--- C:\WINDOWS\system32\dllcache\enum1394.sys
2008-09-01 13:23 . 2008-09-01 18:41 <REP> d-------- C:\Program Files\Mastermax
2008-08-18 21:02 . 2008-09-01 14:53 <REP> d-------- C:\Program Files\LimeWire Acceleration Patch

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-17 12:38 26,729,504 --sha-w C:\windows\system32\drivers\fidbox.dat
2008-09-17 12:33 362,120 --sha-w C:\windows\system32\drivers\fidbox.idx
2008-09-17 12:24 --------- d-----w C:\Program Files\Steam
2008-09-15 15:23 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-09-14 22:25 --------- d-----w C:\Program Files\a-squared Free
2008-09-13 02:21 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-07 14:22 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-09-05 20:25 --------- d-----w C:\Program Files\HyperLobbyPro3
2008-09-03 15:04 --------- d-----w C:\Program Files\Condor
2008-09-01 23:01 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-01 20:37 --------- d-----w C:\Program Files\SystemRequirementsLab
2008-09-01 12:54 --------- d-----w C:\Program Files\Anti Trojan Elite
2008-09-01 12:52 --------- d-----w C:\Program Files\DivX
2008-09-01 10:05 --------- d-----w C:\Program Files\LimeWire
2008-08-23 07:59 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-08-14 08:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-07-23 16:50 43,528 ------w C:\windows\system32\drivers\PxHelp20.sys
2008-03-24 18:04 0 -c--a-w C:\Program Files\temp01
2008-02-22 11:09 680 ----a-w C:\Program Files\mpc2.reg
2008-02-22 11:09 596 ----a-w C:\Program Files\mpc1.reg
2008-02-22 11:09 388 ----a-w C:\Program Files\mpc4.reg
2008-02-22 11:09 3,476 ----a-w C:\Program Files\mpc7.reg
2008-02-22 11:09 3,026 ----a-w C:\Program Files\mpc3.reg
2008-02-22 11:09 18,156 ----a-w C:\Program Files\mpc6.reg
2008-02-22 11:09 16,252 ----a-w C:\Program Files\mpc5.reg
2008-02-22 11:09 1,658 ----a-w C:\Program Files\ffdssetts.reg
2008-02-22 11:09 1,292 ----a-w C:\Program Files\ffdsasetts.reg
2007-06-10 13:16 1,532 ----a-w C:\Program Files\FRAPSLOG.TXT
2006-11-01 11:30 1,728,066 ----a-w C:\Program Files\fs9 2006-11-01 12-30-59-51.bmp
2006-11-01 11:30 1,728,066 ----a-w C:\Program Files\fs9 2006-11-01 12-30-54-71.bmp
2006-03-10 09:47 62,976 ----a-w C:\Documents and Settings\DirectX\DSETUP.dll
2006-03-10 09:47 472,576 ----a-w C:\Documents and Settings\DirectX\dxsetup.exe
2006-03-10 09:47 2,242,560 ----a-w C:\Documents and Settings\DirectX\dsetup32.dll
2006-06-28 15:45 61 --sh--w C:\windows\cnerolf.dat
2004-08-19 14:09 93,184 --sha-w C:\windows\BricoPacks\SysFiles\79_iexplore.exe
2004-08-19 14:10 60,416 --sha-w C:\windows\BricoPacks\SysFiles\80_msimn.exe
2007-02-24 13:58 56 --sh--r C:\windows\system32\25BAC6DCE0.sys
2007-02-24 13:58 3,558 --sha-w C:\windows\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="c:\program files\steam\steam.exe" [2008-03-28 1271032]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2006-10-13 20058152]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-04-04 165784]
"ctfmon.exe"="C:\windows\system32\ctfmon.exe" [2004-08-19 15360]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"ICQ Lite"="C:\Program Files\ICQLite\ICQLite.exe" [2004-07-22 2333776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\windows\system32\NvCpl.dll" [2007-10-04 8491008]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-03-10 35328]
"ICQ Lite"="C:\Program Files\ICQLite\ICQLite.exe" [2004-07-22 2333776]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2007-04-09 200704]
"VX3000"="C:\windows\vVX3000.exe" [2006-10-13 707376]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" [2006-12-15 75520]
"QuickTime Task"="C:\Program Files\QuickTime Alternative\qttask.exe" [2006-10-25 282624]
"ppmate"="C:\Program Files\PPMate\PPMate\ppmate.exe" [2006-11-23 1495123]
"LifeCam"="C:\Program Files\Microsoft LifeCam\LifeExp.exe" [2006-10-13 277296]
"WinPatrol"="C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe" [2008-01-27 316728]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-04-20 262401]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-03-13 919016]
"NvMediaCenter"="C:\windows\system32\NvMcTray.dll" [2007-10-04 81920]
"nwiz"="nwiz.exe" [2007-10-04 C:\WINDOWS\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2007-03-21 C:\WINDOWS\RTHDCPL.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=sockspy.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3acm"= l3codecp.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\StubInstaller.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\ICQLite\\ICQLite.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\WINDOWS\\system32\\dpnsvr.exe"=
"C:\\Program Files\\Microsoft Games\\Flight Simulator 9\\fs9.exe"=
"C:\\WINDOWS\\system32\\mcoinstall.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\Microsoft LifeCam\\LifeExp.exe"=
"C:\\Program Files\\Steam\\SteamApps\\ambrionx44\\counter-strike source\\hl2.exe"=
"C:\\Program Files\\Steam\\SteamApps\\ambrionx44\\day of defeat source\\hl2.exe"=
"C:\\Program Files\\Steam\\SteamApps\\ambrionx44\\counter-strike\\hl.exe"=
"C:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"=
"C:\\Program Files\\Microsoft Games\\Flight Simulator 9\\IBServ.exe"=
"C:\\Program Files\\Microsoft Games\\Flight Simulator 9\\IBMegaServ.exe"=
"C:\\Program Files\\PPMate\\PPMate\\ppmate.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft LifeCam\\LifeCam.exe"=
"Z:\\Program Files\\GameCenter\\GameCenter.exe"=
"Z:\\Program Files\\Crysis\\Bin32\\Crysis.exe"=
"Z:\\Program Files\\Crysis\\Bin32\\CrysisDedicatedServer.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"Z:\\Program Files\\Battlefield 2142\\Battlefield 2142 files\\BF2142.exe"=
"Z:\\Program Files\\Call of Duty 4\\COD4\\iw3mp.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"16079:TCP"= 16079:TCP:teechargements
"16079:UDP"= 16079:UDP:telechargements
"16078:TCP"= 16078:TCP:16078
"16078:UDP"= 16078:UDP:16078
"2003:TCP"= 2003:TCP:fs2004
"2003:UDP"= 2003:UDP:ibnet
"21000:TCP"= 21000:TCP:hamashi 21000
"21000:UDP"= 21000:UDP:hamashi

R2 MSCamSvc;MSCamSvc;C:\Program Files\Microsoft LifeCam\MSCamS32.exe [2006-10-13 207664]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;C:\windows\system32\DRIVERS\atl01_xp.sys [2007-03-15 38656]
S3 ATE_PROCMON;ATE_PROCMON;C:\Program Files\Anti Trojan Elite\ATEPMon.sys [ ]
S3 ggflt;SEMC USB Flash Driver Filter;C:\windows\system32\DRIVERS\ggflt.sys [2008-06-16 13352]
S3 imhidusb;Immersion's HID USB Driver;C:\windows\system32\DRIVERS\imhidusb.sys [2004-04-19 30984]
S3 maconfservice;Ma-Config Service;C:\Program Files\ma-config.com\maconfservice.exe [2008-09-02 191656]
S3 maxidemo;Maxi_Vista_Demo_Driver;C:\windows\system32\DRIVERS\maxidemo.sys [ ]
S3 SCREAMINGBDRIVER;Screaming Bee Audio;C:\windows\system32\drivers\ScreamingBAudio.sys [ ]
S3 SetupNTGLM7X;SetupNTGLM7X;D:\NTGLM7X.sys [ ]
S3 USBSTOR;Pilote de stockage de masse USB;C:\windows\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6d97f448-d149-11da-a006-0016171c2bdf}]
\Shell\AutoRun\command - E:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a3f2e34e-ce28-11da-9ffa-806d6172696f}]
\Shell\AutoRun\command - D:\Setup.exe -check
.
Contenu du dossier 'Tƒches planifi‚es'
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{A944F455-E460-479C-85C2-FB165E5931AB} - C:\windows\system32\pmnno.dll
BHO-{F9C44C0B-D269-4746-894B-912E3CE1CEE6} - (no file)
HKCU-Run-Dart trust - C:\DOCUME~1\JULIEN~1\APPLIC~1\MP3GRE~1\ball inter bows.exe
HKLM-Run-Wspn - (no file)
HKCU-Explorer_Run-{3C52FB74-07DA-1036-1110-051026040021} - C:\Program Files\Fichiers communs\{3C52FB74-07DA-1036-1110-051026040021}\Update.exe
Notify-WgaLogon - (no file)


.
------- Examen suppl‚mentaire -------
.
FireFox -: Profile - C:\Documents and Settings\Julien²\Application Data\Mozilla\Firefox\Profiles\nivnxuv6.default\
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-17 14:37:34
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cach‚s ...

Recherche d'‚l‚ments en d‚marrage automatique cach‚s ...

Recherche de fichiers cach‚s ...

Scan termin‚ avec succŠs
Fichiers cach‚s: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
Z:\Program Files\NFS p\PB\PnkBstrA.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\SAGEM\SAGEM F@st800\dslmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe
C:\ComboFix\pv.cfexe
.
**************************************************************************
.
Heure de fin: 2008-09-17 14:50:05 - La machine a red‚marr‚
ComboFix-quarantined-files.txt 2008-09-17 12:50:00

Avant-CF: 12,139,433,984 octets libres
AprŠs-CF: 12,008,796,160 octets libres

293 --- E O F --- 2008-08-23 07:59:57


Faut il faire encore quelquechose pour être sur que le virus est supprimé?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:25:22, on 17/09/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\windows\System32\smss.exe
C:\windows\system32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\a-squared free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\windows\system32\nvsvc32.exe
C:\windows\system32\HPZipm12.exe
Z:\Program Files\NFS p\PB\PnkBstrA.exe
C:\windows\System32\svchost.exe
C:\windows\system32\wscntfy.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\windows\vVX3000.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\windows\system32\RUNDLL32.EXE
C:\windows\RTHDCPL.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\windows\system32\ctfmon.exe
C:\Program Files\SAGEM\SAGEM F@st800\dslmon.exe
C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe
C:\windows\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_ [...] TbId=66027
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://loginnet.passport.com/ppsec [...] rf?lc=1036
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: XBTP05231 Class - {031F120A-BBAF-45d8-B306-375F2A6B9398} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Alcohol Soft - Alcohol 120% Toolbar - {1CE4EE89-2D5C-4361-AF3B-D902AB545381} - C:\Program Files\Alcohol Soft\Alcohol 120% Toolbar\a120_tb.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -minimize
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [VX3000] C:\windows\vVX3000.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime Alternative\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ppmate] C:\Program Files\PPMate\PPMate\ppmate.exe -autoplay
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe -expressboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\RunOnce: [ICQ Lite] C:\Program Files\ICQLite\ICQLite.exe -trayboot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Morpheus.lnk = C:\Program Files\Morpheus\Morpheus.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Global Startup: DSLMON.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - (no file)
O9 - Extra button: ICQ 4.1 - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: CarbonPoker - {e4e8c758-34b4-44bb-8ef9-1f0786e81d2d} - C:\Documents and Settings\Julien²\Menu Démarrer\Programmes\CarbonPoker\CarbonPoker.lnk (HKCU)
O15 - Trusted Zone: http://locator.cdn.imageservr.com
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/mi [...] 2961930953
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 2961922812
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/bina [...] b31267.cab
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - c:\program files\a-squared free\a2service.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InstallShield Licensing Service - Macrovision - C:\Program Files\Fichiers communs\InstallShield Shared\Service\InstallShield Licensing Service.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\windows\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\windows\system32\HPZipm12.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - Z:\Program Files\NFS p\PB\PnkBstrA.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: VundoFix Service (VundoFixSvc) - Atribune.org - C:\windows\SYSTEM32\VundoFixSVC.exe
O24 - Desktop Component 0: (no name) - file:///CDOCUME~1/JULIEN~1/LOCALS~1/Temp/msohtmlclip1/01/clip_image002.jpg

--
End of file - 11150 bytes


Mais comment fait tu pour interpreter un truc comme ca ?? lol ca me parait enorme

bah le probleme est resolu d'apres toi?

bah merci beaucoup de ton aide heureusement que y a des gens comme vous pour nous aider parce que sinon qu'est ce qu'on ferai ?