Votre question

problème hijackthis

Tags :
  • Hijackthis
  • Sécurité
Dernière réponse : dans Sécurité et virus
5 Mars 2008 12:04:37

salut voila je crois que je suis le plus poisseux!
j'avais plein de virus et puis on m'a reccomandé dans l'un des messages dans ce forum de lancer hijackthis et puis de supprimer certaine ligne car j'avais un problème de dll et puis j'arrivai plus à télécharger ni à ouvrir msn ou même skype.J'avais supprimer certaines lignes comme ils me l'ont reccomandé mais maintenant j'arrive plus toujours a ouvrir msn mais je peux de nouveau télécharger alos si quelqu'un pouvait m'aider en me disant si il y'a des lignes que je peux supprimer pour résoudre mon problème,ce serait chouette
voila ce que ca donne
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:02:29, on 05/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TOSHIBA\EMT3\Tmesbs32.exe
C:\Program Files\TOSHIBA\EMT3\Tmesrv31.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\s3hotkey.exe
C:\WINDOWS\system32\TPWRTRAY.EXE
C:\Program Files\TOSHIBA\EMT3\TMERzCtl.EXE
C:\Program Files\TOSHIBA\EMT3\TMESBS32.EXE
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\WINDOWS\system32\TFNF5.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BrowserCmp - {1D8282E6-BC4F-469B-AAED-7E4FF077AD93} - C:\WINDOWS\system32\iebrowserc.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Gif Animator Toolbar Helper - {96372AB6-15EB-4316-B497-71C741BC548C} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.0\EasyGifAnimator_Toolbar.dll
O2 - BHO: ads_optimizer - {9C8A568E-4201-478a-8536-526CF371D2E2} - C:\WINDOWS\system32\nsj2C.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {ACBCB56C-3DF9-4DA7-89A1-05ADE7038D05} - C:\WINDOWS\system32\msuni1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.0\EasyGifAnimator_Toolbar.dll
O4 - HKLM\..\Run: [S3Hotkey] s3hotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\EMT3\TMESRV31.EXE /Logon
O4 - HKLM\..\Run: [TMERzCtl.EXE] C:\Program Files\TOSHIBA\EMT3\TMERzCtl.EXE /Service
O4 - HKLM\..\Run: [TMESBS.EXE] C:\Program Files\TOSHIBA\EMT3\TMESBS32.EXE /Client
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe /Type 02
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [Totocam] C:\PROGRA~1\ALLOCA~1\allocam.exe 1
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Startup: Robin Hood Update.lnk = C:\Program Files\Robin Hood - The Legend of Sherwood (Demo)\WiseUpdt.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (file missing)
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe (file missing)
O23 - Service: Tmesbs32 (Tmesbs) - TOSHIBA Corporation test - C:\Program Files\TOSHIBA\EMT3\Tmesbs32.exe
O23 - Service: Tmesrv3 (Tmesrv) - Toshiba - C:\Program Files\TOSHIBA\EMT3\Tmesrv31.exe

--
End of file - 10284 bytes

Autres pages sur : probleme hijackthis

a b 8 Sécurité
5 Mars 2008 12:41:09

Bonjour,

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

  • Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur combofix.exe afin de le lancer.
  • Tape sur la touche 1 (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
    5 Mars 2008 14:15:50

    ben voila ce que ca m'a donné à la fin

    ComboFix 08-03-04.5 - Administrateur 2008-03-05 13:16:15.2 - FAT32x86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.181 [GMT 1:00]
    Endroit: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\Administrateur\Application Data\urlredir.cfg
    C:\WINDOWS\system32\adssite-remove.exe
    C:\WINDOWS\system32\gzmrot-uninst.exe
    C:\WINDOWS\system32\iebrowserc.dll
    C:\WINDOWS\system32\msuni1.1
    C:\WINDOWS\system32\nsj2C.dll
    C:\WINDOWS\system32\rightonadz-uninst.exe
    C:\WINDOWS\system32\msuni1.dll . . . . Echec de suppression

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-02-05 to 2008-03-05 ))))))))))))))))))))))))))))))))))))
    .

    2008-03-05 12:55 . 2008-03-05 12:55 <REP> d-------- C:\Program Files\uTorrent
    2008-03-05 12:26 . 2008-03-05 12:26 244 --ah----- C:\sqmnoopt16.sqm
    2008-03-05 12:26 . 2008-03-05 12:26 244 --ah----- C:\sqmdata16.sqm
    2008-03-05 11:45 . 2008-03-05 11:45 <REP> d--hs---- C:\FOUND.000
    2008-03-02 19:21 . 2008-03-02 19:21 <REP> d-------- C:\vcs5BGEffects
    2008-03-02 19:14 . 2008-03-02 19:14 <REP> d-------- C:\Program Files\AV Vcs 6.0 DIAMOND
    2008-03-01 19:22 . 2008-03-01 19:22 244 --ah----- C:\sqmnoopt15.sqm
    2008-03-01 19:22 . 2008-03-01 19:22 244 --ah----- C:\sqmdata15.sqm
    2008-02-29 20:45 . 2008-02-29 20:45 244 --ah----- C:\sqmnoopt14.sqm
    2008-02-29 20:45 . 2008-02-29 20:45 244 --ah----- C:\sqmdata14.sqm
    2008-02-29 19:39 . 2008-02-29 19:39 244 --ah----- C:\sqmnoopt13.sqm
    2008-02-29 19:39 . 2008-02-29 19:39 244 --ah----- C:\sqmdata13.sqm
    2008-02-28 08:54 . 2008-02-28 08:54 244 --ah----- C:\sqmnoopt12.sqm
    2008-02-28 08:54 . 2008-02-28 08:54 244 --ah----- C:\sqmdata12.sqm
    2008-02-27 15:04 . 2008-02-27 15:04 <REP> d-------- C:\Program Files\Strategy First
    2008-02-27 12:03 . 2008-02-27 12:03 244 --ah----- C:\sqmnoopt11.sqm
    2008-02-27 12:03 . 2008-02-27 12:03 244 --ah----- C:\sqmdata11.sqm
    2008-02-26 15:10 . 2008-02-26 15:10 244 --ah----- C:\sqmnoopt10.sqm
    2008-02-26 15:10 . 2008-02-26 15:10 244 --ah----- C:\sqmdata10.sqm
    2008-02-24 15:43 . 2008-02-24 15:43 244 --ah----- C:\sqmnoopt09.sqm
    2008-02-24 15:43 . 2008-02-24 15:43 244 --ah----- C:\sqmdata09.sqm
    2008-02-23 10:54 . 2008-02-23 10:54 244 --ah----- C:\sqmnoopt08.sqm
    2008-02-23 10:54 . 2008-02-23 10:54 244 --ah----- C:\sqmdata08.sqm
    2008-02-22 15:10 . 2008-02-22 15:10 244 --ah----- C:\sqmnoopt07.sqm
    2008-02-22 15:10 . 2008-02-22 15:10 244 --ah----- C:\sqmdata07.sqm
    2008-02-19 15:54 . 2008-02-19 15:54 <REP> d-------- C:\Program Files\Bible
    2008-02-18 17:49 . 2008-02-18 17:49 256 --ah----- C:\sqmdata06.sqm
    2008-02-18 17:49 . 2008-02-18 17:49 244 --ah----- C:\sqmnoopt06.sqm
    2008-02-16 20:06 . 2008-02-16 20:06 <REP> d-------- C:\Sierra
    2008-02-16 18:32 . 2008-02-16 18:32 256 --ah----- C:\sqmdata05.sqm
    2008-02-16 18:32 . 2008-02-16 18:32 244 --ah----- C:\sqmnoopt05.sqm
    2008-02-14 03:10 . 2008-02-14 03:10 <REP> d--hs---- C:\FOUND.021
    2008-02-14 03:07 . 2008-02-14 03:07 184 --ah----- C:\sqmdata04.sqm
    2008-02-14 03:07 . 2008-02-14 03:07 172 --ah----- C:\sqmnoopt04.sqm
    2008-02-13 00:22 . 2008-02-13 00:22 256 --ah----- C:\sqmdata03.sqm
    2008-02-13 00:22 . 2008-02-13 00:22 244 --ah----- C:\sqmnoopt03.sqm
    2008-02-09 21:36 . 2008-02-09 21:36 <REP> d-------- C:\Program Files\IKEA HomePlanner
    2008-02-09 21:36 . 2008-02-09 21:36 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-03-05 12:18 104,704 ----a-w C:\WINDOWS\system32\msuni1.dll
    2008-02-16 19:11 4,608 ----a-w C:\WINDOWS\system32\w95inf32.dll
    2008-01-25 19:21 46,300 ----a-w C:\WINDOWS\system32\AdssiteSocial-uninstall.exe
    2008-01-20 16:46 --------- d-----w C:\Program Files\Trend Micro
    2008-01-12 11:54 --------- d-----w C:\Program Files\Audacity
    2008-01-11 05:36 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
    2007-12-21 14:39 10,752 ----a-w C:\WINDOWS\system32\WhoisCL.exe
    2007-12-19 22:53 347,136 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
    2007-12-18 09:51 179,584 ------w C:\WINDOWS\system32\dllcache\mrxdav.sys
    2007-12-08 05:08 3,592,192 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
    2007-12-06 11:03 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
    2007-12-06 11:02 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    2007-12-06 11:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
    2007-12-06 04:59 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ACBCB56C-3DF9-4DA7-89A1-05ADE7038D05}]
    2008-03-05 13:18 104704 --a------ C:\WINDOWS\system32\msuni1.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [ ]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-24 03:18 68856]
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [ ]
    "eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [ ]
    "Totocam"="C:\PROGRA~1\ALLOCA~1\allocam.exe" [ ]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" [ ]
    "WINSOS VERIFY"="C:\Program Files\WINSOS\WINSOS.exe" [ ]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "S3Hotkey"="s3hotkey.exe" [2001-09-12 20:27 40960 C:\WINDOWS\system32\s3hotkey.exe]
    "000StTHK"="000StTHK.exe" [2001-06-23 20:28 24576 C:\WINDOWS\system32\000StTHK.exe]
    "Tpwrtray"="TPWRTRAY.EXE" [2002-02-14 15:47 184320 C:\WINDOWS\system32\TPWRTRAY.EXE]
    "TMESRV.EXE"="C:\Program Files\TOSHIBA\EMT3\TMESRV31.exe" [2002-03-01 11:17 122880]
    "TMERzCtl.EXE"="C:\Program Files\TOSHIBA\EMT3\TMERzCtl.exe" [2002-02-04 16:54 77824]
    "TMESBS.EXE"="C:\Program Files\TOSHIBA\EMT3\TMESBS32.exe" [2002-03-01 11:17 65536]
    "TFncKy"="TFncKy.exe" []
    "TFNF5"="TFNF5.exe" [2001-09-04 10:31 69632 C:\WINDOWS\system32\TFNF5.exe]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00 132496]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
    "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe" [2003-03-11 12:08 172032]
    "HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2002-12-17 11:40 49152]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [ ]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06 40048]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 16:09 15360]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoLogOff"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "C:\\Program Files\\LimeWire\\LimeWire.exe"=
    "C:\\Program Files\\Internet Explorer\\iexplore.exe"=
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"=
    "C:\\Program Files\\uTorrent\\uTorrent.exe"=

    R0 ckmhoers;ckmhoers;C:\WINDOWS\system32\drivers\gmyybejy.dat []
    R0 tosrfec;Bluetooth ACPI from Toshiba;C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2001-07-13 03:26]
    R0 TVALG;Toshiba Value Added Logical and General Purpose Device Driver;C:\WINDOWS\system32\DRIVERS\TVALG.SYS [2001-09-13 19:53]
    R1 TMEI3E;TMEI3E;C:\WINDOWS\system32\Drivers\TMEI3E.SYS [2002-01-08 14:44]
    R2 AVWEBCAM;AV WebCam, WDM Video Capture;C:\WINDOWS\system32\DRIVERS\avwebcam.sys [2005-11-22 09:28]
    R2 Tmesbs;Tmesbs32;"C:\Program Files\TOSHIBA\EMT3\Tmesbs32.exe" /Service []
    R3 TOSHIBASoftModem;TOSHIBA Software Modem;C:\WINDOWS\system32\DRIVERS\LTSM.sys [2001-09-26 20:34]
    R3 tsdhd;TOSHIBA SD Card Host Controller Driver;C:\WINDOWS\system32\DRIVERS\tsdhd.sys [2002-01-07 01:02]
    S3 ASNDIS5;ASNDIS5 Protocol Driver;C:\WINDOWS\System32\ASNDIS5.SYS [2002-09-09 19:54]
    S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" [2007-08-24 17:30]
    S3 ovt530;Webcam Deluxe;C:\WINDOWS\system32\Drivers\ov530vid.sys []
    S3 pciSd;pciSd;C:\WINDOWS\system32\DRIVERS\tossdpci.sys [2002-01-07 18:16]
    S3 ProtoWall;ProtoWall Defender;C:\WINDOWS\system32\DRIVERS\ProtoWall.sys []
    S3 toslane;Toshiba BT-LANE;C:\WINDOWS\system32\DRIVERS\TOSRFLAN.sys [2002-02-07 16:24]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{50b26c30-b7ec-11dc-bf86-00022d59eff9}]
    \Shell\AutoRun\command - F:\ntde1ect.com
    \Shell\explore\Command - F:\ntde1ect.com
    \Shell\open\Command - F:\ntde1ect.com

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{53590370-7a84-11dc-bf3a-00022d59eff9}]
    \Shell\AutoRun\command - ntde1ect.com
    \Shell\explore\Command - ntde1ect.com
    \Shell\open\Command - ntde1ect.com

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72627af0-a3f6-11dc-bf72-00022d59eff9}]
    \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c8ff0851-bfd0-11d3-beea-806d6172696f}]
    \Shell\AutoRun\command - D:\setupSNK.exe


    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}]
    rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\fpxpress.inf,PerUserstub
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-05 13:21:21
    Windows 5.1.2600 Service Pack 2 FAT NTAPI

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ckmhoers]
    "ImagePath"="system32\drivers\gmyybejy.dat"
    .
    ------------------------ Other Running Processes ------------------------
    .
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    .
    **************************************************************************
    .
    Temps d'accomplissement: 2008-03-05 13:23:16 - machine was rebooted
    ComboFix2.txt 2008-01-20 18:59:34
    ComboFix-quarantined-files.txt 2008-03-05 12:23:14
    .
    2008-02-29 06:13:55 --- E O F ---
    Contenus similaires
    5 Mars 2008 14:17:06

    j'espère que ca pourra vous aider à résoudre mon problème

    a b 8 Sécurité
    5 Mars 2008 18:31:05

    Tu peux relancer Combofix ?
    5 Mars 2008 18:51:54

    ComboFix 08-03-04.5 - Administrateur 2008-03-05 18:38:29.4 - FAT32x86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.220 [GMT 1:00]
    Endroit: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\system32\msuni1.dll . . . . Echec de suppression

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-02-05 to 2008-03-05 ))))))))))))))))))))))))))))))))))))
    .

    2008-03-05 12:55 . 2008-03-05 12:55 <REP> d-------- C:\Program Files\uTorrent
    2008-03-05 12:26 . 2008-03-05 12:26 244 --ah----- C:\sqmnoopt16.sqm
    2008-03-05 12:26 . 2008-03-05 12:26 244 --ah----- C:\sqmdata16.sqm
    2008-03-05 11:45 . 2008-03-05 11:45 <REP> d--hs---- C:\FOUND.000
    2008-03-02 19:21 . 2008-03-02 19:21 <REP> d-------- C:\vcs5BGEffects
    2008-03-02 19:14 . 2008-03-02 19:14 <REP> d-------- C:\Program Files\AV Vcs 6.0 DIAMOND
    2008-03-01 19:22 . 2008-03-01 19:22 244 --ah----- C:\sqmnoopt15.sqm
    2008-03-01 19:22 . 2008-03-01 19:22 244 --ah----- C:\sqmdata15.sqm
    2008-02-29 20:45 . 2008-02-29 20:45 244 --ah----- C:\sqmnoopt14.sqm
    2008-02-29 20:45 . 2008-02-29 20:45 244 --ah----- C:\sqmdata14.sqm
    2008-02-29 19:39 . 2008-02-29 19:39 244 --ah----- C:\sqmnoopt13.sqm
    2008-02-29 19:39 . 2008-02-29 19:39 244 --ah----- C:\sqmdata13.sqm
    2008-02-28 08:54 . 2008-02-28 08:54 244 --ah----- C:\sqmnoopt12.sqm
    2008-02-28 08:54 . 2008-02-28 08:54 244 --ah----- C:\sqmdata12.sqm
    2008-02-27 15:04 . 2008-02-27 15:04 <REP> d-------- C:\Program Files\Strategy First
    2008-02-27 12:03 . 2008-02-27 12:03 244 --ah----- C:\sqmnoopt11.sqm
    2008-02-27 12:03 . 2008-02-27 12:03 244 --ah----- C:\sqmdata11.sqm
    2008-02-26 15:10 . 2008-02-26 15:10 244 --ah----- C:\sqmnoopt10.sqm
    2008-02-26 15:10 . 2008-02-26 15:10 244 --ah----- C:\sqmdata10.sqm
    2008-02-24 15:43 . 2008-02-24 15:43 244 --ah----- C:\sqmnoopt09.sqm
    2008-02-24 15:43 . 2008-02-24 15:43 244 --ah----- C:\sqmdata09.sqm
    2008-02-23 10:54 . 2008-02-23 10:54 244 --ah----- C:\sqmnoopt08.sqm
    2008-02-23 10:54 . 2008-02-23 10:54 244 --ah----- C:\sqmdata08.sqm
    2008-02-22 15:10 . 2008-02-22 15:10 244 --ah----- C:\sqmnoopt07.sqm
    2008-02-22 15:10 . 2008-02-22 15:10 244 --ah----- C:\sqmdata07.sqm
    2008-02-19 15:54 . 2008-02-19 15:54 <REP> d-------- C:\Program Files\Bible
    2008-02-18 17:49 . 2008-02-18 17:49 256 --ah----- C:\sqmdata06.sqm
    2008-02-18 17:49 . 2008-02-18 17:49 244 --ah----- C:\sqmnoopt06.sqm
    2008-02-16 20:06 . 2008-02-16 20:06 <REP> d-------- C:\Sierra
    2008-02-16 18:32 . 2008-02-16 18:32 256 --ah----- C:\sqmdata05.sqm
    2008-02-16 18:32 . 2008-02-16 18:32 244 --ah----- C:\sqmnoopt05.sqm
    2008-02-14 03:10 . 2008-02-14 03:10 <REP> d--hs---- C:\FOUND.021
    2008-02-14 03:07 . 2008-02-14 03:07 184 --ah----- C:\sqmdata04.sqm
    2008-02-14 03:07 . 2008-02-14 03:07 172 --ah----- C:\sqmnoopt04.sqm
    2008-02-13 00:22 . 2008-02-13 00:22 256 --ah----- C:\sqmdata03.sqm
    2008-02-13 00:22 . 2008-02-13 00:22 244 --ah----- C:\sqmnoopt03.sqm
    2008-02-09 21:36 . 2008-02-09 21:36 <REP> d-------- C:\Program Files\IKEA HomePlanner
    2008-02-09 21:36 . 2008-02-09 21:36 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-03-05 12:18 104,704 ----a-w C:\WINDOWS\system32\msuni1.dll
    2008-02-16 19:11 4,608 ----a-w C:\WINDOWS\system32\w95inf32.dll
    2008-01-25 19:21 46,300 ----a-w C:\WINDOWS\system32\AdssiteSocial-uninstall.exe
    2008-01-20 16:46 --------- d-----w C:\Program Files\Trend Micro
    2008-01-12 11:54 --------- d-----w C:\Program Files\Audacity
    2008-01-11 05:36 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
    2007-12-21 14:39 10,752 ----a-w C:\WINDOWS\system32\WhoisCL.exe
    2007-12-19 22:53 347,136 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
    2007-12-18 09:51 179,584 ------w C:\WINDOWS\system32\dllcache\mrxdav.sys
    2007-12-08 05:08 3,592,192 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
    2007-12-06 11:03 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
    2007-12-06 11:02 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    2007-12-06 11:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
    2007-12-06 04:59 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ACBCB56C-3DF9-4DA7-89A1-05ADE7038D05}]
    2008-03-05 13:18 104704 --a------ C:\WINDOWS\system32\msuni1.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [ ]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-24 03:18 68856]
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [ ]
    "eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [ ]
    "Totocam"="C:\PROGRA~1\ALLOCA~1\allocam.exe" [ ]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" [ ]
    "WINSOS VERIFY"="C:\Program Files\WINSOS\WINSOS.exe" [ ]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "S3Hotkey"="s3hotkey.exe" [2001-09-12 20:27 40960 C:\WINDOWS\system32\s3hotkey.exe]
    "000StTHK"="000StTHK.exe" [2001-06-23 20:28 24576 C:\WINDOWS\system32\000StTHK.exe]
    "Tpwrtray"="TPWRTRAY.EXE" [2002-02-14 15:47 184320 C:\WINDOWS\system32\TPWRTRAY.EXE]
    "TMESRV.EXE"="C:\Program Files\TOSHIBA\EMT3\TMESRV31.exe" [2002-03-01 11:17 122880]
    "TMERzCtl.EXE"="C:\Program Files\TOSHIBA\EMT3\TMERzCtl.exe" [2002-02-04 16:54 77824]
    "TMESBS.EXE"="C:\Program Files\TOSHIBA\EMT3\TMESBS32.exe" [2002-03-01 11:17 65536]
    "TFncKy"="TFncKy.exe" []
    "TFNF5"="TFNF5.exe" [2001-09-04 10:31 69632 C:\WINDOWS\system32\TFNF5.exe]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00 132496]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
    "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe" [2003-03-11 12:08 172032]
    "HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2002-12-17 11:40 49152]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [ ]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06 40048]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 16:09 15360]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoLogOff"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "C:\\Program Files\\LimeWire\\LimeWire.exe"=
    "C:\\Program Files\\Internet Explorer\\iexplore.exe"=
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"=
    "C:\\Program Files\\uTorrent\\uTorrent.exe"=

    R0 ckmhoers;ckmhoers;C:\WINDOWS\system32\drivers\gmyybejy.dat []
    R0 tosrfec;Bluetooth ACPI from Toshiba;C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2001-07-13 03:26]
    R0 TVALG;Toshiba Value Added Logical and General Purpose Device Driver;C:\WINDOWS\system32\DRIVERS\TVALG.SYS [2001-09-13 19:53]
    R1 TMEI3E;TMEI3E;C:\WINDOWS\system32\Drivers\TMEI3E.SYS [2002-01-08 14:44]
    R2 AVWEBCAM;AV WebCam, WDM Video Capture;C:\WINDOWS\system32\DRIVERS\avwebcam.sys [2005-11-22 09:28]
    R2 Tmesbs;Tmesbs32;"C:\Program Files\TOSHIBA\EMT3\Tmesbs32.exe" /Service []
    R3 TOSHIBASoftModem;TOSHIBA Software Modem;C:\WINDOWS\system32\DRIVERS\LTSM.sys [2001-09-26 20:34]
    R3 tsdhd;TOSHIBA SD Card Host Controller Driver;C:\WINDOWS\system32\DRIVERS\tsdhd.sys [2002-01-07 01:02]
    S3 ASNDIS5;ASNDIS5 Protocol Driver;C:\WINDOWS\System32\ASNDIS5.SYS [2002-09-09 19:54]
    S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" [2007-08-24 17:30]
    S3 ovt530;Webcam Deluxe;C:\WINDOWS\system32\Drivers\ov530vid.sys []
    S3 pciSd;pciSd;C:\WINDOWS\system32\DRIVERS\tossdpci.sys [2002-01-07 18:16]
    S3 ProtoWall;ProtoWall Defender;C:\WINDOWS\system32\DRIVERS\ProtoWall.sys []
    S3 toslane;Toshiba BT-LANE;C:\WINDOWS\system32\DRIVERS\TOSRFLAN.sys [2002-02-07 16:24]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{50b26c30-b7ec-11dc-bf86-00022d59eff9}]
    \Shell\AutoRun\command - F:\ntde1ect.com
    \Shell\explore\Command - F:\ntde1ect.com
    \Shell\open\Command - F:\ntde1ect.com

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{53590370-7a84-11dc-bf3a-00022d59eff9}]
    \Shell\AutoRun\command - ntde1ect.com
    \Shell\explore\Command - ntde1ect.com
    \Shell\open\Command - ntde1ect.com

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72627af0-a3f6-11dc-bf72-00022d59eff9}]
    \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c8ff0851-bfd0-11d3-beea-806d6172696f}]
    \Shell\AutoRun\command - D:\setupSNK.exe


    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}]
    rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\fpxpress.inf,PerUserstub
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-05 18:42:47
    Windows 5.1.2600 Service Pack 2 FAT NTAPI

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************

    [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\ckmhoers]
    "ImagePath"="system32\drivers\gmyybejy.dat"
    .
    ------------------------ Other Running Processes ------------------------
    .
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    .
    **************************************************************************
    .
    Temps d'accomplissement: 2008-03-05 18:44:43 - machine was rebooted [Administrateur]
    ComboFix3.txt 2008-01-20 18:59:34
    ComboFix-quarantined-files.txt 2008-03-05 17:44:40
    ComboFix2.txt 2008-03-05 12:23:18
    .
    2008-02-29 06:13:55 --- E O F ---
    a b 8 Sécurité
    5 Mars 2008 20:06:11

    Re,

    [#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    Driver::
    ckmhoers

    Rootkit::
    C:\WINDOWS\system32\msuni1.dll
    C:\WINDOWS\system32\drivers\gmyybejy.dat

    Folder::
    C:\Program Files\WINSOS

    Registry::
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{ACBCB56C-3DF9-4DA7-89A1-05ADE7038D05}]
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "WINSOS VERIFY=-


    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


    Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
    [#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
    5 Mars 2008 20:45:58

    voila

    ComboFix 08-03-04.5 - Administrateur 2008-03-05 20:30:52.5 - FAT32x86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.189 [GMT 1:00]
    Endroit: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\Administrateur\Bureau\CFScript.txt
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\system32\drivers\gmyybejy.dat
    C:\WINDOWS\system32\msuni1.dll

    .
    --------------- FMove ---------------

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

    .
    -------\LEGACY_CKMHOERS
    -------\ckmhoers


    ((((((((((((((((((((((((((((( Fichiers créés 2008-02-05 to 2008-03-05 ))))))))))))))))))))))))))))))))))))
    .

    2008-03-05 12:55 . 2008-03-05 12:55 <REP> d-------- C:\Program Files\uTorrent
    2008-03-05 12:26 . 2008-03-05 12:26 244 --ah----- C:\sqmnoopt16.sqm
    2008-03-05 12:26 . 2008-03-05 12:26 244 --ah----- C:\sqmdata16.sqm
    2008-03-05 11:45 . 2008-03-05 11:45 <REP> d--hs---- C:\FOUND.000
    2008-03-02 19:21 . 2008-03-02 19:21 <REP> d-------- C:\vcs5BGEffects
    2008-03-02 19:14 . 2008-03-02 19:14 <REP> d-------- C:\Program Files\AV Vcs 6.0 DIAMOND
    2008-03-01 19:22 . 2008-03-01 19:22 244 --ah----- C:\sqmnoopt15.sqm
    2008-03-01 19:22 . 2008-03-01 19:22 244 --ah----- C:\sqmdata15.sqm
    2008-02-29 20:45 . 2008-02-29 20:45 244 --ah----- C:\sqmnoopt14.sqm
    2008-02-29 20:45 . 2008-02-29 20:45 244 --ah----- C:\sqmdata14.sqm
    2008-02-29 19:39 . 2008-02-29 19:39 244 --ah----- C:\sqmnoopt13.sqm
    2008-02-29 19:39 . 2008-02-29 19:39 244 --ah----- C:\sqmdata13.sqm
    2008-02-28 08:54 . 2008-02-28 08:54 244 --ah----- C:\sqmnoopt12.sqm
    2008-02-28 08:54 . 2008-02-28 08:54 244 --ah----- C:\sqmdata12.sqm
    2008-02-27 15:04 . 2008-02-27 15:04 <REP> d-------- C:\Program Files\Strategy First
    2008-02-27 12:03 . 2008-02-27 12:03 244 --ah----- C:\sqmnoopt11.sqm
    2008-02-27 12:03 . 2008-02-27 12:03 244 --ah----- C:\sqmdata11.sqm
    2008-02-26 15:10 . 2008-02-26 15:10 244 --ah----- C:\sqmnoopt10.sqm
    2008-02-26 15:10 . 2008-02-26 15:10 244 --ah----- C:\sqmdata10.sqm
    2008-02-24 15:43 . 2008-02-24 15:43 244 --ah----- C:\sqmnoopt09.sqm
    2008-02-24 15:43 . 2008-02-24 15:43 244 --ah----- C:\sqmdata09.sqm
    2008-02-23 10:54 . 2008-02-23 10:54 244 --ah----- C:\sqmnoopt08.sqm
    2008-02-23 10:54 . 2008-02-23 10:54 244 --ah----- C:\sqmdata08.sqm
    2008-02-22 15:10 . 2008-02-22 15:10 244 --ah----- C:\sqmnoopt07.sqm
    2008-02-22 15:10 . 2008-02-22 15:10 244 --ah----- C:\sqmdata07.sqm
    2008-02-19 15:54 . 2008-02-19 15:54 <REP> d-------- C:\Program Files\Bible
    2008-02-18 17:49 . 2008-02-18 17:49 256 --ah----- C:\sqmdata06.sqm
    2008-02-18 17:49 . 2008-02-18 17:49 244 --ah----- C:\sqmnoopt06.sqm
    2008-02-16 20:06 . 2008-02-16 20:06 <REP> d-------- C:\Sierra
    2008-02-16 18:32 . 2008-02-16 18:32 256 --ah----- C:\sqmdata05.sqm
    2008-02-16 18:32 . 2008-02-16 18:32 244 --ah----- C:\sqmnoopt05.sqm
    2008-02-14 03:10 . 2008-02-14 03:10 <REP> d--hs---- C:\FOUND.021
    2008-02-14 03:07 . 2008-02-14 03:07 184 --ah----- C:\sqmdata04.sqm
    2008-02-14 03:07 . 2008-02-14 03:07 172 --ah----- C:\sqmnoopt04.sqm
    2008-02-13 00:22 . 2008-02-13 00:22 256 --ah----- C:\sqmdata03.sqm
    2008-02-13 00:22 . 2008-02-13 00:22 244 --ah----- C:\sqmnoopt03.sqm
    2008-02-09 21:36 . 2008-02-09 21:36 <REP> d-------- C:\Program Files\IKEA HomePlanner
    2008-02-09 21:36 . 2008-02-09 21:36 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-02-16 19:11 4,608 ----a-w C:\WINDOWS\system32\w95inf32.dll
    2008-01-25 19:21 46,300 ----a-w C:\WINDOWS\system32\AdssiteSocial-uninstall.exe
    2008-01-20 16:46 --------- d-----w C:\Program Files\Trend Micro
    2008-01-12 11:54 --------- d-----w C:\Program Files\Audacity
    2008-01-11 05:36 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
    2007-12-21 14:39 10,752 ----a-w C:\WINDOWS\system32\WhoisCL.exe
    2007-12-19 22:53 347,136 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
    2007-12-18 09:51 179,584 ------w C:\WINDOWS\system32\dllcache\mrxdav.sys
    2007-12-08 05:08 3,592,192 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
    2007-12-06 11:03 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
    2007-12-06 11:02 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    2007-12-06 11:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
    2007-12-06 04:59 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
    .

    ((((((((((((((((((((((((((((( snapshot@2008-03-05_13.22.51.60 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2000-08-31 07:00:00 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
    - 2008-03-05 12:20:44 16,384 ----a-w C:\WINDOWS\Temp\Perflib_Perfdata_6e4.dat
    + 2008-03-05 19:34:44 16,384 ----a-w C:\WINDOWS\Temp\Perflib_Perfdata_6e4.dat
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [ ]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-24 03:18 68856]
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [ ]
    "eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [ ]
    "Totocam"="C:\PROGRA~1\ALLOCA~1\allocam.exe" [ ]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" [ ]
    "WINSOS VERIFY"="C:\Program Files\WINSOS\WINSOS.exe" [ ]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "S3Hotkey"="s3hotkey.exe" [2001-09-12 20:27 40960 C:\WINDOWS\system32\s3hotkey.exe]
    "000StTHK"="000StTHK.exe" [2001-06-23 20:28 24576 C:\WINDOWS\system32\000StTHK.exe]
    "Tpwrtray"="TPWRTRAY.EXE" [2002-02-14 15:47 184320 C:\WINDOWS\system32\TPWRTRAY.EXE]
    "TMESRV.EXE"="C:\Program Files\TOSHIBA\EMT3\TMESRV31.exe" [2002-03-01 11:17 122880]
    "TMERzCtl.EXE"="C:\Program Files\TOSHIBA\EMT3\TMERzCtl.exe" [2002-02-04 16:54 77824]
    "TMESBS.EXE"="C:\Program Files\TOSHIBA\EMT3\TMESBS32.exe" [2002-03-01 11:17 65536]
    "TFncKy"="TFncKy.exe" []
    "TFNF5"="TFNF5.exe" [2001-09-04 10:31 69632 C:\WINDOWS\system32\TFNF5.exe]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00 132496]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
    "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe" [2003-03-11 12:08 172032]
    "HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2002-12-17 11:40 49152]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [ ]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06 40048]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 16:09 15360]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoLogOff"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "C:\\Program Files\\LimeWire\\LimeWire.exe"=
    "C:\\Program Files\\Internet Explorer\\iexplore.exe"=
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"=
    "C:\\Program Files\\uTorrent\\uTorrent.exe"=

    R0 tosrfec;Bluetooth ACPI from Toshiba;C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2001-07-13 03:26]
    R0 TVALG;Toshiba Value Added Logical and General Purpose Device Driver;C:\WINDOWS\system32\DRIVERS\TVALG.SYS [2001-09-13 19:53]
    R1 TMEI3E;TMEI3E;C:\WINDOWS\system32\Drivers\TMEI3E.SYS [2002-01-08 14:44]
    R2 AVWEBCAM;AV WebCam, WDM Video Capture;C:\WINDOWS\system32\DRIVERS\avwebcam.sys [2005-11-22 09:28]
    R2 Tmesbs;Tmesbs32;"C:\Program Files\TOSHIBA\EMT3\Tmesbs32.exe" /Service []
    R3 TOSHIBASoftModem;TOSHIBA Software Modem;C:\WINDOWS\system32\DRIVERS\LTSM.sys [2001-09-26 20:34]
    R3 tsdhd;TOSHIBA SD Card Host Controller Driver;C:\WINDOWS\system32\DRIVERS\tsdhd.sys [2002-01-07 01:02]
    S3 ASNDIS5;ASNDIS5 Protocol Driver;C:\WINDOWS\System32\ASNDIS5.SYS [2002-09-09 19:54]
    S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" [2007-08-24 17:30]
    S3 ovt530;Webcam Deluxe;C:\WINDOWS\system32\Drivers\ov530vid.sys []
    S3 pciSd;pciSd;C:\WINDOWS\system32\DRIVERS\tossdpci.sys [2002-01-07 18:16]
    S3 ProtoWall;ProtoWall Defender;C:\WINDOWS\system32\DRIVERS\ProtoWall.sys []
    S3 toslane;Toshiba BT-LANE;C:\WINDOWS\system32\DRIVERS\TOSRFLAN.sys [2002-02-07 16:24]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{50b26c30-b7ec-11dc-bf86-00022d59eff9}]
    \Shell\AutoRun\command - F:\ntde1ect.com
    \Shell\explore\Command - F:\ntde1ect.com
    \Shell\open\Command - F:\ntde1ect.com

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{53590370-7a84-11dc-bf3a-00022d59eff9}]
    \Shell\AutoRun\command - ntde1ect.com
    \Shell\explore\Command - ntde1ect.com
    \Shell\open\Command - ntde1ect.com

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72627af0-a3f6-11dc-bf72-00022d59eff9}]
    \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c8ff0851-bfd0-11d3-beea-806d6172696f}]
    \Shell\AutoRun\command - D:\setupSNK.exe


    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}]
    rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\fpxpress.inf,PerUserstub
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-05 20:34:55
    Windows 5.1.2600 Service Pack 2 FAT NTAPI

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    ------------------------ Other Running Processes ------------------------
    .
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    .
    **************************************************************************
    .
    Temps d'accomplissement: 2008-03-05 20:36:40 - machine was rebooted
    ComboFix4.txt 2008-01-20 18:59:34
    ComboFix-quarantined-files.txt 2008-03-05 19:36:38
    ComboFix3.txt 2008-03-05 12:23:18
    ComboFix2.txt 2008-03-05 17:44:46
    .
    2008-02-29 06:13:55 --- E O F ---
    a b 8 Sécurité
    6 Mars 2008 13:22:23

    Refais un scan Hijackthis.
    11 Mars 2008 05:41:57

    ok désolé pour mon absence. Voici le nouveau Hijackthis:
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 05:41, on 2008-03-11
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TOSHIBA\EMT3\Tmesbs32.exe
    C:\Program Files\TOSHIBA\EMT3\Tmesrv31.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\s3hotkey.exe
    C:\WINDOWS\system32\TPWRTRAY.EXE
    C:\Program Files\TOSHIBA\EMT3\TMERzCtl.EXE
    C:\Program Files\TOSHIBA\EMT3\TMESBS32.EXE
    C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
    C:\WINDOWS\system32\TFNF5.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Easy Gif Animator Toolbar Helper - {96372AB6-15EB-4316-B497-71C741BC548C} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.0\EasyGifAnimator_Toolbar.dll
    O2 - BHO: ads_optimizer - {9C8A568E-4201-478a-8536-526CF371D2E2} - C:\WINDOWS\system32\nspD.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.0\EasyGifAnimator_Toolbar.dll
    O4 - HKLM\..\Run: [S3Hotkey] s3hotkey.exe
    O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
    O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
    O4 - HKLM\..\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\EMT3\TMESRV31.EXE /Logon
    O4 - HKLM\..\Run: [TMERzCtl.EXE] C:\Program Files\TOSHIBA\EMT3\TMERzCtl.EXE /Service
    O4 - HKLM\..\Run: [TMESBS.EXE] C:\Program Files\TOSHIBA\EMT3\TMESBS32.EXE /Client
    O4 - HKLM\..\Run: [TFncKy] TFncKy.exe /Type 02
    O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
    O4 - HKCU\..\Run: [Totocam] C:\PROGRA~1\ALLOCA~1\allocam.exe 1
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [WINSOS VERIFY] "C:\Program Files\WINSOS\WINSOS.EXE" MINI
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)
    O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts...
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (file missing)
    O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe (file missing)
    O23 - Service: Tmesbs32 (Tmesbs) - TOSHIBA Corporation test - C:\Program Files\TOSHIBA\EMT3\Tmesbs32.exe
    O23 - Service: Tmesrv3 (Tmesrv) - Toshiba - C:\Program Files\TOSHIBA\EMT3\Tmesrv31.exe

    --
    End of file - 9345 bytes
    a b 8 Sécurité
    11 Mars 2008 12:24:46

    Re,

    [#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    File::
    C:\WINDOWS\system32\AdssiteSocial-uninstall.exe
    C:\WINDOWS\system32\nspD.dll

    Folder::
    C:\FOUND.000
    C:\FOUND.021
    C:\Program Files\WINSOS

    Registry::
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "WINSOS VERIFY"=-


    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


    Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
    [#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
    21 Mars 2008 12:52:45

    désolé pour ma longue absence.voici le nouveau rapport combofix
    ComboFix 08-03-20.5 - Administrateur 2008-03-21 12:38:51.6 - FAT32x86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.209 [GMT 1:00]
    Endroit: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\Administrateur\Bureau\CFScript.txt
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

    FILE ::
    C:\WINDOWS\system32\AdssiteSocial-uninstall.exe
    C:\WINDOWS\system32\nspD.dll
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\Administrateur\Application Data\urlredir.cfg
    C:\FOUND.000
    C:\FOUND.000\FILE0000.CHK
    C:\FOUND.000\FILE0001.CHK
    C:\FOUND.000\FILE0002.CHK
    C:\FOUND.000\FILE0003.CHK
    C:\FOUND.000\FILE0004.CHK
    C:\FOUND.021
    C:\FOUND.021\FILE0000.CHK
    C:\FOUND.021\FILE0001.CHK
    C:\FOUND.021\FILE0002.CHK
    C:\FOUND.021\FILE0003.CHK
    C:\FOUND.021\FILE0004.CHK
    C:\FOUND.021\FILE0005.CHK
    C:\FOUND.021\FILE0006.CHK
    C:\FOUND.021\FILE0007.CHK
    C:\FOUND.021\FILE0008.CHK
    C:\FOUND.021\FILE0009.CHK
    C:\WINDOWS\system32\adssite-remove.exe
    C:\WINDOWS\system32\AdssiteSocial-uninstall.exe

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-02-21 to 2008-03-21 ))))))))))))))))))))))))))))))))))))
    .

    2008-03-21 12:23 . 2001-08-23 17:20 18,432 --a------ C:\WINDOWS\system32\drivers\sermouse.sys
    2008-03-21 12:23 . 2001-08-23 17:20 18,432 --a------ C:\WINDOWS\system32\dllcache\sermouse.sys
    2008-03-20 20:01 . 2007-10-24 01:47 282,112 --a------ C:\WINDOWS\system32\TBD84.tmp
    2008-03-19 21:13 . 2008-03-19 21:13 <REP> d--hs---- C:\FOUND.002
    2008-03-14 04:01 . 2008-03-14 04:01 <REP> d-------- C:\dell
    2008-03-09 16:34 . 2008-03-09 16:34 244 --ah----- C:\sqmnoopt19.sqm
    2008-03-09 16:34 . 2008-03-09 16:34 244 --ah----- C:\sqmdata19.sqm
    2008-03-09 07:50 . 2008-03-09 07:50 244 --ah----- C:\sqmnoopt18.sqm
    2008-03-09 07:50 . 2008-03-09 07:50 244 --ah----- C:\sqmdata18.sqm
    2008-03-08 21:39 . 2008-03-08 21:39 244 --ah----- C:\sqmnoopt17.sqm
    2008-03-08 21:39 . 2008-03-08 21:39 244 --ah----- C:\sqmdata17.sqm
    2008-03-08 19:08 . 2008-03-08 19:08 <REP> d--hs---- C:\FOUND.001
    2008-03-05 12:55 . 2008-03-05 12:55 <REP> d-------- C:\Program Files\uTorrent
    2008-03-05 12:26 . 2008-03-05 12:26 244 --ah----- C:\sqmnoopt16.sqm
    2008-03-05 12:26 . 2008-03-05 12:26 244 --ah----- C:\sqmdata16.sqm
    2008-03-02 19:21 . 2008-03-02 19:21 <REP> d-------- C:\vcs5BGEffects
    2008-03-02 19:14 . 2008-03-02 19:14 <REP> d-------- C:\Program Files\AV Vcs 6.0 DIAMOND
    2008-03-01 19:22 . 2008-03-01 19:22 244 --ah----- C:\sqmnoopt15.sqm
    2008-03-01 19:22 . 2008-03-01 19:22 244 --ah----- C:\sqmdata15.sqm
    2008-02-29 20:45 . 2008-02-29 20:45 244 --ah----- C:\sqmnoopt14.sqm
    2008-02-29 20:45 . 2008-02-29 20:45 244 --ah----- C:\sqmdata14.sqm
    2008-02-29 19:39 . 2008-02-29 19:39 244 --ah----- C:\sqmnoopt13.sqm
    2008-02-29 19:39 . 2008-02-29 19:39 244 --ah----- C:\sqmdata13.sqm
    2008-02-28 08:54 . 2008-02-28 08:54 244 --ah----- C:\sqmnoopt12.sqm
    2008-02-28 08:54 . 2008-02-28 08:54 244 --ah----- C:\sqmdata12.sqm
    2008-02-27 15:04 . 2008-02-27 15:04 <REP> d-------- C:\Program Files\Strategy First
    2008-02-27 12:03 . 2008-02-27 12:03 244 --ah----- C:\sqmnoopt11.sqm
    2008-02-27 12:03 . 2008-02-27 12:03 244 --ah----- C:\sqmdata11.sqm
    2008-02-26 15:10 . 2008-02-26 15:10 244 --ah----- C:\sqmnoopt10.sqm
    2008-02-26 15:10 . 2008-02-26 15:10 244 --ah----- C:\sqmdata10.sqm
    2008-02-24 15:43 . 2008-02-24 15:43 244 --ah----- C:\sqmnoopt09.sqm
    2008-02-24 15:43 . 2008-02-24 15:43 244 --ah----- C:\sqmdata09.sqm
    2008-02-23 10:54 . 2008-02-23 10:54 244 --ah----- C:\sqmnoopt08.sqm
    2008-02-23 10:54 . 2008-02-23 10:54 244 --ah----- C:\sqmdata08.sqm
    2008-02-22 15:10 . 2008-02-22 15:10 244 --ah----- C:\sqmnoopt07.sqm
    2008-02-22 15:10 . 2008-02-22 15:10 244 --ah----- C:\sqmdata07.sqm

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-02-19 14:54 --------- d-----w C:\Program Files\Bible
    2008-02-16 19:11 4,608 ----a-w C:\WINDOWS\system32\w95inf32.dll
    2008-02-09 20:36 --------- d-----w C:\Program Files\IKEA HomePlanner
    2008-02-09 20:36 --------- d-----w C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-02-07 16:49 80,896 ----a-w C:\WINDOWS\system32\nsd5A.dll
    2008-01-11 05:36 44,544 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
    2007-12-21 14:39 10,752 ----a-w C:\WINDOWS\system32\WhoisCL.exe
    .

    ((((((((((((((((((((((((((((( snapshot@2008-03-05_13.22.51.60 )))))))))))))))))))))))))))))))))))))))))
    .
    - 2008-03-01 11:01:08 69,120 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
    + 2008-03-20 19:00:02 69,120 ----a-w C:\WINDOWS\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
    - 2008-03-01 11:01:52 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
    + 2008-03-20 19:00:10 72,192 ----a-w C:\WINDOWS\assembly\GAC_32\ISymWrapper\2.0.0.0__b03f5f7f11d50a3a\ISymWrapper.dll
    - 2008-03-01 10:59:08 4,444,160 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
    + 2008-03-20 18:59:44 4,444,160 ----a-w C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll
    - 2008-03-01 11:02:20 483,840 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
    + 2008-03-20 19:00:10 483,840 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data.OracleClient\2.0.0.0__b77a5c561934e089\System.Data.OracleClient.dll
    - 2008-03-01 11:00:08 3,036,160 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
    + 2008-03-20 18:59:52 3,036,160 ----a-w C:\WINDOWS\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll
    - 2008-03-01 11:03:42 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
    + 2008-03-20 19:00:14 258,048 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.dll
    - 2008-03-01 11:03:44 113,664 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
    + 2008-03-20 19:00:14 113,664 ----a-w C:\WINDOWS\assembly\GAC_32\System.EnterpriseServices\2.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
    - 2008-03-01 11:01:56 261,120 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
    + 2008-03-20 19:00:10 261,120 ----a-w C:\WINDOWS\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll
    - 2008-03-01 10:59:52 5,431,296 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
    + 2008-03-20 18:59:50 5,431,296 ----a-w C:\WINDOWS\assembly\GAC_32\System.Web\2.0.0.0__b03f5f7f11d50a3a\System.Web.dll
    - 2008-03-01 11:00:50 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
    + 2008-03-20 18:59:58 10,752 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Accessibility\2.0.0.0__b03f5f7f11d50a3a\Accessibility.dll
    - 2008-03-01 10:59:58 507,904 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
    + 2008-03-20 18:59:50 507,904 ----a-w C:\WINDOWS\assembly\GAC_MSIL\AspNetMMCExt\2.0.0.0__b03f5f7f11d50a3a\AspNetMMCExt.dll
    - 2008-03-01 11:01:06 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
    + 2008-03-20 19:00:00 13,312 ----a-w C:\WINDOWS\assembly\GAC_MSIL\cscompmgd\8.0.0.0__b03f5f7f11d50a3a\cscompmgd.dll
    - 2008-03-01 11:01:28 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
    + 2008-03-20 19:00:04 8,192 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEExecRemote\2.0.0.0__b03f5f7f11d50a3a\IEExecRemote.dll
    - 2008-03-01 11:01:34 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
    + 2008-03-20 19:00:06 77,824 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IEHost\2.0.0.0__b03f5f7f11d50a3a\IEHost.dll
    - 2008-03-01 11:01:36 6,656 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
    + 2008-03-20 19:00:06 6,656 ----a-w C:\WINDOWS\assembly\GAC_MSIL\IIEHost\2.0.0.0__b03f5f7f11d50a3a\IIEHost.dll
    - 2008-03-01 11:04:16 348,160 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
    + 2008-03-20 19:00:14 348,160 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Build.Engine\2.0.0.0__b03f5f7f11d50a3a\Microsoft.Build.Engine.dll
    - 2008-03-01 11:01:40 749,568 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
    + 2008-03-20 19:00:08 749,568 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.JScript\8.0.0.0__b03f5f7f11d50a3a\Microsoft.JScript.dll
    - 2008-03-01 11:01:30 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
    + 2008-03-20 19:00:06 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility.Data\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.Data.dll
    - 2008-03-01 11:01:24 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
    + 2008-03-20 19:00:04 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Compatibility\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Compatibility.dll
    - 2008-03-01 11:02:28 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
    + 2008-03-20 19:00:12 28,672 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.Vsa.dll
    - 2008-03-01 11:01:18 671,744 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
    + 2008-03-20 19:00:04 671,744 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualBasic\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualBasic.dll
    - 2008-03-01 10:59:26 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
    + 2008-03-20 18:59:46 5,632 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.VisualC\8.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualC.Dll
    - 2008-03-01 11:03:14 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
    + 2008-03-20 19:00:12 12,800 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa.Vb.CodeDOMProcessor\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.Vb.CodeDOMProcessor.dll
    - 2008-03-01 11:01:14 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
    + 2008-03-20 19:00:02 32,768 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Vsa\8.0.0.0__b03f5f7f11d50a3a\Microsoft.Vsa.dll
    - 2008-03-01 11:01:12 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
    + 2008-03-20 19:00:02 7,168 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft_VsaVb\8.0.0.0__b03f5f7f11d50a3a\Microsoft_VsaVb.dll
    - 2008-03-01 11:01:46 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
    + 2008-03-20 19:00:08 110,592 ----a-w C:\WINDOWS\assembly\GAC_MSIL\sysglobl\2.0.0.0__b03f5f7f11d50a3a\sysglobl.dll
    - 2008-03-01 11:01:50 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
    + 2008-03-20 19:00:08 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration.Install\2.0.0.0__b03f5f7f11d50a3a\System.Configuration.Install.dll
    - 2008-03-01 11:00:04 425,984 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
    + 2008-03-20 18:59:52 425,984 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Configuration\2.0.0.0__b03f5f7f11d50a3a\System.configuration.dll
    - 2008-03-01 11:00:16 741,376 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
    + 2008-03-20 18:59:54 741,376 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Data.SqlXml\2.0.0.0__b77a5c561934e089\System.Data.SqlXml.dll
    - 2008-03-01 11:00:22 933,888 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
    + 2008-03-20 18:59:54 933,888 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Deployment\2.0.0.0__b03f5f7f11d50a3a\System.Deployment.dll
    - 2008-03-01 11:00:52 401,408 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
    + 2008-03-20 18:59:58 401,408 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.DirectoryServices\2.0.0.0__b03f5f7f11d50a3a\System.DirectoryServices.dll
    - 2008-03-01 11:02:40 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
    + 2008-03-20 19:00:12 81,920 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing.Design\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.Design.dll
    - 2008-03-01 10:59:30 630,784 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
    + 2008-03-20 18:59:46 630,784 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Drawing\2.0.0.0__b03f5f7f11d50a3a\System.Drawing.dll
    - 2008-03-01 11:03:26 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
    + 2008-03-20 19:00:14 372,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Management\2.0.0.0__b03f5f7f11d50a3a\System.Management.dll
    - 2008-03-01 11:02:34 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
    + 2008-03-20 19:00:12 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Messaging\2.0.0.0__b03f5f7f11d50a3a\System.Messaging.dll
    - 2008-03-01 11:02:04 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
    + 2008-03-20 19:00:10 299,008 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Remoting\2.0.0.0__b77a5c561934e089\System.Runtime.Remoting.dll
    - 2008-03-01 11:02:00 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
    + 2008-03-20 19:00:10 131,072 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Runtime.Serialization.Formatters.Soap\2.0.0.0__b03f5f7f11d50a3a\System.Runtime.Serialization.Formatters.Soap.dll
    - 2008-03-01 10:59:36 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
    + 2008-03-20 18:59:48 258,048 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Security\2.0.0.0__b03f5f7f11d50a3a\System.Security.dll
    - 2008-03-01 10:59:40 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
    + 2008-03-20 18:59:48 114,688 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.ServiceProcess\2.0.0.0__b03f5f7f11d50a3a\System.ServiceProcess.dll
    - 2008-03-01 11:00:40 884,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
    + 2008-03-20 18:59:56 884,736 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Mobile\2.0.0.0__b03f5f7f11d50a3a\System.Web.Mobile.dll
    - 2008-03-01 11:00:46 90,112 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
    + 2008-03-20 18:59:58 90,112 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.RegularExpressions\2.0.0.0__b03f5f7f11d50a3a\System.Web.RegularExpressions.dll
    - 2008-03-01 11:00:34 839,680 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
    + 2008-03-20 18:59:56 839,680 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Web.Services\2.0.0.0__b03f5f7f11d50a3a\System.Web.Services.dll
    - 2008-03-01 11:00:58 5,013,504 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
    + 2008-03-20 19:00:00 5,013,504 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Windows.Forms\2.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
    - 2008-03-01 10:59:44 2,068,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
    + 2008-03-20 18:59:48 2,068,480 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System.Xml\2.0.0.0__b77a5c561934e089\System.XML.dll
    - 2008-03-01 11:00:28 3,076,096 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
    + 2008-03-20 18:59:54 3,076,096 ----a-w C:\WINDOWS\assembly\GAC_MSIL\System\2.0.0.0__b77a5c561934e089\System.dll
    + 2000-08-31 07:00:00 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
    - 2008-02-28 08:27:18 29,926 ----a-r C:\WINDOWS\Installer\{BADF6744-3787-48F6-B8C9-4C4995401D65}\MsblIco.Exe
    + 2008-03-05 20:05:24 29,926 ----a-r C:\WINDOWS\Installer\{BADF6744-3787-48F6-B8C9-4C4995401D65}\MsblIco.Exe
    + 2008-03-05 20:06:16 86,746 ----a-r C:\WINDOWS\Installer\{C514C594-23AA-4F13-A070-DB8BDB27594F}\wlmail.exe
    - 2008-02-04 23:09:46 18,214,008 ----a-w C:\WINDOWS\system32\MRT.exe
    + 2008-03-05 16:30:54 19,148,408 ----a-w C:\WINDOWS\system32\MRT.exe
    + 2007-10-18 10:31:46 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
    + 2008-03-19 20:13:56 16,384 ----a-w C:\WINDOWS\Temp\Perflib_Perfdata_74c.dat
    .
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Uniblue RegistryBooster 2"="C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [ ]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 16:09 15360]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-24 03:18 68856]
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
    "eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [ ]
    "Totocam"="C:\PROGRA~1\ALLOCA~1\allocam.exe" [ ]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe" [ ]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "S3Hotkey"="s3hotkey.exe" [2001-09-12 20:27 40960 C:\WINDOWS\system32\s3hotkey.exe]
    "000StTHK"="000StTHK.exe" [2001-06-23 20:28 24576 C:\WINDOWS\system32\000StTHK.exe]
    "Tpwrtray"="TPWRTRAY.EXE" [2002-02-14 15:47 184320 C:\WINDOWS\system32\TPWRTRAY.EXE]
    "TMESRV.EXE"="C:\Program Files\TOSHIBA\EMT3\TMESRV31.exe" [2002-03-01 11:17 122880]
    "TMERzCtl.EXE"="C:\Program Files\TOSHIBA\EMT3\TMERzCtl.exe" [2002-02-04 16:54 77824]
    "TMESBS.EXE"="C:\Program Files\TOSHIBA\EMT3\TMESBS32.exe" [2002-03-01 11:17 65536]
    "TFncKy"="TFncKy.exe" []
    "TFNF5"="TFNF5.exe" [2001-09-04 10:31 69632 C:\WINDOWS\system32\TFNF5.exe]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00 132496]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
    "HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe" [2003-03-11 12:08 172032]
    "HP Software Update"="C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe" [2002-12-17 11:40 49152]
    "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [ ]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06 40048]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 16:09 15360]

    C:\Documents and Settings\Administrateur\Menu D‚marrer\Programmes\D‚marrage\
    OpenOffice.org 2.3.lnk - C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe [2007-08-17 22:57:56 393216]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoLogOff"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "C:\\Program Files\\LimeWire\\LimeWire.exe"=
    "C:\\Program Files\\Internet Explorer\\iexplore.exe"=
    "C:\\Program Files\\Skype\\Phone\\Skype.exe"=
    "C:\\Program Files\\uTorrent\\uTorrent.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

    R0 tosrfec;Bluetooth ACPI from Toshiba;C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2001-07-13 03:26]
    R0 TVALG;Toshiba Value Added Logical and General Purpose Device Driver;C:\WINDOWS\system32\DRIVERS\TVALG.SYS [2001-09-13 19:53]
    R1 TMEI3E;TMEI3E;C:\WINDOWS\system32\Drivers\TMEI3E.SYS [2002-01-08 14:44]
    R2 AVWEBCAM;AV WebCam, WDM Video Capture;C:\WINDOWS\system32\DRIVERS\avwebcam.sys [2005-11-22 09:28]
    R2 Tmesbs;Tmesbs32;"C:\Program Files\TOSHIBA\EMT3\Tmesbs32.exe" /Service []
    R3 TOSHIBASoftModem;TOSHIBA Software Modem;C:\WINDOWS\system32\DRIVERS\LTSM.sys [2001-09-26 20:34]
    R3 tsdhd;TOSHIBA SD Card Host Controller Driver;C:\WINDOWS\system32\DRIVERS\tsdhd.sys [2002-01-07 01:02]
    S3 ASNDIS5;ASNDIS5 Protocol Driver;C:\WINDOWS\System32\ASNDIS5.SYS [2002-09-09 19:54]
    S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" [2007-08-24 17:30]
    S3 ovt530;Webcam Deluxe;C:\WINDOWS\system32\Drivers\ov530vid.sys []
    S3 pciSd;pciSd;C:\WINDOWS\system32\DRIVERS\tossdpci.sys [2002-01-07 18:16]
    S3 ProtoWall;ProtoWall Defender;C:\WINDOWS\system32\DRIVERS\ProtoWall.sys []
    S3 toslane;Toshiba BT-LANE;C:\WINDOWS\system32\DRIVERS\TOSRFLAN.sys [2002-02-07 16:24]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{50b26c30-b7ec-11dc-bf86-00022d59eff9}]
    \Shell\AutoRun\command - F:\ntde1ect.com
    \Shell\explore\Command - F:\ntde1ect.com
    \Shell\open\Command - F:\ntde1ect.com

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{53590370-7a84-11dc-bf3a-00022d59eff9}]
    \Shell\AutoRun\command - ntde1ect.com
    \Shell\explore\Command - ntde1ect.com
    \Shell\open\Command - ntde1ect.com

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{60394df0-ed9b-11dc-bfc5-00022d59eff9}]
    \Shell\Auto\command - wscript "esta ig.vbs"
    \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript "esta ig.vbs"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72627af0-a3f6-11dc-bf72-00022d59eff9}]
    \Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c8ff0851-bfd0-11d3-beea-806d6172696f}]
    \Shell\AutoRun\command - D:\setupSNK.exe


    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}]
    rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\fpxpress.inf,PerUserstub
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-21 12:41:12
    Windows 5.1.2600 Service Pack 2 FAT NTAPI

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-03-21 12:41:41
    ComboFix5.txt 2008-01-20 18:59:34
    ComboFix-quarantined-files.txt 2008-03-21 11:41:38
    ComboFix4.txt 2008-03-05 12:23:18
    ComboFix3.txt 2008-03-05 17:44:46
    ComboFix2.txt 2008-03-05 19:36:42
    .
    2008-03-20 19:01:40 --- E O F ---


    et voici le rapport hijackthis

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:51, on 2008-03-21
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\s3hotkey.exe
    C:\WINDOWS\system32\TPWRTRAY.EXE
    C:\Program Files\TOSHIBA\EMT3\TMERzCtl.EXE
    C:\Program Files\TOSHIBA\EMT3\TMESBS32.EXE
    C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
    C:\WINDOWS\system32\TFNF5.exe
    C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TOSHIBA\EMT3\Tmesbs32.exe
    C:\Program Files\TOSHIBA\EMT3\Tmesrv31.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\LimeWire\LimeWire.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.msn.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O2 - BHO: Easy Gif Animator Toolbar Helper - {96372AB6-15EB-4316-B497-71C741BC548C} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.0\EasyGifAnimator_Toolbar.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.0\EasyGifAnimator_Toolbar.dll
    O4 - HKLM\..\Run: [S3Hotkey] s3hotkey.exe
    O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
    O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
    O4 - HKLM\..\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\EMT3\TMESRV31.EXE /Logon
    O4 - HKLM\..\Run: [TMERzCtl.EXE] C:\Program Files\TOSHIBA\EMT3\TMERzCtl.EXE /Service
    O4 - HKLM\..\Run: [TMESBS.EXE] C:\Program Files\TOSHIBA\EMT3\TMESBS32.EXE /Client
    O4 - HKLM\..\Run: [TFncKy] TFncKy.exe /Type 02
    O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
    O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
    O4 - HKCU\..\Run: [Totocam] C:\PROGRA~1\ALLOCA~1\allocam.exe 1
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMBgMonitor.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
    O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)
    O9 - Extra 'Tools' menuitem: Allocam Multi Vision - {2D6B57BF-71FA-41A3-BDC5-3B5A25813D2E} - C:\PROGRA~1\ALLOCA~1\allocam.exe (file missing) (HKCU)
    O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts...
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (file missing)
    O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe (file missing)
    O23 - Service: Tmesbs32 (Tmesbs) - TOSHIBA Corporation test - C:\Program Files\TOSHIBA\EMT3\Tmesbs32.exe
    O23 - Service: Tmesrv3 (Tmesrv) - Toshiba - C:\Program Files\TOSHIBA\EMT3\Tmesrv31.exe

    --
    End of file - 9080 bytes
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS