Votre question

Processus iexplore.exe ne veulent pas se fermer!!!

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
9 Juin 2008 00:24:13

Bonjour,

Dans mon gestionnaire de taches j'ai deux processus iexplore.exe qui ne veulent pas se fermer alors que je n'utilise même pas IE.

Est-ce quelqu'un peut m'aider? Merci.

Mon rapport Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:33:32, on 09/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\TODDSrv.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\TPSMain.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\distnoted.exe
C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Saltan\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspee.dll
R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspee.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspee.dll
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall....
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/webplayer/stage6/windows/AutoD...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFA72E98-9702-4CA4-8390-A6AE75384165}: NameServer = 192.168.1.1
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 11607 bytes

Autres pages sur : processus iexplore exe veulent fermer

9 Juin 2008 14:02:08

SVP de l'aide !!
a b 8 Sécurité
9 Juin 2008 14:11:20

Bonjour,

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM
    Contenus similaires
    9 Juin 2008 14:16:10

    Merci !! J'essaye ça de suite.
    9 Juin 2008 22:40:09

    Il n'y aurait pas un moyen de scanner seulement une partie du disque dur parce que le programme scanne tout le disque et c'est très long. En effet au bout de 5h30 de scan le logiciel a enfin trouvé deux infections dans le dossier WINDOWS mais quand je suis revenu voir l'avancement du scan, la fenetre était fermé et aucun rapport généré.... Donc vu que c'est très long a refaire il n'y aurait pas un moyen de localiser le scan?

    Merci
    a b 8 Sécurité
    10 Juin 2008 17:09:16

    On va faire autrement :) 

    [#ff0000]Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer
    10 Juin 2008 17:47:36

    Merci Angeldark, voici mon rapport:

    ComboFix 08-06-09.7 - Saltan 2008-06-10 17:34:37.1 - NTFSx86
    Endroit: C:\Documents and Settings\Saltan\Bureau\ComboFix.exe
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\Saltan\Application Data\macromedia\Flash Player\#SharedObjects\VKR7C56K\iforex.com
    C:\Documents and Settings\Saltan\Application Data\macromedia\Flash Player\#SharedObjects\VKR7C56K\iforex.com\Emerp\Events\flash_object.swf\user_data.sol
    C:\Documents and Settings\Saltan\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com
    C:\Documents and Settings\Saltan\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com\settings.sol
    C:\WINDOWS\Downloaded Program Files\setup.inf

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-05-10 to 2008-06-10 ))))))))))))))))))))))))))))))))))))
    .

    2008-06-09 14:14 . 2008-06-09 14:14 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-06-09 14:14 . 2008-06-09 14:14 <REP> d-------- C:\Documents and Settings\Saltan\Application Data\Malwarebytes
    2008-06-09 14:14 . 2008-06-09 14:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-06-09 14:14 . 2008-06-05 16:04 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
    2008-06-09 14:14 . 2008-06-05 16:04 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-06-07 15:10 . 2008-06-07 15:11 <REP> d-------- C:\Program Files\TI Education
    2008-06-07 15:10 . 2008-06-07 15:10 <REP> d-------- C:\Program Files\Fichiers communs\TI Shared
    2008-06-06 14:04 . 2008-06-06 14:04 <REP> d-------- C:\Program Files\Avira
    2008-06-06 14:04 . 2008-06-06 14:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
    2008-06-01 21:12 . 2008-06-01 21:11 691,545 --a------ C:\WINDOWS\unins000.exe
    2008-06-01 21:12 . 2008-06-01 21:12 2,556 --a------ C:\WINDOWS\unins000.dat
    2008-05-27 17:06 . 2008-05-27 17:06 <REP> d-------- C:\Program Files\Funk Heck Okay
    2008-05-15 22:49 . 2008-06-09 01:40 <REP> d-------- C:\Program Files\Pvm

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-06-08 14:27 --------- d-----w C:\Program Files\eMule
    2008-06-07 13:08 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-06-06 15:02 --------- d-----w C:\Program Files\TVUPlayer
    2008-06-06 12:57 --------- d-----w C:\Documents and Settings\Saltan\Application Data\Funk Heck Okay
    2008-06-06 10:30 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
    2008-06-02 18:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-06-02 18:31 --------- d-----w C:\Program Files\Spybot - Search & Destroy
    2008-06-01 16:18 --------- d-----w C:\Documents and Settings\Saltan\Application Data\LimeWire
    2008-05-31 20:35 --------- d-----w C:\Program Files\Dictionnaire
    2008-05-27 15:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Admin Inter 1 Mags
    2008-05-14 14:20 --------- d-----w C:\Program Files\SpeedBit Video Accelerator
    2008-05-04 20:10 --------- d-----w C:\Documents and Settings\Saltan\Application Data\Apple Computer
    2008-05-02 17:24 --------- d-----w C:\Program Files\LimeWire
    2008-04-30 13:51 --------- d-----w C:\Program Files\DAP
    2008-04-30 09:21 --------- d-----w C:\Program Files\TuneUp Utilities 2008
    2008-04-30 09:14 --------- d-----w C:\Program Files\Free Download Manager
    2008-04-30 09:12 --------- d-----w C:\Program Files\AskSBar
    2008-04-30 09:11 --------- d-----w C:\Program Files\speed-bit
    2008-04-30 09:09 50,688 ----a-w C:\WINDOWS\system32\wbhelp2.dll
    2008-04-13 18:52 --------- d-----w C:\Program Files\Navilog1
    2008-04-12 11:20 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-04-12 11:01 --------- d-----w C:\Program Files\PC Inspector File Recovery
    2008-04-11 21:57 --------- d-----w C:\Program Files\Sony
    2008-04-11 20:09 --------- d-----w C:\Program Files\Project64 1.6
    2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
    2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
    2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
    2007-10-17 20:08 2,048 ----a-w C:\Documents and Settings\Saltan\Application Data\filterclsid.dat
    2006-12-16 13:20 0 ----a-w C:\Documents and Settings\Saltan\Application Data\wklnhst.dat
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
    2008-04-30 11:12 66912 --a------ C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}]
    2007-07-31 16:33 1391640 --a------ C:\Program Files\speed-bit\tbspee.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{2BA521AC-B9B9-4433-BA45-DBA2F02CBA5A}"= "C:\Program Files\speed-bit\tbspee.dll" [2007-07-31 16:33 1391640]
    "{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= "C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL" [2008-04-30 11:12 262144]

    [HKEY_CLASSES_ROOT\clsid\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}]

    [HKEY_CLASSES_ROOT\clsid\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa}]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
    "{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"= C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL [2008-04-30 11:12 262144]

    [HKEY_CLASSES_ROOT\clsid\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
    "TPSMain"="TPSMain.exe" [2005-08-12 11:14 266240 C:\WINDOWS\system32\TPSMain.exe]
    "SVPWUTIL"="C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe" [2004-05-01 13:45 65536]
    "RTHDCPL"="RTHDCPL.EXE" [2006-04-18 00:34 16143872 C:\WINDOWS\RTHDCPL.exe]
    "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2004-03-24 07:40 196608]
    "TPNF"="C:\Program Files\TOSHIBA\TouchPad\TPTray.exe" [2006-04-04 14:57 53248]
    "Tvs"="C:\Program Files\TOSHIBA\Tvs\TvsTray.exe" [2006-02-02 13:11 73728]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 14:00 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "AllowLegacyWebView"= 1 (0x1)
    "AllowUnhashedWebView"= 1 (0x1)

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "Boonty Games"=3 (0x3)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "TVAgent WiFi"=C:\Program Files\Kit ADSL\Wizard\Agent_WiFi.exe
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    "the load"=C:\DOCUME~1\Saltan\APPLIC~1\FUNKHE~1\Hold base.exe
    "L08FXLRD_1012062"="C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m
    "TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    "L08FXLRD_9275375"="C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    "CFSServ.exe"=CFSServ.exe -NoClient
    "NDSTray.exe"=NDSTray.exe
    "LtMoh"=C:\Program Files\ltmoh\Ltmoh.exe
    "ehTray"=C:\WINDOWS\ehome\ehtray.exe
    "HWSetup"=C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
    "CeEKEY"=C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
    "%FP%Friendly fts.exe"="C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe"
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    "SmoothView"=C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
    "Zooming"=ZoomingHook.exe
    "DDWMon"=C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe
    "1 mags 16 more"=C:\Documents and Settings\All Users\Application Data\Admin Inter 1 Mags\Trans Deaf.exe
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
    "AGRSMMSG"=AGRSMMSG.exe
    "PadTouch"=C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    "PCSuiteTrayApplication"=C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
    "ppmate"=C:\Program Files\PPMate\PPMate\ppmate.exe -autoplay
    "SpeedBitVideoAccelerator"="C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe"
    "DownloadAccelerator"="C:\Program Files\DAP\DAP.EXE" /STARTUP

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\LimeWire\\LimeWire.exe"=
    "C:\\Program Files\\eMule\\emule.exe"=
    "C:\\Documents and Settings\\Saltan\\Mes documents\\usb\\USB.exe"=
    "C:\\Program Files\\TVAnts\\Tvants.exe"=
    "C:\\Program Files\\SopCast\\SopCast.exe"=
    "C:\\Program Files\\Shareaza\\Shareaza.exe"=
    "C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
    "C:\\Program Files\\PPMate\\PPMate\\ppmate.exe"=
    "C:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\Azureus\\Azureus.exe"=
    "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
    "C:\\Program Files\\SpeedBit Video Accelerator\\VideoAcceleratorEngine.exe"=

    R2 sbbotdi;sbbotdi;C:\PROGRA~1\SPEEDB~1\sbbotdi.sys [2008-04-30 11:12]
    R2 tdudf;TOSHIBA UDF File System Driver;C:\WINDOWS\system32\DRIVERS\tdudf.sys [2006-04-18 15:12]
    R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2004-08-10 14:00]
    R2 VideoAcceleratorService;VideoAcceleratorService;C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe [2008-04-30 11:12]
    R3 PPPoEWin;PPPoEWin Miniport;C:\WINDOWS\system32\DRIVERS\PPPoEWin.SYS [2003-09-25 17:52]
    R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver;C:\WINDOWS\system32\DRIVERS\tdcmdpst.sys [2006-03-02 18:49]
    R3 X10Hid;X10 Hid Device;C:\WINDOWS\system32\Drivers\x10hid.sys [2005-11-28 10:45]
    S3 libusb0;LibUsb-Win32 - Kernel Driver 11/20/2005, 20051120;C:\WINDOWS\system32\DRIVERS\libusb0.sys [2006-04-22 22:34]
    S3 MBAMCatchMe;MBAMCatchMe;C:\WINDOWS\system32\drivers\mbamcatchme.sys [2008-06-05 16:04]
    S3 PPJoyBus;Parallel Port Joystick Bus device driver;C:\WINDOWS\system32\drivers\PPJoyBus.sys [2004-10-24 08:11]
    S3 PPortJoystick;Parallel Port Joystick device driver;C:\WINDOWS\system32\drivers\PPortJoy.sys [2004-10-24 08:11]
    S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-03-05 02:09]
    S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
    S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 00:08]
    S4 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" []

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a8bdd73e-9dd9-11dc-a47a-5050506f4531}]
    \Shell\AutoRun\command - F:\LaunchU3.exe

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-06-10 13:00:02 C:\WINDOWS\Tasks\A623D410919C447C.job"
    - c:\docume~1\saltan\applic~1\funkhe~1\activewindowtool.exe
    "2007-09-15 15:53:10 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-06-10 15:13:27 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
    - C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
    "2006-12-13 19:57:51 C:\WINDOWS\Tasks\Rappel d'enregistrement 1.job"
    - C:\WINDOWS\system32\OOBE\oobebaln.exe
    "2006-12-13 19:57:51 C:\WINDOWS\Tasks\Rappel d'enregistrement 2.job"
    - C:\WINDOWS\system32\OOBE\oobebaln.exe
    "2008-06-10 11:33:16 C:\WINDOWS\Tasks\User_Feed_Synchronization-{0ECCA54E-CEB8-4589-8E94-BECE83041627}.job"
    - C:\WINDOWS\system32\msfeedssync.exe
    .
    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-10 17:39:38
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-06-10 17:43:33
    ComboFix-quarantined-files.txt 2008-06-10 15:43:03

    Pre-Run: 8,033,423,360 octets libres
    Post-Run: 8,024,203,264 octets libres

    204 --- E O F --- 2008-05-28 16:14:01
    a b 8 Sécurité
    10 Juin 2008 18:27:35

    Tu peux tenter le MBAM mais en scan rapide ?
    10 Juin 2008 18:29:56

    OK mais toujours en mode sans échec ?
    a b 8 Sécurité
    10 Juin 2008 18:33:03

    Oué de préférence.
    11 Juin 2008 14:54:28

    J'ai un nouveau problème!! J'ai bien exécuté le scan rapide de MBAM (en mode sans echec), il me trouve 2 fichiers infectes et juste apres il me dit "erreur d'application n°9,...." et ça se ferme... C'est la deuxième fois que ça m'arrive. Help please!!

    PS: je précise qu'il n'efface pas les virus et qu'il ne génère aucun rapport...
    a b 8 Sécurité
    11 Juin 2008 16:12:36

    Et en mode normal ?
    11 Juin 2008 16:52:45

    J'ai fait un petit scan rapide en mode normal et ça a trouvé les 2 infections (que j'ai supprimé). Voila le rapport:

    Malwarebytes' Anti-Malware 1.17
    Version de la base de données: 846

    16:50:14 11/06/2008
    mbam-log-6-11-2008 (16-50-14).txt

    Type de recherche: Examen rapide
    Eléments examinés: 39136
    Temps écoulé: 8 minute(s), 40 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 2
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\www.host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)

    PS: j'ai réinstallé MBAM avant le scan.
    a b 8 Sécurité
    11 Juin 2008 17:37:45

    Reposte un rapport Hijackthis.
    11 Juin 2008 17:55:14

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:54:20, on 11/06/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\acs.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\TPSMain.exe
    C:\WINDOWS\system32\DVDRAMSV.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
    C:\WINDOWS\system32\TODDSrv.exe
    C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\WINDOWS\system32\TPSBattM.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\distnoted.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
    C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Saltan\Bureau\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    R3 - URLSearchHook: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspee.dll
    R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Ask Search Assistant BHO - {0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspee.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
    O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: speed-bit Toolbar - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - C:\Program Files\speed-bit\tbspee.dll
    O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
    O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
    O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
    O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
    O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall....
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/webplayer/stage6/windows/AutoD...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213....
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{FFA72E98-9702-4CA4-8390-A6AE75384165}: NameServer = 192.168.1.1
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
    O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
    O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --
    End of file - 11465 bytes
    a b 8 Sécurité
    11 Juin 2008 18:44:35

    Encore des soucis ?
    11 Juin 2008 18:56:47

    Bah pour l'instant je ne reçois plus de pub intempestives mais quand je ferme le processus iexplore.exe une dizaine de fois il ne revient pas directement mais finit par revenir tôt ou tard... et me bouffe comme même de la mémoire.

    PS: il y'en a d'ailleurs deux (voire 3) qui s'ouvrent et pas un seul

    PS2: les pubs reviennent aussi!
    a b 8 Sécurité
    11 Juin 2008 19:30:02

    Re,

    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    Folder::
    C:\Program Files\AskSBar

    Registry::
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2}]
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    "{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"=-
    [-HKEY_CLASSES_ROOT\clsid\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}]
    [-HKEY_CLASSES_ROOT\clsid\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa}]
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
    "{F0D4B239-DA4B-4DAF-81E4-DFEE4931A4AA}"=-
    [-HKEY_CLASSES_ROOT\clsid\{f0d4b239-da4b-4daf-81e4-dfee4931a4aa}]


    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


    Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
    [#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
    11 Juin 2008 19:54:23

    J'ai fais comme tu m'a dis mais je n'ai pas eu à taper sur 1 et valider. Il n'y a pas eu de redémarrage non plus:

    ComboFix 08-06-09.7 - Saltan 2008-06-11 19:39:08.3 - NTFSx86
    Endroit: C:\Documents and Settings\Saltan\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\Saltan\Bureau\CFScript.txt
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Program Files\AskSBar
    C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.JAR
    C:\Program Files\AskSBar\bar\1.bin\A2FFXTBR.MANIFEST
    C:\Program Files\AskSBar\bar\1.bin\A2HIGHIN.EXE
    C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.JAR
    C:\Program Files\AskSBar\bar\1.bin\A2NTSTBR.MANIFEST
    C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
    C:\Program Files\AskSBar\bar\1.bin\NPASKSBR.DLL
    C:\Program Files\AskSBar\bar\Cache\0031D95A.bin
    C:\Program Files\AskSBar\bar\Cache\0031FA8E.bin
    C:\Program Files\AskSBar\bar\Cache\0032026D.bin
    C:\Program Files\AskSBar\bar\Cache\0188EF4F
    C:\Program Files\AskSBar\bar\Cache\files.ini
    C:\Program Files\AskSBar\bar\History\search2
    C:\Program Files\AskSBar\bar\Settings\prevcfg2.htm
    C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-05-11 to 2008-06-11 ))))))))))))))))))))))))))))))))))))
    .

    2008-06-11 16:39 . 2008-06-11 16:39 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-06-11 16:39 . 2008-06-10 19:02 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
    2008-06-11 16:39 . 2008-06-10 19:02 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-06-11 16:16 . 2008-06-11 16:16 354,560 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
    2008-06-11 16:16 . 2008-04-04 14:51 28,416 --a------ C:\WINDOWS\system32\uxtuneup.dll
    2008-06-11 16:06 . 2008-06-11 16:06 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2008-06-11 16:06 . 2008-06-11 16:06 1,409 --a------ C:\WINDOWS\QTFont.for
    2008-06-11 15:14 . 2008-06-11 15:17 1,374 --a------ C:\WINDOWS\imsins.BAK
    2008-06-11 14:53 . 2008-04-14 17:52 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys
    2008-06-11 14:53 . 2008-04-14 17:52 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
    2008-06-09 14:14 . 2008-06-09 14:14 <REP> d-------- C:\Documents and Settings\Saltan\Application Data\Malwarebytes
    2008-06-09 14:14 . 2008-06-09 14:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-06-07 15:10 . 2008-06-07 15:11 <REP> d-------- C:\Program Files\TI Education
    2008-06-07 15:10 . 2008-06-07 15:10 <REP> d-------- C:\Program Files\Fichiers communs\TI Shared
    2008-06-06 14:04 . 2008-06-06 14:04 <REP> d-------- C:\Program Files\Avira
    2008-06-06 14:04 . 2008-06-06 14:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
    2008-06-01 21:12 . 2008-06-01 21:11 691,545 --a------ C:\WINDOWS\unins000.exe
    2008-06-01 21:12 . 2008-06-01 21:12 2,556 --a------ C:\WINDOWS\unins000.dat
    2008-05-27 17:06 . 2008-05-27 17:06 <REP> d-------- C:\Program Files\Funk Heck Okay
    2008-05-15 22:49 . 2008-06-09 01:40 <REP> d-------- C:\Program Files\Pvm

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-06-11 14:17 --------- d-----w C:\Program Files\TuneUp Utilities 2008
    2008-06-11 13:56 --------- d-----w C:\Program Files\Messenger Plus! Live
    2008-06-08 14:27 --------- d-----w C:\Program Files\eMule
    2008-06-07 13:08 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-06-06 15:02 --------- d-----w C:\Program Files\TVUPlayer
    2008-06-06 12:57 --------- d-----w C:\Documents and Settings\Saltan\Application Data\Funk Heck Okay
    2008-06-06 10:30 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
    2008-06-02 18:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-06-02 18:31 --------- d-----w C:\Program Files\Spybot - Search & Destroy
    2008-06-01 16:18 --------- d-----w C:\Documents and Settings\Saltan\Application Data\LimeWire
    2008-05-31 20:35 --------- d-----w C:\Program Files\Dictionnaire
    2008-05-27 15:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Admin Inter 1 Mags
    2008-05-14 14:20 --------- d-----w C:\Program Files\SpeedBit Video Accelerator
    2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
    2008-05-07 04:55 1,294,336 ----a-w C:\WINDOWS\system32\quartz.dll
    2008-05-04 20:10 --------- d-----w C:\Documents and Settings\Saltan\Application Data\Apple Computer
    2008-05-02 17:24 --------- d-----w C:\Program Files\LimeWire
    2008-04-30 13:51 --------- d-----w C:\Program Files\DAP
    2008-04-30 09:14 --------- d-----w C:\Program Files\Free Download Manager
    2008-04-30 09:11 --------- d-----w C:\Program Files\speed-bit
    2008-04-30 09:09 50,688 ----a-w C:\WINDOWS\system32\wbhelp2.dll
    2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
    2008-04-13 18:52 --------- d-----w C:\Program Files\Navilog1
    2008-04-12 11:20 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-04-12 11:01 --------- d-----w C:\Program Files\PC Inspector File Recovery
    2008-04-11 21:57 --------- d-----w C:\Program Files\Sony
    2008-04-11 20:09 --------- d-----w C:\Program Files\Project64 1.6
    2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
    2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
    2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
    2007-10-17 20:08 2,048 ----a-w C:\Documents and Settings\Saltan\Application Data\filterclsid.dat
    2006-12-16 13:20 0 ----a-w C:\Documents and Settings\Saltan\Application Data\wklnhst.dat
    .

    ((((((((((((((((((((((((((((( snapshot@2008-06-10_17.42.34,84 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-06-10 15:13:09 2,048 --s-a-w C:\WINDOWS\bootstat.dat
    + 2008-06-11 13:59:27 2,048 --s-a-w C:\WINDOWS\bootstat.dat
    + 2008-04-14 15:52:45 272,768 ------w C:\WINDOWS\Driver Cache\i386\bthport.sys
    + 2008-03-01 12:58:06 124,928 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\advpack.dll
    + 2008-03-01 12:58:06 347,136 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtmsft.dll
    + 2008-03-01 12:58:06 214,528 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\dxtrans.dll
    + 2008-03-01 12:58:06 133,120 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\extmgr.dll
    + 2008-03-01 12:58:06 63,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\icardie.dll
    + 2008-02-29 08:56:41 70,656 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ie4uinit.exe
    + 2008-03-01 12:58:06 153,088 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakeng.dll
    + 2008-03-01 12:58:06 230,400 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieaksie.dll
    + 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieakui.dll
    + 2008-03-01 12:58:07 383,488 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieapfltr.dll
    + 2008-03-01 12:58:07 384,512 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iedkcs32.dll
    + 2008-03-01 12:58:08 6,066,176 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieframe.dll
    + 2008-03-01 12:58:08 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iernonce.dll
    + 2008-03-01 12:58:08 267,776 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iertutil.dll
    + 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\ieudinit.exe
    + 2008-02-29 08:57:05 625,664 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\iexplore.exe
    + 2008-03-01 12:58:08 27,648 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\jsproxy.dll
    + 2008-03-01 12:58:08 459,264 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeeds.dll
    + 2008-03-01 12:58:08 52,224 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msfeedsbs.dll
    + 2008-03-01 16:28:10 3,591,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtml.dll
    + 2008-03-01 12:58:09 478,208 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mshtmled.dll
    + 2008-03-01 12:58:10 193,024 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\msrating.dll
    + 2008-03-01 12:58:10 671,232 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\mstime.dll
    + 2008-03-01 12:58:10 102,912 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\occache.dll
    + 2008-03-01 12:58:10 44,544 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\pngfilt.dll
    + 2007-03-06 01:34:38 216,800 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe
    + 2007-03-06 01:35:48 394,976 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\updspapi.dll
    + 2008-03-01 12:58:10 105,984 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\url.dll
    + 2008-03-01 12:58:10 1,159,680 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\urlmon.dll
    + 2008-03-01 12:58:11 233,472 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\webcheck.dll
    + 2008-03-01 12:58:11 826,368 -c----w C:\WINDOWS\ie7updates\KB950759-IE7\wininet.dll
    - 2008-05-14 16:06:38 593,920 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
    + 2008-06-11 13:19:25 593,920 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\accicons.exe
    - 2008-05-14 16:06:39 12,288 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
    + 2008-06-11 13:19:25 12,288 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\cagicon.exe
    - 2008-05-14 16:06:39 86,016 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe
    + 2008-06-11 13:19:26 86,016 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\inficon.exe
    - 2008-05-14 16:06:38 135,168 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe
    + 2008-06-11 13:19:25 135,168 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\misc.exe
    - 2008-05-14 16:06:39 11,264 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
    + 2008-06-11 13:19:26 11,264 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\mspicons.exe
    - 2008-05-14 16:06:39 27,136 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
    + 2008-06-11 13:19:26 27,136 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\oisicon.exe
    - 2008-05-14 16:06:39 4,096 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
    + 2008-06-11 13:19:27 4,096 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\opwicon.exe
    - 2008-05-14 16:06:39 794,624 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
    + 2008-06-11 13:19:28 794,624 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\outicon.exe
    - 2008-05-14 16:06:38 249,856 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
    + 2008-06-11 13:19:25 249,856 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pptico.exe
    - 2008-05-14 16:06:38 61,440 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
    + 2008-06-11 13:19:25 61,440 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\pubs.exe
    - 2008-05-14 16:06:39 23,040 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
    + 2008-06-11 13:19:29 23,040 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\unbndico.exe
    - 2008-05-14 16:06:38 286,720 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
    + 2008-06-11 13:19:25 286,720 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\wordicon.exe
    - 2008-05-14 16:06:38 409,600 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
    + 2008-06-11 13:19:25 409,600 ----a-r C:\WINDOWS\Installer\{9011040C-6000-11D3-8CFE-0150048383C9}\xlicons.exe
    - 2008-03-01 12:58:06 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
    + 2008-04-23 04:16:39 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
    - 2008-03-01 12:58:06 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
    + 2008-04-23 04:16:39 124,928 -c----w C:\WINDOWS\system32\dllcache\advpack.dll
    - 2008-03-01 12:58:06 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
    + 2008-04-23 04:16:39 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
    - 2008-03-01 12:58:06 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
    + 2008-04-23 04:16:39 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
    - 2008-03-01 12:58:06 133,120 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
    + 2008-04-23 04:16:39 133,120 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
    - 2008-03-01 12:58:06 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
    + 2008-04-23 04:16:39 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
    - 2008-02-29 08:56:41 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    + 2008-04-22 07:41:08 70,656 -c----w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    - 2008-03-01 12:58:06 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
    + 2008-04-23 04:16:39 153,088 -c----w C:\WINDOWS\system32\dllcache\ieakeng.dll
    - 2008-03-01 12:58:06 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
    + 2008-04-23 04:16:39 230,400 -c----w C:\WINDOWS\system32\dllcache\ieaksie.dll
    - 2008-02-15 05:44:25 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
    + 2008-04-20 05:07:51 161,792 -c----w C:\WINDOWS\system32\dllcache\ieakui.dll
    - 2008-03-01 12:58:07 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
    + 2008-04-23 04:16:39 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
    - 2008-03-01 12:58:07 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
    + 2008-04-23 04:16:39 384,512 -c----w C:\WINDOWS\system32\dllcache\iedkcs32.dll
    - 2008-03-01 12:58:08 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
    + 2008-04-23 04:16:39 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
    - 2008-03-01 12:58:08 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
    + 2008-04-23 04:16:39 44,544 -c----w C:\WINDOWS\system32\dllcache\iernonce.dll
    - 2008-03-01 12:58:08 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
    + 2008-04-23 04:16:39 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
    - 2008-02-22 10:00:51 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
    + 2008-04-22 07:39:58 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
    - 2008-02-29 08:57:05 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
    + 2008-04-22 07:41:30 625,664 -c----w C:\WINDOWS\system32\dllcache\iexplore.exe
    - 2008-03-01 12:58:08 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
    + 2008-04-23 04:16:40 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
    - 2008-03-01 12:58:08 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
    + 2008-04-23 04:16:40 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
    - 2008-03-01 12:58:08 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    + 2008-04-23 04:16:40 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    - 2008-03-01 16:28:10 3,591,680 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
    + 2008-04-23 20:16:42 3,591,680 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
    - 2008-03-01 12:58:09 478,208 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
    + 2008-04-23 04:16:40 478,208 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
    - 2008-03-01 12:58:10 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
    + 2008-04-23 04:16:40 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
    - 2008-03-01 12:58:10 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
    + 2008-04-23 04:16:40 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
    - 2008-03-01 12:58:10 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
    + 2008-04-23 04:16:40 102,912 -c----w C:\WINDOWS\system32\dllcache\occache.dll
    - 2008-03-01 12:58:10 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
    + 2008-04-23 04:16:40 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
    - 2007-10-29 22:36:31 1,293,824 -c----w C:\WINDOWS\system32\dllcache\quartz.dll
    + 2008-05-07 04:55:47 1,294,336 -c----w C:\WINDOWS\system32\dllcache\quartz.dll
    - 2006-07-13 08:48:58 202,240 -c----w C:\WINDOWS\system32\dllcache\rmcast.sys
    + 2008-05-08 12:28:49 202,752 -c----w C:\WINDOWS\system32\dllcache\rmcast.sys
    - 2008-03-01 12:58:10 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
    + 2008-04-23 04:16:40 105,984 -c----w C:\WINDOWS\system32\dllcache\url.dll
    - 2008-03-01 12:58:10 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
    + 2008-04-23 04:16:40 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
    - 2008-03-01 12:58:11 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
    + 2008-04-23 04:16:40 233,472 -c----w C:\WINDOWS\system32\dllcache\webcheck.dll
    - 2008-03-01 12:58:11 826,368 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
    + 2008-04-23 04:16:40 826,368 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
    - 2008-03-01 12:58:06 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
    + 2008-04-23 04:16:39 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
    - 2008-03-01 12:58:06 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
    + 2008-04-23 04:16:39 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
    - 2008-03-01 12:58:06 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
    + 2008-04-23 04:16:39 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
    - 2008-03-01 12:58:06 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
    + 2008-04-23 04:16:39 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
    - 2008-02-29 08:56:41 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
    + 2008-04-22 07:41:08 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
    - 2008-03-01 12:58:06 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
    + 2008-04-23 04:16:39 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
    - 2008-03-01 12:58:06 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
    + 2008-04-23 04:16:39 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
    - 2008-02-15 05:44:25 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
    + 2008-04-20 05:07:51 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
    - 2008-03-01 12:58:07 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
    + 2008-04-23 04:16:39 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
    - 2008-03-01 12:58:07 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
    + 2008-04-23 04:16:39 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
    - 2008-03-01 12:58:08 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
    + 2008-04-23 04:16:39 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
    - 2008-03-01 12:58:08 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
    + 2008-04-23 04:16:39 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
    - 2008-03-01 12:58:08 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
    + 2008-04-23 04:16:39 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
    - 2008-02-22 10:00:51 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
    + 2008-04-22 07:39:58 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
    - 2008-03-01 12:58:08 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
    + 2008-04-23 04:16:40 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
    - 2008-05-09 21:35:04 16,863,864 ----a-w C:\WINDOWS\system32\MRT.exe
    + 2008-05-29 23:35:11 17,486,968 ----a-w C:\WINDOWS\system32\MRT.exe
    - 2008-03-01 12:58:08 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
    + 2008-04-23 04:16:40 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
    - 2008-03-01 12:58:08 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
    + 2008-04-23 04:16:40 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
    - 2008-03-01 16:28:10 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
    + 2008-04-23 20:16:42 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
    - 2008-03-01 12:58:09 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
    + 2008-04-23 04:16:40 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
    - 2008-03-01 12:58:10 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
    + 2008-04-23 04:16:40 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
    - 2008-03-01 12:58:10 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
    + 2008-04-23 04:16:40 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
    - 2008-03-01 12:58:10 102,912 ----a-w C:\WINDOWS\system32\occache.dll
    + 2008-04-23 04:16:40 102,912 ----a-w C:\WINDOWS\system32\occache.dll
    - 2008-03-01 12:58:10 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
    + 2008-04-23 04:16:40 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
    - 2008-03-20 12:41:20 14,640 ------w C:\WINDOWS\system32\spmsg.dll
    + 2007-11-30 11:19:06 18,296 ------w C:\WINDOWS\system32\spmsg.dll
    - 2008-03-01 12:58:10 105,984 ----a-w C:\WINDOWS\system32\url.dll
    + 2008-04-23 04:16:40 105,984 ----a-w C:\WINDOWS\system32\url.dll
    - 2008-03-01 12:58:10 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
    + 2008-04-23 04:16:40 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
    - 2008-03-01 12:58:11 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
    + 2008-04-23 04:16:40 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
    .
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
    "TPSMain"="TPSMain.exe" [2005-08-12 11:14 266240 C:\WINDOWS\system32\TPSMain.exe]
    "SVPWUTIL"="C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe" [2004-05-01 13:45 65536]
    "RTHDCPL"="RTHDCPL.EXE" [2006-04-18 00:34 16143872 C:\WINDOWS\RTHDCPL.exe]
    "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2004-03-24 07:40 196608]
    "TPNF"="C:\Program Files\TOSHIBA\TouchPad\TPTray.exe" [2006-04-04 14:57 53248]
    "Tvs"="C:\Program Files\TOSHIBA\Tvs\TvsTray.exe" [2006-02-02 13:11 73728]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 14:00 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "AllowLegacyWebView"= 1 (0x1)
    "AllowUnhashedWebView"= 1 (0x1)

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "Boonty Games"=3 (0x3)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "TVAgent WiFi"=C:\Program Files\Kit ADSL\Wizard\Agent_WiFi.exe
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    "the load"=C:\DOCUME~1\Saltan\APPLIC~1\FUNKHE~1\Hold base.exe
    "L08FXLRD_1012062"="C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m
    "TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    "L08FXLRD_9275375"="C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    "CFSServ.exe"=CFSServ.exe -NoClient
    "NDSTray.exe"=NDSTray.exe
    "LtMoh"=C:\Program Files\ltmoh\Ltmoh.exe
    "ehTray"=C:\WINDOWS\ehome\ehtray.exe
    "HWSetup"=C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
    "CeEKEY"=C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
    "%FP%Friendly fts.exe"="C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe"
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    "SmoothView"=C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
    "Zooming"=ZoomingHook.exe
    "DDWMon"=C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe
    "1 mags 16 more"=C:\Documents and Settings\All Users\Application Data\Admin Inter 1 Mags\Trans Deaf.exe
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
    "AGRSMMSG"=AGRSMMSG.exe
    "PadTouch"=C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    "PCSuiteTrayApplication"=C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
    "ppmate"=C:\Program Files\PPMate\PPMate\ppmate.exe -autoplay
    "SpeedBitVideoAccelerator"="C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe"
    "DownloadAccelerator"="C:\Program Files\DAP\DAP.EXE" /STARTUP

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\LimeWire\\LimeWire.exe"=
    "C:\\Program Files\\eMule\\emule.exe"=
    "C:\\Documents and Settings\\Saltan\\Mes documents\\usb\\USB.exe"=
    "C:\\Program Files\\TVAnts\\Tvants.exe"=
    "C:\\Program Files\\SopCast\\SopCast.exe"=
    "C:\\Program Files\\Shareaza\\Shareaza.exe"=
    "C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
    "C:\\Program Files\\PPMate\\PPMate\\ppmate.exe"=
    "C:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\Azureus\\Azureus.exe"=
    "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
    "C:\\Program Files\\SpeedBit Video Accelerator\\VideoAcceleratorEngine.exe"=

    R2 sbbotdi;sbbotdi;C:\PROGRA~1\SPEEDB~1\sbbotdi.sys [2008-04-30 11:12]
    R2 tdudf;TOSHIBA UDF File System Driver;C:\WINDOWS\system32\DRIVERS\tdudf.sys [2006-04-18 15:12]
    R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2004-08-10 14:00]
    R3 PPPoEWin;PPPoEWin Miniport;C:\WINDOWS\system32\DRIVERS\PPPoEWin.SYS [2003-09-25 17:52]
    R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver;C:\WINDOWS\system32\DRIVERS\tdcmdpst.sys [2006-03-02 18:49]
    R3 X10Hid;X10 Hid Device;C:\WINDOWS\system32\Drivers\x10hid.sys [2005-11-28 10:45]
    S2 VideoAcceleratorService;VideoAcceleratorService;C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe [2008-04-30 11:12]
    S3 libusb0;LibUsb-Win32 - Kernel Driver 11/20/2005, 20051120;C:\WINDOWS\system32\DRIVERS\libusb0.sys [2006-04-22 22:34]
    S3 PPJoyBus;Parallel Port Joystick Bus device driver;C:\WINDOWS\system32\drivers\PPJoyBus.sys [2004-10-24 08:11]
    S3 PPortJoystick;Parallel Port Joystick device driver;C:\WINDOWS\system32\drivers\PPortJoy.sys [2004-10-24 08:11]
    S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-06-11 16:16]
    S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
    S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 00:08]
    S4 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" []

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a8bdd73e-9dd9-11dc-a47a-5050506f4531}]
    \Shell\AutoRun\command - F:\LaunchU3.exe

    *Newly Created Service* - TUNEUP.DEFRAG
    *Newly Created Service* - UXTUNEUP
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-06-11 17:00:02 C:\WINDOWS\Tasks\A623D410919C447C.job"
    - c:\docume~1\saltan\applic~1\funkhe~1\activewindowtool.exe
    "2007-09-15 15:53:10 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-06-11 17:00:07 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
    - C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
    "2006-12-13 19:57:51 C:\WINDOWS\Tasks\Rappel d'enregistrement 1.job"
    - C:\WINDOWS\system32\OOBE\oobebaln.exe
    "2006-12-13 19:57:51 C:\WINDOWS\Tasks\Rappel d'enregistrement 2.job"
    - C:\WINDOWS\system32\OOBE\oobebaln.exe
    "2008-06-11 13:30:52 C:\WINDOWS\Tasks\User_Feed_Synchronization-{0ECCA54E-CEB8-4589-8E94-BECE83041627}.job"
    - C:\WINDOWS\system32\msfeedssync.exe
    .
    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-11 19:45:30
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-06-11 19:50:06
    ComboFix-quarantined-files.txt 2008-06-11 17:49:12
    ComboFix2.txt 2008-06-10 15:43:35

    Pre-Run: 7,543,656,448 octets libres
    Post-Run: 7,544,258,560 octets libres

    400 --- E O F --- 2008-06-11 13:25:19




    Si j'ai fais une erreur de manip...
    a b 8 Sécurité
    11 Juin 2008 21:25:25

    Reposte un rapport Hijackthis :) 
    12 Juin 2008 00:17:46

    Une fois de plus merci de m'aider :)  :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 00:14:48, on 12/06/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\acs.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\TPSMain.exe
    C:\WINDOWS\system32\DVDRAMSV.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
    C:\WINDOWS\system32\TODDSrv.exe
    C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\TPSBattM.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\distnoted.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
    C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\system32\WISPTIS.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Saltan\Bureau\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    R3 - URLSearchHook: (no name) - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - (no file)
    R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL (file missing)
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - (no file)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: (no name) - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - (no file)
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
    O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
    O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
    O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
    O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall....
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/webplayer/stage6/windows/AutoD...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213....
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{FFA72E98-9702-4CA4-8390-A6AE75384165}: NameServer = 192.168.1.1
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
    O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
    O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --
    End of file - 10965 bytes
    a b 8 Sécurité
    12 Juin 2008 13:42:46

    Re,

    Recommence avec ce script :

    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}]
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SpybotSD TeaTimer"=-
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "the load"=-
    [-HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    12 Juin 2008 20:48:36

    OK, voici mon log Combofix:

    ComboFix 08-06-09.7 - Saltan 2008-06-12 20:28:33.4 - NTFSx86
    Endroit: C:\Documents and Settings\Saltan\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\Saltan\Bureau\CFScript.txt
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    ((((((((((((((((((((((((((((( Fichiers créés 2008-05-12 to 2008-06-12 ))))))))))))))))))))))))))))))))))))
    .

    2008-06-12 20:23 . 2008-06-12 20:23 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2008-06-12 20:23 . 2008-06-12 20:23 1,409 --a------ C:\WINDOWS\QTFont.for
    2008-06-11 16:39 . 2008-06-11 16:39 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-06-11 16:39 . 2008-06-10 19:02 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
    2008-06-11 16:39 . 2008-06-10 19:02 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-06-11 16:16 . 2008-06-11 16:16 354,560 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
    2008-06-11 16:16 . 2008-04-04 14:51 28,416 --a------ C:\WINDOWS\system32\uxtuneup.dll
    2008-06-11 14:53 . 2008-04-14 17:52 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys
    2008-06-11 14:53 . 2008-04-14 17:52 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
    2008-06-09 14:14 . 2008-06-09 14:14 <REP> d-------- C:\Documents and Settings\Saltan\Application Data\Malwarebytes
    2008-06-09 14:14 . 2008-06-09 14:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-06-07 15:10 . 2008-06-07 15:11 <REP> d-------- C:\Program Files\TI Education
    2008-06-07 15:10 . 2008-06-07 15:10 <REP> d-------- C:\Program Files\Fichiers communs\TI Shared
    2008-06-06 14:04 . 2008-06-06 14:04 <REP> d-------- C:\Program Files\Avira
    2008-06-06 14:04 . 2008-06-06 14:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
    2008-06-01 21:12 . 2008-06-01 21:11 691,545 --a------ C:\WINDOWS\unins000.exe
    2008-06-01 21:12 . 2008-06-01 21:12 2,556 --a------ C:\WINDOWS\unins000.dat
    2008-05-27 17:06 . 2008-05-27 17:06 <REP> d-------- C:\Program Files\Funk Heck Okay
    2008-05-15 22:49 . 2008-06-09 01:40 <REP> d-------- C:\Program Files\Pvm

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-06-11 14:17 --------- d-----w C:\Program Files\TuneUp Utilities 2008
    2008-06-11 13:56 --------- d-----w C:\Program Files\Messenger Plus! Live
    2008-06-08 14:27 --------- d-----w C:\Program Files\eMule
    2008-06-07 13:08 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-06-06 15:02 --------- d-----w C:\Program Files\TVUPlayer
    2008-06-06 12:57 --------- d-----w C:\Documents and Settings\Saltan\Application Data\Funk Heck Okay
    2008-06-06 10:30 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
    2008-06-02 18:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-06-02 18:31 --------- d-----w C:\Program Files\Spybot - Search & Destroy
    2008-06-01 16:18 --------- d-----w C:\Documents and Settings\Saltan\Application Data\LimeWire
    2008-05-31 20:35 --------- d-----w C:\Program Files\Dictionnaire
    2008-05-27 15:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Admin Inter 1 Mags
    2008-05-14 14:20 --------- d-----w C:\Program Files\SpeedBit Video Accelerator
    2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
    2008-05-04 20:10 --------- d-----w C:\Documents and Settings\Saltan\Application Data\Apple Computer
    2008-05-02 17:24 --------- d-----w C:\Program Files\LimeWire
    2008-04-30 13:51 --------- d-----w C:\Program Files\DAP
    2008-04-30 09:14 --------- d-----w C:\Program Files\Free Download Manager
    2008-04-30 09:11 --------- d-----w C:\Program Files\speed-bit
    2008-04-13 18:52 --------- d-----w C:\Program Files\Navilog1
    2008-04-12 11:20 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-04-12 11:01 --------- d-----w C:\Program Files\PC Inspector File Recovery
    2007-10-17 20:08 2,048 ----a-w C:\Documents and Settings\Saltan\Application Data\filterclsid.dat
    2006-12-16 13:20 0 ----a-w C:\Documents and Settings\Saltan\Application Data\wklnhst.dat
    .

    ((((((((((((((((((((((((((((( snapshot_2008-06-11_19.48.38.91 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-06-11 13:59:27 2,048 --s-a-w C:\WINDOWS\bootstat.dat
    + 2008-06-12 14:59:04 2,048 --s-a-w C:\WINDOWS\bootstat.dat
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
    "TPSMain"="TPSMain.exe" [2005-08-12 11:14 266240 C:\WINDOWS\system32\TPSMain.exe]
    "SVPWUTIL"="C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe" [2004-05-01 13:45 65536]
    "RTHDCPL"="RTHDCPL.EXE" [2006-04-18 00:34 16143872 C:\WINDOWS\RTHDCPL.exe]
    "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2004-03-24 07:40 196608]
    "TPNF"="C:\Program Files\TOSHIBA\TouchPad\TPTray.exe" [2006-04-04 14:57 53248]
    "Tvs"="C:\Program Files\TOSHIBA\Tvs\TvsTray.exe" [2006-02-02 13:11 73728]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 14:00 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "AllowLegacyWebView"= 1 (0x1)
    "AllowUnhashedWebView"= 1 (0x1)

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "Boonty Games"=3 (0x3)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "TVAgent WiFi"=C:\Program Files\Kit ADSL\Wizard\Agent_WiFi.exe
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    "the load"=C:\DOCUME~1\Saltan\APPLIC~1\FUNKHE~1\Hold base.exe
    "L08FXLRD_1012062"="C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m
    "TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    "L08FXLRD_9275375"="C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    "CFSServ.exe"=CFSServ.exe -NoClient
    "NDSTray.exe"=NDSTray.exe
    "LtMoh"=C:\Program Files\ltmoh\Ltmoh.exe
    "ehTray"=C:\WINDOWS\ehome\ehtray.exe
    "HWSetup"=C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
    "CeEKEY"=C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
    "%FP%Friendly fts.exe"="C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe"
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    "SmoothView"=C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
    "Zooming"=ZoomingHook.exe
    "DDWMon"=C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe
    "1 mags 16 more"=C:\Documents and Settings\All Users\Application Data\Admin Inter 1 Mags\Trans Deaf.exe
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
    "AGRSMMSG"=AGRSMMSG.exe
    "PadTouch"=C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    "PCSuiteTrayApplication"=C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
    "ppmate"=C:\Program Files\PPMate\PPMate\ppmate.exe -autoplay
    "SpeedBitVideoAccelerator"="C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe"
    "DownloadAccelerator"="C:\Program Files\DAP\DAP.EXE" /STARTUP

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\LimeWire\\LimeWire.exe"=
    "C:\\Program Files\\eMule\\emule.exe"=
    "C:\\Documents and Settings\\Saltan\\Mes documents\\usb\\USB.exe"=
    "C:\\Program Files\\TVAnts\\Tvants.exe"=
    "C:\\Program Files\\SopCast\\SopCast.exe"=
    "C:\\Program Files\\Shareaza\\Shareaza.exe"=
    "C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
    "C:\\Program Files\\PPMate\\PPMate\\ppmate.exe"=
    "C:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\Azureus\\Azureus.exe"=
    "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
    "C:\\Program Files\\SpeedBit Video Accelerator\\VideoAcceleratorEngine.exe"=

    R2 sbbotdi;sbbotdi;C:\PROGRA~1\SPEEDB~1\sbbotdi.sys [2008-04-30 11:12]
    R2 tdudf;TOSHIBA UDF File System Driver;C:\WINDOWS\system32\DRIVERS\tdudf.sys [2006-04-18 15:12]
    R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2004-08-10 14:00]
    R3 PPPoEWin;PPPoEWin Miniport;C:\WINDOWS\system32\DRIVERS\PPPoEWin.SYS [2003-09-25 17:52]
    R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver;C:\WINDOWS\system32\DRIVERS\tdcmdpst.sys [2006-03-02 18:49]
    R3 X10Hid;X10 Hid Device;C:\WINDOWS\system32\Drivers\x10hid.sys [2005-11-28 10:45]
    S2 VideoAcceleratorService;VideoAcceleratorService;C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe [2008-04-30 11:12]
    S3 libusb0;LibUsb-Win32 - Kernel Driver 11/20/2005, 20051120;C:\WINDOWS\system32\DRIVERS\libusb0.sys [2006-04-22 22:34]
    S3 PPJoyBus;Parallel Port Joystick Bus device driver;C:\WINDOWS\system32\drivers\PPJoyBus.sys [2004-10-24 08:11]
    S3 PPortJoystick;Parallel Port Joystick device driver;C:\WINDOWS\system32\drivers\PPortJoy.sys [2004-10-24 08:11]
    S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-06-11 16:16]
    S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
    S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 00:08]
    S4 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" []

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a8bdd73e-9dd9-11dc-a47a-5050506f4531}]
    \Shell\AutoRun\command - F:\LaunchU3.exe

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-06-12 18:00:02 C:\WINDOWS\Tasks\A623D410919C447C.job"
    - c:\docume~1\saltan\applic~1\funkhe~1\activewindowtool.exe
    "2007-09-15 15:53:10 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-06-12 18:00:03 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
    - C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
    "2006-12-13 19:57:51 C:\WINDOWS\Tasks\Rappel d'enregistrement 1.job"
    - C:\WINDOWS\system32\OOBE\oobebaln.exe
    "2006-12-13 19:57:51 C:\WINDOWS\Tasks\Rappel d'enregistrement 2.job"
    - C:\WINDOWS\system32\OOBE\oobebaln.exe
    "2008-06-12 15:07:13 C:\WINDOWS\Tasks\User_Feed_Synchronization-{0ECCA54E-CEB8-4589-8E94-BECE83041627}.job"
    - C:\WINDOWS\system32\msfeedssync.exe
    .
    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-12 20:36:22
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-06-12 20:43:21
    ComboFix-quarantined-files.txt 2008-06-12 18:42:54
    ComboFix2.txt 2008-06-11 17:50:08
    ComboFix3.txt 2008-06-10 15:43:35

    Pre-Run: 8,107,335,680 octets libres
    Post-Run: 8,212,770,816 octets libres

    191 --- E O F --- 2008-06-11 13:25:19
    a b 8 Sécurité
    13 Juin 2008 11:40:08

    Tu peux désactiver le Tea Timer de Spybot comme demandé ? :) 
    13 Juin 2008 15:14:44

    Désolé, j'avais oublié... :sarcastic:  Voila la j'ai tout désactivé:

    ComboFix 08-06-09.7 - Saltan 2008-06-13 14:55:01.5 - NTFSx86
    Endroit: C:\Documents and Settings\Saltan\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\Saltan\Bureau\CFScript.txt
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    ((((((((((((((((((((((((((((( Fichiers créés 2008-05-13 to 2008-06-13 ))))))))))))))))))))))))))))))))))))
    .

    2008-06-11 16:39 . 2008-06-11 16:39 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-06-11 16:39 . 2008-06-10 19:02 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
    2008-06-11 16:39 . 2008-06-10 19:02 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-06-11 16:16 . 2008-06-11 16:16 354,560 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
    2008-06-11 16:16 . 2008-04-04 14:51 28,416 --a------ C:\WINDOWS\system32\uxtuneup.dll
    2008-06-11 14:53 . 2008-04-14 17:52 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys
    2008-06-11 14:53 . 2008-04-14 17:52 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
    2008-06-09 14:14 . 2008-06-09 14:14 <REP> d-------- C:\Documents and Settings\Saltan\Application Data\Malwarebytes
    2008-06-09 14:14 . 2008-06-09 14:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-06-07 15:10 . 2008-06-07 15:11 <REP> d-------- C:\Program Files\TI Education
    2008-06-07 15:10 . 2008-06-07 15:10 <REP> d-------- C:\Program Files\Fichiers communs\TI Shared
    2008-06-06 14:04 . 2008-06-06 14:04 <REP> d-------- C:\Program Files\Avira
    2008-06-06 14:04 . 2008-06-06 14:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
    2008-06-01 21:12 . 2008-06-01 21:11 691,545 --a------ C:\WINDOWS\unins000.exe
    2008-06-01 21:12 . 2008-06-01 21:12 2,556 --a------ C:\WINDOWS\unins000.dat
    2008-05-27 17:06 . 2008-05-27 17:06 <REP> d-------- C:\Program Files\Funk Heck Okay
    2008-05-15 22:49 . 2008-06-09 01:40 <REP> d-------- C:\Program Files\Pvm

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-06-11 14:17 --------- d-----w C:\Program Files\TuneUp Utilities 2008
    2008-06-11 13:56 --------- d-----w C:\Program Files\Messenger Plus! Live
    2008-06-08 14:27 --------- d-----w C:\Program Files\eMule
    2008-06-07 13:08 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-06-06 15:02 --------- d-----w C:\Program Files\TVUPlayer
    2008-06-06 12:57 --------- d-----w C:\Documents and Settings\Saltan\Application Data\Funk Heck Okay
    2008-06-06 10:30 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
    2008-06-02 18:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-06-02 18:31 --------- d-----w C:\Program Files\Spybot - Search & Destroy
    2008-06-01 16:18 --------- d-----w C:\Documents and Settings\Saltan\Application Data\LimeWire
    2008-05-31 20:35 --------- d-----w C:\Program Files\Dictionnaire
    2008-05-27 15:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Admin Inter 1 Mags
    2008-05-14 14:20 --------- d-----w C:\Program Files\SpeedBit Video Accelerator
    2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
    2008-05-07 04:55 1,294,336 ----a-w C:\WINDOWS\system32\quartz.dll
    2008-05-04 20:10 --------- d-----w C:\Documents and Settings\Saltan\Application Data\Apple Computer
    2008-05-02 17:24 --------- d-----w C:\Program Files\LimeWire
    2008-04-30 13:51 --------- d-----w C:\Program Files\DAP
    2008-04-30 09:14 --------- d-----w C:\Program Files\Free Download Manager
    2008-04-30 09:11 --------- d-----w C:\Program Files\speed-bit
    2008-04-30 09:09 50,688 ----a-w C:\WINDOWS\system32\wbhelp2.dll
    2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
    2008-04-13 18:52 --------- d-----w C:\Program Files\Navilog1
    2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
    2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
    2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
    2007-10-17 20:08 2,048 ----a-w C:\Documents and Settings\Saltan\Application Data\filterclsid.dat
    2006-12-16 13:20 0 ----a-w C:\Documents and Settings\Saltan\Application Data\wklnhst.dat
    .

    ((((((((((((((((((((((((((((( snapshot_2008-06-11_19.48.38.91 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-06-11 13:59:27 2,048 --s-a-w C:\WINDOWS\bootstat.dat
    + 2008-06-13 11:43:27 2,048 --s-a-w C:\WINDOWS\bootstat.dat
    - 2008-05-29 23:35:11 17,486,968 ----a-w C:\WINDOWS\system32\MRT.exe
    + 2008-05-29 14:35:12 17,486,968 ----a-w C:\WINDOWS\system32\MRT.exe
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
    "TPSMain"="TPSMain.exe" [2005-08-12 11:14 266240 C:\WINDOWS\system32\TPSMain.exe]
    "SVPWUTIL"="C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe" [2004-05-01 13:45 65536]
    "RTHDCPL"="RTHDCPL.EXE" [2006-04-18 00:34 16143872 C:\WINDOWS\RTHDCPL.exe]
    "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2004-03-24 07:40 196608]
    "TPNF"="C:\Program Files\TOSHIBA\TouchPad\TPTray.exe" [2006-04-04 14:57 53248]
    "Tvs"="C:\Program Files\TOSHIBA\Tvs\TvsTray.exe" [2006-02-02 13:11 73728]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 14:00 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "AllowLegacyWebView"= 1 (0x1)
    "AllowUnhashedWebView"= 1 (0x1)

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "Boonty Games"=3 (0x3)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "TVAgent WiFi"=C:\Program Files\Kit ADSL\Wizard\Agent_WiFi.exe
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    "the load"=C:\DOCUME~1\Saltan\APPLIC~1\FUNKHE~1\Hold base.exe
    "L08FXLRD_1012062"="C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m
    "TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    "L08FXLRD_9275375"="C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    "CFSServ.exe"=CFSServ.exe -NoClient
    "NDSTray.exe"=NDSTray.exe
    "LtMoh"=C:\Program Files\ltmoh\Ltmoh.exe
    "ehTray"=C:\WINDOWS\ehome\ehtray.exe
    "HWSetup"=C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
    "CeEKEY"=C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
    "%FP%Friendly fts.exe"="C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe"
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    "SmoothView"=C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
    "Zooming"=ZoomingHook.exe
    "DDWMon"=C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe
    "1 mags 16 more"=C:\Documents and Settings\All Users\Application Data\Admin Inter 1 Mags\Trans Deaf.exe
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
    "AGRSMMSG"=AGRSMMSG.exe
    "PadTouch"=C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    "PCSuiteTrayApplication"=C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
    "ppmate"=C:\Program Files\PPMate\PPMate\ppmate.exe -autoplay
    "SpeedBitVideoAccelerator"="C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe"
    "DownloadAccelerator"="C:\Program Files\DAP\DAP.EXE" /STARTUP

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\LimeWire\\LimeWire.exe"=
    "C:\\Program Files\\eMule\\emule.exe"=
    "C:\\Documents and Settings\\Saltan\\Mes documents\\usb\\USB.exe"=
    "C:\\Program Files\\TVAnts\\Tvants.exe"=
    "C:\\Program Files\\SopCast\\SopCast.exe"=
    "C:\\Program Files\\Shareaza\\Shareaza.exe"=
    "C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
    "C:\\Program Files\\PPMate\\PPMate\\ppmate.exe"=
    "C:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\Azureus\\Azureus.exe"=
    "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
    "C:\\Program Files\\SpeedBit Video Accelerator\\VideoAcceleratorEngine.exe"=


    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a8bdd73e-9dd9-11dc-a47a-5050506f4531}]
    \Shell\AutoRun\command - F:\LaunchU3.exe

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-06-13 13:00:02 C:\WINDOWS\Tasks\A623D410919C447C.job"
    - c:\docume~1\saltan\applic~1\funkhe~1\activewindowtool.exe
    "2007-09-15 15:53:10 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-06-13 13:00:08 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
    - C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
    "2006-12-13 19:57:51 C:\WINDOWS\Tasks\Rappel d'enregistrement 1.job"
    - C:\WINDOWS\system32\OOBE\oobebaln.exe
    "2006-12-13 19:57:51 C:\WINDOWS\Tasks\Rappel d'enregistrement 2.job"
    - C:\WINDOWS\system32\OOBE\oobebaln.exe
    "2008-06-12 15:07:13 C:\WINDOWS\Tasks\User_Feed_Synchronization-{0ECCA54E-CEB8-4589-8E94-BECE83041627}.job"
    - C:\WINDOWS\system32\msfeedssync.exe
    .
    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-13 15:00:08
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-06-13 15:09:34
    ComboFix-quarantined-files.txt 2008-06-13 13:09:14
    ComboFix2.txt 2008-06-12 18:43:23
    ComboFix3.txt 2008-06-11 17:50:08
    ComboFix4.txt 2008-06-10 15:43:35

    Pre-Run: 8,197,242,880 octets libres
    Post-Run: 8,184,651,776 octets libres

    182 --- E O F --- 2008-06-13 11:07:32
    a b 8 Sécurité
    13 Juin 2008 15:40:21

    Citation :
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

    Le Tea Timer est toujours présent.
    13 Juin 2008 17:24:24

    Re-désolé... :pfff:  cette fois-ci je l'ai bien fermé :)  :

    ComboFix 08-06-09.7 - Saltan 2008-06-13 17:08:19.6 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.170 [GMT 2:00]
    Endroit: C:\Documents and Settings\Saltan\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\Saltan\Bureau\CFScript.txt
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    ((((((((((((((((((((((((((((( Fichiers créés 2008-05-13 to 2008-06-13 ))))))))))))))))))))))))))))))))))))
    .

    2008-06-11 16:39 . 2008-06-11 16:39 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-06-11 16:39 . 2008-06-10 19:02 34,296 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
    2008-06-11 16:39 . 2008-06-10 19:02 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-06-11 16:16 . 2008-06-11 16:16 354,560 --a------ C:\WINDOWS\system32\TuneUpDefragService.exe
    2008-06-11 16:16 . 2008-04-04 14:51 28,416 --a------ C:\WINDOWS\system32\uxtuneup.dll
    2008-06-11 14:53 . 2008-04-14 17:52 272,768 --------- C:\WINDOWS\system32\drivers\bthport.sys
    2008-06-11 14:53 . 2008-04-14 17:52 272,768 -----c--- C:\WINDOWS\system32\dllcache\bthport.sys
    2008-06-09 14:14 . 2008-06-09 14:14 <REP> d-------- C:\Documents and Settings\Saltan\Application Data\Malwarebytes
    2008-06-09 14:14 . 2008-06-09 14:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-06-07 15:10 . 2008-06-07 15:11 <REP> d-------- C:\Program Files\TI Education
    2008-06-07 15:10 . 2008-06-07 15:10 <REP> d-------- C:\Program Files\Fichiers communs\TI Shared
    2008-06-06 14:04 . 2008-06-06 14:04 <REP> d-------- C:\Program Files\Avira
    2008-06-06 14:04 . 2008-06-06 14:04 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
    2008-06-01 21:12 . 2008-06-01 21:11 691,545 --a------ C:\WINDOWS\unins000.exe
    2008-06-01 21:12 . 2008-06-01 21:12 2,556 --a------ C:\WINDOWS\unins000.dat
    2008-05-27 17:06 . 2008-05-27 17:06 <REP> d-------- C:\Program Files\Funk Heck Okay
    2008-05-15 22:49 . 2008-06-09 01:40 <REP> d-------- C:\Program Files\Pvm

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-06-13 14:36 --------- d-----w C:\Program Files\eMule
    2008-06-11 14:17 --------- d-----w C:\Program Files\TuneUp Utilities 2008
    2008-06-11 13:56 --------- d-----w C:\Program Files\Messenger Plus! Live
    2008-06-07 13:08 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-06-06 15:02 --------- d-----w C:\Program Files\TVUPlayer
    2008-06-06 12:57 --------- d-----w C:\Documents and Settings\Saltan\Application Data\Funk Heck Okay
    2008-06-06 10:30 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
    2008-06-02 18:32 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-06-02 18:31 --------- d-----w C:\Program Files\Spybot - Search & Destroy
    2008-06-01 16:18 --------- d-----w C:\Documents and Settings\Saltan\Application Data\LimeWire
    2008-05-31 20:35 --------- d-----w C:\Program Files\Dictionnaire
    2008-05-27 15:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\Admin Inter 1 Mags
    2008-05-14 14:20 --------- d-----w C:\Program Files\SpeedBit Video Accelerator
    2008-05-08 12:28 202,752 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
    2008-05-07 04:55 1,294,336 ----a-w C:\WINDOWS\system32\quartz.dll
    2008-05-04 20:10 --------- d-----w C:\Documents and Settings\Saltan\Application Data\Apple Computer
    2008-05-02 17:24 --------- d-----w C:\Program Files\LimeWire
    2008-04-30 13:51 --------- d-----w C:\Program Files\DAP
    2008-04-30 09:14 --------- d-----w C:\Program Files\Free Download Manager
    2008-04-30 09:11 --------- d-----w C:\Program Files\speed-bit
    2008-04-30 09:09 50,688 ----a-w C:\WINDOWS\system32\wbhelp2.dll
    2008-04-23 04:16 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
    2008-04-13 18:52 --------- d-----w C:\Program Files\Navilog1
    2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
    2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
    2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
    2007-10-17 20:08 2,048 ----a-w C:\Documents and Settings\Saltan\Application Data\filterclsid.dat
    2006-12-16 13:20 0 ----a-w C:\Documents and Settings\Saltan\Application Data\wklnhst.dat
    .

    ((((((((((((((((((((((((((((( snapshot_2008-06-11_19.48.38.91 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-06-11 13:59:27 2,048 --s-a-w C:\WINDOWS\bootstat.dat
    + 2008-06-13 11:43:27 2,048 --s-a-w C:\WINDOWS\bootstat.dat
    - 2008-05-29 23:35:11 17,486,968 ----a-w C:\WINDOWS\system32\MRT.exe
    + 2008-05-29 14:35:12 17,486,968 ----a-w C:\WINDOWS\system32\MRT.exe
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2ba521ac-b9b9-4433-ba45-dba2f02cba5a}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
    "the load"="C:\DOCUME~1\Saltan\APPLIC~1\FUNKHE~1\Hold base.exe" [2008-05-27 17:06 474624]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
    "TPSMain"="TPSMain.exe" [2005-08-12 11:14 266240 C:\WINDOWS\system32\TPSMain.exe]
    "SVPWUTIL"="C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe" [2004-05-01 13:45 65536]
    "RTHDCPL"="RTHDCPL.EXE" [2006-04-18 00:34 16143872 C:\WINDOWS\RTHDCPL.exe]
    "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2004-03-24 07:40 196608]
    "TPNF"="C:\Program Files\TOSHIBA\TouchPad\TPTray.exe" [2006-04-04 14:57 53248]
    "Tvs"="C:\Program Files\TOSHIBA\Tvs\TvsTray.exe" [2006-02-02 13:11 73728]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 14:00 15360]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
    "AllowLegacyWebView"= 1 (0x1)
    "AllowUnhashedWebView"= 1 (0x1)

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
    "Boonty Games"=3 (0x3)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
    "TVAgent WiFi"=C:\Program Files\Kit ADSL\Wizard\Agent_WiFi.exe
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe
    "swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    "the load"=C:\DOCUME~1\Saltan\APPLIC~1\FUNKHE~1\Hold base.exe
    "L08FXLRD_1012062"="C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m
    "TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
    "L08FXLRD_9275375"="C:\Program Files\Microsoft Etudes\Microsoft Encarta 2008 - Études DVD\EDICT.EXE" -m

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    "ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
    "CFSServ.exe"=CFSServ.exe -NoClient
    "NDSTray.exe"=NDSTray.exe
    "LtMoh"=C:\Program Files\ltmoh\Ltmoh.exe
    "ehTray"=C:\WINDOWS\ehome\ehtray.exe
    "HWSetup"=C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP
    "CeEKEY"=C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe
    "%FP%Friendly fts.exe"="C:\Program Files\Friendly Technologies\BroadbandAccess\fts.exe"
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    "SmoothView"=C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
    "Zooming"=ZoomingHook.exe
    "DDWMon"=C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe
    "1 mags 16 more"=C:\Documents and Settings\All Users\Application Data\Admin Inter 1 Mags\Trans Deaf.exe
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
    "AGRSMMSG"=AGRSMMSG.exe
    "PadTouch"=C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
    "PCSuiteTrayApplication"=C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
    "ppmate"=C:\Program Files\PPMate\PPMate\ppmate.exe -autoplay
    "SpeedBitVideoAccelerator"="C:\Program Files\SpeedBit Video Accelerator\VideoAccelerator.exe"
    "DownloadAccelerator"="C:\Program Files\DAP\DAP.EXE" /STARTUP

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\LimeWire\\LimeWire.exe"=
    "C:\\Program Files\\eMule\\emule.exe"=
    "C:\\Documents and Settings\\Saltan\\Mes documents\\usb\\USB.exe"=
    "C:\\Program Files\\TVAnts\\Tvants.exe"=
    "C:\\Program Files\\SopCast\\SopCast.exe"=
    "C:\\Program Files\\Shareaza\\Shareaza.exe"=
    "C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
    "C:\\Program Files\\PPMate\\PPMate\\ppmate.exe"=
    "C:\\Program Files\\TVUPlayer\\TVUPlayer.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\Azureus\\Azureus.exe"=
    "C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
    "C:\\Program Files\\SpeedBit Video Accelerator\\VideoAcceleratorEngine.exe"=

    R2 sbbotdi;sbbotdi;C:\PROGRA~1\SPEEDB~1\sbbotdi.sys [2008-04-30 11:12]
    R2 tdudf;TOSHIBA UDF File System Driver;C:\WINDOWS\system32\DRIVERS\tdudf.sys [2006-04-18 15:12]
    R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2004-08-10 14:00]
    R3 PPPoEWin;PPPoEWin Miniport;C:\WINDOWS\system32\DRIVERS\PPPoEWin.SYS [2003-09-25 17:52]
    R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver;C:\WINDOWS\system32\DRIVERS\tdcmdpst.sys [2006-03-02 18:49]
    R3 X10Hid;X10 Hid Device;C:\WINDOWS\system32\Drivers\x10hid.sys [2005-11-28 10:45]
    S2 VideoAcceleratorService;VideoAcceleratorService;C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe [2008-04-30 11:12]
    S3 libusb0;LibUsb-Win32 - Kernel Driver 11/20/2005, 20051120;C:\WINDOWS\system32\DRIVERS\libusb0.sys [2006-04-22 22:34]
    S3 PPJoyBus;Parallel Port Joystick Bus device driver;C:\WINDOWS\system32\drivers\PPJoyBus.sys [2004-10-24 08:11]
    S3 PPortJoystick;Parallel Port Joystick device driver;C:\WINDOWS\system32\drivers\PPortJoy.sys [2004-10-24 08:11]
    S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-06-11 16:16]
    S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
    S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 00:08]
    S4 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" []

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
    UxTuneUp

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a8bdd73e-9dd9-11dc-a47a-5050506f4531}]
    \Shell\AutoRun\command - F:\LaunchU3.exe

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-06-13 15:00:05 C:\WINDOWS\Tasks\A623D410919C447C.job"
    - c:\docume~1\saltan\applic~1\funkhe~1\activewindowtool.exe
    "2007-09-15 15:53:10 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-06-13 15:15:03 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
    - C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
    "2006-12-13 19:57:51 C:\WINDOWS\Tasks\Rappel d'enregistrement 1.job"
    - C:\WINDOWS\system32\OOBE\oobebaln.exe
    "2006-12-13 19:57:51 C:\WINDOWS\Tasks\Rappel d'enregistrement 2.job"
    - C:\WINDOWS\system32\OOBE\oobebaln.exe
    "2008-06-12 15:07:13 C:\WINDOWS\Tasks\User_Feed_Synchronization-{0ECCA54E-CEB8-4589-8E94-BECE83041627}.job"
    - C:\WINDOWS\system32\msfeedssync.exe
    .
    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-13 17:13:03
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...


    **************************************************************************
    .
    Temps d'accomplissement: 2008-06-13 17:18:05
    ComboFix-quarantined-files.txt 2008-06-13 15:15:45
    ComboFix2.txt 2008-06-13 13:09:37
    ComboFix3.txt 2008-06-12 18:43:23
    ComboFix4.txt 2008-06-11 17:50:08
    ComboFix5.txt 2008-06-10 15:43:35

    Pre-Run: 9,805,451,264 octets libres
    Post-Run: 9,795,866,624 octets libres

    197 --- E O F --- 2008-06-13 11:07:32
    a b 8 Sécurité
    13 Juin 2008 17:35:25

    On va faire autrement...
    Reposte un rapport Hijackthis.
    13 Juin 2008 17:41:34

    Y'a un problème?? J'ai encore fait une bourde?? :sweat: 
    Je viens de redémarrer mon Pc et le processus n'est toujours pas apparu....

    Mon log:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:39:22, on 13/06/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\acs.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\system32\DVDRAMSV.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\TODDSrv.exe
    C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\TPSMain.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
    C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\WINDOWS\system32\TPSBattM.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\distnoted.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\Saltan\Bureau\HiJackThis.exe
    C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    R3 - URLSearchHook: (no name) - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - (no file)
    R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL (file missing)
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - (no file)
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: (no name) - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - (no file)
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
    O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
    O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
    O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
    O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall....
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/webplayer/stage6/windows/AutoD...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213....
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{FFA72E98-9702-4CA4-8390-A6AE75384165}: NameServer = 192.168.1.1
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
    O23 - Service: Avira AntiVir Personal %u2013 Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal %u2013 Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
    O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --
    End of file - 10845 bytes

    PS: finalement le processus est revenu... (et les pubs intempestives avec)
    a b 8 Sécurité
    14 Juin 2008 11:14:54

    Ok :/ 

    Fix les lignes dans le cadre ci-dessous avec HijackThis : AIDE EN IMAGES

    R3 - URLSearchHook: (no name) - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - (no file)
    R3 - URLSearchHook: (no name) - {0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - C:\Program Files\AskSBar\SrchAstt\1.bin\A2SRCHAS.DLL (file missing)
    O2 - BHO: (no name) - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - (no file)
    O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
    O3 - Toolbar: (no name) - {2ba521ac-b9b9-4433-ba45-dba2f02cba5a} - (no file)
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe


    Refais un scan LopS&D option 1.
    14 Juin 2008 11:42:24

    C'est bon j'ai fais ce que tu m'a demandé. Si je me suis trompé cette fois je me tire une balle ! :fou:  Non, sérieusement le dossier backup crée j'en fait quoi? Voici mon rapport Lop S&D:


    -----------------------[ Lop S&D 4.2.1-4 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : Saltan ] [ "C:\Lop SD" ] [ Selection : 1 ]
    [ 14/06/2008 | 11:36:04,93 ] [ PC : YOUR-CE899BE174 ]
    [ MAJ : 13-06-2008 | 02:10 ]

    -------------[ Listing des dossiers dans Application Data ]------------

    [11/10/2006|01:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
    [25/09/2006|14:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
    [11/10/2006|01:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
    [11/10/2006|01:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
    [11/10/2006|01:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
    [11/10/2006|01:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\toshiba

    [27/05/2008|17:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Admin Inter 1 Mags
    [13/02/2008|20:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [30/06/2007|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [13/02/2007|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [06/06/2008|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    [20/07/2007|00:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
    [01/12/2007|15:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
    [20/03/2007|21:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
    [25/09/2006|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [07/03/2008|23:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
    [07/03/2008|01:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [29/06/2007|02:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [21/02/2008|23:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
    [12/03/2008|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [09/06/2008|14:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [11/11/2007|01:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [23/02/2008|17:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [28/06/2007|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
    [06/03/2007|22:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
    [18/03/2008|23:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
    [27/09/2007|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
    [12/02/2007|21:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [02/06/2008|20:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [05/07/2007|03:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [06/06/2008|12:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [05/03/2008|02:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
    [05/01/2007|18:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [14/12/2006|22:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [04/07/2007|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
    [11/11/2007|00:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [29/06/2007|02:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

    [11/10/2006|01:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
    [25/09/2006|14:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [11/10/2006|01:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [04/07/2007|22:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [11/10/2006|01:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
    [11/10/2006|01:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\toshiba

    [05/11/2007|14:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
    [11/10/2006|01:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [11/10/2006|01:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander

    [04/11/2007|21:22] C:\DOCUME~1\NETWOR~1\APPLIC~1\Google
    [11/10/2006|01:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [08/03/2008|02:05] C:\DOCUME~1\Saltan\APPLIC~1\Adblock Pro
    [03/01/2008|17:12] C:\DOCUME~1\Saltan\APPLIC~1\Adobe
    [25/01/2007|21:01] C:\DOCUME~1\Saltan\APPLIC~1\AdobeUM
    [04/05/2008|22:10] C:\DOCUME~1\Saltan\APPLIC~1\Apple Computer
    [20/07/2007|00:14] C:\DOCUME~1\Saltan\APPLIC~1\AVS4YOU
    [22/03/2008|16:51] C:\DOCUME~1\Saltan\APPLIC~1\Azureus
    [22/12/2007|23:31] C:\DOCUME~1\Saltan\APPLIC~1\Datalayer
    [25/09/2006|14:53] C:\DOCUME~1\Saltan\APPLIC~1\desktop.ini
    [18/12/2006|19:00] C:\DOCUME~1\Saltan\APPLIC~1\DivX
    [08/03/2008|19:22] C:\DOCUME~1\Saltan\APPLIC~1\dvdcss
    [17/10/2007|22:08] C:\DOCUME~1\Saltan\APPLIC~1\filterclsid.dat
    [06/06/2008|14:57] C:\DOCUME~1\Saltan\APPLIC~1\Funk Heck Okay
    [25/03/2007|18:32] C:\DOCUME~1\Saltan\APPLIC~1\GetRightToGo
    [27/01/2007|13:07] C:\DOCUME~1\Saltan\APPLIC~1\G-Force Prefs (WindowsMediaPlayer).txt
    [04/11/2007|16:25] C:\DOCUME~1\Saltan\APPLIC~1\Google
    [29/06/2007|11:38] C:\DOCUME~1\Saltan\APPLIC~1\Grisoft
    [24/04/2007|21:25] C:\DOCUME~1\Saltan\APPLIC~1\Help
    [11/10/2006|01:30] C:\DOCUME~1\Saltan\APPLIC~1\Identities
    [28/06/2007|17:17] C:\DOCUME~1\Saltan\APPLIC~1\InterVideo
    [01/06/2008|18:18] C:\DOCUME~1\Saltan\APPLIC~1\LimeWire
    [06/10/2007|18:37] C:\DOCUME~1\Saltan\APPLIC~1\Macromedia
    [09/06/2008|14:14] C:\DOCUME~1\Saltan\APPLIC~1\Malwarebytes
    [05/03/2008|20:37] C:\DOCUME~1\Saltan\APPLIC~1\Microsoft
    [04/06/2007|21:14] C:\DOCUME~1\Saltan\APPLIC~1\Mozilla
    [14/12/2006|21:45] C:\DOCUME~1\Saltan\APPLIC~1\MSNInstaller
    [06/03/2007|22:43] C:\DOCUME~1\Saltan\APPLIC~1\Nokia
    [06/03/2007|22:19] C:\DOCUME~1\Saltan\APPLIC~1\PC Suite
    [08/04/2007|01:03] C:\DOCUME~1\Saltan\APPLIC~1\PC Tools
    [04/11/2007|16:26] C:\DOCUME~1\Saltan\APPLIC~1\PPMate
    [17/11/2007|15:01] C:\DOCUME~1\Saltan\APPLIC~1\PPStream
    [03/11/2007|15:57] C:\DOCUME~1\Saltan\APPLIC~1\Real
    [07/03/2008|01:26] C:\DOCUME~1\Saltan\APPLIC~1\Samsung
    [29/10/2007|00:26] C:\DOCUME~1\Saltan\APPLIC~1\Shareaza
    [09/02/2008|17:05] C:\DOCUME~1\Saltan\APPLIC~1\SopCast
    [11/02/2007|16:31] C:\DOCUME~1\Saltan\APPLIC~1\Sun
    [11/10/2006|01:30] C:\DOCUME~1\Saltan\APPLIC~1\Symantec
    [02/02/2007|21:42] C:\DOCUME~1\Saltan\APPLIC~1\Talkback
    [28/06/2007|17:08] C:\DOCUME~1\Saltan\APPLIC~1\Template
    [06/02/2007|18:55] C:\DOCUME~1\Saltan\APPLIC~1\toshiba
    [29/06/2007|02:04] C:\DOCUME~1\Saltan\APPLIC~1\TuneUp Software
    [04/11/2007|21:23] C:\DOCUME~1\Saltan\APPLIC~1\TVU Networks
    [28/11/2007|20:56] C:\DOCUME~1\Saltan\APPLIC~1\U3
    [18/03/2007|19:51] C:\DOCUME~1\Saltan\APPLIC~1\vlc
    [26/06/2007|20:14] C:\DOCUME~1\Saltan\APPLIC~1\WinRAR
    [16/12/2006|15:20] C:\DOCUME~1\Saltan\APPLIC~1\wklnhst.dat

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [14/06/2008 02:00][--ah-----] C:\WINDOWS\tasks\A623D410919C447C.job
    [13/06/2008 19:12][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{0ECCA54E-CEB8-4589-8E94-BECE83041627}.job
    [14/06/2008 11:11][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
    [15/09/2007 17:53][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [13/12/2006 21:57][--a------] C:\WINDOWS\tasks\Rappel d'enregistrement 2.job
    [13/12/2006 21:57][--a------] C:\WINDOWS\tasks\Rappel d'enregistrement 1.job
    [14/06/2008 11:11][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [10/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    A623D410919C447C.job <--> c:\docume~1\saltan\applic~1\funkhe~1\activewindowtool.exe

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [02/02/2007|23:51] C:\Program Files\7-Zip
    [13/02/2008|20:21] C:\Program Files\Adobe
    [17/11/2007|15:10] C:\Program Files\Adverts
    [05/07/2007|14:25] C:\Program Files\Alwil Software
    [11/10/2006|01:49] C:\Program Files\Apoint2K
    [16/09/2007|12:02] C:\Program Files\Apple Software Update
    [13/12/2006|21:59] C:\Program Files\Atheros
    [11/10/2006|01:50] C:\Program Files\ATI Technologies
    [23/02/2008|18:46] C:\Program Files\AVIConverter
    [06/06/2008|14:04] C:\Program Files\Avira
    [22/03/2008|16:51] C:\Program Files\Azureus
    [18/01/2008|22:57] C:\Program Files\Bonjour
    [29/06/2007|02:03] C:\Program Files\CCleaner
    [10/03/2008|21:13] C:\Program Files\Circle Developement
    [11/10/2006|01:50] C:\Program Files\Common Files
    [13/09/2007|20:14] C:\Program Files\CSO-DAX Compressor
    [30/04/2008|15:51] C:\Program Files\DAP
    [15/01/2007|20:11] C:\Program Files\declic
    [31/05/2008|22:35] C:\Program Files\Dictionnaire
    [06/03/2007|22:19] C:\Program Files\DIFX
    [07/03/2008|01:11] C:\Program Files\DivX
    [17/12/2006|17:34] C:\Program Files\DVD-RAM
    [18/11/2007|17:26] C:\Program Files\Eidos Interactive
    [13/06/2008|16:36] C:\Program Files\eMule
    [07/06/2008|15:10] C:\Program Files\Fichiers communs
    [30/04/2008|11:14] C:\Program Files\Free Download Manager
    [11/01/2007|21:27] C:\Program Files\Friendly Technologies
    [27/05/2008|17:06] C:\Program Files\Funk Heck Okay
    [07/03/2008|01:12] C:\Program Files\Google
    [29/06/2007|02:07] C:\Program Files\Grisoft
    [10/03/2008|22:16] C:\Program Files\Hitware Popup Killer Lite 3
    [12/04/2008|13:20] C:\Program Files\InstallShield Installation Information
    [11/06/2008|15:59] C:\Program Files\Internet Explorer
    [21/11/2007|18:04] C:\Program Files\InterVideo
    [18/01/2008|23:01] C:\Program Files\iPod
    [30/01/2008|15:27] C:\Program Files\IrfanView
    [18/01/2008|23:02] C:\Program Files\iTunes
    [20/01/2008|20:01] C:\Program Files\Java
    [20/01/2008|19:59] C:\Program Files\khi3
    [06/02/2007|19:45] C:\Program Files\Kit ADSL
    [29/06/2007|02:13] C:\Program Files\Lavasoft
    [23/02/2008|17:35] C:\Program Files\Learning Essentials
    [02/05/2008|19:24] C:\Program Files\LimeWire
    [11/10/2006|01:54] C:\Program Files\ltmoh
    [11/06/2008|16:39] C:\Program Files\Malwarebytes' Anti-Malware
    [23/02/2008|18:46] C:\Program Files\MediaCoder
    [11/06/2008|15:56] C:\Program Files\Messenger Plus! Live
    [05/07/2007|15:12] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [11/10/2006|01:56] C:\Program Files\Microsoft Digital Image 2006
    [23/02/2008|17:43] C:\Program Files\Microsoft Etudes
    [11/10/2006|01:56] C:\Program Files\microsoft frontpage
    [21/11/2007|18:08] C:\Program Files\Microsoft Office
    [28/06/2007|18:40] C:\Program Files\Microsoft Works
    [30/05/2007|18:23] C:\Program Files\Microsoft.NET
    [11/10/2006|01:59] C:\Program Files\Movie Maker
    [14/06/2008|11:19] C:\Program Files\Mozilla Firefox
    [04/09/2007|13:57] C:\Program Files\MSECache
    [28/06/2007|18:46] C:\Program Files\MSN
    [11/10/2006|01:59] C:\Program Files\MSN Gaming Zone
    [11/11/2007|00:32] C:\Program Files\MSN Messenger
    [15/08/2007|21:33] C:\Program Files\MSXML 4.0
    [24/02/2008|19:18] C:\Program Files\MSXML 6.0
    [13/04/2008|20:52] C:\Program Files\Navilog1
    [11/10/2006|01:59] C:\Program Files\NetMeeting
    [07/03/2008|23:29] C:\Program Files\Nokia
    [11/10/2006|02:00] C:\Program Files\Online Services
    [15/06/2007|16:17] C:\Program Files\Outlook Express
    [05/03/2008|17:28] C:\Program Files\Panicware
    [12/04/2008|13:01] C:\Program Files\PC Inspector File Recovery
    [30/01/2007|22:09] C:\Program Files\PiMPWare
    [07/03/2008|02:55] C:\Program Files\PPMate
    [07/03/2008|02:23] C:\Program Files\PpStream Fr
    [11/04/2008|22:09] C:\Program Files\Project64 1.6
    [09/06/2008|01:40] C:\Program Files\Pvm
    [21/03/2007|00:08] C:\Program Files\QI
    [07/03/2008|01:54] C:\Program Files\QuickTime
    [03/11/2007|15:54] C:\Program Files\Real
    [11/10/2006|02:00] C:\Program Files\Realtek
    [11/10/2006|02:00] C:\Program Files\Services en ligne
    [29/10/2007|00:26] C:\Program Files\Shareaza
    [13/02/2007|17:05] C:\Program Files\ShiftCast
    [11/04/2008|23:57] C:\Program Files\Sony
    [10/02/2008|21:43] C:\Program Files\SopCast
    [30/04/2008|11:11] C:\Program Files\speed-bit
    [14/05/2008|16:20] C:\Program Files\SpeedBit Video Accelerator
    [02/06/2008|20:31] C:\Program Files\Spybot - Search & Destroy
    [07/06/2008|15:11] C:\Program Files\TI Education
    [11/10/2006|02:07] C:\Program Files\TOOLSCD
    [11/10/2006|02:01] C:\Program Files\TOSHIBA
    [11/06/2008|16:17] C:\Program Files\TuneUp Utilities 2008
    [18/01/2008|23:06] C:\Program Files\TVAnts
    [06/06/2008|17:02] C:\Program Files\TVUPlayer
    [27/09/2006|06:03] C:\Program Files\Uninstall Information
    [18/03/2007|19:43] C:\Program Files\VideoLAN
    [11/10/2006|02:01] C:\Program Files\Windows Desktop Search
    [04/07/2007|22:43] C:\Program Files\Windows Live
    [05/07/2007|00:00] C:\Program Files\Windows Live Toolbar
    [05/01/2007|18:38] C:\Program Files\Windows Media Connect 2
    [05/01/2007|18:38] C:\Program Files\Windows Media Player
    [11/10/2006|02:01] C:\Program Files\Windows NT
    [11/10/2006|02:01] C:\Program Files\Windows Plus
    [25/09/2006|13:00] C:\Program Files\WindowsUpdate
    [26/06/2007|20:13] C:\Program Files\WinRAR
    [03/02/2007|15:42] C:\Program Files\WinZip
    [11/10/2006|02:01] C:\Program Files\X10 Hardware
    [11/10/2006|02:01] C:\Program Files\xerox
    [29/06/2007|02:02] C:\Program Files\Yahoo!
    [30/03/2007|11:19] C:\Program Files\Zone Labs

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [13/02/2008|20:22] C:\Program Files\Fichiers communs\Adobe
    [30/06/2007|17:36] C:\Program Files\Fichiers communs\Apple
    [20/07/2007|00:16] C:\Program Files\Fichiers communs\AVSMedia
    [28/06/2007|16:45] C:\Program Files\Fichiers communs\DESIGNER
    [11/01/2007|21:27] C:\Program Files\Fichiers communs\FTL Shared
    [11/10/2006|01:50] C:\Program Files\Fichiers communs\InstallShield
    [11/10/2006|01:50] C:\Program Files\Fichiers communs\InterVideo
    [11/10/2006|01:50] C:\Program Files\Fichiers communs\Java
    [23/02/2008|17:42] C:\Program Files\Fichiers communs\Microsoft Shared
    [04/06/2007|21:12] C:\Program Files\Fichiers communs\mozilla.org
    [11/10/2006|01:51] C:\Program Files\Fichiers communs\MSSoap
    [07/03/2008|23:30] C:\Program Files\Fichiers communs\Nokia
    [11/10/2006|01:51] C:\Program Files\Fichiers communs\ODBC
    [07/03/2008|23:30] C:\Program Files\Fichiers communs\PCSuite
    [03/11/2007|15:54] C:\Program Files\Fichiers communs\Real
    [11/10/2006|01:51] C:\Program Files\Fichiers communs\Services
    [11/10/2006|01:51] C:\Program Files\Fichiers communs\SpeechEngines
    [07/03/2008|01:17] C:\Program Files\Fichiers communs\Symantec Shared
    [04/11/2007|16:26] C:\Program Files\Fichiers communs\Synacast
    [15/06/2007|16:17] C:\Program Files\Fichiers communs\System
    [07/06/2008|15:10] C:\Program Files\Fichiers communs\TI Shared
    [11/11/2007|00:28] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [07/06/2008|15:08] C:\Program Files\Fichiers communs\Wise Installation Wizard
    [03/11/2007|15:55] C:\Program Files\Fichiers communs\xing shared

    ---------------------------[ Process ]--------------------------

    ... 45

    ... OK !

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Admin Inter 1 Mags
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Admin Inter 1 Mags\Settings Itch.exe
    C:\DOCUME~1\ALLUSE~1\APPLIC~1\Admin Inter 1 Mags\Trans Deaf.exe
    C:\DOCUME~1\Saltan\APPLIC~1\funkhe~1
    C:\DOCUME~1\Saltan\APPLIC~1\funkhe~1\activewindowtool.exe
    C:\DOCUME~1\Saltan\APPLIC~1\funkhe~1\Hold base.exe
    C:\DOCUME~1\Saltan\APPLIC~1\funkhe~1\Internetownsdoglink.exe
    C:\DOCUME~1\Saltan\APPLIC~1\funkhe~1\lgxqumrh.exe
    C:\DOCUME~1\Saltan\APPLIC~1\funkhe~1\tyidmqvw.exe
    C:\DOCUME~1\Saltan\APPLIC~1\funkhe~1\wlludwve.exe
    C:\Program Files\funkhe~1
    C:\Program Files\Adverts
    C:\Program Files\Circle Developement
    C:\WINDOWS\Prefetch\ACTIVEWINDOWTOOL.EXE-32405B31.pf
    C:\DOCUME~1\Saltan\Cookies\saltan@banner.cotedazurpalace[2].txt
    C:\DOCUME~1\Saltan\Cookies\saltan@cotedazurpalace[2].txt
    C:\DOCUME~1\Saltan\Cookies\saltan@adopt.euroclick[2].txt
    C:\DOCUME~1\Saltan\Cookies\saltan@32vegas[1].txt
    C:\DOCUME~1\Saltan\Cookies\saltan@banner.32vegas[2].txt
    C:\WINDOWS\Tasks\A623D410919C447C.job

    ----------------------[ Verification du Registre ]----------------------

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts MODIFIE

    127.0.0.1 bin.errorprotector.com ## added by CiD
    127.0.0.1 br.errorsafe.com ## added by CiD
    127.0.0.1 br.winantivirus.com ## added by CiD
    127.0.0.1 br.winfixer.com ## added by CiD
    127.0.0.1 cdn.drivecleaner.com ## added by CiD
    127.0.0.1 cdn.errorsafe.com ## added by CiD
    127.0.0.1 cdn.winsoftware.com ## added by CiD
    127.0.0.1 de.errorsafe.com ## added by CiD
    127.0.0.1 de.winantivirus.com ## added by CiD
    127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
    127.0.0.1 download.cdn.errorsafe.com ## added by CiD
    127.0.0.1 download.cdn.winsoftware.com ## added by CiD
    127.0.0.1 download.errorsafe.com ## added by CiD
    127.0.0.1 download.systemdoctor.com ## added by CiD
    127.0.0.1 download.winantispyware.com ## added by CiD
    127.0.0.1 download.windrivecleaner.com ## added by CiD
    127.0.0.1 download.winfixer.com ## added by CiD
    127.0.0.1 drivecleaner.com ## added by CiD
    127.0.0.1 dynamique.drivecleaner.com ## added by CiD
    127.0.0.1 errorprotector.com ## added by CiD
    127.0.0.1 errorsafe.com ## added by CiD
    127.0.0.1 es.winantivirus.com ## added by CiD
    127.0.0.1 fr.winantivirus.com ## added by CiD
    127.0.0.1 fr.winfixer.com ## added by CiD
    127.0.0.1 go.drivecleaner.com ## added by CiD
    127.0.0.1 go.errorsafe.com ## added by CiD
    127.0.0.1 go.winantispyware.com ## added by CiD
    127.0.0.1 go.winantivirus.com ## added by CiD
    127.0.0.1 hk.winantivirus.com ## added by CiD
    127.0.0.1 instlog.errorsafe.com ## added by CiD
    127.0.0.1 instlog.winantivirus.com ## added by CiD
    127.0.0.1 instlog.winfixer.com ## added by CiD
    127.0.0.1 jsp.drivecleaner.com ## added by CiD
    127.0.0.1 kb.errorsafe.com ## added by CiD
    127.0.0.1 kb.winantivirus.com ## added by CiD
    127.0.0.1 nl.errorsafe.com ## added by CiD
    127.0.0.1 se.errorsafe.com ## added by CiD
    127.0.0.1 secure.drivecleaner.com ## added by CiD
    127.0.0.1 secure.errorsafe.com ## added by CiD
    127.0.0.1 secure.winantispam.com ## added by CiD
    127.0.0.1 secure.winantispy.com ## added by CiD
    127.0.0.1 secure.winantivirus.com ## added by CiD
    127.0.0.1 support.winantivirus.com ## added by CiD
    127.0.0.1 trial.updates.winsoftware.com ## added by CiD
    127.0.0.1 ulog.winantivirus.com ## added by CiD
    127.0.0.1 utils.errorsafe.com ## added by CiD
    127.0.0.1 utils.winantivirus.com ## added by CiD
    127.0.0.1 utils.winfixer.com ## added by CiD
    127.0.0.1 winantispyware.com ## added by CiD
    127.0.0.1 winantivirus.com ## added by CiD
    127.0.0.1 winfixer.com ## added by CiD
    127.0.0.1 winfixer2006.com ## added by CiD
    127.0.0.1 winsoftware.com ## added by CiD
    127.0.0.1 www.drivecleaner.com ## added by CiD
    127.0.0.1 www.errorprotector.com ## added by CiD
    127.0.0.1 www.errorsafe.com ## added by CiD
    127.0.0.1 www.systemdoctor.com ## added by CiD
    127.0.0.1 www.utils.winfixer.com ## added by CiD
    127.0.0.1 www.win-anti-virus-pro.com ## added by CiD
    127.0.0.1 www.win-virus-pro.com ## added by CiD
    127.0.0.1 www.winantispam.com ## added by CiD
    127.0.0.1 www.winantispy.com ## added by CiD
    127.0.0.1 www.winantispyware.com ## added by CiD
    127.0.0.1 www.winantivirus.com ## added by CiD
    127.0.0.1 www.winantiviruspro.com ## added by CiD
    127.0.0.1 www.windrivecleaner.com ## added by CiD
    127.0.0.1 www.windrivesafe.com ## added by CiD
    127.0.0.1 www.winfixer.com ## added by CiD
    127.0.0.1 www.winfixer2006.com ## added by CiD
    127.0.0.1 www.winsoftware.com ## added by CiD

    -> 8503 ( 70 ## added by CiD )

    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-14 11:37:14
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------

    => C:\Documents and Settings\Saltan\Mes documents\Mon bloc-notes\crack-wep.pdf


    [F:49][D:4]-> C:\DOCUME~1\Saltan\LOCALS~1\Temp
    [F:50][D:0]-> C:\DOCUME~1\Saltan\Cookies
    [F:1675][D:4]-> C:\DOCUME~1\Saltan\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 11:39:07,76 ]----------------------
    a b 8 Sécurité
    14 Juin 2008 11:52:44

    Option 2 maintenant :) 
    14 Juin 2008 12:24:13

    Ok, c'est fait:


    -----------------------[ Lop S&D 4.2.1-4 XP/Vista ]---------------------

    [ Windows XP (NT 5.1) Build 2600, Service Pack 2 ]
    [ USER : Saltan ] [ "C:\Lop SD" ] [ Selection : 2 ]
    [ 14/06/2008 | 12:18:40,71 ] [ PC : YOUR-CE899BE174 ]
    [ MAJ : 13-06-2008 | 02:10 ]


    \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION /////////////////////////////

    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Admin Inter 1 Mags\Settings Itch.exe
    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Admin Inter 1 Mags\Trans Deaf.exe
    Supprimé! - C:\DOCUME~1\Saltan\APPLIC~1\funkhe~1\activewindowtool.exe
    Supprimé! - C:\DOCUME~1\Saltan\APPLIC~1\funkhe~1\Hold base.exe
    Supprimé! - C:\DOCUME~1\Saltan\APPLIC~1\funkhe~1\Internetownsdoglink.exe
    Supprimé! - C:\DOCUME~1\Saltan\APPLIC~1\funkhe~1\lgxqumrh.exe
    Supprimé! - C:\DOCUME~1\Saltan\APPLIC~1\funkhe~1\tyidmqvw.exe
    Supprimé! - C:\DOCUME~1\Saltan\APPLIC~1\funkhe~1\wlludwve.exe
    Supprimé! - C:\WINDOWS\Prefetch\ACTIVEWINDOWTOOL.EXE-32405B31.pf
    Supprimé! - C:\DOCUME~1\Saltan\Cookies\saltan@banner.cotedazurpalace[2].txt
    Supprimé! - C:\DOCUME~1\Saltan\Cookies\saltan@cotedazurpalace[2].txt
    Supprimé! - C:\DOCUME~1\Saltan\Cookies\saltan@adopt.euroclick[2].txt
    Supprimé! - C:\DOCUME~1\Saltan\Cookies\saltan@32vegas[1].txt
    Supprimé! - C:\DOCUME~1\Saltan\Cookies\saltan@banner.32vegas[2].txt
    Supprimé! - C:\WINDOWS\Tasks\A623D410919C447C.job
    Supprimé! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Admin Inter 1 Mags
    Supprimé! - C:\DOCUME~1\Saltan\APPLIC~1\funkhe~1
    Supprimé! - C:\Program Files\funkhe~1
    Supprimé! - C:\Program Files\Adverts
    Supprimé! - C:\Program Files\Circle Developement
    Restauré! - Fichier Hosts

    //////////////////////////////////////-\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


    -------------[ Listing des dossiers dans Application Data ]------------

    [11/10/2006|01:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Adobe
    [25/09/2006|14:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\desktop.ini
    [11/10/2006|01:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
    [11/10/2006|01:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
    [11/10/2006|01:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec
    [11/10/2006|01:30] C:\DOCUME~1\ADMINI~1\APPLIC~1\toshiba

    [13/02/2008|20:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
    [30/06/2007|17:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
    [13/02/2007|15:39] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
    [06/06/2008|14:04] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Avira
    [20/07/2007|00:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
    [01/12/2007|15:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
    [20/03/2007|21:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
    [25/09/2006|14:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\desktop.ini
    [07/03/2008|23:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
    [07/03/2008|01:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
    [29/06/2007|02:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
    [21/02/2008|23:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\LauncherAccess.dt
    [12/03/2008|18:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
    [09/06/2008|14:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
    [11/11/2007|01:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
    [23/02/2008|17:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
    [28/06/2007|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
    [06/03/2007|22:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
    [18/03/2008|23:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm
    [27/09/2007|20:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QTSBandwidthCache
    [12/02/2007|21:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
    [02/06/2008|20:32] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
    [05/07/2007|03:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
    [06/06/2008|12:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
    [05/03/2008|02:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
    [05/01/2007|18:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
    [14/12/2006|22:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
    [04/07/2007|22:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WindowsLiveInstaller
    [11/11/2007|00:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
    [29/06/2007|02:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion

    [11/10/2006|01:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
    [25/09/2006|14:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\desktop.ini
    [11/10/2006|01:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
    [04/07/2007|22:41] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
    [11/10/2006|01:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec
    [11/10/2006|01:30] C:\DOCUME~1\DEFAUL~1\APPLIC~1\toshiba

    [05/11/2007|14:55] C:\DOCUME~1\LOCALS~1\APPLIC~1\Google
    [11/10/2006|01:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
    [11/10/2006|01:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\X10 Commander

    [04/11/2007|21:22] C:\DOCUME~1\NETWOR~1\APPLIC~1\Google
    [11/10/2006|01:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

    [08/03/2008|02:05] C:\DOCUME~1\Saltan\APPLIC~1\Adblock Pro
    [03/01/2008|17:12] C:\DOCUME~1\Saltan\APPLIC~1\Adobe
    [25/01/2007|21:01] C:\DOCUME~1\Saltan\APPLIC~1\AdobeUM
    [04/05/2008|22:10] C:\DOCUME~1\Saltan\APPLIC~1\Apple Computer
    [20/07/2007|00:14] C:\DOCUME~1\Saltan\APPLIC~1\AVS4YOU
    [22/03/2008|16:51] C:\DOCUME~1\Saltan\APPLIC~1\Azureus
    [22/12/2007|23:31] C:\DOCUME~1\Saltan\APPLIC~1\Datalayer
    [25/09/2006|14:53] C:\DOCUME~1\Saltan\APPLIC~1\desktop.ini
    [18/12/2006|19:00] C:\DOCUME~1\Saltan\APPLIC~1\DivX
    [08/03/2008|19:22] C:\DOCUME~1\Saltan\APPLIC~1\dvdcss
    [17/10/2007|22:08] C:\DOCUME~1\Saltan\APPLIC~1\filterclsid.dat
    [25/03/2007|18:32] C:\DOCUME~1\Saltan\APPLIC~1\GetRightToGo
    [27/01/2007|13:07] C:\DOCUME~1\Saltan\APPLIC~1\G-Force Prefs (WindowsMediaPlayer).txt
    [04/11/2007|16:25] C:\DOCUME~1\Saltan\APPLIC~1\Google
    [29/06/2007|11:38] C:\DOCUME~1\Saltan\APPLIC~1\Grisoft
    [24/04/2007|21:25] C:\DOCUME~1\Saltan\APPLIC~1\Help
    [11/10/2006|01:30] C:\DOCUME~1\Saltan\APPLIC~1\Identities
    [28/06/2007|17:17] C:\DOCUME~1\Saltan\APPLIC~1\InterVideo
    [01/06/2008|18:18] C:\DOCUME~1\Saltan\APPLIC~1\LimeWire
    [06/10/2007|18:37] C:\DOCUME~1\Saltan\APPLIC~1\Macromedia
    [09/06/2008|14:14] C:\DOCUME~1\Saltan\APPLIC~1\Malwarebytes
    [05/03/2008|20:37] C:\DOCUME~1\Saltan\APPLIC~1\Microsoft
    [04/06/2007|21:14] C:\DOCUME~1\Saltan\APPLIC~1\Mozilla
    [14/12/2006|21:45] C:\DOCUME~1\Saltan\APPLIC~1\MSNInstaller
    [06/03/2007|22:43] C:\DOCUME~1\Saltan\APPLIC~1\Nokia
    [06/03/2007|22:19] C:\DOCUME~1\Saltan\APPLIC~1\PC Suite
    [08/04/2007|01:03] C:\DOCUME~1\Saltan\APPLIC~1\PC Tools
    [04/11/2007|16:26] C:\DOCUME~1\Saltan\APPLIC~1\PPMate
    [17/11/2007|15:01] C:\DOCUME~1\Saltan\APPLIC~1\PPStream
    [03/11/2007|15:57] C:\DOCUME~1\Saltan\APPLIC~1\Real
    [07/03/2008|01:26] C:\DOCUME~1\Saltan\APPLIC~1\Samsung
    [29/10/2007|00:26] C:\DOCUME~1\Saltan\APPLIC~1\Shareaza
    [09/02/2008|17:05] C:\DOCUME~1\Saltan\APPLIC~1\SopCast
    [11/02/2007|16:31] C:\DOCUME~1\Saltan\APPLIC~1\Sun
    [11/10/2006|01:30] C:\DOCUME~1\Saltan\APPLIC~1\Symantec
    [02/02/2007|21:42] C:\DOCUME~1\Saltan\APPLIC~1\Talkback
    [28/06/2007|17:08] C:\DOCUME~1\Saltan\APPLIC~1\Template
    [06/02/2007|18:55] C:\DOCUME~1\Saltan\APPLIC~1\toshiba
    [29/06/2007|02:04] C:\DOCUME~1\Saltan\APPLIC~1\TuneUp Software
    [04/11/2007|21:23] C:\DOCUME~1\Saltan\APPLIC~1\TVU Networks
    [28/11/2007|20:56] C:\DOCUME~1\Saltan\APPLIC~1\U3
    [18/03/2007|19:51] C:\DOCUME~1\Saltan\APPLIC~1\vlc
    [26/06/2007|20:14] C:\DOCUME~1\Saltan\APPLIC~1\WinRAR
    [16/12/2006|15:20] C:\DOCUME~1\Saltan\APPLIC~1\wklnhst.dat

    ----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------

    [13/06/2008 19:12][--ah-----] C:\WINDOWS\tasks\User_Feed_Synchronization-{0ECCA54E-CEB8-4589-8E94-BECE83041627}.job
    [14/06/2008 12:00][--a------] C:\WINDOWS\tasks\Maintenance en 1 clic.job
    [15/09/2007 17:53][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    [13/12/2006 21:57][--a------] C:\WINDOWS\tasks\Rappel d'enregistrement 2.job
    [13/12/2006 21:57][--a------] C:\WINDOWS\tasks\Rappel d'enregistrement 1.job
    [14/06/2008 11:11][--ah-----] C:\WINDOWS\tasks\SA.DAT
    [10/08/2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

    ---------------[ Listing des dossiers dans C:\Program Files ]--------------

    [02/02/2007|23:51] C:\Program Files\7-Zip
    [13/02/2008|20:21] C:\Program Files\Adobe
    [05/07/2007|14:25] C:\Program Files\Alwil Software
    [11/10/2006|01:49] C:\Program Files\Apoint2K
    [16/09/2007|12:02] C:\Program Files\Apple Software Update
    [13/12/2006|21:59] C:\Program Files\Atheros
    [11/10/2006|01:50] C:\Program Files\ATI Technologies
    [23/02/2008|18:46] C:\Program Files\AVIConverter
    [06/06/2008|14:04] C:\Program Files\Avira
    [22/03/2008|16:51] C:\Program Files\Azureus
    [18/01/2008|22:57] C:\Program Files\Bonjour
    [29/06/2007|02:03] C:\Program Files\CCleaner
    [11/10/2006|01:50] C:\Program Files\Common Files
    [13/09/2007|20:14] C:\Program Files\CSO-DAX Compressor
    [30/04/2008|15:51] C:\Program Files\DAP
    [15/01/2007|20:11] C:\Program Files\declic
    [31/05/2008|22:35] C:\Program Files\Dictionnaire
    [06/03/2007|22:19] C:\Program Files\DIFX
    [07/03/2008|01:11] C:\Program Files\DivX
    [17/12/2006|17:34] C:\Program Files\DVD-RAM
    [18/11/2007|17:26] C:\Program Files\Eidos Interactive
    [13/06/2008|16:36] C:\Program Files\eMule
    [07/06/2008|15:10] C:\Program Files\Fichiers communs
    [30/04/2008|11:14] C:\Program Files\Free Download Manager
    [11/01/2007|21:27] C:\Program Files\Friendly Technologies
    [07/03/2008|01:12] C:\Program Files\Google
    [29/06/2007|02:07] C:\Program Files\Grisoft
    [10/03/2008|22:16] C:\Program Files\Hitware Popup Killer Lite 3
    [12/04/2008|13:20] C:\Program Files\InstallShield Installation Information
    [11/06/2008|15:59] C:\Program Files\Internet Explorer
    [21/11/2007|18:04] C:\Program Files\InterVideo
    [18/01/2008|23:01] C:\Program Files\iPod
    [30/01/2008|15:27] C:\Program Files\IrfanView
    [18/01/2008|23:02] C:\Program Files\iTunes
    [20/01/2008|20:01] C:\Program Files\Java
    [20/01/2008|19:59] C:\Program Files\khi3
    [06/02/2007|19:45] C:\Program Files\Kit ADSL
    [29/06/2007|02:13] C:\Program Files\Lavasoft
    [23/02/2008|17:35] C:\Program Files\Learning Essentials
    [02/05/2008|19:24] C:\Program Files\LimeWire
    [11/10/2006|01:54] C:\Program Files\ltmoh
    [11/06/2008|16:39] C:\Program Files\Malwarebytes' Anti-Malware
    [23/02/2008|18:46] C:\Program Files\MediaCoder
    [11/06/2008|15:56] C:\Program Files\Messenger Plus! Live
    [05/07/2007|15:12] C:\Program Files\Microsoft CAPICOM 2.1.0.2
    [11/10/2006|01:56] C:\Program Files\Microsoft Digital Image 2006
    [23/02/2008|17:43] C:\Program Files\Microsoft Etudes
    [11/10/2006|01:56] C:\Program Files\microsoft frontpage
    [21/11/2007|18:08] C:\Program Files\Microsoft Office
    [28/06/2007|18:40] C:\Program Files\Microsoft Works
    [30/05/2007|18:23] C:\Program Files\Microsoft.NET
    [11/10/2006|01:59] C:\Program Files\Movie Maker
    [14/06/2008|11:19] C:\Program Files\Mozilla Firefox
    [04/09/2007|13:57] C:\Program Files\MSECache
    [28/06/2007|18:46] C:\Program Files\MSN
    [11/10/2006|01:59] C:\Program Files\MSN Gaming Zone
    [11/11/2007|00:32] C:\Program Files\MSN Messenger
    [15/08/2007|21:33] C:\Program Files\MSXML 4.0
    [24/02/2008|19:18] C:\Program Files\MSXML 6.0
    [13/04/2008|20:52] C:\Program Files\Navilog1
    [11/10/2006|01:59] C:\Program Files\NetMeeting
    [07/03/2008|23:29] C:\Program Files\Nokia
    [11/10/2006|02:00] C:\Program Files\Online Services
    [15/06/2007|16:17] C:\Program Files\Outlook Express
    [05/03/2008|17:28] C:\Program Files\Panicware
    [12/04/2008|13:01] C:\Program Files\PC Inspector File Recovery
    [30/01/2007|22:09] C:\Program Files\PiMPWare
    [07/03/2008|02:55] C:\Program Files\PPMate
    [07/03/2008|02:23] C:\Program Files\PpStream Fr
    [11/04/2008|22:09] C:\Program Files\Project64 1.6
    [09/06/2008|01:40] C:\Program Files\Pvm
    [21/03/2007|00:08] C:\Program Files\QI
    [07/03/2008|01:54] C:\Program Files\QuickTime
    [03/11/2007|15:54] C:\Program Files\Real
    [11/10/2006|02:00] C:\Program Files\Realtek
    [11/10/2006|02:00] C:\Program Files\Services en ligne
    [29/10/2007|00:26] C:\Program Files\Shareaza
    [13/02/2007|17:05] C:\Program Files\ShiftCast
    [11/04/2008|23:57] C:\Program Files\Sony
    [10/02/2008|21:43] C:\Program Files\SopCast
    [30/04/2008|11:11] C:\Program Files\speed-bit
    [14/05/2008|16:20] C:\Program Files\SpeedBit Video Accelerator
    [02/06/2008|20:31] C:\Program Files\Spybot - Search & Destroy
    [07/06/2008|15:11] C:\Program Files\TI Education
    [11/10/2006|02:07] C:\Program Files\TOOLSCD
    [11/10/2006|02:01] C:\Program Files\TOSHIBA
    [11/06/2008|16:17] C:\Program Files\TuneUp Utilities 2008
    [18/01/2008|23:06] C:\Program Files\TVAnts
    [06/06/2008|17:02] C:\Program Files\TVUPlayer
    [27/09/2006|06:03] C:\Program Files\Uninstall Information
    [18/03/2007|19:43] C:\Program Files\VideoLAN
    [11/10/2006|02:01] C:\Program Files\Windows Desktop Search
    [04/07/2007|22:43] C:\Program Files\Windows Live
    [05/07/2007|00:00] C:\Program Files\Windows Live Toolbar
    [05/01/2007|18:38] C:\Program Files\Windows Media Connect 2
    [05/01/2007|18:38] C:\Program Files\Windows Media Player
    [11/10/2006|02:01] C:\Program Files\Windows NT
    [11/10/2006|02:01] C:\Program Files\Windows Plus
    [25/09/2006|13:00] C:\Program Files\WindowsUpdate
    [26/06/2007|20:13] C:\Program Files\WinRAR
    [03/02/2007|15:42] C:\Program Files\WinZip
    [11/10/2006|02:01] C:\Program Files\X10 Hardware
    [11/10/2006|02:01] C:\Program Files\xerox
    [29/06/2007|02:02] C:\Program Files\Yahoo!
    [30/03/2007|11:19] C:\Program Files\Zone Labs

    ------[ Listing des dossiers dans C:\Program Files\Fichiers communs ]------

    [13/02/2008|20:22] C:\Program Files\Fichiers communs\Adobe
    [30/06/2007|17:36] C:\Program Files\Fichiers communs\Apple
    [20/07/2007|00:16] C:\Program Files\Fichiers communs\AVSMedia
    [28/06/2007|16:45] C:\Program Files\Fichiers communs\DESIGNER
    [11/01/2007|21:27] C:\Program Files\Fichiers communs\FTL Shared
    [11/10/2006|01:50] C:\Program Files\Fichiers communs\InstallShield
    [11/10/2006|01:50] C:\Program Files\Fichiers communs\InterVideo
    [11/10/2006|01:50] C:\Program Files\Fichiers communs\Java
    [23/02/2008|17:42] C:\Program Files\Fichiers communs\Microsoft Shared
    [04/06/2007|21:12] C:\Program Files\Fichiers communs\mozilla.org
    [11/10/2006|01:51] C:\Program Files\Fichiers communs\MSSoap
    [07/03/2008|23:30] C:\Program Files\Fichiers communs\Nokia
    [11/10/2006|01:51] C:\Program Files\Fichiers communs\ODBC
    [07/03/2008|23:30] C:\Program Files\Fichiers communs\PCSuite
    [03/11/2007|15:54] C:\Program Files\Fichiers communs\Real
    [11/10/2006|01:51] C:\Program Files\Fichiers communs\Services
    [11/10/2006|01:51] C:\Program Files\Fichiers communs\SpeechEngines
    [07/03/2008|01:17] C:\Program Files\Fichiers communs\Symantec Shared
    [04/11/2007|16:26] C:\Program Files\Fichiers communs\Synacast
    [15/06/2007|16:17] C:\Program Files\Fichiers communs\System
    [07/06/2008|15:10] C:\Program Files\Fichiers communs\TI Shared
    [11/11/2007|00:28] C:\Program Files\Fichiers communs\WindowsLiveInstaller
    [07/06/2008|15:08] C:\Program Files\Fichiers communs\Wise Installation Wizard
    [03/11/2007|15:55] C:\Program Files\Fichiers communs\xing shared

    ---------------------------[ Process ]--------------------------

    ... 48

    ... OK !

    ----------------------[ Recherche avec S_Lop ]---------------------

    Aucun fichier / dossier Lop trouvé !

    -----------------[ Recherche de Fichiers / Dossiers Lop ]-----------------

    Aucun fichier / dossier Lop trouvé !

    ----------------------[ Verification du Registre ]----------------------

    ..... OK !

    --------------------[ Verification du fichier Hosts ]---------------------

    Fichier Hosts PROPRE


    ----------------[ Recherche de fichiers avec Catchme ]-----------------

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-06-14 12:19:55
    Windows 5.1.2600 Service Pack 2 NTFS
    scanning hidden processes ...
    scanning hidden files ...
    scan completed successfully
    hidden processes: 0
    hidden files: 0

    --------------------[ Recherche d'autres infections ]---------------------


    Aucune autre infection trouvée !

    [F:49][D:4]-> C:\DOCUME~1\Saltan\LOCALS~1\Temp
    [F:45][D:0]-> C:\DOCUME~1\Saltan\Cookies
    [F:1675][D:4]-> C:\DOCUME~1\Saltan\LOCALS~1\TEMPOR~1\content.IE5

    --------------------[ Fin du rapport a 12:21:39,84 ]----------------------


    PS: j'en fais quoi du dossier backup?
    a b 8 Sécurité
    14 Juin 2008 12:33:12

    Reposte un rapport Hijackthis.
    14 Juin 2008 12:38:21

    Ok, ça a l'air reglé ! Le processus s'est fermé...

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:35:39, on 14/06/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16674)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\acs.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\WINDOWS\system32\DVDRAMSV.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\TODDSrv.exe
    C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\WINDOWS\system32\TPSMain.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
    C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\TPSBattM.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\PROGRA~1\SPEEDB~1\VideoAcceleratorEngine.exe
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\distnoted.exe
    C:\WINDOWS\explorer.exe
    C:\Documents and Settings\Saltan\Bureau\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ustart.org
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
    O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
    O4 - HKLM\..\Run: [TPNF] C:\Program Files\TOSHIBA\TouchPad\TPTray.exe
    O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
    O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
    O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
    O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Barre de recherche Encarta - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20061205/qtinstall....
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/webplayer/stage6/windows/AutoD...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213....
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O17 - HKLM\System\CCS\Services\Tcpip\..\{FFA72E98-9702-4CA4-8390-A6AE75384165}: NameServer = 192.168.1.1
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Service de configuration Atheros (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
    O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Fichiers communs\PCSuite\Services\ServiceLayer.exe
    O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe
    O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe
    O23 - Service: VideoAcceleratorService - Speedbit Ltd. - C:\PROGRA~1\SPEEDB~1\VideoAcceleratorService.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --
    End of file - 10154 bytes
    a b 8 Sécurité
    14 Juin 2008 12:57:31

    Même problème ?
    14 Juin 2008 13:18:46

    Je crois que le problème est réglé. Iexplore.exe s'est fermé et je ne reçois plus de pubs intempestives...

    Merci beaucoup pour ton aide!! Heureusement que t'es la!! :hello: 

    PS: Alors qu'est ce j'en fait du dossier Backup crée par Lop S&D?
    a b 8 Sécurité
    14 Juin 2008 15:16:20

    Tu peux le supprimer :) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS