Bonjour,

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:20, on 2008-10-25
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\VTTimer.exe
C:\WINDOWS\system32\S3trayp.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\LOGI_MWX.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer fourni par INFO CLICK®
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost;*.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [S3Trayp] S3trayp.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Logitech Utility] LOGI_MWX.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" -s
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: KODAK Software Updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.infoclick.ca
O15 - Trusted Zone: http://p.bart.qc.ca
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/control [...] oader5.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/control [...] oader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/control [...] loader.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://may-day.spaces.live.com/Pho [...] nPUpld.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/control [...] der4_5.cab
O16 - DPF: {F137B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://costco.pnimedia.com/upload/ [...] .0.11.cab?
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - Unknown owner - C:\PROGRA~1\AVG\AVG8\avgemc.exe (file missing)
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - 8412 bytes

Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1319
Windows 5.1.2600 Service Pack 3

2008-10-25 12:54:55
mbam-log-2008-10-25 (12-54-55).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 113498
Temps écoulé: 23 minute(s), 26 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 4
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 8

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1f6581d5-aa53-4b73-a6f9-41420c6b61f1}

(Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{e596df5f-4239-4d40-8367-ebadf0165917}

(Rogue.Installer) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1a26f07f-0d60-4835-91cf-1e1766a0ec56}

(Trojan.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{b64f4a7c-97c9-11da-8bde-f66bad1e3f3a}

(Rogue.WinAntivirus) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\system32\av.dat (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\Documents and Settings\Jérôme Labadie\Local Settings\Temp\wrdwn5 (Trojan.FakeAlert) -> Quarantined and deleted

successfully.
C:\Documents and Settings\Jérôme Labadie\Local Settings\Temp\wrdwn6 (Trojan.FakeAlert) -> Quarantined and deleted

successfully.
C:\Documents and Settings\Jérôme Labadie\Local Settings\Temp\wrdwn7 (Trojan.FakeAlert) -> Quarantined and deleted

successfully.
C:\Documents and Settings\Jérôme Labadie\Local Settings\Temp\wrdwn8 (Trojan.FakeAlert) -> Quarantined and deleted

successfully.
C:\Documents and Settings\Jérôme Labadie\Local Settings\Temp\wrdwn9 (Trojan.FakeAlert) -> Quarantined and deleted

successfully.
C:\Documents and Settings\Jérôme Labadie\Local Settings\Temp\TDSSf026.tmp (Trojan.FakeAlert) -> Quarantined and

deleted successfully.
C:\Documents and Settings\Jérôme Labadie\Local Settings\Temp\TDSSf13f.tmp (Trojan.FakeAlert) -> Quarantined and deleted

successfully.

salut
ca na fonctionne pas...combofix has detected that this machine doesn't have the windows recovery console...
il demande si je veux downloder si je clic sur yes, combofix répond: la syntaxe de la commande est incorrect...

??

merci!!!!
voici le rapport:

ComboFix 08-10-24.02 - Jérôme Labadie 2008-10-25 13:15:37.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.570 [GMT -4:00]
Lancé depuis: C:\Documents and Settings\Jérôme Labadie\Bureau\ComboFix.exe

[COLOR=RED][B]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/B][/COLOR]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Jérôme Labadie\Cookies\onemyjybi.dll
C:\Documents and Settings\Jérôme Labadie\Cookies\onileh.lib
C:\Documents and Settings\Jérôme Labadie\Local Settings\Temporary Internet Files\bywyg.vbs
C:\Documents and Settings\Jérôme Labadie\Local Settings\Temporary Internet Files\omif.ban
C:\Documents and Settings\Jérôme Labadie\Menu Démarrer\Programmes\AntiSpywareXP2009
C:\Documents and Settings\Jérôme Labadie\Menu Démarrer\Programmes\AntiSpywareXP2009\AntiSpywareXP2009.lnk
C:\Documents and Settings\Jérôme Labadie\Menu Démarrer\Programmes\AntiSpywareXP2009\Uninstall.lnk
C:\Program Files\INSTALL.LOG
C:\WINDOWS\system32\gqvpfsod.ini
C:\WINDOWS\system32\wini108015.exe

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_DOMAINSERVICE
-------\Legacy_TDSSSERV.SYS)
-------\Service_TDSSserv.sys)


((((((((((((((((((((((((((((( Fichiers créés du 2008-09-25 au 2008-10-25 ))))))))))))))))))))))))))))))))))))
.

2008-10-24 20:54 . 2008-10-24 20:54 <REP> d-------- C:\Program Files\VS Revo Group
2008-10-24 09:05 . 2008-10-24 09:05 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-10-24 08:55 . 2008-10-15 12:35 337,408 -----c--- C:\WINDOWS\system32\dllcache\netapi32.dll
2008-10-23 13:12 . 2008-10-23 13:12 19,479 --a------ C:\Program Files\Fichiers communs\evan.scr
2008-10-23 13:12 . 2008-10-23 13:12 19,108 --a------ C:\WINDOWS\system32\evoxi.inf
2008-10-23 13:12 . 2008-10-23 13:12 18,487 --a------ C:\WINDOWS\qojufy.ban
2008-10-23 13:12 . 2008-10-23 13:12 17,363 --a------ C:\WINDOWS\system32\badyjamyn.lib
2008-10-23 13:12 . 2008-10-23 13:12 16,622 --a------ C:\WINDOWS\system32\yrusy.vbs
2008-10-23 13:12 . 2008-10-23 13:12 16,367 --a------ C:\Documents and Settings\All Users\Application Data\tewow.sys
2008-10-23 13:12 . 2008-10-23 13:12 14,803 --a------ C:\Documents and Settings\All Users\Application Data\ogepefohi.dat
2008-10-23 13:12 . 2008-10-23 13:12 14,326 --a------ C:\WINDOWS\xucu._dl
2008-10-23 13:12 . 2008-10-23 13:12 14,253 --a------ C:\Documents and Settings\Jérôme Labadie\Application Data\yxexomagyr.scr
2008-10-23 13:12 . 2008-10-23 13:12 14,240 --a------ C:\WINDOWS\qirogoz.vbs
2008-10-23 13:12 . 2008-10-23 13:12 12,360 --a------ C:\WINDOWS\system32\pagubapigu._sy
2008-10-23 13:12 . 2008-10-23 13:12 11,911 --a------ C:\WINDOWS\system32\zado.ban
2008-10-23 13:12 . 2008-10-23 13:12 10,456 --a------ C:\WINDOWS\zygygycet.exe
2008-10-23 13:12 . 2008-10-23 13:12 10,292 --a------ C:\WINDOWS\yvym.reg
2008-10-23 12:46 . 2008-10-23 12:46 164 --a------ C:\WINDOWS\system32\TDSSmtve.dat
2008-10-22 15:06 . 2008-10-25 12:26 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-22 15:06 . 2008-10-22 15:06 <REP> d-------- C:\Documents and Settings\Jérôme Labadie\Application Data\Malwarebytes
2008-10-22 15:06 . 2008-10-22 15:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-22 15:06 . 2008-10-22 16:10 38,496 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-22 15:06 . 2008-10-22 16:10 15,504 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-22 14:57 . 2008-10-22 14:57 <REP> d-------- C:\Program Files\Trend Micro
2008-10-22 12:23 . 2008-10-23 23:25 <REP> d--h----- C:\$AVG8.VAULT$
2008-10-22 12:04 . 2008-10-22 12:04 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
2008-10-22 12:03 . 2008-10-22 12:03 <REP> d-------- C:\Program Files\AVG
2008-10-22 12:03 . 2008-10-24 21:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-10-15 00:35 . 2008-08-14 09:23 2,191,232 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-10-15 00:35 . 2008-08-14 09:23 2,147,328 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-10-15 00:35 . 2008-08-14 09:23 2,068,096 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-10-15 00:35 . 2008-08-14 09:23 2,025,984 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-10-15 00:35 . 2008-09-15 11:26 1,846,528 -----c--- C:\WINDOWS\system32\dllcache\win32k.sys
2008-10-15 00:35 . 2008-09-08 06:41 333,824 -----c--- C:\WINDOWS\system32\dllcache\srv.sys
2008-10-01 21:35 . 2008-10-23 14:57 <REP> d-------- C:\Documents and Settings\LocalService\Application Data\SACore

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-23 17:12 18,718 ----a-w C:\Program Files\Fichiers communs\ocedosak.ban
2008-10-23 17:12 17,633 ----a-w C:\Program Files\Fichiers communs\ynyp.dl
2008-10-15 19:12 --------- d-----w C:\Documents and Settings\Jérôme Labadie\Application Data\LimeWire
2008-10-02 16:51 --------- d-----w C:\Program Files\PokerStars
2008-09-20 05:58 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-09-18 15:17 --------- d-----w C:\Program Files\LimeWire
2008-09-16 03:01 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-09-16 02:55 --------- d-----w C:\Documents and Settings\Jérôme Labadie\Application Data\AdobeUM
2008-09-08 10:41 333,824 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2007-10-16 04:19 22,616 ----a-w C:\Documents and Settings\Jérôme Labadie\Application Data\GDIPFONTCACHEV1.DAT
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-26 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2006-06-20 1397760]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2003-12-08 32768]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [2007-03-16 63712]
"TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\HOMERunner.exe" [2007-10-18 378792]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-08-06 185896]
"AppleSyncNotifier"="C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 116040]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 289064]
"VTTimer"="VTTimer.exe" [2006-04-07 C:\WINDOWS\system32\VTTimer.exe]
"S3Trayp"="S3trayp.exe" [2005-10-31 C:\WINDOWS\system32\S3Trayp.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-04-17 C:\WINDOWS\RTHDCPL.exe]
"Logitech Utility"="LOGI_MWX.EXE" [2003-12-17 C:\WINDOWS\LOGI_MWX.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-13 15360]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
KODAK Software Updater.lnk - C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [2004-02-13 16423]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696]
Logiciel Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2007-06-21 282624]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-07-15 67128]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"LockTaskbar"= 0 (0x0)
"NoStartMenuMFUprogramsList"= 1 (0x1)
"ForceClassicControlPanel"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"LockTaskbar"= 0 (0x0)
"NoStartMenuMFUprogramsList"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.3iv2"= C:\PROGRA~1\K-LITE~1\codecs\3IVXVF~1.DLL
"VIDC.VP60"= C:\PROGRA~1\K-LITE~1\codecs\vp6vfw.dll
"VIDC.VP61"= C:\PROGRA~1\K-LITE~1\codecs\vp6vfw.dll
"VIDC.VP62"= C:\PROGRA~1\K-LITE~1\codecs\vp6vfw.dll
"VIDC.VP70"= C:\PROGRA~1\K-LITE~1\codecs\vp7vfw.dll
"VIDC.VP31"= C:\PROGRA~1\K-LITE~1\codecs\vp31vfw.dll
"VIDC.FFDS"= C:\PROGRA~1\K-LITE~1\ffdshow\ff_vfw.dll
"msacm.ac3acm"= C:\PROGRA~1\K-LITE~1\codecs\ac3acm.acm
"msacm.l3fhg"= C:\PROGRA~1\K-LITE~1\codecs\l3codecp.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\StubInstaller.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

R2 avg8wd;AVG Free8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-10-22 231704]
R3 S3GIGP;S3GIGP;C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys [2006-05-22 808448]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [ ]
S2 avg8emc;AVG Free8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [ ]
S2 AvgTdiX;AVG Free8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [ ]
S3 SetupNTGLM7X;SetupNTGLM7X;D:\NTGLM7X.sys [ ]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
.
Contenu du dossier 'Tâches planifiées'

2008-10-11 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:57]
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-LDM - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
HKLM-Run-AVG8_TRAY - C:\PROGRA~1\AVG\AVG8\avgtray.exe
Notify-ckpNotify - (no file)


.
------- Examen supplémentaire -------
.
R0 -: HKCU-Main,Start Page = hxxp://www.google.com
R0 -: HKLM-Main,Start Page = hxxp://www.google.com
R1 -: HKCU-Internet Connection Wizard,ShellNext = iexplore
R1 -: HKCU-Internet Settings,ProxyOverride = localhost;*.local
O8 -: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O18 -: Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O16 -: Microsoft XML Parser for Java - file://C:\WINDOWS\Java\classes\xmldso.cab
C:\WINDOWS\Downloaded Program Files\Microsoft XML Parser for Java.osd
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-25 13:18:52
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2008-10-25 13:22:29 - La machine a redémarré [Jérôme Labadie]
ComboFix-quarantined-files.txt 2008-10-25 17:22:25

Avant-CF: 48,750,895,104 octets libres
Après-CF: 50,586,632,192 octets libres

197 --- E O F --- 2008-10-24 13:45:34

rapport combifix

ComboFix 08-10-24.02 - Jérôme Labadie 2008-10-26 12:17:01.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.587 [GMT -4:00]
Lancé depuis: C:\Documents and Settings\Jérôme Labadie\Bureau\ComboFix.exe
Commutateurs utilisés :: C:\Documents and Settings\Jérôme Labadie\Bureau\CFScript.txt
* Un nouveau point de restauration a été créé

[COLOR=RED][B]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/B][/COLOR]

FILE ::
C:\Documents and Settings\All Users\Application Data\ogepefohi.dat
C:\Documents and Settings\All Users\Application Data\tewow.sys
C:\Documents and Settings\Jérôme Labadie\Application Data\yxexomagyr.scr
C:\Program Files\Fichiers communs\evan.scr
C:\Program Files\Fichiers communs\ocedosak.ban
C:\Program Files\Fichiers communs\ynyp.dl
C:\WINDOWS\qirogoz.vbs
C:\WINDOWS\qojufy.ban
C:\WINDOWS\system32\badyjamyn.lib
C:\WINDOWS\system32\evoxi.inf
C:\WINDOWS\system32\pagubapigu._sy
C:\WINDOWS\system32\TDSSmtve.dat
C:\WINDOWS\system32\yrusy.vbs
C:\WINDOWS\system32\zado.ban
C:\WINDOWS\xucu._dl
C:\WINDOWS\yvym.reg
C:\WINDOWS\zygygycet.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\ogepefohi.dat
C:\Documents and Settings\All Users\Application Data\tewow.sys
C:\Documents and Settings\Jérôme Labadie\Application Data\yxexomagyr.scr
C:\Program Files\Fichiers communs\evan.scr
C:\Program Files\Fichiers communs\ocedosak.ban
C:\Program Files\Fichiers communs\ynyp.dl
C:\WINDOWS\qirogoz.vbs
C:\WINDOWS\qojufy.ban
C:\WINDOWS\system32\badyjamyn.lib
C:\WINDOWS\system32\evoxi.inf
C:\WINDOWS\system32\pagubapigu._sy
C:\WINDOWS\system32\TDSSmtve.dat
C:\WINDOWS\system32\yrusy.vbs
C:\WINDOWS\system32\zado.ban
C:\WINDOWS\xucu._dl
C:\WINDOWS\yvym.reg
C:\WINDOWS\zygygycet.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-09-26 au 2008-10-26 ))))))))))))))))))))))))))))))))))))
.

2008-10-24 20:54 . 2008-10-24 20:54 <REP> d-------- C:\Program Files\VS Revo Group
2008-10-24 09:05 . 2008-10-24 09:05 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-10-24 08:55 . 2008-10-15 12:35 337,408 -----c--- C:\WINDOWS\system32\dllcache\netapi32.dll
2008-10-22 15:06 . 2008-10-25 12:26 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-22 15:06 . 2008-10-22 15:06 <REP> d-------- C:\Documents and Settings\Jérôme Labadie\Application Data\Malwarebytes
2008-10-22 15:06 . 2008-10-22 15:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-10-22 15:06 . 2008-10-22 16:10 38,496 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-10-22 15:06 . 2008-10-22 16:10 15,504 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-10-22 14:57 . 2008-10-22 14:57 <REP> d-------- C:\Program Files\Trend Micro
2008-10-22 12:23 . 2008-10-23 23:25 <REP> d--h----- C:\$AVG8.VAULT$
2008-10-22 12:04 . 2008-10-22 12:04 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
2008-10-22 12:03 . 2008-10-22 12:03 <REP> d-------- C:\Program Files\AVG
2008-10-22 12:03 . 2008-10-24 21:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\avg8
2008-10-15 00:35 . 2008-08-14 09:23 2,191,232 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-10-15 00:35 . 2008-08-14 09:23 2,147,328 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-10-15 00:35 . 2008-08-14 09:23 2,068,096 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-10-15 00:35 . 2008-08-14 09:23 2,025,984 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-10-15 00:35 . 2008-09-15 11:26 1,846,528 -----c--- C:\WINDOWS\system32\dllcache\win32k.sys
2008-10-15 00:35 . 2008-09-08 06:41 333,824 -----c--- C:\WINDOWS\system32\dllcache\srv.sys
2008-10-01 21:35 . 2008-10-23 14:57 <REP> d-------- C:\Documents and Settings\LocalService\Application Data\SACore

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-15 19:12 --------- d-----w C:\Documents and Settings\Jérôme Labadie\Application Data\LimeWire
2008-10-02 16:51 --------- d-----w C:\Program Files\PokerStars
2008-09-20 05:58 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-09-18 15:17 --------- d-----w C:\Program Files\LimeWire
2008-09-16 03:01 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-09-16 02:55 --------- d-----w C:\Documents and Settings\Jérôme Labadie\Application Data\AdobeUM
2008-09-15 15:26 1,846,528 ----a-w C:\WINDOWS\system32\win32k.sys
2008-09-08 10:41 333,824 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-08-26 08:11 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-08-14 13:23 2,191,232 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 13:23 2,068,096 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-08-06 14:32 499,712 ----a-w C:\WINDOWS\system32\msvcp71.dll
2008-08-06 14:32 348,160 ----a-w C:\WINDOWS\system32\msvcr71.dll
2007-10-16 04:19 22,616 ----a-w C:\Documents and Settings\Jérôme Labadie\Application Data\GDIPFONTCACHEV1.DAT
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-09-26 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2006-06-20 1397760]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2003-12-08 32768]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [2007-03-16 63712]
"TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\HOMERunner.exe" [2007-10-18 378792]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-08-06 185896]
"AppleSyncNotifier"="C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 116040]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-05-27 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-07-30 289064]
"VTTimer"="VTTimer.exe" [2006-04-07 C:\WINDOWS\system32\VTTimer.exe]
"S3Trayp"="S3trayp.exe" [2005-10-31 C:\WINDOWS\system32\S3Trayp.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-04-17 C:\WINDOWS\RTHDCPL.exe]
"Logitech Utility"="LOGI_MWX.EXE" [2003-12-17 C:\WINDOWS\LOGI_MWX.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-13 15360]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
KODAK Software Updater.lnk - C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe [2004-02-13 16423]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 29696]
Logiciel Kodak EasyShare.lnk - C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe [2007-06-21 282624]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe [2007-07-15 67128]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 83360]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"LockTaskbar"= 0 (0x0)
"NoStartMenuMFUprogramsList"= 1 (0x1)
"ForceClassicControlPanel"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"LockTaskbar"= 0 (0x0)
"NoStartMenuMFUprogramsList"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.3iv2"= C:\PROGRA~1\K-LITE~1\codecs\3IVXVF~1.DLL
"VIDC.VP60"= C:\PROGRA~1\K-LITE~1\codecs\vp6vfw.dll
"VIDC.VP61"= C:\PROGRA~1\K-LITE~1\codecs\vp6vfw.dll
"VIDC.VP62"= C:\PROGRA~1\K-LITE~1\codecs\vp6vfw.dll
"VIDC.VP70"= C:\PROGRA~1\K-LITE~1\codecs\vp7vfw.dll
"VIDC.VP31"= C:\PROGRA~1\K-LITE~1\codecs\vp31vfw.dll
"VIDC.FFDS"= C:\PROGRA~1\K-LITE~1\ffdshow\ff_vfw.dll
"msacm.ac3acm"= C:\PROGRA~1\K-LITE~1\codecs\ac3acm.acm
"msacm.l3fhg"= C:\PROGRA~1\K-LITE~1\codecs\l3codecp.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\StubInstaller.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\Kodak\\KODAK Software Updater\\7288971\\Program\\Kodak Software Updater.exe"=
"C:\\Program Files\\Kodak\\Kodak EasyShare software\\bin\\EasyShare.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=

R2 avg8wd;AVG Free8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-10-22 231704]
R3 S3GIGP;S3GIGP;C:\WINDOWS\system32\DRIVERS\S3gIGPm.sys [2006-05-22 808448]
S1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [ ]
S2 avg8emc;AVG Free8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [ ]
S2 AvgTdiX;AVG Free8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [ ]
S3 SetupNTGLM7X;SetupNTGLM7X;D:\NTGLM7X.sys [ ]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
.
Contenu du dossier 'Tâches planifiées'

2008-10-11 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:57]
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-26 12:18:30
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2008-10-26 12:19:40
ComboFix-quarantined-files.txt 2008-10-26 16:19:18
ComboFix2.txt 2008-10-25 17:22:30

Avant-CF: 50 530 701 312 octets libres
Après-CF: 50,521,047,040 octets libres

180 --- E O F --- 2008-10-24 13:45:34

Tu as encore des soucis ?

Pour virer AVG :
http://www.avg.com/filedir/util/av [...] emover.exe

Bon surf.