Pub CID

voila ce que ca donne


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz )
BIOS : Ver 1.00PARTTBL1
USER : Daphné ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
C:\ (Local Disk) - FAT32 - Total:53 Go (Free:23 Go)
D:\ (Local Disk) - FAT32 - Total:53 Go (Free:2 Go)
E:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (CD or DVD)
I:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 03/03/2009|19:19 )

--------------------\\ Listing des dossiers dans APPLIC~1

[15/04/2005|14:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[29/01/2008|00:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[15/04/2005|14:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[03/10/2008|18:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[01/02/2009|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[02/07/2007|22:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[02/02/2007|20:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[11/04/2007|10:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[07/05/2008|03:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[14/05/2007|20:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[02/02/2009|09:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FaxCtr
[11/03/2007|10:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[26/11/2007|02:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[23/03/2008|00:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\hide cool shim link
[15/04/2005|14:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[06/06/2007|08:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[31/01/2007|20:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[25/06/2007|17:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[06/02/2009|14:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[09/06/2006|15:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[27/11/2007|11:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[03/02/2007|19:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[24/02/2008|20:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[07/05/2008|00:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[07/02/2009|17:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[15/04/2005|14:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[15/04/2005|14:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[15/04/2005|14:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[15/04/2005|14:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[31/01/2007|20:34] C:\DOCUME~1\BRU\APPLIC~1\Adobe
[31/01/2007|20:36] C:\DOCUME~1\BRU\APPLIC~1\AdobeUM
[02/02/2007|20:55] C:\DOCUME~1\BRU\APPLIC~1\Apple Computer
[11/04/2007|10:26] C:\DOCUME~1\BRU\APPLIC~1\Autodesk
[07/05/2008|03:26] C:\DOCUME~1\BRU\APPLIC~1\AVGTOOLBAR
[25/01/2008|16:52] C:\DOCUME~1\BRU\APPLIC~1\BSplayer
[25/01/2008|16:52] C:\DOCUME~1\BRU\APPLIC~1\BSplayer Pro
[14/05/2007|20:53] C:\DOCUME~1\BRU\APPLIC~1\CyberLink
[06/02/2008|01:23] C:\DOCUME~1\BRU\APPLIC~1\DAEMON Tools
[23/03/2008|00:36] C:\DOCUME~1\BRU\APPLIC~1\Extra thunk
[11/03/2007|11:00] C:\DOCUME~1\BRU\APPLIC~1\Google
[12/02/2008|12:34] C:\DOCUME~1\BRU\APPLIC~1\Hamachi
[14/04/2007|09:38] C:\DOCUME~1\BRU\APPLIC~1\Help
[15/04/2005|14:55] C:\DOCUME~1\BRU\APPLIC~1\Identities
[31/01/2007|23:02] C:\DOCUME~1\BRU\APPLIC~1\Macromedia
[15/04/2005|14:36] C:\DOCUME~1\BRU\APPLIC~1\Microsoft
[11/03/2007|11:19] C:\DOCUME~1\BRU\APPLIC~1\Mozilla
[03/02/2007|11:51] C:\DOCUME~1\BRU\APPLIC~1\OpenOffice.org2
[27/11/2007|11:11] C:\DOCUME~1\BRU\APPLIC~1\PC Tools
[04/02/2007|13:32] C:\DOCUME~1\BRU\APPLIC~1\SecuROM
[25/06/2007|17:02] C:\DOCUME~1\BRU\APPLIC~1\Skype
[04/10/2008|14:38] C:\DOCUME~1\BRU\APPLIC~1\skypePM
[20/09/2007|18:44] C:\DOCUME~1\BRU\APPLIC~1\Sony Corporation
[03/01/2008|22:48] C:\DOCUME~1\BRU\APPLIC~1\Sports Interactive
[01/12/2007|13:02] C:\DOCUME~1\BRU\APPLIC~1\Sun
[11/03/2007|11:19] C:\DOCUME~1\BRU\APPLIC~1\Talkback
[01/03/2007|20:17] C:\DOCUME~1\BRU\APPLIC~1\U3
[03/02/2007|10:36] C:\DOCUME~1\BRU\APPLIC~1\vlc

[26/01/2009|19:50] C:\DOCUME~1\DAPHN\APPLIC~1\Adobe
[28/01/2009|09:38] C:\DOCUME~1\DAPHN\APPLIC~1\AdobeUM
[26/01/2009|17:54] C:\DOCUME~1\DAPHN\APPLIC~1\AVGTOOLBAR
[26/01/2009|17:59] C:\DOCUME~1\DAPHN\APPLIC~1\Extra thunk
[02/02/2009|09:48] C:\DOCUME~1\DAPHN\APPLIC~1\FaxCtr
[26/01/2009|19:52] C:\DOCUME~1\DAPHN\APPLIC~1\Google
[15/04/2005|14:55] C:\DOCUME~1\DAPHN\APPLIC~1\Identities
[02/02/2009|09:13] C:\DOCUME~1\DAPHN\APPLIC~1\Lexmark Productivity Studio
[29/01/2008|00:28] C:\DOCUME~1\DAPHN\APPLIC~1\Macromedia
[15/04/2005|14:36] C:\DOCUME~1\DAPHN\APPLIC~1\Microsoft
[26/01/2009|18:01] C:\DOCUME~1\DAPHN\APPLIC~1\Mozilla
[04/02/2009|18:54] C:\DOCUME~1\DAPHN\APPLIC~1\MSNInstaller
[14/02/2009|15:50] C:\DOCUME~1\DAPHN\APPLIC~1\Sun
[26/01/2009|19:46] C:\DOCUME~1\DAPHN\APPLIC~1\Talkback
[23/02/2009|19:59] C:\DOCUME~1\DAPHN\APPLIC~1\Thunderbird

--------------------\\ Tâches planifiées dans %SystemRoot%\tasks

[03/03/2009 19:05][--a------] C:\WINDOWS\tasks\Google Software Updater.job
[03/03/2009 19:00][--ah-----] C:\WINDOWS\tasks\A7B8FD6D918B70F5.job
[25/02/2009 16:08][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[03/03/2009 19:05][--ah-----] C:\WINDOWS\tasks\SA.DAT
[10/08/2004 05:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[02/02/2009|09:03] C:\Program Files\Abbyy FineReader 6.0 Sprint
[31/01/2007|18:05] C:\Program Files\Acer
[09/06/2006|15:01] C:\Program Files\Acer Inc
[15/02/2008|14:20] C:\Program Files\Activision
[09/06/2006|15:06] C:\Program Files\Adobe
[02/02/2009|09:43] C:\Program Files\Alwil Software
[11/04/2007|10:31] C:\Program Files\AnswerWorks 4.0
[11/03/2007|14:49] C:\Program Files\Apple Software Update
[11/04/2007|10:26] C:\Program Files\AutoCAD 2006
[11/04/2007|10:24] C:\Program Files\Autodesk
[07/05/2008|03:26] C:\Program Files\AVG
[19/07/2008|00:36] C:\Program Files\AviSynth 2.5
[23/02/2009|20:54] C:\Program Files\CCleaner
[15/04/2005|14:42] C:\Program Files\ComPlus Applications
[31/01/2007|23:00] C:\Program Files\CyberLink
[06/02/2008|01:23] C:\Program Files\DAEMON Tools Lite
[03/03/2007|12:00] C:\Program Files\Design Explorer 99 SE
[20/05/2007|20:16] C:\Program Files\Dictionnaire
[15/04/2008|23:08] C:\Program Files\e-Games
[31/01/2009|11:36] C:\Program Files\Extra thunk
[15/04/2005|14:37] C:\Program Files\Fichiers communs
[09/06/2006|17:16] C:\Program Files\FrenchOtto
[09/06/2006|17:16] C:\Program Files\GemMasterFrench
[11/03/2007|10:58] C:\Program Files\Google
[17/07/2007|19:31] C:\Program Files\Guitar Pro 5
[16/09/2008|18:15] C:\Program Files\Hamachi
[09/06/2006|14:23] C:\Program Files\InstallShield Installation Information
[09/06/2006|14:20] C:\Program Files\Intel
[15/04/2005|14:44] C:\Program Files\Internet Explorer
[02/02/2007|20:52] C:\Program Files\iPod
[03/10/2008|18:13] C:\Program Files\iTunes
[04/04/2007|18:17] C:\Program Files\Java
[09/01/2008|23:42] C:\Program Files\JS USB Audio
[31/01/2007|23:02] C:\Program Files\Launch Manager
[11/03/2007|11:04] C:\Program Files\Lavasoft
[02/02/2009|09:01] C:\Program Files\Lexmark 2500 Series
[02/02/2009|09:04] C:\Program Files\Lexmark Fax Solutions
[02/02/2009|09:04] C:\Program Files\Lexmark Toolbar
[02/02/2009|09:12] C:\Program Files\Lx_cats
[18/02/2007|11:06] C:\Program Files\Microchip
[06/02/2009|20:29] C:\Program Files\Microsoft
[07/06/2007|07:48] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[15/04/2005|14:47] C:\Program Files\microsoft frontpage
[30/08/2007|21:49] C:\Program Files\Microsoft Games
[11/04/2007|10:32] C:\Program Files\Microsoft Office
[17/02/2009|11:30] C:\Program Files\Microsoft Office Outlook Connector
[23/11/2007|15:23] C:\Program Files\Microsoft Visual Studio
[23/11/2007|15:17] C:\Program Files\Microsoft Visual Studio 8
[23/11/2007|15:25] C:\Program Files\Microsoft Works
[23/11/2007|15:22] C:\Program Files\Microsoft.NET
[15/04/2005|14:41] C:\Program Files\Movie Maker
[06/02/2009|20:06] C:\Program Files\Mozilla Firefox
[23/02/2009|20:22] C:\Program Files\Mozilla Thunderbird
[23/11/2007|15:24] C:\Program Files\MSBuild
[03/02/2007|19:08] C:\Program Files\MSXML 4.0
[15/04/2005|14:44] C:\Program Files\NetMeeting
[09/06/2006|15:01] C:\Program Files\NewTech Infosystems
[09/06/2006|15:24] C:\Program Files\Norton AntiVirus
[06/02/2008|02:36] C:\Program Files\Ocean Technology
[15/04/2005|14:42] C:\Program Files\Online Services
[03/02/2007|11:29] C:\Program Files\OpenOffice.org 2.1
[15/04/2005|14:44] C:\Program Files\Outlook Express
[22/03/2008|16:14] C:\Program Files\PopCap Games
[03/10/2008|18:11] C:\Program Files\QuickTime
[09/06/2006|14:23] C:\Program Files\Realtek
[02/11/2007|17:23] C:\Program Files\scilab-4.1.2
[15/04/2005|14:45] C:\Program Files\Services en ligne
[16/03/2008|16:10] C:\Program Files\Sierra On-Line
[20/09/2007|18:14] C:\Program Files\Sony
[12/12/2007|16:21] C:\Program Files\SopCast
[06/02/2009|14:46] C:\Program Files\Spybot - Search & Destroy
[27/11/2007|11:11] C:\Program Files\Spyware Doctor
[09/06/2006|15:23] C:\Program Files\Symantec
[09/06/2006|14:23] C:\Program Files\Synaptics
[03/03/2009|18:16] C:\Program Files\Trend Micro
[15/04/2005|14:55] C:\Program Files\Uninstall Information
[29/02/2008|18:53] C:\Program Files\Valve
[03/02/2007|10:35] C:\Program Files\VideoLAN
[25/01/2008|16:52] C:\Program Files\Webteh
[06/02/2009|20:27] C:\Program Files\Windows Live
[06/02/2009|20:28] C:\Program Files\Windows Live SkyDrive
[25/03/2007|12:42] C:\Program Files\Windows Media Connect 2
[15/04/2005|14:42] C:\Program Files\Windows Media Player
[15/04/2005|14:41] C:\Program Files\Windows NT
[15/04/2005|14:42] C:\Program Files\Windows Plus
[15/04/2005|14:45] C:\Program Files\WindowsUpdate
[31/01/2007|18:04] C:\Program Files\WinPCap
[01/02/2007|00:55] C:\Program Files\WinRAR
[15/04/2005|14:47] C:\Program Files\xerox
[03/01/2008|22:41] C:\Program Files\Zero G Registry
[07/02/2009|17:13] C:\Program Files\Zylom Games

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[31/01/2007|18:06] C:\Program Files\Fichiers communs\Acer
[01/02/2009|18:55] C:\Program Files\Fichiers communs\Adobe
[02/07/2007|22:47] C:\Program Files\Fichiers communs\Apple
[11/04/2007|10:24] C:\Program Files\Fichiers communs\Autodesk Shared
[11/04/2007|10:31] C:\Program Files\Fichiers communs\Designer
[01/02/2007|01:38] C:\Program Files\Fichiers communs\DirectX
[09/06/2006|14:23] C:\Program Files\Fichiers communs\InstallShield
[04/04/2007|18:14] C:\Program Files\Fichiers communs\Java
[31/01/2007|18:06] C:\Program Files\Fichiers communs\Logitech
[15/04/2005|14:37] C:\Program Files\Fichiers communs\Microsoft Shared
[15/04/2005|14:44] C:\Program Files\Fichiers communs\MSSoap
[09/06/2006|15:02] C:\Program Files\Fichiers communs\muvee Technologies
[09/06/2006|15:01] C:\Program Files\Fichiers communs\NewTech Infosystems
[03/03/2007|12:00] C:\Program Files\Fichiers communs\Novell Shared
[15/04/2005|14:37] C:\Program Files\Fichiers communs\ODBC
[15/04/2005|14:44] C:\Program Files\Fichiers communs\Services
[15/04/2005|14:37] C:\Program Files\Fichiers communs\SpeechEngines
[09/06/2006|15:23] C:\Program Files\Fichiers communs\Symantec Shared
[15/04/2005|14:44] C:\Program Files\Fichiers communs\System
[06/02/2009|20:16] C:\Program Files\Fichiers communs\Windows Live
[24/02/2008|20:05] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 56 Processes )

IEXPLORE.EXE ~ [PID:2172]
IEXPLORE.EXE ~ [PID:2788]
IEXPLORE.EXE ~ [PID:2820]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\DOCUME~1\ALLUSE~1\APPLIC~1\hide cool shim link
C:\DOCUME~1\ALLUSE~1\APPLIC~1\hide cool shim link\TONS JUGS.exe
C:\DOCUME~1\ALLUSE~1\APPLIC~1\hide cool shim link\TONS JUGS.dat

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SHIM LINK FREE BALL"="C:\\Documents and Settings\\All Users\\Application Data\\hide cool shim link\\TONS JUGS.exe"

--------------------\\ Verification du fichier Hosts

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

-> 10024 [ 70 ## added by CiD ]

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-03 19:20:55
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:9][D:1]-> C:\DOCUME~1\DAPHN\LOCALS~1\Temp
[F:11][D:0]-> C:\DOCUME~1\DAPHN\Cookies
[F:8][D:3]-> C:\DOCUME~1\DAPHN\LOCALS~1\TEMPOR~1\content.IE5
[F:2][D:0]-> C:\Recycled

1 - "C:\Lop SD\LopR_1.txt" - 03/03/2009|19:21 - Option : [1]

--------------------\\ Fin du rapport a 19:21:22

alors voila apres l'etape 2 :


--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 CPU T5500 @ 1.66GHz )
BIOS : Ver 1.00PARTTBL1
USER : Daphné ( Administrator )
BOOT : Normal boot
Antivirus : AVG Anti-Virus Free 8.0 (Activated)
Firewall : Norton Internet Worm Protection 2006 (Not Activated)
C:\ (Local Disk) - FAT32 - Total:53 Go (Free:23 Go)
D:\ (Local Disk) - FAT32 - Total:53 Go (Free:2 Go)
E:\ (CD or DVD)
G:\ (CD or DVD)
H:\ (CD or DVD)
I:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 03/03/2009|20:21 )


\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\hide cool shim link\TONS JUGS.exe
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\hide cool shim link\TONS JUGS.dat
Supprime! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\hide cool shim link
-
[ Fichier Hosts ] .. Restaure!

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\


--------------------\\ Listing des dossiers dans APPLIC~1

[15/04/2005|14:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[29/01/2008|00:28] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Macromedia
[15/04/2005|14:36] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[03/10/2008|18:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[01/02/2009|18:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[02/07/2007|22:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[02/02/2007|20:53] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[11/04/2007|10:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk
[07/05/2008|03:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\avg8
[14/05/2007|20:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
[02/02/2009|09:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\FaxCtr
[11/03/2007|10:59] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[26/11/2007|02:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
[15/04/2005|14:36] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[06/06/2007|08:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[31/01/2007|20:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\nView_Profiles
[25/06/2007|17:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[06/02/2009|14:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[09/06/2006|15:23] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[27/11/2007|11:12] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[03/02/2007|19:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[24/02/2008|20:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[07/05/2008|00:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! Companion
[07/02/2009|17:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Zylom

[15/04/2005|14:36] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[15/04/2005|14:36] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[15/04/2005|14:55] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[15/04/2005|14:36] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft

[31/01/2007|20:34] C:\DOCUME~1\BRU\APPLIC~1\Adobe
[31/01/2007|20:36] C:\DOCUME~1\BRU\APPLIC~1\AdobeUM
[02/02/2007|20:55] C:\DOCUME~1\BRU\APPLIC~1\Apple Computer
[11/04/2007|10:26] C:\DOCUME~1\BRU\APPLIC~1\Autodesk
[07/05/2008|03:26] C:\DOCUME~1\BRU\APPLIC~1\AVGTOOLBAR
[25/01/2008|16:52] C:\DOCUME~1\BRU\APPLIC~1\BSplayer
[25/01/2008|16:52] C:\DOCUME~1\BRU\APPLIC~1\BSplayer Pro
[14/05/2007|20:53] C:\DOCUME~1\BRU\APPLIC~1\CyberLink
[06/02/2008|01:23] C:\DOCUME~1\BRU\APPLIC~1\DAEMON Tools
[23/03/2008|00:36] C:\DOCUME~1\BRU\APPLIC~1\Extra thunk
[11/03/2007|11:00] C:\DOCUME~1\BRU\APPLIC~1\Google
[12/02/2008|12:34] C:\DOCUME~1\BRU\APPLIC~1\Hamachi
[14/04/2007|09:38] C:\DOCUME~1\BRU\APPLIC~1\Help
[15/04/2005|14:55] C:\DOCUME~1\BRU\APPLIC~1\Identities
[31/01/2007|23:02] C:\DOCUME~1\BRU\APPLIC~1\Macromedia
[15/04/2005|14:36] C:\DOCUME~1\BRU\APPLIC~1\Microsoft
[11/03/2007|11:19] C:\DOCUME~1\BRU\APPLIC~1\Mozilla
[03/02/2007|11:51] C:\DOCUME~1\BRU\APPLIC~1\OpenOffice.org2
[27/11/2007|11:11] C:\DOCUME~1\BRU\APPLIC~1\PC Tools
[04/02/2007|13:32] C:\DOCUME~1\BRU\APPLIC~1\SecuROM
[25/06/2007|17:02] C:\DOCUME~1\BRU\APPLIC~1\Skype
[04/10/2008|14:38] C:\DOCUME~1\BRU\APPLIC~1\skypePM
[20/09/2007|18:44] C:\DOCUME~1\BRU\APPLIC~1\Sony Corporation
[03/01/2008|22:48] C:\DOCUME~1\BRU\APPLIC~1\Sports Interactive
[01/12/2007|13:02] C:\DOCUME~1\BRU\APPLIC~1\Sun
[11/03/2007|11:19] C:\DOCUME~1\BRU\APPLIC~1\Talkback
[01/03/2007|20:17] C:\DOCUME~1\BRU\APPLIC~1\U3
[03/02/2007|10:36] C:\DOCUME~1\BRU\APPLIC~1\vlc

[26/01/2009|19:50] C:\DOCUME~1\DAPHN\APPLIC~1\Adobe
[28/01/2009|09:38] C:\DOCUME~1\DAPHN\APPLIC~1\AdobeUM
[26/01/2009|17:54] C:\DOCUME~1\DAPHN\APPLIC~1\AVGTOOLBAR
[26/01/2009|17:59] C:\DOCUME~1\DAPHN\APPLIC~1\Extra thunk
[02/02/2009|09:48] C:\DOCUME~1\DAPHN\APPLIC~1\FaxCtr
[26/01/2009|19:52] C:\DOCUME~1\DAPHN\APPLIC~1\Google
[15/04/2005|14:55] C:\DOCUME~1\DAPHN\APPLIC~1\Identities
[02/02/2009|09:13] C:\DOCUME~1\DAPHN\APPLIC~1\Lexmark Productivity Studio
[29/01/2008|00:28] C:\DOCUME~1\DAPHN\APPLIC~1\Macromedia
[15/04/2005|14:36] C:\DOCUME~1\DAPHN\APPLIC~1\Microsoft
[26/01/2009|18:01] C:\DOCUME~1\DAPHN\APPLIC~1\Mozilla
[04/02/2009|18:54] C:\DOCUME~1\DAPHN\APPLIC~1\MSNInstaller
[14/02/2009|15:50] C:\DOCUME~1\DAPHN\APPLIC~1\Sun
[26/01/2009|19:46] C:\DOCUME~1\DAPHN\APPLIC~1\Talkback
[23/02/2009|19:59] C:\DOCUME~1\DAPHN\APPLIC~1\Thunderbird

--------------------\\ Tâches planifiées dans %SystemRoot%\tasks

[03/03/2009 19:05][--a------] C:\WINDOWS\tasks\Google Software Updater.job
[03/03/2009 20:00][--ah-----] C:\WINDOWS\tasks\A7B8FD6D918B70F5.job
[25/02/2009 16:08][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[03/03/2009 19:05][--ah-----] C:\WINDOWS\tasks\SA.DAT
[10/08/2004 05:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[02/02/2009|09:03] C:\Program Files\Abbyy FineReader 6.0 Sprint
[31/01/2007|18:05] C:\Program Files\Acer
[09/06/2006|15:01] C:\Program Files\Acer Inc
[15/02/2008|14:20] C:\Program Files\Activision
[09/06/2006|15:06] C:\Program Files\Adobe
[02/02/2009|09:43] C:\Program Files\Alwil Software
[11/04/2007|10:31] C:\Program Files\AnswerWorks 4.0
[11/03/2007|14:49] C:\Program Files\Apple Software Update
[11/04/2007|10:26] C:\Program Files\AutoCAD 2006
[11/04/2007|10:24] C:\Program Files\Autodesk
[07/05/2008|03:26] C:\Program Files\AVG
[19/07/2008|00:36] C:\Program Files\AviSynth 2.5
[23/02/2009|20:54] C:\Program Files\CCleaner
[15/04/2005|14:42] C:\Program Files\ComPlus Applications
[31/01/2007|23:00] C:\Program Files\CyberLink
[06/02/2008|01:23] C:\Program Files\DAEMON Tools Lite
[03/03/2007|12:00] C:\Program Files\Design Explorer 99 SE
[20/05/2007|20:16] C:\Program Files\Dictionnaire
[15/04/2008|23:08] C:\Program Files\e-Games
[31/01/2009|11:36] C:\Program Files\Extra thunk
[15/04/2005|14:37] C:\Program Files\Fichiers communs
[09/06/2006|17:16] C:\Program Files\FrenchOtto
[09/06/2006|17:16] C:\Program Files\GemMasterFrench
[11/03/2007|10:58] C:\Program Files\Google
[17/07/2007|19:31] C:\Program Files\Guitar Pro 5
[16/09/2008|18:15] C:\Program Files\Hamachi
[09/06/2006|14:23] C:\Program Files\InstallShield Installation Information
[09/06/2006|14:20] C:\Program Files\Intel
[15/04/2005|14:44] C:\Program Files\Internet Explorer
[02/02/2007|20:52] C:\Program Files\iPod
[03/10/2008|18:13] C:\Program Files\iTunes
[04/04/2007|18:17] C:\Program Files\Java
[09/01/2008|23:42] C:\Program Files\JS USB Audio
[31/01/2007|23:02] C:\Program Files\Launch Manager
[11/03/2007|11:04] C:\Program Files\Lavasoft
[02/02/2009|09:01] C:\Program Files\Lexmark 2500 Series
[02/02/2009|09:04] C:\Program Files\Lexmark Fax Solutions
[02/02/2009|09:04] C:\Program Files\Lexmark Toolbar
[02/02/2009|09:12] C:\Program Files\Lx_cats
[18/02/2007|11:06] C:\Program Files\Microchip
[06/02/2009|20:29] C:\Program Files\Microsoft
[07/06/2007|07:48] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[15/04/2005|14:47] C:\Program Files\microsoft frontpage
[30/08/2007|21:49] C:\Program Files\Microsoft Games
[11/04/2007|10:32] C:\Program Files\Microsoft Office
[17/02/2009|11:30] C:\Program Files\Microsoft Office Outlook Connector
[23/11/2007|15:23] C:\Program Files\Microsoft Visual Studio
[23/11/2007|15:17] C:\Program Files\Microsoft Visual Studio 8
[23/11/2007|15:25] C:\Program Files\Microsoft Works
[23/11/2007|15:22] C:\Program Files\Microsoft.NET
[15/04/2005|14:41] C:\Program Files\Movie Maker
[06/02/2009|20:06] C:\Program Files\Mozilla Firefox
[23/02/2009|20:22] C:\Program Files\Mozilla Thunderbird
[23/11/2007|15:24] C:\Program Files\MSBuild
[03/02/2007|19:08] C:\Program Files\MSXML 4.0
[15/04/2005|14:44] C:\Program Files\NetMeeting
[09/06/2006|15:01] C:\Program Files\NewTech Infosystems
[09/06/2006|15:24] C:\Program Files\Norton AntiVirus
[06/02/2008|02:36] C:\Program Files\Ocean Technology
[15/04/2005|14:42] C:\Program Files\Online Services
[03/02/2007|11:29] C:\Program Files\OpenOffice.org 2.1
[15/04/2005|14:44] C:\Program Files\Outlook Express
[22/03/2008|16:14] C:\Program Files\PopCap Games
[03/10/2008|18:11] C:\Program Files\QuickTime
[09/06/2006|14:23] C:\Program Files\Realtek
[02/11/2007|17:23] C:\Program Files\scilab-4.1.2
[15/04/2005|14:45] C:\Program Files\Services en ligne
[16/03/2008|16:10] C:\Program Files\Sierra On-Line
[20/09/2007|18:14] C:\Program Files\Sony
[12/12/2007|16:21] C:\Program Files\SopCast
[06/02/2009|14:46] C:\Program Files\Spybot - Search & Destroy
[27/11/2007|11:11] C:\Program Files\Spyware Doctor
[09/06/2006|15:23] C:\Program Files\Symantec
[09/06/2006|14:23] C:\Program Files\Synaptics
[03/03/2009|18:16] C:\Program Files\Trend Micro
[15/04/2005|14:55] C:\Program Files\Uninstall Information
[29/02/2008|18:53] C:\Program Files\Valve
[03/02/2007|10:35] C:\Program Files\VideoLAN
[25/01/2008|16:52] C:\Program Files\Webteh
[06/02/2009|20:27] C:\Program Files\Windows Live
[06/02/2009|20:28] C:\Program Files\Windows Live SkyDrive
[25/03/2007|12:42] C:\Program Files\Windows Media Connect 2
[15/04/2005|14:42] C:\Program Files\Windows Media Player
[15/04/2005|14:41] C:\Program Files\Windows NT
[15/04/2005|14:42] C:\Program Files\Windows Plus
[15/04/2005|14:45] C:\Program Files\WindowsUpdate
[31/01/2007|18:04] C:\Program Files\WinPCap
[01/02/2007|00:55] C:\Program Files\WinRAR
[15/04/2005|14:47] C:\Program Files\xerox
[03/01/2008|22:41] C:\Program Files\Zero G Registry
[07/02/2009|17:13] C:\Program Files\Zylom Games

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[31/01/2007|18:06] C:\Program Files\Fichiers communs\Acer
[01/02/2009|18:55] C:\Program Files\Fichiers communs\Adobe
[02/07/2007|22:47] C:\Program Files\Fichiers communs\Apple
[11/04/2007|10:24] C:\Program Files\Fichiers communs\Autodesk Shared
[11/04/2007|10:31] C:\Program Files\Fichiers communs\Designer
[01/02/2007|01:38] C:\Program Files\Fichiers communs\DirectX
[09/06/2006|14:23] C:\Program Files\Fichiers communs\InstallShield
[04/04/2007|18:14] C:\Program Files\Fichiers communs\Java
[31/01/2007|18:06] C:\Program Files\Fichiers communs\Logitech
[15/04/2005|14:37] C:\Program Files\Fichiers communs\Microsoft Shared
[15/04/2005|14:44] C:\Program Files\Fichiers communs\MSSoap
[09/06/2006|15:02] C:\Program Files\Fichiers communs\muvee Technologies
[09/06/2006|15:01] C:\Program Files\Fichiers communs\NewTech Infosystems
[03/03/2007|12:00] C:\Program Files\Fichiers communs\Novell Shared
[15/04/2005|14:37] C:\Program Files\Fichiers communs\ODBC
[15/04/2005|14:44] C:\Program Files\Fichiers communs\Services
[15/04/2005|14:37] C:\Program Files\Fichiers communs\SpeechEngines
[09/06/2006|15:23] C:\Program Files\Fichiers communs\Symantec Shared
[15/04/2005|14:44] C:\Program Files\Fichiers communs\System
[06/02/2009|20:16] C:\Program Files\Fichiers communs\Windows Live
[24/02/2008|20:05] C:\Program Files\Fichiers communs\WindowsLiveInstaller

--------------------\\ Process

( 52 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts MODIFIE

127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
127.0.0.1 download.cdn.errorsafe.com ## added by CiD
127.0.0.1 download.cdn.winsoftware.com ## added by CiD
127.0.0.1 download.errorsafe.com ## added by CiD
127.0.0.1 download.systemdoctor.com ## added by CiD
127.0.0.1 download.winantispyware.com ## added by CiD
127.0.0.1 download.windrivecleaner.com ## added by CiD
127.0.0.1 download.winfixer.com ## added by CiD
127.0.0.1 drivecleaner.com ## added by CiD
127.0.0.1 dynamique.drivecleaner.com ## added by CiD
127.0.0.1 errorprotector.com ## added by CiD
127.0.0.1 errorsafe.com ## added by CiD
127.0.0.1 es.winantivirus.com ## added by CiD
127.0.0.1 fr.winantivirus.com ## added by CiD
127.0.0.1 fr.winfixer.com ## added by CiD
127.0.0.1 go.drivecleaner.com ## added by CiD
127.0.0.1 go.errorsafe.com ## added by CiD
127.0.0.1 go.winantispyware.com ## added by CiD
127.0.0.1 go.winantivirus.com ## added by CiD
127.0.0.1 hk.winantivirus.com ## added by CiD
127.0.0.1 instlog.errorsafe.com ## added by CiD
127.0.0.1 instlog.winantivirus.com ## added by CiD
127.0.0.1 instlog.winfixer.com ## added by CiD
127.0.0.1 jsp.drivecleaner.com ## added by CiD
127.0.0.1 kb.errorsafe.com ## added by CiD
127.0.0.1 kb.winantivirus.com ## added by CiD
127.0.0.1 nl.errorsafe.com ## added by CiD
127.0.0.1 se.errorsafe.com ## added by CiD
127.0.0.1 secure.drivecleaner.com ## added by CiD
127.0.0.1 secure.errorsafe.com ## added by CiD
127.0.0.1 secure.winantispam.com ## added by CiD
127.0.0.1 secure.winantispy.com ## added by CiD
127.0.0.1 secure.winantivirus.com ## added by CiD
127.0.0.1 support.winantivirus.com ## added by CiD
127.0.0.1 trial.updates.winsoftware.com ## added by CiD
127.0.0.1 ulog.winantivirus.com ## added by CiD
127.0.0.1 utils.errorsafe.com ## added by CiD
127.0.0.1 utils.winantivirus.com ## added by CiD
127.0.0.1 utils.winfixer.com ## added by CiD
127.0.0.1 winantispyware.com ## added by CiD
127.0.0.1 winantivirus.com ## added by CiD
127.0.0.1 winfixer.com ## added by CiD
127.0.0.1 winfixer2006.com ## added by CiD
127.0.0.1 winsoftware.com ## added by CiD
127.0.0.1 [i]ww/iw.drivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.errorprotector.com ## added by CiD
127.0.0.1 [i]ww/iw.errorsafe.com ## added by CiD
127.0.0.1 [i]ww/iw.systemdoctor.com ## added by CiD
127.0.0.1 [i]ww/iw.utils.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.win-anti-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.win-virus-pro.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispam.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispy.com ## added by CiD
127.0.0.1 [i]ww/iw.winantispyware.com ## added by CiD
127.0.0.1 [i]ww/iw.winantivirus.com ## added by CiD
127.0.0.1 [i]ww/iw.winantiviruspro.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivecleaner.com ## added by CiD
127.0.0.1 [i]ww/iw.windrivesafe.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer.com ## added by CiD
127.0.0.1 [i]ww/iw.winfixer2006.com ## added by CiD
127.0.0.1 [i]ww/iw.winsoftware.com ## added by CiD

-> 10024 [ 70 ## added by CiD ]

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-03 20:23:25
Windows 5.1.2600 Service Pack 3 FAT NTAPI
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:7][D:2]-> C:\DOCUME~1\DAPHN\LOCALS~1\Temp
[F:11][D:0]-> C:\DOCUME~1\DAPHN\Cookies
[F:16][D:4]-> C:\DOCUME~1\DAPHN\LOCALS~1\TEMPOR~1\content.IE5
[F:2][D:0]-> C:\Recycled

1 - "C:\Lop SD\LopR_1.txt" - 03/03/2009|19:21 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 03/03/2009|20:23 - Option : [2]

--------------------\\ Fin du rapport a 20:23:52

et le hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:47:12, on 03/03/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\crypserv.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Lexmark 2500 Series\lxddmon.exe
C:\Program Files\Lexmark 2500 Series\lxddamon.exe
C:\WINDOWS\system32\lxddcoms.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ycomp/defaults/sp/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\WINDOWS\system32\eDStoolbar.dll
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Lexmark Barre d'outils - {1017A80C-6F09-4548-A84D-EDD6AC9525F0} - C:\Program Files\Lexmark Toolbar\toolband.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CmUsbSound] RunDll32 cmcnfgu.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKLM\..\Run: [lxddmon.exe] "C:\Program Files\Lexmark 2500 Series\lxddmon.exe"
O4 - HKLM\..\Run: [lxddamon] "C:\Program Files\Lexmark 2500 Series\lxddamon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Owns Real] C:\DOCUME~1\DAPHNÉ\APPLIC~1\EXTRAT~1\Default bold anti.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~4\GOEC62~1.DLL,avgrsstx.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Crypkey License - Unknown owner - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxddCATSCustConnectService - Lexmark International, Inc. - C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\\lxddserv.exe
O23 - Service: lxdd_device - - C:\WINDOWS\system32\lxddcoms.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe

voila le rapport de Cfix :

ComboFix 09-03-04.01 - Daphné 2009-03-05 13:06:04.2 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1022.541 [GMT 1:00]
Lancé depuis: c:\documents and settings\Daphné\Bureau\C-Fix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated)
FW: Norton Internet Worm Protection *disabled*
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Exécution préalable -------
.
c:\windows\system32\drivers\npf.sys
c:\windows\system32\packet.dll
c:\windows\system32\pthreadVC.dll
c:\windows\system32\WanPacket.dll
c:\windows\system32\wpcap.dll

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_NPF


((((((((((((((((((((((((((((( Fichiers créés du 2009-02-05 au 2009-03-05 ))))))))))))))))))))))))))))))))))))
.

2009-03-03 19:18 . 2009-03-03 19:18 <REP> d-------- C:\Lop SD
2009-03-03 18:16 . 2009-03-03 18:16 <REP> d-------- c:\program files\Trend Micro
2009-02-23 20:54 . 2009-02-23 20:54 <REP> d-------- c:\program files\CCleaner
2009-02-23 19:59 . 2009-02-23 19:59 <REP> d-------- c:\documents and settings\Daphné\Application Data\Thunderbird
2009-02-17 11:30 . 2009-02-17 11:30 <REP> d-------- c:\program files\Microsoft Office Outlook Connector
2009-02-07 17:13 . 2009-02-07 17:13 <REP> d-------- c:\program files\Zylom Games
2009-02-07 17:13 . 2009-02-07 17:13 <REP> d-------- c:\documents and settings\All Users\Application Data\Zylom
2009-02-06 20:46 . 2009-02-06 20:47 <REP> d-------- c:\documents and settings\Daphné\Tracing
2009-02-06 20:46 . 2009-02-06 20:47 <REP> d-------- c:\documents and settings\Daphné\Tracing
2009-02-06 20:29 . 2009-02-06 20:29 <REP> d-------- c:\program files\Microsoft
2009-02-06 20:28 . 2009-02-06 20:28 <REP> d-------- c:\program files\Windows Live SkyDrive
2009-02-06 20:27 . 2009-02-06 20:27 <REP> d-------- c:\program files\Windows Live
2009-02-06 20:16 . 2009-02-06 20:16 <REP> d-------- c:\program files\Fichiers communs\Windows Live
2009-02-06 18:52 . 2009-02-06 18:52 49,504 --a------ c:\windows\system32\sirenacm.dll
2009-02-06 14:46 . 2009-02-06 14:46 <REP> d-------- c:\program files\Spybot - Search & Destroy
2009-02-06 14:46 . 2009-02-06 14:46 <REP> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-04 18:37 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-03-04 18:37 10,520 ----a-w c:\windows\system32\avgrsstx.dll
2009-02-04 17:54 --------- d-----w c:\documents and settings\Daphné\Application Data\MSNInstaller
2009-02-02 08:48 --------- d-----w c:\documents and settings\Daphné\Application Data\FaxCtr
2009-02-02 08:43 --------- d-----w c:\program files\Alwil Software
2009-02-02 08:13 --------- d-----w c:\documents and settings\Daphné\Application Data\Lexmark Productivity Studio
2009-02-02 08:12 --------- d-----w c:\program files\Lx_cats
2009-02-02 08:06 --------- d-----w c:\documents and settings\All Users\Application Data\FaxCtr
2009-02-02 08:04 --------- d-----w c:\program files\Lexmark Toolbar
2009-02-02 08:04 --------- d-----w c:\program files\Lexmark Fax Solutions
2009-02-02 08:03 --------- d-----w c:\program files\Abbyy FineReader 6.0 Sprint
2009-02-02 08:01 --------- d-----w c:\program files\Lexmark 2500 Series
2009-02-01 17:55 --------- d-----w c:\program files\Fichiers communs\Adobe
2009-01-31 10:36 --------- d-----w c:\program files\Extra thunk
2009-01-28 08:47 81,288 ----a-w c:\windows\system32\drivers\iksyssec.sys
2009-01-28 08:47 66,952 ----a-w c:\windows\system32\drivers\iksysflt.sys
2009-01-28 08:47 40,840 ----a-w c:\windows\system32\drivers\ikfilesec.sys
2009-01-28 08:38 --------- d-----w c:\documents and settings\Daphné\Application Data\AdobeUM
2009-01-26 18:46 --------- d-----w c:\documents and settings\Daphné\Application Data\Talkback
2009-01-26 16:59 --------- d-----w c:\documents and settings\Daphné\Application Data\Extra thunk
2009-01-26 16:54 --------- d-----w c:\documents and settings\Daphné\Application Data\AVGTOOLBAR
2009-01-16 20:15 3,594,752 ----a-w c:\windows\system32\dllcache\mshtml.dll
2008-12-20 21:47 826,368 ----a-w c:\windows\system32\wininet.dll
2008-12-20 21:47 826,368 ----a-w c:\windows\system32\dllcache\wininet.dll
2008-12-20 21:47 671,232 ----a-w c:\windows\system32\dllcache\mstime.dll
2008-12-20 21:47 477,696 ----a-w c:\windows\system32\dllcache\mshtmled.dll
2008-12-20 21:47 44,544 ----a-w c:\windows\system32\dllcache\pngfilt.dll
2008-12-20 21:47 233,472 ----a-w c:\windows\system32\dllcache\webcheck.dll
2008-12-20 21:47 193,024 ----a-w c:\windows\system32\dllcache\msrating.dll
2008-12-20 21:47 105,984 ----a-w c:\windows\system32\dllcache\url.dll
2008-12-20 21:47 102,912 ----a-w c:\windows\system32\dllcache\occache.dll
2008-12-20 21:47 1,160,192 ----a-w c:\windows\system32\dllcache\urlmon.dll
2008-12-19 08:11 70,656 ----a-w c:\windows\system32\dllcache\ie4uinit.exe
2008-12-19 08:10 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
2008-12-19 04:25 634,024 ----a-w c:\windows\system32\dllcache\iexplore.exe
2008-12-19 04:23 161,792 ----a-w c:\windows\system32\dllcache\ieakui.dll
2008-12-11 09:57 333,952 ------w c:\windows\system32\dllcache\srv.sys
2008-10-04 13:38 32 ----a-w c:\documents and settings\All Users\Application Data\ezsid.dat
2008-02-15 13:27 22,328 ----a-w c:\documents and settings\Bru\Application Data\PnkBstrK.sys
2007-01-31 16:41 251 ----a-w c:\program files\wt3d.ini
.

((((((((((((((((((((((((((((( SnapShot@2009-03-04_20.52.27.48 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-03-05 11:51:42 16,384 ----a-w c:\windows\Temp\Perflib_Perfdata_54c.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"Owns Real"="c:\docume~1\DAPHNÉ\APPLIC~1\EXTRAT~1\Default bold anti.exe" [2009-01-31 663552]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2009-01-20 1451248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"preload"="c:\windows\RUNXMLPL.exe" [2005-05-19 32768]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-12-16 761945]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2006-06-23 225280]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-01-19 7397376]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-03-30 421888]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-03-04 1601304]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2009-01-28 1168264]
"lxddmon.exe"="c:\program files\Lexmark 2500 Series\lxddmon.exe" [2007-06-11 291760]
"lxddamon"="c:\program files\Lexmark 2500 Series\lxddamon.exe" [2007-04-30 20480]
"FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" [2007-06-11 312240]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"AGRSMMSG"="AGRSMMSG.exe" [2005-12-12 c:\windows\AGRSMMSG.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 c:\windows\Rthdcpl.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]
"CmUsbSound"="cmcnfgu.cpl" [BU]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [BU]

c:\documents and settings\Bru\Menu D‚marrer\Programmes\D‚marrage\
Outil de d‚tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2007-09-20 344064]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-03-04 19:37 10520 c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"SENTINEL"= snti386.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acer Empowering Technology.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Acer Empowering Technology.lnk
backup=c:\windows\pss\Acer Empowering Technology.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^AutoCAD Startup Accelerator.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\AutoCAD Startup Accelerator.lnk
backup=c:\windows\pss\AutoCAD Startup Accelerator.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Outil de mise à jour Google.lnk
backup=c:\windows\pss\Outil de mise à jour Google.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdVantage]
c:\program files\AdVantage\AdVantage.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
--a------ 2006-03-15 22:12 579584 c:\acer\Empowering Technology\ePower\Boot.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
c:\program files\Fichiers communs\Symantec Shared\ccApp.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
--a------ 2006-03-30 18:47 421888 c:\acer\Empowering Technology\ePower\ePower_DMC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
--a------ 2008-04-27 19:48 29744 c:\program files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-10-01 18:57 289576 c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2009-02-06 18:51 3885408 c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-09-06 15:09 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SHIM LINK FREE BALL]
c:\documents and settings\All Users\Application Data\hide cool shim link\idol kind.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-07-23 15:05 68856 c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=2 (0x2)
"GoogleDesktopManager-022208-143751"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\WINDOWS\\System32\\PnkBstrA.exe"=
"c:\\WINDOWS\\System32\\PnkBstrB.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\System32\\lxddcoms.exe"=
"c:\\WINDOWS\\System32\\SPOOL\\DRIVERS\\W32X86\\3\\lxddPSWX.EXE"=
"c:\\WINDOWS\\System32\\SPOOL\\DRIVERS\\W32X86\\3\\lxddjswx.exe"=
"c:\\WINDOWS\\System32\\SPOOL\\DRIVERS\\W32X86\\3\\LXDDtime.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Lexmark 2500 Series\\lxddamon.exe"=
"c:\\Program Files\\Lexmark 2500 Series\\lxddmon.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"135:TCP"= 135:TCP:TCP Port 135
"5000:TCP"= 5000:TCP:TCP Port 5000
"5001:TCP"= 5001:TCP:TCP Port 5001
"5002:TCP"= 5002:TCP:TCP Port 5002
"5003:TCP"= 5003:TCP:TCP Port 5003
"5004:TCP"= 5004:TCP:TCP Port 5004
"5005:TCP"= 5005:TCP:TCP Port 5005
"5006:TCP"= 5006:TCP:TCP Port 5006
"5007:TCP"= 5007:TCP:TCP Port 5007
"5008:TCP"= 5008:TCP:TCP Port 5008
"5009:TCP"= 5009:TCP:TCP Port 5009
"5010:TCP"= 5010:TCP:TCP Port 5010
"5011:TCP"= 5011:TCP:TCP Port 5011
"5012:TCP"= 5012:TCP:TCP Port 5012
"5013:TCP"= 5013:TCP:TCP Port 5013
"5014:TCP"= 5014:TCP:TCP Port 5014
"5015:TCP"= 5015:TCP:TCP Port 5015
"5016:TCP"= 5016:TCP:TCP Port 5016
"5017:TCP"= 5017:TCP:TCP Port 5017
"5018:TCP"= 5018:TCP:TCP Port 5018
"5019:TCP"= 5019:TCP:TCP Port 5019
"5020:TCP"= 5020:TCP:TCP Port 5020

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-05-07 325128]
R1 Hotkey;Hotkey;c:\windows\system32\drivers\HOTKEY.sys [2007-01-31 9867]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-05-07 298264]
R2 EpmPsd;Acer EPM Power Scheme Driver;c:\windows\system32\drivers\epm-psd.sys [2007-01-31 4096]
R2 EpmShd;Acer EPM System Hardware Driver;c:\windows\system32\drivers\epm-shd.sys [2007-01-31 78208]
R2 lxdd_device;lxdd_device;c:\windows\system32\lxddcoms.exe -service --> c:\windows\system32\lxddcoms.exe -service [?]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2008-03-16 356920]
R3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [2006-11-17 1097728]
S1 mailKmd;mailKmd; [x]
S1 Wbutton;Wbutton;c:\windows\system32\drivers\Wbutton.sys --> c:\windows\system32\drivers\Wbutton.sys [?]
S2 lxddCATSCustConnectService;lxddCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxddserv.exe [2009-02-02 99248]
S3 AlteraUSBBlaster;Altera USB-Blaster Device Driver;c:\windows\system32\drivers\ftdibus.sys [2008-05-12 47249]
S3 AWUsb;AWUsb;c:\windows\system32\drivers\awusb.sys [2008-05-08 17964]
S3 AWUsbInit;AWUsbInit;c:\windows\system32\drivers\awusbini.sys [2008-05-08 17384]
S3 bDMusicb;bDMusicb;\??\c:\docume~1\Bru\LOCALS~1\Temp\bDMusicb.sys --> c:\docume~1\Bru\LOCALS~1\Temp\bDMusicb.sys [?]
S3 PMUSB2G;PassMark® Software USB 2.0 Loopback plug;c:\windows\system32\drivers\PMUSB.sys [2008-10-02 18944]
S4 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2007-11-27 29744]

--- Autres Services/Pilotes en mémoire ---

*Deregistered* - mchInjDrv
.
Contenu du dossier 'Tâches planifiées'

2009-02-25 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2009-03-05 c:\windows\Tasks\A7B8FD6D918B70F5.job
- c:\docume~1\daphn []

2009-03-05 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-01 17:49]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://google.fr/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Daphné\Application Data\Mozilla\Firefox\Profiles\t4kayp6o.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: keyword.URL - chrome://google-partner/locale/partner.properties
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1487.6512\npCIDetect13.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJPI150_03.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPOJI610.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-05 13:08:53
Windows 5.1.2600 Service Pack 3 FAT NTAPI

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2009-03-05 13:10:18
ComboFix-quarantined-files.txt 2009-03-05 12:10:16

Avant-CF: 26,892,337,152 octets libres
Après-CF: 26,872,938,496 octets libres

271 --- E O F --- 2009-02-25 20:58:53




est ce qu'il faut que je refasse un hijackthis ou c'est bon?

voila le rapport


ComboFix 09-03-04.01 - Daphné 2009-03-05 17:18:29.3 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.1.1036.18.1022.546 [GMT 1:00]
Lancé depuis: c:\documents and settings\Daphné\Bureau\C-Fix.exe
Commutateurs utilisés :: c:\documents and settings\Daphné\Bureau\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated)
FW: Norton Internet Worm Protection *disabled*
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\Daphné\Application Data\Extra thunk
c:\documents and settings\Daphné\Application Data\Extra thunk\[u]0[/u]
c:\documents and settings\Daphné\Application Data\Extra thunk\Ball Admin Film.exe
c:\documents and settings\Daphné\Application Data\Extra thunk\Default bold anti.exe
c:\documents and settings\Daphné\Application Data\Extra thunk\Eq Comp Safe Load.exe
c:\documents and settings\Daphné\Application Data\Extra thunk\mmnsllfj.exe

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_mailKmd


((((((((((((((((((((((((((((( Fichiers créés du 2009-02-05 au 2009-03-05 ))))))))))))))))))))))))))))))))))))
.

2009-03-03 19:18 . 2009-03-03 19:18 <REP> d-------- C:\Lop SD
2009-03-03 18:16 . 2009-03-03 18:16 <REP> d-------- c:\program files\Trend Micro
2009-02-23 20:54 . 2009-02-23 20:54 <REP> d-------- c:\program files\CCleaner
2009-02-23 19:59 . 2009-02-23 19:59 <REP> d-------- c:\documents and settings\Daphné\Application Data\Thunderbird
2009-02-17 11:30 . 2009-02-17 11:30 <REP> d-------- c:\program files\Microsoft Office Outlook Connector
2009-02-07 17:13 . 2009-02-07 17:13 <REP> d-------- c:\program files\Zylom Games
2009-02-07 17:13 . 2009-02-07 17:13 <REP> d-------- c:\documents and settings\All Users\Application Data\Zylom
2009-02-06 20:46 . 2009-02-06 20:47 <REP> d-------- c:\documents and settings\Daphné\Tracing
2009-02-06 20:46 . 2009-02-06 20:47 <REP> d-------- c:\documents and settings\Daphné\Tracing
2009-02-06 20:29 . 2009-02-06 20:29 <REP> d-------- c:\program files\Microsoft
2009-02-06 20:28 . 2009-02-06 20:28 <REP> d-------- c:\program files\Windows Live SkyDrive
2009-02-06 20:27 . 2009-02-06 20:27 <REP> d-------- c:\program files\Windows Live
2009-02-06 20:16 . 2009-02-06 20:16 <REP> d-------- c:\program files\Fichiers communs\Windows Live
2009-02-06 18:52 . 2009-02-06 18:52 49,504 --a------ c:\windows\system32\sirenacm.dll
2009-02-06 14:46 . 2009-02-06 14:46 <REP> d-------- c:\program files\Spybot - Search & Destroy
2009-02-06 14:46 . 2009-02-06 14:46 <REP> d-------- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-04 18:37 325,128 ----a-w c:\windows\system32\drivers\avgldx86.sys
2009-03-04 18:37 10,520 ----a-w c:\windows\system32\avgrsstx.dll
2009-02-04 17:54 --------- d-----w c:\documents and settings\Daphné\Application Data\MSNInstaller
2009-02-02 08:48 --------- d-----w c:\documents and settings\Daphné\Application Data\FaxCtr
2009-02-02 08:43 --------- d-----w c:\program files\Alwil Software
2009-02-02 08:13 --------- d-----w c:\documents and settings\Daphné\Application Data\Lexmark Productivity Studio
2009-02-02 08:12 --------- d-----w c:\program files\Lx_cats
2009-02-02 08:06 --------- d-----w c:\documents and settings\All Users\Application Data\FaxCtr
2009-02-02 08:04 --------- d-----w c:\program files\Lexmark Toolbar
2009-02-02 08:04 --------- d-----w c:\program files\Lexmark Fax Solutions
2009-02-02 08:03 --------- d-----w c:\program files\Abbyy FineReader 6.0 Sprint
2009-02-02 08:01 --------- d-----w c:\program files\Lexmark 2500 Series
2009-02-01 17:55 --------- d-----w c:\program files\Fichiers communs\Adobe
2009-01-31 10:36 --------- d-----w c:\program files\Extra thunk
2009-01-28 08:47 81,288 ----a-w c:\windows\system32\drivers\iksyssec.sys
2009-01-28 08:47 66,952 ----a-w c:\windows\system32\drivers\iksysflt.sys
2009-01-28 08:47 40,840 ----a-w c:\windows\system32\drivers\ikfilesec.sys
2009-01-28 08:38 --------- d-----w c:\documents and settings\Daphné\Application Data\AdobeUM
2009-01-26 18:46 --------- d-----w c:\documents and settings\Daphné\Application Data\Talkback
2009-01-26 16:54 --------- d-----w c:\documents and settings\Daphné\Application Data\AVGTOOLBAR
2009-01-16 20:15 3,594,752 ----a-w c:\windows\system32\dllcache\mshtml.dll
2008-12-20 21:47 826,368 ----a-w c:\windows\system32\wininet.dll
2008-12-20 21:47 826,368 ----a-w c:\windows\system32\dllcache\wininet.dll
2008-12-20 21:47 671,232 ----a-w c:\windows\system32\dllcache\mstime.dll
2008-12-20 21:47 477,696 ----a-w c:\windows\system32\dllcache\mshtmled.dll
2008-12-20 21:47 44,544 ----a-w c:\windows\system32\dllcache\pngfilt.dll
2008-12-20 21:47 233,472 ----a-w c:\windows\system32\dllcache\webcheck.dll
2008-12-20 21:47 193,024 ----a-w c:\windows\system32\dllcache\msrating.dll
2008-12-20 21:47 105,984 ----a-w c:\windows\system32\dllcache\url.dll
2008-12-20 21:47 102,912 ----a-w c:\windows\system32\dllcache\occache.dll
2008-12-20 21:47 1,160,192 ----a-w c:\windows\system32\dllcache\urlmon.dll
2008-12-19 08:11 70,656 ----a-w c:\windows\system32\dllcache\ie4uinit.exe
2008-12-19 08:10 13,824 ------w c:\windows\system32\dllcache\ieudinit.exe
2008-12-19 04:25 634,024 ----a-w c:\windows\system32\dllcache\iexplore.exe
2008-12-19 04:23 161,792 ----a-w c:\windows\system32\dllcache\ieakui.dll
2008-12-11 09:57 333,952 ------w c:\windows\system32\dllcache\srv.sys
2008-10-04 13:38 32 ----a-w c:\documents and settings\All Users\Application Data\ezsid.dat
2008-02-15 13:27 22,328 ----a-w c:\documents and settings\Bru\Application Data\PnkBstrK.sys
2007-01-31 16:41 251 ----a-w c:\program files\wt3d.ini
.

((((((((((((((((((((((((((((( SnapShot@2009-03-04_20.52.27.48 )))))))))))))))))))))))))))))))))))))))))
.
+ 2009-03-05 16:22:56 16,384 ----a-w c:\windows\Temp\Perflib_Perfdata_588.dat
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2009-01-20 1451248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512]
"preload"="c:\windows\RUNXMLPL.exe" [2005-05-19 32768]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2005-12-16 761945]
"MSPY2002"="c:\windows\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 59392]
"PHIME2002ASync"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"PHIME2002A"="c:\windows\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-10 455168]
"LVCOMSX"="c:\windows\system32\LVCOMSX.EXE" [2006-06-23 225280]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-01-19 7397376]
"ePower_DMC"="c:\acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-03-30 421888]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-03-04 1601304]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2008-10-01 289576]
"ISTray"="c:\program files\Spyware Doctor\pctsTray.exe" [2009-01-28 1168264]
"lxddmon.exe"="c:\program files\Lexmark 2500 Series\lxddmon.exe" [2007-06-11 291760]
"lxddamon"="c:\program files\Lexmark 2500 Series\lxddamon.exe" [2007-04-30 20480]
"FaxCenterServer"="c:\program files\Lexmark Fax Solutions\fm3032.exe" [2007-06-11 312240]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-10-15 39792]
"AGRSMMSG"="AGRSMMSG.exe" [2005-12-12 c:\windows\AGRSMMSG.exe]
"RTHDCPL"="RTHDCPL.EXE" [2006-07-21 c:\windows\Rthdcpl.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 c:\windows\SkyTel.exe]
"CmUsbSound"="cmcnfgu.cpl" [BU]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
"Picasa Media Detector"="c:\program files\Picasa2\PicasaMediaDetector.exe" [BU]

c:\documents and settings\Bru\Menu D‚marrer\Programmes\D‚marrage\
Outil de d‚tection de support Picture Motion Browser.lnk - c:\program files\Sony\Sony Picture Utility\VolumeWatcher\SPUVolumeWatcher.exe [2007-09-20 344064]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-03-04 19:37 10520 c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"SENTINEL"= snti386.dll

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Acer Empowering Technology.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Acer Empowering Technology.lnk
backup=c:\windows\pss\Acer Empowering Technology.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^AutoCAD Startup Accelerator.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\AutoCAD Startup Accelerator.lnk
backup=c:\windows\pss\AutoCAD Startup Accelerator.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Outil de mise à jour Google.lnk]
path=c:\documents and settings\All Users\Menu Démarrer\Programmes\Démarrage\Outil de mise à jour Google.lnk
backup=c:\windows\pss\Outil de mise à jour Google.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Boot]
--a------ 2006-03-15 22:12 579584 c:\acer\Empowering Technology\ePower\Boot.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
c:\program files\Fichiers communs\Symantec Shared\ccApp.exe [BU]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ePower_DMC]
--a------ 2006-03-30 18:47 421888 c:\acer\Empowering Technology\ePower\ePower_DMC.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]
--a------ 2008-04-27 19:48 29744 c:\program files\Google\Google Desktop Search\GoogleDesktop.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-10-01 18:57 289576 c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2009-02-06 18:51 3885408 c:\program files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-09-06 15:09 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
--a------ 2007-07-23 15:05 68856 c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=2 (0x2)
"GoogleDesktopManager-022208-143751"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\WINDOWS\\System32\\PnkBstrA.exe"=
"c:\\WINDOWS\\System32\\PnkBstrB.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\WINDOWS\\System32\\lxddcoms.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Lexmark 2500 Series\\lxddamon.exe"=
"c:\\Program Files\\Lexmark 2500 Series\\App4R.exe"=
"c:\\WINDOWS\\System32\\SPOOL\\DRIVERS\\W32X86\\3\\lxddPSWX.EXE"=
"c:\\WINDOWS\\System32\\SPOOL\\DRIVERS\\W32X86\\3\\lxddjswx.exe"=
"c:\\WINDOWS\\System32\\SPOOL\\DRIVERS\\W32X86\\3\\LXDDtime.exe"=
"c:\\Program Files\\Lexmark 2500 Series\\lxddmon.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"135:TCP"= 135:TCP:TCP Port 135
"5000:TCP"= 5000:TCP:TCP Port 5000
"5001:TCP"= 5001:TCP:TCP Port 5001
"5002:TCP"= 5002:TCP:TCP Port 5002
"5003:TCP"= 5003:TCP:TCP Port 5003
"5004:TCP"= 5004:TCP:TCP Port 5004
"5005:TCP"= 5005:TCP:TCP Port 5005
"5006:TCP"= 5006:TCP:TCP Port 5006
"5007:TCP"= 5007:TCP:TCP Port 5007
"5008:TCP"= 5008:TCP:TCP Port 5008
"5009:TCP"= 5009:TCP:TCP Port 5009
"5010:TCP"= 5010:TCP:TCP Port 5010
"5011:TCP"= 5011:TCP:TCP Port 5011
"5012:TCP"= 5012:TCP:TCP Port 5012
"5013:TCP"= 5013:TCP:TCP Port 5013
"5014:TCP"= 5014:TCP:TCP Port 5014
"5015:TCP"= 5015:TCP:TCP Port 5015
"5016:TCP"= 5016:TCP:TCP Port 5016
"5017:TCP"= 5017:TCP:TCP Port 5017
"5018:TCP"= 5018:TCP:TCP Port 5018
"5019:TCP"= 5019:TCP:TCP Port 5019
"5020:TCP"= 5020:TCP:TCP Port 5020

R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-05-07 325128]
R1 Hotkey;Hotkey;c:\windows\system32\drivers\HOTKEY.sys [2007-01-31 9867]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-05-07 298264]
R2 EpmPsd;Acer EPM Power Scheme Driver;c:\windows\system32\drivers\epm-psd.sys [2007-01-31 4096]
R2 EpmShd;Acer EPM System Hardware Driver;c:\windows\system32\drivers\epm-shd.sys [2007-01-31 78208]
R2 lxdd_device;lxdd_device;c:\windows\system32\lxddcoms.exe -service --> c:\windows\system32\lxddcoms.exe -service [?]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\Spyware Doctor\pctsAuxs.exe [2008-03-16 356920]
R3 lv321av;Logitech USB PC Camera (VC0321);c:\windows\system32\drivers\lv321av.sys [2006-11-17 1097728]
S1 Wbutton;Wbutton;c:\windows\system32\drivers\Wbutton.sys --> c:\windows\system32\drivers\Wbutton.sys [?]
S2 lxddCATSCustConnectService;lxddCATSCustConnectService;c:\windows\system32\spool\drivers\w32x86\3\lxddserv.exe [2009-02-02 99248]
S3 AlteraUSBBlaster;Altera USB-Blaster Device Driver;c:\windows\system32\drivers\ftdibus.sys [2008-05-12 47249]
S3 AWUsb;AWUsb;c:\windows\system32\drivers\awusb.sys [2008-05-08 17964]
S3 AWUsbInit;AWUsbInit;c:\windows\system32\drivers\awusbini.sys [2008-05-08 17384]
S3 bDMusicb;bDMusicb;\??\c:\docume~1\Bru\LOCALS~1\Temp\bDMusicb.sys --> c:\docume~1\Bru\LOCALS~1\Temp\bDMusicb.sys [?]
S3 PMUSB2G;PassMark® Software USB 2.0 Loopback plug;c:\windows\system32\drivers\PMUSB.sys [2008-10-02 18944]
S4 GoogleDesktopManager-022208-143751;Google Desktop Manager 5.7.802.22438;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2007-11-27 29744]

--- Autres Services/Pilotes en mémoire ---

*Deregistered* - mchInjDrv
.
Contenu du dossier 'Tâches planifiées'

2009-02-25 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 12:34]

2009-03-05 c:\windows\Tasks\A7B8FD6D918B70F5.job
- c:\docume~1\daphn []

2009-03-05 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-02-01 17:49]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://google.fr/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
uInternet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\Daphné\Application Data\Mozilla\Firefox\Profiles\t4kayp6o.default\
FF - prefs.js: browser.search.defaulturl - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF - prefs.js: keyword.URL - chrome://google-partner/locale/partner.properties
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - plugin: c:\documents and settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1487.6512\npCIDetect13.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava11.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava12.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava13.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava14.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJava32.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPJPI150_03.dll
FF - plugin: c:\program files\Java\jre1.5.0_03\bin\NPOJI610.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-05 17:24:17
Windows 5.1.2600 Service Pack 3 FAT NTAPI

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\FICHIERS COMMUNS\LOGITECH\LVMVFM\LVPRCSRV.EXE
c:\windows\SYSTEM32\RUNDLL32.EXE
c:\acer\EMPOWERING TECHNOLOGY\EPERFORMANCE\MEMCHECK.EXE
c:\program files\FICHIERS COMMUNS\APPLE\MOBILE DEVICE SUPPORT\BIN\APPLEMOBILEDEVICESERVICE.EXE
c:\program files\AVG\AVG8\AVGWDSVC.EXE
c:\windows\SYSTEM32\CRYPSERV.EXE
c:\windows\SYSTEM32\LXDDCOMS.EXE
c:\program files\FICHIERS COMMUNS\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
c:\windows\SYSTEM32\NVSVC32.EXE
c:\windows\SYSTEM32\PNKBSTRA.EXE
c:\program files\SPYWARE DOCTOR\PCTSSVC.EXE
c:\program files\AVG\AVG8\AVGRSX.EXE
c:\windows\system32\wbem\wmiapsrv.exe
c:\windows\ehome\mcrdsvc.exe
c:\acer\Empowering Technology\eLock\Service\eLockServ.exe
c:\program files\iPod\bin\iPodService.exe
c:\windows\system32\wbem\unsecapp.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Heure de fin: 2009-03-05 17:27:43 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-03-05 16:27:40
ComboFix2.txt 2009-03-05 12:10:20

Avant-CF: 26 689 896 448 octets libres
Après-CF: 26,729,938,944 octets libres

288 --- E O F --- 2009-02-25 20:58:53

je voudrai juste savoir, j'ai spyware Doctor, vaut il mieux que je le desinstalle pour prendre ce que tu me conseilles : Spyware Blaster ou alors est ce que ca n'a rien a voir et il faut les 2 ?

ensuite autre question, depuis hier on me dit que pour AVG ma connexion a un probleme alors que non... j'ai internet et pas de robleme. j'ai essayé de faire une misa a niveau mais ca ne change rien

dernière question (promis apres j'arrete ^^) a chaque fois que je veut eteindre mon pc j'ai un message d'erreur pour internet explorer (je ne l'utilise pas, j'utilise uniquement firefox) comment ca se fait?

merci d'avance et merci pour tout le reste

ba du coup j'ai enlever spyware doctor mais faut -il que je garde spyboth ou justement non?
sinon, c'est bon, j'ai reussi a remettre AVG
et pour internet le message n'apparait as a chaque fois mais j'ai souvent la fenetre avec le programme qui ne répond pas et donc une barre verte qui progresse avec arret en cours. mais pourtant je n'utilise pas internet explorer, juste firefox (ca a un lien ou du tout?)

en tout cas merci pour ton aide, je n'ai plus du tout de CID =) j'ai lu le dossier avec les conseils, merci encore!!

ok.

merci pour tout !!
si jamais j'ai un problème, je sais sur quel site venir ^^