Virus ou pas virus.... HELP PLEASE

merci chimay, je vai faire ces tuk et je colle le rapport aussito.

en effet oui, je l'ai lancé et il a trouvé deux menaces et C désinfecté, voila le rapport :

Logfile of Spyware Terminator v2.5.6.316 (db:3.004.030.000)
Scan Time: 5/2/2009 00:37:02 length: 117 s
Platform: VISTA (6.0.0.6001)
User: Admin
Boot Mode: Normal
Scan type: Fast_Spyware_Scan
Scanned Objects: 47104 (Critical:2)
Filter: No System items, No Safe items, No Invalid items

Running Processes
SLsvc.exe [Microsoft Corporation] : C:\Windows\system32\SLsvc.exe
sched.exe [Avira GmbH] : C:\Program Files\Avira\Avira Premium Security Suite\sched.exe
GoogleUpdate.exe [Google Inc.] : C:\Program Files\Google\Update\GoogleUpdate.exe
RtHDVCpl.exe [Realtek Semiconductor] : C:\Windows\RtHDVCpl.exe
avgnt.exe [Avira GmbH] : C:\Program Files\Avira\Avira Premium Security Suite\avgnt.exe
fsui.exe [Microsoft Corporation] : C:\Program Files\Windows Live\Family Safety\fsui.exe
GoogleUpdate.exe [Google Inc.] : C:\Users\soldatsam\AppData\Local\Google\Update\GoogleUpdate.exe
wmpnscfg.exe [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmpnscfg.exe
avfwsvc.exe [Avira GmbH] : C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe
avguard.exe [Avira GmbH] : C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
avesvc.exe [Avira GmbH] : C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
fsssvc.exe [Microsoft Corporation] : C:\Program Files\Windows Live\Family Safety\fsssvc.exe
SeaPort.exe [Microsoft Corp.] : C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
avmailc.exe [Avira GmbH] : C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
avwebgrd.exe [Avira GmbH] : C:\Program Files\Avira\Avira Premium Security Suite\avwebgrd.exe
wmpnetwk.exe [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmpnetwk.exe
igfxsrvc.exe [Intel Corporation] : C:\Windows\system32\igfxsrvc.exe

Internet Settings
R - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R - HKLM\System\CurrentControlSet\Services\Tcpip\Parameters, Domain =
R - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony, DomainName =

BHO
02 - BHO: IE7Pro BHO - {00011268-E188-40DF-A514-835FCD78B1BF} - [IE7Pro.com] : C:\Program Files\IEPro\iepro.dll
02 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - [RealPlayer] : C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
02 - BHO: Windows Live Family Safety Browser Helper Class - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - [Microsoft Corporation] : C:\Program Files\Windows Live\Family Safety\fssbho.dll
02 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - [Microsoft Corp.] : C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
02 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - : C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
02 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - [Google Inc.] : C:\Program Files\Google\Google Toolbar\Component\fastsearch_9993303B90FE6C1D.dll
02 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - [Sun Microsystems, Inc.] : C:\Program Files\Java\jre6\bin\jp2ssv.dll
02 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - [Microsoft Corporation] : C:\Program Files\Windows Live\Toolbar\wltcore.dll

Toolbars
03 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - [Microsoft Corporation] : C:\Program Files\Windows Live\Toolbar\wltcore.dll
03 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - : C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll

StartUps
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, Google Update : [Google Inc.] : C:\Users\soldatsam\AppData\Local\Google\Update\GoogleUpdate.exe
04 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, WMPNSCFG : [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmpnscfg.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, RtHDVCpl : [Realtek Semiconductor] : C:\Windows\RtHDVCpl.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, avgnt : [Avira GmbH] : C:\Program Files\Avira\Avira Premium Security Suite\avgnt.exe
04 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, fssui : [Microsoft Corporation] : C:\Program Files\Windows Live\Family Safety\fsui.exe

Shell Extensions
CLSID_PreviewMime - {92dbad9f-5025-49b0-9078-2d78f935e341} - [Microsoft Corporation] : C:\Windows\system32\inetcomm.dll
CLSID_PreviewEmail - {b9815375-5d7f-4ce2-9245-c9d4da436930} - [Microsoft Corporation] : C:\Windows\system32\inetcomm.dll
CLSID_PreviewHtml - {f8b8412b-dea3-4130-b36c-5e8be73106ac} - [Microsoft Corporation] : C:\Windows\system32\inetcomm.dll
Shell Message Handler - {5FA29220-36A1-40f9-89C6-F4B384B7642E} - [Microsoft Corporation] : C:\Windows\system32\inetcomm.dll
Microsoft Agent Character Property Sheet Handler - {143A62C8-C33B-11D1-84FE-00C04FA34A14} - [Microsoft Corporation] : C:\Windows\MSAgent\agentpsh.dll
CompressedFolder - {E88DCCE0-B7B3-11d1-A9F0-00AA0060FA31} - [Microsoft Corporation] : C:\Windows\system32\zipfldr.dll
Compressed (zipped) Folder Right Drag Handler - {BD472F60-27FA-11cf-B8B4-444553540000} - [Microsoft Corporation] : C:\Windows\system32\zipfldr.dll
Compressed (zipped) Folder SendTo Target - {888DCA60-FC0A-11CF-8F0F-00C04FD7D062} - [Microsoft Corporation] : C:\Windows\system32\zipfldr.dll
Compressed (zipped) Folder Context Menu - {b8cdcb65-b1bf-4b42-9428-1dfdb7ee92af} - [Microsoft Corporation] : C:\Windows\system32\zipfldr.dll
Compressed (zipped) Folder DropHandler - {ed9d80b9-d157-457b-9192-0e7280313bf0} - [Microsoft Corporation] : C:\Windows\system32\zipfldr.dll
Windows Photo Gallery Viewer Video Verbs - {E598560B-28D5-46aa-A14A-8A3BEA34B576} - [Microsoft Corporation] : C:\Program Files\Windows Photo Gallery\PhotoViewer.dll
&Windows Media Player - {0a4286ea-e355-44fb-8086-af3df7645bd9} - [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmpband.dll
- {BB6B2374-3D79-41DB-87F4-896C91846510} - [Microsoft Corporation] : C:\Windows\system32\emdmgmt.dll
Windows Photo Gallery Viewer Autoplay Handler - {9D687A4C-1404-41ef-A089-883B6FBECDE6} - [Microsoft Corporation] : C:\Windows\system32\RUNDLL32.EXE
Portable Media Devices - {640167b4-59b0-47a6-b335-a6b3c0695aea} - [Microsoft Corporation] : C:\Windows\system32\audiodev.dll
PhotoAcqDropTarget - {00f20eb5-8fd6-4d9d-b75e-36801766c8f1} - [Microsoft Corporation] : C:\Program Files\Windows Photo Gallery\PhotoAcq.dll
Windows Photo Gallery Viewer Image Verbs - {FFE2A43C-56B9-4bf5-9A79-CC6D4285608A} - [Microsoft Corporation] : C:\Program Files\Windows Photo Gallery\PhotoViewer.dll
Tablet PC Input Panel - {15D633E2-AD00-465b-9EC7-F56B7CDF8E27} - [Microsoft Corporation] : C:\Program Files\Common Files\microsoft shared\ink\TipBand.dll
Windows gadget DropTarget - {6b9228da-9c15-419e-856c-19e768a13bdc} - [Microsoft Corporation] : C:\Program Files\Windows Sidebar\sbdrop.dll
WinRAR - {B41DB860-8EE4-11D2-9906-E49FADC173CA} - : C:\Program Files\WinRAR\rarext.dll
Shell Extension for Malware scanning - {45AC2688-0253-4ED8-97DE-B5370FA7D48A} - [Avira GmbH] : C:\Program Files\Avira\Avira Premium Security Suite\shlext.dll
RealOne Player Context Menu Class - {F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} - [RealNetworks, Inc.] : C:\Program Files\Real\RealPlayer\rpshell.dll
CLSID_WLMCMimeFilter - {0563DB41-F538-4B37-A92D-4659049B7766} - [Microsoft Corporation] : C:\Program Files\Windows Live\Mail\mailcomm.dll
UIContextMenu Class - {AD392E40-428C-459F-961E-9B147782D099} - [EZB Systems, Inc.] : C:\Program Files\UltraISO\isoshell.dll
Nokia Phone Browser - {416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} - [Nokia] : C:\Program Files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
- {06A2568A-CED6-4187-BB20-400B8C02BE5A} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe
Windows Live Photo Gallery Viewer Autoplay Shim - {00F33137-EE26-412F-8D71-F84E4C2C6625} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Autoplay Drop Target - {2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE
Windows Live Photo Gallery Editor Drop Target - {00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE
Windows Live Photo Gallery Viewer Drop Target - {00F374B7-B390-4884-B372-2FC349F2172B} - [Microsoft Corporation] : C:\Program Files\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE
Windows Live Photo Gallery Viewer Shim - {00F346CB-35A4-465B-8B8F-65A29DBAB1F6} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Editor Shim - {00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
Windows Live Photo Gallery Viewer Autoplay Shim - {00F30F90-3E96-453B-AFCD-D71989ECC2C7} - [Microsoft Corporation] : C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll

Protocol Filters
Google Dictionary Compression filter - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - [Google Inc.] : C:\Program Files\Google\Google Toolbar\Component\fastsearch_9993303B90FE6C1D.dll

Protocol Handler
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll
MHTML Asynchronous Pluggable Protocol Handler - {05300401-BCBC-11d0-85E3-00C04FD85AB4} - [Microsoft Corporation] : C:\Windows\system32\inetcomm.dll
- {828030A1-22C1-4009-854F-8E305202313F} - [Microsoft Corporation] : C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll
Windows Live Mail HTML Asynchronous Pluggable Protocol Handler - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - [Microsoft Corporation] : C:\Program Files\Windows Live\Mail\mailcomm.dll

Services
23 - [Avira GmbH] : C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe
23 - [Avira GmbH] : C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
23 - [Avira GmbH] : C:\Program Files\Avira\Avira Premium Security Suite\sched.exe
23 - [Avira GmbH] : C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
23 - [Avira GmbH] : C:\Program Files\Avira\Avira Premium Security Suite\avwebgrd.exe
23 - [Avira GmbH] : C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
23 - [Avira GmbH] : C:\Windows\system32\DRIVERS\avfwim.sys
23 - [Avira GmbH] : C:\Windows\system32\DRIVERS\avfwot.sys
23 - [Avira GmbH] : C:\Program Files\Avira\Avira Premium Security Suite\avgio.sys
23 - [Avira GmbH] : C:\Program Files\Avira\Avira Premium Security Suite\avgntflt.sys
23 - [Microsoft Corporation] : C:\Windows\system32\DRIVERS\bowser.sys
23 - [Microsoft Corporation] : C:\Windows\system32\Drivers\dfsc.sys
23 - [Microsoft Corporation] : C:\Windows\system32\DRIVERS\flpydisk.sys
23 - [Microsoft Corporation] : C:\Program Files\Windows Live\Family Safety\fsssvc.exe
23 - [Realtek Semiconductor Corp.] : C:\Windows\system32\drivers\RTKVHDA.sys
23 - [Microsoft Corporation] : C:\Windows\system32\DRIVERS\msiscsi.sys
23 - [EZB Systems, Inc.] : C:\Program Files\UltraISO\drivers\ISODrive.sys
23 - [Microsoft Corporation] : C:\Windows\system32\DRIVERS\mrxsmb10.sys
23 - [Microsoft Corporation] : C:\Windows\system32\DRIVERS\mssmbios.sys
23 - [NVIDIA Corporation] : C:\Windows\system32\DRIVERS\nvlddmkm.sys
23 - [Microsoft Corporation] : C:\Windows\system32\drivers\rdpencdd.sys
23 - [Microsoft Corp.] : C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
23 - [B2C2, Inc.] : C:\Windows\system32\DRIVERS\SkyNET.SYS
23 - [Microsoft Corporation] : C:\Windows\system32\SLsvc.exe
23 - [Sonix Co. Ltd.] : C:\Windows\system32\DRIVERS\snpstd3.sys
23 - [Microsoft Corporation] : C:\Program Files\Windows Media Player\wmpnetwk.exe
23 - [Marvell] : C:\Windows\system32\DRIVERS\yk60x86.sys

Winlogon Notify
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui, DLLName : [Intel Corporation] : C:\Windows\system32\igfxdev.dll

System Policies
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer, NoFolderOptions : :

Threat Files
<CoolWebSearch> : C:\Users\soldatsam\Favorites\????? ???????? ?? ????? ?????? bluetooth usb adapter es-388 - ??????? ???????.url

Advanced Files Report
%SYSDIR%\avsda.dll [Avira GmbH] [AntiVir Workstation] MD5=095D5F783AA8AE6D71EF39F31ACA8C88 SIZE=94465
%SYSDIR%\RtkAPO.dll [Realtek Semiconductor Corp.] [Realtek(r) LFX/GFX DSP component] MD5=5303E25B70E369CCE576CE293F2124D4 SIZE=2167840
%SYSDIR%\SLsvc.exe [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=0BA91E1358AD25236863039BB2609A2E SIZE=2623488
%SYSDIR%\EP0SLM00.DLL [SEIKO EPSON CORPORATION] [EPSON Printer Driver] MD5=4AB80A11CFB0FEEFAACFDB71B1DFEFE8 SIZE=62976
%SYSDIR%\spool\PRTPROCS\W32X86\EP0NPP01.DLL [SEIKO EPSON CORPORATION] [EPSON Print Processor ESC/P] MD5=1A2CB2A86A6C3F0571394A9BBC0FB805 SIZE=32768
%PROGRAMFILES%\Avira\Avira Premium Security Suite\sched.exe [Avira GmbH] [AntiVir Workstation] MD5=D6C8942BEA3698A2E7559BD423BFA5D7 SIZE=68865
%PROGRAMFILES%\Avira\Avira Premium Security Suite\schedr.dll [Avira GmbH] [AntiVir Workstation] MD5=EFBABD350FA0E4804CD98CE6FFE98743 SIZE=7937
%PROGRAMFILES%\Avira\Avira Premium Security Suite\avevtlog.dll [Avira GmbH] [AntiVir Workstation] MD5=61DBB2959632400D4D7E397EBBCEB88F SIZE=119041
%PROGRAMFILES%\Avira\Avira Premium Security Suite\sqlite3.dll [SQLite Database] MD5=A467ACDA6C73AE3F8DBC6B94602921B5 SIZE=339968
%SYSDIR%\nvd3dum.dll [NVidia Corporation] [NVidia Windows 95 drivers] MD5=1F5E2BA84E34115B754E834353D9BEE5 SIZE=3022848
%PROGRAMFILES%\Real\RealPlayer\rpchromebrowserrecordhelper.dll MD5=1F1B0276FFB14D6014F4CFFCC6EE6F31 SIZE=8704
%PROGRAMFILES%\Google\Update\GoogleUpdate.exe [Google Inc.] [Google Update] MD5=626A24ED1228580B9518C01930936DF9 SIZE=133104
%PROGRAMFILES%\Google\Update\1.2.141.5\goopdate.dll [Google Inc.] [Google Update] MD5=925FFE16F584A4ABBFBE6FB235AF7115 SIZE=655344
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\PhoneBrowser.dll [Nokia] [Phone Browser] MD5=346C2EC7B039D4E495F1975F41169FB6 SIZE=614400
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\NGSCM.DLL [Nokia] [Next Gen Suite Common Modules] MD5=EEDB1FB050C3CA0BA6F36849ADF25989 SIZE=925696
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_fre.nlr [Nokia] [Nokia Phone Browser] MD5=66118D2F1CF08CF6D809AF03850504D6 SIZE=30208
%PROGRAMFILES%\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr [Nokia] [Nokia Phone Browser] MD5=5058D323DDABFAD0D8D8BC2CAEF73070 SIZE=573440
%SYSDIR%\igfxpph.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=965496277F4924700B09F4E6FC338C4F SIZE=204800
%SYSDIR%\hccutils.DLL [Intel Corporation] [Intel(R) Common User Interface] MD5=03F2078A0AF7E12FD294D36541A57ECA SIZE=106496
%SYSDIR%\igfxrFRA.lrc [Intel Corporation] [Intel(R) Common User Interface] MD5=F2F38394CAAD3E3B8C7BCB69BDFBBF3C SIZE=184320
%SYSDIR%\igfxress.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=402BACB8A880357E4258BBEAF3D530B0 SIZE=3293184
%SYSDIR%\igfxsrvc.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=65C4ECDA9F77735B26D3459DF535DB81 SIZE=48640
%PROGRAMFILES%\WinRAR\rarext.dll MD5=8A22F6B4976053924FE93DEA8218D68A SIZE=128512
%PROGRAMFILES%\UltraISO\isoshell.dll [EZB Systems, Inc.] [ISOShell] MD5=9C9E7DD001B69E4E4A70F8DADF454867 SIZE=53248
%PROGRAMFILES%\Avira\Avira Premium Security Suite\shlext.dll [Avira GmbH] [AntiVir Workstation] MD5=09B3D3F6AD9744417574676E5A2836EE SIZE=65793
%PROGRAMFILES%\Avira\Avira Premium Security Suite\cclib.dll [Avira GmbH] [AntiVir Workstation] MD5=C27FD26297D360251B6B4D6782330E98 SIZE=160001
%PROGRAMFILES%\avira\avira premium security suite\ccgen.dll [Avira GmbH] [AntiVir Workstation] MD5=5CD498A699CB4F62E7CB9D6DDE596AEB SIZE=270593
%PROGRAMFILES%\avira\avira premium security suite\ccgenrc.dll [Avira GmbH] [AntiVir Workstation] MD5=58DA316F458B8A17A3C7216E1794956E SIZE=17665
%PROGRAMFILES%\avira\avira premium security suite\ccguard.dll [Avira GmbH] [AntiVir Workstation] MD5=2CB68354DCFFB53151A8152EAECE3612 SIZE=213249
%PROGRAMFILES%\avira\avira premium security suite\ccgrdrc.dll [Avira GmbH] [AntiVir Workstation] MD5=B8357197B0D864D67D9FD9C5043E3456 SIZE=20225
%PROGRAMFILES%\avira\avira premium security suite\avipc.dll [Avira GmbH] [AntiVir Workstation] MD5=922EE25E719104E6D0E166451118E9F4 SIZE=73985
%PROGRAMFILES%\avira\avira premium security suite\ccupdate.dll [Avira GmbH] [AntiVir Workstation] MD5=5364855ACDCCCFC8B64DE64946657FB0 SIZE=110849
%PROGRAMFILES%\avira\avira premium security suite\ccupdrc.dll [Avira GmbH] [AntiVir Workstation] MD5=AF87BFE66DF01B07FB4F4FC4B3AD3129 SIZE=12545
%PROGRAMFILES%\avira\avira premium security suite\cclic.dll [Avira GmbH] [AntiVir Workstation] MD5=97108140E1D381108C3216BC15E739E1 SIZE=53505
%PROGRAMFILES%\avira\avira premium security suite\cclicrc.dll [Avira GmbH] [AntiVir Workstation] MD5=208A14217848520CB3DFFB5AD9DAB82E SIZE=5889
%PROGRAMFILES%\avira\avira premium security suite\ccmsg.dll [Avira GmbH] [AntiVir Workstation] MD5=2DC1EC49D108D3CDA9F94BF256E42B90 SIZE=155905
%PROGRAMFILES%\avira\avira premium security suite\ccfwgnt.dll [Avira GmbH] [AntiVir Workstation] MD5=B1BB3515858F7372BB7F96CB741FB2C2 SIZE=295169
%PROGRAMFILES%\avira\avira premium security suite\ccfwitf.dll [Avira GmbH] [AntiVir Workstation] MD5=8E20D4982B941208E9E99E7C73C5F53D SIZE=246017
%PROGRAMFILES%\avira\avira premium security suite\ccfwrc.dll [Avira GmbH] [AntiVir Workstation] MD5=28F2A31D30AA18875A149E4139CF8560 SIZE=78081
%USERPROFILE%\Local\Google\Update\1.2.141.5\goopdate.dll [Google Inc.] [Google Update] MD5=925FFE16F584A4ABBFBE6FB235AF7115 SIZE=655344
%PROGRAMFILES%\Avira\Avira Premium Security Suite\avfwsvc.exe [Avira GmbH] [AntiVir Workstation] MD5=45467F91F961670660DAED69A4E5A788 SIZE=344321
%PROGRAMFILES%\Avira\Avira Premium Security Suite\fwrc.dll [Avira GmbH] [AntiVir Workstation] MD5=7FB8C3A0CFE2D913996FC9693A0E281B SIZE=6913
%PROGRAMFILES%\Avira\Avira Premium Security Suite\avguard.exe [Avira GmbH] [AntiVir Workstation] MD5=335A142923FE7F97E8C8388ACD067568 SIZE=151297
%PROGRAMFILES%\Avira\Avira Premium Security Suite\guardmsg.dll [Avira GmbH] [AntiVir Workstation] MD5=FD1A14DE29EC44ED90CB2BE560B3707A SIZE=46337
%PROGRAMFILES%\Avira\Avira Premium Security Suite\AVPREF.DLL [Avira GmbH] [AntiVir Workstation] MD5=BF8228DD8B40E0BA612CE75CC3A9818C SIZE=38657
%PROGRAMFILES%\Avira\Avira Premium Security Suite\SMTPLIB.DLL [Avira GmbH] [AntiVir Workstation] MD5=8DC92F512184DBC0A0FA0117BE55BC55 SIZE=28929
%PROGRAMFILES%\Avira\Avira Premium Security Suite\AVGIO.DLL [Avira GmbH] MD5=7769B062FBEB74A07D47509B4140383A SIZE=124161
%PROGRAMFILES%\Avira\Avira Premium Security Suite\aecore.dll [Avira GmbH] [AVCORE] MD5=9C37D8B46003104A42F509E20C95C324 SIZE=176500
%PROGRAMFILES%\Avira\Avira Premium Security Suite\aevdf.dll [Avira GmbH] [AVVDF] MD5=C26A9C0F152055EE99C2F6F39EA77397 SIZE=106868
%PROGRAMFILES%\Avira\Avira Premium Security Suite\aescript.dll [Avira GmbH] [AVSCRIPT] MD5=D8E9602ABD9C7EE01A8544451DC14229 SIZE=385403
%PROGRAMFILES%\Avira\Avira Premium Security Suite\aescn.dll [Avira GmbH] [AVSCN] MD5=E4BC8117AF35A30C371C12B9722E369F SIZE=127348
%PROGRAMFILES%\Avira\Avira Premium Security Suite\aerdl.dll [Avira GmbH] [AVRDL] MD5=58FCE2FF4B120079A780EEE973F7B28F SIZE=438645
%PROGRAMFILES%\Avira\Avira Premium Security Suite\aepack.dll [Avira GmbH] [AVPACK] MD5=47C1F57B2C238FD23427CDCCD59AED9F SIZE=397685
%PROGRAMFILES%\Avira\Avira Premium Security Suite\unacev2.dll [ACE Compression Software] [UNACE - freeware ACE extraction component] MD5=F9622B84D0050D590CE71FD882A130EE SIZE=77312
%PROGRAMFILES%\Avira\Avira Premium Security Suite\aeoffice.dll [Avira GmbH] [AVOFFICE] MD5=5198EB9AD176D0A47C9B95192AF081AC SIZE=196987
%PROGRAMFILES%\Avira\Avira Premium Security Suite\aeheur.dll [Avira GmbH] [AVHEUR] MD5=3FB3BD6E4EF9560AB7B719C9DF1D6012 SIZE=1737080
%PROGRAMFILES%\Avira\Avira Premium Security Suite\aehelp.dll [Avira GmbH] [AVHELP] MD5=266C8EEA724AE6512C5D45615AA492D1 SIZE=119158
%PROGRAMFILES%\Avira\Avira Premium Security Suite\aegen.dll [Avira GmbH] [AVGEN] MD5=7F8E3B810C93E7CC5E4B48DEF51F0C01 SIZE=348532
%PROGRAMFILES%\Avira\Avira Premium Security Suite\aeemu.dll [Avira GmbH] [AVEMU] MD5=27E0E37042832350B6078043456E5EF7 SIZE=393588
%PROGRAMFILES%\Avira\Avira Premium Security Suite\aebb.dll [Avira GmbH] [AVBB] MD5=0C82754D7FF191E55525F7D2679657BA SIZE=53618
%PROGRAMFILES%\Avira\Avira Premium Security Suite\avesvc.exe [Avira GmbH] [AntiVir Workstation] MD5=AC8094334A76C749FF6FE23CD6FA7AB5 SIZE=41217
%PROGRAMFILES%\Avira\Avira Premium Security Suite\avesvc.dll [Avira GmbH] [AntiVir Workstation] MD5=5D4554333CA4D35FFCBABBD72093911B SIZE=78081
%PROGRAMFILES%\Avira\Avira Premium Security Suite\avesvcr.dll [Avira GmbH] [AntiVir Workstation] MD5=40B3B3CD8F85AD77C530DD3F5419A149 SIZE=8961
%PROGRAMFILES%\Avira\Avira Premium Security Suite\webcat.dll [Avira GmbH] [AntiVir Workstation] MD5=E829035483E48DFFD9B5A942C47F187F SIZE=110849
%PROGRAMFILES%\Windows Live\Family Safety\fsssvc.exe [Microsoft Corporation] [Family Safety Service] MD5=9B1622EBEB31B3411B13382FFCB8737D SIZE=533360
%PROGRAMFILES%\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [Microsoft Corp.] [Microsoft Search Enhancement Pack] MD5=D358E077A0A05D9B12DA22D137EE8464 SIZE=226656
%PROGRAMFILES%\Avira\Avira Premium Security Suite\avmailc.exe [Avira GmbH] [AntiVir Workstation] MD5=6AFBDD97B2E3410470021F7B0ECEA8C3 SIZE=164097
%PROGRAMFILES%\Avira\Avira Premium Security Suite\avmailcr.dll [Avira GmbH] [AntiVir Workstation] MD5=043CD9EED4F92F083CD5C878FF63ECD3 SIZE=69889
%PROGRAMFILES%\Avira\Avira Premium Security Suite\mgrs.dll [Avira GmbH] [AntiVir Workstation] MD5=CB9BB93C4443665D357A9E6A05C49BE7 SIZE=258305
%PROGRAMFILES%\Avira\Avira Premium Security Suite\avwebgrd.exe [Avira GmbH] [AntiVir Workstation] MD5=D618C5917F2CB7FD6CB458684DBF415D SIZE=258305
%PROGRAMFILES%\Avira\Avira Premium Security Suite\msgclient.dll [Avira GmbH] [AntiVir Workstation] MD5=DC281CD8320B114161151611A3C2F56B SIZE=13569
%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=3978704576A121A9204F8CC49A301A9B SIZE=896512
%SYSDIR%\igfxsrvc.exe [Intel Corporation] [Intel(R) Common User Interface] MD5=734006A2DB2404138F2C1A2CB86D32EF SIZE=256536
%SYSDIR%\igfxdev.dll [Intel Corporation] [Intel(R) Common User Interface] MD5=6B01DAD4CB6B2BB507A268DD0DFEF04F SIZE=204800
%WINDIR%\BackUp\explorer.exe
%PROGRAMFILES%\Google\Google Toolbar\GoogleToolbar.dll MD5=F416EEF2AB7971B5C7E26B076D45FB48 SIZE=255600
%SYSDIR%\inetcomm.dll [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=D9D2BD831C93EAA7CE7BEC712ED2081E SIZE=738304
%WINDIR%\MSAgent\agentpsh.dll [Microsoft Corporation] [Microsoft Agent Property Sheet Handler] MD5=F0B6186AEB591642784D6FFDC2D625BC SIZE=30720
%SYSDIR%\zipfldr.dll [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=F41857E440A9DF3FD5A543C8B2A53048 SIZE=342016
%PROGRAMFILES%\Windows Photo Gallery\PhotoViewer.dll [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=2AAD5D8541ABFD8EC8877773291250AC SIZE=2314240
%PROGRAMFILES%\Windows Media Player\wmpband.dll [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=E7369CA015162EF4F9E207897EF7DED8 SIZE=99328
%SYSDIR%\emdmgmt.dll [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=70B1A86DF0C8EAD17D2BC332EDAE2C7C SIZE=565248
%SYSDIR%\RUNDLL32.EXE [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=4B555106290BD117334E9A08761C035A SIZE=44544
%SYSDIR%\audiodev.dll [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=67C30FAFA58BD7E02A9DA8BE28512934 SIZE=244224
%PROGRAMFILES%\Windows Photo Gallery\PhotoAcq.dll [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=B5D79B4F81DAA75BBB3DD9F481ADF41B SIZE=1030144
%COMMONFILES%\microsoft shared\ink\TipBand.dll [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=A8F2BB769FA35F9C2867746B671EB662 SIZE=114688
%PROGRAMFILES%\Windows Sidebar\sbdrop.dll [Microsoft Corporation] [Système d'exploitation Microsoft® Windows®] MD5=A74701976D6D75099B9FCA993685C452 SIZE=66048
%PROGRAMFILES%\Real\RealPlayer\rpshell.dll [RealNetworks, Inc.] [RealPlayer] MD5=E56ADA1922D173913EF98470FC4788DF SIZE=63016
%PROGRAMFILES%\Windows Live\Mail\mailcomm.dll [Microsoft Corporation] [Windows Live Mail] MD5=59A5278FE5651900DBD5762E604E7545 SIZE=791392
%PROGRAMFILES%\Windows Live\Photo Gallery\WLXPhotoAcquireWizard.exe [Microsoft Corporation] [Windows Live® Photo Gallery] MD5=3B52BE4CAC867A0A7E402AB00712D2D0 SIZE=231304
%PROGRAMFILES%\Windows Live\Photo Gallery\PhotoViewerShim.dll [Microsoft Corporation] [Windows Live® Photo Gallery] MD5=38E8F4ADC13A4634E6EB73AA384B793A SIZE=43912
%PROGRAMFILES%\WINDOWS LIVE\PHOTO GALLERY\WLXPHOTOGALLERY.EXE [Microsoft Corporation] [Galerie de photos Windows Live®] MD5=3828EF719165933C7D090B871A7522BC SIZE=139144
%SYSDIR%\svchost.exe -k netsvcs
%SYSDIR%\svchost.exe -k LocalSystemNetworkRestricted
%SYSDIR%\svchost.exe -k LocalServiceNetworkRestricted
%SYSDIR%\DRIVERS\avfwim.sys [Avira GmbH] [AntiVir Workstation] MD5=D0402E3A487CEDC06967F17514804AAC SIZE=71464
%SYSDIR%\DRIVERS\avfwot.sys [Avira GmbH] [Firewall TDI filter] MD5=E18FF3B73BD5531EFC71A2F5C9E10EC5 SIZE=71592
%PROGRAMFILES%\Avira\Avira Premium Security Suite\avgio.sys [Avira GmbH] [AntiVir] MD5=53D688E5F619EDD01232B649A0C06008 SIZE=11840
%PROGRAMFILES%\Avira\Avira Premium Security Suite\avgntflt.sys [Avira GmbH] [AntiVir Workstation] MD5=509BB9F79F7986CB0D4D7A7BEF35C6D5 SIZE=52032
%SYSDIR%\svchost.exe -k LocalServiceNoNetwork
%SYSDIR%\DRIVERS\bowser.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=74B442B2BE1260B7588C136177CEAC66 SIZE=69632
%SYSDIR%\svchost.exe -k bthsvcs
%SYSDIR%\svchost.exe -k NetworkService
%SYSDIR%\svchost.exe -k DcomLaunch
%SYSDIR%\Drivers\dfsc.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=9E635AE5E8AD93E2B5989E2E23679F97 SIZE=75264
%SYSDIR%\svchost.exe -k LocalService
%SYSDIR%\DRIVERS\flpydisk.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=85B7CF99D532820495D68D747FDA9EBD SIZE=20480
%SYSDIR%\svchost.exe -k GPSvcGroup
%SYSDIR%\drivers\RTKVHDA.sys [Realtek Semiconductor Corp.] [Realtek(r) High Definition Audio Function Driver] MD5=C3C499A704A2D7958D9D7E5A9DB60CE4 SIZE=2158432
%SYSDIR%\DRIVERS\msiscsi.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=F247EEC28317F6C739C16DE420097301 SIZE=181304
%PROGRAMFILES%\UltraISO\drivers\ISODrive.sys [EZB Systems, Inc.] [ISODrive] MD5=B72E05939B5B956713076E0F1C0B9243 SIZE=68096
%SYSDIR%\DRIVERS\mrxsmb10.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=0A986B34F1678A2697574D7B1664E2DD SIZE=212480
%SYSDIR%\DRIVERS\mssmbios.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=E384487CB84BE41D09711C30CA79646C SIZE=31288
%SYSDIR%\DRIVERS\nvlddmkm.sys [NVIDIA Corporation] [NVIDIA Compatible Windows 2000 Miniport Driver, Version 96.86] MD5=CFDDEDC1151839DD71F78472645214A5 SIZE=4422560
%SYSDIR%\svchost.exe -k NetworkServiceNetworkRestricted
%SYSDIR%\drivers\rdpencdd.sys [Microsoft Corporation] [Microsoft® Windows® Operating System] MD5=9D91FE5286F748862ECFFA05F8A0710C SIZE=6144
%SYSDIR%\svchost.exe -k rpcss
%SYSDIR%\DRIVERS\SkyNET.SYS [B2C2, Inc.] [B2C2 Broadband Receiver PCI Adapter] MD5=476BEFAE8C7C1BB9648954060B1EEC1F SIZE=349184
%SYSDIR%\DRIVERS\snpstd3.sys [Sonix Co. Ltd.] [USB PC Camera] MD5=11BB0E11D42CC3A43D741D9B30839BE1 SIZE=10252544
%SYSDIR%\svchost.exe -k imgsvc
%SYSDIR%\SearchIndexer.exe \Embedding
%SYSDIR%\DRIVERS\yk60x86.sys [Marvell] [Marvell Yukon Ethernet Controller.] MD5=04E268ADFC81964C49DC0C082D520F7E SIZE=298496
%SYSDIR%\mscoree.dll [Microsoft Corporation] [Microsoft® .NET Framework] MD5=C99248B969A799B771F484CD68BCB96E SIZE=282112
%PROGRAMFILES%\Windows Live\Messenger\msgrapp.14.0.8064.0206.dll [Microsoft Corporation] [Windows Live Messenger Protocol Handler Module] MD5=4BE65CE9440542F617CDA4ECF8867FBF SIZE=62304

End of Report

merci, re

voila le premier rapport mais j'ai pas encore effectué la deuxième démarche par mésure de précaution :


-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft® Windows Vista™ Édition Intégrale ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Pentium(R) 4 CPU 3.06GHz )
BIOS : Award Modular BIOS v6.00PG
USER : soldatsam ( Administrator )
BOOT : Normal boot
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:74 Go (Free:37 Go)
D:\ (Local Disk) - NTFS - Total:49 Go (Free:28 Go)
E:\ (Local Disk) - NTFS - Total:49 Go (Free:21 Go)
F:\ (Local Disk) - NTFS - Total:49 Go (Free:10 Go)
G:\ (CD or DVD)
H:\ (CD or DVD)
K:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( dim. 05/03/2009|14:02 )

[ UAC => 1 ]

-----------\\ Recherche de Fichiers / Dossiers ...

C:\PROGRA~2\MICROS~1\Windows\STARTM~1\Programs\Barre d'outils Crawler
C:\Program Files\Crawler
C:\Program Files\Crawler\Download
C:\Program Files\Crawler\Toolbar
C:\Program Files\Crawler\Toolbar\adrkeys.dat
C:\Program Files\Crawler\Toolbar\Cache
C:\Program Files\Crawler\Toolbar\COMMON_FF.dat
C:\Program Files\Crawler\Toolbar\confirm.dat
C:\Program Files\Crawler\Toolbar\ctbcomm.dll
C:\Program Files\Crawler\Toolbar\ctbr.dll
C:\Program Files\Crawler\Toolbar\CTConf.dat
C:\Program Files\Crawler\Toolbar\CTipsDef.dll
C:\Program Files\Crawler\Toolbar\CToolbar.exe
C:\Program Files\Crawler\Toolbar\CUpdate.exe
C:\Program Files\Crawler\Toolbar\firefox
C:\Program Files\Crawler\Toolbar\Languages
C:\Program Files\Crawler\Toolbar\lookfor.dat
C:\Program Files\Crawler\Toolbar\majorse.dat
C:\Program Files\Crawler\Toolbar\rootmenu.dat
C:\Program Files\Crawler\Toolbar\services.dat
C:\Program Files\Crawler\Toolbar\STWSGLanguageAct
C:\Program Files\Crawler\Toolbar\stwsg_ff.dat
C:\Program Files\Crawler\Toolbar\TBR5LanguageAct
C:\Program Files\Crawler\Toolbar\Update
C:\Program Files\Crawler\Toolbar\WebSecurityGuard.dll
C:\Program Files\Crawler\Toolbar\WSGData
C:\Program Files\Crawler\Toolbar\Cache\COMMON
C:\Program Files\Crawler\Toolbar\Cache\STWSG
C:\Program Files\Crawler\Toolbar\Cache\COMMON\CLEANUP_BMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\CLEANUP_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\CLEANUP_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\DIRLIST_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\DIRLIST_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\ECARDS_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\ECARDS_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\EMAIL_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\GAMES_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\GAMES_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\SHOP_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\SPELL_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\TRAVEL_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\WAYBACK_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\WP_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\COMMON\YP_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\STWSG\STBUTTON_BMP.dat
C:\Program Files\Crawler\Toolbar\Cache\STWSG\STBUTTON_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\STWSG\STBUTTON_MENU.dat
C:\Program Files\Crawler\Toolbar\Cache\STWSG\WSGBUTTON_BMP.dat
C:\Program Files\Crawler\Toolbar\Cache\STWSG\WSGBUTTON_CHBMP.dat
C:\Program Files\Crawler\Toolbar\Cache\STWSG\WSGBUTTON_MENU.dat
C:\Program Files\Crawler\Toolbar\firefox\chrome
C:\Program Files\Crawler\Toolbar\firefox\chrome.manifest
C:\Program Files\Crawler\Toolbar\firefox\components
C:\Program Files\Crawler\Toolbar\firefox\install.ini
C:\Program Files\Crawler\Toolbar\firefox\install.rdf
C:\Program Files\Crawler\Toolbar\firefox\stwsg_ff.ini
C:\Program Files\Crawler\Toolbar\firefox\chrome\common.jar
C:\Program Files\Crawler\Toolbar\firefox\chrome\stwsg.jar
C:\Program Files\Crawler\Toolbar\firefox\components\xcomm.dll
C:\Program Files\Crawler\Toolbar\firefox\components\xplugin.xpt
C:\Program Files\Crawler\Toolbar\firefox\components\xshared.dll
C:\Program Files\Crawler\Toolbar\firefox\components\xshared.xpt
C:\Program Files\Crawler\Toolbar\firefox\components\xsupport.dll
C:\Program Files\Crawler\Toolbar\firefox\components\xsupport.xpt
C:\Program Files\Crawler\Toolbar\firefox\components\xwsg.dll
C:\Program Files\Crawler\Toolbar\Languages\STWSG_CS.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_DE.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_EN.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_ES.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_FF.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_FR.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_IT.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_NL.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_PT-BR.cab
C:\Program Files\Crawler\Toolbar\Languages\STWSG_PT.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_CS.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_DE.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_EN.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_ES.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_FR.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_IT.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_NL.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_PL.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_PT-BR.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_PT.cab
C:\Program Files\Crawler\Toolbar\Languages\TBR5_RU.cab
C:\Program Files\Crawler\Toolbar\STWSGLanguageAct\info.ini
C:\Program Files\Crawler\Toolbar\STWSGLanguageAct\language.ini
C:\Program Files\Crawler\Toolbar\TBR5LanguageAct\info.ini
C:\Program Files\Crawler\Toolbar\TBR5LanguageAct\language.ini
C:\Program Files\Crawler\Toolbar\Update\domains.cab
C:\Program Files\Crawler\Toolbar\Update\Languages
C:\Program Files\Crawler\Toolbar\Update\STWSGLanguageAct
C:\Program Files\Crawler\Toolbar\Update\Languages\STWSG_CS.cab
C:\Program Files\Crawler\Toolbar\Update\Languages\STWSG_DE.cab
C:\Program Files\Crawler\Toolbar\Update\Languages\STWSG_EN.cab
C:\Program Files\Crawler\Toolbar\Update\Languages\STWSG_ES.cab
C:\Program Files\Crawler\Toolbar\Update\Languages\STWSG_FF.cab
C:\Program Files\Crawler\Toolbar\Update\Languages\STWSG_FR.cab
C:\Program Files\Crawler\Toolbar\Update\Languages\STWSG_IT.cab
C:\Program Files\Crawler\Toolbar\Update\Languages\STWSG_NL.cab
C:\Program Files\Crawler\Toolbar\Update\Languages\STWSG_PT-BR.cab
C:\Program Files\Crawler\Toolbar\Update\Languages\STWSG_PT.cab
C:\Program Files\Crawler\Toolbar\Update\STWSGLanguageAct\info.ini
C:\Program Files\Crawler\Toolbar\Update\STWSGLanguageAct\language.ini
C:\Program Files\Crawler\Toolbar\WSGData\domains
C:\Program Files\Crawler\Toolbar\WSGData\g_S-1-5-21-3821968366-1441177850-2377879520-1000.dat
C:\Program Files\Crawler\Toolbar\WSGData\p_S-1-5-21-3821968366-1441177850-2377879520-1000.dat
C:\Program Files\Crawler\Toolbar\WSGData\ud_S-1-5-21-3821968366-1441177850-2377879520-1000.dat
C:\Program Files\Crawler\Toolbar\WSGData\wfilter.dat
C:\Program Files\Crawler\Toolbar\WSGData\w_S-1-5-21-3821968366-1441177850-2377879520-1000.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_000.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_000_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_001.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_001_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_002.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_002_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_003.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_003_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_004.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_004_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_005.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_005_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_006.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_006_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_007.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_007_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_008.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_008_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_009.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_009_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_010.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_010_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_011.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_011_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_012.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_012_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_013.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_013_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_014.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_014_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_015.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_015_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_016.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_016_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_017.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_017_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_018.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_018_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_019.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_019_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_020.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_020_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_021.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_021_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_022.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_022_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_023.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_023_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_024.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_024_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_025.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_025_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_026.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_026_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_027.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_027_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_028.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_028_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_029.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_029_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_030.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_030_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_031.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_031_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_032.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\domains_032_diff.dat
C:\Program Files\Crawler\Toolbar\WSGData\domains\index.dat
C:\Program Files\Mozilla Firefox\searchplugins\crawlersrch.xml

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.google.fr/?gws_rd=ssl"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
"Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\Windows\\System32\\blank.htm"


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\SOLDAT~1\Favorites\Version traduite de la page http--www.ddlsite.com-faces-4.0-for-law-enforcement-crack-serial-keygen-rapidshare-download.html.url


[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - dim. 05/03/2009|13:57 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - dim. 05/03/2009|14:03 - Option : [1]

-----------\\ Fin du rapport a 14:03:28,99

je peux la désinstaller sans exécuter la 2iem partie??? ou bien faut absolument ke j'exécute la 2iem partie???
car la dernière fois ke j'ai supprimé les fichiers avec hijakthis mon ordi ne se connecte pas auomatiquement et mets bcp plus de temps à démarer qu'avant sans compter l'affichage d'une page grise avant l'affichage du bureau.

merci pour tes reponses chemay je sais ke j'abuse trop mais je veux bien que mon ordi reprends sa forme, je compte sur toi. merci davance. j'attends tes instructions géni.... a toi

oui je l'ai le CD.

j'ai peure de supprimer kelke chose avec cette toolbar s&d et si je fais une restauration a partir du cd windows je père le crak et mon vista deviens non original.

le problème du trojan semble etre réglé mais reste le démarage de vista qui deviens trop lent lors du chargement du bureau et parfois chui obligé de le rebouter 3 fois pour qu'il démare. ça crain

ah aussi je peux désinstaller la toolbar de spyware terminator si elle n'est pas utile biensur....a toi

lol, c'est vrai ta raison mais pour son démarage ça c'est nouveau je t'assure avant c'été bcp plus rapide au lancement spécialement et puis la ça ram et ça bug au démarage, et pour le crak j'ai peur de le perdre si j'tilise le cd windows pour une quelconque opération (restauration, sfcscanow ou autre ché pas)...bon chemay je vais désinstaller la toolbar crawler manuelemnt et faire ts que tu me dis de fair après le yeux fermé lol :-).. e di moi es je risque de perdre mon activation de vista (le crak) si j'utilise le cd de windows ke j'ai??.. a toi.... Over

mais non je me suis mal exprimer ptetre, je parlé pas de l'effet de la toolbar s&d sur mon vista mais plutot l'utilisation de mon cd windows vista après ça... est que l'utilisation de mon cd windows vista (celui que tu ma demandé) va annulé mon activation ou mon crack.

ok, j'ai désinstallé la toolbar... a toi

lol, merci bcp chemay

mais dis moi y a pas une astuce pour que mon vista ne bug pas au démarage???.

okey, entouka je te remercie infiniment tu ma bcp aidé je me suis débarassé du trojan (et de la toolbar crawler ke tu n'aimes pas il me semble lol) moi j'ai cru qu'elle été utile.

thanx. ;-)

ok je me souviendrai de ça, plus de toolbar sur mon navigateur apart celle de google ;-)

merci l'ami.

mrd hahahaha, oui c'est en pas du tt mon style les sites de cul et encore moin de cherché kes qui se trouve derier une pub :-), mais j'en ferai attention qnd meme...

aye la j'ai un nouveau blem je te jure, je crois ke des parametre par defaut de mon vista ont repri control de ma machine, genre un message d'avertissementdemandant ton autorisation a chaque fois ke j'essaaye de faire kelke chose, c'est trop bad ça d'ou ça sort encore... :-(

voici les deux rapport respectif log et info :

Logfile of random's system information tool 1.06 (written by random/random)
Run by soldatsam at 2009-05-03 21:03:59
Microsoft® Windows Vista™ Édition Intégrale Service Pack 1
System drive C: has 40 GB (52%) free of 76 GB
Total RAM: 2039 MB (57% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:05:27, on 5/3/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\ehome\ehtray.exe
C:\Users\soldatsam\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Program Files\Spyware Terminator\SpyWareTerminator.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Download Manager\IDMan.exe
C:\Program Files\Internet Download Manager\IEMonitor.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\soldatsam\Documents\Downloads\Programs\RSIT.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\trend micro\soldatsam.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_9993303B90FE6C1D.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\Avira Premium Security Suite\avgnt.exe" /min
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\soldatsam\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\ASUS\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Télécharger avec IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O8 - Extra context menu item: Télécharger le contenu de video FLV avec IDM - C:\Program Files\Internet Download Manager\IEGetVL.htm
O8 - Extra context menu item: Télécharger tous les liens avec IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O9 - Extra button: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Grab and Drag - {000002a3-84fe-43f1-b958-f2c3ca804f1a} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{FFBF1AB7-7ACF-4B82-8DF5-06A3309B3FF7}: NameServer = 208.67.222.222 193.55.10.102
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_9993303B90FE6C1D.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Avira Premium Security Suite Firewall (AntiVirFirewallService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avfwsvc.exe
O23 - Service: Avira Premium Security Suite MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avmailc.exe
O23 - Service: Avira Premium Security Suite Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\sched.exe
O23 - Service: Avira Premium Security Suite Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avguard.exe
O23 - Service: Avira Premium Security Suite WebGuard (antivirwebservice) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE
O23 - Service: Avira Premium Security Suite MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\Avira\Avira Premium Security Suite\avesvc.exe
O23 - Service: Service Google Update (gupdate1c9ae44e5bb6996) (gupdate1c9ae44e5bb6996) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe

ok, voila le rapport :
ComboFix 09-05-03.1 - soldatsam 05/03/2009 22:14.2 - NTFSx86
Microsoft® Windows Vista™ Édition Intégrale 6.0.6001.1.1252.33.1033.18.2039.1174 [GMT 2:00]
Lancé depuis: c:\users\soldatsam\Documents\Downloads\Programs\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\windows\system32\x64

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-04-03 au 2009-05-03 ))))))))))))))))))))))))))))))))))))
.

2009-05-03 19:06 . 2009-05-03 20:00 -------- d-----w c:\program files\Crawler
2009-05-03 19:03 . 2009-05-03 19:05 -------- d-----w c:\program files\trend micro
2009-05-03 19:03 . 2009-05-03 19:05 -------- d-----w C:\rsit
2009-05-03 11:54 . 2009-05-03 12:03 -------- d-----w C:\ToolBar SD
2009-05-01 20:42 . 2007-06-14 02:27 7006432 ----a-w c:\windows\system32\US Army.scr
2009-05-01 18:19 . 2009-05-01 18:19 142592 ----a-w c:\windows\system32\drivers\sp_rsdrv2.sys
2009-05-01 18:19 . 2009-05-03 18:55 -------- d-----w c:\users\soldatsam\AppData\Roaming\Spyware Terminator
2009-05-01 18:19 . 2009-05-02 20:05 -------- d-----w c:\programdata\Spyware Terminator
2009-05-01 18:19 . 2009-05-02 20:05 -------- d-----w c:\users\All Users\Spyware Terminator
2009-05-01 18:19 . 2009-05-03 18:55 -------- d-----w c:\program files\Spyware Terminator
2009-05-01 17:04 . 2009-05-01 17:04 -------- d-----w c:\programdata\SUPERAntiSpyware.com
2009-05-01 17:04 . 2009-05-01 17:04 -------- d-----w c:\users\All Users\SUPERAntiSpyware.com
2009-05-01 16:49 . 2009-05-01 16:49 -------- d-----w c:\program files\SUPERAntiSpyware
2009-05-01 16:49 . 2009-05-01 16:49 -------- d-----w c:\users\soldatsam\AppData\Roaming\SUPERAntiSpyware.com
2009-05-01 16:39 . 2009-05-01 16:39 -------- d-----w c:\program files\Common Files\Wise Installation Wizard
2009-05-01 15:22 . 2009-05-01 15:22 -------- d-----w c:\users\soldatsam\AppData\Roaming\Malwarebytes
2009-05-01 15:22 . 2009-04-06 13:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-05-01 15:22 . 2009-04-06 13:32 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-05-01 15:22 . 2009-05-01 15:22 -------- d-----w c:\programdata\Malwarebytes
2009-05-01 15:22 . 2009-05-01 15:22 -------- d-----w c:\users\All Users\Malwarebytes
2009-05-01 15:22 . 2009-05-01 15:22 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-05-01 11:21 . 2009-05-01 20:42 18432 ----a-w c:\windows\ss3unstl.exe
2009-05-01 11:21 . 2007-06-14 02:28 4712624 ----a-w c:\windows\system32\US Marine Corps.scr
2009-04-30 18:44 . 2009-04-30 18:44 -------- d-sh--w c:\windows\system32\%APPDATA%
2009-04-29 23:10 . 2009-04-29 23:10 -------- d-----w c:\program files\Alfa Autorun Killer 2
2009-04-29 21:09 . 2009-05-02 09:14 -------- d-sh--w c:\windows\BackUp
2009-04-29 12:00 . 2009-04-29 12:00 680 ----a-w c:\users\soldatsam\AppData\Local\d3d9caps.dat
2009-04-27 19:55 . 1999-08-18 08:54 180224 ----a-w c:\windows\system32\ijl11.dll
2009-04-27 19:55 . 2003-06-18 16:31 16384 ----a-w c:\windows\system32\MSPGIMME.DLL
2009-04-27 19:55 . 2004-12-23 16:46 882688 ----a-w c:\windows\system32\GDIPLUS.DLL
2009-04-27 19:55 . 2003-06-18 16:31 443904 ----a-w c:\windows\system32\MDIVWCTL.DLL
2009-04-27 19:55 . 2003-06-18 16:31 1033216 ----a-w c:\windows\system32\MSPCORE.DLL
2009-04-27 19:55 . 2009-04-27 19:55 -------- d-----w c:\program files\MDIConvertor
2009-04-19 09:11 . 2009-04-19 09:11 -------- d-----w c:\users\soldatsam\AppData\Local\Apps
2009-04-19 09:11 . 2009-04-19 09:12 -------- d-----w c:\users\soldatsam\AppData\Local\Deployment
2009-04-15 23:23 . 2008-12-06 04:42 376832 ----a-w c:\windows\system32\winhttp.dll
2009-04-15 23:23 . 2008-06-06 03:27 562176 ----a-w c:\windows\system32\msdtcprx.dll
2009-04-15 23:23 . 2008-06-06 03:27 38912 ----a-w c:\windows\system32\xolehlp.dll
2009-04-15 21:33 . 2009-04-15 21:33 -------- d-----w c:\program files\Faces
2009-04-15 20:04 . 2009-04-19 09:17 -------- d-----w c:\users\soldatsam\AppData\Roaming\Faces
2009-04-15 11:51 . 2004-05-18 18:16 39936 ----a-w c:\windows\system32\huffyuv.dll
2009-04-15 11:51 . 1997-04-07 17:19 391680 ----a-w c:\windows\system32\I263_32.drv
2009-04-15 11:51 . 2008-07-16 18:51 2041363 ----a-w c:\windows\system32\x264vfw.dll
2009-04-15 11:51 . 2006-04-02 12:47 630784 ----a-w c:\windows\system32\vp7vfw.dll
2009-04-15 11:51 . 2004-12-10 08:03 438272 ----a-w c:\windows\system32\vp6vfw.dll
2009-04-14 22:18 . 2009-04-14 22:59 -------- d-----w c:\programdata\NVIDIA Corporation
2009-04-14 22:18 . 2009-04-14 22:59 -------- d-----w c:\users\All Users\NVIDIA Corporation
2009-04-14 22:17 . 2006-03-29 06:51 60416 ----a-w c:\windows\system32\DSETUP.dll
2009-04-14 22:17 . 2006-03-29 06:50 671744 ----a-w c:\windows\system32\DolbyHph.dll
2009-04-14 22:17 . 2006-03-29 06:49 9856 ----a-w c:\windows\system32\drivers\pfc.sys
2009-04-14 22:17 . 2009-04-14 22:59 -------- d-----w c:\program files\NVIDIA Corporation
2009-04-14 22:10 . 2008-09-16 19:23 168448 ----a-w c:\windows\system32\unrar.dll
2009-04-14 22:10 . 2004-01-25 16:18 217088 ----a-w c:\windows\system32\yv12vfw.dll
2009-04-14 22:10 . 2008-01-10 12:15 755027 ----a-w c:\windows\system32\xvidcore.dll
2009-04-14 22:10 . 2008-01-10 12:16 159839 ----a-w c:\windows\system32\xvidvfw.dll
2009-04-14 22:10 . 2008-07-23 16:50 3596288 ----a-w c:\windows\system32\qt-dx331.dll
2009-04-14 22:10 . 2008-07-25 08:34 81920 ----a-w c:\windows\system32\dpl100.dll
2009-04-14 22:10 . 2008-07-25 08:34 683520 ----a-w c:\windows\system32\divx.dll
2009-04-14 22:10 . 2008-06-12 18:36 7680 ----a-w c:\windows\system32\ff_vfw.dll
2009-04-14 22:10 . 2009-01-07 18:14 60273 ----a-w c:\windows\system32\pthreadGC2.dll
2009-04-14 22:10 . 2009-04-15 11:57 -------- d-----w c:\program files\K-Lite Codec Pack
2009-04-13 13:10 . 1998-07-12 23:00 15872 ----a-w c:\windows\system32\winskfr.dll
2009-04-09 11:11 . 2000-04-16 07:55 102400 ----a-w c:\windows\system32\unzip32.dll
2009-04-09 11:11 . 1998-06-17 22:00 89360 ----a-w c:\windows\system32\VB5DB.DLL
2009-04-09 11:11 . 1998-07-12 23:00 141312 ----a-w c:\windows\system32\MSCMCFR.DLL
2009-04-09 11:11 . 1998-07-12 22:00 15360 ----a-w c:\windows\system32\INETFR.DLL
2009-04-09 11:11 . 1998-07-12 23:00 32768 ----a-w c:\windows\system32\CMDLGFR.DLL
2009-04-09 11:11 . 2003-01-15 12:46 61440 ----a-w c:\windows\system32\SSPng2.dll
2009-04-09 11:11 . 1998-07-12 22:00 23040 ----a-w c:\windows\system32\MSMPIFR.DLL
2009-04-09 11:11 . 1998-07-12 22:00 89600 ----a-w c:\windows\system32\CMCTLFR.DLL
2009-04-09 11:11 . 2000-10-01 22:00 119568 ----a-w c:\windows\system32\VB6FR.DLL
2009-04-09 11:11 . 2000-07-14 22:00 101888 ----a-w c:\windows\system32\VB6STKIT.DLL
2009-04-09 11:11 . 2009-04-09 11:11 -------- d-----w c:\program files\Vsoft
2009-04-04 12:25 . 2009-04-04 12:26 -------- d-----w c:\users\soldatsam\AppData\Roaming\vlc
2009-04-04 12:25 . 2009-04-04 12:25 -------- d-----w c:\program files\VideoLAN

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-03 18:59 . 2009-01-14 18:09 667784 ----a-w c:\windows\system32\perfh00C.dat
2009-05-03 18:59 . 2009-01-14 18:09 123210 ----a-w c:\windows\system32\perfc00C.dat
2009-05-03 18:55 . 2009-01-28 23:18 868 ----a-w c:\windows\Tasks\Google Software Updater.job
2009-05-03 18:52 . 2009-03-26 18:58 888 ----a-w c:\windows\Tasks\GoogleUpdateTaskMachine.job
2009-05-03 18:52 . 2006-11-02 13:00 6 ---ha-w c:\windows\Tasks\SA.DAT
2009-05-03 18:51 . 2009-02-08 11:35 12 ----a-w c:\windows\bthservsdp.dat
2009-05-02 12:33 . 2009-04-19 09:12 872 ----a-w c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3821968366-1441177850-2377879520-1000.job
2009-05-01 21:06 . 2009-01-14 01:32 106520 ----a-w c:\users\soldatsam\AppData\Local\GDIPFONTCACHEV1.DAT
2009-04-30 18:47 . 2009-01-15 08:48 -------- d-----w c:\program files\Microsoft Works
2009-04-30 12:58 . 2006-11-02 10:25 51200 ----a-w c:\windows\inf\infpub.dat
2009-04-30 12:58 . 2006-11-02 10:25 86016 ----a-w c:\windows\inf\infstor.dat
2009-04-30 12:58 . 2006-11-02 10:25 143360 ----a-w c:\windows\inf\infstrng.dat
2009-04-29 22:36 . 2009-04-29 22:36 172 ----a-w C:\curr_ver.tmp
2009-04-16 00:08 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-04-14 22:18 . 2009-01-14 01:37 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-02 16:16 . 2009-04-02 16:16 -------- d-----w c:\program files\Common Files\xing shared
2009-04-02 16:15 . 2009-01-14 11:43 -------- d-----w c:\program files\Common Files\Real
2009-03-30 16:03 . 2009-03-30 16:02 -------- d-----w c:\program files\Easy CD-DA Extractor 12
2009-03-27 11:32 . 2009-03-27 11:29 -------- d-----w c:\program files\Return to Castle Wolfenstein
2009-03-26 18:59 . 2009-01-14 11:52 -------- d-----w c:\program files\Google
2009-03-24 21:41 . 2009-01-30 19:23 -------- d-----w c:\program files\Java
2009-03-19 22:00 . 2009-01-14 19:42 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-03-18 12:14 . 2009-03-18 12:14 -------- d-----w c:\program files\Common Files\GIS
2009-03-18 12:14 . 2009-03-18 12:14 -------- d-----w c:\program files\Common Files\mapserv
2009-03-18 11:49 . 2009-03-18 10:33 -------- d-----w c:\program files\Anuman Interactive
2009-03-17 03:38 . 2009-04-15 23:22 40960 ----a-w c:\windows\AppPatch\apihex86.dll
2009-03-17 03:38 . 2009-04-15 23:22 13824 ----a-w c:\windows\system32\apilogen.dll
2009-03-17 03:38 . 2009-04-15 23:22 24064 ----a-w c:\windows\system32\amxread.dll
2009-03-16 11:14 . 2009-03-16 11:12 -------- d-----w c:\program files\epson
2009-03-13 18:15 . 2009-03-13 18:15 -------- d-----w c:\program files\Jargon Informatique
2009-03-09 04:19 . 2009-01-30 19:24 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-08 11:34 . 2009-03-22 12:40 914944 ----a-w c:\windows\system32\wininet.dll
2009-03-08 11:34 . 2009-03-22 12:40 43008 ----a-w c:\windows\system32\licmgr10.dll
2009-03-08 11:33 . 2009-03-22 12:40 18944 ----a-w c:\windows\system32\corpol.dll
2009-03-08 11:33 . 2009-03-22 12:40 109056 ----a-w c:\windows\system32\iesysprep.dll
2009-03-08 11:33 . 2009-03-22 12:40 109568 ----a-w c:\windows\system32\PDMSetup.exe
2009-03-08 11:33 . 2009-03-22 12:40 132608 ----a-w c:\windows\system32\ieUnatt.exe
2009-03-08 11:33 . 2009-03-22 12:40 107520 ----a-w c:\windows\system32\RegisterIEPKEYs.exe
2009-03-08 11:33 . 2009-03-22 12:40 107008 ----a-w c:\windows\system32\SetIEInstalledDate.exe
2009-03-08 11:33 . 2009-03-22 12:40 103936 ----a-w c:\windows\system32\SetDepNx.exe
2009-03-08 11:33 . 2009-03-22 12:40 420352 ----a-w c:\windows\system32\vbscript.dll
2009-03-08 11:32 . 2009-03-22 12:40 72704 ----a-w c:\windows\system32\admparse.dll
2009-03-08 11:32 . 2009-03-22 12:40 71680 ----a-w c:\windows\system32\iesetup.dll
2009-03-08 11:32 . 2009-03-22 12:40 66560 ----a-w c:\windows\system32\wextract.exe
2009-03-08 11:32 . 2009-03-22 12:40 169472 ----a-w c:\windows\system32\iexpress.exe
2009-03-08 11:31 . 2009-03-22 12:40 34816 ----a-w c:\windows\system32\imgutil.dll
2009-03-08 11:31 . 2009-03-22 12:40 48128 ----a-w c:\windows\system32\mshtmler.dll
2009-03-08 11:31 . 2009-03-22 12:40 45568 ----a-w c:\windows\system32\mshta.exe
2009-03-08 11:22 . 2009-03-22 12:40 156160 ----a-w c:\windows\system32\msls31.dll
2009-03-03 04:46 . 2009-04-15 23:22 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-03-03 04:46 . 2009-04-15 23:22 3547632 ----a-w c:\windows\system32\ntoskrnl.exe
2009-03-03 04:39 . 2009-04-15 23:22 183296 ----a-w c:\windows\system32\sdohlp.dll
2009-03-03 04:39 . 2009-04-15 23:22 551424 ----a-w c:\windows\system32\rpcss.dll
2009-03-03 04:39 . 2009-04-15 23:22 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll
2009-03-03 04:37 . 2009-04-15 23:22 98304 ----a-w c:\windows\system32\iasrecst.dll
2009-03-03 04:37 . 2009-04-15 23:22 54784 ----a-w c:\windows\system32\iasads.dll
2009-03-03 04:37 . 2009-04-15 23:22 44032 ----a-w c:\windows\system32\iasdatastore.dll
2009-03-03 03:04 . 2009-04-15 23:22 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe
2009-03-03 02:38 . 2009-04-15 23:22 17408 ----a-w c:\windows\system32\iashost.exe
2009-02-13 08:49 . 2009-04-15 23:22 72704 ----a-w c:\windows\system32\secur32.dll
2009-02-13 08:49 . 2009-04-15 23:22 1255936 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 03:10 . 2009-03-10 20:25 2033152 ----a-w c:\windows\system32\win32k.sys
2009-02-06 18:39 . 2009-02-06 18:39 308600 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 17:52 . 2009-02-06 17:52 49504 ----a-w c:\windows\system32\sirenacm.dll
2008-01-21 02:41 . 2006-11-02 12:49 174 --sha-w c:\program files\desktop.ini
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Google Update"="c:\users\soldatsam\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-04-19 133104]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avgnt"="c:\program files\Avira\Avira Premium Security Suite\avgnt.exe" [2008-06-12 266497]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-02-11 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-02-11 166424]
"Persistence"="c:\windows\system32\igfxpers.exe" [2008-02-11 133656]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-04-02 198160]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792]
"RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2008-07-24 6265376]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"FilterAdministratorToken"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-12-22 10:05 356352 ----a-w c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Ask Larousse Chambers.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Ask Larousse Chambers.lnk
backup=c:\windows\pss\Ask Larousse Chambers.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^Users^soldatsam^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Outil de notification Live Search.lnk]
path=c:\users\soldatsam\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Outil de notification Live Search.lnk
backup=c:\windows\pss\Outil de notification Live Search.lnk.Startup
backupExtension=.Startup

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-3821968366-1441177850-2377879520-1000]
"EnableNotificationsRef"=dword:00000009

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{7BD4F0D6-B9A1-44F4-B087-ADEB16FA4B33}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{B05077DC-CF25-4827-BFB8-47C3C3EEBFE0}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{503A9B3B-9196-457E-8634-2F6621341778}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{ED767CED-000B-4C8D-916E-300A7BEEF2A5}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{C2ED0DA0-4D5A-4369-B4BA-524D705A9CFD}"= UDP:48113:LocalSubnet:LocalSubnet:maconfig_tcp
"{91D86538-B81E-48A2-876A-CAC1C55AFEB1}"= TCP:48113:LocalSubnet:LocalSubnet:maconfig_udp
"{29E89E6E-9CF6-4278-B1E6-EEDCDEEB3005}"= UDP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"{7FE7869C-147C-4184-BE16-59F70BE78FC0}"= TCP:c:\program files\ma-config.com\maconfservice.exe:maconfservice
"{190BEBF1-9694-4EC3-8AAC-ECF7AC726F64}"= c:\program files\Windows Live\Sync\WindowsLiveSync.exe:Windows Live Sync
"{4E0A2E3C-2F71-4D40-830D-CB9BD4C5A38D}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{D87BBC61-8A4A-479C-8717-359243D1C639}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{D4D90605-4785-4F07-ABB6-147E627E672B}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{56531CEF-DB9B-40C3-960E-F3134E8DF96E}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{2833876E-3B77-40E0-AE87-9B3DBB8AAE31}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{B9E656D4-960E-4B37-B475-A4D38A939661}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{A58C8B04-643E-4D63-BE21-228505EF06B6}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{183F85D5-9F9C-43FA-B003-ED8990D45A6B}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{A7D607FD-97AA-42E3-80B8-49AEAF14E69D}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{44D563CE-3EB0-43E4-A813-5B57214CF8AC}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{50BCCFBC-A3FF-491A-B7A9-FEAA21CD1930}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{70ECDAEF-2AF5-470B-980A-62C673BC4DB1}"= c:\program files\Skype\Phone\Skype.exe:Skype
"{7BFA4AE3-EFF7-4C8A-AAB4-70C1473D8905}"= c:\program files\Skype\Phone\Skype.exe:Skype

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)
"DoNotAllowExceptions"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"c:\\Program Files\\IEPro\\MiniDM.exe"= c:\program files\IEPro\MiniDM.exe:*:Enabled:MiniDM

R0 OemBiosDevice;Royalty OEM Bios Extension;c:\windows\System32\drivers\royal.sys [2009-01-14 240128]
R2 gupdate1c9ae44e5bb6996;Service Google Update (gupdate1c9ae44e5bb6996);c:\program files\Google\Update\GoogleUpdate.exe [2009-03-26 133104]
R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2009-01-24 216232]
S1 avfwot;avfwot;c:\windows\system32\DRIVERS\avfwot.sys [2008-05-07 71592]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2009-04-28 9968]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.sys [2009-04-28 72944]
S2 AntiVirFirewallService;Avira Premium Security Suite Firewall;c:\program files\Avira\Avira Premium Security Suite\avfwsvc.exe [2008-05-16 344321]
S2 AntiVirMailService;Avira Premium Security Suite MailGuard;c:\program files\Avira\Avira Premium Security Suite\avmailc.exe [2009-01-14 164097]
S2 antivirwebservice;Avira Premium Security Suite WebGuard;c:\program files\Avira\Avira Premium Security Suite\AVWEBGRD.EXE [2008-06-12 258305]
S2 AVEService;Avira Premium Security Suite MailGuard helper service;c:\program files\Avira\Avira Premium Security Suite\avesvc.exe [2008-05-09 41217]
S2 fssfltr;fssfltr;c:\windows\system32\DRIVERS\fssfltr.sys [2008-12-08 55264]
S2 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
S3 avfwim;AvFw Packet Filter Miniport;c:\windows\system32\DRIVERS\avfwim.sys [2008-05-07 71464]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2009-04-28 7408]
S3 SKYNET;TechniSat DVB-PC TV Star PCI;c:\windows\system32\DRIVERS\SkyNET.SYS [2006-03-14 349184]


--- Autres Services/Pilotes en mémoire ---

*Deregistered* - FileObjInfo

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}]
%SystemRoot%\system32\soundschemes2.exe /AddRegistration
.
Contenu du dossier 'Tâches planifiées'

2009-05-03 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-01-14 23:18]

2009-05-03 c:\windows\Tasks\GoogleUpdateTaskMachine.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-03-26 18:58]

2009-05-02 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3821968366-1441177850-2377879520-1000.job
- c:\users\soldatsam\AppData\Local\Google\Update\GoogleUpdate.exe [2009-04-19 09:12]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
IE: Crawler Search - tbr:iemenu
IE: E&xporter vers Microsoft Excel - c:\progra~1\MI1933~1\Office12\EXCEL.EXE/3000
IE: Envoyer au périphérique &Bluetooth... - c:\program files\ASUS\Bluetooth Software\btsendto_ie_ctx.htm
IE: Télécharger avec IDM - c:\program files\Internet Download Manager\IEExt.htm
IE: Télécharger le contenu de video FLV avec IDM - c:\program files\Internet Download Manager\IEGetVL.htm
IE: Télécharger tous les liens avec IDM - c:\program files\Internet Download Manager\IEGetAll.htm
IE: {{000002a3-84fe-43f1-b958-f2c3ca804f1a} - {CD275D4E-791A-4993-9D4D-6A071EDD2709} - c:\program files\IEPro\iepro.dll
LSP: avsda.dll
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_9993303B90FE6C1D.dll
Handler: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - c:\progra~1\Crawler\ctbr.dll
FF - ProfilePath - c:\users\soldatsam\AppData\Roaming\Mozilla\Firefox\Profiles\hcacz42x.default\
FF - prefs.js: browser.startup.homepage - www.google.fr
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - component: c:\users\soldatsam\AppData\Roaming\IDM\idmmzcc2\components\idmmzcc.dll
FF - plugin: c:\program files\Google\Google Updater\2.4.1487.6512\npCIDetect13.dll
FF - plugin: c:\program files\Google\Update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: c:\users\soldatsam\AppData\Local\Google\Update\1.2.141.5\npGoogleOneClick7.dll
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-05-03 22:18
Windows 6.0.6001 Service Pack 1 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-3821968366-1441177850-2377879520-1000_Classes\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"scansk"=hex(0):72,35,7a,e2,d5,8d,26,dd,95,1f,6c,ae,9b,ed,d9,c9,14,90,60,82,b4,
1c,c0,29,77,0c,f6,1c,8a,f5,af,e2,47,ce,5b,e4,ab,ea,94,bf,00,00,00,00,00,00,\

[HKEY_USERS\S-1-5-21-3821968366-1441177850-2377879520-1000_Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}]
@Denied: (Full) (Everyone)
"scansk"=hex(0):3f,7d,26,32,85,f7,a3,14,26,2c,5f,66,4c,d0,41,03,cf,36,95,29,d5,
33,55,b3,7c,03,1a,7f,c9,40,8f,89,fa,88,97,e6,b2,47,56,4d,00,00,00,00,00,00,\

[HKEY_USERS\S-1-5-21-3821968366-1441177850-2377879520-1000_Classes\CLSID\{d44c42a6-bce1-48c7-b841-f2345365a263}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000067
"Therad"=dword:00000015
"MData"=hex(0):cb,9b,ad,ef,27,7d,29,69,f5,02,f0,76,aa,4a,f1,7c,d3,d9,67,7f,6a,
4b,7b,ad,16,9f,44,03,31,19,b2,5b,bd,89,78,a1,e2,e7,93,53,71,7b,33,b3,9d,a8,\

[HKEY_USERS\S-1-5-21-3821968366-1441177850-2377879520-1000_Classes\CLSID\{ebb67ea6-165b-43d3-97ac-a6e896aff663}]
@Denied: (Full) (Everyone)
@Allowed: (Read) (RestrictedCode)
"Model"=dword:00000026
"Therad"=dword:0000001a

[HKEY_USERS\SOFTWARE\Classes\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe,-101"

[HKEY_USERS\SOFTWARE\Classes\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\Elevation]
"Enabled"=dword:00000001

[HKEY_USERS\SOFTWARE\Classes\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10b.exe"

[HKEY_USERS\SOFTWARE\Classes\CLSID\{0BE09CC1-42E0-11DD-AE16-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"

[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"

[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"

[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"

[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\system32\\Macromed\\Flash\\Flash10b.ocx, 1"

[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"

[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"

[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\Flash10b.ocx"
"ThreadingModel"="Apartment"

[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"

[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\system32\\Macromed\\Flash\\Flash10b.ocx, 1"

[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"

[HKEY_USERS\SOFTWARE\Classes\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"

[HKEY_USERS\SOFTWARE\Classes\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}]
@Denied: (A 2) (Everyone)
@="IFlashBroker2"

[HKEY_USERS\SOFTWARE\Classes\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_USERS\SOFTWARE\Classes\Interface\{DDF4CE26-4BDA-42BC-B0F0-0E75243AD285}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"

[HKEY_USERS\SOFTWARE\Classes\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}]
@Denied: (A 2) (Everyone)

[HKEY_USERS\SOFTWARE\Classes\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0]
@="Shockwave Flash"

[HKEY_USERS\SOFTWARE\Classes\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}]
@Denied: (A 2) (Everyone)
@=""

[HKEY_USERS\SOFTWARE\Classes\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0]
@="FlashBroker"

[HKEY_USERS\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_USERS\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_USERS\SYSTEM\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_USERS\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_USERS\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_USERS\SYSTEM\ControlSet003\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_USERS\SYSTEM\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_USERS\SYSTEM\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000

[HKEY_USERS\SYSTEM\ControlSet004\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\[u]0/u002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'Explorer.exe'(3300)
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_fre.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
.
Heure de fin: 2009-05-03 22:21
ComboFix-quarantined-files.txt 2009-05-03 20:20

Avant-CF: 41 400 844 288 octets libres
Après-CF: 41 361 530 880 octets libres

433 --- E O F --- 2009-05-01 20:04

c'est fait, je l'ai supprimé, merci chimay

mais tu sais ce combofix est trop nul, il a activé pas mal de services ke j'ai arrété et qu'ils ralentisé mon ord et consomer de la mémoire unitilement. maintn je dois faire avec :-(

et puis dis moi stp pour la kestion ke je té posé tt a l'heur. fau ke j'installe un antispyware pour me protégé en temps reel conte les troijans, adware, worms et autres... enplus de mon Avira premium security suite.
.. a toi l'ami