Se connecter / S'enregistrer
Votre question

Ordinateur infecté par le Win32:TratBHO [trj]

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
13 Février 2008 14:55:10

Je vous demande en aide puisque mon PC est infectée par le Win32 et j'aimerais bien m'en débarrasser. Merci d'avance et j'espère que vous pourriez m'aider a résoudre ce problème ;) 

Autres pages sur : ordinateur infecte win32 tratbho trj

a b 8 Sécurité
13 Février 2008 15:08:10

Un bonjour ?

Télécharge puis installe Hijackthis (Trend Micro).
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
13 Février 2008 15:10:56

Bonjour Angeldark, voila le scan Hijackthis :

Logfile of HijackThis v1.99.1
Scan saved at 15:09, on 2008-02-13
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ATKKBService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\program files\internet explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Mi©K\Bureau\kav7.0.1.321.fr.01NET.exe
C:\Program Files\LClock\lclock.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\Program Files\Scanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [combofix] C:\WINDOWS\system32\kmd.exe /c C:\ComboFix\Combobatch.bat
O4 - HKLM\..\RunOnce: [avp6_post_install] msiexec.exe /i"C:\DOCUME~1\MIK~1\LOCALS~1\Temp\KAV7.0.1.321\kav7.0.1.321fr.msi"
O4 - HKCU\..\Run: [MsnMsgr] "C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe" /background
O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\lclock.exe
O4 - HKCU\..\Run: [tr_winamp] C:\Program Files\Winamp\winamp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Transfert par Image Converter 3 - C:\PROGRAM FILES\SONY\IMAGE CONVERTER 3\menu.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: nnnnmmj - nnnnmmj.dll (file missing)
O20 - Winlogon Notify: scredir32 - C:\WINDOWS\SYSTEM32\scredir32.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe
O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe


Merci pour ton aide
Contenus similaires
a b 8 Sécurité
13 Février 2008 15:12:35

Re,

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
  • Double-clique VundoFix.exe afin de le lancer
  • Clique sur le bouton Scan for Vundo
  • Lorsque le scan est complété, clique sur le bouton Remove Vundo
  • Une invite te demandera si tu veux supprimer les fichiers, clique YES
  • Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
  • Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK
  • Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse
    Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".
    13 Février 2008 15:17:27

    Re,
    excuse moi mais le lien pour VundoFix.exe est mort. Je fais comment?
    a b 8 Sécurité
    13 Février 2008 15:28:32

    Ok, on va faire autrement.

    [#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

  • Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur combofix.exe afin de le lancer.
  • Tape sur la touche 1 (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
    13 Février 2008 15:33:34

    C'est bon j'ai trouvé VundoFix a un autre endroit, voici le scan :


    VundoFix V6.5.4

    Checking Java version...

    Sun Java not detected
    Scan started at 15:29:41 Mick 2008-02-13

    Listing files found while scanning....

    No infected files were found.


    Beginning removal...


    Le second scan hijackthis :

    Logfile of HijackThis v1.99.1
    Scan saved at 15:33, on 2008-02-13
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\Program Files\MessengerPlus! 3\MsgPlus.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\ATKKBService.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\program files\internet explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Documents and Settings\Mi©K\Bureau\kav7.0.1.321.fr.01NET.exe
    C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
    C:\Program Files\Scanner.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [combofix] C:\WINDOWS\system32\kmd.exe /c C:\ComboFix\Combobatch.bat
    O4 - HKLM\..\RunOnce: [avp6_post_install] msiexec.exe /i"C:\DOCUME~1\MIK~1\LOCALS~1\Temp\KAV7.0.1.321\kav7.0.1.321fr.msi"
    O4 - HKCU\..\Run: [MsnMsgr] "C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\lclock.exe
    O4 - HKCU\..\Run: [tr_winamp] C:\Program Files\Winamp\winamp.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
    O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
    O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Transfert par Image Converter 3 - C:\PROGRAM FILES\SONY\IMAGE CONVERTER 3\menu.htm
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - Winlogon Notify: nnnnmmj - nnnnmmj.dll (file missing)
    O20 - Winlogon Notify: scredir32 - C:\WINDOWS\SYSTEM32\scredir32.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe
    O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

    Encore merci ... :) 
    a b 8 Sécurité
    13 Février 2008 15:37:42

    Combofix :) 
    13 Février 2008 15:48:29

    Voici le log comboFix :

    ComboFix 08-02-13.2 - Mi©K 2008-02-13 15:36:16.3 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.541 [GMT 1:00]
    Endroit: C:\Documents and Settings\Mi©K\Bureau\ComboFix.exe

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
    C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat

    ----- BITS: Possible sites infectés -----

    hxxp://au.download.windowsupdateõj+|Cü¤Ì›v÷+È@™JŸ:®½‰NêGD_©½ºD˜QÄ{¶ÀzÎtçÒ»ÌHžG†.XóÆéOFXß”ŒJ”MŽG—†n‘WU Client Download S-1-5-18`€HT4?? 6ÚVwoQZC¬¬D¢HÿóMwC:\WINDOWS\SoftwareDistribution\Download\c8378ccca1581319d7b7f3a9d1188607\download\WindowsXP-KB891781-x86-FRA.psf.blob†
    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-01-13 to 2008-02-13 ))))))))))))))))))))))))))))))))))))
    .

    2008-02-13 15:29 . 2008-02-13 15:29 <REP> d-------- C:\VundoFix Backups
    2008-02-13 14:35 . 2008-02-13 14:35 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
    2008-02-13 14:35 . 2008-02-13 14:35 <REP> d--h----- C:\kleaner.tmp
    2008-02-13 14:31 . 2008-02-13 14:31 <REP> d-------- C:\WINDOWS\LastGood
    2008-02-13 14:07 . 2008-02-13 14:18 60,416 --a------ C:\WINDOWS\system32\drivers\ComboFix.sys
    2008-02-13 14:01 . 2006-03-02 13:00 428,032 --a------ C:\kmd.exe
    2008-02-10 14:10 . 2008-02-10 14:10 <REP> d-------- C:\Program Files\id Software
    2008-02-10 13:05 . 2008-02-10 13:46 1,466,368 --a------ C:\WINDOWS\system32\WinSpooler.exe
    2008-02-10 11:38 . 2008-02-10 11:38 <REP> d--hs---- C:\WINDOWS\ftpcache
    2008-02-10 11:09 . 2008-02-10 11:09 319 --a------ C:\WINDOWS\game.ini
    2008-02-10 11:05 . 2008-02-10 11:05 <REP> d-------- C:\Program Files\Activision
    2008-02-10 10:37 . 2008-02-10 10:37 <REP> d-------- C:\Documents and Settings\Mi©K\Application Data\VadeRetro
    2008-02-10 10:37 . 2007-08-14 23:16 1,335,296 --a------ C:\WINDOWS\system32\msxml6.dll
    2008-02-10 10:37 . 2007-08-14 23:16 2,048 --a------ C:\WINDOWS\system32\msxml6r.dll
    2008-02-10 10:36 . 2008-02-10 10:36 <REP> d-------- C:\Program Files\Goto Software
    2008-02-10 10:36 . 2008-02-10 10:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\VadeRetro
    2008-02-10 10:36 . 1999-02-22 16:46 148,992 --a------ C:\WINDOWS\UNWISE.EXE
    2008-02-10 10:36 . 1998-12-23 08:19 5,891 --a------ C:\WINDOWS\UNWISE.INI
    2008-02-04 20:22 . 2008-02-04 20:22 <REP> d-------- C:\WINDOWS\Mozilla
    2008-02-04 20:22 . 2008-02-04 20:22 <REP> d-------- C:\Documents and Settings\Mi©K\Application Data\fltk.org
    2008-02-03 17:49 . 2008-02-13 14:20 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
    2008-02-03 17:49 . 2008-02-10 13:48 37,888 --a------ C:\WINDOWS\system32\rar.exe
    2008-02-03 14:35 . 2008-02-03 14:35 <REP> d-------- C:\Fichier texte
    2008-02-03 13:37 . 2007-09-06 12:09 801,144 --a------ C:\WINDOWS\system32\aswBoot.exe
    2008-02-03 13:37 . 2004-01-09 11:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
    2008-02-03 13:37 . 2007-09-06 12:00 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
    2008-02-03 13:37 . 2007-09-06 12:05 92,848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
    2008-02-03 12:01 . 2008-02-03 12:03 <REP> d-------- C:\Program Files\Serious Sam 2
    2008-02-02 15:11 . 2008-02-02 15:11 <REP> d-------- C:\Program Files\Lavasoft
    2008-02-02 15:11 . 2008-02-02 15:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-02-02 15:09 . 2008-02-02 15:10 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-01-30 17:20 . 2008-01-30 17:20 <REP> d-------- C:\Program Files\K-Lite Codec Pack
    2008-01-30 17:20 . 2007-11-29 23:30 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
    2008-01-30 17:20 . 2007-12-04 02:33 682,496 --a------ C:\WINDOWS\system32\divx.dll
    2008-01-30 17:20 . 2006-09-24 16:11 389,120 --a------ C:\WINDOWS\system32\lameACM.acm
    2008-01-30 17:20 . 2004-01-25 17:18 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
    2008-01-30 17:20 . 2007-09-04 17:56 164,352 --a------ C:\WINDOWS\system32\unrar.dll
    2008-01-30 17:20 . 2007-09-21 01:52 118,784 --a------ C:\WINDOWS\system32\ac3acm.acm
    2008-01-30 17:20 . 2007-11-29 23:28 81,920 --a------ C:\WINDOWS\system32\dpl100.dll
    2008-01-30 17:20 . 2007-12-24 13:49 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll
    2008-01-30 17:20 . 2007-07-10 17:10 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest
    2008-01-30 17:20 . 2007-10-03 16:03 414 --a------ C:\WINDOWS\system32\lame_acm.xml
    2008-01-26 19:45 . 2008-01-26 19:46 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\Winamp
    2008-01-26 19:45 . 2008-01-26 19:45 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\MiniLyrics
    2008-01-25 18:08 . 2008-01-25 18:08 <REP> d-------- C:\Program Files\Windows Media Connect 2
    2008-01-25 18:07 . 2008-01-25 18:07 <REP> d-------- C:\WINDOWS\system32\LogFiles
    2008-01-25 18:07 . 2008-01-25 18:07 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
    2008-01-25 16:57 . 2008-01-25 16:57 <REP> d-------- C:\Documents and Settings\Alexis\Contacts
    2008-01-24 21:17 . 2008-01-24 21:19 <REP> d-------- C:\Program Files\TVAnts
    2008-01-23 17:10 . 2008-01-06 12:45 <REP> d--h----- C:\Documents and Settings\Alexis\Voisinage réseau
    2008-01-23 17:10 . 2008-01-06 12:45 <REP> d--h----- C:\Documents and Settings\Alexis\Voisinage d'impression
    2008-01-23 17:10 . 2008-01-06 12:37 <REP> d--h----- C:\Documents and Settings\Alexis\Modèles
    2008-01-23 17:10 . 2008-02-02 21:31 <REP> d---s---- C:\Documents and Settings\Alexis\Mes documents
    2008-01-23 17:10 . 2008-01-06 12:45 <REP> dr------- C:\Documents and Settings\Alexis\Menu Démarrer
    2008-01-23 17:10 . 2008-01-23 17:10 <REP> d---s---- C:\Documents and Settings\Alexis\Favoris
    2008-01-23 17:10 . 2008-02-03 18:37 <REP> d-------- C:\Documents and Settings\Alexis\Bureau
    2008-01-22 20:23 . 2008-01-22 20:23 <REP> d-------- C:\Program Files\Everest Ultimate Edition 2007
    2008-01-22 20:22 . 2008-01-22 20:22 <REP> d-------- C:\Program Files\Lavalys
    2008-01-20 18:34 . 2008-01-20 18:36 <REP> d-------- C:\WINDOWS\NV3348528.TMP
    2008-01-20 18:34 . 2007-12-17 13:53 159,458 --a------ C:\WINDOWS\system32\nvapps.nvb
    2008-01-20 18:33 . 2008-01-21 20:00 <REP> dr------- C:\NVIDIA
    2008-01-20 18:26 . 2008-01-20 18:28 <REP> d-------- C:\Program Files\PhotoFiltre
    2008-01-20 18:25 . 2004-10-08 11:59 326,656 --a------ C:\WINDOWS\system32\drivers\Camdrl.sys
    2008-01-20 18:10 . 2008-01-20 18:10 <REP> d-------- C:\WINDOWS\system32\Lang
    2008-01-20 18:10 . 2008-01-20 18:10 940,794 --a------ C:\WINDOWS\system32\LoopyMusic.wav
    2008-01-20 18:10 . 2008-01-20 18:10 146,650 --a------ C:\WINDOWS\system32\BuzzingBee.wav
    2008-01-16 19:52 . 2008-02-13 14:50 <REP> d-------- C:\WINDOWS\Downloaded Installations
    2008-01-16 19:52 . 2008-01-16 19:52 <REP> d-------- C:\Program Files\Veoh Networks
    2008-01-16 15:03 . 2008-01-16 15:05 <REP> d-------- C:\Documents and Settings\Mi©K\Application Data\BitTorrent
    2008-01-16 15:02 . 2008-01-16 15:02 <REP> d-------- C:\Program Files\BitTorrent_DNA
    2008-01-16 15:02 . 2008-01-16 15:03 <REP> d-------- C:\Program Files\BitTorrent
    2008-01-16 15:02 . 2008-01-22 20:53 <REP> d-------- C:\Documents and Settings\Mi©K\Application Data\BitTorrent DNA
    2008-01-16 14:57 . 2008-01-16 14:57 <REP> d-------- C:\Program Files\DivX
    2008-01-15 19:03 . 2008-02-03 20:36 <REP> d-------- C:\Program Files\Lyrics
    2008-01-15 18:59 . 2008-01-15 18:59 <REP> d-------- C:\Documents and Settings\Mi©K\Application Data\Apple Computer
    2008-01-15 18:59 . 2008-01-29 18:01 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2008-01-15 18:59 . 2008-01-15 18:59 1,409 --a------ C:\WINDOWS\QTFont.for
    2008-01-15 18:57 . 2008-01-15 18:58 <REP> d-------- C:\Program Files\QuickTime
    2008-01-15 18:57 . 2008-01-15 18:57 <REP> d-------- C:\Program Files\Apple Software Update
    2008-01-15 18:57 . 2008-01-15 18:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
    2008-01-15 18:57 . 2008-01-15 18:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
    2008-01-13 18:24 . 2008-01-13 18:24 <REP> d-------- C:\Documents and Settings\All Users\SonicStage
    2008-01-13 18:04 . 2008-01-13 18:04 <REP> d-------- C:\Program Files\Common Files
    2008-01-13 18:03 . 2008-01-13 18:03 <REP> d-------- C:\Documents and Settings\Mi©K\Application Data\InstallShield
    2008-01-13 18:03 . 2001-09-13 02:15 90,112 --------- C:\WINDOWS\snymsico.dll
    2008-01-13 18:03 . 2002-08-08 15:51 38,951 --------- C:\WINDOWS\system32\drivers\NETMDUSB.sys
    2008-01-13 18:03 . 2005-10-31 10:46 36,679 --------- C:\WINDOWS\system32\drivers\NETMD052.sys
    2008-01-13 18:03 . 2003-11-10 12:31 36,232 --------- C:\WINDOWS\system32\drivers\NETMD033.sys
    2008-01-13 18:03 . 2003-04-01 18:55 35,319 --------- C:\WINDOWS\system32\drivers\NETMD031.sys
    2008-01-13 18:02 . 2007-01-13 08:24 770,048 --a------ C:\WINDOWS\system32\CDDBUISony.dll
    2008-01-13 18:02 . 2007-01-13 08:22 655,360 --a------ C:\WINDOWS\system32\CDDBControlSony.dll
    2008-01-13 18:02 . 2007-01-13 08:22 589,824 --a------ C:\WINDOWS\system32\CddbMusicIDSony.dll
    2008-01-13 18:02 . 2007-01-13 08:25 532,480 --a------ C:\WINDOWS\system32\CddbPlaylist2Sony.dll
    2008-01-13 18:02 . 2007-01-13 08:27 98,304 --a------ C:\WINDOWS\system32\CddbLangFRSony.dll
    2008-01-13 18:02 . 2007-01-13 08:24 73,728 --a------ C:\WINDOWS\system32\CddbLinkSony.dll
    2008-01-13 18:01 . 2008-01-13 18:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sony Corporation
    2008-01-13 18:00 . 2008-01-13 18:06 <REP> d-------- C:\Program Files\Fichiers communs\Sony Shared
    2008-01-13 18:00 . 2008-01-13 18:36 <REP> d-------- C:\Documents and Settings\Mi©K\Application Data\Sony Corporation
    2008-01-13 17:56 . 2005-08-13 05:06 22,486 -ra------ C:\WINDOWS\system32\UnInstall_Driver.ico
    2008-01-13 17:55 . 2008-01-13 17:55 <REP> d-------- C:\Program Files\Samsung

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-02-13 14:33 9,383 ----a-w C:\Program Files\hijackthis.log
    2008-02-13 13:35 --------- d-----r C:\Program Files\Alwil Software
    2008-02-10 12:14 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\ma-config.com
    2008-02-10 12:05 741,376 ----a-w C:\WINDOWS\system32\WinUpdating.exe
    2008-02-10 10:09 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-02-03 17:14 --------- d-----w C:\Program Files\Steam
    2008-02-03 16:49 753,664 ----a-w C:\WINDOWS\system32\NTSpool.exe
    2008-02-03 13:09 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\MiniLyrics
    2008-02-02 20:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
    2008-01-22 08:55 --------- d-----r C:\Program Files\Mozilla Thunderbird
    2008-01-21 18:58 --------- d-----r C:\Program Files\Intel
    2008-01-20 17:24 --------- d-----r C:\Program Files\Logitech
    2008-01-15 19:47 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\Winamp
    2008-01-13 17:19 --------- d-----r C:\Program Files\Yahoo!
    2008-01-12 09:32 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\vlc
    2008-01-10 19:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2008-01-10 19:38 --------- d-----w C:\Program Files\StuffPlug3
    2008-01-10 17:46 --------- d-----w C:\Program Files\Microsoft Works
    2008-01-10 17:45 --------- d-----w C:\Program Files\MSBuild
    2008-01-09 16:22 --------- d-----w C:\Program Files\LClock
    2008-01-09 15:22 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\AdobeUM
    2008-01-09 14:08 --------- d-----w C:\Program Files\Fichiers communs\Adobe Systems Shared
    2008-01-09 14:08 --------- d-----w C:\Program Files\Fichiers communs\Adobe
    2008-01-09 14:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe Systems
    2008-01-08 19:26 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\Ahead
    2008-01-08 19:24 --------- d-----w C:\Program Files\Nero
    2008-01-08 19:24 --------- d-----w C:\Program Files\Fichiers communs\Ahead
    2008-01-07 18:35 --------- d-----w C:\Program Files\Dofus
    2008-01-07 17:48 --------- d-----r C:\Program Files\Windows Live
    2008-01-07 13:39 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2008-01-07 13:38 --------- d-----w C:\Program Files\MSXML 4.0
    2008-01-06 17:59 107,888 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
    2008-01-06 17:59 --------- d--h--r C:\Documents and Settings\Mi©K\Application Data\SecuROM
    2008-01-06 17:42 --------- d-----w C:\Program Files\KONAMI
    2008-01-06 17:38 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\DAEMON Tools
    2008-01-06 16:57 --------- d-----w C:\Program Files\Fichiers communs\FotoWire
    2008-01-06 16:57 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\FotoWire
    2008-01-06 16:56 --------- d-----w C:\Program Files\Fichiers communs\Logitech
    2008-01-06 16:55 81,920 ------r C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe
    2008-01-06 16:46 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\Hewlett-Packard
    2008-01-06 16:43 82,380 ----a-w C:\WINDOWS\system32\drivers\AFS2K.SYS
    2008-01-06 16:43 --------- d-----w C:\Program Files\Hewlett-Packard
    2008-01-06 16:41 --------- d-----w C:\Program Files\Fichiers communs\Hewlett-Packard
    2008-01-06 16:36 128 --sha-w C:\Program Files\desktop.ini
    2008-01-06 16:36 --------- d-----w C:\Program Files\CaptEcran
    2008-01-06 16:32 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\BSplayer Pro
    2008-01-06 16:30 --------- d-----w C:\Program Files\Sony
    2008-01-06 16:29 --------- d-----r C:\Program Files\OVAO
    2008-01-06 15:42 --------- d-----w C:\Program Files\MessengerPlus! 3
    2008-01-06 15:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\NVIDIA
    2008-01-06 15:26 --------- d-----w C:\Program Files\Minilyrics
    2008-01-06 15:11 --------- d-----r C:\Program Files\Winamp
    2008-01-06 15:05 --------- d-----w C:\Program Files\ma-config.com
    2008-01-06 14:52 --------- d-----w C:\Program Files\AdVantage
    2008-01-06 14:47 --------- d-----w C:\Program Files\DAEMON Tools Lite
    2008-01-06 14:43 715,248 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
    2008-01-06 14:42 128 --sha-w C:\Program Files\Fichiers communs\desktop.ini
    2008-01-06 14:42 --------- d-----r C:\Program Files\Winamp Remote
    2008-01-06 14:42 --------- d-----r C:\Program Files\Webteh
    2008-01-06 14:42 --------- d-----r C:\Program Files\Wanadoo
    2008-01-06 14:42 --------- d-----r C:\Program Files\VideoLAN
    2008-01-06 14:42 --------- d-----r C:\Program Files\Stardock
    2008-01-06 14:42 --------- d-----r C:\Program Files\Services en ligne
    2008-01-06 14:42 --------- d-----r C:\Program Files\Securitoo
    2008-01-06 14:42 --------- d-----r C:\Program Files\SAGEM
    2008-01-06 14:42 --------- d-----r C:\Program Files\Realtek
    2008-01-06 14:42 --------- d-----r C:\Program Files\My Company Name
    2008-01-06 14:42 --------- d-----r C:\Program Files\microsoft frontpage
    2008-01-06 14:42 --------- d-----r C:\Program Files\Messenger Plus! Live
    2008-01-06 14:42 --------- d-----r C:\Program Files\GameFace Messenger
    2008-01-06 14:42 --------- d-----r C:\Program Files\CCleaner
    2008-01-06 14:42 --------- d-----r C:\Program Files\Attansic
    2008-01-06 14:42 --------- d-----r C:\Program Files\ASUS
    2008-01-06 14:39 81,920 ------r C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe
    2008-01-06 14:26 --------- d-----w C:\Program Files\Fichiers communs\Stardock
    2008-01-06 14:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\OrbNetworks
    2008-01-06 13:58 --------- d-----w C:\Documents and Settings\Mi©K\Application Data\Thunderbird
    2008-01-06 13:43 737,280 ----a-w C:\WINDOWS\iun6002.exe
    2008-01-06 13:34 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
    2008-01-06 12:28 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
    2008-01-06 12:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-01-06 11:53 64,419 ----a-w C:\WINDOWS\BricoPackUninst.cmd
    2008-01-06 11:53 6,114 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd
    2008-01-06 11:53 219,648 ----a-w C:\WINDOWS\system32\uxtheme.dll
    2008-01-06 11:46 --------- d-----w C:\Program Files\Fichiers communs\SpeechEngines
    2008-01-06 11:46 --------- d-----w C:\Program Files\Fichiers communs\ODBC
    2008-01-06 11:40 --------- d-----w C:\Program Files\Fichiers communs\MSSoap
    2007-12-14 10:32 12,632 ----a-w C:\WINDOWS\system32\lsdelete.exe
    2007-12-05 01:53 356,352 ----a-w C:\WINDOWS\system32\NVUNINST.EXE
    2007-12-05 00:41 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll
    2007-12-05 00:41 81,920 ----a-w C:\WINDOWS\system32\nvmctray.dll
    2007-12-05 00:41 8,523,776 ----a-w C:\WINDOWS\system32\nvcpl.dll
    2007-12-05 00:41 753,664 ----a-w C:\WINDOWS\system32\nvcplui.exe
    2007-12-05 00:41 6,901,760 ----a-w C:\WINDOWS\system32\nvoglnt.dll
    2007-12-05 00:41 6,549,504 ----a-w C:\WINDOWS\system32\nvdisps.dll
    2007-12-05 00:41 5,773,568 ----a-w C:\WINDOWS\system32\nv4_disp.dll
    2007-12-05 00:41 5,611,520 ----a-w C:\WINDOWS\system32\nvdispsr.dll
    2007-12-05 00:41 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll
    2007-12-05 00:41 458,752 ----a-w C:\WINDOWS\system32\nvmccssr.dll
    2007-12-05 00:41 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"="C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe" [2007-05-17 12:11 5729136]
    "LClock"="C:\Program Files\LClock\lclock.exe" [2004-09-19 19:27 65536]
    "tr_winamp"="C:\Program Files\Winamp\winamp.exe" [2007-12-20 16:17 1327616]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00 15360]
    "Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2008-01-30 13:11 3497984]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2002-11-23 02:15 631362]
    "MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2008-01-06 16:42 190024]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
    "avp6_post_install"="msiexec.exe" [2005-05-04 14:45 78848 C:\WINDOWS\system32\msiexec.exe]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 13:00 15360]

    C:\Documents and Settings\Mi¸K\Menu D‚marrer\Programmes\D‚marrage\
    Stardock ObjectDock.lnk - C:\Program Files\Stardock\ObjectDock\ObjectDock.exe [2008-01-06 15:26:09 Mick 3450608]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "<NO NAME>"= 1

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
    "NTSpool"= NTSpool.exe
    "Windows Printing Driver"= WinSpooler.exe
    "WinUpdating"= WinUpdating.exe

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{23D44BCF-AA7A-41D6-8905-E808F16322EF}"= C:\WINDOWS\system32\nnnnmmj.dll [ ]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\nnnnmmj]
    nnnnmmj.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\scredir32]
    scredir32.dll 2004-10-23 06:36 8704 C:\WINDOWS\system32\scredir32.dll

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Acrobat.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Acrobat.lnk
    backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Acrobat.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
    backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^Mi©K^Menu Démarrer^Programmes^Démarrage^RocketDock.lnk]
    path=C:\Documents and Settings\Mi©K\Menu Démarrer\Programmes\Démarrage\RocketDock.lnk
    backup=C:\WINDOWS\pss\RocketDock.lnkStartup

    [HKLM\~\startupfolder\C:^Documents and Settings^Mi©K^Menu Démarrer^Programmes^Démarrage^TransBar.lnk]
    path=C:\Documents and Settings\Mi©K\Menu Démarrer\Programmes\Démarrage\TransBar.lnk
    backup=C:\WINDOWS\pss\TransBar.lnkStartup

    [HKLM\~\startupfolder\C:^Documents and Settings^Mi©K^Menu Démarrer^Programmes^Démarrage^UberIcon.lnk]
    path=C:\Documents and Settings\Mi©K\Menu Démarrer\Programmes\Démarrage\UberIcon.lnk
    backup=C:\WINDOWS\pss\UberIcon.lnkStartup

    [HKLM\~\startupfolder\C:^Documents and Settings^Mi©K^Menu Démarrer^Programmes^Démarrage^Y'z Shadow.lnk]
    path=C:\Documents and Settings\Mi©K\Menu Démarrer\Programmes\Démarrage\Y'z Shadow.lnk
    backup=C:\WINDOWS\pss\Y'z Shadow.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
    --a------ 2004-12-14 02:12 483328 C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdVantage]
    --a------ 2007-06-28 15:19 880080 C:\Program Files\AdVantage\AdVantage.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
    -ra------ 2005-05-03 04:43 69632 C:\WINDOWS\ALCMTR.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS SmartDoctor]
    --a------ 2006-08-18 18:58 1081344 C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
    --a------ 2006-03-02 13:00 15360 C:\WINDOWS\system32\ctfmon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
    --a------ 2007-12-15 11:02 482760 C:\Program Files\DAEMON Tools Lite\daemon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameFace Messenger]
    --a------ 2006-08-02 16:06 2048000 C:\Program Files\GameFace Messenger\GameFace.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
    --a------ 2008-01-06 17:55 20480 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
    --------- 2002-11-08 10:50 19968 C:\WINDOWS\LOGI_MWX.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    --a------ 2007-12-05 01:41 8523776 C:\WINDOWS\system32\NvCpl.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
    --a------ 2007-12-05 01:41 81920 C:\WINDOWS\system32\NvMcTray.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NWEReboot]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
    --a------ 2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
    --a------ 2007-12-18 02:02 471040 C:\Program Files\Winamp Remote\bin\OrbTray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
    -ra------ 2006-08-01 05:10 16049664 C:\WINDOWS\RTHDCPL.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
    -ra------ 2006-05-16 04:04 2879488 C:\WINDOWS\SkyTel.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
    --a------ 2008-01-10 20:26 1266936 c:\program files\steam\steam.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VadeRetro Outlook]
    --a------ 2007-08-31 16:13 44544 C:\PROGRA~1\GOTOSO~1\VADERE~1\VrMoRegister.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VadeRetro Outlook Express & Windows Mail]
    --a------ 2007-10-09 13:28 296448 C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_Oe.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMAAD]
    --a------ 2007-02-16 18:41 110592 C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
    --a------ 2004-08-23 14:50 122880 C:\PROGRA~1\Wanadoo\Shell.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
    --------- 2004-10-14 16:55 32768 C:\PROGRA~1\Wanadoo\GestMaj.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
    --------- 2004-08-23 14:49 20480 C:\PROGRA~1\Wanadoo\Watch.exe

    R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2006-07-27 22:28]
    R3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D32.sys [2005-09-27 10:02]
    S1 asusgsb;ASUS Virtual Video Capture Device Driver;C:\WINDOWS\system32\drivers\asusgsb32.sys [2005-10-20 16:25]
    S3 ICScsiSV;Image Converter SCSI Service;C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe [2007-01-26 11:39]
    S3 IcVzMonLauncher;IcVzMonLauncher;"C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe" [2007-01-26 11:38]
    S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe [2007-01-26 11:38]
    S3 PhilCam8116_XP;Logitech QuickCam Pro 3000(PID_08B1);C:\WINDOWS\system32\DRIVERS\CamDrL20.sys [2004-05-21 20:16]

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-01-31 20:51:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-02-06 16:46:02 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1199637940.job"
    - C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe4-I
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-02-13 15:38:25
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    --------------------- DLLs a chargé sous des processus courants ---------------------

    PROCESS: C:\WINDOWS\explorer.exe [6.00.2900.3156]
    -> C:\Program Files\Stardock\ObjectDock\DockShellHook.dll
    .
    Temps d'accomplissement: 2008-02-13 15:38:49
    ComboFix-quarantined-files.txt 2008-02-13 14:38:41
    .
    2008-01-26 20:06:56 --- E O F ---
    13 Février 2008 16:03:09

    Je dois faire quelque chose d'autre ?
    Et la mon PC est sans antivirus donc je sais pas quoi faire
    Merci d'avance
    a b 8 Sécurité
    13 Février 2008 17:18:59

    Re,

    [#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    File::
    C:\WINDOWS\system32\WinSpooler.exe
    C:\WINDOWS\system32\NTSpool.exe
    C:\WINDOWS\system32\WinUpdating.exe
    C:\WINDOWS\system32\nnnnmmj.dll
    C:\WINDOWS\system32\scredir32.dll

    Registry::
    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
    "NTSpool"=-
    "Windows Printing Driver"=-
    "WinUpdating"=-
    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{23D44BCF-AA7A-41D6-8905-E808F16322EF}"=-
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\nnnnmmj]
    [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\scredir32]


    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


    Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
    [#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
    13 Février 2008 18:00:56

    Re,
    Voici le log combofix :

    ComboFix 08-02-13.2 - Mi©K 2008-02-13 17:46:35.4 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.525 [GMT 1:00]
    Endroit: C:\Documents and Settings\Mi©K\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\Mi©K\Bureau\CFScript.txt
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

    FILE
    C:\WINDOWS\system32\nnnnmmj.dll
    C:\WINDOWS\system32\NTSpool.exe
    C:\WINDOWS\system32\scredir32.dll
    C:\WINDOWS\system32\WinSpooler.exe
    C:\WINDOWS\system32\WinUpdating.exe
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\system32\jkklk.dll
    C:\WINDOWS\system32\qomjhii.dll
    C:\WINDOWS\system32\snubejmr.dll
    C:\Documents and Settings\All Users\Application Data\storageprotector
    C:\Documents and Settings\All Users\Application Data\storageprotector\Data\em
    C:\Documents and Settings\All Users\Application Data\storageprotector\Data\oid
    C:\Documents and Settings\All Users\Application Data\storageprotector\Data\user
    C:\Program Files\Fichiers communs\StorageProtector
    C:\Program Files\Fichiers communs\StorageProtector\strpmon.exe
    C:\WINDOWS\system32\abkveocv.dll
    C:\WINDOWS\system32\aeximwds.dll
    C:\WINDOWS\system32\fccbxut.dll
    C:\WINDOWS\system32\fkgfxqun.dll
    C:\WINDOWS\system32\hufyclnw.dll
    C:\WINDOWS\system32\jkklk.dll
    C:\WINDOWS\system32\klkkj.ini
    C:\WINDOWS\system32\klkkj.ini2
    C:\WINDOWS\system32\lltdbwum.ini
    C:\WINDOWS\system32\lmpjxetp.dll
    C:\WINDOWS\system32\lmpjxetp.dllbox
    C:\WINDOWS\system32\nnnkjif.dll
    C:\WINDOWS\system32\nofycedn.dll
    C:\WINDOWS\system32\NTSpool.exe
    C:\WINDOWS\system32\qomjhii.dll
    C:\WINDOWS\system32\rqroool(2).dll
    C:\WINDOWS\system32\scredir32.dll
    C:\WINDOWS\system32\sdwmixea.ini
    C:\WINDOWS\system32\snubejmr.dll
    C:\WINDOWS\system32\snubejmr.dllbox
    C:\WINDOWS\system32\tuvsrqq.dll
    C:\WINDOWS\system32\WinSpooler.exe
    C:\WINDOWS\system32\WinUpdating.exe

    .
    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-01-13 to 2008-02-13 ))))))))))))))))))))))))))))))))))))
    .

    2008-02-13 17:41 . 2008-02-13 17:41 <REP> dr------- C:\Documents and Settings\All Users\Application Data\SalesMon
    2008-02-13 17:20 . 2008-02-13 17:20 <REP> d-------- C:\Lyrics
    2008-02-13 16:34 . 2007-09-06 12:02 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
    2008-02-13 16:34 . 2007-09-06 12:00 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
    2008-02-13 16:34 . 2007-09-06 12:03 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
    2008-02-13 16:33 . 2007-09-06 12:05 94,416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
    2008-02-13 16:06 . 2008-02-13 16:06 <REP> d-------- C:\Program Files\Kaspersky Lab
    2008-02-13 16:06 . 2008-02-13 16:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
    2008-02-13 16:06 . 2008-02-13 16:27 59,424 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
    2008-02-13 16:06 . 2008-02-13 16:27 4,384 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
    2008-02-13 16:06 . 2008-02-13 16:27 3,860 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
    2008-02-13 16:06 . 2008-02-13 16:27 1,484 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
    2008-02-13 15:29 . 2008-02-13 15:29 <REP> d-------- C:\VundoFix Backups
    2008-02-13 14:35 . 2008-02-13 14:35 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
    2008-02-13 14:01 . 2006-03-02 13:00 428,032 --a------ C:\kmd.exe
    2008-02-10 14:10 . 2008-02-10 14:10 <REP> d-------- C:\Program Files\id Software
    2008-02-10 11:38 . 2008-02-10 11:38 <REP> d--hs---- C:\WINDOWS\ftpcache
    2008-02-10 11:09 . 2008-02-10 11:09 319 --a------ C:\WINDOWS\game.ini
    2008-02-10 11:05 . 2008-02-10 11:05 <REP> d-------- C:\Program Files\Activision
    2008-02-10 10:37 . 2007-08-14 23:16 1,335,296 --a------ C:\WINDOWS\system32\msxml6.dll
    2008-02-10 10:37 . 2007-08-14 23:16 2,048 --a------ C:\WINDOWS\system32\msxml6r.dll
    2008-02-10 10:36 . 2008-02-10 10:36 <REP> d-------- C:\Program Files\Goto Software
    2008-02-10 10:36 . 2008-02-10 10:37 <REP> d-------- C:\Documents and Settings\All Users\Application Data\VadeRetro
    2008-02-10 10:36 . 1999-02-22 16:46 148,992 --a------ C:\WINDOWS\UNWISE.EXE
    2008-02-10 10:36 . 1998-12-23 08:19 5,891 --a------ C:\WINDOWS\UNWISE.INI
    2008-02-04 20:22 . 2008-02-04 20:22 <REP> d-------- C:\WINDOWS\Mozilla
    2008-02-03 17:49 . 2008-02-13 17:37 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
    2008-02-03 17:49 . 2008-02-10 13:48 37,888 --a------ C:\WINDOWS\system32\rar.exe
    2008-02-03 14:35 . 2008-02-03 14:35 <REP> d-------- C:\Fichier texte
    2008-02-03 13:37 . 2007-09-06 12:09 801,144 --a------ C:\WINDOWS\system32\aswBoot.exe
    2008-02-03 13:37 . 2004-01-09 11:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
    2008-02-03 13:37 . 2007-09-06 12:00 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
    2008-02-03 13:37 . 2007-09-06 12:05 92,848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
    2008-02-03 12:01 . 2008-02-03 12:03 <REP> d-------- C:\Program Files\Serious Sam 2
    2008-02-02 15:11 . 2008-02-02 15:11 <REP> d-------- C:\Program Files\Lavasoft
    2008-02-02 15:11 . 2008-02-02 15:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-02-02 15:09 . 2008-02-02 15:10 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-01-30 17:20 . 2008-01-30 17:20 <REP> d-------- C:\Program Files\K-Lite Codec Pack
    2008-01-30 17:20 . 2007-11-29 23:30 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
    2008-01-30 17:20 . 2007-12-04 02:33 682,496 --a------ C:\WINDOWS\system32\divx.dll
    2008-01-30 17:20 . 2006-09-24 16:11 389,120 --a------ C:\WINDOWS\system32\lameACM.acm
    2008-01-30 17:20 . 2004-01-25 17:18 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
    2008-01-30 17:20 . 2007-09-04 17:56 164,352 --a------ C:\WINDOWS\system32\unrar.dll
    2008-01-30 17:20 . 2007-09-21 01:52 118,784 --a------ C:\WINDOWS\system32\ac3acm.acm
    2008-01-30 17:20 . 2007-11-29 23:28 81,920 --a------ C:\WINDOWS\system32\dpl100.dll
    2008-01-30 17:20 . 2007-12-24 13:49 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll
    2008-01-30 17:20 . 2007-07-10 17:10 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest
    2008-01-30 17:20 . 2007-10-03 16:03 414 --a------ C:\WINDOWS\system32\lame_acm.xml
    2008-01-26 19:45 . 2008-01-26 19:46 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\Winamp
    2008-01-26 19:45 . 2008-01-26 19:45 <REP> d-------- C:\Documents and Settings\Alexis\Application Data\MiniLyrics
    2008-01-25 18:08 . 2008-01-25 18:08 <REP> d-------- C:\Program Files\Windows Media Connect 2
    2008-01-25 18:07 . 2008-01-25 18:07 <REP> d-------- C:\WINDOWS\system32\LogFiles
    2008-01-25 18:07 . 2008-01-25 18:07 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
    2008-01-25 16:57 . 2008-02-13 17:15 <REP> d-------- C:\Documents and Settings\Alexis\Contacts
    2008-01-24 21:17 . 2008-01-24 21:19 <REP> d-------- C:\Program Files\TVAnts
    2008-01-23 17:10 . 2008-01-06 12:45 <REP> d--h----- C:\Documents and Settings\Alexis\Voisinage r‚seau
    2008-01-23 17:10 . 2008-01-06 12:45 <REP> d--h----- C:\Documents and Settings\Alexis\Voisinage d'impression
    2008-01-23 17:10 . 2008-01-06 12:37 <REP> d--h----- C:\Documents and Settings\Alexis\ModŠles
    2008-01-23 17:10 . 2008-02-13 17:47 <REP> d---s---- C:\Documents and Settings\Alexis\Mes documents
    2008-01-23 17:10 . 2008-01-06 12:45 <REP> dr------- C:\Documents and Settings\Alexis\Menu D‚marrer
    2008-01-23 17:10 . 2008-01-23 17:10 <REP> d---s---- C:\Documents and Settings\Alexis\Favoris
    2008-01-23 17:10 . 2008-02-13 17:21 <REP> d-------- C:\Documents and Settings\Alexis\Bureau
    2008-01-22 20:23 . 2008-01-22 20:23 <REP> d-------- C:\Program Files\Everest Ultimate Edition 2007
    2008-01-22 20:22 . 2008-01-22 20:22 <REP> d-------- C:\Program Files\Lavalys
    2008-01-20 18:34 . 2008-01-20 18:36 <REP> d-------- C:\WINDOWS\NV3348528.TMP
    2008-01-20 18:34 . 2007-12-17 13:53 159,458 --a------ C:\WINDOWS\system32\nvapps.nvb
    2008-01-20 18:33 . 2008-01-21 20:00 <REP> dr------- C:\NVIDIA
    2008-01-20 18:26 . 2008-01-20 18:28 <REP> d-------- C:\Program Files\PhotoFiltre
    2008-01-20 18:25 . 2004-10-08 11:59 326,656 --a------ C:\WINDOWS\system32\drivers\Camdrl.sys
    2008-01-20 18:10 . 2008-01-20 18:10 <REP> d-------- C:\WINDOWS\system32\Lang
    2008-01-20 18:10 . 2008-01-20 18:10 940,794 --a------ C:\WINDOWS\system32\LoopyMusic.wav
    2008-01-20 18:10 . 2008-01-20 18:10 146,650 --a------ C:\WINDOWS\system32\BuzzingBee.wav
    2008-01-16 19:52 . 2008-02-13 14:50 <REP> d-------- C:\WINDOWS\Downloaded Installations
    2008-01-16 19:52 . 2008-01-16 19:52 <REP> d-------- C:\Program Files\Veoh Networks
    2008-01-16 15:02 . 2008-01-16 15:02 <REP> d-------- C:\Program Files\BitTorrent_DNA
    2008-01-16 15:02 . 2008-01-16 15:03 <REP> d-------- C:\Program Files\BitTorrent
    2008-01-16 14:57 . 2008-01-16 14:57 <REP> d-------- C:\Program Files\DivX
    2008-01-15 19:03 . 2008-02-03 20:36 <REP> d-------- C:\Program Files\Lyrics
    2008-01-15 18:59 . 2008-01-29 18:01 54,156 --ah----- C:\WINDOWS\QTFont.qfn
    2008-01-15 18:59 . 2008-01-15 18:59 1,409 --a------ C:\WINDOWS\QTFont.for
    2008-01-15 18:57 . 2008-01-15 18:58 <REP> d-------- C:\Program Files\QuickTime
    2008-01-15 18:57 . 2008-01-15 18:57 <REP> d-------- C:\Program Files\Apple Software Update
    2008-01-15 18:57 . 2008-01-15 18:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
    2008-01-15 18:57 . 2008-01-15 18:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
    2008-01-13 18:24 . 2008-01-13 18:24 <REP> d-------- C:\Documents and Settings\All Users\SonicStage
    2008-01-13 18:04 . 2008-01-13 18:04 <REP> d-------- C:\Program Files\Common Files
    2008-01-13 18:03 . 2001-09-13 02:15 90,112 --------- C:\WINDOWS\snymsico.dll
    2008-01-13 18:03 . 2002-08-08 15:51 38,951 --------- C:\WINDOWS\system32\drivers\NETMDUSB.sys
    2008-01-13 18:03 . 2005-10-31 10:46 36,679 --------- C:\WINDOWS\system32\drivers\NETMD052.sys
    2008-01-13 18:03 . 2003-11-10 12:31 36,232 --------- C:\WINDOWS\system32\drivers\NETMD033.sys
    2008-01-13 18:03 . 2003-04-01 18:55 35,319 --------- C:\WINDOWS\system32\drivers\NETMD031.sys
    2008-01-13 18:02 . 2007-01-13 08:24 770,048 --a------ C:\WINDOWS\system32\CDDBUISony.dll
    2008-01-13 18:02 . 2007-01-13 08:22 655,360 --a------ C:\WINDOWS\system32\CDDBControlSony.dll
    2008-01-13 18:02 . 2007-01-13 08:22 589,824 --a------ C:\WINDOWS\system32\CddbMusicIDSony.dll
    2008-01-13 18:02 . 2007-01-13 08:25 532,480 --a------ C:\WINDOWS\system32\CddbPlaylist2Sony.dll
    2008-01-13 18:02 . 2007-01-13 08:27 98,304 --a------ C:\WINDOWS\system32\CddbLangFRSony.dll
    2008-01-13 18:02 . 2007-01-13 08:24 73,728 --a------ C:\WINDOWS\system32\CddbLinkSony.dll
    2008-01-13 18:01 . 2008-01-13 18:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sony Corporation
    2008-01-13 18:00 . 2008-01-13 18:06 <REP> d-------- C:\Program Files\Fichiers communs\Sony Shared
    2008-01-13 17:56 . 2005-08-13 05:06 22,486 -ra------ C:\WINDOWS\system32\UnInstall_Driver.ico

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-02-13 15:33 --------- d-----r C:\Program Files\Alwil Software
    2008-02-13 14:33 9,383 ----a-w C:\Program Files\hijackthis.log
    2008-02-10 10:09 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-02-03 17:14 --------- d-----w C:\Program Files\Steam
    2008-02-02 20:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
    2008-01-22 08:55 --------- d-----r C:\Program Files\Mozilla Thunderbird
    2008-01-21 18:58 --------- d-----r C:\Program Files\Intel
    2008-01-20 17:24 --------- d-----r C:\Program Files\Logitech
    2008-01-13 17:19 --------- d-----r C:\Program Files\Yahoo!
    2008-01-10 19:57 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2008-01-10 19:38 --------- d-----w C:\Program Files\StuffPlug3
    2008-01-10 17:46 --------- d-----w C:\Program Files\Microsoft Works
    2008-01-10 17:45 --------- d-----w C:\Program Files\MSBuild
    2008-01-09 16:22 --------- d-----w C:\Program Files\LClock
    2008-01-09 14:08 --------- d-----w C:\Program Files\Fichiers communs\Adobe Systems Shared
    2008-01-09 14:08 --------- d-----w C:\Program Files\Fichiers communs\Adobe
    2008-01-09 14:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe Systems
    2008-01-08 19:24 --------- d-----w C:\Program Files\Nero
    2008-01-08 19:24 --------- d-----w C:\Program Files\Fichiers communs\Ahead
    2008-01-07 18:35 --------- d-----w C:\Program Files\Dofus
    2008-01-07 17:48 --------- d-----r C:\Program Files\Windows Live
    2008-01-07 13:39 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
    2008-01-07 13:38 --------- d-----w C:\Program Files\MSXML 4.0
    2008-01-06 17:42 --------- d-----w C:\Program Files\KONAMI
    2008-01-06 16:57 --------- d-----w C:\Program Files\Fichiers communs\FotoWire
    2008-01-06 16:56 --------- d-----w C:\Program Files\Fichiers communs\Logitech
    2008-01-06 16:55 81,920 ------r C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe
    2008-01-06 16:43 82,380 ----a-w C:\WINDOWS\system32\drivers\AFS2K.SYS
    2008-01-06 16:43 --------- d-----w C:\Program Files\Hewlett-Packard
    2008-01-06 16:41 --------- d-----w C:\Program Files\Fichiers communs\Hewlett-Packard
    2008-01-06 16:36 128 --sha-w C:\Program Files\desktop.ini
    2008-01-06 16:36 --------- d-----w C:\Program Files\CaptEcran
    2008-01-06 16:30 --------- d-----w C:\Program Files\Sony
    2008-01-06 16:29 --------- d-----r C:\Program Files\OVAO
    2008-01-06 15:42 --------- d-----w C:\Program Files\MessengerPlus! 3
    2008-01-06 15:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\NVIDIA
    2008-01-06 15:26 --------- d-----w C:\Program Files\Minilyrics
    2008-01-06 15:11 --------- d-----r C:\Program Files\Winamp
    2008-01-06 15:05 --------- d-----w C:\Program Files\ma-config.com
    2008-01-06 14:52 --------- d-----w C:\Program Files\AdVantage
    2008-01-06 14:47 --------- d-----w C:\Program Files\DAEMON Tools Lite
    2008-01-06 14:43 715,248 ----a-w C:\WINDOWS\system32\drivers\sptd.sys
    2008-01-06 14:42 128 --sha-w C:\Program Files\Fichiers communs\desktop.ini
    2008-01-06 14:42 --------- d-----r C:\Program Files\Winamp Remote
    2008-01-06 14:42 --------- d-----r C:\Program Files\Webteh
    2008-01-06 14:42 --------- d-----r C:\Program Files\Wanadoo
    2008-01-06 14:42 --------- d-----r C:\Program Files\VideoLAN
    2008-01-06 14:42 --------- d-----r C:\Program Files\Stardock
    2008-01-06 14:42 --------- d-----r C:\Program Files\Services en ligne
    2008-01-06 14:42 --------- d-----r C:\Program Files\Securitoo
    2008-01-06 14:42 --------- d-----r C:\Program Files\SAGEM
    2008-01-06 14:42 --------- d-----r C:\Program Files\Realtek
    2008-01-06 14:42 --------- d-----r C:\Program Files\My Company Name
    2008-01-06 14:42 --------- d-----r C:\Program Files\microsoft frontpage
    2008-01-06 14:42 --------- d-----r C:\Program Files\Messenger Plus! Live
    2008-01-06 14:42 --------- d-----r C:\Program Files\GameFace Messenger
    2008-01-06 14:42 --------- d-----r C:\Program Files\CCleaner
    2008-01-06 14:42 --------- d-----r C:\Program Files\Attansic
    2008-01-06 14:42 --------- d-----r C:\Program Files\ASUS
    2008-01-06 14:39 81,920 ------r C:\WINDOWS\bwUnin-6.1.4.36-8876480L.exe
    2008-01-06 14:26 --------- d-----w C:\Program Files\Fichiers communs\Stardock
    2008-01-06 14:25 --------- d-----w C:\Documents and Settings\All Users\Application Data\OrbNetworks
    2008-01-06 13:43 737,280 ----a-w C:\WINDOWS\iun6002.exe
    2008-01-06 13:34 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
    2008-01-06 12:28 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
    2008-01-06 12:26 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-01-06 11:53 64,419 ----a-w C:\WINDOWS\BricoPackUninst.cmd
    2008-01-06 11:53 6,114 ----a-w C:\WINDOWS\BricoPackFoldersDelete.cmd
    2008-01-06 11:46 --------- d-----w C:\Program Files\Fichiers communs\SpeechEngines
    2008-01-06 11:46 --------- d-----w C:\Program Files\Fichiers communs\ODBC
    2008-01-06 11:40 --------- d-----w C:\Program Files\Fichiers communs\MSSoap
    2007-12-17 23:43 23,396 ----a-w C:\WINDOWS\system32\drivers\klopp.dat
    2007-09-09 13:16 942,080 ----a-w C:\Program Files\Scanner.exe
    2007-06-07 08:14 165,888 ----a-w C:\Program Files\ToYcon.exe
    2004-03-11 15:32 439,296 ----a-w C:\Program Files\JADgen.exe
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MsnMsgr"="C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe" [2007-05-17 12:11 5729136]
    "LClock"="C:\Program Files\LClock\lclock.exe" [2004-09-19 19:27 65536]
    "tr_winamp"="C:\Program Files\Winamp\winamp.exe" [2007-12-20 16:17 1327616]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 13:00 15360]
    "Veoh"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [2008-01-30 13:11 3497984]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2002-11-23 02:15 631362]
    "MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2008-01-06 16:42 190024]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06 79224]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 13:00 15360]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "<NO NAME>"= 1

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\nnnnmmj]
    nnnnmmj.dll

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Acrobat.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Acrobat.lnk
    backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Acrobat.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
    backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^Mi©K^Menu Démarrer^Programmes^Démarrage^RocketDock.lnk]
    path=C:\Documents and Settings\Mi©K\Menu Démarrer\Programmes\Démarrage\RocketDock.lnk
    backup=C:\WINDOWS\pss\RocketDock.lnkStartup

    [HKLM\~\startupfolder\C:^Documents and Settings^Mi©K^Menu Démarrer^Programmes^Démarrage^TransBar.lnk]
    path=C:\Documents and Settings\Mi©K\Menu Démarrer\Programmes\Démarrage\TransBar.lnk
    backup=C:\WINDOWS\pss\TransBar.lnkStartup

    [HKLM\~\startupfolder\C:^Documents and Settings^Mi©K^Menu Démarrer^Programmes^Démarrage^UberIcon.lnk]
    path=C:\Documents and Settings\Mi©K\Menu Démarrer\Programmes\Démarrage\UberIcon.lnk
    backup=C:\WINDOWS\pss\UberIcon.lnkStartup

    [HKLM\~\startupfolder\C:^Documents and Settings^Mi©K^Menu Démarrer^Programmes^Démarrage^Y'z Shadow.lnk]
    path=C:\Documents and Settings\Mi©K\Menu Démarrer\Programmes\Démarrage\Y'z Shadow.lnk
    backup=C:\WINDOWS\pss\Y'z Shadow.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 7.0]
    --a------ 2004-12-14 02:12 483328 C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdVantage]
    --a------ 2007-06-28 15:19 880080 C:\Program Files\AdVantage\AdVantage.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
    -ra------ 2005-05-03 04:43 69632 C:\WINDOWS\ALCMTR.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ASUS SmartDoctor]
    --a------ 2006-08-18 18:58 1081344 C:\Program Files\ASUS\SmartDoctor\SmartDoctor.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
    --a------ 2006-03-02 13:00 15360 C:\WINDOWS\system32\ctfmon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
    --a------ 2007-12-15 11:02 482760 C:\Program Files\DAEMON Tools Lite\daemon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GameFace Messenger]
    --a------ 2006-08-02 16:06 2048000 C:\Program Files\GameFace Messenger\GameFace.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
    --a------ 2008-01-06 17:55 20480 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Logitech Utility]
    --------- 2002-11-08 10:50 19968 C:\WINDOWS\LOGI_MWX.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
    --a------ 2007-12-05 01:41 8523776 C:\WINDOWS\system32\NvCpl.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
    --a------ 2007-12-05 01:41 81920 C:\WINDOWS\system32\NvMcTray.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NWEReboot]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
    --a------ 2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Orb]
    --a------ 2007-12-18 02:02 471040 C:\Program Files\Winamp Remote\bin\OrbTray.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
    -ra------ 2006-08-01 05:10 16049664 C:\WINDOWS\RTHDCPL.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
    -ra------ 2006-05-16 04:04 2879488 C:\WINDOWS\SkyTel.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam]
    --a------ 2008-01-10 20:26 1266936 c:\program files\steam\steam.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VadeRetro Outlook]
    --a------ 2007-08-31 16:13 44544 C:\PROGRA~1\GOTOSO~1\VADERE~1\VrMoRegister.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VadeRetro Outlook Express & Windows Mail]
    --a------ 2007-10-09 13:28 296448 C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_Oe.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WMAAD]
    --a------ 2007-02-16 18:41 110592 C:\Program Files\Sony\WALKMAN Launcher\WMAAD.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
    --a------ 2004-08-23 14:50 122880 C:\PROGRA~1\Wanadoo\Shell.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
    --------- 2004-10-14 16:55 32768 C:\PROGRA~1\Wanadoo\GestMaj.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
    --------- 2004-08-23 14:49 20480 C:\PROGRA~1\Wanadoo\Watch.exe

    R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\atl01_xp.sys [2006-07-27 22:28]
    R3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D32.sys [2005-09-27 10:02]
    S1 asusgsb;ASUS Virtual Video Capture Device Driver;C:\WINDOWS\system32\drivers\asusgsb32.sys [2005-10-20 16:25]
    S3 ICScsiSV;Image Converter SCSI Service;C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe [2007-01-26 11:39]
    S3 IcVzMonLauncher;IcVzMonLauncher;"C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe" [2007-01-26 11:38]
    S3 Image Converter video recording monitor for VAIO Entertainment;Image Converter video recording monitor for VAIO Entertainment;C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe [2007-01-26 11:38]
    S3 PhilCam8116_XP;Logitech QuickCam Pro 3000(PID_08B1);C:\WINDOWS\system32\DRIVERS\CamDrL20.sys [2004-05-21 20:16]

    .
    Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
    "2008-01-31 20:51:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-02-06 16:46:02 C:\WINDOWS\Tasks\FRU Task #Hewlett-Packard#hp psc 1200 series#1199637940.job"
    - C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpqfrucl.exe4-I
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-02-13 17:53:09
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cach‚s ...

    Balayage cach‚ autostart entries ...

    Balayage des fichiers cach‚s ...

    Scan termin‚ avec succŠs
    Les fichiers cach‚s: 0

    **************************************************************************
    .
    --------------------- DLLs a charg‚ sous des processus courants ---------------------

    PROCESS: C:\WINDOWS\explorer.exe [6.00.2900.3156]
    -> C:\Program Files\Stardock\ObjectDock\DockShellHook.dll
    -> C:\Program Files\LClock\LC.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\ATKKBService.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
    C:\WINDOWS\system32\dwwin.exe
    .
    **************************************************************************
    .
    Temps d'accomplissement: 2008-02-13 17:55:29 - machine was rebooted
    ComboFix-quarantined-files.txt 2008-02-13 16:55:27
    ComboFix2.txt 2008-02-13 14:38:49
    .
    2008-01-26 20:06:56 --- E O F ---

    Log Hijackthis :

    Logfile of HijackThis v1.99.1
    Scan saved at 18:09, on 2008-02-13
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16574)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\ATKKBService.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Logitech\iTouch\iTouch.exe
    C:\Program Files\MessengerPlus! 3\MsgPlus.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\LClock\lclock.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
    C:\WINDOWS\explorer.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
    C:\Program Files\Scanner.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
    O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\lclock.exe
    O4 - HKCU\..\Run: [tr_winamp] C:\Program Files\Winamp\winamp.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
    O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
    O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Transfert par Image Converter 3 - C:\PROGRAM FILES\SONY\IMAGE CONVERTER 3\menu.htm
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Co...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - Winlogon Notify: nnnnmmj - nnnnmmj.dll (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: Image Converter SCSI Service (ICScsiSV) - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\ICScsiSV.exe
    O23 - Service: IcVzMonLauncher - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMonLauncher.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: Image Converter video recording monitor for VAIO Entertainment - Sony Corporation - C:\Program Files\Sony\IMAGE CONVERTER 3\IcVzMon.exe
    O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SonicStage Back-End Service - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SsBeSvc.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
    O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SSScsiSV.exe
    O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe

    Merci :) 
    a b 8 Sécurité
    13 Février 2008 18:11:23

    Reposte un rapport Hijackthis.
    13 Février 2008 18:12:33

    Dans le post d'avant, il y a les deux rapport que vous m'aviez demandé !
    13 Février 2008 18:27:03

    Un grand merci
    Mais J'ai avast pro , n'est il pas mieux que AntiVir ?
    Je mettrai le rapport demain de l'antivirus.
    a b 8 Sécurité
    13 Février 2008 18:33:45

    Tu as acheté la version pro ?
    13 Février 2008 18:36:32

    Non je ne l'ai pas acheté personnellement, c'est un collègue qui me la passé mais est-elle plus efficace que antivir qui lui est gratuit ?
    a b 8 Sécurité
    13 Février 2008 19:15:03

    Test AntiVir et tu verras.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS