Désinstaller spy shredder

colle un rapport hijackhtis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:02:04, on 2008-03-04
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye.exe
C:\WINDOWS\system32\msiconf.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\devldr32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\program files\winamp toolbar\WinampTbServer.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\DOCUME~1\client\LOCALS~1\Temp\Répertoire temporaire 1 pour HiJackThis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.avast.com/store?verb=register-home&lang=fre
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: (no name) - {E02983DC-C21A-468C-97F0-3CD94FCFDA41} - C:\WINDOWS\system32\atrac.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [itype] "c:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MétéoIMédia] C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [MSI Configuration] msiconf.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [SpyShredder] C:\Program Files\SpyShredder\SpyShredder.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users.WINDOWS\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI699F~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI699F~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: *.amaena.com
O15 - Trusted Zone: *.avsystemcare.com
O15 - Trusted Zone: *.onerateld.com
O15 - Trusted Zone: *.safetydownload.com
O15 - Trusted Zone: *.trustedantivirus.com
O15 - Trusted Zone: *.virusschlacht.com
O15 - Trusted Zone: *.amaena.com (HKLM)
O15 - Trusted Zone: *.avsystemcare.com (HKLM)
O15 - Trusted Zone: *.onerateld.com (HKLM)
O15 - Trusted Zone: *.safetydownload.com (HKLM)
O15 - Trusted Zone: *.trustedantivirus.com (HKLM)
O15 - Trusted Zone: *.virusschlacht.com (HKLM)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

relance hijackthis et fix, selectionne ces lignes et fais fix cheked

O4 - HKCU\..\Run: [SpyShredder] C:\Program Files\SpyShredder\SpyShredder.exe
O15 - Trusted Zone: *.amaena.com
O15 - Trusted Zone: *.avsystemcare.com
O15 - Trusted Zone: *.onerateld.com
O15 - Trusted Zone: *.safetydownload.com
O15 - Trusted Zone: *.trustedantivirus.com
O15 - Trusted Zone: *.virusschlacht.com
O15 - Trusted Zone: *.amaena.com (HKLM)
O15 - Trusted Zone: *.avsystemcare.com (HKLM)
O15 - Trusted Zone: *.onerateld.com (HKLM)
O15 - Trusted Zone: *.safetydownload.com (HKLM)
O15 - Trusted Zone: *.trustedantivirus.com (HKLM)
O15 - Trusted Zone: *.virusschlacht.com (HKLM)

________________


combofix (colle le rapport)
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

__________________



télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

Citation :
C:\Program Files\SpyShredder\SpyShredder.exe

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.

_________________

recolle hijackthis et dis tes soucis

ComboFix 08-03-04.2 - client 2008-03-04 11:45:00.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1558 [GMT -5:00]
Endroit: C:\Documents and Settings\client\Local Settings\Temporary Internet Files\Content.IE5\[u]0[/u]56NW9MF\ComboFix[1].exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\WINDOWS\system32\msiconf.exe

.
((((((((((((((((((((((((((((( Fichiers créés 2008-02-04 to 2008-03-04 ))))))))))))))))))))))))))))))))))))
.

2008-03-04 11:32 . 2008-03-04 11:38 <REP> d-------- C:\ComboFix
2008-03-04 09:26 . 2008-03-04 09:26 <REP> d-------- C:\Program Files\SpyShredder
2008-03-03 19:48 . 2008-03-03 20:04 2,722 --a------ C:\WINDOWS\system32\tmp.reg
2008-03-03 19:07 . 2008-03-03 19:07 <REP> d-------- C:\Program Files\Enigma Software Group
2008-02-29 19:53 . 2001-08-28 07:00 88,064 --a------ C:\WINDOWS\system32\atkctr.dll
2008-02-29 19:53 . 2001-08-28 07:00 88,064 --a------ C:\WINDOWS\system32\apcup.dll
2008-02-29 19:50 . 2008-03-04 11:43 98,048 --a------ C:\WINDOWS\system32\atrac.dll
2008-02-29 19:50 . 2001-08-28 07:00 88,064 --a------ C:\WINDOWS\system32\atrac.1~
2008-02-29 19:03 . 2008-02-29 19:03 <REP> d-------- C:\Documents and Settings\client\Incomplete
2008-02-29 19:03 . 2008-02-29 20:25 <REP> d-------- C:\Documents and Settings\client\Application Data\LimeWire
2008-02-29 18:59 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-02-29 14:42 . 2008-02-29 14:42 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\DFX
2008-02-29 14:05 . 2008-02-29 14:52 <REP> d-------- C:\Documents and Settings\client\Application Data\Winamp
2008-02-29 13:52 . 2008-02-29 13:52 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Winamp Toolbar
2008-02-29 10:01 . 2008-02-29 10:01 44,760 --ah----- C:\WINDOWS\system32\mlfcache.dat
2008-02-29 09:41 . 2008-03-03 19:34 <REP> d-------- C:\Program Files\mIRC 6.31
2008-02-29 09:41 . 2008-03-03 19:51 <REP> d-------- C:\Documents and Settings\client\Application Data\mIRC
2008-02-29 09:34 . 2004-08-03 23:10 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys
2008-02-29 09:34 . 2004-08-03 23:10 10,880 --a--c--- C:\WINDOWS\system32\dllcache\ndisip.sys
2008-02-29 09:34 . 2004-08-03 22:58 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2008-02-29 09:34 . 2004-08-03 22:58 5,504 --a--c--- C:\WINDOWS\system32\dllcache\mstee.sys
2008-02-29 09:31 . 2004-08-03 22:58 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-02-29 09:31 . 2004-08-03 22:58 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-02-29 09:25 . 2008-03-01 21:34 691,545 --a------ C:\WINDOWS\unins000.exe
2008-02-29 09:25 . 2008-03-01 21:39 4,680 --a------ C:\WINDOWS\unins000.dat
2008-02-29 09:20 . 2008-03-03 18:14 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-02-29 09:19 . 2008-02-29 09:19 <REP> d-------- C:\Program Files\Lavasoft
2008-02-29 09:19 . 2008-02-29 09:19 <REP> d-------- C:\Documents and Settings\client\Application Data\Lavasoft
2008-02-29 09:07 . 2004-06-15 14:00 116,736 --a------ C:\WINDOWS\system32\CNMLM61.DLL
2008-02-29 09:07 . 2004-06-05 00:34 86,016 --a------ C:\WINDOWS\system32\CNMCP61.exe
2008-02-29 09:07 . 2004-06-15 14:00 7,680 --a------ C:\WINDOWS\system32\CNMVS61.DLL
2008-02-29 08:59 . 2008-03-03 13:00 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Google Updater
2008-02-29 08:55 . 2004-08-03 23:08 25,600 --a------ C:\WINDOWS\system32\drivers\usbser.sys
2008-02-29 08:55 . 2004-08-03 23:08 25,600 --a--c--- C:\WINDOWS\system32\dllcache\usbser.sys
2008-02-29 08:55 . 2003-12-26 10:22 24,192 -ra------ C:\WINDOWS\system32\drivers\OLDE2.tmp
2008-02-29 08:54 . 2008-02-29 08:56 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\BVRP Software
2008-02-29 08:54 . 2008-02-29 08:54 92,064 --a------ C:\Documents and Settings\client\mqdmmdm.sys
2008-02-29 08:54 . 2008-02-29 08:54 79,328 --a------ C:\Documents and Settings\client\mqdmserd.sys
2008-02-29 08:54 . 2008-02-29 08:54 66,656 --a------ C:\Documents and Settings\client\mqdmbus.sys
2008-02-29 08:54 . 2008-02-29 08:54 25,600 --a------ C:\WINDOWS\system32\drivers\usbsermptxp.sys
2008-02-29 08:54 . 2008-02-29 08:54 25,600 --a------ C:\Documents and Settings\client\usbsermptxp.sys
2008-02-29 08:54 . 2008-02-29 08:54 22,768 --a------ C:\Documents and Settings\client\usbsermpt.sys
2008-02-29 08:54 . 2008-02-29 08:54 9,232 --a------ C:\Documents and Settings\client\mqdmmdfl.sys
2008-02-29 08:54 . 2008-02-29 08:54 6,208 --a------ C:\Documents and Settings\client\mqdmcmnt.sys
2008-02-29 08:54 . 2008-02-29 08:54 5,936 --a------ C:\Documents and Settings\client\mqdmwhnt.sys
2008-02-29 08:54 . 2008-02-29 08:54 4,048 --a------ C:\Documents and Settings\client\mqdmcr.sys
2008-02-29 08:48 . 1998-10-07 13:08 327,168 --a------ C:\WINDOWS\IsUn040c.exe
2008-02-29 08:28 . 2008-02-29 08:28 385 --a------ C:\WINDOWS\ODBC.INI
2008-02-29 08:25 . 2008-02-29 08:26 <REP> d-------- C:\Program Files\Microsoft Office 2003
2008-02-29 07:59 . 2008-02-29 09:32 <REP> d-------- C:\Documents and Settings\client\Contacts
2008-02-29 07:58 . 2008-02-29 07:59 <REP> d-------- C:\Program Files\Windows Live
2008-02-29 07:58 . 2008-02-29 07:58 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-02-29 07:58 . 2008-02-29 07:58 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\WLInstaller
2008-02-29 07:49 . 2005-02-24 22:35 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-02-29 07:45 . 2007-07-30 19:19 43,352 --a------ C:\WINDOWS\system32\wups2.dll
2008-02-29 07:45 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-02-29 07:45 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2008-02-29 07:45 . 2007-07-30 19:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2008-02-29 07:45 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2008-02-29 07:20 . 2008-03-04 11:47 3,287,072 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-02-29 07:20 . 2008-03-04 10:32 40,112 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-02-29 04:37 . 2001-08-17 16:59 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2008-02-29 04:36 . 2004-08-03 19:39 58,496 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2008-02-29 04:36 . 2004-08-03 18:08 10,624 --a------ C:\WINDOWS\system32\drivers\gameenum.sys
2008-02-29 04:36 . 2001-08-17 16:46 6,400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys
2008-02-29 04:35 . 2004-08-03 19:54 77,312 --a------ C:\WINDOWS\system32\usbui.dll
2008-02-29 04:33 . 2008-02-28 21:53 775,210 --a------ C:\WINDOWS\system32\PerfStringBackup.INI
2008-02-29 04:33 . 2004-07-17 04:48 66,082 --a--c--- C:\WINDOWS\system32\dllcache\c_28603.nls
2008-02-29 04:33 . 2004-07-17 04:48 66,082 --a------ C:\WINDOWS\system32\c_28603.nls
2008-02-29 04:33 . 2001-08-28 07:00 19,456 --a--c--- C:\WINDOWS\system32\dllcache\agt041f.dll
2008-02-29 04:33 . 2008-02-28 20:47 4,205 --a------ C:\WINDOWS\ODBCINST.INI
2008-02-29 04:32 . 2008-02-29 04:32 <REP> d--h----- C:\Documents and Settings\Default User.WINDOWS\Voisinage réseau
2008-02-29 04:32 . 2008-02-29 04:32 <REP> d--h----- C:\Documents and Settings\Default User.WINDOWS\Voisinage d'impression
2008-02-29 04:32 . 2008-02-28 20:43 <REP> d--h----- C:\Documents and Settings\Default User.WINDOWS\Modèles
2008-02-29 04:32 . 2008-02-29 04:32 <REP> d-------- C:\Documents and Settings\Default User.WINDOWS\Mes documents
2008-02-29 04:32 . 2008-02-29 04:32 <REP> dr------- C:\Documents and Settings\Default User.WINDOWS\Menu Démarrer
2008-02-29 04:32 . 2008-02-29 04:32 <REP> d-------- C:\Documents and Settings\Default User.WINDOWS\Favoris
2008-02-29 04:32 . 2008-02-29 04:32 <REP> d-------- C:\Documents and Settings\Default User.WINDOWS\Bureau
2008-02-29 04:32 . 2008-02-29 04:32 <REP> d--h----- C:\Documents and Settings\All Users.WINDOWS\Modèles
2008-02-29 04:32 . 2008-03-03 20:00 <REP> dr------- C:\Documents and Settings\All Users.WINDOWS\Menu Démarrer
2008-02-29 04:32 . 2008-02-29 04:32 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Favoris
2008-02-29 04:32 . 2008-02-28 20:44 <REP> dr------- C:\Documents and Settings\All Users.WINDOWS\Documents
2008-02-29 04:32 . 2008-03-03 20:00 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Bureau
2008-02-29 04:30 . 2008-02-28 20:50 261 --a------ C:\WINDOWS\system32\$winnt$.inf
2008-02-28 22:19 . 2008-02-28 22:19 <REP> d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\MailFrontier
2008-02-28 22:18 . 2008-02-28 22:18 <REP> d-------- C:\Documents and Settings\client\Application Data\MailFrontier
2008-02-28 22:17 . 2008-02-28 22:17 <REP> d---s---- C:\Documents and Settings\client\UserData
2008-02-28 21:55 . 2003-03-18 22:20 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
2008-02-28 21:55 . 2007-12-04 08:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-02-28 21:55 . 2003-03-18 21:14 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2008-02-28 21:55 . 2004-01-09 04:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-02-28 21:55 . 2003-02-21 05:42 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2008-02-28 21:55 . 2007-12-04 07:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-02-28 21:55 . 2007-12-04 09:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-02-28 21:55 . 2007-12-04 09:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-02-28 21:55 . 2007-12-04 09:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-02-28 21:55 . 2007-12-04 09:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-02-28 21:55 . 2007-12-04 09:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-02-28 21:52 . 2004-08-03 23:07 59,264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2008-02-28 21:52 . 2004-08-03 23:07 59,264 --a--c--- C:\WINDOWS\system32\dllcache\usbaudio.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-04 14:32 605,696 ----a-w C:\WINDOWS\Internet Logs\xDB2.tmp
2008-03-04 14:32 1,523,200 ----a-w C:\WINDOWS\Internet Logs\xDB3.tmp
2008-03-04 14:20 1,522,176 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp
2008-03-03 14:12 --------- d-----w C:\Program Files\CCleaner
2008-03-03 14:01 --------- d-----w C:\Program Files\Winamp
2008-03-02 11:34 --------- d-----w C:\Program Files\Java
2008-03-02 02:49 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-03-01 00:23 --------- d-----w C:\Program Files\LimeWire
2008-02-29 19:13 --------- d-----w C:\Program Files\Winamp Remote
2008-02-29 18:52 --------- d-----w C:\Program Files\Winamp Toolbar
2008-02-29 14:18 --------- d-----w C:\Documents and Settings\utilisateur\Application Data\Lavasoft
2008-02-29 14:06 --------- d-----w C:\Program Files\Microsoft IntelliType Pro
2008-02-29 14:03 --------- d-----w C:\Program Files\Microsoft IntelliPoint
2008-02-29 14:00 --------- d-----w C:\Program Files\Google
2008-02-29 13:56 --------- d-----w C:\Program Files\Avanquest update
2008-02-29 13:55 --------- d-----w C:\Program Files\Motorola Phone Tools
2008-02-29 12:59 --------- d-----w C:\Program Files\MSN Messenger
2008-02-29 02:03 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-08 12:16 --------- d-----w C:\Documents and Settings\utilisateur\Application Data\WholeSecurity
2008-02-08 01:02 --------- d-----w C:\Program Files\mIRC
2008-02-05 20:47 --------- d-----w C:\Documents and Settings\utilisateur\Application Data\Canon
2008-01-24 21:38 --------- d-----w C:\Documents and Settings\utilisateur\Application Data\Azureus
2008-01-22 21:41 --------- d-----w C:\Program Files\Alwil Software
2008-01-14 02:22 --------- d-----w C:\Program Files\Internet Module
2008-01-14 02:16 --------- d-----w C:\Program Files\Infogrames
2008-01-13 17:27 --------- d-----w C:\Program Files\Steam
2008-01-11 00:55 --------- d-----w C:\Documents and Settings\utilisateur\Application Data\LimeWire
2008-01-07 23:49 --------- d-----w C:\Program Files\Azureus
2007-12-14 00:27 75,248 ----a-w C:\WINDOWS\zllsputility.exe
2007-12-14 00:27 54,672 ----a-w C:\WINDOWS\system32\vsutil_loc040c.dll
2007-12-14 00:27 42,384 ----a-w C:\WINDOWS\zllsputility_loc040c.dll
2007-12-14 00:27 21,904 ----a-w C:\WINDOWS\system32\imsinstall_loc040c.dll
2007-12-14 00:27 17,808 ----a-w C:\WINDOWS\system32\imslsp_install_loc040c.dll
2007-12-14 00:27 1,086,952 ----a-w C:\WINDOWS\system32\zpeng24.dll
2007-08-18 18:05 92,064 ----a-w C:\Documents and Settings\utilisateur\mqdmmdm.sys
2007-08-18 18:05 9,232 ----a-w C:\Documents and Settings\utilisateur\mqdmmdfl.sys
2007-08-18 18:05 79,328 ----a-w C:\Documents and Settings\utilisateur\mqdmserd.sys
2007-08-18 18:05 66,656 ----a-w C:\Documents and Settings\utilisateur\mqdmbus.sys
2007-08-18 18:05 6,208 ----a-w C:\Documents and Settings\utilisateur\mqdmcmnt.sys
2007-08-18 18:05 5,936 ----a-w C:\Documents and Settings\utilisateur\mqdmwhnt.sys
2007-08-18 18:05 4,048 ----a-w C:\Documents and Settings\utilisateur\mqdmcr.sys
2007-08-18 18:05 25,600 ----a-w C:\Documents and Settings\utilisateur\usbsermptxp.sys
2007-08-18 18:05 22,768 ----a-w C:\Documents and Settings\utilisateur\usbsermpt.sys
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{162DD1E1-CBAB-4D31-BCAD-0F9EA50A6AF4}]
2008-03-04 11:43 98048 --a------ C:\WINDOWS\system32\atrac.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
2007-12-13 11:49 1185120 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E02983DC-C21A-468C-97F0-3CD94FCFDA41}]
2008-03-04 11:43 98048 --a------ C:\WINDOWS\system32\atrac.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11D4-9B18-009027A5CD4F}
{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}

[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [2007-12-13 11:49 1185120]

[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-03 17:54 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-16 20:14 68856]
"MétéoIMédia"="C:\Program Files\MétéoMédia\MétéoIMédia\WeatherEye" [ ]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2005-06-08 14:44 196608]
"MSI Configuration"="msiconf.exe" []
"ccleaner"="C:\Program Files\CCleaner\CCleaner.exe" [2008-02-20 09:15 816368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-01-24 05:15 7311360]
"nwiz"="nwiz.exe" [2006-01-24 05:15 1519616 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-01-24 05:15 86016]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 08:00 79224]
"D-Link AirPlus G"="C:\Program Files\D-Link\AirPlus G\AirGCFG.exe" [2005-11-23 08:04 1544192]
"ANIWZCS2Service"="C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe" [2005-10-19 18:19 49152]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-12-13 19:27 919016]
"itype"="c:\Program Files\Microsoft IntelliType Pro\itype.exe" [2006-11-21 17:08 813912]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-07-19 17:32 221184]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2005-06-08 15:24 458752]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2005-06-08 15:14 217088]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 17:54 15360]

C:\Documents and Settings\All Users.WINDOWS\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-08-18 12:31:17 110592]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-08-16 20:14:31 124912]

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusDisableNotify"=dword:00000001
"UpdatesDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=


.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-29 14:05:07 C:\WINDOWS\Tasks\Microsoft_Hardware_Launch_IPoint_exe.job"
- C:\Program Files\Microsoft IntelliType Pro\IPoint.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-04 11:47:01
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-03-04 11:47:38
ComboFix-quarantined-files.txt 2008-03-04 16:47:35