Votre question

Fenêtres intempestives PUB

Tags :
  • Fenêtre intempestive
  • Sécurité
Dernière réponse : dans Sécurité et virus
26 Avril 2008 17:28:44

Salut à tous,

J'ai depuis hier, des fenêtres IE qui s'ouvrent toutes seules du style :
"****" avec comme titre "HHTP 404 non trouvé"
ou encore "****" "Advertissement Windows IE " vide
ou des pubs de jeux, "****".
De plus, mon pc rame et plante. Je dirais même qu'il déconne sérieux, là, par exemple, il oublie des lettres ou ne met pas les espaces !
J'ai vraiment besoin d'un docteur ;) 
Si quelqu'un peut m'aider, je sais à quel point c'est long et pénible de faire un nettoyage mais je vous remercie d'avance car toute seule, je ne sais pas par où commencer.
J'ai, évidemment, fait tous les scans habituels (Avast, CCleaner, Spybot, AdAware) qui n'ont rien trouvé.
J'ai téléchargé Firefox, je n'ai plus de souci au niveau de l'écriture, moins de pubs mais il en reste.

Merci d'avance au courageux qui s'y collera ;p

**Liens édités par Angeldark**

Autres pages sur : fenetres intempestives pub

26 Avril 2008 17:50:14

Salut,
Merci de ta rapidité, je suis en train de faire un scan avec Navilog1 comme tu le préconisais dans un post similaire ;) 
Voici le rapport de HiJack (que j'avais déjà):

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:48:32, on 26/04/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\jureg.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Labtec\WebCam10\WebCam10.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\hp\kbd\kbd.exe
C:\Windows\System32\cmd.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Windows NT\Accessories\wordpad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {AC53EE7B-265C-4265-85F4-58DBD1DD7B7B} - (no file)
O2 - BHO: (no name) - {EF21B277-AE9F-460C-B3FE-B47AA3A8EBBF} - C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Labtec\WebCam10\WebCam10.exe" /hide
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll,c
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\OWEN&E~1\AppData\Local\Temp\efCRhGxw.dll,#1
O4 - HKCU\..\Policies\Explorer\Run: [Windows Printing Driver] WinSpooler.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx...
O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 10579 bytes
Contenus similaires
26 Avril 2008 17:54:18

Voici Navilog:

Search Navipromo version 3.5.5 commencé le 26/04/2008 à 17:40:21,84

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "Owen & Ethan"

Mise à jour le 25.04.2008 à 22h00 par IL-MAFIOSO

Microsoft Windows Vista 6.0.6000
Internet Explorer : 7.0.6000.16643
Système de fichiers : NTFS

Executé en mode normal

*** Recherche Programmes installés ***


*** Recherche dossiers dans "C:\Windows" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "C:\ProgramData" ***


*** Recherche dossiers dans "c:\progra~2\micros~1\windows\startm~1\programs" ***


*** Recherche dossiers dans "C:\Users\fred\appdata\roaming\micros~1\windows\startm~1\programs" ***


*** Recherche dossiers dans "C:\Users\Owen & Ethan\AppData\Local\virtualstore\Program Files" ***


*** Recherche dossiers dans "C:\Users\Owen & Ethan\AppData\Roaming" ***


*** Recherche dossiers dans "C:\Users\fred\appdata\roaming" ***

*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Aucun Fichier trouvé


*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\Windows\system32" *

gnc.exe absent, Recherche non effectuee dans "C:\Windows\system32" !

* Recherche dans "C:\Users\Owen & Ethan\AppData\Local\Microsoft" *

gnc.exe absent, Recherche non effectuee dans "C:\Users\Owen & Ethan\AppData\Local\Microsoft" !

* Recherche dans "C:\Users\Owen & Ethan\AppData\Local\virtualstore\windows\system32" *

gnc.exe absent, Recherche non effectuee dans "C:\Users\Owen & Ethan\AppData\Local\virtualstore\windows\system32" !

* Recherche dans "C:\Users\Owen & Ethan\AppData\Local" *

gnc.exe absent, Recherche non effectuee dans "C:\Users\Owen & Ethan\AppData\Local" !



*** Recherche fichiers ***



*** Recherche clés spécifiques dans le Registre ***


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\Windows\system32" :


* Dans "C:\Users\Owen & Ethan\AppData\Local\Microsoft" :


* Dans "C:\Users\Owen & Ethan\AppData\Local\virtualstore\windows\system32" :


* Dans "C:\Users\Owen & Ethan\AppData\Local" :


* Dans "C:\Users\fred\AppData\Local" :


3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :



*** Analyse terminée le 26/04/2008 à 17:47:22,95 ***
a b 8 Sécurité
26 Avril 2008 17:55:27

Re,

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer
    26 Avril 2008 18:18:29

    re,
    J'ai lancé ComboFix mais il a planté (je pense) avant la fin; "Etape 41 terminée" puis plus rien. Tout bloqué. J'ai du éteindre le pc à l'arrache :/ 
    Je n'ai pas de rapport donc je réessaie ;) 
    à plus
    26 Avril 2008 18:31:38

    Voilà le rapport de ComboFix, je dois quand même te préciser que je n'ai pas eu de fenêtres pub depuis un petit bout de temps, j'ai pas contre, de temps en temps, un message IE d'erreur me disant "Internet Explorer ne peut pas afficher cette page Web....et doit fermer" ou un truc dans le genre et il me perd la page Oo, c'est grave Docteur? ^^

    ComboFix 08-04-24.1 - Owen & Ethan 2008-04-26 18:19:34.2 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.2140 [GMT 2:00]
    Endroit: C:\Users\Owen & Ethan\Desktop\ComboFix.exe
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat
    C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat
    .
    ---- Previous Run -------
    .
    C:\Program Files\PlayMP3z
    C:\Program Files\PlayMP3z\uninstall.exe
    C:\Windows\system32\jusched.exe

    ----- BITS: Possible sites infect‚s -----

    hxxp://h20264.www2.hp.com
    .
    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-26 to 2008-04-26 ))))))))))))))))))))))))))))))))))))
    .

    2008-04-26 16:21 . 2008-04-26 16:21 <REP> d-------- C:\Windows\BDOSCAN8
    2008-04-26 15:56 . 2008-04-26 16:14 <REP> d----c--- C:\Windows\System32\DRVSTORE
    2008-04-26 14:53 . 2008-04-26 14:53 1,160 --a------ C:\Windows\mozver.dat
    2008-04-26 10:22 . 2008-04-26 17:53 <REP> d-------- C:\Program Files\Navilog1
    2008-04-25 16:23 . 2008-04-25 16:23 <REP> d-------- C:\Program Files\Lavasoft
    2008-04-25 16:22 . 2008-04-25 16:22 <REP> d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2008-04-25 15:29 . 2008-04-25 15:30 <REP> d-------- C:\Users\All Users\AntiVir PersonalEdition Classic
    2008-04-25 15:29 . 2008-04-25 15:30 <REP> d-------- C:\ProgramData\AntiVir PersonalEdition Classic
    2008-04-23 17:13 . 2008-04-23 17:13 <REP> d-------- C:\Program Files\San Andreas Mod Installer
    2008-04-23 11:50 . 2008-04-23 11:47 691,545 --a------ C:\Windows\unins000.exe
    2008-04-23 11:50 . 2008-04-23 11:50 2,545 --a------ C:\Windows\unins000.dat
    2008-04-17 16:42 . 2008-04-17 16:42 <REP> d-------- C:\Program Files\Canal
    2008-04-17 16:41 . 2008-04-17 16:41 <REP> d-------- C:\Program Files\Common Files\Adobe AIR
    2008-04-10 16:56 . 2008-03-05 15:56 3,786,760 --a------ C:\Windows\System32\D3DX9_37.dll
    2008-04-10 16:56 . 2008-03-05 15:56 1,420,824 --a------ C:\Windows\System32\D3DCompiler_37.dll
    2008-04-10 16:56 . 2008-03-05 16:03 479,752 --a------ C:\Windows\System32\XAudio2_0.dll
    2008-04-10 16:56 . 2008-02-05 23:07 462,864 --a------ C:\Windows\System32\d3dx10_37.dll
    2008-04-10 16:56 . 2008-03-05 16:03 238,088 --a------ C:\Windows\System32\xactengine3_0.dll
    2008-04-10 16:56 . 2008-03-05 16:00 25,608 --a------ C:\Windows\System32\X3DAudio1_3.dll
    2008-04-09 18:52 . 2008-04-09 18:52 <REP> d-------- C:\Users\All Users\Media Center Programs
    2008-04-09 18:52 . 2008-04-09 18:52 <REP> d-------- C:\ProgramData\Media Center Programs
    2008-04-09 18:46 . 2008-04-09 18:54 <REP> d-------- C:\Program Files\Tomb Raider - Anniversary
    2008-04-09 18:46 . 2008-02-29 06:16 2,027,008 --a------ C:\Windows\System32\win32k.sys
    2008-04-09 18:46 . 2008-02-15 01:19 944,184 --a------ C:\Windows\System32\winload.exe
    2008-04-09 18:46 . 2008-02-19 07:10 620,088 --a------ C:\Windows\System32\ci.dll
    2008-04-09 18:46 . 2008-02-29 08:39 371,712 --a------ C:\Windows\System32\srcore.dll
    2008-04-09 18:46 . 2008-02-29 08:38 313,856 --a------ C:\Windows\System32\rstrui.exe
    2008-04-09 18:46 . 2008-02-29 08:51 19,000 --a------ C:\Windows\System32\kd1394.dll
    2008-04-09 18:45 . 2008-02-29 08:39 40,960 --a------ C:\Windows\System32\srclient.dll
    2008-04-09 18:45 . 2008-02-29 08:38 16,384 --a------ C:\Windows\System32\srdelayed.exe
    2008-04-09 18:45 . 2008-02-29 08:34 7,168 --a------ C:\Windows\System32\f3ahvoas.dll
    2008-04-09 18:45 . 2008-02-29 08:35 6,656 --a------ C:\Windows\System32\kbd106n.dll
    2008-04-09 18:44 . 2008-02-21 06:43 296,448 --a------ C:\Windows\System32\gdi32.dll
    2008-04-09 18:44 . 2007-12-16 13:49 84,480 --a------ C:\Windows\System32\dnsrslvr.dll
    2008-04-09 18:44 . 2007-12-16 11:41 24,576 --a------ C:\Windows\System32\dnscacheugc.exe
    2008-04-08 23:31 . 2008-04-08 23:31 <REP> d-------- C:\Users\votre nom d'utilisateur\Mes documents
    2008-04-08 23:31 . 2008-04-08 23:31 <REP> d-------- C:\Users\votre nom d'utilisateur
    2008-04-02 21:41 . 2008-04-02 21:41 69 --a------ C:\Windows\NeroDigital.ini
    2008-04-02 13:09 . 2008-04-02 13:09 303 --a------ C:\Windows\ST6UNST.001
    2008-04-02 13:08 . 2008-04-02 13:09 5,144 --a------ C:\Windows\SETUP.LST
    2008-04-02 13:08 . 2008-04-02 13:08 303 --a------ C:\Windows\ST6UNST.000
    2008-03-30 16:54 . 2008-03-30 16:54 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\Talkback
    2008-03-30 15:43 . 2008-03-30 15:43 <REP> d-------- C:\Users\All Users\eMule
    2008-03-30 15:43 . 2008-03-30 15:43 <REP> d-------- C:\ProgramData\eMule
    2008-03-30 15:43 . 2008-03-30 15:43 <REP> d-------- C:\Program Files\eMule
    2008-03-30 14:39 . 2008-03-30 14:39 <REP> d-------- C:\Windows\System32\URTTEMP
    2008-03-30 00:30 . 2008-04-23 17:13 <REP> d-------- C:\Windows\San Andreas Mod Installer
    2008-03-29 23:05 . 2008-03-29 23:26 524,288 --ahs---- C:\Users\Owen & Ethan\ntuser.dat{883e363f-fdce-11dc-8444-001e8c5b18f3}.TMContainer00000000000000000002.regtrans-ms
    2008-03-29 23:05 . 2008-03-29 23:26 524,288 --ahs---- C:\Users\Owen & Ethan\ntuser.dat{883e363f-fdce-11dc-8444-001e8c5b18f3}.TMContainer00000000000000000001.regtrans-ms
    2008-03-29 23:05 . 2008-03-29 23:26 65,536 --ahs---- C:\Users\Owen & Ethan\ntuser.dat{883e363f-fdce-11dc-8444-001e8c5b18f3}.TM.blf
    2008-03-28 19:01 . 2008-03-28 19:01 <REP> d-------- C:\Program Files\AC3Filter
    2008-03-27 18:14 . 2008-03-27 18:14 <REP> d-------- C:\Program Files\DkZ Studio

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-04-26 14:50 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\OpenOffice.org2
    2008-04-26 14:14 --------- d-----w C:\Program Files\Common Files\PX Storage Engine
    2008-04-26 12:35 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\AVG7
    2008-04-23 14:10 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
    2008-04-23 09:55 --------- d-----w C:\Program Files\Spybot - Search & Destroy
    2008-04-21 15:40 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\LimeWire
    2008-04-12 19:06 --------- d-----w C:\Program Files\mz manager1
    2008-04-10 08:03 --------- d-----w C:\Program Files\Windows Mail
    2008-04-08 12:41 --------- d-----w C:\Program Files\PhotoFiltre
    2008-04-07 10:26 --------- d-----w C:\Program Files\Drawing for Children
    2008-04-07 10:25 733,696 ----a-w C:\Windows\GPInstall.exe
    2008-04-02 18:22 --------- d-----w C:\Users\fred\AppData\Roaming\AVG7
    2008-03-31 09:23 --------- d-----w C:\Program Files\SlySoft
    2008-03-29 21:01 --------- d-----w C:\ProgramData\avg7
    2008-03-29 20:02 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-03-29 17:32 50,768 ----a-w C:\Windows\system32\drivers\aswMonFlt.sys
    2008-03-27 15:47 --------- d-----w C:\Program Files\Internet Download Manager
    2008-03-27 15:45 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\IDM
    2008-03-27 15:44 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\DMCache
    2008-03-21 09:58 --------- d-----w C:\Program Files\Common Files\Real
    2008-03-14 21:28 137,344 ----a-w C:\Windows\system32\drivers\litsgt.sys
    2008-03-14 21:28 12,032 ----a-w C:\Windows\system32\drivers\tansgt.sys
    2008-03-14 21:25 --------- d-----w C:\Program Files\Atari
    2008-03-14 16:03 278,984 ----a-w C:\Windows\system32\drivers\atksgt.sys
    2008-03-13 09:52 53,768 ----a-w C:\Windows\system32\drivers\avgwfp.sys
    2008-03-08 16:52 --------- d-----w C:\Program Files\Java
    2008-03-07 14:42 --------- d-----w C:\ProgramData\DVD Shrink
    2008-03-03 17:33 --------- d-----w C:\Program Files\Tomb Raider - Legend
    2008-03-03 17:23 --------- d-----w C:\Program Files\Core Design
    2008-03-02 20:36 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\CyberLink
    2008-03-02 20:36 --------- d-----w C:\ProgramData\CyberLink
    2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
    2008-02-14 09:07 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
    2008-02-14 09:07 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
    2008-02-14 09:07 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
    2008-02-14 09:07 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
    2008-02-14 09:07 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
    2008-02-09 15:15 194 ----a-w C:\Users\Owen & Ethan\AppData\Roaming\wklnhst.dat
    2008-02-06 16:43 2,923,520 ----a-w C:\Windows\explorer.exe
    2007-12-07 17:57 174 --sha-w C:\Program Files\desktop.ini
    2007-11-13 18:11 68,332,489 ----a-w C:\Program Files\openofficeorg3.cab
    2007-11-13 18:11 3,395,476 ----a-w C:\Program Files\openofficeorg4.cab
    2007-11-13 18:04 17,645,041 ----a-w C:\Program Files\openofficeorg2.cab
    2007-11-13 18:03 19,208,747 ----a-w C:\Program Files\openofficeorg1.cab
    2007-11-13 18:02 4,369,408 ----a-w C:\Program Files\openofficeorg23.msi
    2007-11-13 18:02 217 ----a-w C:\Program Files\setup.ini
    2007-11-01 20:57 319,488 ----a-w C:\Program Files\setup.exe
    2004-07-22 09:51 3,432,656 ----a-w C:\Program Files\ManagedDX.CAB
    2004-07-19 21:58 1,156,363 ----a-w C:\Program Files\BDANT.cab
    2004-07-19 21:53 976,020 ----a-w C:\Program Files\BDAXP.cab
    2004-07-09 13:17 13,265,040 ----a-w C:\Program Files\dxnt.cab
    2004-07-09 08:13 703,080 ----a-w C:\Program Files\BDA.cab
    2004-07-09 08:13 15,493,481 ----a-w C:\Program Files\DirectX.cab
    2004-07-09 03:08 472,576 ----a-w C:\Program Files\dxsetup.exe
    2004-07-09 03:08 2,242,560 ----a-w C:\Program Files\dsetup32.dll
    2004-07-09 02:03 62,976 ----a-w C:\Program Files\DSETUP.dll
    2002-03-11 09:06 1,822,520 ----a-w C:\Program Files\instmsiw.exe
    2002-03-11 08:45 1,708,856 ----a-w C:\Program Files\instmsia.exe
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{267D2125-77C5-4FDD-B343-54C77A9D6E6A}]
    C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AC53EE7B-265C-4265-85F4-58DBD1DD7B7B}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-02-06 18:40 1232896]
    "cmds"="C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll" [ ]
    "MSServer"="C:\Users\OWEN&E~1\AppData\Local\Temp\efCRhGxw.dll" [ ]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-12-08 04:28 1006264]
    "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 17:01 65536]
    "KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 18:16 65536]
    "OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 13:59 118784]
    "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 17:36 178712]
    "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-08-27 20:59 86016]
    "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-08-27 20:59 8473120]
    "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-08-27 20:59 81920]
    "HP Health Check Scheduler"="[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [ ]
    "SunJavaUpdateReg"="C:\Windows\system32\jureg.exe" [2008-02-22 05:25 54672]
    "HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 17:24 54840]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 10:51 1836328]
    "LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-03-06 18:48 488984]
    "LogitechQuickCamRibbon"="C:\Program Files\Labtec\WebCam10\WebCam10.exe" [2007-03-06 18:58 1060376]
    "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 16:57 153136]
    "RtHDVCpl"="RtHDVCpl.exe" [2007-10-25 15:52 4702208 C:\Windows\RtHDVCpl.exe]
    "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-04-17 09:04 579584]
    "avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-04-02 10:35 327720]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-02-21 17:03 219136]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableLockWorkstation"= 0 (0x0)
    "DisableChangePassword"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoLogoff"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
    "Windows Printing Driver"= WinSpooler.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
    avgwlntf.dll 2008-02-21 17:04 9216 C:\Windows\System32\avgwlntf.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "msacm.l3codecp"= l3codecp.acm

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{0C1B9D83-7C06-4A28-91B0-07A36AA64670}"= c:\Program Files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
    "{7906CDA6-1DD0-45DD-911E-9F582507765F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "TCP Query User{2A7451E8-0A19-411A-8652-14C41A8DDCC0}C:\\program files\\limewire\\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire
    "UDP Query User{B0448270-EAAA-4E2B-8EA1-A770AE7BF97C}C:\\program files\\limewire\\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire
    "TCP Query User{06C92084-503E-4FE1-A911-55044D544B25}C:\\program files\\konami\\pro evolution soccer 6\\pes6.exe"= UDP:C:\program files\konami\pro evolution soccer 6\pes6.exe:p es6.exe
    "UDP Query User{0D45552C-E281-4940-B642-FC5ED42956AB}C:\\program files\\konami\\pro evolution soccer 6\\pes6.exe"= TCP:C:\program files\konami\pro evolution soccer 6\pes6.exe:p es6.exe
    "TCP Query User{999CC55C-DF47-4F8A-88AB-444C9ED771FA}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
    "UDP Query User{A0B5A50B-46DE-44CE-9515-9ADE4C69CBBE}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
    "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

    R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-03-29 19:31]
    R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
    R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-03-29 19:32]
    R2 litsgt;litsgt;C:\Windows\system32\DRIVERS\litsgt.sys [2008-03-14 23:28]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43]
    R2 tansgt;tansgt;C:\Windows\system32\DRIVERS\tansgt.sys [2008-03-14 23:28]
    R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service;C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 22:55]
    R3 AvgWFP;AVG7 Firewall Driver x86;C:\Windows\system32\Drivers\avgwfp.sys [2008-03-13 11:52]
    S3 GameConsoleService;GameConsoleService;"C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe" [2008-01-29 19:09]
    S3 PCD5SRVC{BD6912E3-AC9D80E8-05040000};PCD5SRVC{BD6912E3-AC9D80E8-05040000} - PCDR Kernel Mode Service Helper Driver;C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms [2007-09-13 03:35]

    .
    **************************************************************************

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-26 18:23:05
    Windows 6.0.6000 NTFS

    Balayage processus cach‚s ...

    Balayage cach‚ autostart entries ...

    Balayage des fichiers cach‚s ...

    Scan termin‚ avec succŠs
    Les fichiers cach‚s: 5

    **************************************************************************
    .
    ------------------------ Other Running Processes ------------------------
    .
    C:\Windows\System32\audiodg.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Windows\System32\conime.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\schtasks.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
    C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Service.exe
    C:\hp\KBD\kbd.exe
    C:\Program Files\Internet Explorer\ieuser.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Windows\System32\wbem\WMIADAP.exe
    C:\Program Files\Common Files\microsoft shared\Windows Live\WLLoginProxy.exe
    C:\Windows\System32\Macromed\Flash\FlashUtil9f.exe
    C:\Windows\System32\dllhost.exe
    .
    **************************************************************************
    .
    Temps d'accomplissement: 2008-04-26 18:28:52 - machine was rebooted [Owen & Ethan]
    ComboFix-quarantined-files.txt 2008-04-26 16:28:45

    Pre-Run: 340,217,954,304 octets libres
    Post-Run: 340,137,619,456 octets libres

    256 --- E O F --- 2008-04-25 09:18:54
    a b 8 Sécurité
    27 Avril 2008 13:34:33

    Tu peux faire un screen de ce problème ?
    27 Avril 2008 15:18:18

    Salut,

    Oui, la prochaine fois car ça ne le fait pas toujours....
    Bon, où en étions-nous de nos rapports? Tu penses qu'il n'y a plus de cochonneries?
    Je dois dire, qu'en apparence, tout semble nickel à part 2 messages d'erreur au réveil de la bébête, je te montre ça.
    http://www.servimg.com/image_preview.php?i=52&u=1100972...

    Encore un grand merci à toi pour ton temps précieux et tes connaissances.
    a b 8 Sécurité
    28 Avril 2008 14:24:23

    Je vois le problème. Reposte un rapport Hijackthis.
    28 Avril 2008 16:13:37

    Salut,
    Voici le rapport de HiJack, merci d'avance.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:48:32, on 26/04/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16643)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\hp\support\hpsysdrv.exe
    C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\jureg.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Windows\system32\schtasks.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Labtec\WebCam10\WebCam10.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Grisoft\AVG7\avgcc.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\hp\kbd\kbd.exe
    C:\Windows\System32\cmd.exe
    C:\Windows\system32\conime.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Windows NT\Accessories\wordpad.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {AC53EE7B-265C-4265-85F4-58DBD1DD7B7B} - (no file)
    O2 - BHO: (no name) - {EF21B277-AE9F-460C-B3FE-B47AA3A8EBBF} - C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
    O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
    O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Labtec\WebCam10\WebCam10.exe" /hide
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll,c
    O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\OWEN&E~1\AppData\Local\Temp\efCRhGxw.dll,#1
    O4 - HKCU\..\Policies\Explorer\Run: [Windows Printing Driver] WinSpooler.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O4 - Global Startup: Bluetooth Manager.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx...
    O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

    --
    End of file - 10579 bytes
    a b 8 Sécurité
    28 Avril 2008 16:18:35

    Re,

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.
    Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
    AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM
    29 Avril 2008 18:03:18

    Salut,
    Désolée, je n'étais pas là, je prends le temps demain.
    a b 8 Sécurité
    29 Avril 2008 19:52:51

    No problem.
    30 Avril 2008 10:03:26

    Salut,
    Bon, je vais jouer ma blonde, ça faisait longtemps ^^ je n'arrive pas à trouver Download_mbam-setup.exe , peux-tu m'aider dans l'emplacement géographique du lien sur la page, lol
    Merci ;) 

    EDIT: J'ai trouvé à le télécharger sur un autre site mais, eh oui, y'a un mais une fois installé, j'ai un message d'erreur, encore un :pt1cable: 
    http://www.servimg.com/image_preview.php?i=53&u=1100972...
    Je vais quand même essayer de passer en MSE mais je doute....
    à plus
    30 Avril 2008 10:47:28

    Re,

    Autant pour moi, y'avait un tuto....
    Cela ne fonctionne toujours pas, j'ai essayé le précédent, rien, désinstallé puis re-télécharger par ton lien, toujours le même message: "Erreur d'exécution '339': Le composant 'COMCTL32.OCX' ou une de ses dépendances n'est pas correctement enregistré: un fichier est absent ou incorrect."
    J'ai l'impression que tout part en sucette, j'ai un souci avec Avast aussi.....

    Après, ça me gêne que tu passes autant de temps sur mes problèmes, ne te sens pas obligé d'aller jusqu'au bout ... je comprendrais.
    30 Avril 2008 16:45:24

    J'ai enfin réussi à faire fonctionner MBAM, Au démarrage, aucune fenêtre d'erreur mis à part Spybot qui me dit "Spybot a decelé qu'un élement important du Registre a été modifié.....rundll32.exe....." Dois-je refuser la modif ou pas?
    http://www.servimg.com/image_preview.php?i=54&u=1100972...

    Voici le rapport MBAM:

    Malwarebytes' Anti-Malware 1.11
    Version de la base de données: 700

    Type de recherche: Examen complet (C:\|D:\|)
    Eléments examinés: 201482
    Temps écoulé: 54 minute(s), 16 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 5
    Valeur(s) du Registre infectée(s): 2
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 2
    Fichier(s) infecté(s): 2

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\Software\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Mirar (AdWare.Mirar) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\ContextProgram (AdWare.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\PlayMP3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\FBrowsingAdvisor (Trojan.FBrowsingAdvisor) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\MSServer (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cmds (Trojan.Agent) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMP3z (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
    C:\Users\Owen & Ethan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PlayMP3z (Adware.PlayMP3Z) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMP3z\Run PlayMP3z.lnk (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
    C:\Program Files\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully.


    Il a l'air super efficace ce logiciel, je le garde ;)  merci beaucoup
    Le "truc" que tu voulais que j'installe dans System32, c'était pour mon impossibilité de faire fonctionner MBAM ?
    Je l'ai téléchargé mais je ne sais où le mettre exactement, il ouvre system32 mais il lui faut un dossier en particulier, je pense donc me v'là de nouveau déguisé en blonde :p 

    Je ne sais pas si on , enfin tu as fini mais un grand merci pour ta patience :D 
    a b 8 Sécurité
    30 Avril 2008 16:47:19

    Citation :
    Le "truc" que tu voulais que j'installe dans System32, c'était pour mon impossibilité de faire fonctionner MBAM ?

    Bah si ça marche c'est ok alors :D 

    Euh dans ton screen, je ne vois pas la valeur en entier.
    a b 8 Sécurité
    30 Avril 2008 16:55:14

    Tu ne peux pas agrandir la fenêtre ?
    30 Avril 2008 17:06:29

    Rhaaa, c'est flou

    "rundll32.exe C:\Users\OWENE~1\AppData\Local\Temp\byXOfdAR.dll,c"
    a b 8 Sécurité
    30 Avril 2008 17:08:40

    Refuse, merci la deuxième image :D 
    Reposte un rapport Hijackthis.
    30 Avril 2008 17:13:56

    Ok chef ;) 
    Aaaaaaah, spybot m'ouvre plein de fenêtres....

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:48:32, on 26/04/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16643)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\hp\support\hpsysdrv.exe
    C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\jureg.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Windows\system32\schtasks.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Labtec\WebCam10\WebCam10.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Grisoft\AVG7\avgcc.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\hp\kbd\kbd.exe
    C:\Windows\System32\cmd.exe
    C:\Windows\system32\conime.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Windows NT\Accessories\wordpad.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {AC53EE7B-265C-4265-85F4-58DBD1DD7B7B} - (no file)
    O2 - BHO: (no name) - {EF21B277-AE9F-460C-B3FE-B47AA3A8EBBF} - C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
    O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
    O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Labtec\WebCam10\WebCam10.exe" /hide
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll,c
    O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\OWEN&E~1\AppData\Local\Temp\efCRhGxw.dll,#1
    O4 - HKCU\..\Policies\Explorer\Run: [Windows Printing Driver] WinSpooler.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O4 - Global Startup: Bluetooth Manager.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx...
    O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

    --
    End of file - 10579 bytes
    a b 8 Sécurité
    30 Avril 2008 17:18:57

    Refais un scan Combofix on termine :) 
    30 Avril 2008 17:34:52

    ComboFix 08-04-24.1 - Owen & Ethan 2008-04-30 17:30:17.3 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1962 [GMT 2:00]
    Endroit: C:\Users\Owen & Ethan\Desktop\ComboFix.exe
    .

    ((((((((((((((((((((((((((((( Fichiers créés 2008-03-28 to 2008-04-30 ))))))))))))))))))))))))))))))))))))
    .

    2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\Malwarebytes
    2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\Users\All Users\Malwarebytes
    2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\ProgramData\Malwarebytes
    2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-04-30 13:03 . 2008-04-30 13:03 417,792 --a------ C:\Users\Owen & Ethan\GL4JavbJauGljJNI14.dll
    2008-04-29 13:35 . 2008-04-29 13:35 <REP> d-------- C:\Program Files\MZ Manager 2
    2008-04-27 22:45 . 2008-04-27 22:45 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\vlc
    2008-04-27 22:44 . 2008-04-27 22:44 <REP> d-------- C:\Program Files\VideoLAN
    2008-04-26 16:21 . 2008-04-26 16:21 <REP> d-------- C:\Windows\BDOSCAN8
    2008-04-26 15:56 . 2008-04-26 16:14 <REP> d----c--- C:\Windows\System32\DRVSTORE
    2008-04-26 14:53 . 2008-04-26 14:53 1,160 --a------ C:\Windows\mozver.dat
    2008-04-26 10:22 . 2008-04-26 17:53 <REP> d-------- C:\Program Files\Navilog1
    2008-04-25 16:23 . 2008-04-25 16:23 <REP> d-------- C:\Program Files\Lavasoft
    2008-04-25 16:22 . 2008-04-25 16:22 <REP> d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2008-04-25 15:29 . 2008-04-25 15:30 <REP> d-------- C:\Users\All Users\AntiVir PersonalEdition Classic
    2008-04-25 15:29 . 2008-04-25 15:30 <REP> d-------- C:\ProgramData\AntiVir PersonalEdition Classic
    2008-04-23 17:13 . 2008-04-23 17:13 <REP> d-------- C:\Program Files\San Andreas Mod Installer
    2008-04-23 11:50 . 2008-04-23 11:47 691,545 --a------ C:\Windows\unins000.exe
    2008-04-23 11:50 . 2008-04-23 11:50 2,545 --a------ C:\Windows\unins000.dat
    2008-04-17 16:42 . 2008-04-17 16:42 <REP> d-------- C:\Program Files\Canal
    2008-04-17 16:41 . 2008-04-17 16:41 <REP> d-------- C:\Program Files\Common Files\Adobe AIR
    2008-04-10 16:56 . 2008-03-05 15:56 3,786,760 --a------ C:\Windows\System32\D3DX9_37.dll
    2008-04-10 16:56 . 2008-03-05 15:56 1,420,824 --a------ C:\Windows\System32\D3DCompiler_37.dll
    2008-04-10 16:56 . 2008-03-05 16:03 479,752 --a------ C:\Windows\System32\XAudio2_0.dll
    2008-04-10 16:56 . 2008-02-05 23:07 462,864 --a------ C:\Windows\System32\d3dx10_37.dll
    2008-04-10 16:56 . 2008-03-05 16:03 238,088 --a------ C:\Windows\System32\xactengine3_0.dll
    2008-04-10 16:56 . 2008-03-05 16:00 25,608 --a------ C:\Windows\System32\X3DAudio1_3.dll
    2008-04-09 18:52 . 2008-04-09 18:52 <REP> d-------- C:\Users\All Users\Media Center Programs
    2008-04-09 18:52 . 2008-04-09 18:52 <REP> d-------- C:\ProgramData\Media Center Programs
    2008-04-09 18:46 . 2008-04-09 18:54 <REP> d-------- C:\Program Files\Tomb Raider - Anniversary
    2008-04-09 18:46 . 2008-02-29 06:16 2,027,008 --a------ C:\Windows\System32\win32k.sys
    2008-04-09 18:46 . 2008-02-15 01:19 944,184 --a------ C:\Windows\System32\winload.exe
    2008-04-09 18:46 . 2008-02-19 07:10 620,088 --a------ C:\Windows\System32\ci.dll
    2008-04-09 18:46 . 2008-02-29 08:39 371,712 --a------ C:\Windows\System32\srcore.dll
    2008-04-09 18:46 . 2008-02-29 08:38 313,856 --a------ C:\Windows\System32\rstrui.exe
    2008-04-09 18:46 . 2008-02-29 08:51 19,000 --a------ C:\Windows\System32\kd1394.dll
    2008-04-09 18:45 . 2008-02-29 08:39 40,960 --a------ C:\Windows\System32\srclient.dll
    2008-04-09 18:45 . 2008-02-29 08:38 16,384 --a------ C:\Windows\System32\srdelayed.exe
    2008-04-09 18:45 . 2008-02-29 08:34 7,168 --a------ C:\Windows\System32\f3ahvoas.dll
    2008-04-09 18:45 . 2008-02-29 08:35 6,656 --a------ C:\Windows\System32\kbd106n.dll
    2008-04-09 18:44 . 2008-02-21 06:43 296,448 --a------ C:\Windows\System32\gdi32.dll
    2008-04-09 18:44 . 2007-12-16 13:49 84,480 --a------ C:\Windows\System32\dnsrslvr.dll
    2008-04-09 18:44 . 2007-12-16 11:41 24,576 --a------ C:\Windows\System32\dnscacheugc.exe
    2008-04-08 23:31 . 2008-04-08 23:31 <REP> d-------- C:\Users\votre nom d'utilisateur\Mes documents
    2008-04-08 23:31 . 2008-04-08 23:31 <REP> d-------- C:\Users\votre nom d'utilisateur
    2008-04-02 21:41 . 2008-04-02 21:41 69 --a------ C:\Windows\NeroDigital.ini
    2008-04-02 13:09 . 2008-04-02 13:09 303 --a------ C:\Windows\ST6UNST.001
    2008-04-02 13:08 . 2008-04-02 13:09 5,144 --a------ C:\Windows\SETUP.LST
    2008-04-02 13:08 . 2008-04-02 13:08 303 --a------ C:\Windows\ST6UNST.000
    2008-03-30 16:54 . 2008-03-30 16:54 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\Talkback
    2008-03-30 15:43 . 2008-03-30 15:43 <REP> d-------- C:\Users\All Users\eMule
    2008-03-30 15:43 . 2008-03-30 15:43 <REP> d-------- C:\ProgramData\eMule
    2008-03-30 15:43 . 2008-03-30 15:43 <REP> d-------- C:\Program Files\eMule
    2008-03-30 14:39 . 2008-03-30 14:39 <REP> d-------- C:\Windows\System32\URTTEMP
    2008-03-30 00:30 . 2008-04-23 17:13 <REP> d-------- C:\Windows\San Andreas Mod Installer
    2008-03-29 23:05 . 2008-03-29 23:26 524,288 --ahs---- C:\Users\Owen & Ethan\ntuser.dat{883e363f-fdce-11dc-8444-001e8c5b18f3}.TMContainer00000000000000000002.regtrans-ms
    2008-03-29 23:05 . 2008-03-29 23:26 524,288 --ahs---- C:\Users\Owen & Ethan\ntuser.dat{883e363f-fdce-11dc-8444-001e8c5b18f3}.TMContainer00000000000000000001.regtrans-ms
    2008-03-29 23:05 . 2008-03-29 23:26 65,536 --ahs---- C:\Users\Owen & Ethan\ntuser.dat{883e363f-fdce-11dc-8444-001e8c5b18f3}.TM.blf
    2008-03-28 19:01 . 2008-03-28 19:01 <REP> d-------- C:\Program Files\AC3Filter
    2008-03-27 18:14 . 2008-03-27 18:14 <REP> d-------- C:\Program Files\DkZ Studio
    2008-03-21 11:07 . 2008-03-21 11:58 <REP> d-------- C:\Program Files\Common Files\Real
    2008-03-19 18:38 . 2008-03-27 17:45 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\IDM
    2008-03-19 18:38 . 2008-03-27 17:44 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\DMCache
    2008-03-19 18:38 . 2008-03-27 17:47 <REP> d-------- C:\Program Files\Internet Download Manager
    2008-03-14 23:28 . 2008-03-14 23:28 137,344 --a------ C:\Windows\System32\drivers\litsgt.sys
    2008-03-14 23:28 . 2008-03-14 23:28 12,032 --a------ C:\Windows\System32\drivers\tansgt.sys
    2008-03-14 23:25 . 2008-03-14 23:25 <REP> d-------- C:\Program Files\Atari
    2008-03-11 19:36 . 2007-12-17 00:50 1,060,920 --a------ C:\Windows\System32\drivers\ntfs.sys
    2008-03-11 19:36 . 2007-12-16 11:56 41,984 --a------ C:\Windows\System32\drivers\monitor.sys
    2008-03-08 18:52 . 2008-02-22 05:25 54,672 --a------ C:\Windows\System32\jureg.exe
    2008-03-03 19:35 . 2008-03-03 19:35 98,304 --a------ C:\Windows\System32\CmdLineExt.dll
    2008-03-03 19:27 . 2008-03-03 19:33 <REP> d-------- C:\Program Files\Tomb Raider - Legend
    2008-03-03 19:23 . 2008-03-03 19:23 <REP> d-------- C:\Program Files\Core Design
    2008-03-03 19:23 . 1999-08-03 11:50 172,032 --a------ C:\Windows\System32\binkw32.dll
    2008-03-03 11:53 . 2008-03-03 12:10 <REP> d-------- C:\RAY
    2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\Users\Public\CyberLink
    2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\CyberLink
    2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\Users\All Users\CyberLink
    2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\ProgramData\CyberLink

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-04-30 14:25 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\AVG7
    2008-04-30 13:18 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\OpenOffice.org2
    2008-04-29 13:14 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\LimeWire
    2008-04-26 14:14 --------- d-----w C:\Program Files\Common Files\PX Storage Engine
    2008-04-23 14:10 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
    2008-04-23 09:55 --------- d-----w C:\Program Files\Spybot - Search & Destroy
    2008-04-10 08:03 --------- d-----w C:\Program Files\Windows Mail
    2008-04-08 12:41 --------- d-----w C:\Program Files\PhotoFiltre
    2008-04-07 10:26 --------- d-----w C:\Program Files\Drawing for Children
    2008-04-07 10:25 733,696 ----a-w C:\Windows\GPInstall.exe
    2008-04-02 18:22 --------- d-----w C:\Users\fred\AppData\Roaming\AVG7
    2008-03-31 09:23 --------- d-----w C:\Program Files\SlySoft
    2008-03-29 21:01 --------- d-----w C:\ProgramData\avg7
    2008-03-29 20:02 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-03-14 16:03 278,984 ----a-w C:\Windows\system32\drivers\atksgt.sys
    2008-03-13 09:52 53,768 ----a-w C:\Windows\system32\drivers\avgwfp.sys
    2008-03-08 16:52 --------- d-----w C:\Program Files\Java
    2008-03-07 14:42 --------- d-----w C:\ProgramData\DVD Shrink
    2008-02-22 03:25 329,104 ----a-w C:\Windows\System32\jucheck.exe
    2008-02-21 15:04 9,216 ----a-w C:\Windows\System32\avgwlntf.dll
    2008-02-21 11:31 37,888 ----a-w C:\Windows\System32\rar.exe
    2008-02-21 04:43 826,368 ----a-w C:\Windows\System32\wininet.dll
    2008-02-21 04:43 56,320 ----a-w C:\Windows\System32\iesetup.dll
    2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
    2008-02-21 04:43 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
    2008-02-14 09:11 194,560 ----a-w C:\Windows\System32\WebClnt.dll
    2008-02-14 09:08 3,505,720 ----a-w C:\Windows\System32\ntkrnlpa.exe
    2008-02-14 09:08 3,471,928 ----a-w C:\Windows\System32\ntoskrnl.exe
    2008-02-14 09:07 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
    2008-02-14 09:07 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
    2008-02-14 09:07 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
    2008-02-14 09:07 24,064 ----a-w C:\Windows\System32\netcfg.exe
    2008-02-14 09:07 22,016 ----a-w C:\Windows\System32\netiougc.exe
    2008-02-14 09:07 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
    2008-02-14 09:07 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
    2008-02-14 09:07 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
    2008-02-14 09:07 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
    2008-02-14 09:07 1,686,528 ----a-w C:\Windows\System32\gameux.dll
    2008-02-09 15:15 194 ----a-w C:\Users\Owen & Ethan\AppData\Roaming\wklnhst.dat
    2008-02-07 11:15 92,160 ----a-w C:\Windows\System32\ezUninst.exe
    2008-02-07 11:15 85,504 ----a-w C:\Windows\System32\ezShellStart.exe
    2008-02-07 11:15 49,152 ----a-w C:\Windows\System32\ezUPBHook.dll
    2008-02-07 11:15 33,792 ----a-w C:\Windows\System32\ezntsvc.exe
    2008-02-07 11:15 241,664 ----a-w C:\Windows\System32\ezSetup.exe
    2008-02-07 11:15 15,360 ----a-w C:\Windows\System32\ezMAPIHelper.exe
    2008-02-06 16:43 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
    2008-02-06 16:43 67,584 ----a-w C:\Windows\System32\wlanhlp.dll
    2008-02-06 16:43 542,720 ----a-w C:\Windows\System32\sysmain.dll
    2008-02-06 16:43 502,784 ----a-w C:\Windows\System32\wlansvc.dll
    2008-02-06 16:43 47,104 ----a-w C:\Windows\System32\wlanapi.dll
    2008-02-06 16:43 297,984 ----a-w C:\Windows\System32\wlansec.dll
    2008-02-06 16:43 290,816 ----a-w C:\Windows\System32\wlanmsm.dll
    2008-02-06 16:43 24,064 ----a-w C:\Windows\System32\wtsapi32.dll
    2008-02-06 16:43 2,923,520 ----a-w C:\Windows\explorer.exe
    2008-02-06 16:41 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
    2008-02-06 16:41 223,232 ----a-w C:\Windows\System32\WMASF.DLL
    2008-02-06 16:41 2,048 ----a-w C:\Windows\System32\asferror.dll
    2008-02-06 16:41 1,327,104 ----a-w C:\Windows\System32\quartz.dll
    2008-02-06 16:40 11,776 ----a-w C:\Windows\System32\sbunattend.exe
    2008-02-06 16:38 2,048 ----a-w C:\Windows\System32\tzres.dll
    2008-02-06 16:31 53,080 ----a-w C:\Windows\System32\wuauclt.exe
    2008-02-06 16:31 43,352 ----a-w C:\Windows\System32\wups2.dll
    2008-02-06 16:31 1,712,984 ----a-w C:\Windows\System32\wuaueng.dll
    2008-02-06 16:31 1,524,224 ----a-w C:\Windows\System32\wucltux.dll
    2008-02-06 16:30 80,896 ----a-w C:\Windows\System32\wudriver.dll
    2008-02-06 16:30 549,720 ----a-w C:\Windows\System32\wuapi.dll
    2008-02-06 16:30 33,624 ----a-w C:\Windows\System32\wups.dll
    2008-02-06 16:30 31,232 ----a-w C:\Windows\System32\wuapp.exe
    2008-02-06 16:30 163,000 ----a-w C:\Windows\System32\wuwebv.dll
    2008-01-10 05:50 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
    2008-01-04 21:59 524,288 ----a-w C:\Windows\System32\DivXsm.exe
    2008-01-04 21:58 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
    2008-01-04 21:58 200,704 ----a-w C:\Windows\System32\ssldivx.dll
    2008-01-04 21:58 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
    2008-01-04 21:57 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
    2008-01-04 21:57 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
    2008-01-04 21:57 81,920 ----a-w C:\Windows\System32\dpl100.dll
    2008-01-04 21:57 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
    2008-01-04 21:57 682,496 ----a-w C:\Windows\System32\DivX.dll
    2008-01-04 21:57 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
    2008-01-04 21:57 57,344 ----a-w C:\Windows\System32\dpv11.dll
    2008-01-04 21:57 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll
    2008-01-04 21:57 344,064 ----a-w C:\Windows\System32\dpus11.dll
    2008-01-04 21:57 294,912 ----a-w C:\Windows\System32\dpu11.dll
    2008-01-04 21:57 294,912 ----a-w C:\Windows\System32\dpu10.dll
    2008-01-04 21:57 196,608 ----a-w C:\Windows\System32\dtu100.dll
    2008-01-04 21:56 156,992 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe
    2008-01-04 21:56 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll
    2007-12-07 17:57 174 --sha-w C:\Program Files\desktop.ini
    2007-11-13 18:11 68,332,489 ----a-w C:\Program Files\openofficeorg3.cab
    2007-11-13 18:11 3,395,476 ----a-w C:\Program Files\openofficeorg4.cab
    2007-11-13 18:04 17,645,041 ----a-w C:\Program Files\openofficeorg2.cab
    2007-11-13 18:03 19,208,747 ----a-w C:\Program Files\openofficeorg1.cab
    2007-11-13 18:02 4,369,408 ----a-w C:\Program Files\openofficeorg23.msi
    2007-11-13 18:02 217 ----a-w C:\Program Files\setup.ini
    2004-07-22 09:51 3,432,656 ----a-w C:\Program Files\ManagedDX.CAB
    2004-07-19 21:58 1,156,363 ----a-w C:\Program Files\BDANT.cab
    2004-07-19 21:53 976,020 ----a-w C:\Program Files\BDAXP.cab
    2004-07-09 13:17 13,265,040 ----a-w C:\Program Files\dxnt.cab
    2004-07-09 08:13 703,080 ----a-w C:\Program Files\BDA.cab
    .

    ((((((((((((((((((((((((((((( snapshot@2008-04-26_18.28.23.62 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-04-26 16:22:21 67,584 --s-a-w C:\Windows\bootstat.dat
    + 2008-04-30 14:24:29 67,584 --s-a-w C:\Windows\bootstat.dat
    + 2008-04-30 14:24:29 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    + 2008-04-30 14:24:29 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    - 2008-04-26 16:13:31 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
    + 2008-04-30 14:39:38 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
    - 2008-04-26 16:22:53 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
    + 2008-04-30 14:25:59 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
    + 2008-04-30 14:25:59 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
    - 2008-04-26 16:19:35 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
    + 2008-04-30 15:30:22 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
    - 2008-04-26 16:22:53 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
    + 2008-04-30 14:26:04 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
    + 2008-04-30 14:26:04 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
    - 2008-04-26 16:23:22 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2008-04-30 14:58:46 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2008-04-26 16:23:22 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2008-04-30 14:58:46 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2008-04-26 16:23:22 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2008-04-30 14:58:46 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2008-04-26 16:01:38 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
    + 2008-04-30 14:22:39 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
    + 2008-04-30 14:22:39 262,144 ---ha-w C:\Windows\System32\config\systemprofile\ntuser.dat.LOG1
    - 2008-04-26 16:18:51 107,416 ----a-w C:\Windows\System32\perfc009.dat
    + 2008-04-30 14:30:56 107,416 ----a-w C:\Windows\System32\perfc009.dat
    - 2008-04-26 16:18:51 121,814 ----a-w C:\Windows\System32\perfc00C.dat
    + 2008-04-30 14:30:56 121,814 ----a-w C:\Windows\System32\perfc00C.dat
    - 2008-04-26 16:18:51 618,272 ----a-w C:\Windows\System32\perfh009.dat
    + 2008-04-30 14:30:56 618,272 ----a-w C:\Windows\System32\perfh009.dat
    - 2008-04-26 16:18:51 699,984 ----a-w C:\Windows\System32\perfh00C.dat
    + 2008-04-30 14:30:56 699,984 ----a-w C:\Windows\System32\perfh00C.dat
    - 2008-04-26 15:58:34 10,990 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3621014496-419229648-1526199216-1000_UserData.bin
    + 2008-04-30 14:26:24 11,302 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3621014496-419229648-1526199216-1000_UserData.bin
    - 2008-04-26 16:14:15 60,664 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
    + 2008-04-30 14:26:24 60,934 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
    - 2008-04-26 15:58:33 50,880 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
    + 2008-04-30 14:26:23 51,240 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
    .
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{267D2125-77C5-4FDD-B343-54C77A9D6E6A}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AC53EE7B-265C-4265-85F4-58DBD1DD7B7B}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-02-06 18:40 1232896]
    "cmds"="C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll" [ ]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-12-08 04:28 1006264]
    "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 17:01 65536]
    "KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 18:16 65536]
    "OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 13:59 118784]
    "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 17:36 178712]
    "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-08-27 20:59 86016]
    "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-08-27 20:59 8473120]
    "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-08-27 20:59 81920]
    "HP Health Check Scheduler"="[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [ ]
    "SunJavaUpdateReg"="C:\Windows\system32\jureg.exe" [2008-02-22 05:25 54672]
    "HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 17:24 54840]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 10:51 1836328]
    "LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-03-06 18:48 488984]
    "LogitechQuickCamRibbon"="C:\Program Files\Labtec\WebCam10\WebCam10.exe" [2007-03-06 18:58 1060376]
    "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 16:57 153136]
    "RtHDVCpl"="RtHDVCpl.exe" [2007-10-25 15:52 4702208 C:\Windows\RtHDVCpl.exe]
    "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-04-17 09:04 579584]
    "avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-04-02 10:35 327720]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-02-21 17:03 219136]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableLockWorkstation"= 0 (0x0)
    "DisableChangePassword"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoLogoff"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
    "Windows Printing Driver"= WinSpooler.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
    avgwlntf.dll 2008-02-21 17:04 9216 C:\Windows\System32\avgwlntf.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "msacm.l3codecp"= l3codecp.acm

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{0C1B9D83-7C06-4A28-91B0-07A36AA64670}"= c:\Program Files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
    "{7906CDA6-1DD0-45DD-911E-9F582507765F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "TCP Query User{2A7451E8-0A19-411A-8652-14C41A8DDCC0}C:\\program files\\limewire\\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire
    "UDP Query User{B0448270-EAAA-4E2B-8EA1-A770AE7BF97C}C:\\program files\\limewire\\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire
    "TCP Query User{06C92084-503E-4FE1-A911-55044D544B25}C:\\program files\\konami\\pro evolution soccer 6\\pes6.exe"= UDP:C:\program files\konami\pro evolution soccer 6\pes6.exe:p es6.exe
    "UDP Query User{0D45552C-E281-4940-B642-FC5ED42956AB}C:\\program files\\konami\\pro evolution soccer 6\\pes6.exe"= TCP:C:\program files\konami\pro evolution soccer 6\pes6.exe:p es6.exe
    "TCP Query User{999CC55C-DF47-4F8A-88AB-444C9ED771FA}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
    "UDP Query User{A0B5A50B-46DE-44CE-9515-9ADE4C69CBBE}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
    "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

    R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-03-29 19:31]
    R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
    R2 litsgt;litsgt;C:\Windows\system32\DRIVERS\litsgt.sys [2008-03-14 23:28]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43]
    R2 tansgt;tansgt;C:\Windows\system32\DRIVERS\tansgt.sys [2008-03-14 23:28]
    R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service;C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 22:55]
    R3 AvgWFP;AVG7 Firewall Driver x86;C:\Windows\system32\Drivers\avgwfp.sys [2008-03-13 11:52]
    S3 GameConsoleService;GameConsoleService;"C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe" [2008-01-29 19:09]
    S3 MBAMCatchMe;MBAMCatchMe;C:\Program Files\Malwarebytes' Anti-Malware\catchme.sys [2008-04-07 20:17]
    S3 PCD5SRVC{BD6912E3-AC9D80E8-05040000};PCD5SRVC{BD6912E3-AC9D80E8-05040000} - PCDR Kernel Mode Service Helper Driver;C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms [2007-09-13 03:35]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3da222d8-a52c-11dc-8ee6-806e6f6e6963}]
    \shell\AutoRun\command - E:\autorun.exe

    *Newly Created Service* - CATCHME
    .
    **************************************************************************

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-30 17:32:03
    Windows 6.0.6000 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 5

    **************************************************************************
    .
    Temps d'accomplissement: 2008-04-30 17:33:08
    ComboFix-quarantined-files.txt 2008-04-30 15:32:54
    ComboFix2.txt 2008-04-26 16:28:53

    Pre-Run: 338,634,063,872 octets libres
    Post-Run: 338,618,834,944 octets libres

    317 --- E O F --- 2008-04-30 08:08:14
    a b 8 Sécurité
    30 Avril 2008 17:36:42

    Re,

    [#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    File::
    C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll

    Registry::
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{267D2125-77C5-4FDD-B343-54C77A9D6E6A}]
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AC53EE7B-265C-4265-85F4-58DBD1DD7B7B}]
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SpybotSD TeaTimer"=-
    "cmds"=-


    Ouvre le Bloc-notes (Démarrer>Exécuter...>notepad) puis colle (Ctrl+V) le texte précedemment copié.
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier CFScript.txt dans ComboFix.exe comme ci-dessous :


    Cela va relancer ComboFix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport HijackThis.
    [#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
    30 Avril 2008 17:43:09

    J'ai pas pu taper 1 :/ 
    Je recommence?
    30 Avril 2008 17:45:07

    ComboFix:

    ComboFix 08-04-24.1 - Owen & Ethan 2008-04-30 17:30:17.3 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1962 [GMT 2:00]
    Endroit: C:\Users\Owen & Ethan\Desktop\ComboFix.exe
    .

    ((((((((((((((((((((((((((((( Fichiers créés 2008-03-28 to 2008-04-30 ))))))))))))))))))))))))))))))))))))
    .

    2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\Malwarebytes
    2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\Users\All Users\Malwarebytes
    2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\ProgramData\Malwarebytes
    2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-04-30 13:03 . 2008-04-30 13:03 417,792 --a------ C:\Users\Owen & Ethan\GL4JavbJauGljJNI14.dll
    2008-04-29 13:35 . 2008-04-29 13:35 <REP> d-------- C:\Program Files\MZ Manager 2
    2008-04-27 22:45 . 2008-04-27 22:45 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\vlc
    2008-04-27 22:44 . 2008-04-27 22:44 <REP> d-------- C:\Program Files\VideoLAN
    2008-04-26 16:21 . 2008-04-26 16:21 <REP> d-------- C:\Windows\BDOSCAN8
    2008-04-26 15:56 . 2008-04-26 16:14 <REP> d----c--- C:\Windows\System32\DRVSTORE
    2008-04-26 14:53 . 2008-04-26 14:53 1,160 --a------ C:\Windows\mozver.dat
    2008-04-26 10:22 . 2008-04-26 17:53 <REP> d-------- C:\Program Files\Navilog1
    2008-04-25 16:23 . 2008-04-25 16:23 <REP> d-------- C:\Program Files\Lavasoft
    2008-04-25 16:22 . 2008-04-25 16:22 <REP> d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2008-04-25 15:29 . 2008-04-25 15:30 <REP> d-------- C:\Users\All Users\AntiVir PersonalEdition Classic
    2008-04-25 15:29 . 2008-04-25 15:30 <REP> d-------- C:\ProgramData\AntiVir PersonalEdition Classic
    2008-04-23 17:13 . 2008-04-23 17:13 <REP> d-------- C:\Program Files\San Andreas Mod Installer
    2008-04-23 11:50 . 2008-04-23 11:47 691,545 --a------ C:\Windows\unins000.exe
    2008-04-23 11:50 . 2008-04-23 11:50 2,545 --a------ C:\Windows\unins000.dat
    2008-04-17 16:42 . 2008-04-17 16:42 <REP> d-------- C:\Program Files\Canal
    2008-04-17 16:41 . 2008-04-17 16:41 <REP> d-------- C:\Program Files\Common Files\Adobe AIR
    2008-04-10 16:56 . 2008-03-05 15:56 3,786,760 --a------ C:\Windows\System32\D3DX9_37.dll
    2008-04-10 16:56 . 2008-03-05 15:56 1,420,824 --a------ C:\Windows\System32\D3DCompiler_37.dll
    2008-04-10 16:56 . 2008-03-05 16:03 479,752 --a------ C:\Windows\System32\XAudio2_0.dll
    2008-04-10 16:56 . 2008-02-05 23:07 462,864 --a------ C:\Windows\System32\d3dx10_37.dll
    2008-04-10 16:56 . 2008-03-05 16:03 238,088 --a------ C:\Windows\System32\xactengine3_0.dll
    2008-04-10 16:56 . 2008-03-05 16:00 25,608 --a------ C:\Windows\System32\X3DAudio1_3.dll
    2008-04-09 18:52 . 2008-04-09 18:52 <REP> d-------- C:\Users\All Users\Media Center Programs
    2008-04-09 18:52 . 2008-04-09 18:52 <REP> d-------- C:\ProgramData\Media Center Programs
    2008-04-09 18:46 . 2008-04-09 18:54 <REP> d-------- C:\Program Files\Tomb Raider - Anniversary
    2008-04-09 18:46 . 2008-02-29 06:16 2,027,008 --a------ C:\Windows\System32\win32k.sys
    2008-04-09 18:46 . 2008-02-15 01:19 944,184 --a------ C:\Windows\System32\winload.exe
    2008-04-09 18:46 . 2008-02-19 07:10 620,088 --a------ C:\Windows\System32\ci.dll
    2008-04-09 18:46 . 2008-02-29 08:39 371,712 --a------ C:\Windows\System32\srcore.dll
    2008-04-09 18:46 . 2008-02-29 08:38 313,856 --a------ C:\Windows\System32\rstrui.exe
    2008-04-09 18:46 . 2008-02-29 08:51 19,000 --a------ C:\Windows\System32\kd1394.dll
    2008-04-09 18:45 . 2008-02-29 08:39 40,960 --a------ C:\Windows\System32\srclient.dll
    2008-04-09 18:45 . 2008-02-29 08:38 16,384 --a------ C:\Windows\System32\srdelayed.exe
    2008-04-09 18:45 . 2008-02-29 08:34 7,168 --a------ C:\Windows\System32\f3ahvoas.dll
    2008-04-09 18:45 . 2008-02-29 08:35 6,656 --a------ C:\Windows\System32\kbd106n.dll
    2008-04-09 18:44 . 2008-02-21 06:43 296,448 --a------ C:\Windows\System32\gdi32.dll
    2008-04-09 18:44 . 2007-12-16 13:49 84,480 --a------ C:\Windows\System32\dnsrslvr.dll
    2008-04-09 18:44 . 2007-12-16 11:41 24,576 --a------ C:\Windows\System32\dnscacheugc.exe
    2008-04-08 23:31 . 2008-04-08 23:31 <REP> d-------- C:\Users\votre nom d'utilisateur\Mes documents
    2008-04-08 23:31 . 2008-04-08 23:31 <REP> d-------- C:\Users\votre nom d'utilisateur
    2008-04-02 21:41 . 2008-04-02 21:41 69 --a------ C:\Windows\NeroDigital.ini
    2008-04-02 13:09 . 2008-04-02 13:09 303 --a------ C:\Windows\ST6UNST.001
    2008-04-02 13:08 . 2008-04-02 13:09 5,144 --a------ C:\Windows\SETUP.LST
    2008-04-02 13:08 . 2008-04-02 13:08 303 --a------ C:\Windows\ST6UNST.000
    2008-03-30 16:54 . 2008-03-30 16:54 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\Talkback
    2008-03-30 15:43 . 2008-03-30 15:43 <REP> d-------- C:\Users\All Users\eMule
    2008-03-30 15:43 . 2008-03-30 15:43 <REP> d-------- C:\ProgramData\eMule
    2008-03-30 15:43 . 2008-03-30 15:43 <REP> d-------- C:\Program Files\eMule
    2008-03-30 14:39 . 2008-03-30 14:39 <REP> d-------- C:\Windows\System32\URTTEMP
    2008-03-30 00:30 . 2008-04-23 17:13 <REP> d-------- C:\Windows\San Andreas Mod Installer
    2008-03-29 23:05 . 2008-03-29 23:26 524,288 --ahs---- C:\Users\Owen & Ethan\ntuser.dat{883e363f-fdce-11dc-8444-001e8c5b18f3}.TMContainer00000000000000000002.regtrans-ms
    2008-03-29 23:05 . 2008-03-29 23:26 524,288 --ahs---- C:\Users\Owen & Ethan\ntuser.dat{883e363f-fdce-11dc-8444-001e8c5b18f3}.TMContainer00000000000000000001.regtrans-ms
    2008-03-29 23:05 . 2008-03-29 23:26 65,536 --ahs---- C:\Users\Owen & Ethan\ntuser.dat{883e363f-fdce-11dc-8444-001e8c5b18f3}.TM.blf
    2008-03-28 19:01 . 2008-03-28 19:01 <REP> d-------- C:\Program Files\AC3Filter
    2008-03-27 18:14 . 2008-03-27 18:14 <REP> d-------- C:\Program Files\DkZ Studio
    2008-03-21 11:07 . 2008-03-21 11:58 <REP> d-------- C:\Program Files\Common Files\Real
    2008-03-19 18:38 . 2008-03-27 17:45 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\IDM
    2008-03-19 18:38 . 2008-03-27 17:44 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\DMCache
    2008-03-19 18:38 . 2008-03-27 17:47 <REP> d-------- C:\Program Files\Internet Download Manager
    2008-03-14 23:28 . 2008-03-14 23:28 137,344 --a------ C:\Windows\System32\drivers\litsgt.sys
    2008-03-14 23:28 . 2008-03-14 23:28 12,032 --a------ C:\Windows\System32\drivers\tansgt.sys
    2008-03-14 23:25 . 2008-03-14 23:25 <REP> d-------- C:\Program Files\Atari
    2008-03-11 19:36 . 2007-12-17 00:50 1,060,920 --a------ C:\Windows\System32\drivers\ntfs.sys
    2008-03-11 19:36 . 2007-12-16 11:56 41,984 --a------ C:\Windows\System32\drivers\monitor.sys
    2008-03-08 18:52 . 2008-02-22 05:25 54,672 --a------ C:\Windows\System32\jureg.exe
    2008-03-03 19:35 . 2008-03-03 19:35 98,304 --a------ C:\Windows\System32\CmdLineExt.dll
    2008-03-03 19:27 . 2008-03-03 19:33 <REP> d-------- C:\Program Files\Tomb Raider - Legend
    2008-03-03 19:23 . 2008-03-03 19:23 <REP> d-------- C:\Program Files\Core Design
    2008-03-03 19:23 . 1999-08-03 11:50 172,032 --a------ C:\Windows\System32\binkw32.dll
    2008-03-03 11:53 . 2008-03-03 12:10 <REP> d-------- C:\RAY
    2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\Users\Public\CyberLink
    2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\CyberLink
    2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\Users\All Users\CyberLink
    2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\ProgramData\CyberLink

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-04-30 14:25 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\AVG7
    2008-04-30 13:18 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\OpenOffice.org2
    2008-04-29 13:14 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\LimeWire
    2008-04-26 14:14 --------- d-----w C:\Program Files\Common Files\PX Storage Engine
    2008-04-23 14:10 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
    2008-04-23 09:55 --------- d-----w C:\Program Files\Spybot - Search & Destroy
    2008-04-10 08:03 --------- d-----w C:\Program Files\Windows Mail
    2008-04-08 12:41 --------- d-----w C:\Program Files\PhotoFiltre
    2008-04-07 10:26 --------- d-----w C:\Program Files\Drawing for Children
    2008-04-07 10:25 733,696 ----a-w C:\Windows\GPInstall.exe
    2008-04-02 18:22 --------- d-----w C:\Users\fred\AppData\Roaming\AVG7
    2008-03-31 09:23 --------- d-----w C:\Program Files\SlySoft
    2008-03-29 21:01 --------- d-----w C:\ProgramData\avg7
    2008-03-29 20:02 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-03-14 16:03 278,984 ----a-w C:\Windows\system32\drivers\atksgt.sys
    2008-03-13 09:52 53,768 ----a-w C:\Windows\system32\drivers\avgwfp.sys
    2008-03-08 16:52 --------- d-----w C:\Program Files\Java
    2008-03-07 14:42 --------- d-----w C:\ProgramData\DVD Shrink
    2008-02-22 03:25 329,104 ----a-w C:\Windows\System32\jucheck.exe
    2008-02-21 15:04 9,216 ----a-w C:\Windows\System32\avgwlntf.dll
    2008-02-21 11:31 37,888 ----a-w C:\Windows\System32\rar.exe
    2008-02-21 04:43 826,368 ----a-w C:\Windows\System32\wininet.dll
    2008-02-21 04:43 56,320 ----a-w C:\Windows\System32\iesetup.dll
    2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
    2008-02-21 04:43 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
    2008-02-14 09:11 194,560 ----a-w C:\Windows\System32\WebClnt.dll
    2008-02-14 09:08 3,505,720 ----a-w C:\Windows\System32\ntkrnlpa.exe
    2008-02-14 09:08 3,471,928 ----a-w C:\Windows\System32\ntoskrnl.exe
    2008-02-14 09:07 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
    2008-02-14 09:07 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
    2008-02-14 09:07 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
    2008-02-14 09:07 24,064 ----a-w C:\Windows\System32\netcfg.exe
    2008-02-14 09:07 22,016 ----a-w C:\Windows\System32\netiougc.exe
    2008-02-14 09:07 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
    2008-02-14 09:07 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
    2008-02-14 09:07 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
    2008-02-14 09:07 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
    2008-02-14 09:07 1,686,528 ----a-w C:\Windows\System32\gameux.dll
    2008-02-09 15:15 194 ----a-w C:\Users\Owen & Ethan\AppData\Roaming\wklnhst.dat
    2008-02-07 11:15 92,160 ----a-w C:\Windows\System32\ezUninst.exe
    2008-02-07 11:15 85,504 ----a-w C:\Windows\System32\ezShellStart.exe
    2008-02-07 11:15 49,152 ----a-w C:\Windows\System32\ezUPBHook.dll
    2008-02-07 11:15 33,792 ----a-w C:\Windows\System32\ezntsvc.exe
    2008-02-07 11:15 241,664 ----a-w C:\Windows\System32\ezSetup.exe
    2008-02-07 11:15 15,360 ----a-w C:\Windows\System32\ezMAPIHelper.exe
    2008-02-06 16:43 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
    2008-02-06 16:43 67,584 ----a-w C:\Windows\System32\wlanhlp.dll
    2008-02-06 16:43 542,720 ----a-w C:\Windows\System32\sysmain.dll
    2008-02-06 16:43 502,784 ----a-w C:\Windows\System32\wlansvc.dll
    2008-02-06 16:43 47,104 ----a-w C:\Windows\System32\wlanapi.dll
    2008-02-06 16:43 297,984 ----a-w C:\Windows\System32\wlansec.dll
    2008-02-06 16:43 290,816 ----a-w C:\Windows\System32\wlanmsm.dll
    2008-02-06 16:43 24,064 ----a-w C:\Windows\System32\wtsapi32.dll
    2008-02-06 16:43 2,923,520 ----a-w C:\Windows\explorer.exe
    2008-02-06 16:41 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
    2008-02-06 16:41 223,232 ----a-w C:\Windows\System32\WMASF.DLL
    2008-02-06 16:41 2,048 ----a-w C:\Windows\System32\asferror.dll
    2008-02-06 16:41 1,327,104 ----a-w C:\Windows\System32\quartz.dll
    2008-02-06 16:40 11,776 ----a-w C:\Windows\System32\sbunattend.exe
    2008-02-06 16:38 2,048 ----a-w C:\Windows\System32\tzres.dll
    2008-02-06 16:31 53,080 ----a-w C:\Windows\System32\wuauclt.exe
    2008-02-06 16:31 43,352 ----a-w C:\Windows\System32\wups2.dll
    2008-02-06 16:31 1,712,984 ----a-w C:\Windows\System32\wuaueng.dll
    2008-02-06 16:31 1,524,224 ----a-w C:\Windows\System32\wucltux.dll
    2008-02-06 16:30 80,896 ----a-w C:\Windows\System32\wudriver.dll
    2008-02-06 16:30 549,720 ----a-w C:\Windows\System32\wuapi.dll
    2008-02-06 16:30 33,624 ----a-w C:\Windows\System32\wups.dll
    2008-02-06 16:30 31,232 ----a-w C:\Windows\System32\wuapp.exe
    2008-02-06 16:30 163,000 ----a-w C:\Windows\System32\wuwebv.dll
    2008-01-10 05:50 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
    2008-01-04 21:59 524,288 ----a-w C:\Windows\System32\DivXsm.exe
    2008-01-04 21:58 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
    2008-01-04 21:58 200,704 ----a-w C:\Windows\System32\ssldivx.dll
    2008-01-04 21:58 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
    2008-01-04 21:57 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
    2008-01-04 21:57 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
    2008-01-04 21:57 81,920 ----a-w C:\Windows\System32\dpl100.dll
    2008-01-04 21:57 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
    2008-01-04 21:57 682,496 ----a-w C:\Windows\System32\DivX.dll
    2008-01-04 21:57 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
    2008-01-04 21:57 57,344 ----a-w C:\Windows\System32\dpv11.dll
    2008-01-04 21:57 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll
    2008-01-04 21:57 344,064 ----a-w C:\Windows\System32\dpus11.dll
    2008-01-04 21:57 294,912 ----a-w C:\Windows\System32\dpu11.dll
    2008-01-04 21:57 294,912 ----a-w C:\Windows\System32\dpu10.dll
    2008-01-04 21:57 196,608 ----a-w C:\Windows\System32\dtu100.dll
    2008-01-04 21:56 156,992 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe
    2008-01-04 21:56 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll
    2007-12-07 17:57 174 --sha-w C:\Program Files\desktop.ini
    2007-11-13 18:11 68,332,489 ----a-w C:\Program Files\openofficeorg3.cab
    2007-11-13 18:11 3,395,476 ----a-w C:\Program Files\openofficeorg4.cab
    2007-11-13 18:04 17,645,041 ----a-w C:\Program Files\openofficeorg2.cab
    2007-11-13 18:03 19,208,747 ----a-w C:\Program Files\openofficeorg1.cab
    2007-11-13 18:02 4,369,408 ----a-w C:\Program Files\openofficeorg23.msi
    2007-11-13 18:02 217 ----a-w C:\Program Files\setup.ini
    2004-07-22 09:51 3,432,656 ----a-w C:\Program Files\ManagedDX.CAB
    2004-07-19 21:58 1,156,363 ----a-w C:\Program Files\BDANT.cab
    2004-07-19 21:53 976,020 ----a-w C:\Program Files\BDAXP.cab
    2004-07-09 13:17 13,265,040 ----a-w C:\Program Files\dxnt.cab
    2004-07-09 08:13 703,080 ----a-w C:\Program Files\BDA.cab
    .

    ((((((((((((((((((((((((((((( snapshot@2008-04-26_18.28.23.62 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-04-26 16:22:21 67,584 --s-a-w C:\Windows\bootstat.dat
    + 2008-04-30 14:24:29 67,584 --s-a-w C:\Windows\bootstat.dat
    + 2008-04-30 14:24:29 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    + 2008-04-30 14:24:29 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    - 2008-04-26 16:13:31 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
    + 2008-04-30 14:39:38 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
    - 2008-04-26 16:22:53 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
    + 2008-04-30 14:25:59 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
    + 2008-04-30 14:25:59 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
    - 2008-04-26 16:19:35 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
    + 2008-04-30 15:30:22 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
    - 2008-04-26 16:22:53 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
    + 2008-04-30 14:26:04 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
    + 2008-04-30 14:26:04 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
    - 2008-04-26 16:23:22 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2008-04-30 14:58:46 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2008-04-26 16:23:22 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2008-04-30 14:58:46 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2008-04-26 16:23:22 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2008-04-30 14:58:46 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2008-04-26 16:01:38 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
    + 2008-04-30 14:22:39 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
    + 2008-04-30 14:22:39 262,144 ---ha-w C:\Windows\System32\config\systemprofile\ntuser.dat.LOG1
    - 2008-04-26 16:18:51 107,416 ----a-w C:\Windows\System32\perfc009.dat
    + 2008-04-30 14:30:56 107,416 ----a-w C:\Windows\System32\perfc009.dat
    - 2008-04-26 16:18:51 121,814 ----a-w C:\Windows\System32\perfc00C.dat
    + 2008-04-30 14:30:56 121,814 ----a-w C:\Windows\System32\perfc00C.dat
    - 2008-04-26 16:18:51 618,272 ----a-w C:\Windows\System32\perfh009.dat
    + 2008-04-30 14:30:56 618,272 ----a-w C:\Windows\System32\perfh009.dat
    - 2008-04-26 16:18:51 699,984 ----a-w C:\Windows\System32\perfh00C.dat
    + 2008-04-30 14:30:56 699,984 ----a-w C:\Windows\System32\perfh00C.dat
    - 2008-04-26 15:58:34 10,990 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3621014496-419229648-1526199216-1000_UserData.bin
    + 2008-04-30 14:26:24 11,302 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3621014496-419229648-1526199216-1000_UserData.bin
    - 2008-04-26 16:14:15 60,664 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
    + 2008-04-30 14:26:24 60,934 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
    - 2008-04-26 15:58:33 50,880 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
    + 2008-04-30 14:26:23 51,240 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
    .
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{267D2125-77C5-4FDD-B343-54C77A9D6E6A}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AC53EE7B-265C-4265-85F4-58DBD1DD7B7B}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-02-06 18:40 1232896]
    "cmds"="C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll" [ ]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-12-08 04:28 1006264]
    "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 17:01 65536]
    "KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 18:16 65536]
    "OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 13:59 118784]
    "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 17:36 178712]
    "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-08-27 20:59 86016]
    "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-08-27 20:59 8473120]
    "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-08-27 20:59 81920]
    "HP Health Check Scheduler"="[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [ ]
    "SunJavaUpdateReg"="C:\Windows\system32\jureg.exe" [2008-02-22 05:25 54672]
    "HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 17:24 54840]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 10:51 1836328]
    "LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-03-06 18:48 488984]
    "LogitechQuickCamRibbon"="C:\Program Files\Labtec\WebCam10\WebCam10.exe" [2007-03-06 18:58 1060376]
    "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 16:57 153136]
    "RtHDVCpl"="RtHDVCpl.exe" [2007-10-25 15:52 4702208 C:\Windows\RtHDVCpl.exe]
    "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-04-17 09:04 579584]
    "avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-04-02 10:35 327720]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-02-21 17:03 219136]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableLockWorkstation"= 0 (0x0)
    "DisableChangePassword"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoLogoff"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
    "Windows Printing Driver"= WinSpooler.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
    avgwlntf.dll 2008-02-21 17:04 9216 C:\Windows\System32\avgwlntf.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "msacm.l3codecp"= l3codecp.acm

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{0C1B9D83-7C06-4A28-91B0-07A36AA64670}"= c:\Program Files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
    "{7906CDA6-1DD0-45DD-911E-9F582507765F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "TCP Query User{2A7451E8-0A19-411A-8652-14C41A8DDCC0}C:\\program files\\limewire\\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire
    "UDP Query User{B0448270-EAAA-4E2B-8EA1-A770AE7BF97C}C:\\program files\\limewire\\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire
    "TCP Query User{06C92084-503E-4FE1-A911-55044D544B25}C:\\program files\\konami\\pro evolution soccer 6\\pes6.exe"= UDP:C:\program files\konami\pro evolution soccer 6\pes6.exe:p es6.exe
    "UDP Query User{0D45552C-E281-4940-B642-FC5ED42956AB}C:\\program files\\konami\\pro evolution soccer 6\\pes6.exe"= TCP:C:\program files\konami\pro evolution soccer 6\pes6.exe:p es6.exe
    "TCP Query User{999CC55C-DF47-4F8A-88AB-444C9ED771FA}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
    "UDP Query User{A0B5A50B-46DE-44CE-9515-9ADE4C69CBBE}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
    "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

    R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-03-29 19:31]
    R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
    R2 litsgt;litsgt;C:\Windows\system32\DRIVERS\litsgt.sys [2008-03-14 23:28]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43]
    R2 tansgt;tansgt;C:\Windows\system32\DRIVERS\tansgt.sys [2008-03-14 23:28]
    R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service;C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 22:55]
    R3 AvgWFP;AVG7 Firewall Driver x86;C:\Windows\system32\Drivers\avgwfp.sys [2008-03-13 11:52]
    S3 GameConsoleService;GameConsoleService;"C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe" [2008-01-29 19:09]
    S3 MBAMCatchMe;MBAMCatchMe;C:\Program Files\Malwarebytes' Anti-Malware\catchme.sys [2008-04-07 20:17]
    S3 PCD5SRVC{BD6912E3-AC9D80E8-05040000};PCD5SRVC{BD6912E3-AC9D80E8-05040000} - PCDR Kernel Mode Service Helper Driver;C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms [2007-09-13 03:35]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3da222d8-a52c-11dc-8ee6-806e6f6e6963}]
    \shell\AutoRun\command - E:\autorun.exe

    *Newly Created Service* - CATCHME
    .
    **************************************************************************

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-30 17:32:03
    Windows 6.0.6000 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 5

    **************************************************************************
    .
    Temps d'accomplissement: 2008-04-30 17:33:08
    ComboFix-quarantined-files.txt 2008-04-30 15:32:54
    ComboFix2.txt 2008-04-26 16:28:53

    Pre-Run: 338,634,063,872 octets libres
    Post-Run: 338,618,834,944 octets libres

    317 --- E O F --- 2008-04-30 08:08:14



    HiJack:

    ComboFix 08-04-24.1 - Owen & Ethan 2008-04-30 17:30:17.3 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1962 [GMT 2:00]
    Endroit: C:\Users\Owen & Ethan\Desktop\ComboFix.exe
    .

    ((((((((((((((((((((((((((((( Fichiers créés 2008-03-28 to 2008-04-30 ))))))))))))))))))))))))))))))))))))
    .

    2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\Malwarebytes
    2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\Users\All Users\Malwarebytes
    2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\ProgramData\Malwarebytes
    2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-04-30 13:03 . 2008-04-30 13:03 417,792 --a------ C:\Users\Owen & Ethan\GL4JavbJauGljJNI14.dll
    2008-04-29 13:35 . 2008-04-29 13:35 <REP> d-------- C:\Program Files\MZ Manager 2
    2008-04-27 22:45 . 2008-04-27 22:45 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\vlc
    2008-04-27 22:44 . 2008-04-27 22:44 <REP> d-------- C:\Program Files\VideoLAN
    2008-04-26 16:21 . 2008-04-26 16:21 <REP> d-------- C:\Windows\BDOSCAN8
    2008-04-26 15:56 . 2008-04-26 16:14 <REP> d----c--- C:\Windows\System32\DRVSTORE
    2008-04-26 14:53 . 2008-04-26 14:53 1,160 --a------ C:\Windows\mozver.dat
    2008-04-26 10:22 . 2008-04-26 17:53 <REP> d-------- C:\Program Files\Navilog1
    2008-04-25 16:23 . 2008-04-25 16:23 <REP> d-------- C:\Program Files\Lavasoft
    2008-04-25 16:22 . 2008-04-25 16:22 <REP> d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2008-04-25 15:29 . 2008-04-25 15:30 <REP> d-------- C:\Users\All Users\AntiVir PersonalEdition Classic
    2008-04-25 15:29 . 2008-04-25 15:30 <REP> d-------- C:\ProgramData\AntiVir PersonalEdition Classic
    2008-04-23 17:13 . 2008-04-23 17:13 <REP> d-------- C:\Program Files\San Andreas Mod Installer
    2008-04-23 11:50 . 2008-04-23 11:47 691,545 --a------ C:\Windows\unins000.exe
    2008-04-23 11:50 . 2008-04-23 11:50 2,545 --a------ C:\Windows\unins000.dat
    2008-04-17 16:42 . 2008-04-17 16:42 <REP> d-------- C:\Program Files\Canal
    2008-04-17 16:41 . 2008-04-17 16:41 <REP> d-------- C:\Program Files\Common Files\Adobe AIR
    2008-04-10 16:56 . 2008-03-05 15:56 3,786,760 --a------ C:\Windows\System32\D3DX9_37.dll
    2008-04-10 16:56 . 2008-03-05 15:56 1,420,824 --a------ C:\Windows\System32\D3DCompiler_37.dll
    2008-04-10 16:56 . 2008-03-05 16:03 479,752 --a------ C:\Windows\System32\XAudio2_0.dll
    2008-04-10 16:56 . 2008-02-05 23:07 462,864 --a------ C:\Windows\System32\d3dx10_37.dll
    2008-04-10 16:56 . 2008-03-05 16:03 238,088 --a------ C:\Windows\System32\xactengine3_0.dll
    2008-04-10 16:56 . 2008-03-05 16:00 25,608 --a------ C:\Windows\System32\X3DAudio1_3.dll
    2008-04-09 18:52 . 2008-04-09 18:52 <REP> d-------- C:\Users\All Users\Media Center Programs
    2008-04-09 18:52 . 2008-04-09 18:52 <REP> d-------- C:\ProgramData\Media Center Programs
    2008-04-09 18:46 . 2008-04-09 18:54 <REP> d-------- C:\Program Files\Tomb Raider - Anniversary
    2008-04-09 18:46 . 2008-02-29 06:16 2,027,008 --a------ C:\Windows\System32\win32k.sys
    2008-04-09 18:46 . 2008-02-15 01:19 944,184 --a------ C:\Windows\System32\winload.exe
    2008-04-09 18:46 . 2008-02-19 07:10 620,088 --a------ C:\Windows\System32\ci.dll
    2008-04-09 18:46 . 2008-02-29 08:39 371,712 --a------ C:\Windows\System32\srcore.dll
    2008-04-09 18:46 . 2008-02-29 08:38 313,856 --a------ C:\Windows\System32\rstrui.exe
    2008-04-09 18:46 . 2008-02-29 08:51 19,000 --a------ C:\Windows\System32\kd1394.dll
    2008-04-09 18:45 . 2008-02-29 08:39 40,960 --a------ C:\Windows\System32\srclient.dll
    2008-04-09 18:45 . 2008-02-29 08:38 16,384 --a------ C:\Windows\System32\srdelayed.exe
    2008-04-09 18:45 . 2008-02-29 08:34 7,168 --a------ C:\Windows\System32\f3ahvoas.dll
    2008-04-09 18:45 . 2008-02-29 08:35 6,656 --a------ C:\Windows\System32\kbd106n.dll
    2008-04-09 18:44 . 2008-02-21 06:43 296,448 --a------ C:\Windows\System32\gdi32.dll
    2008-04-09 18:44 . 2007-12-16 13:49 84,480 --a------ C:\Windows\System32\dnsrslvr.dll
    2008-04-09 18:44 . 2007-12-16 11:41 24,576 --a------ C:\Windows\System32\dnscacheugc.exe
    2008-04-08 23:31 . 2008-04-08 23:31 <REP> d-------- C:\Users\votre nom d'utilisateur\Mes documents
    2008-04-08 23:31 . 2008-04-08 23:31 <REP> d-------- C:\Users\votre nom d'utilisateur
    2008-04-02 21:41 . 2008-04-02 21:41 69 --a------ C:\Windows\NeroDigital.ini
    2008-04-02 13:09 . 2008-04-02 13:09 303 --a------ C:\Windows\ST6UNST.001
    2008-04-02 13:08 . 2008-04-02 13:09 5,144 --a------ C:\Windows\SETUP.LST
    2008-04-02 13:08 . 2008-04-02 13:08 303 --a------ C:\Windows\ST6UNST.000
    2008-03-30 16:54 . 2008-03-30 16:54 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\Talkback
    2008-03-30 15:43 . 2008-03-30 15:43 <REP> d-------- C:\Users\All Users\eMule
    2008-03-30 15:43 . 2008-03-30 15:43 <REP> d-------- C:\ProgramData\eMule
    2008-03-30 15:43 . 2008-03-30 15:43 <REP> d-------- C:\Program Files\eMule
    2008-03-30 14:39 . 2008-03-30 14:39 <REP> d-------- C:\Windows\System32\URTTEMP
    2008-03-30 00:30 . 2008-04-23 17:13 <REP> d-------- C:\Windows\San Andreas Mod Installer
    2008-03-29 23:05 . 2008-03-29 23:26 524,288 --ahs---- C:\Users\Owen & Ethan\ntuser.dat{883e363f-fdce-11dc-8444-001e8c5b18f3}.TMContainer00000000000000000002.regtrans-ms
    2008-03-29 23:05 . 2008-03-29 23:26 524,288 --ahs---- C:\Users\Owen & Ethan\ntuser.dat{883e363f-fdce-11dc-8444-001e8c5b18f3}.TMContainer00000000000000000001.regtrans-ms
    2008-03-29 23:05 . 2008-03-29 23:26 65,536 --ahs---- C:\Users\Owen & Ethan\ntuser.dat{883e363f-fdce-11dc-8444-001e8c5b18f3}.TM.blf
    2008-03-28 19:01 . 2008-03-28 19:01 <REP> d-------- C:\Program Files\AC3Filter
    2008-03-27 18:14 . 2008-03-27 18:14 <REP> d-------- C:\Program Files\DkZ Studio
    2008-03-21 11:07 . 2008-03-21 11:58 <REP> d-------- C:\Program Files\Common Files\Real
    2008-03-19 18:38 . 2008-03-27 17:45 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\IDM
    2008-03-19 18:38 . 2008-03-27 17:44 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\DMCache
    2008-03-19 18:38 . 2008-03-27 17:47 <REP> d-------- C:\Program Files\Internet Download Manager
    2008-03-14 23:28 . 2008-03-14 23:28 137,344 --a------ C:\Windows\System32\drivers\litsgt.sys
    2008-03-14 23:28 . 2008-03-14 23:28 12,032 --a------ C:\Windows\System32\drivers\tansgt.sys
    2008-03-14 23:25 . 2008-03-14 23:25 <REP> d-------- C:\Program Files\Atari
    2008-03-11 19:36 . 2007-12-17 00:50 1,060,920 --a------ C:\Windows\System32\drivers\ntfs.sys
    2008-03-11 19:36 . 2007-12-16 11:56 41,984 --a------ C:\Windows\System32\drivers\monitor.sys
    2008-03-08 18:52 . 2008-02-22 05:25 54,672 --a------ C:\Windows\System32\jureg.exe
    2008-03-03 19:35 . 2008-03-03 19:35 98,304 --a------ C:\Windows\System32\CmdLineExt.dll
    2008-03-03 19:27 . 2008-03-03 19:33 <REP> d-------- C:\Program Files\Tomb Raider - Legend
    2008-03-03 19:23 . 2008-03-03 19:23 <REP> d-------- C:\Program Files\Core Design
    2008-03-03 19:23 . 1999-08-03 11:50 172,032 --a------ C:\Windows\System32\binkw32.dll
    2008-03-03 11:53 . 2008-03-03 12:10 <REP> d-------- C:\RAY
    2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\Users\Public\CyberLink
    2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\CyberLink
    2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\Users\All Users\CyberLink
    2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\ProgramData\CyberLink

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-04-30 14:25 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\AVG7
    2008-04-30 13:18 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\OpenOffice.org2
    2008-04-29 13:14 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\LimeWire
    2008-04-26 14:14 --------- d-----w C:\Program Files\Common Files\PX Storage Engine
    2008-04-23 14:10 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
    2008-04-23 09:55 --------- d-----w C:\Program Files\Spybot - Search & Destroy
    2008-04-10 08:03 --------- d-----w C:\Program Files\Windows Mail
    2008-04-08 12:41 --------- d-----w C:\Program Files\PhotoFiltre
    2008-04-07 10:26 --------- d-----w C:\Program Files\Drawing for Children
    2008-04-07 10:25 733,696 ----a-w C:\Windows\GPInstall.exe
    2008-04-02 18:22 --------- d-----w C:\Users\fred\AppData\Roaming\AVG7
    2008-03-31 09:23 --------- d-----w C:\Program Files\SlySoft
    2008-03-29 21:01 --------- d-----w C:\ProgramData\avg7
    2008-03-29 20:02 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-03-14 16:03 278,984 ----a-w C:\Windows\system32\drivers\atksgt.sys
    2008-03-13 09:52 53,768 ----a-w C:\Windows\system32\drivers\avgwfp.sys
    2008-03-08 16:52 --------- d-----w C:\Program Files\Java
    2008-03-07 14:42 --------- d-----w C:\ProgramData\DVD Shrink
    2008-02-22 03:25 329,104 ----a-w C:\Windows\System32\jucheck.exe
    2008-02-21 15:04 9,216 ----a-w C:\Windows\System32\avgwlntf.dll
    2008-02-21 11:31 37,888 ----a-w C:\Windows\System32\rar.exe
    2008-02-21 04:43 826,368 ----a-w C:\Windows\System32\wininet.dll
    2008-02-21 04:43 56,320 ----a-w C:\Windows\System32\iesetup.dll
    2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
    2008-02-21 04:43 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
    2008-02-14 09:11 194,560 ----a-w C:\Windows\System32\WebClnt.dll
    2008-02-14 09:08 3,505,720 ----a-w C:\Windows\System32\ntkrnlpa.exe
    2008-02-14 09:08 3,471,928 ----a-w C:\Windows\System32\ntoskrnl.exe
    2008-02-14 09:07 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
    2008-02-14 09:07 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
    2008-02-14 09:07 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
    2008-02-14 09:07 24,064 ----a-w C:\Windows\System32\netcfg.exe
    2008-02-14 09:07 22,016 ----a-w C:\Windows\System32\netiougc.exe
    2008-02-14 09:07 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
    2008-02-14 09:07 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
    2008-02-14 09:07 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
    2008-02-14 09:07 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
    2008-02-14 09:07 1,686,528 ----a-w C:\Windows\System32\gameux.dll
    2008-02-09 15:15 194 ----a-w C:\Users\Owen & Ethan\AppData\Roaming\wklnhst.dat
    2008-02-07 11:15 92,160 ----a-w C:\Windows\System32\ezUninst.exe
    2008-02-07 11:15 85,504 ----a-w C:\Windows\System32\ezShellStart.exe
    2008-02-07 11:15 49,152 ----a-w C:\Windows\System32\ezUPBHook.dll
    2008-02-07 11:15 33,792 ----a-w C:\Windows\System32\ezntsvc.exe
    2008-02-07 11:15 241,664 ----a-w C:\Windows\System32\ezSetup.exe
    2008-02-07 11:15 15,360 ----a-w C:\Windows\System32\ezMAPIHelper.exe
    2008-02-06 16:43 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
    2008-02-06 16:43 67,584 ----a-w C:\Windows\System32\wlanhlp.dll
    2008-02-06 16:43 542,720 ----a-w C:\Windows\System32\sysmain.dll
    2008-02-06 16:43 502,784 ----a-w C:\Windows\System32\wlansvc.dll
    2008-02-06 16:43 47,104 ----a-w C:\Windows\System32\wlanapi.dll
    2008-02-06 16:43 297,984 ----a-w C:\Windows\System32\wlansec.dll
    2008-02-06 16:43 290,816 ----a-w C:\Windows\System32\wlanmsm.dll
    2008-02-06 16:43 24,064 ----a-w C:\Windows\System32\wtsapi32.dll
    2008-02-06 16:43 2,923,520 ----a-w C:\Windows\explorer.exe
    2008-02-06 16:41 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
    2008-02-06 16:41 223,232 ----a-w C:\Windows\System32\WMASF.DLL
    2008-02-06 16:41 2,048 ----a-w C:\Windows\System32\asferror.dll
    2008-02-06 16:41 1,327,104 ----a-w C:\Windows\System32\quartz.dll
    2008-02-06 16:40 11,776 ----a-w C:\Windows\System32\sbunattend.exe
    2008-02-06 16:38 2,048 ----a-w C:\Windows\System32\tzres.dll
    2008-02-06 16:31 53,080 ----a-w C:\Windows\System32\wuauclt.exe
    2008-02-06 16:31 43,352 ----a-w C:\Windows\System32\wups2.dll
    2008-02-06 16:31 1,712,984 ----a-w C:\Windows\System32\wuaueng.dll
    2008-02-06 16:31 1,524,224 ----a-w C:\Windows\System32\wucltux.dll
    2008-02-06 16:30 80,896 ----a-w C:\Windows\System32\wudriver.dll
    2008-02-06 16:30 549,720 ----a-w C:\Windows\System32\wuapi.dll
    2008-02-06 16:30 33,624 ----a-w C:\Windows\System32\wups.dll
    2008-02-06 16:30 31,232 ----a-w C:\Windows\System32\wuapp.exe
    2008-02-06 16:30 163,000 ----a-w C:\Windows\System32\wuwebv.dll
    2008-01-10 05:50 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
    2008-01-04 21:59 524,288 ----a-w C:\Windows\System32\DivXsm.exe
    2008-01-04 21:58 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
    2008-01-04 21:58 200,704 ----a-w C:\Windows\System32\ssldivx.dll
    2008-01-04 21:58 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
    2008-01-04 21:57 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
    2008-01-04 21:57 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
    2008-01-04 21:57 81,920 ----a-w C:\Windows\System32\dpl100.dll
    2008-01-04 21:57 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
    2008-01-04 21:57 682,496 ----a-w C:\Windows\System32\DivX.dll
    2008-01-04 21:57 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
    2008-01-04 21:57 57,344 ----a-w C:\Windows\System32\dpv11.dll
    2008-01-04 21:57 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll
    2008-01-04 21:57 344,064 ----a-w C:\Windows\System32\dpus11.dll
    2008-01-04 21:57 294,912 ----a-w C:\Windows\System32\dpu11.dll
    2008-01-04 21:57 294,912 ----a-w C:\Windows\System32\dpu10.dll
    2008-01-04 21:57 196,608 ----a-w C:\Windows\System32\dtu100.dll
    2008-01-04 21:56 156,992 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe
    2008-01-04 21:56 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll
    2007-12-07 17:57 174 --sha-w C:\Program Files\desktop.ini
    2007-11-13 18:11 68,332,489 ----a-w C:\Program Files\openofficeorg3.cab
    2007-11-13 18:11 3,395,476 ----a-w C:\Program Files\openofficeorg4.cab
    2007-11-13 18:04 17,645,041 ----a-w C:\Program Files\openofficeorg2.cab
    2007-11-13 18:03 19,208,747 ----a-w C:\Program Files\openofficeorg1.cab
    2007-11-13 18:02 4,369,408 ----a-w C:\Program Files\openofficeorg23.msi
    2007-11-13 18:02 217 ----a-w C:\Program Files\setup.ini
    2004-07-22 09:51 3,432,656 ----a-w C:\Program Files\ManagedDX.CAB
    2004-07-19 21:58 1,156,363 ----a-w C:\Program Files\BDANT.cab
    2004-07-19 21:53 976,020 ----a-w C:\Program Files\BDAXP.cab
    2004-07-09 13:17 13,265,040 ----a-w C:\Program Files\dxnt.cab
    2004-07-09 08:13 703,080 ----a-w C:\Program Files\BDA.cab
    .

    ((((((((((((((((((((((((((((( snapshot@2008-04-26_18.28.23.62 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-04-26 16:22:21 67,584 --s-a-w C:\Windows\bootstat.dat
    + 2008-04-30 14:24:29 67,584 --s-a-w C:\Windows\bootstat.dat
    + 2008-04-30 14:24:29 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    + 2008-04-30 14:24:29 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    - 2008-04-26 16:13:31 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
    + 2008-04-30 14:39:38 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
    - 2008-04-26 16:22:53 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
    + 2008-04-30 14:25:59 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
    + 2008-04-30 14:25:59 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
    - 2008-04-26 16:19:35 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
    + 2008-04-30 15:30:22 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
    - 2008-04-26 16:22:53 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
    + 2008-04-30 14:26:04 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
    + 2008-04-30 14:26:04 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
    - 2008-04-26 16:23:22 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2008-04-30 14:58:46 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2008-04-26 16:23:22 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2008-04-30 14:58:46 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2008-04-26 16:23:22 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2008-04-30 14:58:46 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2008-04-26 16:01:38 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
    + 2008-04-30 14:22:39 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
    + 2008-04-30 14:22:39 262,144 ---ha-w C:\Windows\System32\config\systemprofile\ntuser.dat.LOG1
    - 2008-04-26 16:18:51 107,416 ----a-w C:\Windows\System32\perfc009.dat
    + 2008-04-30 14:30:56 107,416 ----a-w C:\Windows\System32\perfc009.dat
    - 2008-04-26 16:18:51 121,814 ----a-w C:\Windows\System32\perfc00C.dat
    + 2008-04-30 14:30:56 121,814 ----a-w C:\Windows\System32\perfc00C.dat
    - 2008-04-26 16:18:51 618,272 ----a-w C:\Windows\System32\perfh009.dat
    + 2008-04-30 14:30:56 618,272 ----a-w C:\Windows\System32\perfh009.dat
    - 2008-04-26 16:18:51 699,984 ----a-w C:\Windows\System32\perfh00C.dat
    + 2008-04-30 14:30:56 699,984 ----a-w C:\Windows\System32\perfh00C.dat
    - 2008-04-26 15:58:34 10,990 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3621014496-419229648-1526199216-1000_UserData.bin
    + 2008-04-30 14:26:24 11,302 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3621014496-419229648-1526199216-1000_UserData.bin
    - 2008-04-26 16:14:15 60,664 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
    + 2008-04-30 14:26:24 60,934 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
    - 2008-04-26 15:58:33 50,880 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
    + 2008-04-30 14:26:23 51,240 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
    .
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{267D2125-77C5-4FDD-B343-54C77A9D6E6A}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AC53EE7B-265C-4265-85F4-58DBD1DD7B7B}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-02-06 18:40 1232896]
    "cmds"="C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll" [ ]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-12-08 04:28 1006264]
    "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 17:01 65536]
    "KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 18:16 65536]
    "OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 13:59 118784]
    "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 17:36 178712]
    "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-08-27 20:59 86016]
    "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-08-27 20:59 8473120]
    "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-08-27 20:59 81920]
    "HP Health Check Scheduler"="[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [ ]
    "SunJavaUpdateReg"="C:\Windows\system32\jureg.exe" [2008-02-22 05:25 54672]
    "HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 17:24 54840]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 10:51 1836328]
    "LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-03-06 18:48 488984]
    "LogitechQuickCamRibbon"="C:\Program Files\Labtec\WebCam10\WebCam10.exe" [2007-03-06 18:58 1060376]
    "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 16:57 153136]
    "RtHDVCpl"="RtHDVCpl.exe" [2007-10-25 15:52 4702208 C:\Windows\RtHDVCpl.exe]
    "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-04-17 09:04 579584]
    "avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-04-02 10:35 327720]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-02-21 17:03 219136]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableLockWorkstation"= 0 (0x0)
    "DisableChangePassword"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoLogoff"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
    "Windows Printing Driver"= WinSpooler.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
    avgwlntf.dll 2008-02-21 17:04 9216 C:\Windows\System32\avgwlntf.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "msacm.l3codecp"= l3codecp.acm

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{0C1B9D83-7C06-4A28-91B0-07A36AA64670}"= c:\Program Files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
    "{7906CDA6-1DD0-45DD-911E-9F582507765F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "TCP Query User{2A7451E8-0A19-411A-8652-14C41A8DDCC0}C:\\program files\\limewire\\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire
    "UDP Query User{B0448270-EAAA-4E2B-8EA1-A770AE7BF97C}C:\\program files\\limewire\\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire
    "TCP Query User{06C92084-503E-4FE1-A911-55044D544B25}C:\\program files\\konami\\pro evolution soccer 6\\pes6.exe"= UDP:C:\program files\konami\pro evolution soccer 6\pes6.exe:p es6.exe
    "UDP Query User{0D45552C-E281-4940-B642-FC5ED42956AB}C:\\program files\\konami\\pro evolution soccer 6\\pes6.exe"= TCP:C:\program files\konami\pro evolution soccer 6\pes6.exe:p es6.exe
    "TCP Query User{999CC55C-DF47-4F8A-88AB-444C9ED771FA}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
    "UDP Query User{A0B5A50B-46DE-44CE-9515-9ADE4C69CBBE}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
    "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

    R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-03-29 19:31]
    R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
    R2 litsgt;litsgt;C:\Windows\system32\DRIVERS\litsgt.sys [2008-03-14 23:28]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43]
    R2 tansgt;tansgt;C:\Windows\system32\DRIVERS\tansgt.sys [2008-03-14 23:28]
    R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service;C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 22:55]
    R3 AvgWFP;AVG7 Firewall Driver x86;C:\Windows\system32\Drivers\avgwfp.sys [2008-03-13 11:52]
    S3 GameConsoleService;GameConsoleService;"C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe" [2008-01-29 19:09]
    S3 MBAMCatchMe;MBAMCatchMe;C:\Program Files\Malwarebytes' Anti-Malware\catchme.sys [2008-04-07 20:17]
    S3 PCD5SRVC{BD6912E3-AC9D80E8-05040000};PCD5SRVC{BD6912E3-AC9D80E8-05040000} - PCDR Kernel Mode Service Helper Driver;C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms [2007-09-13 03:35]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3da222d8-a52c-11dc-8ee6-806e6f6e6963}]
    \shell\AutoRun\command - E:\autorun.exe

    *Newly Created Service* - CATCHME
    .
    **************************************************************************

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-30 17:32:03
    Windows 6.0.6000 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 5

    **************************************************************************
    .
    Temps d'accomplissement: 2008-04-30 17:33:08
    ComboFix-quarantined-files.txt 2008-04-30 15:32:54
    ComboFix2.txt 2008-04-26 16:28:53

    Pre-Run: 338,634,063,872 octets libres
    Post-Run: 338,618,834,944 octets libres

    317 --- E O F --- 2008-04-30 08:08:14
    a b 8 Sécurité
    30 Avril 2008 17:46:55

    Euh t'as pas le CFScript :/ 
    30 Avril 2008 17:48:26

    Je recommence alors ^^
    30 Avril 2008 17:55:50

    ComboFix 08-04-24.1 - Owen & Ethan 2008-04-30 17:51:32.5 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.2042 [GMT 2:00]
    Endroit: C:\Users\Owen & Ethan\Desktop\ComboFix.exe
    Command switches used :: C:\Users\Owen & Ethan\Desktop\CFScript.txt
    * Création d'un nouveau point de restauration
    .

    ((((((((((((((((((((((((((((( Fichiers créés 2008-03-28 to 2008-04-30 ))))))))))))))))))))))))))))))))))))
    .

    2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\Malwarebytes
    2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\Users\All Users\Malwarebytes
    2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\ProgramData\Malwarebytes
    2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-04-30 13:03 . 2008-04-30 13:03 417,792 --a------ C:\Users\Owen & Ethan\GL4JavbJauGljJNI14.dll
    2008-04-29 13:35 . 2008-04-29 13:35 <REP> d-------- C:\Program Files\MZ Manager 2
    2008-04-27 22:45 . 2008-04-27 22:45 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\vlc
    2008-04-27 22:44 . 2008-04-27 22:44 <REP> d-------- C:\Program Files\VideoLAN
    2008-04-26 16:21 . 2008-04-26 16:21 <REP> d-------- C:\Windows\BDOSCAN8
    2008-04-26 15:56 . 2008-04-26 16:14 <REP> d----c--- C:\Windows\System32\DRVSTORE
    2008-04-26 14:53 . 2008-04-26 14:53 1,160 --a------ C:\Windows\mozver.dat
    2008-04-26 10:22 . 2008-04-26 17:53 <REP> d-------- C:\Program Files\Navilog1
    2008-04-25 16:23 . 2008-04-25 16:23 <REP> d-------- C:\Program Files\Lavasoft
    2008-04-25 16:22 . 2008-04-25 16:22 <REP> d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2008-04-25 15:29 . 2008-04-25 15:30 <REP> d-------- C:\Users\All Users\AntiVir PersonalEdition Classic
    2008-04-25 15:29 . 2008-04-25 15:30 <REP> d-------- C:\ProgramData\AntiVir PersonalEdition Classic
    2008-04-23 17:13 . 2008-04-23 17:13 <REP> d-------- C:\Program Files\San Andreas Mod Installer
    2008-04-23 11:50 . 2008-04-23 11:47 691,545 --a------ C:\Windows\unins000.exe
    2008-04-23 11:50 . 2008-04-23 11:50 2,545 --a------ C:\Windows\unins000.dat
    2008-04-17 16:42 . 2008-04-17 16:42 <REP> d-------- C:\Program Files\Canal
    2008-04-17 16:41 . 2008-04-17 16:41 <REP> d-------- C:\Program Files\Common Files\Adobe AIR
    2008-04-10 16:56 . 2008-03-05 15:56 3,786,760 --a------ C:\Windows\System32\D3DX9_37.dll
    2008-04-10 16:56 . 2008-03-05 15:56 1,420,824 --a------ C:\Windows\System32\D3DCompiler_37.dll
    2008-04-10 16:56 . 2008-03-05 16:03 479,752 --a------ C:\Windows\System32\XAudio2_0.dll
    2008-04-10 16:56 . 2008-02-05 23:07 462,864 --a------ C:\Windows\System32\d3dx10_37.dll
    2008-04-10 16:56 . 2008-03-05 16:03 238,088 --a------ C:\Windows\System32\xactengine3_0.dll
    2008-04-10 16:56 . 2008-03-05 16:00 25,608 --a------ C:\Windows\System32\X3DAudio1_3.dll
    2008-04-09 18:52 . 2008-04-09 18:52 <REP> d-------- C:\Users\All Users\Media Center Programs
    2008-04-09 18:52 . 2008-04-09 18:52 <REP> d-------- C:\ProgramData\Media Center Programs
    2008-04-09 18:46 . 2008-04-09 18:54 <REP> d-------- C:\Program Files\Tomb Raider - Anniversary
    2008-04-09 18:46 . 2008-02-29 06:16 2,027,008 --a------ C:\Windows\System32\win32k.sys
    2008-04-09 18:46 . 2008-02-15 01:19 944,184 --a------ C:\Windows\System32\winload.exe
    2008-04-09 18:46 . 2008-02-19 07:10 620,088 --a------ C:\Windows\System32\ci.dll
    2008-04-09 18:46 . 2008-02-29 08:39 371,712 --a------ C:\Windows\System32\srcore.dll
    2008-04-09 18:46 . 2008-02-29 08:38 313,856 --a------ C:\Windows\System32\rstrui.exe
    2008-04-09 18:46 . 2008-02-29 08:51 19,000 --a------ C:\Windows\System32\kd1394.dll
    2008-04-09 18:45 . 2008-02-29 08:39 40,960 --a------ C:\Windows\System32\srclient.dll
    2008-04-09 18:45 . 2008-02-29 08:38 16,384 --a------ C:\Windows\System32\srdelayed.exe
    2008-04-09 18:45 . 2008-02-29 08:34 7,168 --a------ C:\Windows\System32\f3ahvoas.dll
    2008-04-09 18:45 . 2008-02-29 08:35 6,656 --a------ C:\Windows\System32\kbd106n.dll
    2008-04-09 18:44 . 2008-02-21 06:43 296,448 --a------ C:\Windows\System32\gdi32.dll
    2008-04-09 18:44 . 2007-12-16 13:49 84,480 --a------ C:\Windows\System32\dnsrslvr.dll
    2008-04-09 18:44 . 2007-12-16 11:41 24,576 --a------ C:\Windows\System32\dnscacheugc.exe
    2008-04-08 23:31 . 2008-04-08 23:31 <REP> d-------- C:\Users\votre nom d'utilisateur\Mes documents
    2008-04-08 23:31 . 2008-04-08 23:31 <REP> d-------- C:\Users\votre nom d'utilisateur
    2008-04-02 21:41 . 2008-04-02 21:41 69 --a------ C:\Windows\NeroDigital.ini
    2008-04-02 13:09 . 2008-04-02 13:09 303 --a------ C:\Windows\ST6UNST.001
    2008-04-02 13:08 . 2008-04-02 13:09 5,144 --a------ C:\Windows\SETUP.LST
    2008-04-02 13:08 . 2008-04-02 13:08 303 --a------ C:\Windows\ST6UNST.000
    2008-03-30 16:54 . 2008-03-30 16:54 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\Talkback
    2008-03-30 15:43 . 2008-03-30 15:43 <REP> d-------- C:\Users\All Users\eMule
    2008-03-30 15:43 . 2008-03-30 15:43 <REP> d-------- C:\ProgramData\eMule
    2008-03-30 15:43 . 2008-03-30 15:43 <REP> d-------- C:\Program Files\eMule
    2008-03-30 14:39 . 2008-03-30 14:39 <REP> d-------- C:\Windows\System32\URTTEMP
    2008-03-30 00:30 . 2008-04-23 17:13 <REP> d-------- C:\Windows\San Andreas Mod Installer
    2008-03-29 23:05 . 2008-03-29 23:26 524,288 --ahs---- C:\Users\Owen & Ethan\ntuser.dat{883e363f-fdce-11dc-8444-001e8c5b18f3}.TMContainer00000000000000000002.regtrans-ms
    2008-03-29 23:05 . 2008-03-29 23:26 524,288 --ahs---- C:\Users\Owen & Ethan\ntuser.dat{883e363f-fdce-11dc-8444-001e8c5b18f3}.TMContainer00000000000000000001.regtrans-ms
    2008-03-29 23:05 . 2008-03-29 23:26 65,536 --ahs---- C:\Users\Owen & Ethan\ntuser.dat{883e363f-fdce-11dc-8444-001e8c5b18f3}.TM.blf
    2008-03-28 19:01 . 2008-03-28 19:01 <REP> d-------- C:\Program Files\AC3Filter
    2008-03-27 18:14 . 2008-03-27 18:14 <REP> d-------- C:\Program Files\DkZ Studio
    2008-03-21 11:07 . 2008-03-21 11:58 <REP> d-------- C:\Program Files\Common Files\Real
    2008-03-19 18:38 . 2008-03-27 17:45 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\IDM
    2008-03-19 18:38 . 2008-03-27 17:44 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\DMCache
    2008-03-19 18:38 . 2008-03-27 17:47 <REP> d-------- C:\Program Files\Internet Download Manager
    2008-03-14 23:28 . 2008-03-14 23:28 137,344 --a------ C:\Windows\System32\drivers\litsgt.sys
    2008-03-14 23:28 . 2008-03-14 23:28 12,032 --a------ C:\Windows\System32\drivers\tansgt.sys
    2008-03-14 23:25 . 2008-03-14 23:25 <REP> d-------- C:\Program Files\Atari
    2008-03-11 19:36 . 2007-12-17 00:50 1,060,920 --a------ C:\Windows\System32\drivers\ntfs.sys
    2008-03-11 19:36 . 2007-12-16 11:56 41,984 --a------ C:\Windows\System32\drivers\monitor.sys
    2008-03-08 18:52 . 2008-02-22 05:25 54,672 --a------ C:\Windows\System32\jureg.exe
    2008-03-03 19:35 . 2008-03-03 19:35 98,304 --a------ C:\Windows\System32\CmdLineExt.dll
    2008-03-03 19:27 . 2008-03-03 19:33 <REP> d-------- C:\Program Files\Tomb Raider - Legend
    2008-03-03 19:23 . 2008-03-03 19:23 <REP> d-------- C:\Program Files\Core Design
    2008-03-03 19:23 . 1999-08-03 11:50 172,032 --a------ C:\Windows\System32\binkw32.dll
    2008-03-03 11:53 . 2008-03-03 12:10 <REP> d-------- C:\RAY
    2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\Users\Public\CyberLink
    2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\CyberLink
    2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\Users\All Users\CyberLink
    2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\ProgramData\CyberLink

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-04-30 14:25 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\AVG7
    2008-04-30 13:18 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\OpenOffice.org2
    2008-04-29 13:14 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\LimeWire
    2008-04-26 14:14 --------- d-----w C:\Program Files\Common Files\PX Storage Engine
    2008-04-23 14:10 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
    2008-04-23 09:55 --------- d-----w C:\Program Files\Spybot - Search & Destroy
    2008-04-10 08:03 --------- d-----w C:\Program Files\Windows Mail
    2008-04-08 12:41 --------- d-----w C:\Program Files\PhotoFiltre
    2008-04-07 10:26 --------- d-----w C:\Program Files\Drawing for Children
    2008-04-07 10:25 733,696 ----a-w C:\Windows\GPInstall.exe
    2008-04-02 18:22 --------- d-----w C:\Users\fred\AppData\Roaming\AVG7
    2008-03-31 09:23 --------- d-----w C:\Program Files\SlySoft
    2008-03-29 21:01 --------- d-----w C:\ProgramData\avg7
    2008-03-29 20:02 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-03-14 16:03 278,984 ----a-w C:\Windows\system32\drivers\atksgt.sys
    2008-03-13 09:52 53,768 ----a-w C:\Windows\system32\drivers\avgwfp.sys
    2008-03-08 16:52 --------- d-----w C:\Program Files\Java
    2008-03-07 14:42 --------- d-----w C:\ProgramData\DVD Shrink
    2008-02-22 03:25 329,104 ----a-w C:\Windows\System32\jucheck.exe
    2008-02-21 15:04 9,216 ----a-w C:\Windows\System32\avgwlntf.dll
    2008-02-21 11:31 37,888 ----a-w C:\Windows\System32\rar.exe
    2008-02-21 04:43 826,368 ----a-w C:\Windows\System32\wininet.dll
    2008-02-21 04:43 56,320 ----a-w C:\Windows\System32\iesetup.dll
    2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
    2008-02-21 04:43 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
    2008-02-14 09:11 194,560 ----a-w C:\Windows\System32\WebClnt.dll
    2008-02-14 09:08 3,505,720 ----a-w C:\Windows\System32\ntkrnlpa.exe
    2008-02-14 09:08 3,471,928 ----a-w C:\Windows\System32\ntoskrnl.exe
    2008-02-14 09:07 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
    2008-02-14 09:07 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
    2008-02-14 09:07 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
    2008-02-14 09:07 24,064 ----a-w C:\Windows\System32\netcfg.exe
    2008-02-14 09:07 22,016 ----a-w C:\Windows\System32\netiougc.exe
    2008-02-14 09:07 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
    2008-02-14 09:07 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
    2008-02-14 09:07 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
    2008-02-14 09:07 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
    2008-02-14 09:07 1,686,528 ----a-w C:\Windows\System32\gameux.dll
    2008-02-09 15:15 194 ----a-w C:\Users\Owen & Ethan\AppData\Roaming\wklnhst.dat
    2008-02-07 11:15 92,160 ----a-w C:\Windows\System32\ezUninst.exe
    2008-02-07 11:15 85,504 ----a-w C:\Windows\System32\ezShellStart.exe
    2008-02-07 11:15 49,152 ----a-w C:\Windows\System32\ezUPBHook.dll
    2008-02-07 11:15 33,792 ----a-w C:\Windows\System32\ezntsvc.exe
    2008-02-07 11:15 241,664 ----a-w C:\Windows\System32\ezSetup.exe
    2008-02-07 11:15 15,360 ----a-w C:\Windows\System32\ezMAPIHelper.exe
    2008-02-06 16:43 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
    2008-02-06 16:43 67,584 ----a-w C:\Windows\System32\wlanhlp.dll
    2008-02-06 16:43 542,720 ----a-w C:\Windows\System32\sysmain.dll
    2008-02-06 16:43 502,784 ----a-w C:\Windows\System32\wlansvc.dll
    2008-02-06 16:43 47,104 ----a-w C:\Windows\System32\wlanapi.dll
    2008-02-06 16:43 297,984 ----a-w C:\Windows\System32\wlansec.dll
    2008-02-06 16:43 290,816 ----a-w C:\Windows\System32\wlanmsm.dll
    2008-02-06 16:43 24,064 ----a-w C:\Windows\System32\wtsapi32.dll
    2008-02-06 16:43 2,923,520 ----a-w C:\Windows\explorer.exe
    2008-02-06 16:41 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
    2008-02-06 16:41 223,232 ----a-w C:\Windows\System32\WMASF.DLL
    2008-02-06 16:41 2,048 ----a-w C:\Windows\System32\asferror.dll
    2008-02-06 16:41 1,327,104 ----a-w C:\Windows\System32\quartz.dll
    2008-02-06 16:40 11,776 ----a-w C:\Windows\System32\sbunattend.exe
    2008-02-06 16:38 2,048 ----a-w C:\Windows\System32\tzres.dll
    2008-02-06 16:31 53,080 ----a-w C:\Windows\System32\wuauclt.exe
    2008-02-06 16:31 43,352 ----a-w C:\Windows\System32\wups2.dll
    2008-02-06 16:31 1,712,984 ----a-w C:\Windows\System32\wuaueng.dll
    2008-02-06 16:31 1,524,224 ----a-w C:\Windows\System32\wucltux.dll
    2008-02-06 16:30 80,896 ----a-w C:\Windows\System32\wudriver.dll
    2008-02-06 16:30 549,720 ----a-w C:\Windows\System32\wuapi.dll
    2008-02-06 16:30 33,624 ----a-w C:\Windows\System32\wups.dll
    2008-02-06 16:30 31,232 ----a-w C:\Windows\System32\wuapp.exe
    2008-02-06 16:30 163,000 ----a-w C:\Windows\System32\wuwebv.dll
    2008-01-10 05:50 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
    2008-01-04 21:59 524,288 ----a-w C:\Windows\System32\DivXsm.exe
    2008-01-04 21:58 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
    2008-01-04 21:58 200,704 ----a-w C:\Windows\System32\ssldivx.dll
    2008-01-04 21:58 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
    2008-01-04 21:57 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
    2008-01-04 21:57 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
    2008-01-04 21:57 81,920 ----a-w C:\Windows\System32\dpl100.dll
    2008-01-04 21:57 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
    2008-01-04 21:57 682,496 ----a-w C:\Windows\System32\DivX.dll
    2008-01-04 21:57 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
    2008-01-04 21:57 57,344 ----a-w C:\Windows\System32\dpv11.dll
    2008-01-04 21:57 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll
    2008-01-04 21:57 344,064 ----a-w C:\Windows\System32\dpus11.dll
    2008-01-04 21:57 294,912 ----a-w C:\Windows\System32\dpu11.dll
    2008-01-04 21:57 294,912 ----a-w C:\Windows\System32\dpu10.dll
    2008-01-04 21:57 196,608 ----a-w C:\Windows\System32\dtu100.dll
    2008-01-04 21:56 156,992 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe
    2008-01-04 21:56 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll
    2007-12-07 17:57 174 --sha-w C:\Program Files\desktop.ini
    2007-11-13 18:11 68,332,489 ----a-w C:\Program Files\openofficeorg3.cab
    2007-11-13 18:11 3,395,476 ----a-w C:\Program Files\openofficeorg4.cab
    2007-11-13 18:04 17,645,041 ----a-w C:\Program Files\openofficeorg2.cab
    2007-11-13 18:03 19,208,747 ----a-w C:\Program Files\openofficeorg1.cab
    2007-11-13 18:02 4,369,408 ----a-w C:\Program Files\openofficeorg23.msi
    2007-11-13 18:02 217 ----a-w C:\Program Files\setup.ini
    2004-07-22 09:51 3,432,656 ----a-w C:\Program Files\ManagedDX.CAB
    2004-07-19 21:58 1,156,363 ----a-w C:\Program Files\BDANT.cab
    2004-07-19 21:53 976,020 ----a-w C:\Program Files\BDAXP.cab
    2004-07-09 13:17 13,265,040 ----a-w C:\Program Files\dxnt.cab
    2004-07-09 08:13 703,080 ----a-w C:\Program Files\BDA.cab
    .

    ((((((((((((((((((((((((((((( snapshot_2008-04-30_17.32.39,72 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-04-30 14:39:38 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
    + 2008-04-30 15:39:39 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
    - 2008-04-30 15:30:22 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
    + 2008-04-30 15:51:12 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{267D2125-77C5-4FDD-B343-54C77A9D6E6A}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AC53EE7B-265C-4265-85F4-58DBD1DD7B7B}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-02-06 18:40 1232896]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-12-08 04:28 1006264]
    "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 17:01 65536]
    "KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 18:16 65536]
    "OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 13:59 118784]
    "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 17:36 178712]
    "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-08-27 20:59 86016]
    "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-08-27 20:59 8473120]
    "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-08-27 20:59 81920]
    "HP Health Check Scheduler"="[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [ ]
    "SunJavaUpdateReg"="C:\Windows\system32\jureg.exe" [2008-02-22 05:25 54672]
    "HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 17:24 54840]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 10:51 1836328]
    "LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-03-06 18:48 488984]
    "LogitechQuickCamRibbon"="C:\Program Files\Labtec\WebCam10\WebCam10.exe" [2007-03-06 18:58 1060376]
    "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 16:57 153136]
    "RtHDVCpl"="RtHDVCpl.exe" [2007-10-25 15:52 4702208 C:\Windows\RtHDVCpl.exe]
    "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-04-17 09:04 579584]
    "avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-04-02 10:35 327720]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-02-21 17:03 219136]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableLockWorkstation"= 0 (0x0)
    "DisableChangePassword"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoLogoff"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
    "Windows Printing Driver"= WinSpooler.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
    avgwlntf.dll 2008-02-21 17:04 9216 C:\Windows\System32\avgwlntf.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "msacm.l3codecp"= l3codecp.acm

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{0C1B9D83-7C06-4A28-91B0-07A36AA64670}"= c:\Program Files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
    "{7906CDA6-1DD0-45DD-911E-9F582507765F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "TCP Query User{2A7451E8-0A19-411A-8652-14C41A8DDCC0}C:\\program files\\limewire\\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire
    "UDP Query User{B0448270-EAAA-4E2B-8EA1-A770AE7BF97C}C:\\program files\\limewire\\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire
    "TCP Query User{06C92084-503E-4FE1-A911-55044D544B25}C:\\program files\\konami\\pro evolution soccer 6\\pes6.exe"= UDP:C:\program files\konami\pro evolution soccer 6\pes6.exe:p es6.exe
    "UDP Query User{0D45552C-E281-4940-B642-FC5ED42956AB}C:\\program files\\konami\\pro evolution soccer 6\\pes6.exe"= TCP:C:\program files\konami\pro evolution soccer 6\pes6.exe:p es6.exe
    "TCP Query User{999CC55C-DF47-4F8A-88AB-444C9ED771FA}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
    "UDP Query User{A0B5A50B-46DE-44CE-9515-9ADE4C69CBBE}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
    "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

    R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-03-29 19:31]
    R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
    R2 litsgt;litsgt;C:\Windows\system32\DRIVERS\litsgt.sys [2008-03-14 23:28]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43]
    R2 tansgt;tansgt;C:\Windows\system32\DRIVERS\tansgt.sys [2008-03-14 23:28]
    R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service;C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 22:55]
    R3 AvgWFP;AVG7 Firewall Driver x86;C:\Windows\system32\Drivers\avgwfp.sys [2008-03-13 11:52]
    S3 GameConsoleService;GameConsoleService;"C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe" [2008-01-29 19:09]
    S3 MBAMCatchMe;MBAMCatchMe;C:\Program Files\Malwarebytes' Anti-Malware\catchme.sys [2008-04-07 20:17]
    S3 PCD5SRVC{BD6912E3-AC9D80E8-05040000};PCD5SRVC{BD6912E3-AC9D80E8-05040000} - PCDR Kernel Mode Service Helper Driver;C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms [2007-09-13 03:35]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3da222d8-a52c-11dc-8ee6-806e6f6e6963}]
    \shell\AutoRun\command - E:\autorun.exe

    *Newly Created Service* - CATCHME
    .
    **************************************************************************

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-30 17:52:41
    Windows 6.0.6000 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-04-30 17:53:33
    ComboFix-quarantined-files.txt 2008-04-30 15:53:24
    ComboFix2.txt 2008-04-30 15:43:46
    ComboFix3.txt 2008-04-30 15:33:09
    ComboFix4.txt 2008-04-26 16:28:53

    Pre-Run: 336,864,473,088 octets libres
    Post-Run: 336,834,166,784 octets libres

    285 --- E O F --- 2008-04-30 08:08:14
    a b 8 Sécurité
    30 Avril 2008 17:58:09

    Tu peux installer Combofix et CFScript à la racine de ton disque (C:\) ?
    30 Avril 2008 18:15:45

    Je ne parviens pas à choisir l'endroit où télécharger donc j'ai copié le ComboFix du bureau et coller dans C:\, j'ai recréé ton bloc-note et glissé dans C:`\
    Maintenant, je réessaie la manip' et je te dis quoi ! :p 
    30 Avril 2008 18:20:30

    ComboFix 08-04-24.1 - Owen & Ethan 2008-04-30 18:16:45.6 - NTFSx86
    Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.2113 [GMT 2:00]
    Endroit: C:\ComboFix.exe
    Command switches used :: C:\CFScript.txt
    * Création d'un nouveau point de restauration

    FILE ::
    C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll
    .

    ((((((((((((((((((((((((((((( Fichiers créés 2008-03-28 to 2008-04-30 ))))))))))))))))))))))))))))))))))))
    .

    2008-04-30 18:11 . 2008-04-26 18:00 1,776,413 --a------ C:\ComboFix.exe
    2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\Malwarebytes
    2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\Users\All Users\Malwarebytes
    2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\ProgramData\Malwarebytes
    2008-04-30 15:17 . 2008-04-30 15:17 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-04-30 13:03 . 2008-04-30 13:03 417,792 --a------ C:\Users\Owen & Ethan\GL4JavbJauGljJNI14.dll
    2008-04-29 13:35 . 2008-04-29 13:35 <REP> d-------- C:\Program Files\MZ Manager 2
    2008-04-27 22:45 . 2008-04-27 22:45 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\vlc
    2008-04-27 22:44 . 2008-04-27 22:44 <REP> d-------- C:\Program Files\VideoLAN
    2008-04-26 16:21 . 2008-04-26 16:21 <REP> d-------- C:\Windows\BDOSCAN8
    2008-04-26 15:56 . 2008-04-26 16:14 <REP> d----c--- C:\Windows\System32\DRVSTORE
    2008-04-26 14:53 . 2008-04-26 14:53 1,160 --a------ C:\Windows\mozver.dat
    2008-04-26 10:22 . 2008-04-26 17:53 <REP> d-------- C:\Program Files\Navilog1
    2008-04-25 16:23 . 2008-04-25 16:23 <REP> d-------- C:\Program Files\Lavasoft
    2008-04-25 16:22 . 2008-04-25 16:22 <REP> d-------- C:\Program Files\Common Files\Wise Installation Wizard
    2008-04-25 15:29 . 2008-04-25 15:30 <REP> d-------- C:\Users\All Users\AntiVir PersonalEdition Classic
    2008-04-25 15:29 . 2008-04-25 15:30 <REP> d-------- C:\ProgramData\AntiVir PersonalEdition Classic
    2008-04-23 17:13 . 2008-04-23 17:13 <REP> d-------- C:\Program Files\San Andreas Mod Installer
    2008-04-23 11:50 . 2008-04-23 11:47 691,545 --a------ C:\Windows\unins000.exe
    2008-04-23 11:50 . 2008-04-23 11:50 2,545 --a------ C:\Windows\unins000.dat
    2008-04-17 16:42 . 2008-04-17 16:42 <REP> d-------- C:\Program Files\Canal
    2008-04-17 16:41 . 2008-04-17 16:41 <REP> d-------- C:\Program Files\Common Files\Adobe AIR
    2008-04-10 16:56 . 2008-03-05 15:56 3,786,760 --a------ C:\Windows\System32\D3DX9_37.dll
    2008-04-10 16:56 . 2008-03-05 15:56 1,420,824 --a------ C:\Windows\System32\D3DCompiler_37.dll
    2008-04-10 16:56 . 2008-03-05 16:03 479,752 --a------ C:\Windows\System32\XAudio2_0.dll
    2008-04-10 16:56 . 2008-02-05 23:07 462,864 --a------ C:\Windows\System32\d3dx10_37.dll
    2008-04-10 16:56 . 2008-03-05 16:03 238,088 --a------ C:\Windows\System32\xactengine3_0.dll
    2008-04-10 16:56 . 2008-03-05 16:00 25,608 --a------ C:\Windows\System32\X3DAudio1_3.dll
    2008-04-09 18:52 . 2008-04-09 18:52 <REP> d-------- C:\Users\All Users\Media Center Programs
    2008-04-09 18:52 . 2008-04-09 18:52 <REP> d-------- C:\ProgramData\Media Center Programs
    2008-04-09 18:46 . 2008-04-09 18:54 <REP> d-------- C:\Program Files\Tomb Raider - Anniversary
    2008-04-09 18:46 . 2008-02-29 06:16 2,027,008 --a------ C:\Windows\System32\win32k.sys
    2008-04-09 18:46 . 2008-02-15 01:19 944,184 --a------ C:\Windows\System32\winload.exe
    2008-04-09 18:46 . 2008-02-19 07:10 620,088 --a------ C:\Windows\System32\ci.dll
    2008-04-09 18:46 . 2008-02-29 08:39 371,712 --a------ C:\Windows\System32\srcore.dll
    2008-04-09 18:46 . 2008-02-29 08:38 313,856 --a------ C:\Windows\System32\rstrui.exe
    2008-04-09 18:46 . 2008-02-29 08:51 19,000 --a------ C:\Windows\System32\kd1394.dll
    2008-04-09 18:45 . 2008-02-29 08:39 40,960 --a------ C:\Windows\System32\srclient.dll
    2008-04-09 18:45 . 2008-02-29 08:38 16,384 --a------ C:\Windows\System32\srdelayed.exe
    2008-04-09 18:45 . 2008-02-29 08:34 7,168 --a------ C:\Windows\System32\f3ahvoas.dll
    2008-04-09 18:45 . 2008-02-29 08:35 6,656 --a------ C:\Windows\System32\kbd106n.dll
    2008-04-09 18:44 . 2008-02-21 06:43 296,448 --a------ C:\Windows\System32\gdi32.dll
    2008-04-09 18:44 . 2007-12-16 13:49 84,480 --a------ C:\Windows\System32\dnsrslvr.dll
    2008-04-09 18:44 . 2007-12-16 11:41 24,576 --a------ C:\Windows\System32\dnscacheugc.exe
    2008-04-08 23:31 . 2008-04-08 23:31 <REP> d-------- C:\Users\votre nom d'utilisateur\Mes documents
    2008-04-08 23:31 . 2008-04-08 23:31 <REP> d-------- C:\Users\votre nom d'utilisateur
    2008-04-02 21:41 . 2008-04-02 21:41 69 --a------ C:\Windows\NeroDigital.ini
    2008-04-02 13:09 . 2008-04-02 13:09 303 --a------ C:\Windows\ST6UNST.001
    2008-04-02 13:08 . 2008-04-02 13:09 5,144 --a------ C:\Windows\SETUP.LST
    2008-04-02 13:08 . 2008-04-02 13:08 303 --a------ C:\Windows\ST6UNST.000
    2008-03-30 16:54 . 2008-03-30 16:54 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\Talkback
    2008-03-30 15:43 . 2008-03-30 15:43 <REP> d-------- C:\Users\All Users\eMule
    2008-03-30 15:43 . 2008-03-30 15:43 <REP> d-------- C:\ProgramData\eMule
    2008-03-30 15:43 . 2008-03-30 15:43 <REP> d-------- C:\Program Files\eMule
    2008-03-30 14:39 . 2008-03-30 14:39 <REP> d-------- C:\Windows\System32\URTTEMP
    2008-03-30 00:30 . 2008-04-23 17:13 <REP> d-------- C:\Windows\San Andreas Mod Installer
    2008-03-29 23:05 . 2008-03-29 23:26 524,288 --ahs---- C:\Users\Owen & Ethan\ntuser.dat{883e363f-fdce-11dc-8444-001e8c5b18f3}.TMContainer00000000000000000002.regtrans-ms
    2008-03-29 23:05 . 2008-03-29 23:26 524,288 --ahs---- C:\Users\Owen & Ethan\ntuser.dat{883e363f-fdce-11dc-8444-001e8c5b18f3}.TMContainer00000000000000000001.regtrans-ms
    2008-03-29 23:05 . 2008-03-29 23:26 65,536 --ahs---- C:\Users\Owen & Ethan\ntuser.dat{883e363f-fdce-11dc-8444-001e8c5b18f3}.TM.blf
    2008-03-28 19:01 . 2008-03-28 19:01 <REP> d-------- C:\Program Files\AC3Filter
    2008-03-27 18:14 . 2008-03-27 18:14 <REP> d-------- C:\Program Files\DkZ Studio
    2008-03-21 11:07 . 2008-03-21 11:58 <REP> d-------- C:\Program Files\Common Files\Real
    2008-03-19 18:38 . 2008-03-27 17:45 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\IDM
    2008-03-19 18:38 . 2008-03-27 17:44 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\DMCache
    2008-03-19 18:38 . 2008-03-27 17:47 <REP> d-------- C:\Program Files\Internet Download Manager
    2008-03-14 23:28 . 2008-03-14 23:28 137,344 --a------ C:\Windows\System32\drivers\litsgt.sys
    2008-03-14 23:28 . 2008-03-14 23:28 12,032 --a------ C:\Windows\System32\drivers\tansgt.sys
    2008-03-14 23:25 . 2008-03-14 23:25 <REP> d-------- C:\Program Files\Atari
    2008-03-11 19:36 . 2007-12-17 00:50 1,060,920 --a------ C:\Windows\System32\drivers\ntfs.sys
    2008-03-11 19:36 . 2007-12-16 11:56 41,984 --a------ C:\Windows\System32\drivers\monitor.sys
    2008-03-08 18:52 . 2008-02-22 05:25 54,672 --a------ C:\Windows\System32\jureg.exe
    2008-03-03 19:35 . 2008-03-03 19:35 98,304 --a------ C:\Windows\System32\CmdLineExt.dll
    2008-03-03 19:27 . 2008-03-03 19:33 <REP> d-------- C:\Program Files\Tomb Raider - Legend
    2008-03-03 19:23 . 2008-03-03 19:23 <REP> d-------- C:\Program Files\Core Design
    2008-03-03 19:23 . 1999-08-03 11:50 172,032 --a------ C:\Windows\System32\binkw32.dll
    2008-03-03 11:53 . 2008-03-03 12:10 <REP> d-------- C:\RAY
    2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\Users\Public\CyberLink
    2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\Users\Owen & Ethan\AppData\Roaming\CyberLink
    2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\Users\All Users\CyberLink
    2008-03-02 22:36 . 2008-03-02 22:36 <REP> d-------- C:\ProgramData\CyberLink

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-04-30 14:25 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\AVG7
    2008-04-30 13:18 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\OpenOffice.org2
    2008-04-29 13:14 --------- d-----w C:\Users\Owen & Ethan\AppData\Roaming\LimeWire
    2008-04-26 14:14 --------- d-----w C:\Program Files\Common Files\PX Storage Engine
    2008-04-23 14:10 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
    2008-04-23 09:55 --------- d-----w C:\Program Files\Spybot - Search & Destroy
    2008-04-10 08:03 --------- d-----w C:\Program Files\Windows Mail
    2008-04-08 12:41 --------- d-----w C:\Program Files\PhotoFiltre
    2008-04-07 10:26 --------- d-----w C:\Program Files\Drawing for Children
    2008-04-07 10:25 733,696 ----a-w C:\Windows\GPInstall.exe
    2008-04-02 18:22 --------- d-----w C:\Users\fred\AppData\Roaming\AVG7
    2008-03-31 09:23 --------- d-----w C:\Program Files\SlySoft
    2008-03-29 21:01 --------- d-----w C:\ProgramData\avg7
    2008-03-29 20:02 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-03-14 16:03 278,984 ----a-w C:\Windows\system32\drivers\atksgt.sys
    2008-03-13 09:52 53,768 ----a-w C:\Windows\system32\drivers\avgwfp.sys
    2008-03-08 16:52 --------- d-----w C:\Program Files\Java
    2008-03-07 14:42 --------- d-----w C:\ProgramData\DVD Shrink
    2008-02-22 03:25 329,104 ----a-w C:\Windows\System32\jucheck.exe
    2008-02-21 15:04 9,216 ----a-w C:\Windows\System32\avgwlntf.dll
    2008-02-21 11:31 37,888 ----a-w C:\Windows\System32\rar.exe
    2008-02-21 04:43 826,368 ----a-w C:\Windows\System32\wininet.dll
    2008-02-21 04:43 56,320 ----a-w C:\Windows\System32\iesetup.dll
    2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
    2008-02-21 04:43 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
    2008-02-14 09:11 194,560 ----a-w C:\Windows\System32\WebClnt.dll
    2008-02-14 09:08 3,505,720 ----a-w C:\Windows\System32\ntkrnlpa.exe
    2008-02-14 09:08 3,471,928 ----a-w C:\Windows\System32\ntoskrnl.exe
    2008-02-14 09:07 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
    2008-02-14 09:07 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
    2008-02-14 09:07 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
    2008-02-14 09:07 24,064 ----a-w C:\Windows\System32\netcfg.exe
    2008-02-14 09:07 22,016 ----a-w C:\Windows\System32\netiougc.exe
    2008-02-14 09:07 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
    2008-02-14 09:07 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
    2008-02-14 09:07 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
    2008-02-14 09:07 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
    2008-02-14 09:07 1,686,528 ----a-w C:\Windows\System32\gameux.dll
    2008-02-09 15:15 194 ----a-w C:\Users\Owen & Ethan\AppData\Roaming\wklnhst.dat
    2008-02-07 11:15 92,160 ----a-w C:\Windows\System32\ezUninst.exe
    2008-02-07 11:15 85,504 ----a-w C:\Windows\System32\ezShellStart.exe
    2008-02-07 11:15 49,152 ----a-w C:\Windows\System32\ezUPBHook.dll
    2008-02-07 11:15 33,792 ----a-w C:\Windows\System32\ezntsvc.exe
    2008-02-07 11:15 241,664 ----a-w C:\Windows\System32\ezSetup.exe
    2008-02-07 11:15 15,360 ----a-w C:\Windows\System32\ezMAPIHelper.exe
    2008-02-06 16:43 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
    2008-02-06 16:43 67,584 ----a-w C:\Windows\System32\wlanhlp.dll
    2008-02-06 16:43 542,720 ----a-w C:\Windows\System32\sysmain.dll
    2008-02-06 16:43 502,784 ----a-w C:\Windows\System32\wlansvc.dll
    2008-02-06 16:43 47,104 ----a-w C:\Windows\System32\wlanapi.dll
    2008-02-06 16:43 297,984 ----a-w C:\Windows\System32\wlansec.dll
    2008-02-06 16:43 290,816 ----a-w C:\Windows\System32\wlanmsm.dll
    2008-02-06 16:43 24,064 ----a-w C:\Windows\System32\wtsapi32.dll
    2008-02-06 16:43 2,923,520 ----a-w C:\Windows\explorer.exe
    2008-02-06 16:41 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
    2008-02-06 16:41 223,232 ----a-w C:\Windows\System32\WMASF.DLL
    2008-02-06 16:41 2,048 ----a-w C:\Windows\System32\asferror.dll
    2008-02-06 16:41 1,327,104 ----a-w C:\Windows\System32\quartz.dll
    2008-02-06 16:40 11,776 ----a-w C:\Windows\System32\sbunattend.exe
    2008-02-06 16:38 2,048 ----a-w C:\Windows\System32\tzres.dll
    2008-02-06 16:31 53,080 ----a-w C:\Windows\System32\wuauclt.exe
    2008-02-06 16:31 43,352 ----a-w C:\Windows\System32\wups2.dll
    2008-02-06 16:31 1,712,984 ----a-w C:\Windows\System32\wuaueng.dll
    2008-02-06 16:31 1,524,224 ----a-w C:\Windows\System32\wucltux.dll
    2008-02-06 16:30 80,896 ----a-w C:\Windows\System32\wudriver.dll
    2008-02-06 16:30 549,720 ----a-w C:\Windows\System32\wuapi.dll
    2008-02-06 16:30 33,624 ----a-w C:\Windows\System32\wups.dll
    2008-02-06 16:30 31,232 ----a-w C:\Windows\System32\wuapp.exe
    2008-02-06 16:30 163,000 ----a-w C:\Windows\System32\wuwebv.dll
    2008-01-10 05:50 1,244,672 ----a-w C:\Windows\System32\mcmde.dll
    2008-01-04 21:59 524,288 ----a-w C:\Windows\System32\DivXsm.exe
    2008-01-04 21:58 3,596,288 ----a-w C:\Windows\System32\qt-dx331.dll
    2008-01-04 21:58 200,704 ----a-w C:\Windows\System32\ssldivx.dll
    2008-01-04 21:58 1,044,480 ----a-w C:\Windows\System32\libdivx.dll
    2008-01-04 21:57 823,296 ----a-w C:\Windows\System32\divx_xx0c.dll
    2008-01-04 21:57 823,296 ----a-w C:\Windows\System32\divx_xx07.dll
    2008-01-04 21:57 81,920 ----a-w C:\Windows\System32\dpl100.dll
    2008-01-04 21:57 802,816 ----a-w C:\Windows\System32\divx_xx11.dll
    2008-01-04 21:57 682,496 ----a-w C:\Windows\System32\DivX.dll
    2008-01-04 21:57 593,920 ----a-w C:\Windows\System32\dpuGUI11.dll
    2008-01-04 21:57 57,344 ----a-w C:\Windows\System32\dpv11.dll
    2008-01-04 21:57 53,248 ----a-w C:\Windows\System32\dpuGUI10.dll
    2008-01-04 21:57 344,064 ----a-w C:\Windows\System32\dpus11.dll
    2008-01-04 21:57 294,912 ----a-w C:\Windows\System32\dpu11.dll
    2008-01-04 21:57 294,912 ----a-w C:\Windows\System32\dpu10.dll
    2008-01-04 21:57 196,608 ----a-w C:\Windows\System32\dtu100.dll
    2008-01-04 21:56 156,992 ----a-w C:\Windows\System32\DivXCodecVersionChecker.exe
    2008-01-04 21:56 12,288 ----a-w C:\Windows\System32\DivXWMPExtType.dll
    2007-12-07 17:57 174 --sha-w C:\Program Files\desktop.ini
    2007-11-13 18:11 68,332,489 ----a-w C:\Program Files\openofficeorg3.cab
    2007-11-13 18:11 3,395,476 ----a-w C:\Program Files\openofficeorg4.cab
    2007-11-13 18:04 17,645,041 ----a-w C:\Program Files\openofficeorg2.cab
    2007-11-13 18:03 19,208,747 ----a-w C:\Program Files\openofficeorg1.cab
    2007-11-13 18:02 4,369,408 ----a-w C:\Program Files\openofficeorg23.msi
    2007-11-13 18:02 217 ----a-w C:\Program Files\setup.ini
    2004-07-22 09:51 3,432,656 ----a-w C:\Program Files\ManagedDX.CAB
    2004-07-19 21:58 1,156,363 ----a-w C:\Program Files\BDANT.cab
    2004-07-19 21:53 976,020 ----a-w C:\Program Files\BDAXP.cab
    2004-07-09 13:17 13,265,040 ----a-w C:\Program Files\dxnt.cab
    2004-07-09 08:13 703,080 ----a-w C:\Program Files\BDA.cab
    .

    ((((((((((((((((((((((((((((( snapshot_2008-04-30_17.32.39,72 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-04-30 14:24:29 67,584 --s-a-w C:\Windows\bootstat.dat
    + 2008-04-30 15:59:34 67,584 --s-a-w C:\Windows\bootstat.dat
    - 2008-04-30 14:24:29 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    + 2008-04-30 15:59:35 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
    - 2008-04-30 14:24:29 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    + 2008-04-30 15:59:35 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
    - 2008-04-30 14:39:38 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
    + 2008-04-30 16:14:44 262,144 ----a-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\UsrClass.dat
    - 2008-04-30 14:25:59 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
    + 2008-04-30 16:01:09 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
    + 2008-04-30 16:01:09 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
    - 2008-04-30 15:30:22 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
    + 2008-04-30 16:16:20 262,144 ----a-w C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\UsrClass.dat
    - 2008-04-30 14:26:04 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
    + 2008-04-30 16:01:14 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
    + 2008-04-30 16:01:14 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
    - 2008-04-30 14:58:46 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    + 2008-04-30 16:01:28 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
    - 2008-04-30 14:58:46 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    + 2008-04-30 16:01:28 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
    - 2008-04-30 14:58:46 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    + 2008-04-30 16:01:28 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
    - 2008-04-30 14:30:56 107,416 ----a-w C:\Windows\System32\perfc009.dat
    + 2008-04-30 16:06:07 107,416 ----a-w C:\Windows\System32\perfc009.dat
    - 2008-04-30 14:30:56 121,814 ----a-w C:\Windows\System32\perfc00C.dat
    + 2008-04-30 16:06:07 121,814 ----a-w C:\Windows\System32\perfc00C.dat
    - 2008-04-30 14:30:56 618,272 ----a-w C:\Windows\System32\perfh009.dat
    + 2008-04-30 16:06:07 618,272 ----a-w C:\Windows\System32\perfh009.dat
    - 2008-04-30 14:30:56 699,984 ----a-w C:\Windows\System32\perfh00C.dat
    + 2008-04-30 16:06:07 699,984 ----a-w C:\Windows\System32\perfh00C.dat
    - 2008-04-30 14:26:24 11,302 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3621014496-419229648-1526199216-1000_UserData.bin
    + 2008-04-30 16:01:34 11,334 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-3621014496-419229648-1526199216-1000_UserData.bin
    - 2008-04-30 14:26:24 60,934 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
    + 2008-04-30 16:01:34 60,950 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
    - 2008-04-30 14:26:23 51,240 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
    + 2008-04-30 16:01:32 51,240 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
    .
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-02-06 18:40 1232896]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-12-08 04:28 1006264]
    "hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 17:01 65536]
    "KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 18:16 65536]
    "OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 13:59 118784]
    "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-07-12 17:36 178712]
    "NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-08-27 20:59 86016]
    "NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-08-27 20:59 8473120]
    "NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-08-27 20:59 81920]
    "HP Health Check Scheduler"="[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [ ]
    "SunJavaUpdateReg"="C:\Windows\system32\jureg.exe" [2008-02-22 05:25 54672]
    "HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 17:24 54840]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-09-20 10:51 1836328]
    "LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2007-03-06 18:48 488984]
    "LogitechQuickCamRibbon"="C:\Program Files\Labtec\WebCam10\WebCam10.exe" [2007-03-06 18:58 1060376]
    "NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 16:57 153136]
    "RtHDVCpl"="RtHDVCpl.exe" [2007-10-25 15:52 4702208 C:\Windows\RtHDVCpl.exe]
    "AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-04-17 09:04 579584]
    "avgnt"="C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" [2007-04-02 10:35 327720]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-02-21 17:03 219136]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableLockWorkstation"= 0 (0x0)
    "DisableChangePassword"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoLogoff"= 0 (0x0)

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
    "Windows Printing Driver"= WinSpooler.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgwlntf]
    avgwlntf.dll 2008-02-21 17:04 9216 C:\Windows\System32\avgwlntf.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "msacm.l3codecp"= l3codecp.acm

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
    "{0C1B9D83-7C06-4A28-91B0-07A36AA64670}"= c:\Program Files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
    "{7906CDA6-1DD0-45DD-911E-9F582507765F}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
    "TCP Query User{2A7451E8-0A19-411A-8652-14C41A8DDCC0}C:\\program files\\limewire\\limewire.exe"= UDP:C:\program files\limewire\limewire.exe:LimeWire
    "UDP Query User{B0448270-EAAA-4E2B-8EA1-A770AE7BF97C}C:\\program files\\limewire\\limewire.exe"= TCP:C:\program files\limewire\limewire.exe:LimeWire
    "TCP Query User{06C92084-503E-4FE1-A911-55044D544B25}C:\\program files\\konami\\pro evolution soccer 6\\pes6.exe"= UDP:C:\program files\konami\pro evolution soccer 6\pes6.exe:p es6.exe
    "UDP Query User{0D45552C-E281-4940-B642-FC5ED42956AB}C:\\program files\\konami\\pro evolution soccer 6\\pes6.exe"= TCP:C:\program files\konami\pro evolution soccer 6\pes6.exe:p es6.exe
    "TCP Query User{999CC55C-DF47-4F8A-88AB-444C9ED771FA}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
    "UDP Query User{A0B5A50B-46DE-44CE-9515-9ADE4C69CBBE}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
    "DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

    R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-03-29 19:31]
    R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
    R2 litsgt;litsgt;C:\Windows\system32\DRIVERS\litsgt.sys [2008-03-14 23:28]
    R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 11:43]
    R2 tansgt;tansgt;C:\Windows\system32\DRIVERS\tansgt.sys [2008-03-14 23:28]
    R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service;C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 22:55]
    R3 AvgWFP;AVG7 Firewall Driver x86;C:\Windows\system32\Drivers\avgwfp.sys [2008-03-13 11:52]
    S3 GameConsoleService;GameConsoleService;"C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe" [2008-01-29 19:09]
    S3 MBAMCatchMe;MBAMCatchMe;C:\Program Files\Malwarebytes' Anti-Malware\catchme.sys [2008-04-07 20:17]
    S3 PCD5SRVC{BD6912E3-AC9D80E8-05040000};PCD5SRVC{BD6912E3-AC9D80E8-05040000} - PCDR Kernel Mode Service Helper Driver;C:\PROGRA~1\PC-DOC~1\PCD5SRVC.pkms [2007-09-13 03:35]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{3da222d8-a52c-11dc-8ee6-806e6f6e6963}]
    \shell\AutoRun\command - E:\autorun.exe

    .
    **************************************************************************

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-30 18:18:20
    Windows 6.0.6000 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-04-30 18:19:18
    ComboFix-quarantined-files.txt 2008-04-30 16:19:06
    ComboFix2.txt 2008-04-30 15:53:34
    ComboFix3.txt 2008-04-30 15:43:46
    ComboFix4.txt 2008-04-30 15:33:09
    ComboFix5.txt 2008-04-26 16:28:53

    Pre-Run: 336,026,009,600 octets libres
    Post-Run: 335,996,538,880 octets libres

    318 --- E O F --- 2008-04-30 08:08:14
    a b 8 Sécurité
    30 Avril 2008 18:21:43

    Citation :
    Je ne parviens pas à choisir l'endroit où télécharger donc j'ai copié le ComboFix du bureau et coller dans C:\, j'ai recré ton bloc-note et glissé dans C:`\

    C'est ce qu'il faut faire :) 
    30 Avril 2008 18:27:45

    Waouh, j'aurai réussi à faire quelque chose correctement? lol
    Et?
    ça a fonctionnait ou pas? je crois pas :/ 
    30 Avril 2008 18:31:40

    Hey, t'as pas la tête comme une pastèque à cause de moi? :pt1cable: 
    a b 8 Sécurité
    30 Avril 2008 19:21:42

    Reposte un rapport Hijackthis :) 
    30 Avril 2008 20:37:48

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:48:32, on 26/04/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16643)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\hp\support\hpsysdrv.exe
    C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\jureg.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Windows\system32\schtasks.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Labtec\WebCam10\WebCam10.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Grisoft\AVG7\avgcc.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\hp\kbd\kbd.exe
    C:\Windows\System32\cmd.exe
    C:\Windows\system32\conime.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Windows NT\Accessories\wordpad.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {AC53EE7B-265C-4265-85F4-58DBD1DD7B7B} - (no file)
    O2 - BHO: (no name) - {EF21B277-AE9F-460C-B3FE-B47AA3A8EBBF} - C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
    O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
    O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Labtec\WebCam10\WebCam10.exe" /hide
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll,c
    O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\OWEN&E~1\AppData\Local\Temp\efCRhGxw.dll,#1
    O4 - HKCU\..\Policies\Explorer\Run: [Windows Printing Driver] WinSpooler.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O4 - Global Startup: Bluetooth Manager.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx...
    O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

    --
    End of file - 10579 bytes
    a b 8 Sécurité
    30 Avril 2008 21:32:22

    Re,

    Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES

    2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {AC53EE7B-265C-4265-85F4-58DBD1DD7B7B} - (no file)
    O2 - BHO: (no name) - {EF21B277-AE9F-460C-B3FE-B47AA3A8EBBF} - C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll,c
    O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\OWEN&E~1\AppData\Local\Temp\efCRhGxw.dll,#1


    Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
    Sélectionne tous les emplacements dans le cadre ci-dessous :

    C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll
    C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll
    C:\Users\OWEN&E~1\AppData\Local\Temp\efCRhGxw.dll

    ---> Clique-droit puis Copier (ou Ctrl+C)

    Double-clique sur OTMoveIt.exe afin de le lancer.
    Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
    Clique maintenant sur [#ff0000]MoveIt![/#f]

    [#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
    Accepte en cliquant sur YES.[/#f]

    Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
    Le nom du rapport correspond au moment de sa création : date_heure.log

    ->Informations sur le logiciel<-
    1 Mai 2008 10:01:03

    Salut,
    J'ai pas le temps mais je passe vite fait pour te dire que je n'ai pas trouvé toutes les lignes dans HiJack, je suis là cet aprem, je te raconterai ;) 
    à plus
    Voici le rapport de OTMovelt:

    File/Folder C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll not found.
    File/Folder C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll not found.
    File/Folder C:\Users\OWEN&E~1\AppData\Local\Temp\efCRhGxw.dll not found.

    OTMoveIt2 by OldTimer - Version 1.0.4.1 log created on 05012008_095748
    a b 8 Sécurité
    1 Mai 2008 14:22:16

    Tu peux refaire un scan Hijackthis ?
    2 Mai 2008 10:20:17

    Oops, j'étais pô là hier, alors pour raccourcir, je n'ai pas les mêmes lignes sur le rapport et sur le scan seul, bizarre, non? je n'ai donc pas pu tout coché mais même après avoir "fix machin" les lignes trouvées, elles réapparaissaient sur le rapport suivant!
    Quant à la manip' d'OTMovelt, je comprends pas, ça semble fonctionnait à part qu'à aucun moment je ne peux taper "1" et "entrée" et il semblerait que la manip ne soit pas prise en compte.....

    voici le rapport HiJack, bon courage ;) 


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:48:32, on 26/04/2008
    Platform: Windows Vista (WinNT 6.00.1904)
    MSIE: Internet Explorer v7.00 (7.00.6000.16643)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\hp\support\hpsysdrv.exe
    C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\jureg.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Windows\system32\schtasks.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
    C:\Program Files\Labtec\WebCam10\WebCam10.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Grisoft\AVG7\avgcc.exe
    C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\hp\kbd\kbd.exe
    C:\Windows\System32\cmd.exe
    C:\Windows\system32\conime.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Windows NT\Accessories\wordpad.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&loca...
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {AC53EE7B-265C-4265-85F4-58DBD1DD7B7B} - (no file)
    O2 - BHO: (no name) - {EF21B277-AE9F-460C-B3FE-B47AA3A8EBBF} - C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
    O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
    O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
    O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
    O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Labtec\WebCam10\WebCam10.exe" /hide
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll,c
    O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\OWEN&E~1\AppData\Local\Temp\efCRhGxw.dll,#1
    O4 - HKCU\..\Policies\Explorer\Run: [Windows Printing Driver] WinSpooler.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O4 - Global Startup: Bluetooth Manager.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx...
    O20 - Winlogon Notify: avgwlntf - C:\Windows\SYSTEM32\avgwlntf.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgrssvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
    O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

    --
    End of file - 10579 bytes
    2 Mai 2008 10:43:36

    Je ne parviens pas à prendre en photo le "scan only" donc voilà ceux que je trouve ou pas :

    2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe = trouve pas

    O1 - Hosts: ::1 localhost = trouve pas

    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file) = trouvé mais toujours présent dans le new scan

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) = pas trouvé

    O2 - BHO: (no name) - {AC53EE7B-265C-4265-85F4-58DBD1DD7B7B} - (no file) = trouvé mais tjs présent

    O2 - BHO: (no name) - {EF21B277-AE9F-460C-B3FE-B47AA3A8EBBF} - C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll = pâs trouvé

    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file) = trouvé mais toujours présent

    O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\OWEN&E~1\AppData\Local\Temp\byXOfdAR.dll,c = trouvé mais présent

    O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\OWEN&E~1\AppData\Local\Temp\efCRhGxw.dll,#1 = pas trouvé
    a b 8 Sécurité
    2 Mai 2008 16:10:01

    Ton rapport Hijackthis n'est pas récent...
    Citation :
    Scan saved at 17:48:32, on 26/04/2008
    2 Mai 2008 16:24:22

    Euh, lol?
    En effet, je viens d'en refaire un qui date du 26/04, c'est quoi ce binss?
    C'est grave Docteur? :D 
        • 1 / 2
        • 2
        • Dernier
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS