antinul.vbe

Un bonjour ?

Poste le rapport en entier.

oui excuse moi Bonjour, enfin re.
désolé de répondre si tard mais je travaillais pendant toute l'après midi.
Voilà mon rapport hijachthis:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:50:41, on 31/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\SearchInOneStep\searchin1.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Movie Maker\explorer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Navis\Bureau\bzker.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.fr/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.fr/myway
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.fr/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)
R3 - URLSearchHook: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll
R3 - URLSearchHook: (no name) - {d9c9a8c9-460d-4343-888e-ae02bcc3ce57} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {185060A5-65B5-4E2B-A5D9-0C568652F6BC} - (no file)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {22691D83-B4A5-454B-BD1B-08D712ED4425} - (no file)
O2 - BHO: (no name) - {47AE2127-E6AC-43CB-92DF-0F9593998AE2} - (no file)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {6F790782-0FC8-4DDE-BB15-4EFF77DDFEC9} - (no file)
O2 - BHO: (no name) - {73D6C42A-4B8B-4A49-A79F-A7C498ED3372} - (no file)
O2 - BHO: (no name) - {75F8A2EC-E41B-428D-90DE-8B60CFADD7E4} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll
O2 - BHO: (no name) - {B5AD7EFF-8082-4EAE-908B-9A4680475788} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {d9c9a8c9-460d-4343-888e-ae02bcc3ce57} - (no file)
O3 - Toolbar: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: (no name) - {d9c9a8c9-460d-4343-888e-ae02bcc3ce57} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [internet_explorer] C:\Program Files\Movie Maker\explorer.exe
O4 - HKCU\..\Run: [msn] C:\Program Files\Movie Maker\explorer.exe
O4 - HKCU\..\Run: [anti-virus 2007] D:\explorer.exe
O4 - HKCU\..\Run: [Mp3 player] C:\Documents and Settings\All Users\Favorites\explorer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascstubie.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O17 - HKLM\System\CCS\Services\Tcpip\..\{37E6705E-7710-4252-BD98-E7C65731FC7A}: NameServer = 81.253.149.1 80.10.246.3
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: tuvSjHYr - tuvSjHYr.dll (file missing)
O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SearchIn1Step Service - SearchInOneStep.com, Inc. - C:\Program Files\SearchIn1Step\searchin1.exe
O23 - Service: SearchInOneStep Service - SearchInOneStep.com, Inc. - C:\Program Files\SearchInOneStep\searchin1.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe (file missing)

--
End of file - 10727 bytes

Re,

[#ff0000]! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]

Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.

Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.

Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer

j'ai suivi vos instructions et voilà le rapport ComboFix :

ComboFix 08-10-30.13 - Navis 2008-10-31 20:40:48.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.653 [GMT 1:00]
Lancé depuis: C:\Documents and Settings\Navis\Bureau\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Internet Explorer\explorer.exe
.
---- Previous Run -------
.
C:\Program Files\Internet Explorer\explorer.exe
C:\Program Files\windows
C:\Program Files\windows\system\vsinit.dll
C:\Program Files\windows\system32\vsinit.dll
C:\WINDOWS\system32\aGQrAccf.ini
C:\WINDOWS\system32\aGQrAccf.ini2
C:\WINDOWS\system32\CKkjQXbc.ini
C:\WINDOWS\system32\CKkjQXbc.ini2
C:\WINDOWS\system32\GMorBcfe.ini
C:\WINDOWS\system32\GMorBcfe.ini2
C:\WINDOWS\system32\MmmSYJjl.ini
C:\WINDOWS\system32\MmmSYJjl.ini2
C:\WINDOWS\system32\MWDMUvut.ini
C:\WINDOWS\system32\MWDMUvut.ini2
C:\WINDOWS\system32\oUDMnnnn.ini
C:\WINDOWS\system32\oUDMnnnn.ini2
C:\WINDOWS\system32\winubg32.dll

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_new_drv


((((((((((((((((((((((((((((( Fichiers créés du 2008-09-28 au 2008-10-31 ))))))))))))))))))))))))))))))))))))
.

2008-10-31 20:25 . 2008-10-31 20:25 <REP> d-------- C:\WINDOWS\LastGood
2008-10-30 18:29 . 2008-10-30 18:31 <REP> d-------- C:\Program Files\EMCO MoveOnBoot
2008-10-28 19:13 . 2008-10-28 19:13 13,036 -rahs---- C:\WINDOWS\system32\antinul.vbe
2008-10-26 12:12 . 2008-10-30 20:07 <REP> d-------- C:\Documents and Settings\Navis\Application Data\skypePM
2008-10-26 12:12 . 2008-10-26 12:12 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-10-26 12:11 . 2008-10-30 21:32 <REP> d-------- C:\Documents and Settings\Navis\Application Data\Skype
2008-10-26 12:10 . 2008-10-26 12:10 <REP> d-------- C:\Program Files\Skype
2008-10-26 12:10 . 2008-10-26 12:10 <REP> d-------- C:\Program Files\Fichiers communs\Skype
2008-10-26 12:10 . 2008-10-26 12:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-10-25 11:50 . 2008-10-25 11:50 <REP> d-------- C:\Program Files\SearchIn1Step
2008-10-13 22:38 . 2008-10-30 22:46 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-10-13 22:38 . 2008-10-13 22:38 1,409 --a------ C:\WINDOWS\QTFont.for
2008-10-12 12:09 . 2008-10-12 12:09 <REP> d-------- C:\Program Files\Free Audio Pack
2008-10-12 12:09 . 2005-02-24 13:10 2,084,864 --a------ C:\WINDOWS\system32\AudDesign.dll
2008-10-12 12:09 . 2005-03-11 18:37 1,986,560 --a------ C:\WINDOWS\system32\AudFile.dll
2008-10-12 12:09 . 2005-02-24 13:11 1,212,416 --a------ C:\WINDOWS\system32\AudioInfos.dll
2008-10-12 12:09 . 2005-02-24 13:11 479,232 --a------ C:\WINDOWS\system32\AudioVisu.dll
2008-10-12 12:09 . 2005-02-24 16:21 458,752 --a------ C:\WINDOWS\system32\AudPlayer.dll
2008-10-12 12:09 . 2005-03-10 17:00 454,656 --a------ C:\WINDOWS\system32\AudioRecord.dll
2008-10-12 12:09 . 2005-02-24 13:10 417,792 --a------ C:\WINDOWS\system32\AudDisplay.dll
2008-10-12 12:09 . 2005-02-24 12:51 348,160 --a------ C:\WINDOWS\system32\WMAFile.dll
2008-10-12 12:09 . 2003-08-07 16:01 237,568 --a------ C:\WINDOWS\system32\lame_enc.dll
2008-10-12 12:09 . 2005-01-10 13:54 116,296 --a------ C:\WINDOWS\system32\NCTWMAProfiles.prx
2008-10-12 12:03 . 2008-10-14 16:53 <REP> d-------- C:\Program Files\SearchInOneStep
2008-09-18 19:40 . 2008-10-30 21:58 <REP> d-------- C:\Documents and Settings\Navis\Application Data\foobar2000
2008-09-18 19:39 . 2008-09-18 19:40 <REP> d-------- C:\Program Files\foobar2000

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-31 11:41 --------- d-----w C:\Program Files\eMule
2008-10-31 10:18 --------- d-----w C:\Program Files\WinamaxPoker
2008-10-30 20:08 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-10-29 19:03 43,356,421 ----a-w C:\WINDOWS\Internet Logs\tvDebug.zip
2008-10-28 20:19 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-10-14 08:46 --------- d-----w C:\Program Files\Java
2008-10-12 10:49 5,852 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2008-10-09 20:44 --------- d-----w C:\Documents and Settings\Navis\Application Data\OpenOffice.org2
2008-08-29 11:24 --------- d-----w C:\Program Files\Ludiclub
2008-07-13 08:53 25,600 ----a-w C:\WINDOWS\system32\vtUmJcDv.dll
2008-07-13 08:53 25,600 ----a-w C:\WINDOWS\system32\ssqRkLdB.dll
2008-07-13 08:53 25,600 ----a-w C:\WINDOWS\system32\geBtSIcC.dll
2008-07-13 08:53 25,600 ----a-w C:\WINDOWS\system32\geBrrQiJ.dll
2008-07-13 08:53 25,600 ----a-w C:\WINDOWS\system32\efcBtrpm.dll
2006-10-28 11:05 119 -c--a-w C:\Program Files\satsukidecodersettings.ini
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15360]
"TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\HOMERunner.exe" [2008-05-06 202088]
"internet_explorer"="C:\Program Files\Movie Maker\explorer.exe" [2008-10-10 77824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-12-14 7323648]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-06-17 139264]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 413696]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"SpeedTouch USB Diagnostics"="C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" [2001-03-23 995328]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"Corel Photo Downloader"="C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe" [2006-02-09 106496]
"BigDogPath"="C:\WINDOWS\VM_STI.EXE" [2004-06-09 40960]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-22 C:\WINDOWS\stsystra.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.VP40"= vp4vfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\WINDOWS\\system32\\dplaysvr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\AlertInfo\\AlertInfo.exe"=
"C:\\WINDOWS\\system32\\winver.exe"=

R0 d346bus;d346bus;C:\WINDOWS\system32\DRIVERS\d346bus.sys [2004-03-12 156800]
R0 d346prt;d346prt;C:\WINDOWS\system32\Drivers\d346prt.sys [2004-03-12 5248]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 SearchInOneStep Service;SearchInOneStep Service;C:\Program Files\SearchInOneStep\searchin1.exe C:\Program Files\SearchInOneStep\searchin1.dll Service [ ]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2005-09-05 44160]
S2 ADSLAutoconnect;ADSLAutoconnect;C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe [2007-03-17 446464]
S2 FILESpy;FILESpy;C:\Program Files\Softwin\BitDefender9\filespy.sys [ ]
S2 SearchIn1Step Service;SearchIn1Step Service;C:\Program Files\SearchIn1Step\searchin1.exe C:\Program Files\SearchIn1Step\searchin1.dll Service [ ]
S3 ids00026;ids00026;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00026.sys [ ]
S3 klstm;klstm;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\klstm.sys [ ]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3f7b3873-6dc0-11db-ac3a-0090d03f028a}]
\Shell\AutoRun\command - E:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{428bdb67-c2d1-11dc-adbb-0090d03f028a}]
\Shell\AutoRun\command - G:\InstallTomTomHOME.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{91618563-bd37-11db-acac-0090d03f028a}]
\Shell\AutoRun\command - F:\autorun.exe
.
Contenu du dossier 'Tâches planifiées'

2008-10-29 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 13:57]

2008-10-31 C:\WINDOWS\Tasks\Maintenance en 1 clic.job
- C:\Program Files\TuneUp Utilities 2004\SystemOptimizer.exe [2004-12-10 16:26]

2006-06-02 C:\WINDOWS\Tasks\Rappel d'abonnement 1 auprès de l'ISP.job
- C:\WINDOWS\system32\OOBE\oobebaln.exe [2004-08-05 12:00]

2008-10-31 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2006-09-27 17:39]
.
- - - - ORPHELINS SUPPRIMES - - - -

URLSearchHooks-{d9c9a8c9-460d-4343-888e-ae02bcc3ce57} - (no file)
BHO-{22691D83-B4A5-454B-BD1B-08D712ED4425} - (no file)
BHO-{47AE2127-E6AC-43CB-92DF-0F9593998AE2} - (no file)
BHO-{6F790782-0FC8-4DDE-BB15-4EFF77DDFEC9} - (no file)
BHO-{73D6C42A-4B8B-4A49-A79F-A7C498ED3372} - (no file)
BHO-{75F8A2EC-E41B-428D-90DE-8B60CFADD7E4} - (no file)
BHO-{B5AD7EFF-8082-4EAE-908B-9A4680475788} - (no file)
BHO-{d9c9a8c9-460d-4343-888e-ae02bcc3ce57} - (no file)
Toolbar-{d9c9a8c9-460d-4343-888e-ae02bcc3ce57} - (no file)
WebBrowser-{D9C9A8C9-460D-4343-888E-AE02BCC3CE57} - (no file)
HKCU-Run-anti-virus 2007 - D:\explorer.exe
HKCU-Run-Mp3 player - C:\Documents and Settings\All Users\Favorites\explorer.exe
Notify-tuvSjHYr - tuvSjHYr.dll


.
------- Examen supplémentaire -------
.
FireFox -: Profile - C:\Documents and Settings\Navis\Application Data\Mozilla\Firefox\Profiles\4f0ba18a.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - about:blank
FF -: plugin - C:\Program Files\Adobe\Acrobat 5.0\Reader\browser\nppdf32.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npqtplugin8.dll
FF -: plugin - C:\Program Files\QuickTime\Plugins\npqtplugin8.dll
FF -: plugin - C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-31 20:41:56
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...


**************************************************************************
.
Heure de fin: 2008-10-31 20:42:40
ComboFix-quarantined-files.txt 2008-10-31 19:42:37

Avant-CF: 30,899,777,536 octets libres
Après-CF: 30,888,116,224 octets libres

182 --- E O F --- 2008-07-12 09:10:00

Reposte un rapport Hijackthis.

voilà le rapport hijack :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:44:01, on 01/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Movie Maker\explorer.exe
C:\Program Files\SearchInOneStep\searchin1.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\SearchInOneStep\searchin1.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Satsuki Decoder Pack\mpc\mplayerc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Navis\Bureau\bzker.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.fr/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)
R3 - URLSearchHook: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [internet_explorer] C:\Program Files\Movie Maker\explorer.exe
O4 - HKCU\..\Run: [msn] C:\Program Files\Movie Maker\explorer.exe
O4 - HKCU\..\Run: [anti-virus 2007] D:\explorer.exe
O4 - HKCU\..\Run: [Mp3 player] C:\Documents and Settings\All Users\Favorites\explorer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascstubie.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O17 - HKLM\System\CCS\Services\Tcpip\..\{37E6705E-7710-4252-BD98-E7C65731FC7A}: NameServer = 80.10.246.1 81.253.149.2
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SearchIn1Step Service - SearchInOneStep.com, Inc. - C:\Program Files\SearchIn1Step\searchin1.exe
O23 - Service: SearchInOneStep Service - SearchInOneStep.com, Inc. - C:\Program Files\SearchInOneStep\searchin1.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe (file missing)

--
End of file - 10044 bytes

Tu as combien d'antivirus ?

[#ff0000]! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :



Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précédemment copié.
Sauvegarde ce fichier sous le nom de "CFScript.txt" [#ff0000](les guillemets sont importantes)[/#f].

Glisse maintenant le fichier CFScript.txt dans ComboFix.exe comme dans l'image ci-dessous :


Cela va relancer ComboFix. Après redémarrage, poste le contenu du rapport (C:\combofix.txt*) accompagné d'un rapport HijackThis.
[#ff0000]NOTE : S'il n'y a pas de redémarrage, poste quand même les rapports demandés.[/#f]
* le nom de la partition peut changer

je n'ai qu'un anitvirus : avats.

j'ai suivi vos instructions, voilà le rapport Combofix :

ComboFix 08-10-31.02 - Navis 2008-11-01 15:14:53.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.677 [GMT 1:00]
Lancé depuis: C:\Documents and Settings\Navis\Bureau\ComboFix.exe
Commutateurs utilisés :: C:\Documents and Settings\Navis\Bureau\CFScript.txt
* Un nouveau point de restauration a été créé

FILE ::
C:\Program Files\Movie Maker\explorer.exe
C:\WINDOWS\system32\efcBtrpm.dll
C:\WINDOWS\system32\geBrrQiJ.dll
C:\WINDOWS\system32\geBtSIcC.dll
C:\WINDOWS\system32\ssqRkLdB.dll
C:\WINDOWS\system32\vtUmJcDv.dll
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Internet Explorer\explorer.exe
C:\Program Files\Movie Maker\explorer.exe
C:\WINDOWS\system32\antinul.vbe

.
((((((((((((((((((((((((((((( Fichiers créés du 2008-10-01 au 2008-11-01 ))))))))))))))))))))))))))))))))))))
.

2008-10-31 21:09 . 2008-11-01 00:48 <REP> d-------- C:\WINDOWS\system32\CatRoot_bak
2008-10-30 18:29 . 2008-10-30 18:31 <REP> d-------- C:\Program Files\EMCO MoveOnBoot
2008-10-26 12:12 . 2008-10-30 20:07 <REP> d-------- C:\Documents and Settings\Navis\Application Data\skypePM
2008-10-26 12:12 . 2008-10-26 12:12 56 --ah----- C:\WINDOWS\system32\ezsidmv.dat
2008-10-26 12:11 . 2008-10-30 21:32 <REP> d-------- C:\Documents and Settings\Navis\Application Data\Skype
2008-10-26 12:10 . 2008-10-26 12:10 <REP> d-------- C:\Program Files\Skype
2008-10-26 12:10 . 2008-10-26 12:10 <REP> d-------- C:\Program Files\Fichiers communs\Skype
2008-10-26 12:10 . 2008-10-26 12:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-10-25 11:50 . 2008-10-25 11:50 <REP> d-------- C:\Program Files\SearchIn1Step
2008-10-13 22:38 . 2008-11-01 14:35 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-10-13 22:38 . 2008-10-13 22:38 1,409 --a------ C:\WINDOWS\QTFont.for
2008-10-12 12:09 . 2008-10-12 12:09 <REP> d-------- C:\Program Files\Free Audio Pack
2008-10-12 12:09 . 2005-02-24 13:10 2,084,864 --a------ C:\WINDOWS\system32\AudDesign.dll
2008-10-12 12:09 . 2005-03-11 18:37 1,986,560 --a------ C:\WINDOWS\system32\AudFile.dll
2008-10-12 12:09 . 2005-02-24 13:11 1,212,416 --a------ C:\WINDOWS\system32\AudioInfos.dll
2008-10-12 12:09 . 2005-02-24 13:11 479,232 --a------ C:\WINDOWS\system32\AudioVisu.dll
2008-10-12 12:09 . 2005-02-24 16:21 458,752 --a------ C:\WINDOWS\system32\AudPlayer.dll
2008-10-12 12:09 . 2005-03-10 17:00 454,656 --a------ C:\WINDOWS\system32\AudioRecord.dll
2008-10-12 12:09 . 2005-02-24 13:10 417,792 --a------ C:\WINDOWS\system32\AudDisplay.dll
2008-10-12 12:09 . 2005-02-24 12:51 348,160 --a------ C:\WINDOWS\system32\WMAFile.dll
2008-10-12 12:09 . 2003-08-07 16:01 237,568 --a------ C:\WINDOWS\system32\lame_enc.dll
2008-10-12 12:09 . 2005-01-10 13:54 116,296 --a------ C:\WINDOWS\system32\NCTWMAProfiles.prx
2008-10-12 12:03 . 2008-10-14 16:53 <REP> d-------- C:\Program Files\SearchInOneStep

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-01 13:00 --------- d-----w C:\Program Files\WinamaxPoker
2008-10-31 22:43 --------- d-----w C:\Program Files\eMule
2008-10-30 20:58 --------- d-----w C:\Documents and Settings\Navis\Application Data\foobar2000
2008-10-30 20:08 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-10-28 20:19 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-10-14 08:46 --------- d-----w C:\Program Files\Java
2008-10-09 20:44 --------- d-----w C:\Documents and Settings\Navis\Application Data\OpenOffice.org2
2008-09-18 18:40 --------- d-----w C:\Program Files\foobar2000
2006-10-28 11:05 119 -c--a-w C:\Program Files\satsukidecodersettings.ini
.

((((((((((((((((((((((((((((( snapshot@2008-10-31_20.42.19.90 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-10-28 11:00:41 10,213,404 ----a-w C:\WINDOWS\system32\ZoneLabs\spyware.dat
+ 2008-11-01 11:00:56 10,244,586 ----a-w C:\WINDOWS\system32\ZoneLabs\spyware.dat
+ 2008-11-01 14:18:37 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_70c.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15360]
"TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\HOMERunner.exe" [2008-05-06 202088]
"anti-virus 2007"="D:\explorer.exe" [BU]
"Mp3 player"="C:\Documents and Settings\All Users\Favorites\explorer.exe" [BU]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-12-14 7323648]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-06-17 139264]
"DMXLauncher"="C:\Program Files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 413696]
"DLA"="C:\WINDOWS\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"SpeedTouch USB Diagnostics"="C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" [2001-03-23 995328]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
"Corel Photo Downloader"="C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe" [2006-02-09 106496]
"BigDogPath"="C:\WINDOWS\VM_STI.EXE" [2004-06-09 40960]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-22 C:\WINDOWS\stsystra.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.VP40"= vp4vfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\WINDOWS\\system32\\dplaysvr.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\AlertInfo\\AlertInfo.exe"=
"C:\\WINDOWS\\system32\\winver.exe"=

R0 d346bus;d346bus;C:\WINDOWS\system32\DRIVERS\d346bus.sys [2004-03-12 156800]
R0 d346prt;d346prt;C:\WINDOWS\system32\Drivers\d346prt.sys [2004-03-12 5248]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R2 ADSLAutoconnect;ADSLAutoconnect;C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe [2007-03-17 446464]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 SearchInOneStep Service;SearchInOneStep Service;C:\Program Files\SearchInOneStep\searchin1.exe C:\Program Files\SearchInOneStep\searchin1.dll Service [ ]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2005-09-05 44160]
S2 FILESpy;FILESpy;C:\Program Files\Softwin\BitDefender9\filespy.sys [ ]
S2 SearchIn1Step Service;SearchIn1Step Service;C:\Program Files\SearchIn1Step\searchin1.exe C:\Program Files\SearchIn1Step\searchin1.dll Service [ ]
S3 ids00026;ids00026;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00026.sys [ ]
S3 klstm;klstm;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\klstm.sys [ ]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3f7b3873-6dc0-11db-ac3a-0090d03f028a}]
\Shell\AutoRun\command - E:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{428bdb67-c2d1-11dc-adbb-0090d03f028a}]
\Shell\AutoRun\command - G:\InstallTomTomHOME.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{91618563-bd37-11db-acac-0090d03f028a}]
\Shell\AutoRun\command - F:\autorun.exe
.
Contenu du dossier 'Tâches planifiées'

2008-10-29 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 13:57]

2008-10-31 C:\WINDOWS\Tasks\Maintenance en 1 clic.job
- C:\Program Files\TuneUp Utilities 2004\SystemOptimizer.exe [2004-12-10 16:26]

2006-06-02 C:\WINDOWS\Tasks\Rappel d'abonnement 1 auprès de l'ISP.job
- C:\WINDOWS\system32\OOBE\oobebaln.exe [2004-08-05 12:00]

2008-11-01 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE [2006-09-27 17:39]
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-01 15:19:07
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\SearchInOneStep\searchin1.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\SearchInOneStep\searchin1.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
.
**************************************************************************
.
Heure de fin: 2008-11-01 15:26:19 - La machine a redémarré
ComboFix-quarantined-files.txt 2008-11-01 14:26:15
ComboFix2.txt 2008-10-31 19:42:41

Avant-CF: 28 366 999 552 octets libres
Après-CF: 28,353,855,488 octets libres

161 --- E O F --- 2008-07-12 09:10:00


et voilà le rapport hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:31:08, on 01/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\SearchInOneStep\searchin1.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\SearchInOneStep\searchin1.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\WINDOWS\VM_STI.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Navis\Bureau\bzker.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.fr/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {4D25F926-B9FE-4682-BF72-8AB8210D6D75} - (no file)
R3 - URLSearchHook: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [anti-virus 2007] D:\explorer.exe
O4 - HKCU\..\Run: [Mp3 player] C:\Documents and Settings\All Users\Favorites\explorer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascstubie.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O17 - HKLM\System\CCS\Services\Tcpip\..\{37E6705E-7710-4252-BD98-E7C65731FC7A}: NameServer = 81.253.149.9 80.10.246.132
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SearchIn1Step Service - SearchInOneStep.com, Inc. - C:\Program Files\SearchIn1Step\searchin1.exe
O23 - Service: SearchInOneStep Service - SearchInOneStep.com, Inc. - C:\Program Files\SearchInOneStep\searchin1.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe (file missing)

--
End of file - 9457 bytes

Re,

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".

Afin de lancer la recherche, clic sur"Rechercher".

Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

AIDE : Tuto en images sur MBAM

bonjour,
désolé de répondre si tard mais j'ai été pas mal occupé en ce moment. J'ai effectué un examen complet avec MalwareByte's Anti-malware, il a supprimé des infections et voilà le rapport :

Malwarebytes' Anti-Malware 1.30
Version de la base de données: 1368
Windows 5.1.2600 Service Pack 2

05/11/2008 17:53:31
mbam-log-2008-11-05 (17-53-31).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 127076
Temps écoulé: 48 minute(s), 14 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 5

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{4d25f926-b9fe-4682-bf72-8ab8210d6d75} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1089\A0427966.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1089\A0427967.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1089\A0427968.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1089\A0427969.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{EA39A09C-50BA-4996-869B-915C83FE3B53}\RP1089\A0427970.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

Reposte un rapport Hijackthis.

Voilà le rapport hijack this :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:35:16, on 05/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\SearchInOneStep\searchin1.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\WINDOWS\VM_STI.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\SearchInOneStep\searchin1.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Navis\Bureau\bzker.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.fr/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKCU\..\Run: [anti-virus 2007] D:\explorer.exe
O4 - HKCU\..\Run: [Mp3 player] C:\Documents and Settings\All Users\Favorites\explorer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascstubie.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O17 - HKLM\System\CCS\Services\Tcpip\..\{37E6705E-7710-4252-BD98-E7C65731FC7A}: NameServer = 80.10.246.1 81.253.149.2
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SearchIn1Step Service - SearchInOneStep.com, Inc. - C:\Program Files\SearchIn1Step\searchin1.exe
O23 - Service: SearchInOneStep Service - SearchInOneStep.com, Inc. - C:\Program Files\SearchInOneStep\searchin1.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe (file missing)

--
End of file - 9601 bytes

Re,

[#ff0000]! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :



Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précédemment copié.
Sauvegarde ce fichier sous le nom de "CFScript.txt" [#ff0000](les guillemets sont importantes)[/#f].

Glisse maintenant le fichier CFScript.txt dans ComboFix.exe comme dans l'image ci-dessous :


Cela va relancer ComboFix. Après redémarrage, poste le contenu du rapport (C:\combofix.txt*) accompagné d'un rapport HijackThis.
[#ff0000]NOTE : S'il n'y a pas de redémarrage, poste quand même les rapports demandés.[/#f]
* le nom de la partition peut changer

Re,
j'ai suivi les instructions et voilà le rapport combofix :

ComboFix 08-11-05.02 - Navis 2008-11-06 19:11:01.4 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.634 [GMT 1:00]
Lancé depuis: c:\documents and settings\Navis\Bureau\ComboFix.exe
Commutateurs utilisés :: c:\documents and settings\Navis\Bureau\CFScript.txt
* Un nouveau point de restauration a été créé

FILE ::
c:\documents and settings\All Users\Favorites\explorer.exe
D:\explorer.exe
.

((((((((((((((((((((((((((((( Fichiers créés du 2008-10-06 au 2008-11-06 ))))))))))))))))))))))))))))))))))))
.

2008-11-05 16:59 . 2008-11-05 16:59 <REP> d-------- c:\program files\Malwarebytes' Anti-Malware
2008-11-05 16:59 . 2008-11-05 16:59 <REP> d-------- c:\documents and settings\Navis\Application Data\Malwarebytes
2008-11-05 16:59 . 2008-11-05 16:59 <REP> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-05 16:59 . 2008-10-22 16:10 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2008-11-05 16:59 . 2008-10-22 16:10 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2008-10-31 21:09 . 2008-11-01 00:48 <REP> d-------- c:\windows\system32\CatRoot_bak
2008-10-31 20:26 . 2008-05-01 15:31 331,776 --------- c:\windows\system32\dllcache\msadce.dll
2008-10-30 18:29 . 2008-10-30 18:31 <REP> d-------- c:\program files\EMCO MoveOnBoot
2008-10-26 12:12 . 2008-10-30 20:07 <REP> d-------- c:\documents and settings\Navis\Application Data\skypePM
2008-10-26 12:12 . 2008-10-26 12:12 56 --ah----- c:\windows\system32\ezsidmv.dat
2008-10-26 12:11 . 2008-10-30 21:32 <REP> d-------- c:\documents and settings\Navis\Application Data\Skype
2008-10-26 12:10 . 2008-10-26 12:10 <REP> d-------- c:\program files\Skype
2008-10-26 12:10 . 2008-10-26 12:10 <REP> d-------- c:\program files\Fichiers communs\Skype
2008-10-26 12:10 . 2008-10-26 12:10 <REP> d-------- c:\documents and settings\All Users\Application Data\Skype
2008-10-25 11:50 . 2008-10-25 11:50 <REP> d-------- c:\program files\SearchIn1Step
2008-10-13 22:38 . 2008-11-04 00:58 54,156 --ah----- c:\windows\QTFont.qfn
2008-10-13 22:38 . 2008-10-13 22:38 1,409 --a------ c:\windows\QTFont.for
2008-10-12 12:09 . 2008-10-12 12:09 <REP> d-------- c:\program files\Free Audio Pack
2008-10-12 12:09 . 2005-02-24 13:10 2,084,864 --a------ c:\windows\system32\AudDesign.dll
2008-10-12 12:09 . 2005-03-11 18:37 1,986,560 --a------ c:\windows\system32\AudFile.dll
2008-10-12 12:09 . 2005-02-24 13:11 1,212,416 --a------ c:\windows\system32\AudioInfos.dll
2008-10-12 12:09 . 2005-02-24 13:11 479,232 --a------ c:\windows\system32\AudioVisu.dll
2008-10-12 12:09 . 2005-02-24 16:21 458,752 --a------ c:\windows\system32\AudPlayer.dll
2008-10-12 12:09 . 2005-03-10 17:00 454,656 --a------ c:\windows\system32\AudioRecord.dll
2008-10-12 12:09 . 2005-02-24 13:10 417,792 --a------ c:\windows\system32\AudDisplay.dll
2008-10-12 12:09 . 2005-02-24 12:51 348,160 --a------ c:\windows\system32\WMAFile.dll
2008-10-12 12:09 . 2003-08-07 16:01 237,568 --a------ c:\windows\system32\lame_enc.dll
2008-10-12 12:09 . 2005-01-10 13:54 116,296 --a------ c:\windows\system32\NCTWMAProfiles.prx
2008-10-12 12:03 . 2008-10-14 16:53 <REP> d-------- c:\program files\SearchInOneStep

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-11-06 07:53 --------- d-----w c:\program files\eMule
2008-11-05 18:30 --------- d-----w c:\program files\WinamaxPoker
2008-11-01 15:10 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2008-10-30 20:58 --------- d-----w c:\documents and settings\Navis\Application Data\foobar2000
2008-10-30 20:08 --------- d-----w c:\program files\Mozilla Thunderbird
2008-10-29 19:03 43,356,421 ----a-w c:\windows\Internet Logs\tvDebug.zip
2008-10-28 20:19 --------- d-----w c:\program files\Fichiers communs\Adobe
2008-10-15 16:59 332,800 ------w c:\windows\system32\dllcache\netapi32.dll
2008-10-14 08:46 --------- d-----w c:\program files\Java
2008-10-12 10:49 5,852 --sha-w c:\windows\system32\KGyGaAvL.sys
2008-10-09 20:44 --------- d-----w c:\documents and settings\Navis\Application Data\OpenOffice.org2
2008-09-18 18:40 --------- d-----w c:\program files\foobar2000
2008-09-15 15:39 1,846,144 ----a-w c:\windows\system32\win32k.sys
2008-09-15 15:39 1,846,144 ------w c:\windows\system32\dllcache\win32k.sys
2008-08-28 10:04 333,056 ------w c:\windows\system32\dllcache\srv.sys
2008-08-19 09:38 18,432 ------w c:\windows\system32\dllcache\iedw.exe
2008-08-14 13:39 2,188,032 ------w c:\windows\system32\dllcache\ntoskrnl.exe
2008-08-14 13:39 2,144,768 ----a-w c:\windows\system32\ntoskrnl.exe
2008-08-14 13:39 2,144,768 ------w c:\windows\system32\dllcache\ntkrnlmp.exe
2008-08-14 13:39 2,065,024 ------w c:\windows\system32\dllcache\ntkrnlpa.exe
2008-08-14 13:39 2,022,912 ----a-w c:\windows\system32\ntkrnlpa.exe
2008-08-14 13:39 2,022,912 ------w c:\windows\system32\dllcache\ntkrpamp.exe
2008-08-14 09:51 138,368 ------w c:\windows\system32\dllcache\afd.sys
2006-10-28 11:05 119 -c--a-w c:\program files\satsukidecodersettings.ini
.

((((((((((((((((((((((((((((( snapshot@2008-10-31_20.42.19.90 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-07-07 20:18:27 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP2QFE\es.dll
+ 2008-07-07 20:28:20 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3GDR\es.dll
+ 2008-07-07 20:24:11 253,952 ----a-w c:\windows\$hf_mig$\KB950974\SP3QFE\es.dll
+ 2007-11-30 12:39:29 18,296 ----a-w c:\windows\$hf_mig$\KB950974\spmsg.dll
+ 2007-11-30 12:39:29 234,872 ----a-w c:\windows\$hf_mig$\KB950974\spuninst.exe
+ 2007-11-30 12:39:29 26,488 ----a-w c:\windows\$hf_mig$\KB950974\update\spcustom.dll
+ 2007-11-30 12:39:26 767,352 ----a-w c:\windows\$hf_mig$\KB950974\update\update.exe
+ 2007-11-30 12:39:29 406,392 ----a-w c:\windows\$hf_mig$\KB950974\update\updspapi.dll
+ 2008-07-14 11:03:00 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
+ 2008-07-11 12:42:28 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
+ 2008-07-11 12:51:51 62,976 ----a-w c:\windows\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB951072-v2\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB951072-v2\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB951072-v2\update\updspapi.dll
+ 2008-06-24 16:30:27 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP2QFE\mscms.dll
+ 2008-06-24 16:44:02 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3GDR\mscms.dll
+ 2008-06-24 16:53:52 74,240 ----a-w c:\windows\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB952954\update\updspapi.dll
+ 2008-08-20 05:10:12 3,088,896 ----a-w c:\windows\$hf_mig$\KB956390\SP3GDR\mshtml.dll
+ 2008-08-20 05:10:11 1,499,648 ----a-w c:\windows\$hf_mig$\KB956390\SP3GDR\shdocvw.dll
+ 2008-08-20 05:10:11 620,544 ----a-w c:\windows\$hf_mig$\KB956390\SP3GDR\urlmon.dll
+ 2008-08-20 05:10:11 670,208 ----a-w c:\windows\$hf_mig$\KB956390\SP3GDR\wininet.dll
+ 2008-08-20 05:07:31 3,088,896 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\mshtml.dll
+ 2008-08-20 05:07:27 1,499,648 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\shdocvw.dll
+ 2008-08-20 05:07:28 621,056 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\urlmon.dll
+ 2008-08-20 05:07:28 670,720 ----a-w c:\windows\$hf_mig$\KB956390\SP3QFE\wininet.dll
+ 2007-11-30 11:19:06 18,296 ----a-w c:\windows\$hf_mig$\KB956390\spmsg.dll
+ 2007-11-30 11:19:06 234,872 ----a-w c:\windows\$hf_mig$\KB956390\spuninst.exe
+ 2007-11-30 11:19:06 26,488 ----a-w c:\windows\$hf_mig$\KB956390\update\spcustom.dll
+ 2007-11-30 12:39:29 767,352 ----a-w c:\windows\$hf_mig$\KB956390\update\update.exe
+ 2007-11-30 12:39:31 406,392 ----a-w c:\windows\$hf_mig$\KB956390\update\updspapi.dll
- 2007-09-27 18:02:31 248,632 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2008-11-01 15:06:23 250,928 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
- 2007-09-27 18:02:31 781,104 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2008-11-01 15:03:29 783,744 ----a-w c:\windows\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
- 2007-02-28 16:08:15 2,139,648 -c----w c:\windows\Driver Cache\i386\ntkrnlmp.exe
+ 2008-08-14 13:39:07 2,144,768 ------w c:\windows\Driver Cache\i386\ntkrnlmp.exe
- 2007-02-28 16:08:25 2,061,440 -c----w c:\windows\Driver Cache\i386\ntkrnlpa.exe
+ 2008-08-14 13:39:12 2,065,024 ------w c:\windows\Driver Cache\i386\ntkrnlpa.exe
- 2007-02-28 16:08:11 2,019,328 -c----w c:\windows\Driver Cache\i386\ntkrpamp.exe
+ 2008-08-14 13:39:03 2,022,912 ------w c:\windows\Driver Cache\i386\ntkrpamp.exe
- 2007-02-28 16:08:21 2,184,192 -c----w c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2008-08-14 13:39:11 2,188,032 ------w c:\windows\Driver Cache\i386\ntoskrnl.exe
+ 2006-10-26 17:49:48 1,011,488 ----a-r c:\windows\Installer\$PatchCache$\Managed\000021090100C0400000000000F01FEC\12.0.4518\MSDAIPP.DLL
+ 2006-10-26 17:49:46 970,528 ----a-r c:\windows\Installer\$PatchCache$\Managed\000021090100C0400000000000F01FEC\12.0.4518\MSONSEXT.DLL
+ 2006-10-27 14:18:36 1,658,152 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.4518\OGL.DLL
+ 2007-09-14 20:45:58 16,901,168 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6215\MSO.DLL
+ 2007-08-28 23:19:24 1,654,648 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6215\OGL.DLL
+ 2007-08-24 04:00:34 1,767,768 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6215\PPCNV.DLL
+ 2007-08-24 04:00:48 72,096 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6215\PXBCOM.EXE
+ 2006-10-27 13:00:10 576,376 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\ACACEDAO.DLL
+ 2006-10-26 19:18:12 162,616 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\ACCWIZ.DLL
+ 2006-10-27 13:00:12 1,751,904 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\ACECORE.DLL
+ 2006-10-27 13:00:10 576,376 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\ACEDAO.DLL
+ 2006-10-27 13:00:06 47,976 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\ACEERR.DLL
+ 2006-10-27 13:00:08 191,360 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\ACEES.DLL
+ 2006-10-26 18:13:34 338,800 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\ACEEXCH.DLL
+ 2006-10-26 18:13:44 629,616 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\ACEEXCL.DLL
+ 2006-10-26 18:13:28 207,736 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\ACELTS.DLL
+ 2006-10-26 18:13:32 279,352 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\ACEODBC.DLL
+ 2006-10-26 18:13:08 15,160 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\ACEODDBS.DLL
+ 2006-10-26 18:13:08 15,160 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\ACEODEXL.DLL
+ 2006-10-26 18:13:08 15,160 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\ACEODPDX.DLL
+ 2006-10-26 18:13:12 15,160 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\ACEODTXT.DLL
+ 2006-10-27 13:00:06 387,960 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\ACEOLEDB.DLL
+ 2006-10-26 18:13:38 392,048 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\ACEPDE.DLL
+ 2006-10-26 18:13:30 260,976 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\ACER2X.DLL
+ 2006-10-26 18:13:32 289,648 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\ACER3X.DLL
+ 2006-10-26 18:13:20 56,120 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\ACERCLR.DLL
+ 2006-10-26 18:13:38 551,800 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\ACEREP.DLL
+ 2006-10-26 18:13:30 224,104 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\ACETXT.DLL
+ 2006-10-27 13:40:34 208,760 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\ACEWSS.DLL
+ 2006-10-26 18:13:34 371,568 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\ACEXBE.DLL
+ 2006-10-27 13:41:04 399,640 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\CDLMSO.DLL
+ 2006-10-26 17:59:24 205,616 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\CLVIEW.EXE
+ 2006-10-26 19:30:42 65,312 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\COLLIMP.DLL
+ 2006-10-26 18:12:52 189,760 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\CONTACTPICKER.DLL
+ 2006-10-26 17:48:14 439,568 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\DWDCW20.DLL
+ 2006-10-26 12:10:08 1,190,688 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\FM20.DLL
+ 2006-10-26 17:21:24 1,682,232 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\FPSRVUTL.DLL
+ 2006-10-27 13:09:36 983,376 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\FPWEC.DLL
+ 2006-10-26 18:02:12 2,526,520 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\GRAPH.EXE
+ 2006-10-26 18:12:52 173,328 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\IEAWSDC.DLL
+ 2006-10-26 18:55:38 138,024 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\IMPMAIL.DLL
+ 2006-10-27 13:10:08 1,439,032 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\INFOPATH.EXE
+ 2006-10-27 13:10:10 5,456,704 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\IPDESIGN.DLL
+ 2006-10-27 13:10:10 5,281,592 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\IPEDITOR.DLL
+ 2006-10-26 19:42:00 176,976 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\IPOLK.DLL
+ 2006-10-26 17:55:10 828,704 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MEDCAT.DLL
+ 2006-10-27 13:01:34 10,371,880 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MSACCESS.EXE
+ 2006-10-26 19:18:06 66,880 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MSAEXP30.DLL
+ 2006-10-26 11:58:14 117,552 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MSCONV97.DLL
+ 2006-10-27 12:59:06 161,080 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MSOCF.DLL
+ 2006-10-26 17:48:12 14,664 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MSOCFU.DLL
+ 2006-10-26 18:12:58 428,816 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MSODCW.DLL
+ 2006-10-26 19:13:36 26,936 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MSOEURO.DLL
+ 2006-10-26 18:00:08 6,635,320 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MSORES.DLL
+ 2006-10-26 11:56:36 436,520 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MSORUN.DLL
+ 2006-10-26 17:50:04 672,024 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MSQRY32.EXE
+ 2006-10-26 11:56:40 505,136 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MSSOAP30.DLL
+ 2006-10-26 17:55:12 832,800 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MSTORDB.EXE
+ 2006-10-26 17:55:06 538,904 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\MSTORES.DLL
+ 2006-10-26 18:12:30 65,824 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\NAME.DLL
+ 2006-10-27 13:14:34 14,151,456 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OART.DLL
+ 2006-10-26 18:06:54 232,816 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\ODEPLOY.EXE
+ 2006-10-26 18:14:06 7,033,152 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OFFOWC.DLL
+ 2006-10-26 18:00:08 274,744 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OIS.EXE
+ 2006-10-26 18:00:12 998,208 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OISAPP.DLL
+ 2006-10-26 18:00:10 285,008 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OISGRAPH.DLL
+ 2006-10-26 18:07:04 6,536,992 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OSETUP.DLL
+ 2006-07-26 16:53:56 459,080 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OUTLFLTR.DLL
+ 2006-10-27 13:16:36 46,864 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\OUTLRPC.DLL
+ 2006-10-26 19:30:44 482,088 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\PORTCONN.DLL
+ 2006-10-27 13:04:06 465,200 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\POWERPNT.EXE
+ 2006-10-27 13:04:06 7,980,848 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\PPCORE.DLL
+ 2007-09-27 18:02:31 248,632 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\PPTPIA.DLL
+ 2006-10-26 17:52:10 2,012,480 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\PPTVIEW.EXE
+ 2006-10-26 19:13:38 38,168 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\REFEDIT.DLL
+ 2006-10-26 19:42:12 744,808 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\REGFORM.EXE
+ 2006-10-26 18:13:00 503,624 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\SELFCERT.EXE
+ 2006-10-26 18:06:58 439,600 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\SETUP.EXE
+ 2006-10-26 19:18:16 502,608 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\SOA.DLL
+ 2006-07-28 13:21:58 277,320 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\SSGEN.DLL
+ 2006-10-27 12:57:08 2,330,968 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\STSLIST.DLL
+ 2006-09-29 22:42:56 2,583,344 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\VBE6.DLL
+ 2006-10-26 20:58:38 3,732,792 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\VVIEWER.DLL
+ 2007-09-27 18:02:31 781,104 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.4518\WORDPIA.DLL
+ 2007-09-14 20:45:58 16,901,168 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.6215\MSO.DLL
+ 2007-10-02 18:51:22 8,436,776 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.6215\OARTCONV.DLL
+ 2007-08-28 23:19:24 1,654,648 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.6215\OGL.DLL
+ 2007-08-28 22:06:16 467,840 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.6215\POWERPNT.EXE
+ 2007-08-28 22:06:44 7,990,144 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.6215\PPCORE.DLL
+ 2008-11-01 15:03:40 251,272 ----a-r c:\windows\Installer\$PatchCache$\Managed\00002109110000000000000000F01FEC\12.0.6215\PPTPIA.DLL
- 2008-07-09 15:01:33 1,165,584 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-11-01 15:10:04 1,165,584 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\accicons.exe
- 2008-07-09 15:01:34 20,240 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-11-01 15:10:04 20,240 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\cagicon.exe
- 2008-07-09 15:01:33 159,504 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe
+ 2008-11-01 15:10:04 159,504 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\inficon.exe
- 2008-07-09 15:01:34 217,864 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe
+ 2008-11-01 15:10:04 217,864 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\misc.exe
- 2008-07-09 15:01:34 18,704 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-11-01 15:10:04 18,704 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-07-09 15:01:34 35,088 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-11-01 15:10:04 35,088 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-07-09 15:01:34 845,584 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-11-01 15:10:04 845,584 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\outicon.exe
- 2008-07-09 15:01:34 922,384 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-11-01 15:10:04 922,384 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pptico.exe
- 2008-07-09 15:01:34 272,648 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-11-01 15:10:04 272,648 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\pubs.exe
- 2008-07-09 15:01:34 888,080 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-11-01 15:10:04 888,080 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-07-09 15:01:33 1,172,240 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-11-01 15:10:04 1,172,240 ----a-r c:\windows\Installer\{90120000-0011-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-05-14 15:01:09 35,600 ----a-r c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2008-11-01 15:09:07 35,600 ----a-r c:\windows\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
- 2007-09-27 17:58:44 217,864 ----a-r c:\windows\Installer\{90120000-006E-040C-0000-0000000FF1CE}\misc.exe
+ 2008-11-01 15:05:34 217,864 ----a-r c:\windows\Installer\{90120000-006E-040C-0000-0000000FF1CE}\misc.exe
- 2008-04-21 06:57:16 1,024,512 ----a-w c:\windows\system32\browseui.dll
+ 2008-08-20 05:33:47 1,024,512 ----a-w c:\windows\system32\browseui.dll
- 2008-04-21 06:57:16 152,064 ----a-w c:\windows\system32\cdfview.dll
+ 2008-08-20 05:33:44 152,064 ----a-w c:\windows\system32\cdfview.dll
- 2008-04-21 06:57:17 1,056,768 ----a-w c:\windows\system32\danim.dll
+ 2008-08-20 05:33:44 1,056,768 ----a-w c:\windows\system32\danim.dll
- 2008-04-21 06:57:16 1,024,512 ------w c:\windows\system32\dllcache\browseui.dll
+ 2008-08-20 05:33:47 1,024,512 ------w c:\windows\system32\dllcache\browseui.dll
- 2008-04-21 06:57:16 152,064 ------w c:\windows\system32\dllcache\cdfview.dll
+ 2008-08-20 05:33:44 152,064 ------w c:\windows\system32\dllcache\cdfview.dll
- 2008-04-21 06:57:17 1,056,768 ------w c:\windows\system32\dllcache\danim.dll
+ 2008-08-20 05:33:44 1,056,768 ------w c:\windows\system32\dllcache\danim.dll
- 2008-04-21 06:57:17 357,888 ------w c:\windows\system32\dllcache\dxtmsft.dll
+ 2008-08-20 05:33:45 357,888 ------w c:\windows\system32\dllcache\dxtmsft.dll
- 2008-04-21 06:57:18 205,312 ------w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-08-20 05:33:45 205,312 ------w c:\windows\system32\dllcache\dxtrans.dll
+ 2008-07-07 20:31:48 253,952 ------w c:\windows\system32\dllcache\es.dll
- 2008-04-21 06:57:18 55,808 ------w c:\windows\system32\dllcache\extmgr.dll
+ 2008-08-20 05:33:45 55,808 ------w c:\windows\system32\dllcache\extmgr.dll
- 2008-04-21 06:57:18 251,904 ------w c:\windows\system32\dllcache\iepeers.dll
+ 2008-08-20 05:33:45 251,904 ------w c:\windows\system32\dllcache\iepeers.dll
- 2007-08-21 06:17:23 683,520 ------w c:\windows\system32\dllcache\inetcomm.dll
+ 2008-04-11 18:51:06 683,520 ------w c:\windows\system32\dllcache\inetcomm.dll
- 2008-04-21 06:57:18 96,768 ------w c:\windows\system32\dllcache\inseng.dll
+ 2008-08-20 05:33:45 96,768 ------w c:\windows\system32\dllcache\inseng.dll
- 2008-04-21 06:57:18 16,384 ------w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-08-20 05:33:46 16,384 ------w c:\windows\system32\dllcache\jsproxy.dll
+ 2008-06-24 16:23:56 74,240 ------w c:\windows\system32\dllcache\mscms.dll
- 2008-04-21 06:57:22 3,087,872 ------w c:\windows\system32\dllcache\mshtml.dll
+ 2008-08-20 05:33:48 3,088,384 ------w c:\windows\system32\dllcache\mshtml.dll
- 2008-04-21 06:57:22 449,024 ------w c:\windows\system32\dllcache\mshtmled.dll
+ 2008-08-20 05:33:46 449,024 ------w c:\windows\system32\dllcache\mshtmled.dll
- 2008-04-21 06:57:23 146,432 ------w c:\windows\system32\dllcache\msrating.dll
+ 2008-08-20 05:33:45 146,432 ------w c:\windows\system32\dllcache\msrating.dll
- 2008-04-21 06:57:23 532,480 ------w c:\windows\system32\dllcache\mstime.dll
+ 2008-08-20 05:33:45 532,480 ------w c:\windows\system32\dllcache\mstime.dll
- 2008-04-21 06:57:23 39,424 ------w c:\windows\system32\dllcache\pngfilt.dll
+ 2008-08-20 05:33:45 39,424 ------w c:\windows\system32\dllcache\pngfilt.dll
- 2008-04-21 06:57:25 1,499,648 ------w c:\windows\system32\dllcache\shdocvw.dll
+ 2008-08-20 05:33:46 1,499,648 ------w c:\windows\system32\dllcache\shdocvw.dll
- 2008-04-21 06:57:26 474,624 ------w c:\windows\system32\dllcache\shlwapi.dll
+ 2008-08-20 05:33:46 474,624 ------w c:\windows\system32\dllcache\shlwapi.dll
- 2008-04-21 06:57:26 620,544 ------w c:\windows\system32\dllcache\urlmon.dll
+ 2008-08-20 05:33:47 621,056 ------w c:\windows\system32\dllcache\urlmon.dll
- 2008-04-21 06:57:27 670,720 ------w c:\windows\system32\dllcache\wininet.dll
+ 2008-08-20 05:33:46 671,744 ------w c:\windows\system32\dllcache\wininet.dll
- 2008-06-20 10:44:38 138,368 ----a-w c:\windows\system32\drivers\afd.sys
+ 2008-08-14 09:51:43 138,368 ----a-w c:\windows\system32\drivers\afd.sys
- 2006-08-14 10:34:41 332,928 ----a-w c:\windows\system32\drivers\srv.sys
+ 2008-08-28 10:04:17 333,056 ----a-w c:\windows\system32\drivers\srv.sys
- 2008-04-21 06:57:17 357,888 ----a-w c:\windows\system32\dxtmsft.dll
+ 2008-08-20 05:33:45 357,888 ----a-w c:\windows\system32\dxtmsft.dll
- 2008-04-21 06:57:18 205,312 ----a-w c:\windows\system32\dxtrans.dll
+ 2008-08-20 05:33:45 205,312 ----a-w c:\windows\system32\dxtrans.dll
- 2005-07-26 04:39:57 243,200 ----a-w c:\windows\system32\es.dll
+ 2008-07-07 20:31:48 253,952 ----a-w c:\windows\system32\es.dll
- 2008-04-21 06:57:18 55,808 ----a-w c:\windows\system32\extmgr.dll
+ 2008-08-20 05:33:45 55,808 ----a-w c:\windows\system32\extmgr.dll
- 2006-10-26 12:10:08 1,190,688 ----a-w c:\windows\system32\FM20.DLL
+ 2007-08-23 00:03:38 1,195,888 ----a-w c:\windows\system32\FM20.DLL
- 2008-04-09 16:00:05 298,848 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2008-11-02 21:45:57 298,848 ----a-w c:\windows\system32\FNTCACHE.DAT
- 2008-04-21 06:57:18 251,904 ----a-w c:\windows\system32\iepeers.dll
+ 2008-08-20 05:33:45 251,904 ----a-w c:\windows\system32\iepeers.dll
- 2007-08-21 06:17:23 683,520 ----a-w c:\windows\system32\inetcomm.dll
+ 2008-04-11 18:51:06 683,520 ----a-w c:\windows\system32\inetcomm.dll
- 2008-04-21 06:57:18 96,768 ----a-w c:\windows\system32\inseng.dll
+ 2008-08-20 05:33:45 96,768 ----a-w c:\windows\system32\inseng.dll
- 2008-04-21 06:57:18 16,384 ----a-w c:\windows\system32\jsproxy.dll
+ 2008-08-20 05:33:46 16,384 ----a-w c:\windows\system32\jsproxy.dll
- 2008-06-25 16:15:46 17,972,344 ----a-w c:\windows\system32\MRT.exe
+ 2008-10-07 11:19:42 16,721,856 ----a-w c:\windows\system32\MRT.exe
- 2005-06-29 01:49:41 74,240 ----a-w c:\windows\system32\mscms.dll
+ 2008-06-24 16:23:56 74,240 ----a-w c:\windows\system32\mscms.dll
- 2008-04-21 06:57:22 3,087,872 ----a-w c:\windows\system32\mshtml.dll
+ 2008-08-20 05:33:48 3,088,384 ----a-w c:\windows\system32\mshtml.dll
- 2008-04-21 06:57:22 449,024 ----a-w c:\windows\system32\mshtmled.dll
+ 2008-08-20 05:33:46 449,024 ----a-w c:\windows\system32\mshtmled.dll
- 2008-04-21 06:57:23 146,432 ----a-w c:\windows\system32\msrating.dll
+ 2008-08-20 05:33:45 146,432 ----a-w c:\windows\system32\msrating.dll
- 2008-04-21 06:57:23 532,480 ----a-w c:\windows\system32\mstime.dll
+ 2008-08-20 05:33:45 532,480 ----a-w c:\windows\system32\mstime.dll
- 2006-08-17 12:29:49 332,288 ----a-w c:\windows\system32\netapi32.dll
+ 2008-10-15 16:59:28 332,800 ----a-w c:\windows\system32\netapi32.dll
- 2008-04-21 06:57:23 39,424 ----a-w c:\windows\system32\pngfilt.dll
+ 2008-08-20 05:33:45 39,424 ----a-w c:\windows\system32\pngfilt.dll
- 2008-04-21 06:57:25 1,499,648 ----a-w c:\windows\system32\shdocvw.dll
+ 2008-08-20 05:33:46 1,499,648 ----a-w c:\windows\system32\shdocvw.dll
- 2008-04-21 06:57:26 474,624 ----a-w c:\windows\system32\shlwapi.dll
+ 2008-08-20 05:33:46 474,624 ----a-w c:\windows\system32\shlwapi.dll
- 2007-11-30 12:39:29 18,296 ------w c:\windows\system32\spmsg.dll
+ 2007-11-30 11:19:06 18,296 ------w c:\windows\system32\spmsg.dll
- 2007-11-13 11:31:11 60,416 ------w c:\windows\system32\tzchange.exe
+ 2008-07-14 11:09:18 62,976 ------w c:\windows\system32\tzchange.exe
- 2008-04-21 06:57:26 620,544 ----a-w c:\windows\system32\urlmon.dll
+ 2008-08-20 05:33:47 621,056 ----a-w c:\windows\system32\urlmon.dll
- 2008-04-21 06:57:27 670,720 ----a-w c:\windows\system32\wininet.dll
+ 2008-08-20 05:33:46 671,744 ----a-w c:\windows\system32\wininet.dll
- 2008-04-17 11:03:45 370,176 ----a-w c:\windows\system32\xpsp3res.dll
+ 2008-08-19 09:51:37 370,176 ----a-w c:\windows\system32\xpsp3res.dll
- 2008-10-28 11:00:41 10,213,404 ----a-w c:\windows\system32\ZoneLabs\spyware.dat
+ 2008-11-01 11:00:56 10,244,586 ----a-w c:\windows\system32\ZoneLabs\spyware.dat
- 2008-10-14 15:53:24 23,923,712 ----a-w c:\windows\system32\ZoneLabs\zlqrtdb.dat
+ 2008-11-04 13:32:37 23,944,192 ----a-w c:\windows\system32\ZoneLabs\zlqrtdb.dat
- 2008-10-31 19:18:56 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_714.dat
+ 2008-11-05 16:54:51 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_714.dat
+ 2007-08-22 23:18:08 96,256 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
+ 2007-08-22 23:18:08 1,101,824 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
+ 2007-08-22 23:18:08 1,093,120 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
+ 2007-08-22 23:18:08 69,632 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2007-08-22 23:18:08 57,856 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2007-08-22 23:18:08 40,960 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
+ 2007-08-22 23:18:08 45,056 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
+ 2007-08-22 23:18:08 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2007-08-22 23:18:08 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
+ 2007-08-22 23:18:08 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
+ 2007-08-22 23:18:08 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
+ 2007-08-22 23:18:08 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
+ 2007-08-22 23:18:08 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
+ 2007-08-22 23:18:08 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
+ 2008-04-15 17:56:59 1,724,416 ----a-w c:\windows\WinSxS\x86_Microsoft.Windows.GdiPlus_6595b64144ccf1df_1.0.2600.3352_x-ww_81af8e88\GdiPlus.dll
.
-- Instantané actualisé --
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2004-08-05 15360]
"TomTomHOME.exe"="c:\program files\TomTom HOME 2\HOMERunner.exe" [2008-05-06 202088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-12-14 7323648]
"SunJavaUpdateSched"="c:\program files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 144784]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2005-06-17 139264]
"DMXLauncher"="c:\program files\Dell\Media Experience\DMXLauncher.exe" [2005-10-05 94208]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-03-28 413696]
"DLA"="c:\windows\System32\DLA\DLACTRLW.EXE" [2005-09-08 122940]
"SpeedTouch USB Diagnostics"="c:\program files\Alcatel\SpeedTouch USB\Dragdiag.exe" [2001-03-23 995328]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"Corel Photo Downloader"="c:\program files\Corel\Corel Photo Album 6\MediaDetect.exe" [2006-02-09 106496]
"BigDogPath"="c:\windows\VM_STI.EXE" [2004-06-09 40960]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"SigmatelSysTrayApp"="stsystra.exe" [2005-03-22 c:\windows\stsystra.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-05 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.VP40"= vp4vfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\WINDOWS\\system32\\dplaysvr.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\AlertInfo\\AlertInfo.exe"=
"c:\\WINDOWS\\system32\\winver.exe"=

R0 d346bus;d346bus;c:\windows\system32\DRIVERS\d346bus.sys [2004-03-12 156800]
R0 d346prt;d346prt;c:\windows\system32\Drivers\d346prt.sys [2004-03-12 5248]
R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-07-19 78416]
R2 ADSLAutoconnect;ADSLAutoconnect;c:\program files\ADSL Autoconnect\ADSL Autoconnect.exe [2007-03-17 446464]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 SearchInOneStep Service;SearchInOneStep Service;c:\program files\SearchInOneStep\searchin1.exe c:\program files\SearchInOneStep\searchin1.dll Service [ ]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\bdfndisf.sys [2005-09-05 44160]
S2 FILESpy;FILESpy;c:\program files\Softwin\BitDefender9\filespy.sys [ ]
S2 SearchIn1Step Service;SearchIn1Step Service;c:\program files\SearchIn1Step\searchin1.exe c:\program files\SearchIn1Step\searchin1.dll Service [ ]
S3 ids00026;ids00026;c:\documents and settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00026.sys [ ]
S3 klstm;klstm;c:\documents and settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\klstm.sys [ ]
S3 usbscan;Pilote de scanneur USB;c:\windows\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;Pilote de stockage de masse USB;c:\windows\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3f7b3873-6dc0-11db-ac3a-0090d03f028a}]
\Shell\AutoRun\command - E:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{428bdb67-c2d1-11dc-adbb-0090d03f028a}]
\Shell\AutoRun\command - G:\InstallTomTomHOME.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{91618563-bd37-11db-acac-0090d03f028a}]
\Shell\AutoRun\command - F:\autorun.exe
.
Contenu du dossier 'Tâches planifiées'

2008-10-29 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 13:57]

2008-10-31 c:\windows\Tasks\Maintenance en 1 clic.job
- c:\program files\TuneUp Utilities 2004\SystemOptimizer.exe [2004-12-10 16:26]

2006-06-02 c:\windows\Tasks\Rappel d'abonnement 1 auprès de l'ISP.job
- c:\windows\system32\OOBE\oobebaln.exe [2004-08-05 12:00]

2008-11-06 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2006-09-27 17:39]
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-06 19:13:46
Windows 5.1.2600 Service Pack 2 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2008-11-06 19:14:35
ComboFix-quarantined-files.txt 2008-11-06 18:14:20
ComboFix2.txt 2008-11-01 14:26:20
ComboFix3.txt 2008-10-31 19:42:41

Avant-CF: 24 436 502 528 octets libres
Après-CF: 24,423,833,600 octets libres

441 --- E O F --- 2008-11-01 15:10:12


et le rapport hijachthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:18:23, on 06/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\SearchInOneStep\searchin1.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\WINDOWS\VM_STI.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\SearchInOneStep\searchin1.exe
C:\Program Files\Java\jre1.6.0_05\bin\jucheck.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Navis\Bureau\bzker.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.fr/myway
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Multi_Media toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMul1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Corel Photo Downloader] C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC 200NC PC Camera
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascstubie.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O17 - HKLM\System\CCS\Services\Tcpip\..\{37E6705E-7710-4252-BD98-E7C65731FC7A}: NameServer = 80.10.246.1 81.253.149.2
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: ADSLAutoconnect - Unknown owner - C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe (file missing)
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SearchIn1Step Service - SearchInOneStep.com, Inc. - C:\Program Files\SearchIn1Step\searchin1.exe
O23 - Service: SearchInOneStep Service - SearchInOneStep.com, Inc. - C:\Program Files\SearchInOneStep\searchin1.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2004\WinStylerThemeSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe (file missing)
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe (file missing)

--
End of file - 9268 bytes

dans l'attende de votre réponse, merci pour votre aide.

Ton pc se comporte mieux ?

Désinstalle correctement Avast! pour le remplacer par AntiVir.
Pourquoi changer ? Avast! vs AntiVir

Fais un scan complet puis poste le rapport en fin d'analyse.
AIDE : Tutorial sur l'antivirus AntiVir Personal Edition Classic