Aide pour lire Hitjackthis après rootkit

Bonjour,
Bonjour,

L'ordi d'une connaissance
fonctionnant sous vista
avec un antivirus pas à jour m'a infecté ma clé USB.


USB Fix a permis de mettre en évisence un rootkit
qui a été d'ores et déjà été uploadé au concepteur de l'outil
etpui d'installer un nouvel antivirus.
Qui pourrait m'aider pour lire le résultat d'Hitjacthis fait après USB Fix option 2
et me dire si il y a encore quelquechose à faire ?

Ci dessous le résultat USBFix

############################## | UsbFix V6.068 |

User : DS (Administrateurs) # PC-DE-DS
Update on 28/12/2009 by El Desaparecido , C_XX & Chimay8
Start at: 11:32:11 | 25/02/2010
Website : http://pagesperso-orange.fr/NosTools/index.html
Contact : FindyKill.Contact@gmail.com

AMD Athlon(tm) 7550 Dual-Core Processor
Microsoft® Windows Vista™ Édition Familiale Basique (6.0.6001 32-bit) # Service Pack 1
Internet Explorer 7.0.6001.18000
Windows Firewall Status : Enabled

C:\ -> Disque fixe local # 286,63 Go (230,64 Go free) [COMPAQ] # NTFS
D:\ -> Disque fixe local # 11,46 Go (1,61 Go free) [FACTORY_IMAGE] # NTFS
E:\ -> Disque CD-ROM
F:\ -> Disque amovible

############################## | Processus actifs |

C:\Windows\System32\smss.exe 496
C:\Windows\system32\csrss.exe 564
C:\Windows\system32\wininit.exe 616
C:\Windows\system32\csrss.exe 628
C:\Windows\system32\services.exe 660
C:\Windows\system32\lsass.exe 676
C:\Windows\system32\lsm.exe 684
C:\Windows\system32\winlogon.exe 800
C:\Windows\system32\svchost.exe 868
C:\Windows\system32\nvvsvc.exe 912
C:\Windows\system32\svchost.exe 940
C:\Windows\System32\svchost.exe 980
C:\Windows\System32\svchost.exe 1032
C:\Windows\System32\svchost.exe 1064
C:\Windows\system32\svchost.exe 1096
C:\Windows\system32\SLsvc.exe 1180
C:\Windows\system32\svchost.exe 1232
C:\Windows\system32\LogonUI.exe 1248
C:\Windows\system32\svchost.exe 1456
C:\Windows\system32\rundll32.exe 1516
C:\Windows\system32\DllHost.exe 1716
C:\Windows\System32\spoolsv.exe 1792
C:\Windows\system32\svchost.exe 1824
C:\Windows\system32\taskeng.exe 1852
C:\WINDOWS\system32\userinit.exe 1876
C:\Windows\system32\Dwm.exe 1912
C:\Windows\Explorer.EXE 2020
c:\Program Files\Common Files\LightScribe\LSSrvc.exe 1400
C:\Windows\system32\svchost.exe 1052
C:\Windows\system32\svchost.exe 2116
C:\Windows\System32\svchost.exe 2164
C:\Windows\system32\SearchIndexer.exe 2204
C:\Windows\system32\taskeng.exe 2432
C:\Windows\system32\runonce.exe 2528
C:\Windows\system32\WUDFHost.exe 2572
C:\Windows\system32\conime.exe 2608
C:\Windows\system32\wbem\wmiprvse.exe 2800

################## | Elements infectieux |

Supprimé ! C:\$Recycle.Bin\S-1-5-21-1778506392-2858034369-1054927713-500
Supprimé ! C:\$Recycle.Bin\S-1-5-21-2108653370-3712211180-422514394-500
Supprimé ! C:\$Recycle.Bin\S-1-5-21-986679662-3220752518-1026751812-1000
Supprimé ! C:\$Recycle.Bin\S-1-5-21-986679662-3220752518-1026751812-500
Supprimé ! D:\$Recycle.Bin\S-1-5-21-986679662-3220752518-1026751812-1000
Supprimé ! D:\$Recycle.Bin\S-1-5-21-986679662-3220752518-1026751812-500

################## | Registre |


################## | Mountpoints2 |

Supprimé ! HKCU\...\Explorer\MountPoints2\{2837b291-0414-11df-84ff-00248c9cc4b7}\Shell\AutoRun\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{5acb97a5-e30f-11de-b47e-00248c9cc4b7}\Shell\1\Command
Supprimé ! HKCU\...\Explorer\MountPoints2\{d2cafb53-bca0-11de-98d8-00248c9cc4b7}\Shell\AutoRun\Command

################## | Listing des fichiers présent |

[18/09/2006 22:43|--a------|24] C:\autoexec.bat
[21/01/2008 03:34|-rahs----|333203] C:\bootmgr
[11/05/2009 18:25|-ra-s----|8192] C:\BOOTSECT.BAK
[18/09/2006 22:43|--a------|10] C:\config.sys
[?|?|?] C:\hiberfil.sys
[?|?|?] C:\pagefile.sys
[11/05/2009 09:54|--a------|349] C:\updatedatfix.log
[25/02/2010 11:33|--a------|3388] C:\UsbFix.txt
[26/08/2008 13:37|--a------|458] C:\Windows Sidebar
[22/06/2007 16:44|---hs----|438328] D:\boo.mgr
[18/01/2008 23:45|---hs----|333203] D:\bootmgr
[28/03/2008 18:54|---hs----|1242] D:\Desktop.ini
[19/10/2009 12:28|--ahs----|182] D:\MASTER.LOG
[11/02/2009 15:47|--ahs----|422] D:\pcdr.ini
[19/06/2007 15:22|---hs----|112102] D:\protect.arabic
[19/06/2007 15:22|---hs----|109016] D:\protect.catalan
[19/06/2007 15:22|---hs----|109342] D:\protect.chinese hong kong
[19/06/2007 15:22|---hs----|109360] D:\protect.chinese simplified
[19/06/2007 15:22|---hs----|109342] D:\protect.chinese traditional
[04/07/2007 11:31|---hs----|111514] D:\protect.czech
[19/06/2007 15:22|---hs----|109124] D:\protect.danish
[19/06/2007 15:22|---hs----|109049] D:\protect.dutch
[19/06/2007 15:22|---hs----|109092] D:\protect.english
[19/06/2007 15:22|---hs----|109092] D:\protect.finnish
[19/06/2007 15:22|---hs----|109060] D:\protect.french
[19/06/2007 15:22|---hs----|109094] D:\protect.german
[04/07/2007 11:33|---hs----|112496] D:\protect.greek
[04/07/2007 11:36|---hs----|112439] D:\protect.hebrew
[19/06/2007 15:22|---hs----|108979] D:\protect.italian
[19/06/2007 15:22|---hs----|109795] D:\protect.japanese
[19/06/2007 15:22|---hs----|109487] D:\protect.korean
[04/07/2007 11:39|---hs----|111341] D:\protect.norwegian
[04/07/2007 11:39|---hs----|111520] D:\protect.polish
[04/07/2007 11:41|---hs----|111396] D:\protect.portuguese
[04/07/2007 11:40|---hs----|111645] D:\protect.portuguese brazilian
[19/06/2007 15:22|---hs----|163804] D:\protect.russian
[05/07/2007 10:32|---hs----|111738] D:\protect.serbian latin
[04/07/2007 11:46|---hs----|111733] D:\protect.slovak
[19/06/2007 15:22|---hs----|109016] D:\protect.spanish
[04/07/2007 11:43|---hs----|111384] D:\protect.swedish
[04/07/2007 11:45|---hs----|111608] D:\protect.turkish
[11/05/2009 21:22|---hs----|44] D:\RESTORE.INI

################## | Vaccination |

# C:\autorun.inf -> Dossier créé par UsbFix.
# D:\autorun.inf -> Dossier créé par UsbFix.

################## | Crack > Keygen > Serial |


################## | Upload |

Veuillez envoyer le fichier : C:\Users\DS\Desktop\UsbFix_Upload_Me_PC-de-DS.zip : https://www.ionos.fr/?affiliate_id=77097
Merci pour votre contribution .

################## | ! Fin du rapport # UsbFix V6.068 ! |


et maintenant le résultat Hitjackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:11:20, on 25/02/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Cyberlink\PowerCinema\PCMAgent.exe
C:\Program Files\Cyberlink\PowerCinema\Kernel\CLML\CLMLSvc.exe
C:\Program Files\Cyberlink\PlayMovie\PMVService.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\DllHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=compaq-desktop.msn.com&ocid=HPDHP&pc=CPDTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: AOL Toolbar BHO - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O3 - Toolbar: AOL Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AOL Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\program files\hewlett-packard\HP odometer\hpsysdrv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "c:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "c:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [UpdateLBPShortCut] "c:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "c:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdatePDIRShortCut] "c:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "c:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "SOFTWARE\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "c:\Program Files\CyberLink\CyberLink DVD Suite Deluxe\MUITransfer\MUIStartMenu.exe" "c:\Program Files\CyberLink\CyberLink DVD Suite Deluxe" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [PCMAgent] "c:\Program Files\CyberLink\PowerCinema\PCMAgent.exe"
O4 - HKLM\..\Run: [CLMLServer] "c:\Program Files\Cyberlink\PowerCinema\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [PlayMovie] "c:\Program Files\CyberLink\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [avast5] C:\PROGRA~1\ALWILS~1\Avast5\avastUI.exe /nogui
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: &Recherche AOL Toolbar - C:\ProgramData\AOL\ieToolbar\resources\fr-FR\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe