Se connecter / S'enregistrer
Votre question

[Résolu] Infection éventuelle

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
20 Avril 2010 17:48:23

Bonjour à vous,
Mon antivirus à sonné alors voilà par précaution je vous donne un rapport HiJackThis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:48:38, on 20/04/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINDOWS\system32\hphmon03.exe
C:\Program Files\DivX\DivX Update\DivXUpdate.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\WINDOWS\system32\HPHipm09.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Téléchargements\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\system32\hphmon03.exe
O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [winlogon] G:\RECYCLER\S-1-6-21-2434476501-1644491937-600003330-1213\usbmagr.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Logitech . Enregistrement du produit.lnk = C:\Program Files\Fichiers communs\LogiShrd\eReg\SetPoint\eReg.exe (User 'SYSTEM')
O4 - S-1-5-18 Startup: monxga32.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Logitech . Enregistrement du produit.lnk = C:\Program Files\Fichiers communs\LogiShrd\eReg\SetPoint\eReg.exe (User 'Default user')
O4 - .DEFAULT Startup: monxga32.exe (User 'Default user')
O4 - Startup: Logitech . Enregistrement du produit.lnk = C:\Program Files\Fichiers communs\LogiShrd\eReg\SetPoint\eReg.exe
O4 - Startup: monxga32.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Add to AMV Converter... - C:\Program Files\MP3 Player Utilities 4.15\AMVConverter\grab.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: MediaManager tool grab multimedia file - C:\Program Files\MP3 Player Utilities 4.15\MediaManager\grab.html
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Wireless Service - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe

--
End of file - 9027 bytes


Merci à vous !

Autres pages sur : resolu infection eventuelle

a c 267 8 Sécurité
a b 9 Windows
20 Avril 2010 17:53:57

Bonjour,

Je vois plusieurs infections.

  • Télécharge OTL (de OldTimer) sur ton Bureau.
  • Double-clique sur OTL pour le lancer.
    (Sous Vista/Win7, il faut cliquer droit sur OTL et choisir Exécuter en tant qu'administrateur)
  • Une fenêtre apparaît. Dans la section Rapport en haut de cette fenêtre, coche Rapport minimal.
  • Coche également les cases à côté de Recherche Lop et Recherche Purity.
  • Enfin, clique sur le bouton Analyse. Le scan ne prendra pas beaucoup de temps.
  • Une fois l'analyse terminée, deux fenêtres vont s'ouvrir dans le Bloc-notes : OTL.txt et Extras.txt. Ils se trouvent au même endroit que OTL (donc par défaut sur le Bureau).

    Pour me transmettre les rapports :
  • Clique sur ce lien : http://www.cijoint.fr/
  • Clique sur Parcourir... et cherche le fichier du rapport que tu souhaites me transmettre.
  • Clique sur Ouvrir.
  • Clique sur Cliquez ici pour déposer le fichier.
  • Un lien de cette forme, hxxp://www.cijoint.fr/cjlink.php?file=cj200905/cijSKAP5fU.txt, est ajouté dans la page.
  • Copie-colle ce lien dans ta réponse.
    20 Avril 2010 18:04:26

    Destrio5 a dit :
    Bonjour,

    Je vois plusieurs infections.

    Sûrement tes nouvelles lunettes... :o 



    Contenus similaires
    a c 267 8 Sécurité
    a b 9 Windows
    20 Avril 2010 18:30:28

    Ok, je vois.

    [#ff0000]/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\[/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Il va te demander d'installer la console de récupération : accepte.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

    Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix
    20 Avril 2010 19:39:58

    ComboFix 10-04-19.08 - TITI 20/04/2010 19:28:21.1.1 - x86
    Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1535.947 [GMT 2:00]
    Lancé depuis: d:\téléchargements\ComboFix.exe
    AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\documents and settings\TITI\Application Data\avdrn.dat
    c:\documents and settings\TITI\Application Data\inst.exe

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2010-03-20 au 2010-04-20 ))))))))))))))))))))))))))))))))))))
    .

    2010-04-20 15:48 . 2010-04-20 17:37 859648 ----a-w- c:\windows\system32\drivers\pgmpgdi.sys
    2010-04-20 08:33 . 2010-04-20 08:35 -------- d-----w- c:\program files\Software Informer
    2010-04-18 15:25 . 2010-04-18 15:45 -------- d-----w- c:\program files\DAudioK
    2010-04-18 13:13 . 2010-04-18 14:53 -------- d-----w- c:\program files\Free MKV Video2Dvd
    2010-04-18 13:09 . 2010-04-18 13:13 -------- d-----w- c:\documents and settings\TITI\Application Data\Vso
    2010-04-18 13:09 . 2010-04-18 13:13 47360 ----a-w- c:\documents and settings\TITI\Application Data\pcouffin.sys
    2010-04-18 13:09 . 2010-04-18 13:09 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
    2010-04-18 11:37 . 2010-04-18 11:37 -------- d-----w- c:\documents and settings\TITI\Application Data\Blender Foundation
    2010-04-17 09:41 . 2010-04-17 09:43 -------- d-----w- c:\program files\Windows Live Safety Center
    2010-04-16 17:50 . 2010-04-16 17:50 -------- d-----w- c:\documents and settings\TITI\Local Settings\Application Data\TouchStoneSoftware
    2010-04-15 05:57 . 2010-04-15 05:57 57344 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll
    2010-04-15 05:56 . 2010-04-15 05:56 56766 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
    2010-04-15 05:56 . 2010-04-15 05:56 57409 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
    2010-04-15 05:54 . 2010-04-15 05:54 144696 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe
    2010-04-11 08:35 . 2010-04-11 08:35 -------- d-----w- c:\documents and settings\TITI\Application Data\GameRanger
    2010-04-11 08:01 . 2010-04-17 08:50 -------- d---a-w- C:\Navilog1
    2010-04-11 08:01 . 2010-04-17 08:48 -------- d-----w- c:\program files\navilog1
    2010-04-09 00:17 . 2010-04-09 00:17 1220272 ----a-w- c:\documents and settings\TITI\Application Data\GameRanger\GameRanger\GameRanger.exe
    2010-04-07 11:50 . 2010-04-07 11:51 -------- d-----w- c:\documents and settings\TITI\Local Settings\Application Data\WMTools Downloaded Files
    2010-04-06 18:14 . 2010-04-06 18:14 -------- d-----w- c:\program files\Java
    2010-04-06 13:13 . 2010-04-06 13:13 53248 ----a-r- c:\documents and settings\TITI\Application Data\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
    2010-04-06 13:13 . 2010-04-06 13:13 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
    2010-04-06 13:13 . 2008-11-07 16:55 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
    2010-04-06 13:07 . 2010-04-06 13:07 -------- d-----w- c:\program files\NVIDIA Corporation
    2010-04-06 13:07 . 2010-04-06 13:07 -------- d-----w- c:\program files\Fichiers communs\NVIDIA Shared
    2010-04-06 13:06 . 2010-04-06 13:13 -------- d-----w- c:\documents and settings\TITI\Application Data\Logitech
    2010-04-06 13:06 . 2010-04-06 13:07 -------- d-----w- c:\documents and settings\TITI\Application Data\Logishrd
    2010-04-05 17:31 . 2010-04-05 18:05 -------- d-----w- c:\program files\Dofus
    2010-04-05 15:47 . 2010-04-05 19:48 -------- d-----w- c:\windows\system32\NtmsData
    2010-04-05 13:03 . 2010-04-05 13:03 56 ---ha-w- c:\windows\system32\ezsidmv.dat
    2010-04-05 13:03 . 2010-04-13 16:19 -------- d-----w- c:\documents and settings\TITI\Application Data\skypePM
    2010-04-05 13:03 . 2010-04-13 16:19 -------- d-----w- c:\documents and settings\TITI\Application Data\Skype
    2010-04-05 13:03 . 2010-04-05 13:03 -------- d-----w- c:\program files\Fichiers communs\Skype
    2010-04-05 13:03 . 2010-04-05 13:03 -------- d-----r- c:\program files\Skype
    2010-04-05 13:02 . 2010-04-05 13:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
    2010-04-05 12:26 . 2010-03-30 11:35 311296 ----a-w- c:\windows\system32\TubeFinder.exe
    2010-04-05 12:26 . 2010-04-05 12:28 -------- d-----w- c:\documents and settings\TITI\Application Data\FreeFLVConverter
    2010-04-05 12:26 . 2010-04-05 12:27 -------- d-----w- c:\program files\Free FLV Converter
    2010-04-05 12:26 . 2009-06-19 16:51 9728 ----a-w- c:\windows\system32\PCCLPFR.DLL
    2010-04-05 12:21 . 2010-04-05 12:21 -------- d-----w- C:\Downloads
    2010-04-05 11:40 . 2010-04-05 12:00 -------- d-----w- c:\program files\IVCsoft
    2010-04-05 09:52 . 2010-04-05 09:52 -------- d-----w- c:\documents and settings\TITI\Application Data\widestream
    2010-04-02 16:08 . 2010-04-02 16:08 -------- d-----w- c:\documents and settings\TITI\Bluetooth Software
    2010-04-02 16:06 . 2007-03-31 05:02 55352 ----a-w- c:\windows\system32\drivers\btwhid.sys
    2010-04-02 16:06 . 2007-03-23 02:50 149123 ----a-w- c:\windows\system32\drivers\btwdndis.sys
    2010-04-02 16:06 . 2007-03-23 02:50 37424 ----a-w- c:\windows\system32\drivers\btport.sys
    2010-04-02 16:06 . 2007-03-31 05:02 876384 ----a-w- c:\windows\system32\drivers\btkrnl.sys
    2010-04-02 16:06 . 2007-03-23 02:49 539072 ----a-w- c:\windows\system32\drivers\btaudio.sys
    2010-04-02 16:06 . 2010-04-02 16:06 -------- d-----w- c:\program files\WIDCOMM
    2010-04-02 16:04 . 2007-03-23 02:50 67960 ----a-w- c:\windows\system32\drivers\btwusb.sys
    2010-04-02 16:04 . 2007-03-23 02:50 106557 ----a-r- c:\windows\system32\btw_ci.dll
    2010-04-01 09:33 . 2010-04-01 09:33 -------- d-----w- c:\documents and settings\TITI\Local Settings\Application Data\Identities
    2010-04-01 09:29 . 2010-04-01 09:29 -------- d-----w- c:\windows\system32\XPSViewer
    2010-04-01 09:29 . 2010-04-01 09:29 -------- d-----w- c:\program files\MSBuild
    2010-04-01 09:29 . 2010-04-01 09:29 -------- d-----w- c:\program files\Reference Assemblies
    2010-04-01 09:29 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
    2010-04-01 09:28 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
    2010-04-01 09:28 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
    2010-04-01 09:28 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
    2010-04-01 09:28 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
    2010-04-01 09:28 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
    2010-04-01 09:28 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
    2010-04-01 09:28 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
    2010-04-01 09:28 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
    2010-03-31 18:44 . 2010-03-31 18:44 -------- d-----w- c:\documents and settings\TITI\Local Settings\Application Data\Geckofx
    2010-03-31 18:44 . 2010-04-18 15:24 -------- d-----w- c:\program files\AviSynth 2.5
    2010-03-31 18:44 . 2010-03-31 18:44 -------- d-----w- c:\program files\Red Kawa
    2010-03-31 18:06 . 2010-03-31 18:06 -------- d-----w- c:\documents and settings\TITI\Application Data\Apowersoft
    2010-03-28 13:07 . 2007-03-12 21:34 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
    2010-03-28 13:07 . 2007-03-12 21:34 77312 ----a-w- c:\windows\system32\ztvunace26.dll
    2010-03-28 13:07 . 2007-03-12 21:34 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
    2010-03-28 13:07 . 2010-04-05 09:56 -------- d-----w- c:\documents and settings\TITI\Application Data\OfferBox
    2010-03-28 12:47 . 2000-05-16 08:40 83968 ----a-w- c:\windows\UnGins.exe
    2010-03-28 08:26 . 2010-04-15 05:54 754984 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll
    2010-03-28 08:26 . 2010-04-15 05:54 1180952 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
    2010-03-28 08:26 . 2010-03-28 08:26 56978 ----a-w- c:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
    2010-03-28 08:26 . 2010-03-28 08:26 53600 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Update\Uninstaller.exe
    2010-03-28 08:26 . 2010-03-28 08:26 52963 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
    2010-03-28 08:26 . 2010-03-28 08:26 54073 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
    2010-03-28 08:26 . 2010-03-28 08:26 -------- d-----w- c:\program files\Fichiers communs\DivX Shared
    2010-03-28 08:24 . 2010-04-15 05:56 -------- d-----w- c:\program files\DivX
    2010-03-28 08:23 . 2010-04-15 05:57 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX
    2010-03-27 19:54 . 2010-03-07 09:53 14336 ----a-w- c:\documents and settings\TITI\Application Data\Mozilla\Firefox\Profiles\i4ghek4v.default\extensions\radiobar@toolbar\components\toolbarhomewmp.dll
    2010-03-27 19:45 . 2010-03-27 19:45 1036288 ----a-w- c:\documents and settings\TITI\Application Data\Mozilla\Firefox\Profiles\i4ghek4v.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash\components\IBitCometExtension.dll
    2010-03-27 19:45 . 2010-04-05 15:31 -------- d-----w- c:\program files\BitComet
    2010-03-25 11:44 . 2010-03-25 11:44 -------- d-----w- c:\documents and settings\TITI\Local Settings\Application Data\Help
    2010-03-22 16:59 . 2010-03-22 16:59 -------- d-----w- c:\program files\hp photosmart
    2010-03-22 16:58 . 2010-04-13 11:51 -------- d-----w- C:\temp
    2010-03-22 16:58 . 2010-03-22 16:58 -------- d-----w- c:\temp\photosmart
    2010-03-22 16:47 . 2008-04-13 18:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
    2010-03-22 16:47 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-04-20 15:47 . 2010-04-20 15:47 8 ----a-w- c:\documents and settings\NetworkService\Application Data\kcmdte.dat
    2010-04-20 07:14 . 2010-03-13 19:17 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
    2010-04-20 07:14 . 2010-03-13 19:17 0 ----a-w- c:\windows\system32\drivers\logiflt.iad
    2010-04-18 15:05 . 2010-03-13 17:06 44696 ----a-w- c:\documents and settings\TITI\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2010-04-14 10:47 . 2010-03-14 07:25 -------- d-----w- c:\program files\Cossacks - Back To War
    2010-04-11 11:37 . 2010-03-19 21:49 -------- d-----w- c:\documents and settings\TITI\Application Data\FileZilla
    2010-04-06 18:14 . 2010-03-13 20:23 411368 ----a-w- c:\windows\system32\deploytk.dll
    2010-04-06 13:13 . 2010-03-13 19:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Logitech
    2010-04-06 13:13 . 2010-03-13 19:14 -------- d-----w- c:\program files\Fichiers communs\LogiShrd
    2010-04-06 13:13 . 2010-03-13 20:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Logishrd
    2010-04-06 13:13 . 2010-04-06 13:13 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
    2010-04-06 13:12 . 2010-03-13 19:14 -------- d-----w- c:\program files\Logitech
    2010-04-06 13:07 . 2003-04-24 12:00 80508 ----a-w- c:\windows\system32\perfc00C.dat
    2010-04-06 13:07 . 2003-04-24 12:00 500482 ----a-w- c:\windows\system32\perfh00C.dat
    2010-04-06 13:07 . 2010-03-13 19:16 -------- d--h--w- c:\program files\InstallShield Installation Information
    2010-04-05 12:25 . 2010-03-16 09:40 -------- d-----w- c:\documents and settings\TITI\Application Data\BitComet
    2010-04-05 08:25 . 2010-03-15 20:38 -------- d-----w- c:\documents and settings\TITI\Application Data\vlc
    2010-04-05 08:25 . 2010-03-16 16:36 -------- d-----w- c:\documents and settings\TITI\Application Data\dvdcss
    2010-04-02 07:41 . 2010-04-02 07:41 -------- d-----w- c:\documents and settings\TITI\Application Data\FreeAudioPack
    2010-03-27 15:57 . 2010-03-14 08:20 -------- d-----w- c:\program files\Postal2STP
    2010-03-27 09:36 . 2010-03-19 21:48 -------- d-----w- c:\program files\FileZilla FTP Client
    2010-03-20 09:56 . 2010-03-20 09:56 -------- d-----w- c:\documents and settings\TITI\Application Data\TeamViewer
    2010-03-20 09:30 . 2010-03-14 08:37 -------- d-----w- c:\documents and settings\TITI\Application Data\Winamp
    2010-03-19 16:33 . 2010-03-14 08:37 -------- d-----w- c:\program files\Winamp
    2010-03-19 16:29 . 2010-03-19 16:27 -------- d-----w- c:\program files\SHOUTcast
    2010-03-19 08:59 . 2010-03-19 08:59 -------- d-----w- c:\documents and settings\TITI\Application Data\Leadertech
    2010-03-17 10:32 . 2010-03-17 10:32 -------- d-----w- c:\program files\MSXML 4.0
    2010-03-16 17:31 . 2010-03-16 17:31 -------- d-----w- c:\documents and settings\TITI\Application Data\Nero
    2010-03-16 17:28 . 2010-03-16 17:22 -------- d-----w- c:\program files\Fichiers communs\Nero
    2010-03-16 17:22 . 2010-03-16 17:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
    2010-03-16 17:22 . 2010-03-16 17:22 -------- d-----w- c:\program files\Nero
    2010-03-16 17:16 . 2010-03-16 17:16 -------- d-----w- c:\documents and settings\TITI\Application Data\DivX
    2010-03-16 16:48 . 2010-03-14 10:49 -------- d-----w- c:\program files\Audacity
    2010-03-15 20:38 . 2010-03-15 20:38 -------- d-----w- c:\program files\VideoLAN
    2010-03-14 13:43 . 2010-03-14 13:40 -------- d-----w- c:\program files\WinAVI MP4 Converter
    2010-03-14 13:14 . 2010-03-14 13:14 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
    2010-03-14 10:26 . 2010-03-14 10:26 -------- d-----w- c:\program files\Realtek AC97
    2010-03-14 10:23 . 2010-03-13 20:41 -------- d-----w- c:\program files\Fichiers communs\InstallShield
    2010-03-14 10:01 . 2010-03-14 10:00 -------- d-----w- c:\program files\ANI
    2010-03-14 10:00 . 2010-03-13 21:00 -------- d-----w- c:\program files\D-Link
    2010-03-14 10:00 . 2010-03-14 10:00 -------- d-----w- c:\documents and settings\TITI\Application Data\InstallShield
    2010-03-14 09:55 . 2010-03-14 09:55 -------- d-----w- c:\program files\Fichiers communs\Adobe
    2010-03-14 08:37 . 2010-03-14 08:37 -------- d-----w- c:\program files\Winamp Detect
    2010-03-14 08:15 . 2010-03-13 20:16 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
    2010-03-14 08:02 . 2010-03-13 19:38 -------- d-----w- c:\program files\Windows Media Connect 2
    2010-03-14 07:49 . 2010-03-13 19:04 -------- d-----w- c:\program files\IZArc
    2010-03-14 07:31 . 2010-03-14 07:31 -------- d-----w- c:\program files\GUILD WARS
    2010-03-14 07:25 . 2010-03-14 07:25 53248 ----a-w- c:\windows\system32\unrar.dll
    2010-03-13 21:03 . 2010-03-13 21:03 -------- d-----w- c:\program files\K-Lite Codec Pack
    2010-03-13 20:31 . 2010-03-13 19:56 -------- d-----w- c:\program files\Messenger Plus! Live
    2010-03-13 20:29 . 2010-03-13 20:29 -------- d-----w- c:\program files\NOS
    2010-03-13 20:26 . 2010-03-13 20:26 -------- d-----w- c:\program files\Microsoft
    2010-03-13 20:26 . 2010-03-13 19:07 -------- d-----w- c:\program files\Windows Live
    2010-03-13 20:26 . 2010-03-13 20:26 -------- d-----w- c:\program files\Windows Live SkyDrive
    2010-03-13 20:22 . 2010-03-13 18:37 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
    2010-03-13 20:16 . 2010-03-13 20:02 -------- d-----w- c:\program files\Mozilla Firefox(2)
    2010-03-13 20:02 . 2010-03-13 20:02 0 ----a-w- c:\windows\nsreg.dat
    2010-03-13 19:56 . 2010-03-13 19:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
    2010-03-13 19:27 . 2010-03-13 19:27 -------- d-----w- c:\program files\Fichiers communs\Java
    2010-03-13 19:05 . 2010-03-13 19:05 -------- d-----w- c:\program files\Fichiers communs\Windows Live
    2010-03-13 18:37 . 2010-03-13 18:37 -------- d-----w- c:\program files\Avira
    2010-03-13 18:37 . 2010-03-13 18:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
    2010-03-13 17:37 . 2010-03-13 16:07 86327 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
    2010-03-13 16:08 . 2010-03-13 16:08 -------- d-----w- c:\program files\microsoft frontpage
    2010-03-13 16:05 . 2010-03-13 16:05 21892 ----a-w- c:\windows\system32\emptyregdb.dat
    2010-03-13 16:05 . 2010-03-13 16:05 -------- d-----w- c:\program files\Services en ligne
    2010-03-10 06:16 . 2003-04-24 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll
    2010-02-25 06:17 . 2003-04-24 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-02-24 13:11 . 2003-04-24 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
    2010-02-18 23:52 . 2010-02-18 23:52 48816 ----a-w- c:\documents and settings\TITI\Application Data\GameRanger\GameRanger\Data\GameRangerLaunch.dll
    2010-02-18 23:52 . 2010-02-18 23:52 155312 ----a-w- c:\documents and settings\TITI\Application Data\GameRanger\GameRanger\Data\GameRanger.dll
    2010-02-17 12:07 . 2003-04-24 12:00 2192000 ----a-w- c:\windows\system32\ntoskrnl.exe
    2010-02-16 19:07 . 2002-08-29 11:42 2068864 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2010-02-12 10:03 . 2010-03-13 18:08 293376 ------w- c:\windows\system32\browserchoice.exe
    2010-02-12 04:34 . 2003-04-24 12:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
    2010-02-11 12:02 . 2003-04-24 12:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
    2010-01-21 10:46 . 2010-03-14 12:51 441168 ----a-w- c:\documents and settings\TITI\Application Data\Mozilla\Firefox\Profiles\i4ghek4v.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" [2007-08-03 202024]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
    "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
    "Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
    "ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 49152]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
    "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 1828136]
    "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2003-01-30 196608]
    "HPHmon03"="c:\windows\system32\hphmon03.exe" [2003-01-30 311296]
    "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-03-05 1135912]
    "NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-12-20 131072]
    "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-01-27 1312848]
    "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-02-18 248040]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

    c:\documents and settings\TITI\Menu D‚marrer\Programmes\D‚marrage\
    Logitech . Enregistrement du produit.lnk - c:\program files\Fichiers communs\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]
    monxga32.exe [2008-4-14 29696]

    c:\documents and settings\TITI\Menu D‚marrer\Programmes\D‚marrage\
    Logitech . Enregistrement du produit.lnk - c:\program files\Fichiers communs\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]
    monxga32.exe [2008-4-14 29696]

    c:\documents and settings\TITI\Menu D‚marrer\Programmes\D‚marrage\
    Logitech . Enregistrement du produit.lnk - c:\program files\Fichiers communs\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]
    monxga32.exe [2008-4-14 29696]

    c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-1 568176]

    c:\documents and settings\TITI\Menu D‚marrer\Programmes\D‚marrage\
    Logitech . Enregistrement du produit.lnk - c:\program files\Fichiers communs\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]
    monxga32.exe [2008-4-14 29696]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
    2010-01-29 21:17 64592 ----a-w- c:\program files\Fichiers communs\LogiShrd\Bluetooth\LBTWLgn.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"

    [HKLM\~\startupfolder\C:^Documents and Settings^TITI^Menu Démarrer^Programmes^Démarrage^Logitech . Enregistrement du produit.lnk]
    path=c:\documents and settings\TITI\Menu Démarrer\Programmes\Démarrage\Logitech . Enregistrement du produit.lnk
    backup=c:\windows\pss\Logitech . Enregistrement du produit.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D-Link AirPlus G DWL-G510]
    2008-10-20 11:22 1556480 ----a-w- c:\program files\D-Link\AirPlus G DWL-G510\AirGCFG.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
    2009-10-14 12:36 2793304 ----a-w- c:\program files\Logitech\Logitech WebCam Software\LWS.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
    2007-04-16 14:28 577536 ----a-w- c:\windows\soundman.exe

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Postal2STP\\System\\Postal2MP.exe"=
    "c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
    "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
    "c:\\Program Files\\Cossacks - Back To War\\dmcr.exe"=
    "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
    "c:\\WINDOWS\\system32\\dplaysvr.exe"=
    "c:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"=
    "c:\\Documents and Settings\\TITI\\Application Data\\GameRanger\\GameRanger\\GameRanger.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "19655:TCP"= 19655:TCP:BitComet 19655 TCP
    "19655:UDP"= 19655:UDP:BitComet 19655 UDP
    "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

    R0 SI3112r;Silicon Image SiI 3112 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [13/03/2010 18:26 97408]
    R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [13/03/2010 20:37 108289]
    R3 Dot4Usb HPH09;Dot4Usb HPH09;c:\windows\system32\drivers\hphius09.sys [30/01/2003 19:55 18864]
    R3 yukonx86;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter;c:\windows\system32\drivers\yukonx86.sys [13/03/2010 18:27 176256]

    --- Autres Services/Pilotes en mémoire ---

    *NewlyCreated* - PGMPGDI
    *Deregistered* - pgmpgdi

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    getPlusHelper REG_MULTI_SZ getPlusHelper
    .
    Contenu du dossier 'Tâches planifiées'

    2010-04-20 c:\windows\Tasks\User_Feed_Synchronization-{994FAF03-F86D-4D57-A630-A3B178546BCF}.job
    - c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
    .
    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://www.google.fr/
    IE: Add to AMV Converter... - c:\program files\MP3 Player Utilities 4.15\AMVConverter\grab.html
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: MediaManager tool grab multimedia file - c:\program files\MP3 Player Utilities 4.15\MediaManager\grab.html
    FF - ProfilePath - c:\documents and settings\TITI\Application Data\Mozilla\Firefox\Profiles\i4ghek4v.default\
    FF - prefs.js: browser.startup.homepage - google.fr
    FF - component: c:\documents and settings\TITI\Application Data\Mozilla\Firefox\Profiles\i4ghek4v.default\extensions\{12e4c684-c03e-4e4d-85bc-0c065e7a9489}\components\WinampPlayer.dll
    FF - component: c:\documents and settings\TITI\Application Data\Mozilla\Firefox\Profiles\i4ghek4v.default\extensions\radiobar@toolbar\components\toolbarhomewmp.dll
    FF - component: c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
    FF - plugin: c:\documents and settings\TITI\Application Data\Mozilla\Firefox\Profiles\i4ghek4v.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll
    FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

    ---- PARAMETRES FIREFOX ----
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
    c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
    c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    HKLM-Run-Cmaudio - cmicnfg.cpl



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-04-20 19:37
    Windows 5.1.2600 Service Pack 3 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pgmpgdi]

    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•9~*]
    "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'winlogon.exe'(504)
    c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll
    .
    Heure de fin: 2010-04-20 19:39:07
    ComboFix-quarantined-files.txt 2010-04-20 17:38

    Avant-CF: 23 067 025 408 octets libres
    Après-CF: 23 747 125 248 octets libres

    WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect /NoExecute=OptIn

    - - End Of File - - CC43DAA4E5515FDB689A4AFBC3FE536E



    ComboFix 10-04-19.08 - TITI 20/04/2010 19:28:21.1.1 - x86
    Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1535.947 [GMT 2:00]
    Lancé depuis: d:\téléchargements\ComboFix.exe
    AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\documents and settings\TITI\Application Data\avdrn.dat
    c:\documents and settings\TITI\Application Data\inst.exe

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2010-03-20 au 2010-04-20 ))))))))))))))))))))))))))))))))))))
    .

    2010-04-20 15:48 . 2010-04-20 17:37 859648 ----a-w- c:\windows\system32\drivers\pgmpgdi.sys
    2010-04-20 08:33 . 2010-04-20 08:35 -------- d-----w- c:\program files\Software Informer
    2010-04-18 15:25 . 2010-04-18 15:45 -------- d-----w- c:\program files\DAudioK
    2010-04-18 13:13 . 2010-04-18 14:53 -------- d-----w- c:\program files\Free MKV Video2Dvd
    2010-04-18 13:09 . 2010-04-18 13:13 -------- d-----w- c:\documents and settings\TITI\Application Data\Vso
    2010-04-18 13:09 . 2010-04-18 13:13 47360 ----a-w- c:\documents and settings\TITI\Application Data\pcouffin.sys
    2010-04-18 13:09 . 2010-04-18 13:09 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
    2010-04-18 11:37 . 2010-04-18 11:37 -------- d-----w- c:\documents and settings\TITI\Application Data\Blender Foundation
    2010-04-17 09:41 . 2010-04-17 09:43 -------- d-----w- c:\program files\Windows Live Safety Center
    2010-04-16 17:50 . 2010-04-16 17:50 -------- d-----w- c:\documents and settings\TITI\Local Settings\Application Data\TouchStoneSoftware
    2010-04-15 05:57 . 2010-04-15 05:57 57344 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll
    2010-04-15 05:56 . 2010-04-15 05:56 56766 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
    2010-04-15 05:56 . 2010-04-15 05:56 57409 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
    2010-04-15 05:54 . 2010-04-15 05:54 144696 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe
    2010-04-11 08:35 . 2010-04-11 08:35 -------- d-----w- c:\documents and settings\TITI\Application Data\GameRanger
    2010-04-11 08:01 . 2010-04-17 08:50 -------- d---a-w- C:\Navilog1
    2010-04-11 08:01 . 2010-04-17 08:48 -------- d-----w- c:\program files\navilog1
    2010-04-09 00:17 . 2010-04-09 00:17 1220272 ----a-w- c:\documents and settings\TITI\Application Data\GameRanger\GameRanger\GameRanger.exe
    2010-04-07 11:50 . 2010-04-07 11:51 -------- d-----w- c:\documents and settings\TITI\Local Settings\Application Data\WMTools Downloaded Files
    2010-04-06 18:14 . 2010-04-06 18:14 -------- d-----w- c:\program files\Java
    2010-04-06 13:13 . 2010-04-06 13:13 53248 ----a-r- c:\documents and settings\TITI\Application Data\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
    2010-04-06 13:13 . 2010-04-06 13:13 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
    2010-04-06 13:13 . 2008-11-07 16:55 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
    2010-04-06 13:07 . 2010-04-06 13:07 -------- d-----w- c:\program files\NVIDIA Corporation
    2010-04-06 13:07 . 2010-04-06 13:07 -------- d-----w- c:\program files\Fichiers communs\NVIDIA Shared
    2010-04-06 13:06 . 2010-04-06 13:13 -------- d-----w- c:\documents and settings\TITI\Application Data\Logitech
    2010-04-06 13:06 . 2010-04-06 13:07 -------- d-----w- c:\documents and settings\TITI\Application Data\Logishrd
    2010-04-05 17:31 . 2010-04-05 18:05 -------- d-----w- c:\program files\Dofus
    2010-04-05 15:47 . 2010-04-05 19:48 -------- d-----w- c:\windows\system32\NtmsData
    2010-04-05 13:03 . 2010-04-05 13:03 56 ---ha-w- c:\windows\system32\ezsidmv.dat
    2010-04-05 13:03 . 2010-04-13 16:19 -------- d-----w- c:\documents and settings\TITI\Application Data\skypePM
    2010-04-05 13:03 . 2010-04-13 16:19 -------- d-----w- c:\documents and settings\TITI\Application Data\Skype
    2010-04-05 13:03 . 2010-04-05 13:03 -------- d-----w- c:\program files\Fichiers communs\Skype
    2010-04-05 13:03 . 2010-04-05 13:03 -------- d-----r- c:\program files\Skype
    2010-04-05 13:02 . 2010-04-05 13:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
    2010-04-05 12:26 . 2010-03-30 11:35 311296 ----a-w- c:\windows\system32\TubeFinder.exe
    2010-04-05 12:26 . 2010-04-05 12:28 -------- d-----w- c:\documents and settings\TITI\Application Data\FreeFLVConverter
    2010-04-05 12:26 . 2010-04-05 12:27 -------- d-----w- c:\program files\Free FLV Converter
    2010-04-05 12:26 . 2009-06-19 16:51 9728 ----a-w- c:\windows\system32\PCCLPFR.DLL
    2010-04-05 12:21 . 2010-04-05 12:21 -------- d-----w- C:\Downloads
    2010-04-05 11:40 . 2010-04-05 12:00 -------- d-----w- c:\program files\IVCsoft
    2010-04-05 09:52 . 2010-04-05 09:52 -------- d-----w- c:\documents and settings\TITI\Application Data\widestream
    2010-04-02 16:08 . 2010-04-02 16:08 -------- d-----w- c:\documents and settings\TITI\Bluetooth Software
    2010-04-02 16:06 . 2007-03-31 05:02 55352 ----a-w- c:\windows\system32\drivers\btwhid.sys
    2010-04-02 16:06 . 2007-03-23 02:50 149123 ----a-w- c:\windows\system32\drivers\btwdndis.sys
    2010-04-02 16:06 . 2007-03-23 02:50 37424 ----a-w- c:\windows\system32\drivers\btport.sys
    2010-04-02 16:06 . 2007-03-31 05:02 876384 ----a-w- c:\windows\system32\drivers\btkrnl.sys
    2010-04-02 16:06 . 2007-03-23 02:49 539072 ----a-w- c:\windows\system32\drivers\btaudio.sys
    2010-04-02 16:06 . 2010-04-02 16:06 -------- d-----w- c:\program files\WIDCOMM
    2010-04-02 16:04 . 2007-03-23 02:50 67960 ----a-w- c:\windows\system32\drivers\btwusb.sys
    2010-04-02 16:04 . 2007-03-23 02:50 106557 ----a-r- c:\windows\system32\btw_ci.dll
    2010-04-01 09:33 . 2010-04-01 09:33 -------- d-----w- c:\documents and settings\TITI\Local Settings\Application Data\Identities
    2010-04-01 09:29 . 2010-04-01 09:29 -------- d-----w- c:\windows\system32\XPSViewer
    2010-04-01 09:29 . 2010-04-01 09:29 -------- d-----w- c:\program files\MSBuild
    2010-04-01 09:29 . 2010-04-01 09:29 -------- d-----w- c:\program files\Reference Assemblies
    2010-04-01 09:29 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
    2010-04-01 09:28 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
    2010-04-01 09:28 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
    2010-04-01 09:28 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
    2010-04-01 09:28 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
    2010-04-01 09:28 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
    2010-04-01 09:28 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
    2010-04-01 09:28 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
    2010-04-01 09:28 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
    2010-03-31 18:44 . 2010-03-31 18:44 -------- d-----w- c:\documents and settings\TITI\Local Settings\Application Data\Geckofx
    2010-03-31 18:44 . 2010-04-18 15:24 -------- d-----w- c:\program files\AviSynth 2.5
    2010-03-31 18:44 . 2010-03-31 18:44 -------- d-----w- c:\program files\Red Kawa
    2010-03-31 18:06 . 2010-03-31 18:06 -------- d-----w- c:\documents and settings\TITI\Application Data\Apowersoft
    2010-03-28 13:07 . 2007-03-12 21:34 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
    2010-03-28 13:07 . 2007-03-12 21:34 77312 ----a-w- c:\windows\system32\ztvunace26.dll
    2010-03-28 13:07 . 2007-03-12 21:34 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
    2010-03-28 13:07 . 2010-04-05 09:56 -------- d-----w- c:\documents and settings\TITI\Application Data\OfferBox
    2010-03-28 12:47 . 2000-05-16 08:40 83968 ----a-w- c:\windows\UnGins.exe
    2010-03-28 08:26 . 2010-04-15 05:54 754984 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll
    2010-03-28 08:26 . 2010-04-15 05:54 1180952 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
    2010-03-28 08:26 . 2010-03-28 08:26 56978 ----a-w- c:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
    2010-03-28 08:26 . 2010-03-28 08:26 53600 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Update\Uninstaller.exe
    2010-03-28 08:26 . 2010-03-28 08:26 52963 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
    2010-03-28 08:26 . 2010-03-28 08:26 54073 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
    2010-03-28 08:26 . 2010-03-28 08:26 -------- d-----w- c:\program files\Fichiers communs\DivX Shared
    2010-03-28 08:24 . 2010-04-15 05:56 -------- d-----w- c:\program files\DivX
    2010-03-28 08:23 . 2010-04-15 05:57 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX
    2010-03-27 19:54 . 2010-03-07 09:53 14336 ----a-w- c:\documents and settings\TITI\Application Data\Mozilla\Firefox\Profiles\i4ghek4v.default\extensions\radiobar@toolbar\components\toolbarhomewmp.dll
    2010-03-27 19:45 . 2010-03-27 19:45 1036288 ----a-w- c:\documents and settings\TITI\Application Data\Mozilla\Firefox\Profiles\i4ghek4v.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash\components\IBitCometExtension.dll
    2010-03-27 19:45 . 2010-04-05 15:31 -------- d-----w- c:\program files\BitComet
    2010-03-25 11:44 . 2010-03-25 11:44 -------- d-----w- c:\documents and settings\TITI\Local Settings\Application Data\Help
    2010-03-22 16:59 . 2010-03-22 16:59 -------- d-----w- c:\program files\hp photosmart
    2010-03-22 16:58 . 2010-04-13 11:51 -------- d-----w- C:\temp
    2010-03-22 16:58 . 2010-03-22 16:58 -------- d-----w- c:\temp\photosmart
    2010-03-22 16:47 . 2008-04-13 18:47 25856 -c--a-w- c:\windows\system32\dllcache\usbprint.sys
    2010-03-22 16:47 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-04-20 15:47 . 2010-04-20 15:47 8 ----a-w- c:\documents and settings\NetworkService\Application Data\kcmdte.dat
    2010-04-20 07:14 . 2010-03-13 19:17 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
    2010-04-20 07:14 . 2010-03-13 19:17 0 ----a-w- c:\windows\system32\drivers\logiflt.iad
    2010-04-18 15:05 . 2010-03-13 17:06 44696 ----a-w- c:\documents and settings\TITI\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2010-04-14 10:47 . 2010-03-14 07:25 -------- d-----w- c:\program files\Cossacks - Back To War
    2010-04-11 11:37 . 2010-03-19 21:49 -------- d-----w- c:\documents and settings\TITI\Application Data\FileZilla
    2010-04-06 18:14 . 2010-03-13 20:23 411368 ----a-w- c:\windows\system32\deploytk.dll
    2010-04-06 13:13 . 2010-03-13 19:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Logitech
    2010-04-06 13:13 . 2010-03-13 19:14 -------- d-----w- c:\program files\Fichiers communs\LogiShrd
    2010-04-06 13:13 . 2010-03-13 20:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Logishrd
    2010-04-06 13:13 . 2010-04-06 13:13 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
    2010-04-06 13:12 . 2010-03-13 19:14 -------- d-----w- c:\program files\Logitech
    2010-04-06 13:07 . 2003-04-24 12:00 80508 ----a-w- c:\windows\system32\perfc00C.dat
    2010-04-06 13:07 . 2003-04-24 12:00 500482 ----a-w- c:\windows\system32\perfh00C.dat
    2010-04-06 13:07 . 2010-03-13 19:16 -------- d--h--w- c:\program files\InstallShield Installation Information
    2010-04-05 12:25 . 2010-03-16 09:40 -------- d-----w- c:\documents and settings\TITI\Application Data\BitComet
    2010-04-05 08:25 . 2010-03-15 20:38 -------- d-----w- c:\documents and settings\TITI\Application Data\vlc
    2010-04-05 08:25 . 2010-03-16 16:36 -------- d-----w- c:\documents and settings\TITI\Application Data\dvdcss
    2010-04-02 07:41 . 2010-04-02 07:41 -------- d-----w- c:\documents and settings\TITI\Application Data\FreeAudioPack
    2010-03-27 15:57 . 2010-03-14 08:20 -------- d-----w- c:\program files\Postal2STP
    2010-03-27 09:36 . 2010-03-19 21:48 -------- d-----w- c:\program files\FileZilla FTP Client
    2010-03-20 09:56 . 2010-03-20 09:56 -------- d-----w- c:\documents and settings\TITI\Application Data\TeamViewer
    2010-03-20 09:30 . 2010-03-14 08:37 -------- d-----w- c:\documents and settings\TITI\Application Data\Winamp
    2010-03-19 16:33 . 2010-03-14 08:37 -------- d-----w- c:\program files\Winamp
    2010-03-19 16:29 . 2010-03-19 16:27 -------- d-----w- c:\program files\SHOUTcast
    2010-03-19 08:59 . 2010-03-19 08:59 -------- d-----w- c:\documents and settings\TITI\Application Data\Leadertech
    2010-03-17 10:32 . 2010-03-17 10:32 -------- d-----w- c:\program files\MSXML 4.0
    2010-03-16 17:31 . 2010-03-16 17:31 -------- d-----w- c:\documents and settings\TITI\Application Data\Nero
    2010-03-16 17:28 . 2010-03-16 17:22 -------- d-----w- c:\program files\Fichiers communs\Nero
    2010-03-16 17:22 . 2010-03-16 17:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
    2010-03-16 17:22 . 2010-03-16 17:22 -------- d-----w- c:\program files\Nero
    2010-03-16 17:16 . 2010-03-16 17:16 -------- d-----w- c:\documents and settings\TITI\Application Data\DivX
    2010-03-16 16:48 . 2010-03-14 10:49 -------- d-----w- c:\program files\Audacity
    2010-03-15 20:38 . 2010-03-15 20:38 -------- d-----w- c:\program files\VideoLAN
    2010-03-14 13:43 . 2010-03-14 13:40 -------- d-----w- c:\program files\WinAVI MP4 Converter
    2010-03-14 13:14 . 2010-03-14 13:14 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
    2010-03-14 10:26 . 2010-03-14 10:26 -------- d-----w- c:\program files\Realtek AC97
    2010-03-14 10:23 . 2010-03-13 20:41 -------- d-----w- c:\program files\Fichiers communs\InstallShield
    2010-03-14 10:01 . 2010-03-14 10:00 -------- d-----w- c:\program files\ANI
    2010-03-14 10:00 . 2010-03-13 21:00 -------- d-----w- c:\program files\D-Link
    2010-03-14 10:00 . 2010-03-14 10:00 -------- d-----w- c:\documents and settings\TITI\Application Data\InstallShield
    2010-03-14 09:55 . 2010-03-14 09:55 -------- d-----w- c:\program files\Fichiers communs\Adobe
    2010-03-14 08:37 . 2010-03-14 08:37 -------- d-----w- c:\program files\Winamp Detect
    2010-03-14 08:15 . 2010-03-13 20:16 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
    2010-03-14 08:02 . 2010-03-13 19:38 -------- d-----w- c:\program files\Windows Media Connect 2
    2010-03-14 07:49 . 2010-03-13 19:04 -------- d-----w- c:\program files\IZArc
    2010-03-14 07:31 . 2010-03-14 07:31 -------- d-----w- c:\program files\GUILD WARS
    2010-03-14 07:25 . 2010-03-14 07:25 53248 ----a-w- c:\windows\system32\unrar.dll
    2010-03-13 21:03 . 2010-03-13 21:03 -------- d-----w- c:\program files\K-Lite Codec Pack
    2010-03-13 20:31 . 2010-03-13 19:56 -------- d-----w- c:\program files\Messenger Plus! Live
    2010-03-13 20:29 . 2010-03-13 20:29 -------- d-----w- c:\program files\NOS
    2010-03-13 20:26 . 2010-03-13 20:26 -------- d-----w- c:\program files\Microsoft
    2010-03-13 20:26 . 2010-03-13 19:07 -------- d-----w- c:\program files\Windows Live
    2010-03-13 20:26 . 2010-03-13 20:26 -------- d-----w- c:\program files\Windows Live SkyDrive
    2010-03-13 20:22 . 2010-03-13 18:37 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
    2010-03-13 20:16 . 2010-03-13 20:02 -------- d-----w- c:\program files\Mozilla Firefox(2)
    2010-03-13 20:02 . 2010-03-13 20:02 0 ----a-w- c:\windows\nsreg.dat
    2010-03-13 19:56 . 2010-03-13 19:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
    2010-03-13 19:27 . 2010-03-13 19:27 -------- d-----w- c:\program files\Fichiers communs\Java
    2010-03-13 19:05 . 2010-03-13 19:05 -------- d-----w- c:\program files\Fichiers communs\Windows Live
    2010-03-13 18:37 . 2010-03-13 18:37 -------- d-----w- c:\program files\Avira
    2010-03-13 18:37 . 2010-03-13 18:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
    2010-03-13 17:37 . 2010-03-13 16:07 86327 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
    2010-03-13 16:08 . 2010-03-13 16:08 -------- d-----w- c:\program files\microsoft frontpage
    2010-03-13 16:05 . 2010-03-13 16:05 21892 ----a-w- c:\windows\system32\emptyregdb.dat
    2010-03-13 16:05 . 2010-03-13 16:05 -------- d-----w- c:\program files\Services en ligne
    2010-03-10 06:16 . 2003-04-24 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll
    2010-02-25 06:17 . 2003-04-24 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-02-24 13:11 . 2003-04-24 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
    2010-02-18 23:52 . 2010-02-18 23:52 48816 ----a-w- c:\documents and settings\TITI\Application Data\GameRanger\GameRanger\Data\GameRangerLaunch.dll
    2010-02-18 23:52 . 2010-02-18 23:52 155312 ----a-w- c:\documents and settings\TITI\Application Data\GameRanger\GameRanger\Data\GameRanger.dll
    2010-02-17 12:07 . 2003-04-24 12:00 2192000 ----a-w- c:\windows\system32\ntoskrnl.exe
    2010-02-16 19:07 . 2002-08-29 11:42 2068864 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2010-02-12 10:03 . 2010-03-13 18:08 293376 ------w- c:\windows\system32\browserchoice.exe
    2010-02-12 04:34 . 2003-04-24 12:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
    2010-02-11 12:02 . 2003-04-24 12:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
    2010-01-21 10:46 . 2010-03-14 12:51 441168 ----a-w- c:\documents and settings\TITI\Application Data\Mozilla\Firefox\Profiles\i4ghek4v.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" [2007-08-03 202024]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
    "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
    "Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
    "ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 49152]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
    "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 1828136]
    "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2003-01-30 196608]
    "HPHmon03"="c:\windows\system32\hphmon03.exe" [2003-01-30 311296]
    "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-03-05 1135912]
    "NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-12-20 131072]
    "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-01-27 1312848]
    "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-02-18 248040]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

    c:\documents and settings\TITI\Menu D‚marrer\Programmes\D‚marrage\
    Logitech . Enregistrement du produit.lnk - c:\program files\Fichiers communs\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]
    monxga32.exe [2008-4-14 29696]

    c:\documents and settings\TITI\Menu D‚marrer\Programmes\D‚marrage\
    Logitech . Enregistrement du produit.lnk - c:\program files\Fichiers communs\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]
    monxga32.exe [2008-4-14 29696]

    c:\documents and settings\TITI\Menu D‚marrer\Programmes\D‚marrage\
    Logitech . Enregistrement du produit.lnk - c:\program files\Fichiers communs\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]
    monxga32.exe [2008-4-14 29696]

    c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-1 568176]

    c:\documents and settings\TITI\Menu D‚marrer\Programmes\D‚marrage\
    Logitech . Enregistrement du produit.lnk - c:\program files\Fichiers communs\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]
    monxga32.exe [2008-4-14 29696]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
    2010-01-29 21:17 64592 ----a-w- c:\program files\Fichiers communs\LogiShrd\Bluetooth\LBTWLgn.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"

    [HKLM\~\startupfolder\C:^Documents and Settings^TITI^Menu Démarrer^Programmes^Démarrage^Logitech . Enregistrement du produit.lnk]
    path=c:\documents and settings\TITI\Menu Démarrer\Programmes\Démarrage\Logitech . Enregistrement du produit.lnk
    backup=c:\windows\pss\Logitech . Enregistrement du produit.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D-Link AirPlus G DWL-G510]
    2008-10-20 11:22 1556480 ----a-w- c:\program files\D-Link\AirPlus G DWL-G510\AirGCFG.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
    2009-10-14 12:36 2793304 ----a-w- c:\program files\Logitech\Logitech WebCam Software\LWS.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
    2007-04-16 14:28 577536 ----a-w- c:\windows\soundman.exe

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Postal2STP\\System\\Postal2MP.exe"=
    "c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
    "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
    "c:\\Program Files\\Cossacks - Back To War\\dmcr.exe"=
    "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
    "c:\\WINDOWS\\system32\\dplaysvr.exe"=
    "c:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"=
    "c:\\Documents and Settings\\TITI\\Application Data\\GameRanger\\GameRanger\\GameRanger.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "19655:TCP"= 19655:TCP:BitComet 19655 TCP
    "19655:UDP"= 19655:UDP:BitComet 19655 UDP
    "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

    R0 SI3112r;Silicon Image SiI 3112 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [13/03/2010 18:26 97408]
    R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [13/03/2010 20:37 108289]
    R3 Dot4Usb HPH09;Dot4Usb HPH09;c:\windows\system32\drivers\hphius09.sys [30/01/2003 19:55 18864]
    R3 yukonx86;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter;c:\windows\system32\drivers\yukonx86.sys [13/03/2010 18:27 176256]

    --- Autres Services/Pilotes en mémoire ---

    *NewlyCreated* - PGMPGDI
    *Deregistered* - pgmpgdi

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    getPlusHelper REG_MULTI_SZ getPlusHelper
    .
    Contenu du dossier 'Tâches planifiées'

    2010-04-20 c:\windows\Tasks\User_Feed_Synchronization-{994FAF03-F86D-4D57-A630-A3B178546BCF}.job
    - c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
    .
    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://www.google.fr/
    IE: Add to AMV Converter... - c:\program files\MP3 Player Utilities 4.15\AMVConverter\grab.html
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: MediaManager tool grab multimedia file - c:\program files\MP3 Player Utilities 4.15\MediaManager\grab.html
    FF - ProfilePath - c:\documents and settings\TITI\Application Data\Mozilla\Firefox\Profiles\i4ghek4v.default\
    FF - prefs.js: browser.startup.homepage - google.fr
    FF - component: c:\documents and settings\TITI\Application Data\Mozilla\Firefox\Profiles\i4ghek4v.default\extensions\{12e4c684-c03e-4e4d-85bc-0c065e7a9489}\components\WinampPlayer.dll
    FF - component: c:\documents and settings\TITI\Application Data\Mozilla\Firefox\Profiles\i4ghek4v.default\extensions\radiobar@toolbar\components\toolbarhomewmp.dll
    FF - component: c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
    FF - plugin: c:\documents and settings\TITI\Application Data\Mozilla\Firefox\Profiles\i4ghek4v.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll
    FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

    ---- PARAMETRES FIREFOX ----
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
    c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
    c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    HKLM-Run-Cmaudio - cmicnfg.cpl



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-04-20 19:37
    Windows 5.1.2600 Service Pack 3 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pgmpgdi]

    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•9~*]
    "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'winlogon.exe'(504)
    c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll
    .
    Heure de fin: 2010-04-20 19:39:07
    ComboFix-quarantined-files.txt 2010-04-20 17:38

    Avant-CF: 23 067 025 408 octets libres
    Après-CF: 23 747 125 248 octets libres

    WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
    [boot loader]
    timeout=2
    default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
    [operating systems]
    c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
    multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /fastdetect /NoExecute=OptIn

    - - End Of File - - CC43DAA4E5515FDB689A4AFBC3FE536E






    Toujours ces fichus messages d'erreurs, je pourrais éteindre mon pc sans soucis ou pas ?
    a c 267 8 Sécurité
    a b 9 Windows
    20 Avril 2010 20:29:13

    /!\ Seul futur256 peut suivre cette procédure /!\

    Désactive toute protection résidente (Antivirus...) !

    ---> Copie (CTRL+C) le texte se situant dans le cadre ci-dessous :

    KillAll::

    File::
    c:\windows\system32\drivers\pgmpgdi.sys
    c:\documents and settings\TITI\Menu Démarrer\Programmes\Démarrage\monxga32.exe

    Registry::
    [-HKEY_LOCAL_MACHINE\System\ControlSet001\Services\pgmpgdi]

    ---> Ouvre le Bloc-notes : Démarrer > Tous les programmes > Accessoires > Bloc-notes.

    - Colle (CTRL+V) le texte dans le Bloc-notes.
    - Enregistre ce fichier dans : Bureau
    - Nom du fichier : CFScript
    - Type du fichier : tous les fichiers !!
    - Clique sur Enregistrer.
    - Quitte le Bloc-notes.

    ---> Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture :



  • Cela va relancer Combofix : au message qui apparaît, accepte.
  • Patiente le temps du scan. Le Bureau va disparaître à plusieurs reprises : c'est normal !
  • Ne touche à rien tant que le scan n'est pas terminé.
  • Une fois le scan achevé, un rapport va s'afficher, copie/colle son contenu sur le forum.
  • Si le fichier ne s'ouvre pas, il se trouve ici : C:\ComboFix.txt

    ;) 
    21 Avril 2010 11:34:44

    Bonjour,

    J'ai des mauvaises nouvelles, ça va être long mais ça ne fait rien, je pense que c'est de ma faute.

    J'ai désactivé pour commencer mon antivirus et j'ai fait tout ce que vous m'avez dit, j'ai commencé le scan et au bout de 20 minutes j'ai dû partir.
    Devant partir au lycée je me suis dit "Je ne vais pas laisser mon pc allumé pendant 3h" j'ai donc fait un shutdown -s -t 1800 pour qu'il s'éteigne dans une demie-heure je me suis dit c'est suffisant...
    Je suis revenu et à ma grande surprise, ordinateur toujours allumé. Je rallume l'écran et là je vois antivirus qui a crié avec Combofix derrière et plus de barre démarrer, j'ai fait "Ne rien faire" et à l'aide de Alt et Tab je regarde ce qui est ouvert et bizarre, plus de Combofix plus rien. CTRL + ALT + SUPPR et même comme ça rien d'ouvert... J'ai donc ouvert explorer.exe pour faire revenir la barre démarré et effectivement plus rien, j'ai redémarré l'ordinateur et j'ai eu la trouille car impossible de démarrer l'ordinateur j'ai dû passé en sans échec et restaurer au point de restauration de Combofix.

    Que dois-je faire alors maintenant sachant qu'il n'y a même pas le rapport à l'endroit où vous m'avez dit ?
    a c 267 8 Sécurité
    a b 9 Windows
    21 Avril 2010 17:35:56

    Refais un scan avec ComboFix.
    21 Avril 2010 19:26:43

    ComboFix 10-04-20.04 - TITI 21/04/2010 18:37:12.2.1 - x86
    Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1535.1151 [GMT 2:00]
    Lancé depuis: c:\documents and settings\TITI\Bureau\ComboFix.exe
    AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    c:\windows\system32\driVERs\pgmpgdi.sys
    c:\windows\system32\fjhdyfhsn.bat

    .
    ((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_pgmpgdi
    -------\Service_pgmpgdi


    ((((((((((((((((((((((((((((( Fichiers créés du 2010-03-21 au 2010-04-21 ))))))))))))))))))))))))))))))))))))
    .

    2010-04-21 13:32 . 2010-04-21 13:32 -------- d-----w- c:\windows\system32\wbem\Repository
    2010-04-21 13:30 . 2010-04-21 13:31 -------- d-s---w- c:\documents and settings\Administrateur.ÉTIENNE
    2010-04-21 13:03 . 2010-04-21 13:31 -------- d-----w- c:\program files\Free Audio Pack
    2010-04-21 09:22 . 2010-04-21 13:31 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Microsoft
    2010-04-21 09:22 . 2010-04-21 13:31 -------- d-----w- c:\documents and settings\Administrateur\Modèles
    2010-04-21 09:22 . 2010-03-13 19:17 -------- d-----w- c:\documents and settings\Administrateur\IETldCache
    2010-04-21 09:22 . 2010-04-21 13:31 -------- d-s---w- c:\documents and settings\Administrateur
    2010-04-20 08:33 . 2010-04-20 08:35 -------- d-----w- c:\program files\Software Informer
    2010-04-18 15:25 . 2010-04-18 15:45 -------- d-----w- c:\program files\DAudioK
    2010-04-18 13:13 . 2010-04-18 14:53 -------- d-----w- c:\program files\Free MKV Video2Dvd
    2010-04-18 13:09 . 2010-04-18 13:13 -------- d-----w- c:\documents and settings\TITI\Application Data\Vso
    2010-04-18 13:09 . 2010-04-18 13:13 47360 ----a-w- c:\documents and settings\TITI\Application Data\pcouffin.sys
    2010-04-18 13:09 . 2010-04-18 13:09 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
    2010-04-18 11:37 . 2010-04-18 11:37 -------- d-----w- c:\documents and settings\TITI\Application Data\Blender Foundation
    2010-04-17 09:41 . 2010-04-17 09:43 -------- d-----w- c:\program files\Windows Live Safety Center
    2010-04-16 17:50 . 2010-04-16 17:50 -------- d-----w- c:\documents and settings\TITI\Local Settings\Application Data\TouchStoneSoftware
    2010-04-15 05:57 . 2010-04-15 05:57 57344 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll
    2010-04-15 05:56 . 2010-04-15 05:56 56766 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
    2010-04-15 05:56 . 2010-04-15 05:56 57409 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
    2010-04-15 05:54 . 2010-04-15 05:54 144696 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe
    2010-04-11 08:35 . 2010-04-11 08:35 -------- d-----w- c:\documents and settings\TITI\Application Data\GameRanger
    2010-04-11 08:01 . 2010-04-17 08:50 -------- d---a-w- C:\Navilog1
    2010-04-11 08:01 . 2010-04-17 08:48 -------- d-----w- c:\program files\navilog1
    2010-04-09 00:17 . 2010-04-09 00:17 1220272 ----a-w- c:\documents and settings\TITI\Application Data\GameRanger\GameRanger\GameRanger.exe
    2010-04-07 11:50 . 2010-04-07 11:51 -------- d-----w- c:\documents and settings\TITI\Local Settings\Application Data\WMTools Downloaded Files
    2010-04-06 18:14 . 2010-04-06 18:14 -------- d-----w- c:\program files\Java
    2010-04-06 13:13 . 2010-04-06 13:13 53248 ----a-r- c:\documents and settings\TITI\Application Data\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
    2010-04-06 13:13 . 2010-04-06 13:13 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
    2010-04-06 13:13 . 2008-11-07 16:55 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
    2010-04-06 13:07 . 2010-04-06 13:07 -------- d-----w- c:\program files\NVIDIA Corporation
    2010-04-06 13:07 . 2010-04-06 13:07 -------- d-----w- c:\program files\Fichiers communs\NVIDIA Shared
    2010-04-06 13:06 . 2010-04-06 13:13 -------- d-----w- c:\documents and settings\TITI\Application Data\Logitech
    2010-04-06 13:06 . 2010-04-06 13:07 -------- d-----w- c:\documents and settings\TITI\Application Data\Logishrd
    2010-04-05 17:31 . 2010-04-05 18:05 -------- d-----w- c:\program files\Dofus
    2010-04-05 15:47 . 2010-04-05 19:48 -------- d-----w- c:\windows\system32\NtmsData
    2010-04-05 13:03 . 2010-04-05 13:03 56 ---ha-w- c:\windows\system32\ezsidmv.dat
    2010-04-05 13:03 . 2010-04-13 16:19 -------- d-----w- c:\documents and settings\TITI\Application Data\skypePM
    2010-04-05 13:03 . 2010-04-13 16:19 -------- d-----w- c:\documents and settings\TITI\Application Data\Skype
    2010-04-05 13:03 . 2010-04-05 13:03 -------- d-----w- c:\program files\Fichiers communs\Skype
    2010-04-05 13:03 . 2010-04-05 13:03 -------- d-----r- c:\program files\Skype
    2010-04-05 13:02 . 2010-04-05 13:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
    2010-04-05 12:26 . 2010-03-30 11:35 311296 ----a-w- c:\windows\system32\TubeFinder.exe
    2010-04-05 12:26 . 2010-04-05 12:28 -------- d-----w- c:\documents and settings\TITI\Application Data\FreeFLVConverter
    2010-04-05 12:26 . 2010-04-05 12:27 -------- d-----w- c:\program files\Free FLV Converter
    2010-04-05 12:26 . 2009-06-19 16:51 9728 ----a-w- c:\windows\system32\PCCLPFR.DLL
    2010-04-05 12:21 . 2010-04-05 12:21 -------- d-----w- C:\Downloads
    2010-04-05 11:40 . 2010-04-05 12:00 -------- d-----w- c:\program files\IVCsoft
    2010-04-05 09:52 . 2010-04-05 09:52 -------- d-----w- c:\documents and settings\TITI\Application Data\widestream
    2010-04-02 16:08 . 2010-04-02 16:08 -------- d-----w- c:\documents and settings\TITI\Bluetooth Software
    2010-04-02 16:06 . 2007-03-31 05:02 55352 ----a-w- c:\windows\system32\drivers\btwhid.sys
    2010-04-02 16:06 . 2007-03-23 02:50 149123 ----a-w- c:\windows\system32\drivers\btwdndis.sys
    2010-04-02 16:06 . 2007-03-23 02:50 37424 ----a-w- c:\windows\system32\drivers\btport.sys
    2010-04-02 16:06 . 2007-03-31 05:02 876384 ----a-w- c:\windows\system32\drivers\btkrnl.sys
    2010-04-02 16:06 . 2007-03-23 02:49 539072 ----a-w- c:\windows\system32\drivers\btaudio.sys
    2010-04-02 16:06 . 2010-04-02 16:06 -------- d-----w- c:\program files\WIDCOMM
    2010-04-02 16:04 . 2007-03-23 02:50 67960 ----a-w- c:\windows\system32\drivers\btwusb.sys
    2010-04-02 16:04 . 2007-03-23 02:50 106557 ----a-r- c:\windows\system32\btw_ci.dll
    2010-04-01 09:33 . 2010-04-01 09:33 -------- d-----w- c:\documents and settings\TITI\Local Settings\Application Data\Identities
    2010-04-01 09:29 . 2010-04-01 09:29 -------- d-----w- c:\windows\system32\XPSViewer
    2010-04-01 09:29 . 2010-04-01 09:29 -------- d-----w- c:\program files\MSBuild
    2010-04-01 09:29 . 2010-04-01 09:29 -------- d-----w- c:\program files\Reference Assemblies
    2010-04-01 09:29 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
    2010-04-01 09:28 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
    2010-04-01 09:28 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
    2010-04-01 09:28 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
    2010-04-01 09:28 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll
    2010-04-01 09:28 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
    2010-04-01 09:28 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
    2010-04-01 09:28 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
    2010-04-01 09:28 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
    2010-03-31 18:44 . 2010-03-31 18:44 -------- d-----w- c:\documents and settings\TITI\Local Settings\Application Data\Geckofx
    2010-03-31 18:44 . 2010-04-18 15:24 -------- d-----w- c:\program files\AviSynth 2.5
    2010-03-31 18:44 . 2010-03-31 18:44 -------- d-----w- c:\program files\Red Kawa
    2010-03-31 18:06 . 2010-03-31 18:06 -------- d-----w- c:\documents and settings\TITI\Application Data\Apowersoft
    2010-03-28 13:07 . 2007-03-12 21:34 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
    2010-03-28 13:07 . 2007-03-12 21:34 77312 ----a-w- c:\windows\system32\ztvunace26.dll
    2010-03-28 13:07 . 2007-03-12 21:34 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
    2010-03-28 13:07 . 2010-04-05 09:56 -------- d-----w- c:\documents and settings\TITI\Application Data\OfferBox
    2010-03-28 12:47 . 2000-05-16 08:40 83968 ----a-w- c:\windows\UnGins.exe
    2010-03-28 08:26 . 2010-04-15 05:54 754984 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll
    2010-03-28 08:26 . 2010-04-15 05:54 1180952 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
    2010-03-28 08:26 . 2010-03-28 08:26 56978 ----a-w- c:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
    2010-03-28 08:26 . 2010-03-28 08:26 53600 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Update\Uninstaller.exe
    2010-03-28 08:26 . 2010-03-28 08:26 52963 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
    2010-03-28 08:26 . 2010-03-28 08:26 54073 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
    2010-03-28 08:26 . 2010-03-28 08:26 -------- d-----w- c:\program files\Fichiers communs\DivX Shared
    2010-03-28 08:24 . 2010-04-15 05:56 -------- d-----w- c:\program files\DivX
    2010-03-28 08:23 . 2010-04-15 05:57 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX
    2010-03-27 19:54 . 2010-03-07 09:53 14336 ----a-w- c:\documents and settings\TITI\Application Data\Mozilla\Firefox\Profiles\i4ghek4v.default\extensions\radiobar@toolbar\components\toolbarhomewmp.dll
    2010-03-27 19:45 . 2010-03-27 19:45 1036288 ----a-w- c:\documents and settings\TITI\Application Data\Mozilla\Firefox\Profiles\i4ghek4v.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash\components\IBitCometExtension.dll
    2010-03-27 19:45 . 2010-04-05 15:31 -------- d-----w- c:\program files\BitComet
    2010-03-25 11:44 . 2010-03-25 11:44 -------- d-----w- c:\documents and settings\TITI\Local Settings\Application Data\Help

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-04-21 05:18 . 2010-04-21 05:18 12 ----a-w- c:\windows\system32\config\systemprofile\Application Data\kcmdte.dat
    2010-04-20 15:47 . 2010-04-20 15:47 8 ----a-w- c:\documents and settings\NetworkService\Application Data\kcmdte.dat
    2010-04-20 07:14 . 2010-03-13 19:17 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
    2010-04-20 07:14 . 2010-03-13 19:17 0 ----a-w- c:\windows\system32\drivers\logiflt.iad
    2010-04-18 15:05 . 2010-03-13 17:06 44696 ----a-w- c:\documents and settings\TITI\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2010-04-14 10:47 . 2010-03-14 07:25 -------- d-----w- c:\program files\Cossacks - Back To War
    2010-04-11 11:37 . 2010-03-19 21:49 -------- d-----w- c:\documents and settings\TITI\Application Data\FileZilla
    2010-04-06 18:14 . 2010-03-13 20:23 411368 ----a-w- c:\windows\system32\deploytk.dll
    2010-04-06 13:13 . 2010-03-13 19:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Logitech
    2010-04-06 13:13 . 2010-03-13 19:14 -------- d-----w- c:\program files\Fichiers communs\LogiShrd
    2010-04-06 13:13 . 2010-03-13 20:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Logishrd
    2010-04-06 13:13 . 2010-04-06 13:13 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
    2010-04-06 13:12 . 2010-03-13 19:14 -------- d-----w- c:\program files\Logitech
    2010-04-06 13:07 . 2003-04-24 12:00 80508 ----a-w- c:\windows\system32\perfc00C.dat
    2010-04-06 13:07 . 2003-04-24 12:00 500482 ----a-w- c:\windows\system32\perfh00C.dat
    2010-04-06 13:07 . 2010-03-13 19:16 -------- d--h--w- c:\program files\InstallShield Installation Information
    2010-04-05 12:25 . 2010-03-16 09:40 -------- d-----w- c:\documents and settings\TITI\Application Data\BitComet
    2010-04-05 08:25 . 2010-03-15 20:38 -------- d-----w- c:\documents and settings\TITI\Application Data\vlc
    2010-04-05 08:25 . 2010-03-16 16:36 -------- d-----w- c:\documents and settings\TITI\Application Data\dvdcss
    2010-04-02 07:41 . 2010-04-02 07:41 -------- d-----w- c:\documents and settings\TITI\Application Data\FreeAudioPack
    2010-03-27 15:57 . 2010-03-14 08:20 -------- d-----w- c:\program files\Postal2STP
    2010-03-27 09:36 . 2010-03-19 21:48 -------- d-----w- c:\program files\FileZilla FTP Client
    2010-03-22 16:59 . 2010-03-22 16:59 -------- d-----w- c:\program files\hp photosmart
    2010-03-20 09:56 . 2010-03-20 09:56 -------- d-----w- c:\documents and settings\TITI\Application Data\TeamViewer
    2010-03-20 09:30 . 2010-03-14 08:37 -------- d-----w- c:\documents and settings\TITI\Application Data\Winamp
    2010-03-19 16:33 . 2010-03-14 08:37 -------- d-----w- c:\program files\Winamp
    2010-03-19 16:29 . 2010-03-19 16:27 -------- d-----w- c:\program files\SHOUTcast
    2010-03-19 08:59 . 2010-03-19 08:59 -------- d-----w- c:\documents and settings\TITI\Application Data\Leadertech
    2010-03-17 10:32 . 2010-03-17 10:32 -------- d-----w- c:\program files\MSXML 4.0
    2010-03-16 17:31 . 2010-03-16 17:31 -------- d-----w- c:\documents and settings\TITI\Application Data\Nero
    2010-03-16 17:28 . 2010-03-16 17:22 -------- d-----w- c:\program files\Fichiers communs\Nero
    2010-03-16 17:22 . 2010-03-16 17:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
    2010-03-16 17:22 . 2010-03-16 17:22 -------- d-----w- c:\program files\Nero
    2010-03-16 17:16 . 2010-03-16 17:16 -------- d-----w- c:\documents and settings\TITI\Application Data\DivX
    2010-03-16 16:48 . 2010-03-14 10:49 -------- d-----w- c:\program files\Audacity
    2010-03-15 20:38 . 2010-03-15 20:38 -------- d-----w- c:\program files\VideoLAN
    2010-03-14 13:43 . 2010-03-14 13:40 -------- d-----w- c:\program files\WinAVI MP4 Converter
    2010-03-14 13:14 . 2010-03-14 13:14 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
    2010-03-14 10:26 . 2010-03-14 10:26 -------- d-----w- c:\program files\Realtek AC97
    2010-03-14 10:23 . 2010-03-13 20:41 -------- d-----w- c:\program files\Fichiers communs\InstallShield
    2010-03-14 10:01 . 2010-03-14 10:00 -------- d-----w- c:\program files\ANI
    2010-03-14 10:00 . 2010-03-13 21:00 -------- d-----w- c:\program files\D-Link
    2010-03-14 10:00 . 2010-03-14 10:00 -------- d-----w- c:\documents and settings\TITI\Application Data\InstallShield
    2010-03-14 09:55 . 2010-03-14 09:55 -------- d-----w- c:\program files\Fichiers communs\Adobe
    2010-03-14 08:37 . 2010-03-14 08:37 -------- d-----w- c:\program files\Winamp Detect
    2010-03-14 08:15 . 2010-03-13 20:16 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
    2010-03-14 08:02 . 2010-03-13 19:38 -------- d-----w- c:\program files\Windows Media Connect 2
    2010-03-14 07:49 . 2010-03-13 19:04 -------- d-----w- c:\program files\IZArc
    2010-03-14 07:31 . 2010-03-14 07:31 -------- d-----w- c:\program files\GUILD WARS
    2010-03-14 07:25 . 2010-03-14 07:25 53248 ----a-w- c:\windows\system32\unrar.dll
    2010-03-13 21:03 . 2010-03-13 21:03 -------- d-----w- c:\program files\K-Lite Codec Pack
    2010-03-13 20:31 . 2010-03-13 19:56 -------- d-----w- c:\program files\Messenger Plus! Live
    2010-03-13 20:29 . 2010-03-13 20:29 -------- d-----w- c:\program files\NOS
    2010-03-13 20:26 . 2010-03-13 20:26 -------- d-----w- c:\program files\Microsoft
    2010-03-13 20:26 . 2010-03-13 19:07 -------- d-----w- c:\program files\Windows Live
    2010-03-13 20:26 . 2010-03-13 20:26 -------- d-----w- c:\program files\Windows Live SkyDrive
    2010-03-13 20:22 . 2010-03-13 18:37 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
    2010-03-13 20:16 . 2010-03-13 20:02 -------- d-----w- c:\program files\Mozilla Firefox(2)
    2010-03-13 20:02 . 2010-03-13 20:02 0 ----a-w- c:\windows\nsreg.dat
    2010-03-13 19:56 . 2010-03-13 19:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
    2010-03-13 19:27 . 2010-03-13 19:27 -------- d-----w- c:\program files\Fichiers communs\Java
    2010-03-13 19:05 . 2010-03-13 19:05 -------- d-----w- c:\program files\Fichiers communs\Windows Live
    2010-03-13 18:37 . 2010-03-13 18:37 -------- d-----w- c:\program files\Avira
    2010-03-13 18:37 . 2010-03-13 18:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
    2010-03-13 17:37 . 2010-03-13 16:07 86327 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
    2010-03-13 16:08 . 2010-03-13 16:08 -------- d-----w- c:\program files\microsoft frontpage
    2010-03-13 16:05 . 2010-03-13 16:05 21892 ----a-w- c:\windows\system32\emptyregdb.dat
    2010-03-13 16:05 . 2010-03-13 16:05 -------- d-----w- c:\program files\Services en ligne
    2010-03-10 06:16 . 2003-04-24 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll
    2010-02-25 06:17 . 2003-04-24 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-02-24 13:11 . 2003-04-24 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
    2010-02-18 23:52 . 2010-02-18 23:52 48816 ----a-w- c:\documents and settings\TITI\Application Data\GameRanger\GameRanger\Data\GameRangerLaunch.dll
    2010-02-18 23:52 . 2010-02-18 23:52 155312 ----a-w- c:\documents and settings\TITI\Application Data\GameRanger\GameRanger\Data\GameRanger.dll
    2010-02-17 12:07 . 2003-04-24 12:00 2192000 ----a-w- c:\windows\system32\ntoskrnl.exe
    2010-02-16 19:07 . 2002-08-29 11:42 2068864 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2010-02-12 10:03 . 2010-03-13 18:08 293376 ------w- c:\windows\system32\browserchoice.exe
    2010-02-12 04:34 . 2003-04-24 12:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
    2010-02-11 12:02 . 2003-04-24 12:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
    .

    ((((((((((((((((((((((((((((( SnapShot@2010-04-20_17.37.06 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2010-04-21 17:12 . 2010-04-21 17:12 16384 c:\windows\Temp\Perflib_Perfdata_2fc.dat
    + 2010-04-21 15:18 . 2010-04-21 15:18 16384 c:\windows\Temp\Perflib_Perfdata_274.dat
    + 2010-03-13 16:10 . 2010-04-21 05:18 32768 c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
    - 2010-03-13 16:10 . 2010-04-20 15:47 32768 c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
    + 2010-04-21 05:18 . 2010-04-21 05:18 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
    - 2010-03-13 16:10 . 2010-04-20 15:47 16384 c:\windows\system32\config\systemprofile\Cookies\index.dat
    + 2010-04-21 17:12 . 2009-10-07 00:47 109080 c:\windows\Temp\logishrd\LVPrcInj01.dll
    + 2010-03-13 20:16 . 2010-04-21 13:33 233172 c:\windows\system32\Restore\rstrlog.dat
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" [2007-08-03 202024]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
    "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
    "Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
    "ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 49152]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
    "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 1828136]
    "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2003-01-30 196608]
    "HPHmon03"="c:\windows\system32\hphmon03.exe" [2003-01-30 311296]
    "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-03-05 1135912]
    "NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-12-20 131072]
    "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-01-27 1312848]
    "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-02-18 248040]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

    c:\documents and settings\TITI\Menu D‚marrer\Programmes\D‚marrage\
    Logitech . Enregistrement du produit.lnk - c:\program files\Fichiers communs\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]
    monxga32.exe [2008-4-14 29696]

    c:\documents and settings\TITI\Menu D‚marrer\Programmes\D‚marrage\
    Logitech . Enregistrement du produit.lnk - c:\program files\Fichiers communs\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]
    monxga32.exe [2008-4-14 29696]

    c:\documents and settings\TITI\Menu D‚marrer\Programmes\D‚marrage\
    Logitech . Enregistrement du produit.lnk - c:\program files\Fichiers communs\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]
    monxga32.exe [2008-4-14 29696]

    c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-1 568176]

    c:\documents and settings\TITI\Menu D‚marrer\Programmes\D‚marrage\
    Logitech . Enregistrement du produit.lnk - c:\program files\Fichiers communs\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]
    monxga32.exe [2008-4-14 29696]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
    2010-01-29 21:17 64592 ----a-w- c:\program files\Fichiers communs\LogiShrd\Bluetooth\LBTWLgn.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"

    [HKLM\~\startupfolder\C:^Documents and Settings^TITI^Menu Démarrer^Programmes^Démarrage^Logitech . Enregistrement du produit.lnk]
    path=c:\documents and settings\TITI\Menu Démarrer\Programmes\Démarrage\Logitech . Enregistrement du produit.lnk
    backup=c:\windows\pss\Logitech . Enregistrement du produit.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D-Link AirPlus G DWL-G510]
    2008-10-20 11:22 1556480 ----a-w- c:\program files\D-Link\AirPlus G DWL-G510\AirGCFG.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
    2009-10-14 12:36 2793304 ----a-w- c:\program files\Logitech\Logitech WebCam Software\LWS.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
    2007-04-16 14:28 577536 ----a-w- c:\windows\soundman.exe

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Postal2STP\\System\\Postal2MP.exe"=
    "c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
    "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
    "c:\\Program Files\\Cossacks - Back To War\\dmcr.exe"=
    "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
    "c:\\WINDOWS\\system32\\dplaysvr.exe"=
    "c:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"=
    "c:\\Documents and Settings\\TITI\\Application Data\\GameRanger\\GameRanger\\GameRanger.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "19655:TCP"= 19655:TCP:BitComet 19655 TCP
    "19655:UDP"= 19655:UDP:BitComet 19655 UDP
    "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

    R0 SI3112r;Silicon Image SiI 3112 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [13/03/2010 18:26 97408]
    R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [13/03/2010 20:37 108289]
    R3 Dot4Usb HPH09;Dot4Usb HPH09;c:\windows\system32\drivers\hphius09.sys [30/01/2003 19:55 18864]
    R3 yukonx86;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter;c:\windows\system32\drivers\yukonx86.sys [13/03/2010 18:27 176256]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    getPlusHelper REG_MULTI_SZ getPlusHelper
    .
    Contenu du dossier 'Tâches planifiées'

    2010-04-21 c:\windows\Tasks\User_Feed_Synchronization-{994FAF03-F86D-4D57-A630-A3B178546BCF}.job
    - c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
    .
    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://www.google.fr/
    IE: Add to AMV Converter... - c:\program files\MP3 Player Utilities 4.15\AMVConverter\grab.html
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: MediaManager tool grab multimedia file - c:\program files\MP3 Player Utilities 4.15\MediaManager\grab.html
    FF - ProfilePath - c:\documents and settings\TITI\Application Data\Mozilla\Firefox\Profiles\i4ghek4v.default\
    FF - prefs.js: browser.startup.homepage - google.fr
    FF - component: c:\documents and settings\TITI\Application Data\Mozilla\Firefox\Profiles\i4ghek4v.default\extensions\{12e4c684-c03e-4e4d-85bc-0c065e7a9489}\components\WinampPlayer.dll
    FF - component: c:\documents and settings\TITI\Application Data\Mozilla\Firefox\Profiles\i4ghek4v.default\extensions\radiobar@toolbar\components\toolbarhomewmp.dll
    FF - component: c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
    FF - plugin: c:\documents and settings\TITI\Application Data\Mozilla\Firefox\Profiles\i4ghek4v.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll
    FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

    ---- PARAMETRES FIREFOX ----
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
    c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
    c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    AddRemove-HijackThis - d:\téléchargements\HijackThis.exe



    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-04-21 19:20
    Windows 5.1.2600 Service Pack 3 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•9~*]
    "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'winlogon.exe'(1032)
    c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll

    - - - - - - - > 'explorer.exe'(1160)
    c:\windows\TEMP\logishrd\LVPrcInj01.dll
    c:\windows\system32\btmmhook.dll
    c:\windows\system32\webcheck.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\btncopy.dll
    c:\windows\system32\eappprxy.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    ------------------------ Autres processus actifs ------------------------
    .
    c:\program files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
    c:\windows\system32\RUNDLL32.EXE
    c:\program files\Fichiers communs\LogiShrd\KHAL3\KHALMNPR.EXE
    c:\program files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
    c:\program files\Avira\AntiVir Desktop\avguard.exe
    c:\program files\Java\jre6\bin\jqs.exe
    c:\program files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
    c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
    c:\windows\system32\nvsvc32.exe
    c:\program files\Fichiers communs\Nero\Lib\NMIndexingService.exe
    c:\program files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
    c:\windows\system32\HPHipm09.exe
    .
    **************************************************************************
    .
    Heure de fin: 2010-04-21 19:23:24 - La machine a redémarré
    ComboFix-quarantined-files.txt 2010-04-21 17:22
    ComboFix2.txt 2010-04-20 17:39

    Avant-CF: 23 485 722 624 octets libres
    Après-CF: 23 397 494 784 octets libres

    - - End Of File - - 7A5AE729A1710584BD9268AB456407F2
    a c 267 8 Sécurité
    a b 9 Windows
    21 Avril 2010 21:14:31

  • Télécharge Malwarebytes' Anti-Malware (MBAM) sur ton Bureau.
  • Double-clique sur le fichier téléchargé pour lancer le processus d'installation.
  • Dans l'onglet Mise à jour, clique sur le bouton Recherche de mise à jour : si le pare-feu demande l'autorisation à MBAM de se connecter à Internet, accepte.
  • Une fois la mise à jour terminée, rends-toi dans l'onglet Recherche.
  • Sélectionne Exécuter un examen rapide.
  • Clique sur Rechercher. L'analyse démarre.
  • A la fin de l'analyse, un message s'affiche :
    Citation :
    L'examen s'est terminé normalement. Cliquez sur 'Afficher les résultats' pour afficher tous les objets trouvés.

  • Clique sur OK pour poursuivre. Si MBAM n'a rien trouvé, il te le dira aussi.
  • Ferme tes navigateurs.
  • Si des malwares ont été détectés, clique sur Afficher les résultats.
  • Sélectionne tout (ou laisse coché) et clique sur Supprimer la sélection, MBAM va détruire les fichiers et clés de registre infectés et en mettre une copie dans la quarantaine.
  • MBAM va ouvrir le Bloc-notes et y copier le rapport d'analyse. Copie-colle ce rapport dans ta prochaine réponse.
    22 Avril 2010 08:56:04

    Malwarebytes' Anti-Malware 1.45
    www.malwarebytes.org

    Version de la base de données: 4020

    Windows 5.1.2600 Service Pack 3
    Internet Explorer 8.0.6001.18702

    22/04/2010 08:49:20
    mbam-log-2010-04-22 (08-49-20).txt

    Type d'examen: Examen rapide
    Elément(s) analysé(s): 113192
    Temps écoulé: 1 heure(s), 10 minute(s), 30 seconde(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 1

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\Documents and Settings\TITI\Menu Démarrer\Programmes\Démarrage\monxga32.exe (Trojan.Agent) -> Delete on reboot.
    a c 267 8 Sécurité
    a b 9 Windows
    22 Avril 2010 16:21:19

  • Relance MBAM, va dans Quarantaine et supprime tout.

  • Menu Démarrer > Exécuter > Tape ComboFix /u et valide.

  • Mets à jour Java.

    Plus de souci ?
    22 Avril 2010 19:11:25

    Bonsoir,

    MBAM quarantaine était vide.
    À quoi sert ComboFix /u ?

    Merci à vous.
    Plus de soucis non !
    a c 267 8 Sécurité
    a b 9 Windows
    22 Avril 2010 19:23:00

    ComboFix /uninstall

    Désolé...
    22 Avril 2010 19:52:06

    Ops, j'ai un rapport du coup.
    Pas grave. Au cas où :


    ComboFix 10-04-21.01 - TITI 22/04/2010 19:41:34.3.1 - x86
    Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1535.1133 [GMT 2:00]
    Lancé depuis: c:\documents and settings\TITI\Bureau\ComboFix.exe
    Commutateurs utilisés :: /u
    AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7}
    .

    ((((((((((((((((((((((((((((( Fichiers créés du 2010-03-22 au 2010-04-22 ))))))))))))))))))))))))))))))))))))
    .

    2010-04-22 05:56 . 2008-09-24 19:33 484352 ----a-w- c:\windows\system32\lame_enc.dll
    2010-04-22 05:56 . 2003-03-18 20:20 1060864 ----a-w- c:\windows\system32\MFC71.dll
    2010-04-22 05:56 . 2003-02-21 03:42 348160 ----a-w- c:\windows\system32\msvcr71.dll
    2010-04-22 05:56 . 2000-11-29 01:07 307200 ----a-w- c:\windows\system32\msvcr70.dll
    2010-04-22 05:36 . 2010-04-22 05:36 -------- d-----w- c:\documents and settings\TITI\Application Data\Malwarebytes
    2010-04-22 05:36 . 2010-03-29 22:46 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2010-04-22 05:36 . 2010-04-22 05:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
    2010-04-22 05:36 . 2010-04-22 05:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2010-04-22 05:36 . 2010-03-29 22:45 20824 ----a-w- c:\windows\system32\drivers\mbam.sys
    2010-04-21 13:32 . 2010-04-21 13:32 -------- d-----w- c:\windows\system32\wbem\Repository
    2010-04-21 13:30 . 2010-04-21 13:31 -------- d-s---w- c:\documents and settings\Administrateur.ÉTIENNE
    2010-04-21 13:03 . 2010-04-22 05:57 -------- d-----w- c:\program files\Free Audio Pack
    2010-04-21 09:22 . 2010-04-21 13:31 -------- d-----w- c:\documents and settings\Administrateur\Local Settings\Application Data\Microsoft
    2010-04-21 09:22 . 2010-04-21 13:31 -------- d-----w- c:\documents and settings\Administrateur\Modèles
    2010-04-21 09:22 . 2010-03-13 19:17 -------- d-----w- c:\documents and settings\Administrateur\IETldCache
    2010-04-21 09:22 . 2010-04-21 13:31 -------- d-s---w- c:\documents and settings\Administrateur
    2010-04-20 08:33 . 2010-04-20 08:35 -------- d-----w- c:\program files\Software Informer
    2010-04-18 15:25 . 2010-04-18 15:45 -------- d-----w- c:\program files\DAudioK
    2010-04-18 13:13 . 2010-04-18 14:53 -------- d-----w- c:\program files\Free MKV Video2Dvd
    2010-04-18 13:09 . 2010-04-18 13:13 -------- d-----w- c:\documents and settings\TITI\Application Data\Vso
    2010-04-18 13:09 . 2010-04-18 13:13 47360 ----a-w- c:\documents and settings\TITI\Application Data\pcouffin.sys
    2010-04-18 13:09 . 2010-04-18 13:09 47360 ----a-w- c:\windows\system32\drivers\pcouffin.sys
    2010-04-18 11:37 . 2010-04-18 11:37 -------- d-----w- c:\documents and settings\TITI\Application Data\Blender Foundation
    2010-04-17 09:41 . 2010-04-17 09:43 -------- d-----w- c:\program files\Windows Live Safety Center
    2010-04-16 17:50 . 2010-04-16 17:50 -------- d-----w- c:\documents and settings\TITI\Local Settings\Application Data\TouchStoneSoftware
    2010-04-15 05:57 . 2010-04-15 05:57 57344 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.dll
    2010-04-15 05:56 . 2010-04-15 05:56 56766 ----a-w- c:\documents and settings\All Users\Application Data\DivX\DivXPlusShortcuts\Uninstaller.exe
    2010-04-15 05:56 . 2010-04-15 05:56 57409 ----a-w- c:\documents and settings\All Users\Application Data\DivX\ControlPanel\Uninstaller.exe
    2010-04-15 05:54 . 2010-04-15 05:54 144696 ----a-w- c:\documents and settings\All Users\Application Data\DivX\RunAsUser\RUNASUSERPROCESS.exe
    2010-04-11 08:35 . 2010-04-11 08:35 -------- d-----w- c:\documents and settings\TITI\Application Data\GameRanger
    2010-04-11 08:01 . 2010-04-17 08:50 -------- d---a-w- C:\Navilog1
    2010-04-09 00:17 . 2010-04-09 00:17 1220272 ----a-w- c:\documents and settings\TITI\Application Data\GameRanger\GameRanger\GameRanger.exe
    2010-04-07 11:50 . 2010-04-07 11:51 -------- d-----w- c:\documents and settings\TITI\Local Settings\Application Data\WMTools Downloaded Files
    2010-04-06 18:14 . 2010-04-06 18:14 -------- d-----w- c:\program files\Java
    2010-04-06 13:13 . 2010-04-06 13:13 53248 ----a-r- c:\documents and settings\TITI\Application Data\Microsoft\Installer\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}\ARPPRODUCTICON.exe
    2010-04-06 13:13 . 2010-04-06 13:13 16400 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
    2010-04-06 13:13 . 2008-11-07 16:55 16928 ------w- c:\windows\system32\spmsgXP_2k3.dll
    2010-04-06 13:07 . 2010-04-06 13:07 -------- d-----w- c:\program files\NVIDIA Corporation
    2010-04-06 13:07 . 2010-04-06 13:07 -------- d-----w- c:\program files\Fichiers communs\NVIDIA Shared
    2010-04-06 13:06 . 2010-04-06 13:13 -------- d-----w- c:\documents and settings\TITI\Application Data\Logitech
    2010-04-06 13:06 . 2010-04-06 13:07 -------- d-----w- c:\documents and settings\TITI\Application Data\Logishrd
    2010-04-05 17:31 . 2010-04-05 18:05 -------- d-----w- c:\program files\Dofus
    2010-04-05 15:47 . 2010-04-05 19:48 -------- d-----w- c:\windows\system32\NtmsData
    2010-04-05 13:03 . 2010-04-05 13:03 56 ---ha-w- c:\windows\system32\ezsidmv.dat
    2010-04-05 13:03 . 2010-04-13 16:19 -------- d-----w- c:\documents and settings\TITI\Application Data\skypePM
    2010-04-05 13:03 . 2010-04-13 16:19 -------- d-----w- c:\documents and settings\TITI\Application Data\Skype
    2010-04-05 13:03 . 2010-04-05 13:03 -------- d-----w- c:\program files\Fichiers communs\Skype
    2010-04-05 13:03 . 2010-04-05 13:03 -------- d-----r- c:\program files\Skype
    2010-04-05 13:02 . 2010-04-05 13:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype
    2010-04-05 12:26 . 2010-03-30 11:35 311296 ----a-w- c:\windows\system32\TubeFinder.exe
    2010-04-05 12:26 . 2010-04-05 12:28 -------- d-----w- c:\documents and settings\TITI\Application Data\FreeFLVConverter
    2010-04-05 12:26 . 2010-04-05 12:27 -------- d-----w- c:\program files\Free FLV Converter
    2010-04-05 12:26 . 2009-06-19 16:51 9728 ----a-w- c:\windows\system32\PCCLPFR.DLL
    2010-04-05 12:21 . 2010-04-05 12:21 -------- d-----w- C:\Downloads
    2010-04-05 11:40 . 2010-04-05 12:00 -------- d-----w- c:\program files\IVCsoft
    2010-04-05 09:52 . 2010-04-05 09:52 -------- d-----w- c:\documents and settings\TITI\Application Data\widestream
    2010-04-02 16:08 . 2010-04-02 16:08 -------- d-----w- c:\documents and settings\TITI\Bluetooth Software
    2010-04-02 16:06 . 2007-03-31 05:02 55352 ----a-w- c:\windows\system32\drivers\btwhid.sys
    2010-04-02 16:06 . 2007-03-23 02:50 149123 ----a-w- c:\windows\system32\drivers\btwdndis.sys
    2010-04-02 16:06 . 2007-03-23 02:50 37424 ----a-w- c:\windows\system32\drivers\btport.sys
    2010-04-02 16:06 . 2007-03-31 05:02 876384 ----a-w- c:\windows\system32\drivers\btkrnl.sys
    2010-04-02 16:06 . 2007-03-23 02:49 539072 ----a-w- c:\windows\system32\drivers\btaudio.sys
    2010-04-02 16:06 . 2010-04-02 16:06 -------- d-----w- c:\program files\WIDCOMM
    2010-04-02 16:04 . 2007-03-23 02:50 67960 ----a-w- c:\windows\system32\drivers\btwusb.sys
    2010-04-02 16:04 . 2007-03-23 02:50 106557 ----a-r- c:\windows\system32\btw_ci.dll
    2010-04-01 09:33 . 2010-04-01 09:33 -------- d-----w- c:\documents and settings\TITI\Local Settings\Application Data\Identities
    2010-04-01 09:29 . 2010-04-01 09:29 -------- d-----w- c:\windows\system32\XPSViewer
    2010-04-01 09:29 . 2010-04-01 09:29 -------- d-----w- c:\program files\MSBuild
    2010-04-01 09:29 . 2010-04-01 09:29 -------- d-----w- c:\program files\Reference Assemblies
    2010-04-01 09:29 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll
    2010-04-01 09:28 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll
    2010-04-01 09:28 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll
    2010-04-01 09:28 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll
    2010-04-01 09:28 . 2008-07-06 12:06 1676288 begin_of_the_skype_highlighting              06 1676288      end_of_the_skype_highlighting -c----w- c:\windows\system32\dllcache\xpssvcs.dll
    2010-04-01 09:28 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll
    2010-04-01 09:28 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll
    2010-04-01 09:28 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe
    2010-04-01 09:28 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe
    2010-03-31 18:44 . 2010-03-31 18:44 -------- d-----w- c:\documents and settings\TITI\Local Settings\Application Data\Geckofx
    2010-03-31 18:44 . 2010-04-22 06:00 -------- d-----w- c:\program files\AviSynth 2.5
    2010-03-31 18:44 . 2010-03-31 18:44 -------- d-----w- c:\program files\Red Kawa
    2010-03-31 18:06 . 2010-03-31 18:06 -------- d-----w- c:\documents and settings\TITI\Application Data\Apowersoft
    2010-03-28 13:07 . 2007-03-12 21:34 162304 ----a-w- c:\windows\system32\ztvunrar36.dll
    2010-03-28 13:07 . 2007-03-12 21:34 77312 ----a-w- c:\windows\system32\ztvunace26.dll
    2010-03-28 13:07 . 2007-03-12 21:34 69632 ----a-w- c:\windows\system32\ztvcabinet.dll
    2010-03-28 13:07 . 2010-04-05 09:56 -------- d-----w- c:\documents and settings\TITI\Application Data\OfferBox
    2010-03-28 12:47 . 2000-05-16 08:40 83968 ----a-w- c:\windows\UnGins.exe
    2010-03-28 08:26 . 2010-04-15 05:54 754984 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\Resource.dll
    2010-03-28 08:26 . 2010-04-15 05:54 1180952 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Setup\DivXSetup.exe
    2010-03-28 08:26 . 2010-03-28 08:26 56978 ----a-w- c:\documents and settings\All Users\Application Data\DivX\WebPlayer\Uninstaller.exe
    2010-03-28 08:26 . 2010-03-28 08:26 53600 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Update\Uninstaller.exe
    2010-03-28 08:26 . 2010-03-28 08:26 52963 ----a-w- c:\documents and settings\All Users\Application Data\DivX\MSVC80CRTRedist\Uninstaller.exe
    2010-03-28 08:26 . 2010-03-28 08:26 54073 ----a-w- c:\documents and settings\All Users\Application Data\DivX\Qt4.5\Uninstaller.exe
    2010-03-28 08:26 . 2010-03-28 08:26 -------- d-----w- c:\program files\Fichiers communs\DivX Shared
    2010-03-28 08:24 . 2010-04-15 05:56 -------- d-----w- c:\program files\DivX
    2010-03-28 08:23 . 2010-04-15 05:57 -------- d-----w- c:\documents and settings\All Users\Application Data\DivX
    2010-03-27 19:54 . 2010-03-07 09:53 14336 ----a-w- c:\documents and settings\TITI\Application Data\Mozilla\Firefox\Profiles\i4ghek4v.default\extensions\radiobar@toolbar\components\toolbarhomewmp.dll
    2010-03-27 19:45 . 2010-03-27 19:45 1036288 ----a-w- c:\documents and settings\TITI\Application Data\Mozilla\Firefox\Profiles\i4ghek4v.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash\components\IBitCometExtension.dll
    2010-03-25 11:44 . 2010-03-25 11:44 -------- d-----w- c:\documents and settings\TITI\Local Settings\Application Data\Help

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2010-04-21 05:18 . 2010-04-21 05:18 12 ----a-w- c:\windows\system32\config\systemprofile\Application Data\kcmdte.dat
    2010-04-20 15:47 . 2010-04-20 15:47 8 ----a-w- c:\documents and settings\NetworkService\Application Data\kcmdte.dat
    2010-04-20 07:14 . 2010-03-13 19:17 0 ----a-w- c:\windows\system32\drivers\lvuvc.hs
    2010-04-20 07:14 . 2010-03-13 19:17 0 ----a-w- c:\windows\system32\drivers\logiflt.iad
    2010-04-18 15:05 . 2010-03-13 17:06 44696 ----a-w- c:\documents and settings\TITI\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
    2010-04-14 10:47 . 2010-03-14 07:25 -------- d-----w- c:\program files\Cossacks - Back To War
    2010-04-11 11:37 . 2010-03-19 21:49 -------- d-----w- c:\documents and settings\TITI\Application Data\FileZilla
    2010-04-06 18:14 . 2010-03-13 20:23 411368 ----a-w- c:\windows\system32\deploytk.dll
    2010-04-06 13:13 . 2010-03-13 19:14 -------- d-----w- c:\documents and settings\All Users\Application Data\Logitech
    2010-04-06 13:13 . 2010-03-13 19:14 -------- d-----w- c:\program files\Fichiers communs\LogiShrd
    2010-04-06 13:13 . 2010-03-13 20:36 -------- d-----w- c:\documents and settings\All Users\Application Data\Logishrd
    2010-04-06 13:13 . 2010-04-06 13:13 0 ---ha-w- c:\windows\system32\drivers\MsftWdf_Kernel_01009_Coinstaller_Critical.Wdf
    2010-04-06 13:12 . 2010-03-13 19:14 -------- d-----w- c:\program files\Logitech
    2010-04-06 13:07 . 2003-04-24 12:00 80508 ----a-w- c:\windows\system32\perfc00C.dat
    2010-04-06 13:07 . 2003-04-24 12:00 500482 ----a-w- c:\windows\system32\perfh00C.dat
    2010-04-06 13:07 . 2010-03-13 19:16 -------- d--h--w- c:\program files\InstallShield Installation Information
    2010-04-05 12:25 . 2010-03-16 09:40 -------- d-----w- c:\documents and settings\TITI\Application Data\BitComet
    2010-04-05 08:25 . 2010-03-15 20:38 -------- d-----w- c:\documents and settings\TITI\Application Data\vlc
    2010-04-05 08:25 . 2010-03-16 16:36 -------- d-----w- c:\documents and settings\TITI\Application Data\dvdcss
    2010-04-02 07:41 . 2010-04-02 07:41 -------- d-----w- c:\documents and settings\TITI\Application Data\FreeAudioPack
    2010-03-27 09:36 . 2010-03-19 21:48 -------- d-----w- c:\program files\FileZilla FTP Client
    2010-03-22 16:59 . 2010-03-22 16:59 -------- d-----w- c:\program files\hp photosmart
    2010-03-20 09:56 . 2010-03-20 09:56 -------- d-----w- c:\documents and settings\TITI\Application Data\TeamViewer
    2010-03-20 09:30 . 2010-03-14 08:37 -------- d-----w- c:\documents and settings\TITI\Application Data\Winamp
    2010-03-19 16:33 . 2010-03-14 08:37 -------- d-----w- c:\program files\Winamp
    2010-03-19 16:29 . 2010-03-19 16:27 -------- d-----w- c:\program files\SHOUTcast
    2010-03-19 08:59 . 2010-03-19 08:59 -------- d-----w- c:\documents and settings\TITI\Application Data\Leadertech
    2010-03-17 10:32 . 2010-03-17 10:32 -------- d-----w- c:\program files\MSXML 4.0
    2010-03-16 17:31 . 2010-03-16 17:31 -------- d-----w- c:\documents and settings\TITI\Application Data\Nero
    2010-03-16 17:28 . 2010-03-16 17:22 -------- d-----w- c:\program files\Fichiers communs\Nero
    2010-03-16 17:22 . 2010-03-16 17:22 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero
    2010-03-16 17:22 . 2010-03-16 17:22 -------- d-----w- c:\program files\Nero
    2010-03-16 17:16 . 2010-03-16 17:16 -------- d-----w- c:\documents and settings\TITI\Application Data\DivX
    2010-03-16 16:48 . 2010-03-14 10:49 -------- d-----w- c:\program files\Audacity
    2010-03-15 20:38 . 2010-03-15 20:38 -------- d-----w- c:\program files\VideoLAN
    2010-03-14 13:43 . 2010-03-14 13:40 -------- d-----w- c:\program files\WinAVI MP4 Converter
    2010-03-14 13:14 . 2010-03-14 13:14 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
    2010-03-14 10:26 . 2010-03-14 10:26 -------- d-----w- c:\program files\Realtek AC97
    2010-03-14 10:23 . 2010-03-13 20:41 -------- d-----w- c:\program files\Fichiers communs\InstallShield
    2010-03-14 10:01 . 2010-03-14 10:00 -------- d-----w- c:\program files\ANI
    2010-03-14 10:00 . 2010-03-13 21:00 -------- d-----w- c:\program files\D-Link
    2010-03-14 10:00 . 2010-03-14 10:00 -------- d-----w- c:\documents and settings\TITI\Application Data\InstallShield
    2010-03-14 09:55 . 2010-03-14 09:55 -------- d-----w- c:\program files\Fichiers communs\Adobe
    2010-03-14 08:37 . 2010-03-14 08:37 -------- d-----w- c:\program files\Winamp Detect
    2010-03-14 08:15 . 2010-03-13 20:16 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS
    2010-03-14 08:02 . 2010-03-13 19:38 -------- d-----w- c:\program files\Windows Media Connect 2
    2010-03-14 07:49 . 2010-03-13 19:04 -------- d-----w- c:\program files\IZArc
    2010-03-14 07:31 . 2010-03-14 07:31 -------- d-----w- c:\program files\GUILD WARS
    2010-03-14 07:25 . 2010-03-14 07:25 53248 ----a-w- c:\windows\system32\unrar.dll
    2010-03-13 21:03 . 2010-03-13 21:03 -------- d-----w- c:\program files\K-Lite Codec Pack
    2010-03-13 20:31 . 2010-03-13 19:56 -------- d-----w- c:\program files\Messenger Plus! Live
    2010-03-13 20:29 . 2010-03-13 20:29 -------- d-----w- c:\program files\NOS
    2010-03-13 20:26 . 2010-03-13 20:26 -------- d-----w- c:\program files\Microsoft
    2010-03-13 20:26 . 2010-03-13 19:07 -------- d-----w- c:\program files\Windows Live
    2010-03-13 20:26 . 2010-03-13 20:26 -------- d-----w- c:\program files\Windows Live SkyDrive
    2010-03-13 20:22 . 2010-03-13 18:37 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys
    2010-03-13 20:16 . 2010-03-13 20:02 -------- d-----w- c:\program files\Mozilla Firefox(2)
    2010-03-13 20:02 . 2010-03-13 20:02 0 ----a-w- c:\windows\nsreg.dat
    2010-03-13 19:56 . 2010-03-13 19:56 -------- d-----w- c:\documents and settings\All Users\Application Data\Messenger Plus!
    2010-03-13 19:27 . 2010-03-13 19:27 -------- d-----w- c:\program files\Fichiers communs\Java
    2010-03-13 19:05 . 2010-03-13 19:05 -------- d-----w- c:\program files\Fichiers communs\Windows Live
    2010-03-13 18:37 . 2010-03-13 18:37 -------- d-----w- c:\program files\Avira
    2010-03-13 18:37 . 2010-03-13 18:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira
    2010-03-13 17:37 . 2010-03-13 16:07 86327 ----a-w- c:\windows\PCHealth\HelpCtr\OfflineCache\index.dat
    2010-03-13 16:08 . 2010-03-13 16:08 -------- d-----w- c:\program files\microsoft frontpage
    2010-03-13 16:05 . 2010-03-13 16:05 21892 ----a-w- c:\windows\system32\emptyregdb.dat
    2010-03-13 16:05 . 2010-03-13 16:05 -------- d-----w- c:\program files\Services en ligne
    2010-03-10 06:16 . 2003-04-24 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll
    2010-02-25 06:17 . 2003-04-24 12:00 916480 ----a-w- c:\windows\system32\wininet.dll
    2010-02-24 13:11 . 2003-04-24 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys
    2010-02-18 23:52 . 2010-02-18 23:52 48816 ----a-w- c:\documents and settings\TITI\Application Data\GameRanger\GameRanger\Data\GameRangerLaunch.dll
    2010-02-18 23:52 . 2010-02-18 23:52 155312 ----a-w- c:\documents and settings\TITI\Application Data\GameRanger\GameRanger\Data\GameRanger.dll
    2010-02-17 12:07 . 2003-04-24 12:00 2192000 ----a-w- c:\windows\system32\ntoskrnl.exe
    2010-02-16 19:07 . 2002-08-29 11:42 2068864 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2010-02-12 10:03 . 2010-03-13 18:08 293376 ------w- c:\windows\system32\browserchoice.exe
    2010-02-12 04:34 . 2003-04-24 12:00 100864 ----a-w- c:\windows\system32\6to4svc.dll
    2010-02-11 12:02 . 2003-04-24 12:00 226880 ----a-w- c:\windows\system32\drivers\tcpip6.sys
    .

    ((((((((((((((((((((((((((((( SnapShot@2010-04-20_17.37.06 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2010-04-22 16:31 . 2010-04-22 16:31 16384 c:\windows\Temp\Perflib_Perfdata_e4.dat
    + 2010-03-13 16:10 . 2010-04-21 05:18 32768 c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
    - 2010-03-13 16:10 . 2010-04-20 15:47 32768 c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
    + 2010-03-13 20:16 . 2010-04-21 13:33 233172 c:\windows\system32\Restore\rstrlog.dat
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" [2007-08-03 202024]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-05-16 13529088]
    "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
    "Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
    "ANIWZCS2Service"="c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2007-01-19 49152]
    "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-05-16 86016]
    "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-08-08 1828136]
    "HPDJ Taskbar Utility"="c:\windows\system32\spool\drivers\w32x86\3\hpztsb04.exe" [2003-01-30 196608]
    "HPHmon03"="c:\windows\system32\hphmon03.exe" [2003-01-30 311296]
    "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-03-05 1135912]
    "NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-12-20 131072]
    "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2010-01-27 1312848]
    "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-02-18 248040]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

    c:\documents and settings\TITI\Menu D‚marrer\Programmes\D‚marrage\
    Logitech . Enregistrement du produit.lnk - c:\program files\Fichiers communs\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]

    c:\documents and settings\TITI\Menu D‚marrer\Programmes\D‚marrage\
    Logitech . Enregistrement du produit.lnk - c:\program files\Fichiers communs\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]

    c:\documents and settings\TITI\Menu D‚marrer\Programmes\D‚marrage\
    Logitech . Enregistrement du produit.lnk - c:\program files\Fichiers communs\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]

    c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2007-4-1 568176]

    c:\documents and settings\TITI\Menu D‚marrer\Programmes\D‚marrage\
    Logitech . Enregistrement du produit.lnk - c:\program files\Fichiers communs\LogiShrd\eReg\SetPoint\eReg.exe [2009-11-16 517384]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
    2010-01-29 21:17 64592 ----a-w- c:\program files\Fichiers communs\LogiShrd\Bluetooth\LBTWLgn.dll

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
    @="Driver"

    [HKLM\~\startupfolder\C:^Documents and Settings^TITI^Menu Démarrer^Programmes^Démarrage^Logitech . Enregistrement du produit.lnk]
    path=c:\documents and settings\TITI\Menu Démarrer\Programmes\Démarrage\Logitech . Enregistrement du produit.lnk
    backup=c:\windows\pss\Logitech . Enregistrement du produit.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D-Link AirPlus G DWL-G510]
    2008-10-20 11:22 1556480 ----a-w- c:\program files\D-Link\AirPlus G DWL-G510\AirGCFG.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechQuickCamRibbon]
    2009-10-14 12:36 2793304 ----a-w- c:\program files\Logitech\Logitech WebCam Software\LWS.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
    2007-04-16 14:28 577536 ----a-w- c:\windows\soundman.exe

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
    "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
    "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
    "c:\\Program Files\\Cossacks - Back To War\\dmcr.exe"=
    "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"=
    "c:\\WINDOWS\\system32\\dplaysvr.exe"=
    "c:\\WINDOWS\\PCHealth\\HelpCtr\\Binaries\\helpctr.exe"=
    "c:\\Documents and Settings\\TITI\\Application Data\\GameRanger\\GameRanger\\GameRanger.exe"=
    "c:\\Program Files\\Skype\\Phone\\Skype.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "19655:TCP"= 19655:TCP:BitComet 19655 TCP
    "19655:UDP"= 19655:UDP:BitComet 19655 UDP
    "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

    R0 SI3112r;Silicon Image SiI 3112 SATARaid Controller;c:\windows\system32\drivers\SI3112r.sys [13/03/2010 18:26 97408]
    R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [13/03/2010 20:37 108289]
    R3 Dot4Usb HPH09;Dot4Usb HPH09;c:\windows\system32\drivers\hphius09.sys [30/01/2003 19:55 18864]
    R3 yukonx86;NDIS5.1 Miniport Driver for Marvell Yukon Gigabit Ethernet Adapter;c:\windows\system32\drivers\yukonx86.sys [13/03/2010 18:27 176256]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    getPlusHelper REG_MULTI_SZ getPlusHelper
    .
    Contenu du dossier 'Tâches planifiées'

    2010-04-22 c:\windows\Tasks\User_Feed_Synchronization-{994FAF03-F86D-4D57-A630-A3B178546BCF}.job
    - c:\windows\system32\msfeedssync.exe [2009-03-08 03:31]
    .
    .
    ------- Examen supplémentaire -------
    .
    uStart Page = hxxp://www.google.fr/
    IE: Add to AMV Converter... - c:\program files\MP3 Player Utilities 4.15\AMVConverter\grab.html
    IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    IE: MediaManager tool grab multimedia file - c:\program files\MP3 Player Utilities 4.15\MediaManager\grab.html
    FF - ProfilePath - c:\documents and settings\TITI\Application Data\Mozilla\Firefox\Profiles\i4ghek4v.default\
    FF - prefs.js: browser.startup.homepage - google.fr
    FF - component: c:\documents and settings\TITI\Application Data\Mozilla\Firefox\Profiles\i4ghek4v.default\extensions\{12e4c684-c03e-4e4d-85bc-0c065e7a9489}\components\WinampPlayer.dll
    FF - component: c:\documents and settings\TITI\Application Data\Mozilla\Firefox\Profiles\i4ghek4v.default\extensions\radiobar@toolbar\components\toolbarhomewmp.dll
    FF - component: c:\program files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}\components\SkypeFfComponent.dll
    FF - plugin: c:\documents and settings\TITI\Application Data\Mozilla\Firefox\Profiles\i4ghek4v.default\extensions\DeviceDetection@logitech.com\plugins\npLogitechDeviceDetection.dll
    FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll
    FF - plugin: c:\program files\Mozilla Firefox\plugins\npwachk.dll
    FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\

    ---- PARAMETRES FIREFOX ----
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
    c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
    c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
    c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
    c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
    c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
    .

    **************************************************************************

    catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2010-04-22 19:48
    Windows 5.1.2600 Service Pack 3 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    --------------------- CLES DE REGISTRE BLOQUEES ---------------------

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\€–€|ÿÿÿÿÀ•€|ù•9~*]
    "C040110900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    - - - - - - - > 'winlogon.exe'(616)
    c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll

    - - - - - - - > 'explorer.exe'(2732)
    c:\windows\system32\btmmhook.dll
    c:\docume~1\TITI\LOCALS~1\Temp\catchme.dll
    c:\windows\system32\webcheck.dll
    c:\windows\system32\WPDShServiceObj.dll
    c:\windows\system32\eappprxy.dll
    c:\windows\system32\PortableDeviceTypes.dll
    c:\windows\system32\PortableDeviceApi.dll
    .
    Heure de fin: 2010-04-22 19:50:21
    ComboFix-quarantined-files.txt 2010-04-22 17:50
    ComboFix2.txt 2010-04-21 17:23
    ComboFix3.txt 2010-04-20 17:39

    Avant-CF: 24 825 724 928 octets libres
    Après-CF: 24 789 155 840 octets libres

    - - End Of File - - 7A125D0B33FECF747A738BE3F783DB3A



    Merci à vous !
    a c 267 8 Sécurité
    a b 9 Windows
    22 Avril 2010 20:00:16

    1/

  • Télécharge ToolsCleaner2 sur ton Bureau.
  • Double-clique sur ToolsCleaner2.exe pour le lancer.
  • Clique sur Recherche et laisse le scan agir.
  • Clique sur Suppression pour finaliser.
  • Tu peux, si tu le souhaites, te servir des Options Facultatives.
  • Clique sur Quitter pour obtenir le rapport.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).


    2/

  • Télécharge et installe CCleaner (N'installe pas la Yahoo! Toolbar).
  • Lance-le. Va dans Options puis Avancé et décoche la case Effacer uniquement les fichiers etc....
  • Va dans Nettoyeur, choisis Analyse. Une fois terminé, lance le nettoyage.


    3/

  • Il est nécessaire de désactiver puis réactiver la restauration système pour la purger.


    ==Prévention==

    Pour supprimer les popups d'AntiVir : Lien

    Conserve MBAM. Il te servira à scanner les fichiers douteux en complément de l'antivirus et scanne le disque dur régulièrement.

    Vérifie que les mises à jour automatiques sont bien activées (Menu Démarrer, clique droit sur Poste de travail, Propriétés, onglet Mises à jour automatiques).

    Par rapport au P2P : Lien

    Voici un dossier complet (A lire avec Adobe Reader ou Foxit Reader) : Lien


    ==Problème résolu ?==

    --> Si tu estimes que ton problème est résolu, ajoute [Résolu] au titre. Pour cela :
  • Clique, dans ton premier message, sur le bouton Editer .
  • Ajoute la mention [Résolu] devant le titre.
  • Clique ensuite sur Valider votre message.


    Sois plus vigilant(e) sur Internet ;) 
    22 Avril 2010 22:53:01

    Je n'ai pas eu de rapport enfin bon.

    Merci à vous !

    Résolu.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS