Trojan game thief sur clé USB

Bonjour,

je pense bien avoir un "trojan game thief" et d'autres cochonneries sur ma clé USB, que Kaspersky ne neutralise apparemment pas puisque j'ai une alerte chaque fois que je la réintroduis...

Je poste donc un rapport de Combo Fix ; merci de bien vouloir éclairer ma lanterne, analyser le rapport et me donner des conseils !



ComboFix 09-05-13.02 - Enialoiv 2009-05-14 0:49:21.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.766.235 [GMT 2:00]
Lancé depuis: C:\Users\Violaine\Desktop\Débarras\entretien\ComboFix.exe
AV: Sécurité Internet 2008 *On-access scanning disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Sécurité Internet 2008 *disabled* {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Sécurité Internet 2008 *disabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((( Fichiers créés du 2009-04-13 au 2009-05-13 ))))))))))))))))))))))))))))))))))))
.

2009-05-11 20:50:29 . 2009-05-11 20:50:29 0 d-----w C:\Windows\system32\IOSUBSYS
2009-05-06 18:26:48 . 2009-05-06 18:25:42 410984 ----a-w C:\Windows\system32\deploytk.dll
2009-04-19 18:11:59 . 2008-07-27 18:00:28 96760 ----a-w C:\Windows\system32\dfshim.dll
2009-04-19 18:11:43 . 2008-07-27 18:00:29 282112 ----a-w C:\Windows\system32\mscoree.dll
2009-04-19 18:11:37 . 2008-07-27 18:00:29 41984 ----a-w C:\Windows\system32\netfxperf.dll
2009-04-19 18:10:36 . 2008-07-27 18:00:29 158720 ----a-w C:\Windows\system32\mscorier.dll
2009-04-19 18:10:10 . 2008-07-27 18:00:29 83968 ----a-w C:\Windows\system32\mscories.dll
2009-04-16 01:07:38 . 2008-12-08 04:34:09 376832 ----a-w C:\Windows\system32\winhttp.dll
2009-04-16 01:07:07 . 2008-06-05 04:50:50 30208 ----a-w C:\Windows\system32\xolehlp.dll
2009-04-16 01:07:07 . 2008-06-05 04:50:45 500736 ----a-w C:\Windows\system32\msdtcprx.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-05-13 22:10:53 . 2008-07-16 09:51:26 24536096 --sha-w C:\Windows\system32\drivers\fidbox.dat
2009-05-11 22:03:11 . 2008-07-16 09:51:29 328100 --sha-w C:\Windows\system32\drivers\fidbox.idx
2009-05-11 20:50:08 . 2007-07-18 16:34:21 0 d-----w C:\Program Files\Google
2009-05-06 18:25:01 . 2008-02-27 14:20:46 0 d-----w C:\Program Files\Java
2009-05-06 17:06:55 . 2006-11-02 15:48:33 690832 ----a-w C:\Windows\system32\perfh00C.dat
2009-05-06 17:06:55 . 2006-11-02 15:48:33 117572 ----a-w C:\Windows\system32\perfc00C.dat
2009-04-20 20:49:52 . 2007-01-23 14:06:26 0 d--h--w C:\Program Files\InstallShield Installation Information
2009-04-19 17:57:14 . 2007-07-18 13:51:08 0 d-----w C:\Program Files\Micro Application
2009-04-19 17:40:19 . 2007-01-23 14:22:49 0 d-----w C:\Program Files\CyberLink
2009-04-19 17:31:05 . 2007-01-23 14:11:28 0 d-----w C:\Program Files\Common Files\NewTech Infosystems
2009-04-19 17:26:07 . 2008-03-29 12:13:27 0 d-----w C:\Program Files\MediaCoder
2009-04-19 17:20:22 . 2006-11-02 10:25:05 51200 ----a-w C:\Windows\inf\infpub.dat
2009-04-19 17:20:20 . 2006-11-02 10:25:05 86016 ----a-w C:\Windows\inf\infstrng.dat
2009-04-19 17:20:20 . 2006-11-02 10:25:05 86016 ----a-w C:\Windows\inf\infstor.dat
2009-04-19 16:33:52 . 2007-07-18 12:50:31 102136 ----a-w C:\Users\Enialoiv\AppData\Local\GDIPFONTCACHEV1.DAT
2009-04-16 01:13:45 . 2006-11-02 11:18:33 0 d-----w C:\Program Files\Windows Mail
2009-04-15 05:56:17 . 2007-08-29 07:25:59 0 d-----w C:\Program Files\Foxmail
2009-04-14 14:07:31 . 2008-10-29 18:16:29 0 d-----w C:\Program Files\Common Files\Adobe
2009-03-28 08:02:57 . 2008-06-25 09:46:04 0 d-----w C:\Program Files\bookin
2009-03-17 03:16:31 . 2009-04-16 01:05:01 14848 ----a-w C:\Windows\system32\apilogen.dll
2009-03-17 03:16:29 . 2009-04-16 01:05:01 25600 ----a-w C:\Windows\system32\amxread.dll
2009-03-03 04:24:50 . 2009-04-16 01:05:41 3503584 ----a-w C:\Windows\system32\ntkrnlpa.exe
2009-03-03 04:24:50 . 2009-04-16 01:05:41 3469280 ----a-w C:\Windows\system32\ntoskrnl.exe
2009-03-03 04:20:12 . 2009-04-16 01:02:34 826368 ----a-w C:\Windows\system32\wininet.dll
2009-03-03 04:19:44 . 2009-04-16 01:05:44 158720 ----a-w C:\Windows\system32\sdohlp.dll
2009-03-03 04:19:41 . 2009-04-16 01:05:44 549888 ----a-w C:\Windows\system32\rpcss.dll
2009-03-03 04:19:31 . 2009-04-16 01:05:44 24576 ----a-w C:\Windows\system32\printfilterpipelineprxy.dll
2009-03-03 04:16:25 . 2009-04-16 01:02:43 56320 ----a-w C:\Windows\system32\iesetup.dll
2009-03-03 04:16:24 . 2009-04-16 01:05:45 53248 ----a-w C:\Windows\system32\iasads.dll
2009-03-03 04:16:24 . 2009-04-16 01:05:45 37888 ----a-w C:\Windows\system32\iasdatastore.dll
2009-03-03 04:16:24 . 2009-04-16 01:05:44 97280 ----a-w C:\Windows\system32\iasrecst.dll
2009-03-03 04:16:24 . 2009-04-16 01:02:33 78336 ----a-w C:\Windows\system32\ieencode.dll
2009-03-03 04:15:29 . 2009-04-16 01:02:43 72704 ----a-w C:\Windows\system32\admparse.dll
2009-03-03 02:40:08 . 2009-04-16 01:05:43 654336 ----a-w C:\Windows\system32\printfilterpipelinesvc.exe
2009-03-03 02:08:45 . 2009-04-16 01:02:39 26624 ----a-w C:\Windows\system32\ieUnatt.exe
2009-03-03 00:44:02 . 2009-04-16 01:02:43 48128 ----a-w C:\Windows\system32\mshtmler.dll
2009-02-13 07:26:39 . 2009-04-16 01:05:02 72704 ----a-w C:\Windows\system32\secur32.dll
2009-02-13 07:26:37 . 2009-04-16 01:05:02 1233408 ----a-w C:\Windows\system32\lsasrv.dll
2009-02-13 07:26:04 . 2009-04-16 01:05:04 7680 ----a-w C:\Windows\system32\lsass.exe
2008-12-15 19:18:28 . 2006-11-02 12:50:50 174 --sha-w C:\Program Files\desktop.ini
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"????r"="" [?]
"?????????"="??????????????e" [?]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 09:08:49 1232896]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 11:35:24 90112]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 12:35:32 125440]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-18 16:34:25 68856]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 10:55:02 5674352]
"WindowsWelcomeCenter"="oobefldr.dll" - C:\Windows\System32\oobefldr.dll [2006-11-02 12:34:50 2159104]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="C:\Windows\system32\Macromed\Flash\NPSWF32_FlashUtil.exe" [2007-06-11 20:34:40 190696]
"Application Restart 4"="C:\Windows\System32\conime.exe" [2006-11-02 09:44:59 68608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 03:00:36 815104]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-01-02 17:58:50 464168]
"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-12-08 08:24:00 614400]
"WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 19:48:22 57344]
"Acer Tour Reminder"="C:\Acer\AcerTour\Reminder.exe" [2007-01-14 10:38:48 151552]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-10-19 19:16:26 286720]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2007-12-12 19:35:48 185896]
"Samsung PanelMgr"="C:\Windows\Samsung\PanelMgr\SSMMgr.exe" [2007-06-29 04:17:56 520192]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 21:16:38 39792]
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" [2009-05-06 18:26:05 148888]
"RtHDVCpl"="RtHDVCpl.exe" - C:\Windows\RtHDVCpl.exe [2006-12-01 05:37:00 4186112]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2007-1-23 528384]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]
Wireless Configuration Utility.lnk - C:\Program Files\carte PCMCIA\WlanCU.exe [2004-10-6 442368]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\MICROA~1\SECURI~2\adialhk.dll C:\PROGRA~1\MICROA~1\SECURI~2\r3hook.dll C:\Windows\System32\eNetHook.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{8524DF52-E177-449B-B7BE-7EF74DA3F8AD}"= UDP:C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite
"{869CADB4-FFDA-4EA0-A2F0-4B91B1F4A4E0}"= TCP:C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite
"{8590E098-8963-4528-BC66-77ECD0A7F8C6}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\System32\drivers\klim6.sys [2007-01-25 19:33:22 20760]
R2 SSPORT;SSPORT;C:\Windows\System32\drivers\SSPORT.SYS [2008-07-02 00:19:47 5120]
S3 SMSCIRDA;SMSC Infrared Device Driver;C:\Windows\System32\drivers\smscirda.sys [2007-01-23 23:34:32 31232]
S3 TNET1130;IEEE 802.11g Wireless Cardbus/PCI Adapter;C:\Windows\System32\drivers\TNET1130.sys [2004-06-17 23:41:16 386688]
S3 WSVD;WSVD;C:\Windows\System32\drivers\WSVD.sys [2007-07-18 17:19:34 80744]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\ccc-core-static]
msiexec /fums {35BDA760-4905-19AA-54A0-C118ABB5BF0C} /qb
.
Contenu du dossier 'Tâches planifiées'

2009-05-13 C:\Windows\Tasks\Google Software Updater.job
- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-07-18 16:34:21 . 2009-03-25 07:14:47]

2009-04-17 C:\Windows\Tasks\Maintenance en 1 clic.job
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe [2007-04-26 22:10:38 . 2007-04-26 22:10:38]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uSearchMigratedDefaultURL = hxxp://search.yahoo.com/search?p={searchTerms}&ei=utf-8&fr=b1ie7
mStart Page = hxxp://fr.fr.acer.yahoo.com
uSearchURL,(Default) = hxxp://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\Enialoiv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk
FF - ProfilePath -