Spyware

*** Recherche dossiers dans "C:\WINDOWS" ***


*** Recherche dossiers dans "C:\Program Files" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" ***


*** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\MANUEL\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~2\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ALEX\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\DAMI\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\DYLAN\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\MANUEL\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~2\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ALEX\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\DAMI\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\DYLAN\locals~1\applic~1" ***


*** Recherche dossiers dans "C:\Documents and Settings\MANUEL\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ADMINI~2\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\ALEX\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\DAMI\menudm~1\progra~1" ***


*** Recherche dossiers dans "C:\DOCUME~1\DYLAN\menudm~1\progra~1" ***


*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans "C:\WINDOWS\system32" *

gnc.exe absent, Recherche non effectuee dans "C:\WINDOWS\system32" !

* Recherche dans "C:\Documents and Settings\MANUEL\locals~1\applic~1" *

gnc.exe absent, Recherche non effectuee dans "C:\Documents and Settings\MANUEL\locals~1\applic~1" !



*** Recherche fichiers ***



*** Recherche clés spécifiques dans le Registre ***
!! Les clés trouvées ne sont pas forcément infectées !!


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans "C:\WINDOWS\system32" :


* Dans "C:\Documents and Settings\MANUEL\locals~1\applic~1" :


* Dans "C:\DOCUME~1\ADMINI~2\locals~1\applic~1" :


* Dans "C:\DOCUME~1\ALEX\locals~1\applic~1" :


* Dans "C:\DOCUME~1\DAMI\locals~1\applic~1" :


* Dans "C:\DOCUME~1\DYLAN\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat Montorgueil absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche autres dossiers et fichiers connus :

C:\WINDOWS\Tasks\AD4853AD9193C759.job trouvé ! Infection Lop possible non traitée par cet outil !

voilà c'éyait un peu long...

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.00GHz )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : MANUEL ( Administrator )
BOOT : Normal boot
Antivirus : Trend Micro Internet Security 17.0.1224 (Activated)
Firewall : Trend Micro Personal Firewall 5.5 (Activated)
C:\ (Local Disk) - NTFS - Total:129 Go (Free:48 Go)
D:\ (CD or DVD)
E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 12/02/2009|21:31 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\WINDOWS\Tasks\AD4853AD9193C759.job
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\great coal love default
Supprime! - C:\DOCUME~1\MANUEL\APPLIC~1\Grid Gpl
Supprime! - C:\Program Files\Grid Gpl
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[06/09/2004|15:40] C:\DOCUME~1\ADMINI~2\APPLIC~1\Adobe
[06/09/2004|14:23] C:\DOCUME~1\ADMINI~2\APPLIC~1\Identities
[06/09/2004|15:40] C:\DOCUME~1\ADMINI~2\APPLIC~1\InterTrust
[05/05/2007|12:19] C:\DOCUME~1\ADMINI~2\APPLIC~1\Microsoft
[06/09/2004|15:47] C:\DOCUME~1\ADMINI~2\APPLIC~1\Sonic

[06/09/2004|15:59] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[20/01/2008|19:01] C:\DOCUME~1\ALEX\APPLIC~1\Adobe
[06/04/2008|17:20] C:\DOCUME~1\ALEX\APPLIC~1\Apple Computer
[19/02/2007|20:58] C:\DOCUME~1\ALEX\APPLIC~1\Google
[13/06/2007|14:12] C:\DOCUME~1\ALEX\APPLIC~1\HotSync
[02/05/2008|18:53] C:\DOCUME~1\ALEX\APPLIC~1\HP
[06/09/2004|14:23] C:\DOCUME~1\ALEX\APPLIC~1\Identities
[06/09/2004|15:40] C:\DOCUME~1\ALEX\APPLIC~1\InterTrust
[07/10/2006|13:21] C:\DOCUME~1\ALEX\APPLIC~1\Macromedia
[05/05/2007|12:19] C:\DOCUME~1\ALEX\APPLIC~1\Microsoft
[17/12/2008|15:43] C:\DOCUME~1\ALEX\APPLIC~1\Mozilla
[22/07/2008|18:47] C:\DOCUME~1\ALEX\APPLIC~1\MSN6
[24/02/2008|19:47] C:\DOCUME~1\ALEX\APPLIC~1\Nokia
[24/02/2008|19:46] C:\DOCUME~1\ALEX\APPLIC~1\PC Suite
[14/11/2007|08:05] C:\DOCUME~1\ALEX\APPLIC~1\Real
[06/09/2004|15:47] C:\DOCUME~1\ALEX\APPLIC~1\Sonic
[13/06/2007|14:13] C:\DOCUME~1\ALEX\APPLIC~1\Talkback

[07/12/2008|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[06/10/2008|21:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[14/11/2007|20:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[04/11/2006|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[10/09/2005|11:21] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ArcSoft
[06/04/2008|15:01] C:\DOCUME~1\ALLUSE~1\APPLIC~1\AVS4YOU
[01/01/2009|21:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Azureus
[05/02/2009|21:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Babylon
[10/04/2006|16:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BOONTY
[26/10/2008|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software
[03/10/2008|21:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CopyTransControlCenter
[06/09/2004|15:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[07/02/2009|16:15] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Downloaded Installations
[08/02/2009|22:42] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[19/12/2008|23:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[08/05/2007|18:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HotSync
[06/08/2007|13:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[25/03/2008|21:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[22/07/2007|19:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[09/02/2009|22:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[05/08/2007|20:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logishrd
[01/03/2008|23:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[14/03/2005|15:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Games
[14/03/2005|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
[15/02/2008|22:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nokia
[07/09/2004|10:14] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[15/02/2008|22:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[09/02/2008|06:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\roam one plan base
[26/06/2008|21:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Roxio
[06/09/2004|14:38] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI
[14/01/2009|22:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[06/08/2007|14:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
[27/12/2005|14:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sony Ericsson
[10/02/2009|21:57] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[22/03/2007|07:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[02/01/2009|23:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\System Restore
[10/02/2009|21:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[12/02/2009|04:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trend Micro
[21/03/2007|21:37] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
[21/03/2005|18:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\UDL
[01/06/2006|21:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[07/10/2006|11:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar
[15/03/2008|22:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
[01/12/2007|18:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[03/12/2008|18:05] C:\DOCUME~1\DAMI\APPLIC~1\Adobe
[25/01/2006|19:24] C:\DOCUME~1\DAMI\APPLIC~1\Apple Computer
[10/09/2005|11:19] C:\DOCUME~1\DAMI\APPLIC~1\Arcsoft
[14/10/2007|15:52] C:\DOCUME~1\DAMI\APPLIC~1\EoRezo
[03/05/2008|18:19] C:\DOCUME~1\DAMI\APPLIC~1\Google
[04/08/2005|18:35] C:\DOCUME~1\DAMI\APPLIC~1\Help
[08/05/2007|18:39] C:\DOCUME~1\DAMI\APPLIC~1\HotSync
[24/04/2008|18:15] C:\DOCUME~1\DAMI\APPLIC~1\HP
[06/09/2004|14:23] C:\DOCUME~1\DAMI\APPLIC~1\Identities
[06/09/2004|15:40] C:\DOCUME~1\DAMI\APPLIC~1\InterTrust
[24/03/2007|15:23] C:\DOCUME~1\DAMI\APPLIC~1\ItsLabel
[30/12/2005|17:43] C:\DOCUME~1\DAMI\APPLIC~1\Leadertech
[05/05/2006|18:15] C:\DOCUME~1\DAMI\APPLIC~1\Macromedia
[27/02/2008|15:28] C:\DOCUME~1\DAMI\APPLIC~1\Microsoft
[17/07/2005|09:57] C:\DOCUME~1\DAMI\APPLIC~1\Microsoft Games
[11/10/2008|17:05] C:\DOCUME~1\DAMI\APPLIC~1\Mozilla
[10/09/2005|11:18] C:\DOCUME~1\DAMI\APPLIC~1\MSN6
[24/02/2008|04:45] C:\DOCUME~1\DAMI\APPLIC~1\Nokia
[24/02/2008|04:45] C:\DOCUME~1\DAMI\APPLIC~1\PC Suite
[16/04/2007|18:12] C:\DOCUME~1\DAMI\APPLIC~1\Real
[01/08/2007|18:54] C:\DOCUME~1\DAMI\APPLIC~1\Research In Motion
[06/09/2004|15:47] C:\DOCUME~1\DAMI\APPLIC~1\Sonic
[16/04/2007|18:20] C:\DOCUME~1\DAMI\APPLIC~1\Sun
[28/02/2007|22:27] C:\DOCUME~1\DAMI\APPLIC~1\Talkback

[06/09/2004|15:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Adobe
[06/09/2004|14:23] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[06/09/2004|15:40] C:\DOCUME~1\DEFAUL~1\APPLIC~1\InterTrust
[06/09/2004|14:31] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[06/09/2004|15:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Sonic

[05/10/2008|13:09] C:\DOCUME~1\DYLAN\APPLIC~1\Adobe
[13/04/2006|15:40] C:\DOCUME~1\DYLAN\APPLIC~1\Apple Computer
[06/11/2005|19:25] C:\DOCUME~1\DYLAN\APPLIC~1\Arcsoft
[20/05/2007|18:36] C:\DOCUME~1\DYLAN\APPLIC~1\EoRezo
[02/01/2007|15:40] C:\DOCUME~1\DYLAN\APPLIC~1\Google
[12/05/2007|15:07] C:\DOCUME~1\DYLAN\APPLIC~1\HotSync
[17/07/2008|21:41] C:\DOCUME~1\DYLAN\APPLIC~1\HP
[06/09/2004|14:23] C:\DOCUME~1\DYLAN\APPLIC~1\Identities
[06/09/2004|15:40] C:\DOCUME~1\DYLAN\APPLIC~1\InterTrust
[16/04/2007|17:51] C:\DOCUME~1\DYLAN\APPLIC~1\ItsLabel
[04/03/2006|19:41] C:\DOCUME~1\DYLAN\APPLIC~1\Macromedia
[05/05/2007|12:19] C:\DOCUME~1\DYLAN\APPLIC~1\Microsoft
[30/10/2005|18:44] C:\DOCUME~1\DYLAN\APPLIC~1\Microsoft Games
[11/10/2008|16:20] C:\DOCUME~1\DYLAN\APPLIC~1\Mozilla
[18/03/2008|22:27] C:\DOCUME~1\DYLAN\APPLIC~1\Nokia
[18/03/2008|22:27] C:\DOCUME~1\DYLAN\APPLIC~1\PC Suite
[16/04/2007|17:51] C:\DOCUME~1\DYLAN\APPLIC~1\Real
[06/09/2004|15:47] C:\DOCUME~1\DYLAN\APPLIC~1\Sonic
[02/03/2007|11:25] C:\DOCUME~1\DYLAN\APPLIC~1\Sun
[02/03/2007|11:20] C:\DOCUME~1\DYLAN\APPLIC~1\Talkback

[05/05/2007|12:19] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[03/11/2007|19:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\Roxio

[02/09/2008|20:01] C:\DOCUME~1\MANUEL\APPLIC~1\Adobe
[02/02/2007|22:23] C:\DOCUME~1\MANUEL\APPLIC~1\AdobeUM
[30/07/2008|20:14] C:\DOCUME~1\MANUEL\APPLIC~1\Apple Computer
[10/05/2005|20:01] C:\DOCUME~1\MANUEL\APPLIC~1\ArcSoft
[06/12/2008|23:51] C:\DOCUME~1\MANUEL\APPLIC~1\AVS4YOU
[01/02/2009|06:38] C:\DOCUME~1\MANUEL\APPLIC~1\Azureus
[05/02/2009|21:25] C:\DOCUME~1\MANUEL\APPLIC~1\Babylon
[22/07/2007|19:46] C:\DOCUME~1\MANUEL\APPLIC~1\Blackberry Desktop
[02/09/2008|20:04] C:\DOCUME~1\MANUEL\APPLIC~1\com.adobe.example.widget-programmes.40247E01796E652D304FB5752B197AB47987A585.1
[03/10/2008|21:49] C:\DOCUME~1\MANUEL\APPLIC~1\CopyTrans
[03/10/2008|21:44] C:\DOCUME~1\MANUEL\APPLIC~1\CopyTransControlCenter
[03/10/2008|21:48] C:\DOCUME~1\MANUEL\APPLIC~1\CopyTransPhoto
[26/11/2007|21:04] C:\DOCUME~1\MANUEL\APPLIC~1\DivX
[03/02/2009|21:56] C:\DOCUME~1\MANUEL\APPLIC~1\dvdcss
[19/12/2008|23:24] C:\DOCUME~1\MANUEL\APPLIC~1\eMule
[04/11/2007|12:44] C:\DOCUME~1\MANUEL\APPLIC~1\EoRezo
[02/01/2009|23:53] C:\DOCUME~1\MANUEL\APPLIC~1\FireShot
[28/12/2006|18:51] C:\DOCUME~1\MANUEL\APPLIC~1\Google
[02/08/2005|17:59] C:\DOCUME~1\MANUEL\APPLIC~1\Help
[08/05/2007|18:22] C:\DOCUME~1\MANUEL\APPLIC~1\HotSync
[23/04/2008|20:00] C:\DOCUME~1\MANUEL\APPLIC~1\HP
[06/09/2004|14:23] C:\DOCUME~1\MANUEL\APPLIC~1\Identities
[15/03/2008|22:44] C:\DOCUME~1\MANUEL\APPLIC~1\Image Zone Express
[03/02/2009|21:45] C:\DOCUME~1\MANUEL\APPLIC~1\InstallShield
[06/09/2004|15:40] C:\DOCUME~1\MANUEL\APPLIC~1\InterTrust
[22/03/2007|21:39] C:\DOCUME~1\MANUEL\APPLIC~1\ItsLabel
[04/11/2007|19:22] C:\DOCUME~1\MANUEL\APPLIC~1\Lavasoft
[20/01/2006|15:56] C:\DOCUME~1\MANUEL\APPLIC~1\Leadertech
[21/03/2006|21:19] C:\DOCUME~1\MANUEL\APPLIC~1\Macromedia
[24/02/2008|08:52] C:\DOCUME~1\MANUEL\APPLIC~1\Microsoft
[14/03/2005|15:18] C:\DOCUME~1\MANUEL\APPLIC~1\Microsoft Games
[05/10/2008|18:43] C:\DOCUME~1\MANUEL\APPLIC~1\Mozilla
[01/10/2006|14:12] C:\DOCUME~1\MANUEL\APPLIC~1\MSN6
[04/08/2008|20:28] C:\DOCUME~1\MANUEL\APPLIC~1\Nokia
[19/02/2008|22:44] C:\DOCUME~1\MANUEL\APPLIC~1\NSeries
[24/03/2008|20:44] C:\DOCUME~1\MANUEL\APPLIC~1\PC Suite
[12/09/2007|20:34] C:\DOCUME~1\MANUEL\APPLIC~1\Printer Info Cache
[28/03/2007|21:27] C:\DOCUME~1\MANUEL\APPLIC~1\Real
[24/07/2007|19:36] C:\DOCUME~1\MANUEL\APPLIC~1\Research In Motion
[26/01/2009|22:12] C:\DOCUME~1\MANUEL\APPLIC~1\Retriever
[23/06/2008|20:21] C:\DOCUME~1\MANUEL\APPLIC~1\Roxio
[08/12/2008|21:14] C:\DOCUME~1\MANUEL\APPLIC~1\Samsung
[05/02/2009|22:09] C:\DOCUME~1\MANUEL\APPLIC~1\Skype
[12/02/2009|21:00] C:\DOCUME~1\MANUEL\APPLIC~1\skypePM
[21/03/2005|21:18] C:\DOCUME~1\MANUEL\APPLIC~1\Smart Panel
[06/09/2004|15:47] C:\DOCUME~1\MANUEL\APPLIC~1\Sonic
[10/04/2006|19:56] C:\DOCUME~1\MANUEL\APPLIC~1\Sun
[03/03/2007|10:46] C:\DOCUME~1\MANUEL\APPLIC~1\Talkback
[21/03/2007|21:38] C:\DOCUME~1\MANUEL\APPLIC~1\TuneUp Software
[03/11/2007|21:24] C:\DOCUME~1\MANUEL\APPLIC~1\Uniblue
[08/02/2009|22:09] C:\DOCUME~1\MANUEL\APPLIC~1\uTorrent
[10/02/2009|22:42] C:\DOCUME~1\MANUEL\APPLIC~1\vghd
[30/01/2009|21:43] C:\DOCUME~1\MANUEL\APPLIC~1\vlc
[29/07/2008|21:50] C:\DOCUME~1\MANUEL\APPLIC~1\WinRAR
[24/06/2008|22:23] C:\DOCUME~1\MANUEL\APPLIC~1\XnView

[05/05/2007|12:19] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft


--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[11/02/2009 22:43][--a------] C:\WINDOWS\tasks\Ad-Aware Update (Daily).job
[03/02/2009 10:31][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[12/02/2009 21:39][--a------] C:\WINDOWS\tasks\V‚rifier les mises … jour de Windows Live Toolbar.job
[30/01/2009 15:00][--a------] C:\WINDOWS\tasks\Norton Security Scan.job
[24/04/2003 13:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini
[12/02/2009 20:59][--ah-----] C:\WINDOWS\tasks\SA.DAT

--------------------\\ Listing des dossiers dans C:\Program Files

[18/11/2005|18:36] C:\Program Files\1st Tarot
[06/10/2008|21:32] C:\Program Files\Adobe
[24/06/2008|22:26] C:\Program Files\Ahead
[21/03/2007|21:57] C:\Program Files\Alwil Software
[03/09/2008|21:41] C:\Program Files\Apple Software Update
[10/05/2005|19:53] C:\Program Files\ArcSoft
[30/01/2008|22:47] C:\Program Files\Avanquest update
[06/04/2008|14:19] C:\Program Files\AVI DivX MPEG to DVD Converter & Burner
[03/02/2009|21:43] C:\Program Files\AVS4YOU
[04/08/2008|06:43] C:\Program Files\AVSMedia
[08/02/2009|22:51] C:\Program Files\BitDefender
[06/01/2009|20:09] C:\Program Files\Bonjour
[04/11/2007|14:03] C:\Program Files\Boonty
[23/01/2006|16:08] C:\Program Files\Breed
[04/08/2005|19:06] C:\Program Files\Coinche15
[04/08/2008|20:31] C:\Program Files\Common Files
[06/09/2004|14:02] C:\Program Files\ComPlus Applications
[01/01/2009|21:59] C:\Program Files\Conduit
[07/09/2004|14:59] C:\Program Files\Cr‚ez votre site Web
[06/09/2004|15:42] C:\Program Files\CyberLink
[11/10/2008|16:32] C:\Program Files\Datel
[30/01/2008|22:47] C:\Program Files\Dial-Messenger
[25/03/2008|21:39] C:\Program Files\DIFX
[28/04/2008|17:58] C:\Program Files\Digital-Jesters
[29/04/2005|21:09] C:\Program Files\directx
[20/03/2005|12:12] C:\Program Files\Disney Interactive
[01/03/2008|23:05] C:\Program Files\DivX
[22/08/2007|21:46] C:\Program Files\DTV
[18/10/2008|13:31] C:\Program Files\EA SPORTS
[18/10/2008|13:32] C:\Program Files\EACOM
[01/12/2008|20:35] C:\Program Files\Eden Flirt
[16/01/2009|22:07] C:\Program Files\eMule
[14/03/2005|17:31] C:\Program Files\Enlight
[04/08/2008|20:00] C:\Program Files\epson
[11/02/2009|22:20] C:\Program Files\Eset
[07/09/2004|15:06] C:\Program Files\FenAffiche
[30/01/2009|22:01] C:\Program Files\Fichiers communs
[19/02/2008|21:49] C:\Program Files\France Telecom
[08/02/2009|23:00] C:\Program Files\Google
[21/03/2007|21:30] C:\Program Files\Grisoft
[07/02/2009|18:45] C:\Program Files\Happyneuron
[06/09/2004|14:35] C:\Program Files\HighMAT CD Writing Wizard
[23/04/2008|19:30] C:\Program Files\HP
[07/02/2009|18:45] C:\Program Files\INFORAD
[08/02/2009|22:40] C:\Program Files\InstallShield Installation Information
[06/09/2004|15:13] C:\Program Files\Intel
[11/02/2009|21:40] C:\Program Files\Internet Explorer
[07/12/2008|18:55] C:\Program Files\iPod
[07/12/2008|18:56] C:\Program Files\iTunes
[18/04/2007|18:44] C:\Program Files\Java
[04/11/2007|07:46] C:\Program Files\jv16 PowerTools 2007
[17/10/2008|18:05] C:\Program Files\KONAMI
[10/02/2009|21:51] C:\Program Files\Lavasoft
[28/08/2006|13:49] C:\Program Files\Macrogaming
[27/03/2005|11:20] C:\Program Files\MegaWorld
[31/08/2008|21:18] C:\Program Files\Messenger
[31/01/2006|19:44] C:\Program Files\Micro Application
[26/01/2009|22:02] C:\Program Files\Microsoft ActiveSync
[09/05/2007|21:42] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[06/09/2004|14:24] C:\Program Files\microsoft frontpage
[26/06/2008|21:55] C:\Program Files\Microsoft Office
[05/02/2008|21:18] C:\Program Files\Microsoft.NET
[04/11/2007|07:52] C:\Program Files\Mindscape
[08/08/2008|21:12] C:\Program Files\Mininova
[08/02/2009|11:36] C:\Program Files\Mininova-Vuze
[31/08/2008|21:09] C:\Program Files\Movie Maker
[12/02/2009|20:16] C:\Program Files\Mozilla Firefox
[07/12/2007|20:56] C:\Program Files\MP3 Player Utilities 3.5.02
[07/12/2007|20:54] C:\Program Files\MP3 Player Utilities 4.13
[17/12/2008|22:33] C:\Program Files\MSBuild
[05/11/2005|14:41] C:\Program Files\MSN
[31/01/2007|21:40] C:\Program Files\MSN Games
[06/09/2004|14:02] C:\Program Files\MSN Gaming Zone
[31/08/2008|21:51] C:\Program Files\MSN Messenger
[17/11/2006|21:46] C:\Program Files\MSXML 4.0
[04/11/2007|07:56] C:\Program Files\Nathan
[12/02/2009|21:13] C:\Program Files\Navilog1
[31/08/2008|21:02] C:\Program Files\NetMeeting
[20/03/2006|19:46] C:\Program Files\neuf telecom
[04/08/2008|20:28] C:\Program Files\Nokia
[31/08/2008|21:01] C:\Program Files\Outlook Express
[25/09/2008|22:11] C:\Program Files\palmOne
[05/05/2007|21:27] C:\Program Files\PartyGaming
[08/09/2004|13:32] C:\Program Files\Phoenix Technologies Ltd
[08/06/2008|17:54] C:\Program Files\PhotoFiltre
[06/08/2007|12:33] C:\Program Files\Picasa2
[08/02/2009|22:16] C:\Program Files\QUAD Utilities
[07/12/2008|18:51] C:\Program Files\QuickTime
[28/03/2007|20:56] C:\Program Files\Real
[22/03/2005|16:14] C:\Program Files\Redoubt
[17/12/2008|22:26] C:\Program Files\Reference Assemblies
[26/01/2009|22:12] C:\Program Files\Retriever
[07/12/2008|18:42] C:\Program Files\Safari
[26/01/2009|22:07] C:\Program Files\Samsung
[06/09/2004|14:02] C:\Program Files\Services en ligne
[14/01/2009|22:37] C:\Program Files\Skype
[21/03/2005|18:29] C:\Program Files\Smart Panel
[10/02/2009|21:57] C:\Program Files\Spybot - Search & Destroy
[21/03/2007|22:14] C:\Program Files\Symantec
[18/10/2008|18:07] C:\Program Files\Take Two Interactive
[25/12/2005|17:20] C:\Program Files\THQ
[11/02/2009|22:27] C:\Program Files\Trend Micro
[27/02/2008|15:38] C:\Program Files\Ubi Soft
[20/02/2006|18:38] C:\Program Files\Unalis
[06/09/2004|14:08] C:\Program Files\Uninstall Information
[16/11/2007|21:10] C:\Program Files\v8110
[11/02/2009|20:17] C:\Program Files\vghd
[25/09/2008|22:17] C:\Program Files\VideoLAN
[30/01/2008|22:47] C:\Program Files\VideoLink Pro
[31/01/2009|20:48] C:\Program Files\Vuze
[01/03/2008|23:31] C:\Program Files\WinAce
[06/09/2004|14:35] C:\Program Files\Windows Journal Viewer
[08/08/2008|21:06] C:\Program Files\Windows Live
[13/09/2008|19:36] C:\Program Files\Windows Live Safety Center
[30/01/2008|22:47] C:\Program Files\Windows Live Toolbar
[30/01/2008|22:47] C:\Program Files\Windows Media Connect 2
[31/08/2008|21:01] C:\Program Files\Windows Media Player
[31/08/2008|21:01] C:\Program Files\Windows NT
[20/03/2006|20:02] C:\Program Files\WindowsUpdate
[03/10/2008|21:44] C:\Program Files\WindSolutions
[29/07/2008|21:49] C:\Program Files\WinRAR
[27/12/2008|22:02] C:\Program Files\WinSCP
[25/05/2008|21:51] C:\Program Files\WinZip
[06/09/2004|14:24] C:\Program Files\xerox
[08/12/2008|21:13] C:\Program Files\XviD
[04/08/2008|20:03] C:\Program Files\Yahoo!
[18/09/2007|20:25] C:\Program Files\YesMessenger

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[06/10/2008|21:29] C:\Program Files\Fichiers communs\Adobe
[02/09/2008|20:04] C:\Program Files\Fichiers communs\Adobe AIR
[07/12/2008|18:55] C:\Program Files\Fichiers communs\Apple
[03/02/2009|21:43] C:\Program Files\Fichiers communs\AVSMedia
[02/02/2009|23:31] C:\Program Files\Fichiers communs\BitDefender
[10/04/2006|16:08] C:\Program Files\Fichiers communs\BOONTY Shared
[23/04/2008|19:31] C:\Program Files\Fichiers communs\Hewlett-Packard
[18/10/2008|13:30] C:\Program Files\Fichiers communs\InstallShield
[26/02/2007|17:22] C:\Program Files\Fichiers communs\Java
[05/08/2007|20:25] C:\Program Files\Fichiers communs\logishrd
[06/08/2007|11:47] C:\Program Files\Fichiers communs\Logitech
[26/01/2009|22:02] C:\Program Files\Fichiers communs\Microsoft Shared
[28/10/2007|13:52] C:\Program Files\Fichiers communs\Motorola Shared
[06/09/2004|14:03] C:\Program Files\Fichiers communs\MSSoap
[06/09/2004|14:57] C:\Program Files\Fichiers communs\ODBC
[28/06/2008|22:48] C:\Program Files\Fichiers communs\Real
[26/06/2008|21:48] C:\Program Files\Fichiers communs\Roxio Shared
[06/09/2004|14:03] C:\Program Files\Fichiers communs\Services
[14/01/2009|22:36] C:\Program Files\Fichiers communs\Skype
[10/05/2005|19:49] C:\Program Files\Fichiers communs\Smith Micro Shared
[06/09/2004|14:57] C:\Program Files\Fichiers communs\SpeechEngines
[01/11/2007|16:35] C:\Program Files\Fichiers communs\Symantec Shared
[31/08/2008|21:01] C:\Program Files\Fichiers communs\System
[05/05/2007|21:26] C:\Program Files\Fichiers communs\Teleca Shared
[01/12/2007|18:07] C:\Program Files\Fichiers communs\WindowsLiveInstaller
[26/06/2008|21:34] C:\Program Files\Fichiers communs\Wise Installation Wizard
[28/06/2008|22:49] C:\Program Files\Fichiers communs\xing shared

--------------------\\ Process

( 41 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-12 21:58:16
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 249

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\MANUEL\Mes documents\Antivirus Nod32\Crack
C:\DOCUME~1\MANUEL\Mes documents\Antivirus Nod32\Crack\Crack
C:\DOCUME~1\MANUEL\Mes documents\Antivirus Nod32\Crack\http--www.emule-paradise.com-.url
C:\DOCUME~1\MANUEL\Mes documents\Antivirus Nod32\Crack\nentfrst.exe
C:\DOCUME~1\MANUEL\Mes documents\Antivirus Nod32\Crack\NOD32.Antivirus.v2.50.41.FR.(Version.Windows_XP_2000_2003_NT.rar
C:\DOCUME~1\MANUEL\Mes documents\jeu\ STAR WARS GALACTIC BATTLEGROUNDS] CLONE CAMPAIGNS PC full [ crack serial nocd keygen inc] jeu video game juego.zip


[F:14][D:2]-> C:\DOCUME~1\MANUEL\LOCALS~1\Temp
[F:19][D:0]-> C:\DOCUME~1\MANUEL\Cookies
[F:453][D:4]-> C:\DOCUME~1\MANUEL\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 12/02/2009|22:02 - Option : [2]

--------------------\\ Fin du rapport a 22:02:50

bonjour,

tu parles des mises à jours windows, non elles sont bien activées automatiquement.

ok,
mais quelles sont les fichiers que je dois analyser?

voici la réponse:

0 bytes size received / Se ha recibido un archivo vacio

le pc me semble un peu long , surtout à l'ouverture,le bureau met du temps à apparaitre.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:57:14, on 19/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Trend Micro\BM\TMBMSRV.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
C:\Program Files\Trend Micro\Internet Security\TmProxy.exe
C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe
C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Fichiers communs\Real\Update_OB\RealOneMessageCenter.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&ctid=CT1978305
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Mininova-Vuze Toolbar - {d51d388b-f5dc-471a-a1ce-5e2d671091c0} - C:\Program Files\Mininova-Vuze\tbMin1.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Mininova-Vuze Toolbar - {d51d388b-f5dc-471a-a1ce-5e2d671091c0} - C:\Program Files\Mininova-Vuze\tbMin1.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Mininova-Vuze Toolbar - {d51d388b-f5dc-471a-a1ce-5e2d671091c0} - C:\Program Files\Mininova-Vuze\tbMin1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [UfSeAgnt.exe] "C:\Program Files\Trend Micro\Internet Security\UfSeAgnt.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [sysguard] C:\WINDOWS\sysguard.exe
O4 - HKCU\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [OE] C:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.unika.com
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {ADACAA8F-3595-47FE-9C31-9C7471B9BEC7} (OCXDownloadChecker Control) - http://194.206.101.89/cab/OCXChecker_8000.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {DBAFE6AD-DC14-45DF-A3F7-F8832289A1CD} (DownloadFile Control) - http://194.206.101.89/cab/DownloadFile_8110.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{DC36E018-BF74-4B73-A92E-8AAC17085A47}: NameServer = 86.64.145.140,84.103.237.140
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Fichiers communs\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - C:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (TmProxy) - Trend Micro Inc. - C:\Program Files\Trend Micro\Internet Security\TmProxy.exe

voici le rapport:
ComboFix 09-02-19.01 - MANUEL 2009-02-21 17:14:26.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.1023.574 [GMT 1:00]
Lancé depuis: c:\documents and settings\MANUEL\Bureau\ComboFix.exe
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
AV: BitDefender Antivirus *On-access scanning disabled* (Updated)
FW: Norton Internet Worm Protection *disabled*
FW: Pare-feu BitDefender *disabled*
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\QUAD Utilities
C:\setup.exe
c:\windows\aazalirt.exe
c:\windows\iddqdops.exe
c:\windows\jikglond.exe
c:\windows\jiklagka.exe
c:\windows\jungertab.exe
c:\windows\klopnidret.exe
c:\windows\ronitfst.exe
c:\windows\salrtybek.exe
c:\windows\seeukluba.exe
c:\windows\skaaanret.exe
c:\windows\system32\_000008_.tmp.dll
c:\windows\system32\_000009_.tmp.dll
c:\windows\tobmygers.exe
c:\windows\tobykke.exe
c:\windows\zibaglertz.exe

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES
-------\Service_Boonty Games


((((((((((((((((((((((((((((( Fichiers créés du 2009-01-21 au 2009-02-21 ))))))))))))))))))))))))))))))))))))
.

2009-02-20 08:01 . 2009-02-20 08:01 <REP> d-------- c:\windows\system32\log
2009-02-18 21:08 . 2009-02-18 21:08 <REP> d-------- C:\_OTMoveIt
2009-02-15 17:15 . 2009-02-15 17:15 <REP> d-------- c:\program files\RadarSyncBar
2009-02-15 17:14 . 2009-02-15 17:15 <REP> d-------- c:\program files\RadarSync
2009-02-12 23:12 . 2009-02-12 23:12 <REP> d-------- c:\program files\Avira
2009-02-12 23:12 . 2009-02-12 23:12 <REP> d-------- c:\documents and settings\All Users\Application Data\Avira
2009-02-12 23:07 . 2009-02-12 23:08 22,148,280 --a------ C:\antivir_workstation_winu_fr_h.exe
2009-02-12 22:07 . 2009-02-12 22:07 812,344 --a------ C:\HJTInstall.exe
2009-02-12 21:30 . 2009-02-12 22:02 <REP> d-------- C:\Lop SD
2009-02-11 22:25 . 2009-02-20 08:10 <REP> d-------- c:\documents and settings\All Users\Application Data\Trend Micro
2009-02-11 22:24 . 2009-02-20 08:01 <REP> d-------- c:\program files\Trend Micro
2009-02-11 21:50 . 2009-02-11 21:55 <REP> d-------- c:\documents and settings\MANUEL\.housecall6.6
2009-02-11 21:40 . 2009-02-11 21:40 1,374 --a------ c:\windows\imsins.BAK
2009-02-08 23:22 . 2009-02-12 21:13 <REP> d-------- c:\program files\Navilog1
2009-02-07 16:15 . 2009-02-07 16:15 <REP> d-------- c:\documents and settings\All Users\Application Data\Downloaded Installations
2009-02-05 21:32 . 2009-02-10 22:42 5 --a------ c:\windows\sbacknt.bin
2009-02-05 21:30 . 2009-02-11 20:17 <REP> d-------- c:\program files\vghd
2009-02-05 21:30 . 2009-02-10 22:42 <REP> d-------- c:\documents and settings\MANUEL\Application Data\vghd
2009-02-05 21:30 . 2009-02-05 21:30 152,904 --a------ c:\windows\system32\vghd.scr
2009-02-05 21:25 . 2009-02-05 21:25 <REP> d-------- c:\documents and settings\MANUEL\Application Data\Babylon
2009-02-05 21:25 . 2009-02-05 21:25 <REP> d-------- c:\documents and settings\All Users\Application Data\Babylon
2009-02-05 21:03 . 2008-04-14 04:33 21,504 --a------ c:\windows\system32\hidserv.dll
2009-02-05 21:03 . 2008-04-14 04:33 21,504 --a--c--- c:\windows\system32\dllcache\hidserv.dll
2009-01-31 10:40 . 2003-04-24 13:00 66,082 --a--c--- c:\windows\system32\dllcache\c_1147.nls
2009-01-31 10:40 . 2003-04-24 13:00 66,082 --a------ c:\windows\system32\c_1147.nls
2009-01-30 22:49 . 2009-02-03 21:56 <REP> d-------- c:\documents and settings\MANUEL\Application Data\dvdcss
2009-01-30 22:20 . 2009-02-02 23:21 81,984 --a------ c:\windows\system32\bdod.bin
2009-01-30 22:13 . 2009-01-30 22:13 850 --a------ c:\windows\system32\ProductTweaks.xml
2009-01-30 22:13 . 2009-01-30 22:13 385 --a------ c:\windows\system32\user_gensett.xml
2009-01-30 22:04 . 2009-02-08 22:51 <REP> d-------- c:\program files\BitDefender
2009-01-30 22:01 . 2009-02-02 23:31 <REP> d-------- c:\program files\Fichiers communs\BitDefender
2009-01-30 21:47 . 2009-01-30 21:47 <REP> d-------- c:\windows\E5431FB5B3EB46C88275F6447131C98A.TMP
2009-01-30 21:43 . 2009-01-30 21:43 <REP> d-------- c:\documents and settings\MANUEL\Application Data\vlc
2009-01-28 21:21 . 2009-01-28 21:43 <REP> d-------- C:\Downloads
2009-01-26 22:12 . 2009-01-26 22:12 <REP> d-------- c:\documents and settings\MANUEL\Application Data\Retriever
2009-01-26 22:11 . 2009-01-26 22:12 <REP> d-------- c:\program files\Retriever
2009-01-26 22:02 . 2009-01-26 22:02 <REP> d-------- c:\program files\Microsoft ActiveSync
2009-01-25 13:18 . 2009-02-08 22:09 <REP> d-------- c:\documents and settings\MANUEL\Application Data\uTorrent

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-21 16:02 --------- d-----w c:\documents and settings\MANUEL\Application Data\skypePM
2009-02-19 23:24 --------- d-----w c:\program files\eMule
2009-02-13 21:50 --------- d-----w c:\program files\Fichiers communs\Adobe
2009-02-13 20:54 --------- d-----w c:\documents and settings\MANUEL\Application Data\Skype
2009-02-12 22:05 --------- d-----w c:\program files\Eset
2009-02-10 20:58 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-02-10 20:57 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-02-10 20:51 --------- d-----w c:\program files\Lavasoft
2009-02-09 21:43 --------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft
2009-02-08 22:00 --------- d-----w c:\program files\Google
2009-02-08 21:40 --------- d--h--w c:\program files\InstallShield Installation Information
2009-02-08 10:36 --------- d-----w c:\program files\Mininova-Vuze
2009-02-07 17:45 --------- d-----w c:\program files\INFORAD
2009-02-07 17:45 --------- d-----w c:\program files\Happyneuron
2009-02-03 20:45 --------- d-----w c:\documents and settings\MANUEL\Application Data\InstallShield
2009-02-03 20:43 --------- d-----w c:\program files\Fichiers communs\AVSMedia
2009-02-03 20:43 --------- d-----w c:\program files\AVS4YOU
2009-02-01 05:38 --------- d-----w c:\documents and settings\MANUEL\Application Data\Azureus
2009-01-31 19:48 --------- d-----w c:\program files\Vuze
2009-01-26 21:07 --------- d-----w c:\program files\Samsung
2009-01-14 21:37 --------- d-----w c:\program files\Skype
2009-01-14 21:37 --------- d-----w c:\documents and settings\All Users\Application Data\Skype
2009-01-14 21:36 --------- d-----w c:\program files\Fichiers communs\Skype
2009-01-06 19:09 --------- d-----w c:\program files\Bonjour
2009-01-02 22:53 --------- d-sh--w c:\documents and settings\All Users\Application Data\System Restore
2009-01-02 22:53 --------- d-----w c:\documents and settings\MANUEL\Application Data\FireShot
2009-01-01 20:59 --------- d-----w c:\program files\Conduit
2009-01-01 20:59 --------- d-----w c:\documents and settings\All Users\Application Data\Azureus
2008-12-27 21:02 --------- d-----w c:\program files\WinSCP
2008-12-05 19:29 90,112 ----a-w c:\windows\DUMP700f.tmp
2008-12-05 17:27 90,112 ----a-w c:\windows\DUMP7908.tmp
2008-09-16 20:32 14,771,744 ----a-w c:\program files\IE7-WindowsXP-x86-fra.exe
2008-08-31 20:34 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008083120080901\index.dat
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{d51d388b-f5dc-471a-a1ce-5e2d671091c0}"= "c:\program files\Mininova-Vuze\tbMin1.dll" [2009-02-08 1881112]

[HKEY_CLASSES_ROOT\clsid\{d51d388b-f5dc-471a-a1ce-5e2d671091c0}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{d51d388b-f5dc-471a-a1ce-5e2d671091c0}]
2009-02-08 11:36 1881112 --a------ c:\program files\Mininova-Vuze\tbMin1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{d51d388b-f5dc-471a-a1ce-5e2d671091c0}"= "c:\program files\Mininova-Vuze\tbMin1.dll" [2009-02-08 1881112]

[HKEY_CLASSES_ROOT\clsid\{d51d388b-f5dc-471a-a1ce-5e2d671091c0}]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{D51D388B-F5DC-471A-A1CE-5E2D671091C0}"= "c:\program files\Mininova-Vuze\tbMin1.dll" [2009-02-08 1881112]

[HKEY_CLASSES_ROOT\clsid\{d51d388b-f5dc-471a-a1ce-5e2d671091c0}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-18 21633320]
"H/PC Connection Agent"="c:\program files\Microsoft ActiveSync\wcescomm.exe" [2006-11-13 1289000]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"ISUSPM"="c:\program files\Fichiers communs\InstallShield\UpdateService\ISUSPM.exe" [2006-09-11 218032]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2004-07-12 4112384]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-11-20 290088]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-06-28 185896]
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2008-11-04 413696]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.iv50"= c:\windows\ir50_32.dll
"vidc.mpg2"= c:\windows\mpg4c32.dll
"vidc.mpg3"= c:\windows\mpg4c32.dll
"vidc.MJPG"= c:\windows\m3jpeg32.dll
"vidc.dmb1"= c:\windows\m3jpeg32.dll
"vidc.GEOX"= c:\windows\system32\GeoCodec.dll
"vidc.GM20"= c:\windows\system32\GXGM20.dll
"vidc.GEOV"= c:\windows\system32\GeoCodec.dll
"vidc.GMP4"= c:\windows\system32\GXAMP4.dll
"vidc.GM40"= c:\windows\system32\GXAMP4.dll
"msacm.geoadpcm"= c:\windows\system32\GeoADPCM.acm
"vidc.G264"= c:\windows\system32\GX264.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\[u]0/uaswBoot.exe /A:* /L:French

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HOTSYNCSHORTCUTNAME.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\HOTSYNCSHORTCUTNAME.lnk
backup=c:\windows\pss\HOTSYNCSHORTCUTNAME.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Outil de mise à jour Google.lnk
backup=c:\windows\pss\Outil de mise à jour Google.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^MANUEL^Menu Démarrer^Programmes^Démarrage^palmOne Registration.lnk]
path=c:\documents and settings\MANUEL\Menu Démarrer\Programmes\Démarrage\palmOne Registration.lnk
backup=c:\windows\pss\palmOne Registration.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
--a------ 2008-10-15 01:04 39792 c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Configuration de la neuf Box]
--------- 2005-12-13 14:19 389120 c:\program files\neuf telecom\neuf Box\Wizard\QuickAccess.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE]
--a------ 2008-04-14 03:33 15360 c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EdenFlirt]
--a------ 2008-07-03 15:12 499712 c:\program files\Eden Flirt\EdenFlirt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-11-20 13:20 290088 c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-01-19 12:55 5674352 c:\program files\MSN Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
--a------ 2004-07-12 15:50 4112384 c:\windows\system32\nvcpl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-11-04 10:30 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--------- 2008-06-28 22:47 185896 c:\program files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Samsung\\SmartViewer 2.0 for ProDVR\\SmartViewer.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\program files\Microsoft ActiveSync\rapimgr.exe"= c:\program files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager
"c:\program files\Microsoft ActiveSync\wcescomm.exe"= c:\program files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager
"c:\program files\Microsoft ActiveSync\WCESMgr.exe"= c:\program files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application
"c:\\Program Files\\v8110\\DMMultiView\\MultiView.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"26675:TCP"= 26675:TCP:169.254.2.0/255.255.255.0:Enabled:ActiveSync Service
"52781:UDP"= 52781:UDP:eMule 127.0.0.1
"52771:TCP"= 52771:TCP:eMule 127.0.0.1

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]
"AllowOutboundDestinationUnreachable"= 1 (0x1)
"AllowOutboundSourceQuench"= 1 (0x1)
"AllowOutboundTimeExceeded"= 1 (0x1)
"AllowRedirect"= 1 (0x1)

R0 RITCPT;RITCPT;c:\windows\system32\drivers\RITCPT.SYS [2004-09-06 43512]
R0 viaraid;viaraid;c:\windows\system32\drivers\viaraid.sys [2004-09-08 72192]
R0 VVBackd5;VVBackd5;c:\windows\system32\drivers\VVBackd5.sys [2005-03-14 179482]
R2 FBAPI;FBAPI;c:\windows\system32\drivers\FBAPI.sys [2004-09-06 5088]
R3 cmudax;C-Media High Definition Audio Interface;c:\windows\system32\drivers\cmudax.sys [2004-09-07 1258432]
S1 hidfltr;HID Filter Driver;c:\windows\system32\drivers\MWhid.sys [2004-11-03 13332]
S2 tmevtmgr;tmevtmgr;\??\c:\windows\system32\drivers\tmevtmgr.sys --> c:\windows\system32\drivers\tmevtmgr.sys [?]
S3 camvid20;Philips ToUcam Camera; Video;c:\windows\system32\drivers\camdrv21.sys [2005-05-10 223232]
S3 cusbohcn;cusbohcn;\??\c:\docume~1\DAMI\LOCALS~1\Temp\cusbohcn.sys --> c:\docume~1\DAMI\LOCALS~1\Temp\cusbohcn.sys [?]
S3 DTT200U;DTT200U DVB-T USB receiver Driver;c:\windows\system32\drivers\DTT200U.sys [2004-09-06 18432]
S3 DTT200ULD;DTT200U DVB-T USB receiver firmware loader;c:\windows\system32\drivers\DTT200ULD.sys [2004-10-01 17920]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{431d3398-feb9-11dd-aabd-00110965ce4e}]
\Shell\AutoRun\command - f:\wd_windows_tools\WDSetup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c7bf548c-c561-11dd-aa50-00110965ce4e}]
\Shell\AutoRun\command - F:\DPFMate.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{eb413e38-95e0-11dc-a80d-00110965ce4e}]
\Shell\AutoRun\command - F:\start.exe
\Shell\iledefrance\command - F:\start.exe
.
Contenu du dossier 'Tâches planifiées'

2009-02-20 c:\windows\Tasks\Ad-Aware Update (Daily).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe []

2009-02-17 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-02-20 c:\windows\Tasks\Norton Security Scan.job
- c:\program files\Norton Security Scan\Nss.exe []

2009-02-21 c:\windows\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job
- c:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 11:20]
.
- - - - ORPHELINS SUPPRIMES - - - -

HKCU-Run-sysguard - c:\windows\sysguard.exe
MSConfigStartUp-AppleSyncNotifier - c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
MSConfigStartUp-ccleaner - c:\program files\CCleaner\CCleaner.exe
MSConfigStartUp-Google Desktop Search - c:\program files\Google\Google Desktop Search\GoogleDesktop.exe
MSConfigStartUp-kiywm - c:\documents and settings\manuel\local settings\application data\kiywm.exe
MSConfigStartUp-nod32kui - c:\program files\Eset\nod32kui.exe
MSConfigStartUp-ruecfqd - c:\documents and settings\manuel\local settings\application data\ruecfqd.exe
MSConfigStartUp-SpybotSD TeaTimer - c:\program files\Spybot - Search & Destroy\TeaTimer.exe


.
------- Examen supplémentaire -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT1978305
uInternet Connection Wizard,ShellNext = iexplore
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://g.msn.fr/0SEFRFR/SAOS01?FORM=TOOLBR
TCP: {DC36E018-BF74-4B73-A92E-8AAC17085A47} = 86.64.145.140,84.103.237.140
DPF: {ADACAA8F-3595-47FE-9C31-9C7471B9BEC7} - hxxp://194.206.101.89/cab/OCXChecker_8000.cab
DPF: {DBAFE6AD-DC14-45DF-A3F7-F8832289A1CD} - hxxp://194.206.101.89/cab/DownloadFile_8110.cab
FF - ProfilePath - c:\documents and settings\MANUEL\Application Data\Mozilla\Firefox\Profiles\xwdf86mp.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT1978305&SearchSource=3&q=
FF - component: c:\documents and settings\MANUEL\Application Data\Mozilla\Firefox\Profiles\xwdf86mp.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\platform\WINNT_x86-msvc\components\SSSLauncher.dll
FF - component: c:\documents and settings\MANUEL\Application Data\Mozilla\Firefox\Profiles\xwdf86mp.default\extensions\{d51d388b-f5dc-471a-a1ce-5e2d671091c0}\components\FFAlert.dll
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-21 17:20:43
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\Ø•€|ÿÿÿÿ•€|ù•9~*]
"C040510900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\HPZipm12.exe
c:\progra~1\MICROS~2\rapimgr.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wscntfy.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\program files\MSN Messenger\usnsvc.exe
.
**************************************************************************
.
Heure de fin: 2009-02-21 17:30:32 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-02-21 16:30:06

Avant-CF: 17 457 680 384 octets libres
Après-CF: 17,858,965,504 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /fastdetect /NoExecute=OptIn

311 --- E O F --- 2009-02-11 20:44:05