[RESOLU] Probleme Pc Infectés

Oupsss desolé, tellement preoccupé que j'avais oublié l'essentiel Bonjour  

bonjour
lis tes mp franqui  

Pas sur SX  

++++++++++++++++++++++
snoop12

relis ce tuto:
Aide :

Comment utiliser MBAM.

Quand l'outil a trouvé quelque-chose, à la fin, il faut cliquer sur "Supprimer la sélection".

puis

Télécharge DDS et sauvegarde-le sur ton bureau.

Désactive tout script bloquant, tel q'un antivirus, un logiciel comme ad-block, noscript etc.

Double-clique sur dds.scr pour lancer l'outil.

Une fois le scan fini, un document texte, DDS.txt, va s'ouvrir .

Clique Oui à la prochaine invite Optional Scan.

Sauvegarde les deux rapports sur ton bureau et poste-moi uniquement le DDS.txt.

Merci pour vos reponse, je ferai sa au plus vite et posterai le rapport DDS (DDS.txt).

Encore une petite chose, c'est quand meme etonnant que mon Kapersky pure ne ce declenche que maintenant ? non ?

Bonjour, donc comme prevu je vous post le rapport DDS , desolé du retard...


DDS (Ver_10-03-17.01) - NTFSx86
Run by PC at 16:01:50,96 on 31/08/2010
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.767.345 [GMT 2:00]

AV: Kaspersky PURE *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky PURE *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

============== Running Processes ===============

D:\WINDOWS1\system32\Ati2evxx.exe
D:\WINDOWS1\system32\svchost -k DcomLaunch
svchost.exe
D:\WINDOWS1\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
D:\WINDOWS1\system32\spoolsv.exe
D:\WINDOWS1\system32\Ati2evxx.exe
D:\WINDOWS1\Explorer.EXE
D:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
D:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
D:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe
D:\Program Files\QuickTime\qttask.exe
D:\WINDOWS1\system32\LVCOMSX.EXE
D:\Program Files\Logitech\Video\LogiTray.exe
D:\WINDOWS1\system32\rundll32.exe
D:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
D:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
D:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe
D:\Program Files\DivX\DivX Update\DivXUpdate.exe
D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
D:\WINDOWS1\system32\ctfmon.exe
D:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
svchost.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
D:\Program Files\Logitech\Video\FxSvr2.exe
D:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
D:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe
svchost.exe
D:\Program Files\Fichiers communs\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
D:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
D:\Program Files\Java\jre6\bin\jqs.exe
D:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
D:\WINDOWS1\system32\svchost.exe -k imgsvc
D:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
D:\WINDOWS1\system32\wbem\wmiapsrv.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\aMSN\bin\wish.exe
D:\WINDOWS1\system32\wscntfy.exe
D:\Documents and Settings\PC\Mes documents\Téléchargements\dds.scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://aliceadsl.fr/
uSearch Page = hxxp://www.durable.com/recherche
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.durable.com/result?cx=partner-pub-7902900401080901%...{searchTerms}
uDefault_Search_URL = hxxp://www.durable.com/recherche
mSearch Page = hxxp://www.durable.com/recherche
mStart Page = about:blank
uSearchAssistant = hxxp://www.durable.com/recherche
uSearchURL,(Default) = hxxp://www.durable.com/recherche
mSearchAssistant = hxxp://www.durable.com/recherche
uURLSearchHooks: Jeux.fr Toolbar: {ee0aa284-e014-41ce-9a4f-fc3d045fb9dd} - d:\program files\jeux.fr\tbJeux.dll
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File
{0e623544-e89d-4a55-b942-a1893e7d9765}
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - d:\program files\fichiers communs\adobe\acrobat\activex\AcroIEHelperShim.dll
{51304000-91fb-4cd4-8e6d-eabe1607c41b}
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - d:\program files\kaspersky lab\kaspersky pure\ievkbd.dll
BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File
BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - d:\program files\microsoft\search enhancement pack\search helper\SEPsearchhelperie.dll
{71de36d9-4d71-4a48-83c0-80a86491d16f}
BHO: {8419313A-122E-4A08-84E3-F0C7A35B1065} - No File
{8b1049ef-2b3d-4f93-b267-375a8a69c288}
BHO: Programme d'aide de l'Assistant de connexion Windows Live: {9030d464-4c02-4abf-8ecc-5164760863c6} - d:\program files\fichiers communs\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - d:\program files\google\googletoolbarnotifier\5.1.1309.15642\swg.dll
BHO: {CBA0F1DC-D2E7-43A8-B59B-CBBBF5E49041} - No File
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - d:\program files\java\jre6\bin\jp2ssv.dll
BHO: Windows Live Toolbar Helper: {e15a8dc0-8516-42a1-81ea-dc94ec1acf10} - d:\program files\windows live\toolbar\wltcore.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - d:\program files\kaspersky lab\kaspersky pure\klwtbbho.dll
BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - d:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
BHO: EpsonToolBandKicker Class: {e99421fb-68dd-40f0-b4ac-b7027cae2f1a} - d:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
BHO: Jeux.fr Toolbar: {ee0aa284-e014-41ce-9a4f-fc3d045fb9dd} - d:\program files\jeux.fr\tbJeux.dll
TB: EPSON Web-To-Page: {ee5d279f-081b-4404-994d-c6b60aaeba6d} - d:\program files\epson\epson web-to-page\EPSON Web-To-Page.dll
TB: &Windows Live Toolbar: {21fa44ef-376d-4d53-9b0f-8a89d3229068} - d:\program files\windows live\toolbar\wltcore.dll
TB: Jeux.fr Toolbar: {ee0aa284-e014-41ce-9a4f-fc3d045fb9dd} - d:\program files\jeux.fr\tbJeux.dll
TB: {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No File
uRun: [swg] d:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [SpybotSD TeaTimer] d:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [ctfmon.exe] d:\windows1\system32\ctfmon.exe
uRun: [EPSON Stylus DX8400 Series] d:\windows1\system32\spool\drivers\w32x86\3\e_faticee.exe /fu "d:\windows1\temp\E_S133.tmp" /EF "HKCU"
uRun: [fsm]
uRun: [LogitechSoftwareUpdate] "d:\program files\logitech\video\ManifestEngine.exe" boot
uRunOnce: [Shockwave Updater] d:\windows1\system32\adobe\shockw~1\SWHELP~2.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www7.jeux.com/jeux/jeux.php?VIDJeux=2174"
mRun: [AlcxMonitor] ALCXMNTR.EXE
mRun: [NeroFilterCheck] d:\windows1\system32\NeroCheck.exe
mRun: [CamMonitor] d:\program files\hewlett-packard\digital imaging\\unload\hpqcmon.exe
mRun: [Share-to-Web Namespace Daemon] d:\program files\hewlett-packard\hp share-to-web\hpgs2wnd.exe
mRun: [AliceSAV] d:\program files\techcity solutions\alicesav\AliceAgent.exe
mRun: [QuickTime Task] "d:\program files\quicktime\qttask.exe" -atboottime
mRun: [LVCOMSX] d:\windows1\system32\LVCOMSX.EXE
mRun: [LogitechVideoRepair] d:\program files\logitech\video\ISStart.exe
mRun: [LogitechVideoTray] d:\program files\logitech\video\LogiTray.exe
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [SunJavaUpdateSched] "d:\program files\fichiers communs\java\java update\jusched.exe"
mRun: [ISUSScheduler] "d:\program files\fichiers communs\installshield\updateservice\issch.exe" -start
mRun: [Adobe Reader Speed Launcher] "d:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "d:\program files\fichiers communs\adobe\arm\1.0\AdobeARM.exe"
mRun: [AVP] "d:\program files\kaspersky lab\kaspersky pure\avp.exe"
mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
mRun: [ArcSoft Connection Service] d:\program files\fichiers communs\arcsoft\connection service\bin\ACDaemon.exe
mRun: [DivXUpdate] "d:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
dRun: [CTFMON.EXE] d:\windows1\system32\CTFMON.EXE
dRun: [ALUAlert] d:\program files\symantec\liveupdate\ALUNotify.exe
StartupFolder: d:\docume~1\pc\menudm~1\progra~1\dmarra~1\euroba~1.lnk - d:\program files\eurobarre\eb.exe
StartupFolder: d:\docume~1\alluse~1.win\menudm~1\progra~1\dmarra~1\hppsc2~1.lnk - d:\program files\hewlett-packard\digital imaging\bin\hpobnz08.exe
StartupFolder: d:\docume~1\alluse~1.win\menudm~1\progra~1\dmarra~1\hpoddt~1.lnk - d:\program files\hewlett-packard\digital imaging\bin\hpotdd01.exe
IE: &Search - ?p=ZJxdm131YYFR
IE: Ajouter à l'Anti-bannière - d:\program files\kaspersky lab\kaspersky pure\ie_banner_deny.htm
IE: E&xporter vers Microsoft Excel - d:\progra~1\micros~3\office11\EXCEL.EXE/3000
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - d:\program files\messenger\msmsgs.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - d:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - d:\program files\kaspersky lab\kaspersky pure\klwtbbho.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - d:\progra~1\micros~3\office11\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - d:\program files\kaspersky lab\kaspersky pure\klwtbbho.dll
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - hxxp://activex.camfrogweb.com/advanced/2.0.2.23/cfweb_activex.camfrogweb.com-advanced-2.0.2.23_instmodule.exe
DPF: {596B26AA-E941-4FB5-8F91-0762447578F0} - hxxp://games.bigfishgames.com/fr_dream-chronicles/online/dream.1.0.0.17_fr.cab
DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - hxxp://fichiers.touslesdrivers.com/fichiers/hardwaredetection/hardwaredetection_3_1_1_0.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game02.zylom.com/activex/zylomgamesplayer.cab
DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} - hxxp://gamenextfr.oberon-media.com/Gameshell/GameHost/1.0/OberonGameHost.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Notify: AtiExtEvent - Ati2evxx.dll
Notify: klogon - d:\windows1\system32\klogon.dll
AppInit_DLLs: d:\progra~1\kasper~1\kasper~1\mzvkbd3.dll,d:\progra~1\kasper~1\kasper~1\kloehk.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - d:\windows1\system32\WPDShServiceObj.dll
LSA: Authentication Packages = msv1_0 d:\windows1\system32\xxyYPHBr

================= FIREFOX ===================

FF - ProfilePath - d:\docume~1\pc\applic~1\mozilla\firefox\profiles\e4qyij7z.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.aliceadsl.fr/
FF - plugin: d:\documents and settings\all users.windows1\application data\zylom\zylomgamesplayer\npzylomgamesplayer.dll
FF - plugin: d:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: d:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: d:\program files\google\google updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: d:\program files\google\update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: d:\program files\microsoft\office live\npOLW.dll
FF - plugin: d:\program files\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows1\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
d:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);
d:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
d:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
d:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
d:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
d:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
d:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true);
d:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true);
d:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true);
d:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
d:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
d:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true);
d:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true);
d:\program files\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true);
d:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
d:\program files\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5);
d:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.count", 24);
d:\program files\mozilla firefox\greprefs\all.js - pref("network.buffer.cache.size", 4096);
d:\program files\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 45);
d:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);
d:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
d:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);
d:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
d:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
d:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
d:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
d:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
d:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
d:\program files\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true);
d:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);
d:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
d:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
d:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
d:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
d:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);
d:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
d:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
d:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
d:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

============= SERVICES / DRIVERS ===============

R0 CSCrySec;InfoWatch Encrypt Sector Library driver;d:\windows1\system32\drivers\CSCrySec.sys [2010-5-5 88632]
R0 KLBG;Kaspersky Lab Boot Guard Driver;d:\windows1\system32\drivers\klbg.sys [2009-10-14 36880]
R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;d:\windows1\system32\drivers\CSVirtualDiskDrv.sys [2010-5-5 39352]
R1 kl1;Kl1;d:\windows1\system32\drivers\kl1.sys [2009-9-1 128016]
R1 KLIF;Kaspersky Lab Driver;d:\windows1\system32\drivers\klif.sys [2010-5-5 315408]
R2 AVP;Kaspersky PURE;d:\program files\kaspersky lab\kaspersky pure\avp.exe [2009-12-25 340456]
R2 CSObjectsSrv;Service de gestion du système CryproStorage;d:\program files\fichiers communs\infowatch\cryptostorage\ProtectedObjectsSrv.exe [2009-12-21 743992]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;d:\program files\firebird\firebird_1_5\bin\fbguard.exe -s --> d:\program files\firebird\firebird_1_5\bin\fbguard.exe -s [?]
R2 fssfltr;FssFltr;d:\windows1\system32\drivers\fssfltr_tdi.sys [2009-4-27 54752]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;d:\program files\firebird\firebird_1_5\bin\fbserver.exe -s --> d:\program files\firebird\firebird_1_5\bin\fbserver.exe -s [?]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;d:\windows1\system32\drivers\klim5.sys [2009-9-14 32272]
R3 klmouflt;Kaspersky Lab KLMOUFLT;d:\windows1\system32\drivers\klmouflt.sys [2009-10-2 19472]
S2 gupdate1c9d25074b8a846;Service Google Update (gupdate1c9d25074b8a846);d:\program files\google\update\GoogleUpdate.exe [2009-5-11 133104]
S3 APL531;OVT Scanner;d:\windows1\system32\drivers\ov550i.sys [2006-7-31 580992]
S3 Boonty Games;Boonty Games;d:\program files\fichiers communs\boonty shared\service\Boonty.exe [2007-8-12 69120]
S3 fsssvc;Service Windows Live Contrôle parental;d:\program files\windows live\family safety\fsssvc.exe [2009-8-5 704864]

=============== Created Last 30 ================

2010-08-29 08:47:19 0 d-----w- d:\docume~1\pc\applic~1\Malwarebytes
2010-08-29 08:46:55 38224 ----a-w- d:\windows1\system32\drivers\mbamswissarmy.sys
2010-08-29 08:46:53 0 d-----w- d:\docume~1\alluse~1.win\applic~1\Malwarebytes
2010-08-29 08:46:52 20952 ----a-w- d:\windows1\system32\drivers\mbam.sys
2010-08-29 08:46:52 0 d-----w- d:\program files\Malwarebytes' Anti-Malware
2010-08-28 17:59:30 0 d-----w- d:\documents and settings\pc\amsn
2010-08-28 17:41:37 0 d-----w- d:\program files\aMSN
2010-08-28 10:54:00 0 d-----w- d:\docume~1\alluse~1.win\applic~1\My Games
2010-08-18 09:41:50 0 d-----w- d:\program files\Mystère a Londres
2010-08-05 08:30:52 0 d-----w- d:\docume~1\alluse~1.win\applic~1\ArcSoft
2010-08-05 08:29:57 245408 ----a-w- d:\windows1\system32\unicows.dll
2010-08-05 08:29:57 18688 ----a-w- d:\windows1\system32\drivers\afc.sys
2010-08-05 08:29:07 0 d-----w- d:\program files\fichiers communs\ArcSoft
2010-08-05 08:27:45 0 d-----w- d:\windows1\OvtCam
2010-08-05 08:27:45 0 d-----w- d:\windows1\OVT
2010-08-05 08:27:40 0 d-----w- d:\program files\OVT

==================== Find3M ====================

2010-08-13 08:51:22 80856 ----a-w- d:\windows1\system32\perfc00C.dat
2010-08-13 08:51:22 500814 ----a-w- d:\windows1\system32\perfh00C.dat
2010-07-29 17:02:52 113933 ----a-w- d:\windows1\system32\drivers\klin.dat
2010-07-29 17:02:51 97549 ----a-w- d:\windows1\system32\drivers\klick.dat
2010-06-30 12:32:14 149504 ----a-w- d:\windows1\system32\schannel.dll
2010-06-25 16:48:15 2653 ----a-w- d:\windows1\steam.exe
2010-06-24 12:25:24 916480 ----a-w- d:\windows1\system32\wininet.dll
2010-06-24 09:02:32 1852032 ----a-w- d:\windows1\system32\win32k.sys
2010-06-17 14:03:10 80384 ----a-w- d:\windows1\system32\iccvid.dll
2010-06-14 07:42:25 1172480 ----a-w- d:\windows1\system32\msxml3.dll
2008-05-11 13:08:01 104576 --sha-w- d:\windows1\system32\AaHPpXyb.ini2
2008-08-23 07:15:12 924 --sh--w- d:\windows1\system32\bsdimdqv.ini2
2008-05-11 14:34:56 99632 --sha-w- d:\windows1\system32\hRCIknmp.ini2
2008-05-17 17:47:36 608931 --sha-w- d:\windows1\system32\QAKjSvut.ini2
2008-07-10 19:29:50 877 --sha-w- d:\windows1\system32\rBHPYyxx.ini2
2008-05-16 20:51:38 675246 --sha-w- d:\windows1\system32\YyJRYJjl.ini2
2008-09-24 10:11:52 32768 -csha-w- d:\windows1\system32\config\systemprofile\local settings\historique\history.ie5\mshist012008092420080925\index.dat

============= FINISH: 16:03:13,15 ===============

re
il en reste
Désactive ton antivirus et tout autre type de protection.
Télécharge ComboFix de sUBs :
ComboFix.exe
et sauvegarde le sur ton bureau et pas ailleurs!

Double-clic sur ComboFix, Il va te poser une question, suis les invites puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé.Poste le rapport:C:\Combofix.txt
clique dessus pour l'ouvrir, puis édition "sélectionner tout", édition "copier"

viens sur le forum et édition "coller"

AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer

Salut, Voila le rapport de combofix

ComboFix 10-08-31.03 - PC 01/09/2010 17:56:30.1.1 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.767.251 [GMT 2:00]
Lancé depuis: d:\documents and settings\PC\Bureau\ComboFix.exe
AV: Kaspersky PURE *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky PURE *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Autorun.inf
D:\5696766.exe
D:\60774436.exe
D:\77088838.exe
D:\7814265.exe
D:\80039839.exe
d:\documents and settings\PC\Application Data\Dossier de téléchargement Share-to-Web
d:\program files\hottvplayer
d:\program files\hottvplayer\hottv.ico
d:\program files\hottvplayer\Ogg\ogg.dll
d:\program files\hottvplayer\Ogg\ogg_demux.dll
d:\program files\hottvplayer\Ogg\theora_decoder.dll
d:\program files\hottvplayer\Ogg\vorbis.dll
d:\program files\hottvplayer\Ogg\vorbis_decoder.dll
d:\windows1\dmu.dll
d:\windows1\MicrosoftUpdate.bat
d:\windows1\pack.epk
d:\windows1\remote.ini
d:\windows1\root.reg
d:\windows1\steam.exe
d:\windows1\system32\AaHPpXyb.ini
d:\windows1\system32\AaHPpXyb.ini2
d:\windows1\system32\aqergmpl.ini
d:\windows1\system32\aqvkipdc.ini
d:\windows1\system32\bjqenble.ini
d:\windows1\system32\broqkqej.ini
d:\windows1\system32\bsdimdqv.ini
d:\windows1\system32\bsdimdqv.ini2
d:\windows1\system32\bsdimdqv.tmp
d:\windows1\system32\cqnadfak.ini
d:\windows1\system32\cudpinrs.ini
d:\windows1\system32\cumtqsml.ini
d:\windows1\system32\dktansui.ini
d:\windows1\system32\fvnmebsu.ini
d:\windows1\system32\fxwkheod.ini
d:\windows1\system32\gdaccnrw.ini
d:\windows1\system32\hRCIknmp.ini
d:\windows1\system32\hRCIknmp.ini2
d:\windows1\system32\husvimsf.ini
d:\windows1\system32\ihwnfojo.ini
d:\windows1\system32\jdcbnvws.ini
d:\windows1\system32\jmgqluqc.ini
d:\windows1\system32\kkjevnwu.ini
d:\windows1\system32\ljcqaeex.ini
d:\windows1\system32\lqwgilgy.ini
d:\windows1\system32\ltbsothu.ini
d:\windows1\system32\mcppondq.ini
d:\windows1\system32\mgtsplea.ini
d:\windows1\system32\njuqwsmm.ini
d:\windows1\system32\nrnagxoe.ini
d:\windows1\system32\pbpigpkh.ini
d:\windows1\system32\pgomtdfv.ini
d:\windows1\system32\QAKjSvut.ini
d:\windows1\system32\QAKjSvut.ini2
d:\windows1\system32\qaxbmhhx.ini
d:\windows1\system32\qnmikwyg.ini
d:\windows1\system32\rBHPYyxx.ini
d:\windows1\system32\rBHPYyxx.ini2
d:\windows1\system32\scrrnfr.dll
d:\windows1\system32\shnbaggo.ini
d:\windows1\system32\tdohrbia.ini
d:\windows1\system32\tgtofgeo.ini
d:\windows1\system32\tjxboudu.ini
d:\windows1\system32\tuvmephn.ini
d:\windows1\system32\umgkbyqr.ini
d:\windows1\system32\vmeyvxlo.ini
d:\windows1\system32\wfpmxwhm.ini
d:\windows1\system32\wokpstvf.ini
d:\windows1\system32\wrgcbbxk.ini
d:\windows1\system32\xcpdylbv.ini
d:\windows1\system32\yfqiolys.ini
d:\windows1\system32\ymfdkgcu.ini
d:\windows1\system32\yuhnwrbv.ini
d:\windows1\system32\YyJRYJjl.ini
d:\windows1\system32\YyJRYJjl.ini2

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES
-------\Service_Boonty Games


((((((((((((((((((((((((((((( Fichiers créés du 2010-08-01 au 2010-09-01 ))))))))))))))))))))))))))))))))))))
.

2010-09-01 16:12 . 2010-09-01 16:12 -------- d-----w- d:\documents and settings\PC\Application Data\Dossier de téléchargement Share-to-Web
2010-09-01 16:12 . 2010-09-01 16:12 -------- d-----w- d:\documents and settings\PC\Application Data\Dossier de téléchargement Share-to-Web
2010-08-29 08:47 . 2010-08-29 08:47 -------- d-----w- d:\documents and settings\PC\Application Data\Malwarebytes
2010-08-29 08:46 . 2010-04-29 13:39 38224 ----a-w- d:\windows1\system32\drivers\mbamswissarmy.sys
2010-08-29 08:46 . 2010-08-29 08:46 -------- d-----w- d:\documents and settings\All Users.WINDOWS1\Application Data\Malwarebytes
2010-08-29 08:46 . 2010-08-29 08:47 -------- d-----w- d:\program files\Malwarebytes' Anti-Malware
2010-08-29 08:46 . 2010-04-29 13:39 20952 ----a-w- d:\windows1\system32\drivers\mbam.sys
2010-08-28 17:59 . 2010-08-28 18:07 -------- d-----w- d:\documents and settings\PC\amsn
2010-08-28 17:41 . 2010-08-28 17:46 -------- d-----w- d:\program files\aMSN
2010-08-28 10:54 . 2010-08-28 10:54 -------- d-----w- d:\documents and settings\All Users.WINDOWS1\Application Data\My Games
2010-08-18 09:41 . 2010-08-18 09:42 -------- d-----w- d:\program files\Mystère a Londres
2010-08-16 15:46 . 2010-08-16 15:46 -------- d-----w- d:\documents and settings\LocalService.AUTORITE NT\Application Data\McAfee
2010-08-14 13:57 . 2010-08-14 13:57 -------- d-----w- d:\documents and settings\All Users.WINDOWS1\Application Data\McAfee
2010-08-05 08:30 . 2010-08-05 08:30 -------- d-----w- d:\documents and settings\PC\Local Settings\Application Data\ArcSoft
2010-08-05 08:30 . 2010-08-05 08:31 -------- d-----w- d:\documents and settings\All Users.WINDOWS1\Application Data\ArcSoft
2010-08-05 08:29 . 2006-11-10 13:05 18688 ----a-w- d:\windows1\system32\drivers\afc.sys
2010-08-05 08:29 . 2005-04-27 14:36 245408 ----a-w- d:\windows1\system32\unicows.dll
2010-08-05 08:29 . 2010-08-05 08:30 -------- d-----w- d:\program files\Fichiers communs\ArcSoft
2010-08-05 08:28 . 2010-08-05 12:28 -------- d-----w- d:\documents and settings\PC\Application Data\ArcSoft
2010-08-05 08:27 . 2010-08-05 08:27 -------- d-----w- d:\windows1\OvtCam
2010-08-05 08:27 . 2010-08-05 08:27 -------- d-----w- d:\windows1\OVT
2010-08-05 08:27 . 2010-08-05 08:27 -------- d-----w- d:\program files\OVT

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-01 16:13 . 2008-07-10 15:44 -------- d-----w- d:\documents and settings\All Users.WINDOWS1\Application Data\Kaspersky Lab
2010-08-31 17:26 . 2007-08-10 17:28 -------- d-----w- d:\documents and settings\All Users.WINDOWS1\Application Data\Google Updater
2010-08-28 09:32 . 2010-05-20 09:38 -------- d-----w- d:\program files\eMule
2010-08-27 07:04 . 2010-06-17 05:54 57344 ----a-w- d:\documents and settings\All Users.WINDOWS1\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-08-27 07:04 . 2010-08-27 07:04 56765 ----a-w- d:\documents and settings\All Users.WINDOWS1\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-08-27 07:04 . 2010-06-17 05:48 -------- d-----w- d:\documents and settings\All Users.WINDOWS1\Application Data\DivX
2010-08-27 07:03 . 2008-12-22 17:01 -------- d-----w- d:\program files\DivX
2010-08-27 07:03 . 2010-08-27 07:03 56997 ----a-w- d:\documents and settings\All Users.WINDOWS1\Application Data\DivX\WebPlayer\Uninstaller.exe
2010-08-27 07:03 . 2010-08-27 07:03 53600 ----a-w- d:\documents and settings\All Users.WINDOWS1\Application Data\DivX\Update\Uninstaller.exe
2010-08-27 07:03 . 2010-08-27 07:03 57691 ----a-w- d:\documents and settings\All Users.WINDOWS1\Application Data\DivX\Player\Uninstaller.exe
2010-08-27 07:02 . 2010-08-27 07:02 84063 ----a-w- d:\documents and settings\All Users.WINDOWS1\Application Data\DivX\TransferWizard\Uninstaller.exe
2010-08-27 07:02 . 2010-08-27 07:02 54153 ----a-w- d:\documents and settings\All Users.WINDOWS1\Application Data\DivX\DFXPlugin\Uninstaller.exe
2010-08-27 06:59 . 2010-08-27 07:04 185640 ----a-w- d:\documents and settings\All Users.WINDOWS1\Application Data\DivX\Setup\finishPlugin.dll
2010-08-27 06:59 . 2010-08-27 06:59 144696 ----a-w- d:\documents and settings\All Users.WINDOWS1\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe
2010-08-27 06:59 . 2010-06-17 05:54 1062184 ----a-w- d:\documents and settings\All Users.WINDOWS1\Application Data\DivX\Setup\Resource.dll
2010-08-27 06:59 . 2010-06-17 05:54 850200 ----a-w- d:\documents and settings\All Users.WINDOWS1\Application Data\DivX\Setup\DivXSetup.exe
2010-08-25 12:16 . 2008-03-31 14:24 -------- d---a-w- d:\documents and settings\All Users.WINDOWS1\Application Data\TEMP
2010-08-13 08:51 . 2004-08-05 12:00 80856 ----a-w- d:\windows1\system32\perfc00C.dat
2010-08-13 08:51 . 2004-08-05 12:00 500814 ----a-w- d:\windows1\system32\perfh00C.dat
2010-08-08 11:50 . 2010-08-08 11:50 503808 ----a-w- d:\documents and settings\PC\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6495ff68-n\msvcp71.dll
2010-08-08 11:50 . 2010-08-08 11:50 499712 ----a-w- d:\documents and settings\PC\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6495ff68-n\jmc.dll
2010-08-08 11:50 . 2010-08-08 11:50 348160 ----a-w- d:\documents and settings\PC\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6495ff68-n\msvcr71.dll
2010-08-08 11:50 . 2010-08-08 11:50 61440 ----a-w- d:\documents and settings\PC\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-4c9da226-n\decora-sse.dll
2010-08-08 11:50 . 2010-08-08 11:50 12800 ----a-w- d:\documents and settings\PC\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-4c9da226-n\decora-d3d.dll
2010-08-06 08:22 . 2006-07-03 13:45 -------- d--h--w- d:\program files\InstallShield Installation Information
2010-08-05 15:15 . 2006-10-18 15:46 -------- d-----w- d:\program files\Micro Application
2010-08-05 15:07 . 2006-08-08 06:51 -------- d-----w- d:\program files\Gamenext
2010-08-05 15:06 . 2006-07-15 11:09 -------- d-----w- d:\program files\Zylom Games
2010-08-05 08:29 . 2006-07-03 12:56 -------- d-----w- d:\program files\ArcSoft
2010-08-03 13:56 . 2007-08-18 16:41 -------- d-----w- d:\documents and settings\All Users.WINDOWS1\Application Data\JollyBear
2010-07-29 17:02 . 2010-05-05 08:14 113933 ----a-w- d:\windows1\system32\drivers\klin.dat
2010-07-29 17:02 . 2010-05-05 08:14 97549 ----a-w- d:\windows1\system32\drivers\klick.dat
2010-07-17 16:34 . 2008-12-22 17:07 -------- d-----w- d:\documents and settings\PC\Application Data\DivX
2010-07-07 17:30 . 2010-07-07 17:30 -------- d-----w- d:\documents and settings\PC\Application Data\Azuaz Games
2010-07-04 06:30 . 2006-07-08 08:55 -------- d-----w- d:\program files\Google
2010-06-30 12:32 . 2004-08-05 12:00 149504 ----a-w- d:\windows1\system32\schannel.dll
2010-06-25 16:53 . 2010-06-25 16:53 119 ----a-w- d:\windows1\e3.reg
2010-06-24 12:25 . 2004-08-05 12:00 916480 ----a-w- d:\windows1\system32\wininet.dll
2010-06-24 09:02 . 2004-08-05 12:00 1852032 ----a-w- d:\windows1\system32\win32k.sys
2010-06-21 15:27 . 2004-08-05 12:00 354304 ----a-w- d:\windows1\system32\drivers\srv.sys
2010-06-17 14:03 . 2004-08-05 12:00 80384 ----a-w- d:\windows1\system32\iccvid.dll
2010-06-17 05:53 . 2010-06-17 05:53 57054 ----a-w- d:\documents and settings\All Users.WINDOWS1\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
2010-06-17 05:52 . 2010-06-17 05:52 54166 ----a-w- d:\documents and settings\All Users.WINDOWS1\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
2010-06-17 05:52 . 2010-06-17 05:52 57532 ----a-w- d:\documents and settings\All Users.WINDOWS1\Application Data\DivX\DSASPDecoder\Uninstaller.exe
2010-06-17 05:52 . 2010-06-17 05:52 56458 ----a-w- d:\documents and settings\All Users.WINDOWS1\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
2010-06-17 05:52 . 2010-06-17 05:52 54174 ----a-w- d:\documents and settings\All Users.WINDOWS1\Application Data\DivX\DSAACDecoder\Uninstaller.exe
2010-06-17 05:52 . 2010-06-17 05:52 54128 ----a-w- d:\documents and settings\All Users.WINDOWS1\Application Data\DivX\Converter\Uninstaller.exe
2010-06-17 05:52 . 2010-06-17 05:52 54644 ----a-w- d:\documents and settings\All Users.WINDOWS1\Application Data\DivX\TranscodeEngine\Uninstaller.exe
2010-06-17 05:52 . 2010-06-17 05:52 54101 ----a-w- d:\documents and settings\All Users.WINDOWS1\Application Data\DivX\MPEG2Plugin\Uninstaller.exe
2010-06-17 05:52 . 2010-06-17 05:52 57409 ----a-w- d:\documents and settings\All Users.WINDOWS1\Application Data\DivX\ControlPanel\Uninstaller.exe
2010-06-17 05:52 . 2010-06-17 05:52 52963 ----a-w- d:\documents and settings\All Users.WINDOWS1\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-06-17 05:51 . 2010-06-17 05:51 54073 ----a-w- d:\documents and settings\All Users.WINDOWS1\Application Data\DivX\Qt4.5\Uninstaller.exe
2010-06-17 05:51 . 2010-06-17 05:51 56969 ----a-w- d:\documents and settings\All Users.WINDOWS1\Application Data\DivX\ASPEncoder\Uninstaller.exe
2010-06-17 05:48 . 2010-06-05 14:14 83 ----a-w- d:\windows1\system2.bat
2010-06-14 14:31 . 2007-08-02 08:01 744448 ----a-w- d:\windows1\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:42 . 2004-08-05 12:00 1172480 ----a-w- d:\windows1\system32\msxml3.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{ee0aa284-e014-41ce-9a4f-fc3d045fb9dd}"= "d:\program files\Jeux.fr\tbJeux.dll" [2009-11-09 2331672]

[HKEY_CLASSES_ROOT\clsid\{ee0aa284-e014-41ce-9a4f-fc3d045fb9dd}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ee0aa284-e014-41ce-9a4f-fc3d045fb9dd}]
2009-11-09 17:38 2331672 ----a-w- d:\program files\Jeux.fr\tbJeux.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{ee0aa284-e014-41ce-9a4f-fc3d045fb9dd}"= "d:\program files\Jeux.fr\tbJeux.dll" [2009-11-09 2331672]

[HKEY_CLASSES_ROOT\clsid\{ee0aa284-e014-41ce-9a4f-fc3d045fb9dd}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{EE0AA284-E014-41CE-9A4F-FC3D045FB9DD}"= "d:\program files\Jeux.fr\tbJeux.dll" [2009-11-09 2331672]

[HKEY_CLASSES_ROOT\clsid\{ee0aa284-e014-41ce-9a4f-fc3d045fb9dd}]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
@="{dd230880-495a-11d1-b064-008048ec2fc5}"
[HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
2009-12-25 14:42 129552 ----a-w- d:\program files\Kaspersky Lab\Kaspersky PURE\shellex.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="d:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-10 68856]
"SpybotSD TeaTimer"="d:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 2097488]
"LogitechSoftwareUpdate"="d:\program files\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcxMonitor"="ALCXMNTR.EXE" [2003-04-04 50176]
"NeroFilterCheck"="d:\windows1\system32\NeroCheck.exe" [2001-07-09 155648]
"CamMonitor"="d:\program files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe" [2002-10-06 90112]
"Share-to-Web Namespace Daemon"="d:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 69632]
"AliceSAV"="d:\program files\TechCity Solutions\AliceSAV\AliceAgent.exe" [2005-12-16 81408]
"QuickTime Task"="d:\program files\QuickTime\qttask.exe" [2009-01-14 98304]
"LVCOMSX"="d:\windows1\system32\LVCOMSX.EXE" [2005-07-19 221184]
"LogitechVideoRepair"="d:\program files\Logitech\Video\ISStart.exe" [2005-06-08 458752]
"LogitechVideoTray"="d:\program files\Logitech\Video\LogiTray.exe" [2005-06-08 217088]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"SunJavaUpdateSched"="d:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-02-18 248040]
"ISUSScheduler"="d:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-08-09 81920]
"Adobe Reader Speed Launcher"="d:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]
"Adobe ARM"="d:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]
"AVP"="d:\program files\Kaspersky Lab\Kaspersky PURE\avp.exe" [2009-12-25 340456]
"ArcSoft Connection Service"="d:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-03-18 207360]
"DivXUpdate"="d:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-08-20 1164584]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="d:\windows1\system32\CTFMON.EXE" [2008-04-14 15360]

d:\documents and settings\All Users.WINDOWS1\Menu D‚marrer\Programmes\D‚marrage\
hp psc 2000 Series.lnk - d:\program files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe [2003-4-6 323646]
hpoddt01.exe.lnk - d:\program files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"d:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"d:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"d:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

R0 CSCrySec;InfoWatch Encrypt Sector Library driver;d:\windows1\system32\drivers\CSCrySec.sys [05/05/2010 10:14 88632]
R0 KLBG;Kaspersky Lab Boot Guard Driver;d:\windows1\system32\drivers\klbg.sys [14/10/2009 20:18 36880]
R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;d:\windows1\system32\drivers\CSVirtualDiskDrv.sys [05/05/2010 10:14 39352]
R2 CSObjectsSrv;Service de gestion du système CryproStorage;d:\program files\Fichiers communs\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [21/12/2009 17:34 743992]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;d:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s --> d:\program files\Firebird\Firebird_1_5\bin\fbguard.exe -s [?]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;d:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s --> d:\program files\Firebird\Firebird_1_5\bin\fbserver.exe -s [?]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;d:\windows1\system32\drivers\klim5.sys [14/09/2009 13:42 32272]
R3 klmouflt;Kaspersky Lab KLMOUFLT;d:\windows1\system32\drivers\klmouflt.sys [02/10/2009 18:39 19472]
S2 gupdate1c9d25074b8a846;Service Google Update (gupdate1c9d25074b8a846);d:\program files\Google\Update\GoogleUpdate.exe [11/05/2009 17:52 133104]
S3 APL531;OVT Scanner;d:\windows1\system32\drivers\ov550i.sys [31/07/2006 07:44 580992]
.
Contenu du dossier 'Tâches planifiées'

2007-09-25 d:\windows1\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 2100 series5E771253C1676EBED677BF361FDFC537825E15B8188147927.job
- d:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 22:52]

2008-03-03 d:\windows1\Tasks\FRU Task 2003-04-06 08:52ewlett-Packard2003-04-06 08:52p psc 2100 series5E771253C1676EBED677BF361FDFC537825E15B8190895678.job
- d:\program files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 22:52]

2010-09-01 d:\windows1\Tasks\Google Software Updater.job
- d:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-08-10 07:49]

2010-09-01 d:\windows1\Tasks\GoogleUpdateTaskMachineCore.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-05-11 15:51]

2010-09-01 d:\windows1\Tasks\GoogleUpdateTaskMachineUA.job
- d:\program files\Google\Update\GoogleUpdate.exe [2009-05-11 15:51]

2010-09-01 d:\windows1\Tasks\User_Feed_Synchronization-{26E27445-6018-4134-B97B-ECBA04A95D2A}.job
- d:\windows1\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://aliceadsl.fr/
uSearchMigratedDefaultURL = hxxp://www.durable.com/result?cx=partner-pub-7902900401080901%...{searchTerms}
uDefault_Search_URL = hxxp://www.durable.com/recherche
mStart Page = about:blank
uSearchAssistant = hxxp://www.durable.com/recherche
uSearchURL,(Default) = hxxp://www.durable.com/recherche
IE: Ajouter à l'Anti-bannière - d:\program files\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm
IE: E&xporter vers Microsoft Excel - d:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - hxxp://activex.camfrogweb.com/advanced/2.0.2.23/cfweb_activex.camfrogweb.com-advanced-2.0.2.23_instmodule.exe
DPF: {596B26AA-E941-4FB5-8F91-0762447578F0} - hxxp://games.bigfishgames.com/fr_dream-chronicles/online/dream.1.0.0.17_fr.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game02.zylom.com/activex/zylomgamesplayer.cab
FF - ProfilePath - d:\documents and settings\PC\Application Data\Mozilla\Firefox\Profiles\e4qyij7z.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.aliceadsl.fr/
FF - plugin: d:\documents and settings\All Users.WINDOWS1\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: d:\program files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: d:\program files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: d:\program files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: d:\program files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: d:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: d:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\windows1\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- PARAMETRES FIREFOX ----
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
d:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
d:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.
- - - - ORPHELINS SUPPRIMES - - - -

BHO-{0E623544-E89D-4A55-B942-A1893E7D9765} - (no file)
BHO-{51304000-91FB-4CD4-8E6D-EABE1607C41B} - (no file)
BHO-{71DE36D9-4D71-4A48-83C0-80A86491D16F} - (no file)
BHO-{8419313A-122E-4A08-84E3-F0C7A35B1065} - (no file)
BHO-{8B1049EF-2B3D-4F93-B267-375A8A69C288} - (no file)
BHO-{CBA0F1DC-D2E7-43A8-B59B-CBBBF5E49041} - (no file)
Toolbar-SITEguard - (no file)
HKCU-Run-fsm - (no file)
HKU-Default-Run-ALUAlert - d:\program files\Symantec\LiveUpdate\ALUNotify.exe
Notify-wvUnNedc - (no file)
AddRemove-OVT Scanner - d:\windows1\omniuns.exe USB\Vid_05a9&PID_1550 OVT Scanner



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-09-01 18:14
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
AliceSAV = d:\program files\TechCity Solutions\AliceSAV\AliceAgent.exe????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-1417001333-117609710-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:f7,34,57,8e,ec,67,d2,41,d9,c4,70,e2,86,49,ec,f3,96,e9,2f,b1,e1,
1a,fd,b6,00,f7,6a,c2,39,8b,04,cd,7c,ef,5d,f8,63,0f,3d,79,5f,a2,58,66,22,9a,\
"rkeysecu"=hex:b3,a6,db,3c,87,0c,3e,99,24,5e,0d,1c,06,b7,47,de

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@d:\\WINDOWS1\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="d:\\WINDOWS1\\system32\\Macromed\\Flash\\FlashUtil10i_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\h–€|ÿÿÿÿ¤•€|ù•9~*]
"C040110900063D11C8EF10054038389C"="D?\\WINDOWS1\\system32\\FM20ENU.DLL"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(888)
d:\windows1\system32\Ati2evxx.dll

- - - - - - - > 'explorer.exe'(1760)
d:\windows1\system32\eappprxy.dll
d:\windows1\system32\webcheck.dll
d:\windows1\system32\WPDShServiceObj.dll
d:\windows1\system32\PortableDeviceTypes.dll
d:\windows1\system32\PortableDeviceApi.dll
d:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll
d:\program files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA
.
------------------------ Autres processus actifs ------------------------
.
d:\windows1\system32\Ati2evxx.exe
d:\windows1\system32\Ati2evxx.exe
d:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe
d:\program files\Firebird\Firebird_1_5\bin\fbguard.exe
d:\program files\Java\jre6\bin\jqs.exe
d:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
d:\program files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
d:\program files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
d:\windows1\system32\rundll32.exe
d:\program files\Logitech\Video\FxSvr2.exe
d:\program files\Firebird\Firebird_1_5\bin\fbserver.exe
d:\windows1\system32\wbem\wmiapsrv.exe
d:\program files\Fichiers communs\ArcSoft\Connection Service\Bin\ArcCon.ac
.
**************************************************************************
.
Heure de fin: 2010-09-01 18:25:05 - La machine a redémarré
ComboFix-quarantined-files.txt 2010-09-01 16:24

Avant-CF: 53 824 929 792 octets libres
Après-CF: 54 028 681 216 octets libres

- - End Of File - - 971576CAD96B8EF8B4F8B41967AFB348

Bonsoir
Copie (Ctrl+C) le texte ci-dessous :



Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte que tu viens de copier.
Sauvegarde ce fichier sous le nom de CFScript.txt

Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture

Combofix se lance, laisse toi guider..

Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.

Une fois le scan achevé, un rapport va s'afficher: poste son contenu, en précisant où en sont tes soucis

Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer

Salut, voici le rapport :

ComboFix 10-09-01.03 - PC 02/09/2010 13:36:14.2.1 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.767.314 [GMT 2:00]
Lancé depuis: D:\Documents and Settings\PC\Bureau\ComboFix.exe
Commutateurs utilisés :: D:\Documents and Settings\PC\Bureau\CFScript.txt
AV: Kaspersky PURE *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky PURE *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}

FILE ::
"d:\windows1\e3.reg"
"d:\windows1\system2.bat"
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

d:\program files\Jeux.fr
d:\program files\Jeux.fr\spill_fr.ico
d:\program files\Jeux.fr\tbJeux.dll
d:\windows1\e3.reg
d:\windows1\system2.bat

.
((((((((((((((((((((((((((((( Fichiers créés du 2010-08-02 au 2010-09-02 ))))))))))))))))))))))))))))))))))))
.

2010-09-01 16:12:57 . 2010-09-01 16:12:57 -------- d-----w- D:\Documents and Settings\PC\Application Data\Dossier de téléchargement Share-to-Web
2010-09-01 16:12:57 . 2010-09-01 16:12:57 -------- d-----w- D:\Documents and Settings\PC\Application Data\Dossier de téléchargement Share-to-Web
2010-08-29 08:47:19 . 2010-08-29 08:47:19 -------- d-----w- D:\Documents and Settings\PC\Application Data\Malwarebytes
2010-08-29 08:46:55 . 2010-04-29 13:39:38 38224 ----a-w- D:\WINDOWS1\system32\drivers\mbamswissarmy.sys
2010-08-29 08:46:53 . 2010-08-29 08:46:53 -------- d-----w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\Malwarebytes
2010-08-29 08:46:52 . 2010-08-29 08:47:08 -------- d-----w- D:\Program Files\Malwarebytes' Anti-Malware
2010-08-29 08:46:52 . 2010-04-29 13:39:26 20952 ----a-w- D:\WINDOWS1\system32\drivers\mbam.sys
2010-08-28 17:59:30 . 2010-09-01 16:32:41 -------- d-----w- D:\Documents and Settings\PC\amsn
2010-08-28 17:41:37 . 2010-08-28 17:46:39 -------- d-----w- D:\Program Files\aMSN
2010-08-28 10:54:00 . 2010-08-28 10:54:00 -------- d-----w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\My Games
2010-08-18 09:41:50 . 2010-08-18 09:42:07 -------- d-----w- D:\Program Files\Mystère a Londres
2010-08-16 15:46:15 . 2010-08-16 15:46:15 -------- d-----w- D:\Documents and Settings\LocalService.AUTORITE NT\Application Data\McAfee
2010-08-14 13:57:34 . 2010-08-14 13:57:34 -------- d-----w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\McAfee
2010-08-05 08:30:59 . 2010-08-05 08:30:59 -------- d-----w- D:\Documents and Settings\PC\Local Settings\Application Data\ArcSoft
2010-08-05 08:30:52 . 2010-08-05 08:31:05 -------- d-----w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\ArcSoft
2010-08-05 08:29:57 . 2006-11-10 13:05:00 18688 ----a-w- D:\WINDOWS1\system32\drivers\afc.sys
2010-08-05 08:29:57 . 2005-04-27 14:36:00 245408 ----a-w- D:\WINDOWS1\system32\unicows.dll
2010-08-05 08:29:07 . 2010-08-05 08:30:02 -------- d-----w- D:\Program Files\Fichiers communs\ArcSoft
2010-08-05 08:28:23 . 2010-08-05 12:28:16 -------- d-----w- D:\Documents and Settings\PC\Application Data\ArcSoft
2010-08-05 08:27:45 . 2010-08-05 08:27:46 -------- d-----w- D:\WINDOWS1\OvtCam
2010-08-05 08:27:45 . 2010-08-05 08:27:45 -------- d-----w- D:\WINDOWS1\OVT
2010-08-05 08:27:40 . 2010-08-05 08:27:40 -------- d-----w- D:\Program Files\OVT

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-02 06:52:54 . 2008-07-10 15:44:46 -------- d-----w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\Kaspersky Lab
2010-09-01 18:27:19 . 2007-08-10 17:28:27 -------- d-----w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\Google Updater
2010-08-28 09:32:27 . 2010-05-20 09:38:53 -------- d-----w- D:\Program Files\eMule
2010-08-27 07:04:12 . 2010-06-17 05:54:53 57344 ----a-w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll
2010-08-27 07:04:00 . 2010-08-27 07:04:00 56765 ----a-w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
2010-08-27 07:04:00 . 2010-06-17 05:48:29 -------- d-----w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\DivX
2010-08-27 07:03:59 . 2008-12-22 17:01:19 -------- d-----w- D:\Program Files\DivX
2010-08-27 07:03:57 . 2010-08-27 07:03:57 56997 ----a-w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\DivX\WebPlayer\Uninstaller.exe
2010-08-27 07:03:47 . 2010-08-27 07:03:47 53600 ----a-w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\DivX\Update\Uninstaller.exe
2010-08-27 07:03:41 . 2010-08-27 07:03:41 57691 ----a-w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\DivX\Player\Uninstaller.exe
2010-08-27 07:02:48 . 2010-08-27 07:02:48 84063 ----a-w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\DivX\TransferWizard\Uninstaller.exe
2010-08-27 07:02:34 . 2010-08-27 07:02:34 54153 ----a-w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\DivX\DFXPlugin\Uninstaller.exe
2010-08-27 06:59:40 . 2010-08-27 07:04:03 185640 ----a-w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\DivX\Setup\finishPlugin.dll
2010-08-27 06:59:36 . 2010-08-27 06:59:35 144696 ----a-w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe
2010-08-27 06:59:34 . 2010-06-17 05:54:24 1062184 ----a-w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\DivX\Setup\Resource.dll
2010-08-27 06:59:27 . 2010-06-17 05:54:24 850200 ----a-w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\DivX\Setup\DivXSetup.exe
2010-08-25 12:16:07 . 2008-03-31 14:24:58 -------- d---a-w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\TEMP
2010-08-13 08:51:22 . 2004-08-05 12:00:00 80856 ----a-w- D:\WINDOWS1\system32\perfc00C.dat
2010-08-13 08:51:22 . 2004-08-05 12:00:00 500814 ----a-w- D:\WINDOWS1\system32\perfh00C.dat
2010-08-08 11:50:38 . 2010-08-08 11:50:38 503808 ----a-w- D:\Documents and Settings\PC\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6495ff68-n\msvcp71.dll
2010-08-08 11:50:38 . 2010-08-08 11:50:38 499712 ----a-w- D:\Documents and Settings\PC\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6495ff68-n\jmc.dll
2010-08-08 11:50:38 . 2010-08-08 11:50:38 348160 ----a-w- D:\Documents and Settings\PC\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-6495ff68-n\msvcr71.dll
2010-08-08 11:50:37 . 2010-08-08 11:50:37 61440 ----a-w- D:\Documents and Settings\PC\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-4c9da226-n\decora-sse.dll
2010-08-08 11:50:37 . 2010-08-08 11:50:37 12800 ----a-w- D:\Documents and Settings\PC\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-4c9da226-n\decora-d3d.dll
2010-08-06 08:22:08 . 2006-07-03 13:45:49 -------- d--h--w- D:\Program Files\InstallShield Installation Information
2010-08-05 15:15:38 . 2006-10-18 15:46:40 -------- d-----w- D:\Program Files\Micro Application
2010-08-05 15:07:19 . 2006-08-08 06:51:05 -------- d-----w- D:\Program Files\Gamenext
2010-08-05 15:06:44 . 2006-07-15 11:09:47 -------- d-----w- D:\Program Files\Zylom Games
2010-08-05 08:29:07 . 2006-07-03 12:56:07 -------- d-----w- D:\Program Files\ArcSoft
2010-08-03 13:56:48 . 2007-08-18 16:41:13 -------- d-----w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\JollyBear
2010-07-29 17:02:52 . 2010-05-05 08:14:56 113933 ----a-w- D:\WINDOWS1\system32\drivers\klin.dat
2010-07-29 17:02:51 . 2010-05-05 08:14:56 97549 ----a-w- D:\WINDOWS1\system32\drivers\klick.dat
2010-07-17 16:34:24 . 2008-12-22 17:07:11 -------- d-----w- D:\Documents and Settings\PC\Application Data\DivX
2010-07-07 17:30:26 . 2010-07-07 17:30:26 -------- d-----w- D:\Documents and Settings\PC\Application Data\Azuaz Games
2010-06-30 12:32:14 . 2004-08-05 12:00:00 149504 ----a-w- D:\WINDOWS1\system32\schannel.dll
2010-06-24 12:25:24 . 2004-08-05 12:00:00 916480 ----a-w- D:\WINDOWS1\system32\wininet.dll
2010-06-24 09:02:32 . 2004-08-05 12:00:00 1852032 ----a-w- D:\WINDOWS1\system32\win32k.sys
2010-06-21 15:27:11 . 2004-08-05 12:00:00 354304 ----a-w- D:\WINDOWS1\system32\drivers\srv.sys
2010-06-17 14:03:10 . 2004-08-05 12:00:00 80384 ----a-w- D:\WINDOWS1\system32\iccvid.dll
2010-06-17 05:53:00 . 2010-06-17 05:53:00 57054 ----a-w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\DivX\DSDesktopComponents\Uninstaller.exe
2010-06-17 05:52:58 . 2010-06-17 05:52:58 54166 ----a-w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\DivX\DSAVCDecoder\Uninstaller.exe
2010-06-17 05:52:56 . 2010-06-17 05:52:56 57532 ----a-w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\DivX\DSASPDecoder\Uninstaller.exe
2010-06-17 05:52:53 . 2010-06-17 05:52:53 56458 ----a-w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\DivX\DivXDecoderShortcut\Uninstaller.exe
2010-06-17 05:52:52 . 2010-06-17 05:52:52 54174 ----a-w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\DivX\DSAACDecoder\Uninstaller.exe
2010-06-17 05:52:47 . 2010-06-17 05:52:47 54128 ----a-w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\DivX\Converter\Uninstaller.exe
2010-06-17 05:52:45 . 2010-06-17 05:52:45 54644 ----a-w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\DivX\TranscodeEngine\Uninstaller.exe
2010-06-17 05:52:32 . 2010-06-17 05:52:32 54101 ----a-w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\DivX\MPEG2Plugin\Uninstaller.exe
2010-06-17 05:52:31 . 2010-06-17 05:52:31 57409 ----a-w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\DivX\ControlPanel\Uninstaller.exe
2010-06-17 05:52:29 . 2010-06-17 05:52:29 52963 ----a-w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
2010-06-17 05:51:42 . 2010-06-17 05:51:42 54073 ----a-w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\DivX\Qt4.5\Uninstaller.exe
2010-06-17 05:51:23 . 2010-06-17 05:51:23 56969 ----a-w- D:\Documents and Settings\All Users.WINDOWS1\Application Data\DivX\ASPEncoder\Uninstaller.exe
2010-06-14 14:31:20 . 2007-08-02 08:01:34 744448 ----a-w- D:\WINDOWS1\pchealth\helpctr\binaries\helpsvc.exe
2010-06-14 07:42:25 . 2004-08-05 12:00:00 1172480 ----a-w- D:\WINDOWS1\system32\msxml3.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon]
@="{dd230880-495a-11d1-b064-008048ec2fc5}"
[HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}]
2009-12-25 14:42:58 129552 ----a-w- D:\Program Files\Kaspersky Lab\Kaspersky PURE\shellex.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-10 17:28:30 68856]
"SpybotSD TeaTimer"="D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 09:43:40 2097488]
"LogitechSoftwareUpdate"="D:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-06-08 13:44:14 196608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AlcxMonitor"="ALCXMNTR.EXE" [2003-04-04 01:35:38 50176]
"NeroFilterCheck"="D:\WINDOWS1\system32\NeroCheck.exe" [2001-07-09 08:50:42 155648]
"CamMonitor"="D:\Program Files\Hewlett-Packard\Digital Imaging\\Unload\hpqcmon.exe" [2002-10-06 22:23:20 90112]
"Share-to-Web Namespace Daemon"="D:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe" [2002-04-17 08:42:56 69632]
"AliceSAV"="D:\Program Files\TechCity Solutions\AliceSAV\AliceAgent.exe" [2005-12-16 16:57:42 81408]
"QuickTime Task"="D:\Program Files\QuickTime\qttask.exe" [2009-01-14 11:16:40 98304]
"LVCOMSX"="D:\WINDOWS1\system32\LVCOMSX.EXE" [2005-07-19 16:32:18 221184]
"LogitechVideoRepair"="D:\Program Files\Logitech\Video\ISStart.exe" [2005-06-08 14:24:32 458752]
"LogitechVideoTray"="D:\Program Files\Logitech\Video\LogiTray.exe" [2005-06-08 14:14:44 217088]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 02:34:30 110592]
"SunJavaUpdateSched"="D:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" [2010-02-18 09:43:18 248040]
"ISUSScheduler"="D:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-08-09 04:03:38 81920]
"Adobe Reader Speed Launcher"="D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 02:04:47 35760]
"Adobe ARM"="D:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 08:06:33 976832]
"AVP"="D:\Program Files\Kaspersky Lab\Kaspersky PURE\avp.exe" [2009-12-25 14:43:40 340456]
"ArcSoft Connection Service"="D:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe" [2010-03-18 09:19:26 207360]
"DivXUpdate"="D:\Program Files\DivX\DivX Update\DivXUpdate.exe" [2010-08-20 19:45:26 1164584]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="D:\WINDOWS1\system32\CTFMON.EXE" [2008-04-14 02:33:59 15360]

D:\Documents and Settings\All Users.WINDOWS1\Menu D‚marrer\Programmes\D‚marrage\
hp psc 2000 Series.lnk - D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe [2003-4-6 323646]
hpoddt01.exe.lnk - D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe [2003-4-6 28672]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"D:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"D:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

R0 CSCrySec;InfoWatch Encrypt Sector Library driver;D:\WINDOWS1\system32\drivers\CSCrySec.sys [05/05/2010 10:14:01 88632]
R0 KLBG;Kaspersky Lab Boot Guard Driver;D:\WINDOWS1\system32\drivers\klbg.sys [14/10/2009 20:18:34 36880]
R1 CSVirtualDiskDrv;InfoWatch Virtual Disk driver;D:\WINDOWS1\system32\drivers\CSVirtualDiskDrv.sys [05/05/2010 10:14:06 39352]
R2 CSObjectsSrv;Service de gestion du système CryproStorage;D:\Program Files\Fichiers communs\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [21/12/2009 17:34:38 743992]
R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;D:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe -s --> D:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe -s [?]
R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;D:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe -s --> D:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe -s [?]
R3 klim5;Kaspersky Anti-Virus NDIS Filter;D:\WINDOWS1\system32\drivers\klim5.sys [14/09/2009 13:42:46 32272]
R3 klmouflt;Kaspersky Lab KLMOUFLT;D:\WINDOWS1\system32\drivers\klmouflt.sys [02/10/2009 18:39:44 19472]
S2 gupdate1c9d25074b8a846;Service Google Update (gupdate1c9d25074b8a846);D:\Program Files\Google\Update\GoogleUpdate.exe [11/05/2009 17:52:09 133104]
S3 APL531;OVT Scanner;D:\WINDOWS1\system32\drivers\ov550i.sys [31/07/2006 07:44:00 580992]
.
Contenu du dossier 'Tâches planifiées'

2007-09-25 D:\WINDOWS1\Tasks\FRU Task 2003-04-06 08:52:06ewlett-Packard2003-04-06 08:52:06p psc 2100 series5E771253C1676EBED677BF361FDFC537825E15B8188147927.job
- D:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 22:52:08 . 2003-04-05 22:52:08]

2008-03-03 D:\WINDOWS1\Tasks\FRU Task 2003-04-06 08:52:06ewlett-Packard2003-04-06 08:52:06p psc 2100 series5E771253C1676EBED677BF361FDFC537825E15B8190895678.job
- D:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe [2003-04-05 22:52:08 . 2003-04-05 22:52:08]

2010-09-02 D:\WINDOWS1\Tasks\Google Software Updater.job
- D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-08-10 17:19:42 . 2009-03-23 07:49:50]

2010-09-02 D:\WINDOWS1\Tasks\GoogleUpdateTaskMachineCore.job
- D:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-11 15:52:09 . 2009-05-11 15:51:54]

2010-09-02 D:\WINDOWS1\Tasks\GoogleUpdateTaskMachineUA.job
- D:\Program Files\Google\Update\GoogleUpdate.exe [2009-05-11 15:52:09 . 2009-05-11 15:51:54]

2010-09-02 D:\WINDOWS1\Tasks\User_Feed_Synchronization-{26E27445-6018-4134-B97B-ECBA04A95D2A}.job
- D:\WINDOWS1\system32\msfeedssync.exe [2007-08-13 17:36:40 . 2009-03-08 02:31:54]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://aliceadsl.fr/
uSearchMigratedDefaultURL = hxxp://www.durable.com/result?cx=partner-pub-7902900401080901%...{searchTerms}
uDefault_Search_URL = hxxp://www.durable.com/recherche
mStart Page = about:blank
uSearchAssistant = hxxp://www.durable.com/recherche
uSearchURL,(Default) = hxxp://www.durable.com/recherche
IE: Ajouter à l'Anti-bannière - D:\Program Files\Kaspersky Lab\Kaspersky PURE\ie_banner_deny.htm
IE: E&xporter vers Microsoft Excel - D:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
DPF: {2357B3CF-7F8D-4451-8D81-FD6097610AEE} - hxxp://activex.camfrogweb.com/advanced/2.0.2.23/cfweb_activex.camfrogweb.com-advanced-2.0.2.23_instmodule.exe
DPF: {596B26AA-E941-4FB5-8F91-0762447578F0} - hxxp://games.bigfishgames.com/fr_dream-chronicles/online/dream.1.0.0.17_fr.cab
DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game02.zylom.com/activex/zylomgamesplayer.cab
FF - ProfilePath - D:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\e4qyij7z.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.aliceadsl.fr/
FF - plugin: D:\Documents and Settings\All Users.WINDOWS1\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: D:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
FF - plugin: D:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: D:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll
FF - plugin: D:\Program Files\Google\Update\1.2.183.29\npGoogleOneClick8.dll
FF - plugin: D:\Program Files\Microsoft\Office Live\npOLW.dll
FF - plugin: D:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - d:\WINDOWS1\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

---- PARAMETRES FIREFOX ----
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);
D:\Program Files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);
D:\Program Files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);
.

Donc, apparement pas de souci dans le pc, et legere amelioriation dans la vitesse du pc et dans la connexion.

En esperant avoir eradiquer ces "saloperie " lol , merci encore.

Dans l'attente...

re
Désinstalle combofix en suivant cette procédure:

Menu démarrer puis exécuter

Tape maintenant Combofix /u dans la fenêtre que apparaît puis valide par OK. Veille à bien laisser un espace entre le X et le /U, car cela est nécessaire ici.





Supprime tous les programmes installés pour la désinfection.


Merci de consulter ce dossier (en pdf) pour en connaître davantage sur les risques du Net.



Si tu trouves ce document intéressant, n'hésite pas à le transmettre à tes contacts.

Si tu en as assez d'être assailli de publicités durant ta navigation, installe Firefox sécurisé avec les extensions noscript et AdBlock Plus.

Lire aussi:

Antispyware gratuit : ça sert à rien!


~Edite ton premier message et marque [résolu] dans le titre.
Si ton nom de session correspond à ton véritable nom, tu as la possibilité de le changer en éditant tes posts.

 

Ok , merci pour toutes tes réponses et soluces, ton aide m'a était precieuse et, en meme temp, m'a instruie.

Je fesai sa pour ma tante, j'ai quelque base mais ne voulais pas m'avancer dans des chose que je conai que de loin et me planter car se n'est pas mon pc.

Chaque fois un peu tard car elle habite a 900 km de chez moi  

Bref, on y est arriver grace à ton aide encore merci  

Continuez se que vous faites, c'est tous simplement genial  , à bientot.

Euhh, derniere chose, ou dois-je cliquer pour élire meilleur reponse?  

de rien
bon surf


aucune importance