Je crois que j ai bouzillé le pc de mon frere

tu sais kevin05, je suis pas bete a ce point, tu comprend ske je veux dire?

Bonsoir , sil te plait, lis ceci http://fr.tech-faq.com/combofix.shtml, ce logiciel est fait pour te débarrasser des cochonneries qui traine sur ton pc , donc si tu veux résoudre tes soucis fait ce que te dit kevin05 , il est loin d'être un pirate ou autre .
Je peux te dire qu'il le fait bénévolement et est sûrement un des meilleur désinfecteur sur le site.

merci tommy, mais je sais pas ce qui se passe je ne peux plus ouvrir pratiquement aucun lien.
et puis comme peut etre tu l as constaté kevin05 ne m explique rien, je comprend rien de ce kil m ecrit, et dsl c un peu difficile de faire confiance dans ces conditions.
je connais très bien ce site et j y ai posé pas mal de question et je trouve que l avantage de ce dorum par rapport aux autres c kon explique bien au debutant comment y faire, mais la avec kevin05 g du mal a suivre, peu etre parske je suis trop nul mais bon c pa mon premier sujet ici
bref on fait table rase, je fais qoi maintenant? et svp tommy et kevin c koi ce truc de console je n en ai aucune idée
c simple je vais ou et je fais quoi ?
merci

Salut bon je vois que ça roule , je te donne un lien pour que tu sache ce que c'est la console de récupération.
Bonne continuation , et rassure toi n'importe qui sur le net ce fait avoir et ce même sans cliquer , rien quant visitant un site on peu ce choper des cochonneries .
Tu peu le dire a ton frère de ma part et si il a des doute qu'il vienne en mp avec moi je lui prouverai et le conseillerai si il veut.
http://www.forum-vista.net/forum/topic110.html

kevin05 ecoute le lien de RSIT a marché je vien de le telecharger et je vais faire comme tu m a dit dans ta premiere reponse

bon voila pour le log.txt voila le rapport:

Logfile of random's system information tool 1.06 (written by random/random)
Run by zied at 2009-04-08 00:16:58
Microsoft® Windows Vista™ Édition Familiale Basique Service Pack 1
System drive C: has 28 GB (25%) free of 114 GB
Total RAM: 1976 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:17:17, on 08/04/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Users\zied\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSLoader.exe
C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Acer\Empowering Technology\NotificationCenter\Framework.NotificationCenter.exe
C:\Users\zied\Downloads\RSIT.exe
C:\Program Files\trend micro\zied.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vb32&d=1108&m=aspire_5735
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://homepage.acer.com/rdr.aspx?b=ACAW&l=040c&s=2&o=vb32&d=1108&m=aspire_5735
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDStoolbar.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "c:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [BkupTray] "C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
O4 - HKLM\..\Run: [ArcadeDeluxeAgent] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe
O4 - HKLM\..\Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - https://www.eset.com/
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: NTI Backup Now 5 Agent Service (BUNAgentSvc) - NewTech Infosystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe
O23 - Service: CLHNService - Unknown owner - C:\Program Files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe
O23 - Service: eDataSecurity Service - Egis Incorporated - C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSService.exe
O23 - Service: Empowering Technology Service (ETService) - Unknown owner - C:\Program Files\Acer\Empowering Technology\Service\ETService.exe
O23 - Service: Google Desktop Manager 5.7.808.7150 (GoogleDesktopManager-080708-050100) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: NTI Backup Now 5 Backup Service (NTIBackupSvc) - NewTech InfoSystems, Inc. - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe
O23 - Service: NTI Backup Now 5 Scheduler Service (NTISchedulerSvc) - Unknown owner - C:\Program Files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe

c bon je le telecharge

voila le rapport de combofix


ComboFix 09-04-04.01 - zied 2009-04-08 2:43:47.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Basique 6.0.6001.1.1252.1.1036.18.1976.1115 [GMT 2:00]
Lancé depuis: c:\users\zied\Downloads\ComboFix.exe
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\users\zied\AppData\Roaming\.#
c:\users\zied\AppData\Roaming\.#\MBX@11F8@1E42990.###
c:\users\zied\AppData\Roaming\.#\MBX@11F8@1E429C0.###
c:\users\zied\AppData\Roaming\.#\MBX@11F8@1E429F0.###

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-03-08 au 2009-04-08 ))))))))))))))))))))))))))))))))))))
.

2009-04-08 00:30 . 2009-04-08 00:37 <REP> d-------- C:\UsbFix
2009-04-08 00:26 . 2009-04-08 00:26 56 --ah----- c:\windows\System32\ezsidmv.dat
2009-04-08 00:16 . 2009-04-08 00:17 <REP> d-------- C:\rsit
2009-04-07 21:10 . 2009-04-07 21:10 <REP> d-------- c:\users\All Users\Avira
2009-04-07 21:10 . 2009-04-07 21:10 <REP> d-------- c:\programdata\Avira
2009-04-07 21:10 . 2009-04-07 21:10 <REP> d-------- c:\program files\Avira
2009-04-07 20:38 . 2009-04-07 20:38 <REP> d-------- c:\users\zied\AppData\Roaming\ESET
2009-04-07 20:36 . 2009-04-07 20:36 <REP> d-------- c:\users\All Users\ESET
2009-04-07 20:36 . 2009-04-07 20:36 <REP> d-------- c:\programdata\ESET
2009-04-07 20:27 . 2009-04-07 20:27 <REP> d--h----- c:\windows\msdownld.tmp
2009-04-07 20:15 . 2009-04-07 20:15 <REP> d-------- c:\users\zied\AppData\Roaming\Apple Computer
2009-04-07 20:14 . 2009-04-07 20:14 <REP> d----c--- c:\windows\System32\DRVSTORE
2009-04-07 20:14 . 2009-04-07 20:14 <REP> d-------- c:\users\All Users\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-07 20:14 . 2009-04-07 20:14 <REP> d-------- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-04-07 20:14 . 2009-04-07 20:14 <REP> d-------- c:\program files\iTunes
2009-04-07 20:14 . 2009-04-07 20:14 <REP> d-------- c:\program files\iPod
2009-04-07 20:14 . 2008-04-17 12:12 107,368 --a------ c:\windows\System32\GEARAspi.dll
2009-04-07 20:14 . 2009-03-19 16:32 23,400 --a------ c:\windows\System32\drivers\GEARAspiWDM.sys
2009-04-07 20:13 . 2009-04-07 20:13 <REP> d-------- c:\program files\Bonjour
2009-04-07 20:12 . 2009-04-07 20:12 <REP> d-------- c:\program files\Apple Software Update
2009-04-07 20:11 . 2009-04-07 20:11 <REP> d-------- c:\users\All Users\Apple
2009-04-07 20:11 . 2009-04-07 20:11 <REP> d-------- c:\programdata\Apple
2009-04-07 20:11 . 2009-04-07 20:14 <REP> d-------- c:\program files\Common Files\Apple
2009-04-07 20:03 . 2009-04-08 00:17 <REP> d-------- c:\program files\Trend Micro
2009-04-07 01:38 . 2008-06-20 03:14 781,344 --a------ c:\windows\System32\PresentationNative_v0300.dll
2009-04-07 01:38 . 2008-06-20 03:14 622,080 --a------ c:\windows\System32\icardagt.exe
2009-04-07 01:38 . 2008-06-20 03:14 326,160 --a------ c:\windows\System32\PresentationHost.exe
2009-04-07 01:38 . 2008-06-20 03:14 105,016 --a------ c:\windows\System32\PresentationCFFRasterizerNative_v0300.dll
2009-04-07 01:38 . 2008-06-20 03:14 97,800 --a------ c:\windows\System32\infocardapi.dll
2009-04-07 01:38 . 2008-06-20 03:14 43,544 --a------ c:\windows\System32\PresentationHostProxy.dll
2009-04-07 01:38 . 2008-06-20 03:14 37,384 --a------ c:\windows\System32\infocardcpl.cpl
2009-04-07 01:38 . 2008-06-20 03:14 11,264 --a------ c:\windows\System32\icardres.dll
2009-04-07 01:32 . 2008-07-27 20:03 282,112 --a------ c:\windows\System32\mscoree.dll
2009-04-07 01:32 . 2008-07-27 20:03 158,720 --a------ c:\windows\System32\mscorier.dll
2009-04-07 01:32 . 2008-07-27 20:03 96,760 --a------ c:\windows\System32\dfshim.dll
2009-04-07 01:32 . 2008-07-27 20:03 83,968 --a------ c:\windows\System32\mscories.dll
2009-04-07 01:32 . 2008-07-27 20:03 41,984 --a------ c:\windows\System32\netfxperf.dll
2009-04-07 00:48 . 2009-04-08 00:26 <REP> d-------- c:\users\zied\Tracing
2009-04-07 00:45 . 2009-04-07 00:45 <REP> d-------- c:\program files\Microsoft Office Outlook Connector
2009-04-07 00:44 . 2006-11-29 13:06 3,426,072 --a------ c:\windows\System32\d3dx9_32.dll
2009-04-07 00:43 . 2009-04-07 00:43 <REP> d-------- c:\program files\Microsoft SQL Server Compact Edition
2009-04-07 00:41 . 2009-04-07 00:46 <REP> d-------- c:\program files\Microsoft
2009-04-07 00:40 . 2009-04-07 00:40 <REP> d-------- c:\program files\Windows Live SkyDrive
2009-04-07 00:21 . 2009-04-07 00:21 <REP> d-------- c:\program files\Common Files\Windows Live
2009-04-07 00:01 . 2009-04-07 01:10 <REP> d-------- c:\users\All Users\Kaspersky Lab
2009-04-07 00:01 . 2009-04-07 01:10 <REP> d-------- c:\programdata\Kaspersky Lab
2009-04-04 22:32 . 2009-04-04 22:32 <REP> d-------- c:\program files\Java
2009-04-04 21:13 . 2009-04-04 22:32 410,984 --a------ c:\windows\System32\deploytk.dll
2009-03-17 12:24 . 2009-03-17 12:24 <REP> d-------- c:\users\All Users\Kaspersky Lab Setup Files
2009-03-17 12:24 . 2009-03-17 12:24 <REP> d-------- c:\programdata\Kaspersky Lab Setup Files
2009-03-17 12:21 . 2009-03-17 12:21 <REP> d-------- c:\users\zied\AppData\Roaming\InstallShield
2009-03-17 12:21 . 2009-03-17 12:21 <REP> d-------- c:\program files\SAGEM
2009-03-11 01:31 . 2008-12-16 05:29 8,147,456 --a------ c:\windows\System32\wmploc.DLL
2009-03-11 01:31 . 2008-12-16 07:31 7,680 --a------ c:\windows\System32\spwmp.dll
2009-03-11 01:31 . 2008-12-16 07:31 4,096 --a------ c:\windows\System32\msdxm.ocx
2009-03-11 01:31 . 2008-12-16 07:31 4,096 --a------ c:\windows\System32\dxmasf.dll
2009-03-11 01:12 . 2009-02-09 05:10 2,033,152 --a------ c:\windows\System32\win32k.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-07 22:27 --------- d-----w c:\users\zied\AppData\Roaming\Skype
2009-04-07 22:27 --------- d-----w c:\program files\MessengerDiscovery
2009-04-07 22:05 --------- d-----w c:\users\zied\AppData\Roaming\skypePM
2009-04-07 18:15 --------- d-----w c:\programdata\Apple Computer
2009-04-06 22:58 --------- d-----w c:\program files\Spybot - Search & Destroy
2009-04-06 22:45 --------- d-----w c:\program files\Windows Live
2009-04-06 21:58 --------- d-----w c:\programdata\McAfee
2009-03-19 12:00 --------- d---a-w c:\programdata\TEMP
2009-03-17 11:06 --------- d-----w c:\users\zied\AppData\Roaming\CyberLink
2009-03-17 10:21 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-11 17:27 --------- d-----w c:\program files\Windows Mail
2009-03-11 17:21 --------- d-----w c:\programdata\Microsoft Help
2009-03-08 11:34 914,944 ----a-w c:\windows\System32\wininet.dll
2009-03-08 11:34 43,008 ----a-w c:\windows\System32\licmgr10.dll
2009-03-08 11:33 420,352 ----a-w c:\windows\System32\vbscript.dll
2009-03-08 11:33 18,944 ----a-w c:\windows\System32\corpol.dll
2009-03-08 11:33 132,608 ----a-w c:\windows\System32\ieUnatt.exe
2009-03-08 11:33 109,568 ----a-w c:\windows\System32\PDMSetup.exe
2009-03-08 11:33 109,056 ----a-w c:\windows\System32\iesysprep.dll
2009-03-08 11:33 107,520 ----a-w c:\windows\System32\RegisterIEPKEYs.exe
2009-03-08 11:33 107,008 ----a-w c:\windows\System32\SetIEInstalledDate.exe
2009-03-08 11:33 103,936 ----a-w c:\windows\System32\SetDepNx.exe
2009-03-08 11:32 72,704 ----a-w c:\windows\System32\admparse.dll
2009-03-08 11:32 71,680 ----a-w c:\windows\System32\iesetup.dll
2009-03-08 11:32 66,560 ----a-w c:\windows\System32\wextract.exe
2009-03-08 11:32 169,472 ----a-w c:\windows\System32\iexpress.exe
2009-03-08 11:31 48,128 ----a-w c:\windows\System32\mshtmler.dll
2009-03-08 11:31 45,568 ----a-w c:\windows\System32\mshta.exe
2009-03-08 11:31 34,816 ----a-w c:\windows\System32\imgutil.dll
2009-03-08 11:22 156,160 ----a-w c:\windows\System32\msls31.dll
2009-03-07 23:11 --------- d-----w c:\program files\Microsoft Silverlight
2009-02-28 17:50 --------- d-----w c:\users\zied\AppData\Roaming\vlc
2009-02-28 17:48 --------- d-----w c:\program files\VideoLAN
2009-02-28 05:54 --------- d-----w c:\programdata\Adobe Systems
2009-02-28 05:46 --------- d-----w c:\program files\Common Files\Adobe
2009-02-28 05:45 --------- d-----w c:\program files\Common Files\Adobe Systems Shared
2009-02-27 23:30 --------- d-----w c:\program files\K-Lite Codec Pack
2009-02-27 23:14 --------- d-----w c:\programdata\TechSmith
2009-02-27 23:14 --------- d-----w c:\program files\TechSmith
2009-02-27 23:14 --------- d-----w c:\program files\Common Files\TechSmith Shared
2009-02-27 23:11 --------- d-----w c:\program files\Anim-FX
2009-02-26 19:21 --------- d-----w c:\users\zied\AppData\Roaming\Publish Providers
2009-02-26 19:19 --------- d-----w c:\users\zied\AppData\Roaming\Sony
2009-02-26 19:15 --------- d-----w c:\programdata\Sony
2009-02-26 19:14 --------- d-----w c:\program files\Vstplugins
2009-02-26 19:13 --------- d-----w c:\program files\Sony
2009-02-26 19:12 --------- d-----w c:\program files\Sony Setup
2009-02-23 20:37 --------- d-----w c:\users\zied\AppData\Roaming\Media Player Classic
2009-02-06 17:39 308,600 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 16:52 49,504 ----a-w c:\windows\System32\sirenacm.dll
2008-01-21 02:57 174 --sha-w c:\program files\desktop.ini
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\egisPSDP]
@="{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}"
[HKEY_CLASSES_ROOT\CLSID\{30A0A3F6-38AC-4C53-BB8B-0D95238E25BA}]
2008-05-14 18:05 121392 --a------ c:\program files\Acer\Empowering Technology\eDataSecurity\x86\PSDProtect.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2009-02-06 3885408]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-11-29 68856]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-11-18 21633320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2008-04-25 1049896]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-03-08 40048]
"BkupTray"="c:\program files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe" [2008-04-06 34040]
"ArcadeDeluxeAgent"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe" [2008-04-10 147456]
"CLMLServer"="c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe" [2008-04-10 167936]
"PlayMovie"="c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe" [2008-04-18 167936]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-07-17 150040]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-07-17 170520]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-07-17 145944]
"LManager"="c:\progra~1\LAUNCH~1\LManager.exe" [2008-09-11 809480]
"eDataSecurity Loader"="c:\program files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe" [2008-05-14 526896]
"ePower_DMC"="c:\program files\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2008-06-11 409600]
"Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2008-11-29 24064]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-04-04 148888]
"QuickTime Task"="c:\program files\K-Lite Codec Pack\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-04-02 342312]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"RtHDVCpl"="RtHDVCpl.exe" [2008-06-13 c:\windows\RtHDVCpl.exe]

c:\users\zied\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Gamma.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 113664]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-02-12 723496]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\Google\GOOGLE~1\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{7071B892-04D5-4218-8C4C-8FF79141C8DD}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
"{A5957AF6-E2EB-4A2B-A04D-E2C9657D6F4C}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe:SchedulerSvc.exe
"{3E704D27-FA50-4589-B07F-A4E298324284}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
"{618830FC-BA67-47D1-A08D-417E50881B90}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe:BackupSvc.exe
"{6B0B800B-5596-45E7-A477-899F28E6CE80}"= UDP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
"{6415584C-351A-4940-95CB-ADCACDC40AEF}"= TCP:c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe:AgentSvc.exe
"{062B793B-EA12-4B23-BD36-4DB18A6DBC7C}"= c:\program files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector
"{2D93C784-0499-4DD7-AC36-33A185840CF4}"= c:\program files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe
"{1EEC6E13-50B8-492E-83B1-B401D965419A}"= c:\program files\Acer Arcade Deluxe\PlayMovie\PlayMovie.exe:Acer Play Movie
"{9878A142-CD74-4111-961D-70412F5CFCE3}"= c:\program files\Acer Arcade Deluxe\PlayMovie\PMVService.exe:Acer Play Movie Resident Program
"{DFDC3A1C-9ADA-45DF-B92A-1ECA8C75EDEC}"= c:\program files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:Acer HomeMedia
"{462493EF-34CF-448E-8A17-6F5FEE31A9A6}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{0B72B92F-4206-44AD-8208-C22AC139CD5D}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{843D8047-3BF2-484E-8CB0-5E80552F6893}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"{3C306AB3-FEA4-41EB-B231-F289D8357EF1}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{01E51EBF-1736-4F79-B4CE-098369433304}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{BE89946C-6CF8-459E-965C-D7C3302EA2F8}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{63346C9D-C27B-4D4D-A4FD-923A81FB0C7A}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};c:\program files\Acer Arcade Deluxe\PlayMovie\[u]0/u00.fcl [2008-05-27 00:08:06 61424]
R2 BUNAgentSvc;NTI Backup Now 5 Agent Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\Client\Agentsvc.exe [2008-03-03 16384]
R2 CLHNService;CLHNService;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\CLHNService.exe [2008-05-27 81504]
R2 ETService;Empowering Technology Service;c:\program files\Acer\Empowering Technology\Service\ETService.exe [2008-05-27 24576]
R2 NTIBackupSvc;NTI Backup Now 5 Backup Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2008-04-06 50424]
R2 NTIPPKernel;NTIPPKernel;c:\program files\Acer Arcade Deluxe\HomeMedia\Kernel\DMP\NTIPPKernel.sys [2008-05-27 122368]
R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;c:\program files\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2008-04-04 131072]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [2008-01-21 179712]
S3 GoogleDesktopManager-080708-050100;Google Desktop Manager 5.7.808.7150;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [2008-11-29 24064]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
bthsvcs REG_MULTI_SZ BthServ
.
- - - - ORPHELINS SUPPRIMES - - - -

HKLM-Run-eRecoveryService - (no file)


.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyOverride = *.local
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
IE: Envoyer au périphérique &Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: Envoyer l'&image au périphérique Bluetooth... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
FF - ProfilePath - c:\users\zied\AppData\Roaming\Mozilla\Firefox\Profiles\m6sfy79x.default\
FF - prefs.js: browser.startup.homepage - hxxp://fr.msn.com/
FF - component: c:\program files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}\components\NPComponent.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
.

**************************************************************************

catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-08 02:46:33
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
Heure de fin: 2009-04-08 2:48:50
ComboFix-quarantined-files.txt 2009-04-08 00:48:45

Avant-CF: 29 089 935 360 octets libres
Après-CF: 28,910,211,072 octets libres

236 --- E O F --- 2009-04-07 16:20:10

alors ca va pas de virus ou de machin?