Lenteur PC

ee nocturne,


voila celui de combofix...

ComboFix 08-01-23.2 - david 2008-01-24 23:31:28.8 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.171 [GMT 1:00]
Endroit: D:\Documents and Settings\david.115372460311\Bureau\ComboFix(2).exe
Command switches used :: D:\Documents and Settings\david.115372460311\CFScript.txt
* Création d'un nouveau point de restauration

FILE
C:\WINDOWS\wt\updater\wcmdmgr.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\wt\updater\wcmdmgr.exe
D:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
D:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
.
---- Previous Run -------
.
C:\Program Files\ErreurChasseur
C:\Program Files\ErreurChasseur\swupd.log
C:\Program Files\Fichiers communs\BOONTY Shared
C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
C:\Program Files\Fichiers communs\DriveCleaner 2006 Free
C:\Program Files\Fichiers communs\SystemDoctor
C:\Program Files\Fichiers communs\SystemDoctor\err.log
C:\Program Files\LinkOptimizer
C:\Program Files\LinkOptimizer\LinkOptimizer.dll
C:\Program Files\SopCast
C:\Program Files\SopCast\adv\clips\18CA426D-7B6D-2F41-FCE2-93B1157CCB67\index.htm
C:\Program Files\SopCast\adv\clips\EE067279-16A4-84A3-33F8-B273AB5A44F2\index.htm
C:\Program Files\SopCast\adv\default\default.jpg
C:\Program Files\SopCast\adv\default\default_cn.jpg
C:\Program Files\SopCast\adv\default\home.html
C:\Program Files\SopCast\adv\default\index.html
C:\Program Files\SopCast\adv\sopadver.dat
C:\Program Files\SopCast\adv\SopAdver.exe
C:\Program Files\SopCast\channellist\chlist_adv.xml
C:\Program Files\SopCast\channellist\chlist_live.xml
C:\Program Files\SopCast\channellist\chlist_msg.xml
C:\Program Files\SopCast\channellist\chlist_vod.xml
C:\Program Files\SopCast\config.xml
C:\Program Files\SopCast\CrashReport\XCrashReport.exe
C:\Program Files\SopCast\data
C:\Program Files\SopCast\dbghelp.dll
C:\Program Files\SopCast\install.bat
C:\Program Files\SopCast\IPCamD.ocx
C:\Program Files\SopCast\languages\lang_cn_CH.xml
C:\Program Files\SopCast\languages\lang_cn_HK.xml
C:\Program Files\SopCast\languages\lang_de_DE.xml
C:\Program Files\SopCast\languages\lang_en_US.xml
C:\Program Files\SopCast\languages\lang_es_ES.xml
C:\Program Files\SopCast\languages\lang_fr_FR.xml
C:\Program Files\SopCast\languages\lang_gr_GR.xml
C:\Program Files\SopCast\languages\lang_it_IT.xml
C:\Program Files\SopCast\languages\lang_nl_NL.xml
C:\Program Files\SopCast\languages\lang_pl_PL.xml
C:\Program Files\SopCast\languages\lang_pt_BR.xml
C:\Program Files\SopCast\languages\lang_ro_RO.xml
C:\Program Files\SopCast\languages\lang_sl_SL.xml
C:\Program Files\SopCast\languages\sopcore\lang_en_US.xml
C:\Program Files\SopCast\languages\sopcore\lang_zh_CN.xml
C:\Program Files\SopCast\languages\sopcore\lang_zh_HK.xml
C:\Program Files\SopCast\License.txt
C:\Program Files\SopCast\skin\DURATION_SLIDER_HOVER.bmp
C:\Program Files\SopCast\skin\DURATION_SLIDER_NORMAL.bmp
C:\Program Files\SopCast\skin\DURATION_SLIDER_PRESSED.bmp
C:\Program Files\SopCast\skin\EXPLAYER_DISABLED.bmp
C:\Program Files\SopCast\skin\EXPLAYER_HOVER.bmp
C:\Program Files\SopCast\skin\EXPLAYER_NORMAL.bmp
C:\Program Files\SopCast\skin\EXPLAYER_PRESSED.bmp
C:\Program Files\SopCast\skin\FULLSCREEN_DISABLED.bmp
C:\Program Files\SopCast\skin\FULLSCREEN_HOVER.bmp
C:\Program Files\SopCast\skin\FULLSCREEN_NORMAL.bmp
C:\Program Files\SopCast\skin\FULLSCREEN_PRESSED.bmp
C:\Program Files\SopCast\skin\MAIN_DIALOG.bmp
C:\Program Files\SopCast\skin\MUTE_HOVER.bmp
C:\Program Files\SopCast\skin\MUTE_NORMAL.bmp
C:\Program Files\SopCast\skin\MUTE_PRESSED.bmp
C:\Program Files\SopCast\skin\PAUSE_HOVER.bmp
C:\Program Files\SopCast\skin\PAUSE_NORMAL.bmp
C:\Program Files\SopCast\skin\PAUSE_PRESSED.bmp
C:\Program Files\SopCast\skin\PLAY_HOVER.bmp
C:\Program Files\SopCast\skin\PLAY_NORMAL.bmp
C:\Program Files\SopCast\skin\PLAY_PRESSED.bmp
C:\Program Files\SopCast\skin\sopcore.xml
C:\Program Files\SopCast\skin\SOPLOGO_HOVER.bmp
C:\Program Files\SopCast\skin\SOPLOGO_NORMAL.bmp
C:\Program Files\SopCast\skin\SOPLOGO_PRESSED.bmp
C:\Program Files\SopCast\skin\SOPSTATUS_NORMAL.bmp
C:\Program Files\SopCast\skin\STOP_DISABLED.bmp
C:\Program Files\SopCast\skin\STOP_HOVER.bmp
C:\Program Files\SopCast\skin\STOP_NORMAL.bmp
C:\Program Files\SopCast\skin\STOP_PRESSED.bmp
C:\Program Files\SopCast\skin\UNMUTE_HOVER.bmp
C:\Program Files\SopCast\skin\UNMUTE_NORMAL.bmp
C:\Program Files\SopCast\skin\UNMUTE_PRESSED.bmp
C:\Program Files\SopCast\skin\VOLUME_SLIDER_HOVER.bmp
C:\Program Files\SopCast\skin\VOLUME_SLIDER_NORMAL.bmp
C:\Program Files\SopCast\skin\VOLUME_SLIDER_PRESSED.bmp
C:\Program Files\SopCast\SopCast.exe
C:\Program Files\SopCast\SopCast.url
C:\Program Files\SopCast\sopocx.ocx
C:\Program Files\SopCast\sopvod.exe
C:\Program Files\SopCast\StreamServer\msvcr71.dll
C:\Program Files\SopCast\StreamServer\plugins\libaccess_output_http_plugin.dll
C:\Program Files\SopCast\StreamServer\plugins\plugin_access_file.dll
C:\Program Files\SopCast\StreamServer\plugins\plugin_access_ftp.dll
C:\Program Files\SopCast\StreamServer\plugins\plugin_access_http.dll
C:\Program Files\SopCast\StreamServer\plugins\plugin_access_mms.dll
C:\Program Files\SopCast\StreamServer\plugins\plugin_asf.dll
C:\Program Files\SopCast\StreamServer\plugins\plugin_demuxdump.dll
C:\Program Files\SopCast\StreamServer\plugins\plugin_dummy.dll
C:\Program Files\SopCast\StreamServer\plugins\plugin_hotkeys.dll
C:\Program Files\SopCast\StreamServer\plugins\plugin_ipv4.dll
C:\Program Files\SopCast\StreamServer\plugins\plugin_memcpy.dll
C:\Program Files\SopCast\StreamServer\plugins\plugin_mux_asf.dll
C:\Program Files\SopCast\StreamServer\plugins\plugin_packetizer_copy.dll
C:\Program Files\SopCast\StreamServer\plugins\plugin_rc.dll
C:\Program Files\SopCast\StreamServer\StreamServer.exe
C:\Program Files\SopCast\uninst.exe
C:\Program Files\SopCast\uninstall.bat
C:\Program Files\SopCast\update\SopChecker.exe
C:\Program Files\SopCast\update\UNZIP.EXE
C:\Program Files\SopCast\update\update.bat
C:\WINDOWS\Downloaded Program Files\USDR6V_0001_N19M2604NetInstaller.exe
C:\WINDOWS\QTFont.for
C:\WINDOWS\QTFont.qfn
D:\Documents and Settings\All Users\Application Data\SystemDoctor Free
D:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\Abbr
D:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\ActivationCode
D:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\HOURS
D:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\ProductCode
D:\Documents and Settings\david.115372460311\Application Data\DriveCleaner 2006 Free
D:\Documents and Settings\david.115372460311\Application Data\DriveCleaner 2006 Free\Logs\update.log
D:\Documents and Settings\david.115372460311\err.log
D:\Documents and Settings\david.115372460311\Local Settings\Temporary Internet Files\sc
D:\Documents and Settings\david.115372460311\Local Settings\Temporary Internet Files\sc\console.html
D:\Documents and Settings\david.115372460311\ResErrors.log

----- BITS: Possible sites infectés -----

hxxp://javadl.sun.com
.
((((((((((((((((((((((((((((( Fichiers créés 2007-12-24 to 2008-01-24 ))))))))))))))))))))))))))))))))))))
.

2008-01-24 22:29 . 2008-01-24 22:29 0 --a------ C:\WINDOWS\hpqEmlSz.INI
2008-01-24 14:33 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-01-24 13:04 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-01-24 12:43 . 2008-01-24 12:43 <REP> d-------- C:\Program Files\Foxit Software
2008-01-24 09:52 . 2008-01-24 11:36 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-01-23 18:47 . 2008-01-24 16:12 2,064 --a------ C:\WINDOWS\system32\drivers\fwdrv.err
2008-01-23 17:24 . 2008-01-23 17:24 <REP> d-------- C:\Program Files\Sunbelt Software
2008-01-23 17:08 . 2008-01-23 17:08 <REP> d-------- C:\Program Files\Avira
2008-01-23 15:31 . 2008-01-24 22:07 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-23 15:31 . 2008-01-23 15:31 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-23 11:37 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe
2008-01-09 15:01 . 2008-01-09 15:01 53,248 --a------ C:\WINDOWS\bdoscandel.exe
2008-01-09 15:01 . 2008-01-09 15:01 453 --a------ C:\WINDOWS\bdoscandellang.ini
2007-12-29 16:18 . 2007-12-29 16:19 <REP> d-------- C:\Program Files\QuickTime
2007-12-26 17:35 . 2007-12-27 12:53 <REP> d-------- C:\Program Files\Fichiers communs\uusee

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-24 12:04 --------- d-----w C:\Program Files\Java
2008-01-24 11:33 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-01-23 15:27 --------- d-----w C:\Program Files\Norton Security Scan
2008-01-19 13:21 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-01-02 17:53 --------- d-----w C:\Program Files\TvAnts
2007-12-27 14:06 --------- d-----w C:\Program Files\EasyBurning
2007-11-25 22:43 245,408 ----a-w C:\WINDOWS\system32\unicows.dll
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-11-07 09:28 728,576 ------w C:\WINDOWS\system32\dllcache\lsasrv.dll
2007-10-30 23:23 3,590,656 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-10-30 17:20 360,064 ------w C:\WINDOWS\system32\dllcache\tcpip.sys
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-29 22:43 1,293,824 ------w C:\WINDOWS\system32\dllcache\quartz.dll
2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
2007-02-23 17:03 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2006-02-19 01:28 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
.

((((((((((((((((((((((((((((( snapshot@2008-01-23_11.40.52,51 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-01-24 08:52:49 45,056 ----a-w C:\WINDOWS\BDOSCAN8\avxdisk.dll
+ 2008-01-24 08:52:49 10,240 ----a-w C:\WINDOWS\BDOSCAN8\avxs.dll
+ 2008-01-24 08:52:50 27,136 ----a-w C:\WINDOWS\BDOSCAN8\avxt.dll
+ 2008-01-24 08:53:20 181,760 ----a-w C:\WINDOWS\BDOSCAN8\bdcore.dll
+ 2008-01-09 14:01:48 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll
+ 2008-01-09 14:01:48 53,248 ----a-w C:\WINDOWS\BDOSCAN8\ipsupd.dll
+ 2008-01-24 08:53:28 142,848 ----a-w C:\WINDOWS\BDOSCAN8\libfn.dll
+ 2008-01-24 08:52:53 86,016 ----a-w C:\WINDOWS\BDOSCAN8\librtvr.dll
+ 2008-01-09 14:01:48 118,784 ----a-w C:\WINDOWS\Downloaded Program Files\bdupd.dll
+ 2008-01-09 14:01:48 53,248 ----a-w C:\WINDOWS\Downloaded Program Files\ipsupd.dll
- 2008-01-23 10:38:09 688,128 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT
+ 2008-01-24 22:30:23 688,128 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT
- 2008-01-23 10:38:09 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat
+ 2008-01-24 22:30:23 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat
- 2008-01-23 10:38:09 688,128 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT
+ 2008-01-24 22:30:23 688,128 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT
- 2008-01-23 10:38:09 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat
+ 2008-01-24 22:30:23 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat
- 2008-01-23 10:38:09 5,222,400 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\NTUSER.DAT
+ 2008-01-24 22:30:23 5,222,400 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\NTUSER.DAT
- 2008-01-23 10:38:09 114,688 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat
+ 2008-01-24 22:30:23 249,856 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat
+ 2008-01-23 16:24:57 18,718 ----a-r C:\WINDOWS\Installer\{BFD080F6-3BF0-40E1-9507-9CA969C35870}\ARPPRODUCTICON.exe
+ 2008-01-23 16:24:57 18,718 ----a-r C:\WINDOWS\Installer\{BFD080F6-3BF0-40E1-9507-9CA969C35870}\NewShortcut1_E659E0EE10E649B7869660F38D0EB174.exe
+ 2008-01-23 16:24:57 18,718 ----a-r C:\WINDOWS\Installer\{BFD080F6-3BF0-40E1-9507-9CA969C35870}\NewShortcut2_8315396A5EA1419DBEC4978284BDF556.exe
+ 2007-08-09 12:04:11 40,768 ----a-w C:\WINDOWS\system32\drivers\avgntdd.sys
+ 2007-07-18 13:22:19 21,312 ----a-w C:\WINDOWS\system32\drivers\avgntmgr.sys
+ 2008-01-24 16:32:13 61,632 ----a-w C:\WINDOWS\system32\drivers\avipbb.sys
+ 2007-04-26 09:21:30 302,000 ----a-w C:\WINDOWS\system32\drivers\fwdrv.sys
+ 2007-04-26 09:21:34 72,624 ----a-w C:\WINDOWS\system32\drivers\khips.sys
+ 2007-03-01 09:34:36 28,352 ----a-w C:\WINDOWS\system32\drivers\ssmdrv.sys
- 2006-11-09 12:28:20 49,248 ----a-w C:\WINDOWS\system32\java.exe
+ 2007-09-24 21:30:28 135,168 ----a-w C:\WINDOWS\system32\java.exe
- 2006-11-09 12:28:30 53,346 ----a-w C:\WINDOWS\system32\javaw.exe
+ 2007-09-24 21:30:30 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
- 2006-11-09 14:07:32 127,078 ----a-w C:\WINDOWS\system32\javaws.exe
+ 2007-09-24 22:31:42 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55 5674352]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-24 20:04 68856]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00 455168]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 16:07 61952 C:\WINDOWS\system32\HdAShCut.exe]
"ATICCC"="c:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 13:43 45056]
"Vade Retro Outlook Express"="C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" [2004-10-04 12:03 310272]
"Ulead AutoDetector v2"="C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe" [2004-11-26 10:43 90112]
"PCMService"="c:\apps\Powercinema\PCMService.exe" [2005-11-16 13:11 143360]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 13:00 208952]
"ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [2003-05-02 10:31 24576]
"SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 10:38 866816]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 01:41 49152]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\point32.exe" [2003-05-16 00:41 163840]
"wcmdmgr"="C:\WINDOWS\wt\updater\wcmdmgrl.exe" [2003-09-23 18:49 20480]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-01 08:30 1836544]
"LVCOMS"="C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE" [2002-09-20 14:16 90112]
"LogitechGalleryRepair"="C:\Program Files\Logitech\ImageStudio\ISStart.exe" [2002-09-11 11:58 155648]
"LogitechImageStudioTray"="C:\Program Files\Logitech\ImageStudio\LogiTray.exe" [2002-09-11 11:57 45056]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-05-14 23:22 35328]
"TomTomHOME.exe"="C:\Program Files\TomTom HOME\TomTomHOME.exe" [2007-03-14 15:52 3770024]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-11-02 09:33 185632]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-11-02 18:36 267048]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-01-24 17:32 249896]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys [2007-04-26 10:21]
R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys [2007-04-26 10:21]
R2 SPF4;Sunbelt Personal Firewall 4;"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe" [2007-04-26 10:21]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 21:58]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 22:08]
S3 k600bus;Sony Ericsson 600i driver (WDM);C:\WINDOWS\system32\DRIVERS\k600bus.sys [2005-03-04 18:08]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k600mdfl.sys [2005-03-04 18:11]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;C:\WINDOWS\system32\DRIVERS\k600mdm.sys [2005-03-04 18:11]
S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers;C:\WINDOWS\system32\DRIVERS\k600mgmt.sys [2005-03-04 18:13]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;C:\WINDOWS\system32\DRIVERS\k600obex.sys [2005-03-04 18:15]
S3 PhilCam8116;Logitech QuickCam Pro 3000(PID_08B0);C:\WINDOWS\system32\DRIVERS\CamDrL21.sys [2002-06-10 13:16]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c507739b-16a9-11dc-aa72-000e50d2ca9e}]
\Shell\AutoRun\command - K:\InstallTomTomHOME.exe

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-01-19 16:53:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-01-24 18:30:00 C:\WINDOWS\Tasks\Extension de garantie.job"
- C:\APPS\SMP\PBCARNOT.EXE
"2008-01-24 18:30:00 C:\WINDOWS\Tasks\Master CD_DVD Creator.job"
- C:\Apps\SMP\MCDCHECK.EXE
"2006-06-10 10:26:25 C:\WINDOWS\Tasks\Rappel d'enregistrement 2.job"
- C:\WINDOWS\system32\OOBE\oobebaln.exe
"2008-01-24 18:49:12 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
"2008-01-01 05:30:09 C:\WINDOWS\Tasks\WebReg Photosmart C4100 series.job"
- C:\Program Files\HP\Digital Imaging\bin\hpqwrg.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-24 23:35:30
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.


et voici celui de hijackthis...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:45, on 2008-01-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
c:\apps\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\HPZipm12.exe
c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\TomTom HOME\TomTomHOME.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
c:\apps\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinRAR\WinRAR.exe
D:\DOCUME~1\DAVID~1.115\LOCALS~1\Temp\Rar$EX00.828\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://forum.rsca.be/board.php?boardid=2&sid=d1fa07a6ae26b981c8f95c1e50123e0c
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.rsca.be/en
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\msgr.fr.fr-be\msntb.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [ATICCC] "c:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [PCMService] "c:\apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: BitTorrent.lnk = C:\Program Files\BitTorrent\bittorrent.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\befr.htm
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://www.gamespy.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9D999207-8832-433A-BE74-63213272BE1E}: NameServer = 195.238.2.22 195.238.2.21
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\apps\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\apps\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

oui bien fait une defrag hier soir meme! mais pour la lenteur! mini amélioration mais sans plus! je ne comprend rien!

salut g!rly,

voici le hijack

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:49, on 2008-01-25
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\apps\Powercinema\PCMService.exe
c:\apps\Powercinema\Kernel\TV\CLCapSvc.exe
C:\apps\ABoard\ABoard.exe
c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
C:\apps\ABoard\AOSD.exe
C:\WINDOWS\system32\HPZipm12.exe
c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\TomTom HOME\TomTomHOME.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\apps\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinRAR\WinRAR.exe
D:\DOCUME~1\DAVID~1.115\LOCALS~1\Temp\Rar$EX00.656\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://forum.rsca.be/board.php?boardid=2&sid=d1fa07a6ae26b981c8f95c1e50123e0c
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.rsca.be/en
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\msgr.fr.fr-be\msntb.dll
O3 - Toolbar: &Save Flash - {4064EA35-578D-4073-A834-C96D82CBCF40} - C:\Program Files\Save Flash\SaveFlash.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [ATICCC] "c:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [PCMService] "c:\apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: BitTorrent.lnk = C:\Program Files\BitTorrent\bittorrent.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\befr.htm
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://www.gamespy.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9D999207-8832-433A-BE74-63213272BE1E}: NameServer = 195.238.2.22 195.238.2.21
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\apps\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\apps\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

salut,

je pense que le UUsee est un programme pour voir certaines chaines sur le net (pour le foot ou autres) mais je mais utilsié je pense! il n'y a rien dans le dossier. je pense que je dois avoir quelques probs à cause de cela! j'ai telechargé pas mal de sites pour voir des matches de foot! mais pas mal en chinois donc probleme.

voici le rapport combofix

ComboFix 08-01-23.2 - david 2008-01-25 17:23:31.9 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.139 [GMT 1:00]
Endroit: D:\Documents and Settings\david.115372460311\Bureau\ComboFix(2).exe
Command switches used :: D:\Documents and Settings\david.115372460311\CFScript.txt..txt
* Création d'un nouveau point de restauration

FILE
C:\Program Files\Save Flash\SaveFlash.dll
C:\WINDOWS\wt\updater\wcmdmgrl.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Save Flash
C:\Program Files\Save Flash\BuyNowSaveFlash.url
C:\Program Files\Save Flash\CloseIEAndShowToolband.exe
C:\Program Files\Save Flash\English_help.chm
C:\Program Files\Save Flash\LANG\Arabic.lng
C:\Program Files\Save Flash\LANG\Bulgarian.lng
C:\Program Files\Save Flash\LANG\Czech.lng
C:\Program Files\Save Flash\LANG\Dutch.lng
C:\Program Files\Save Flash\LANG\French.lng
C:\Program Files\Save Flash\LANG\German.lng
C:\Program Files\Save Flash\LANG\Magyar.lng
C:\Program Files\Save Flash\LANG\Persian.lng
C:\Program Files\Save Flash\LANG\Polish.lng
C:\Program Files\Save Flash\LANG\Portuguese.lng
C:\Program Files\Save Flash\LANG\Russian.lng
C:\Program Files\Save Flash\LANG\Slovak.lng
C:\Program Files\Save Flash\LANG\Spanish.lng
C:\Program Files\Save Flash\LANG\TradChinese.lng
C:\Program Files\Save Flash\license_english.txt
C:\Program Files\Save Flash\readme.txt
C:\Program Files\Save Flash\RunSaveFlash.url
C:\Program Files\Save Flash\SaveFlash.dll
C:\Program Files\Save Flash\uninst.exe
C:\WINDOWS\wt\updater\wcmdmgrl.exe
.
---- Previous Run -------
.
C:\Program Files\ErreurChasseur
C:\Program Files\ErreurChasseur\swupd.log
C:\Program Files\Fichiers communs\BOONTY Shared
C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
C:\Program Files\Fichiers communs\DriveCleaner 2006 Free
C:\Program Files\Fichiers communs\SystemDoctor
C:\Program Files\Fichiers communs\SystemDoctor\err.log
C:\Program Files\LinkOptimizer
C:\Program Files\LinkOptimizer\LinkOptimizer.dll
C:\Program Files\SopCast
C:\Program Files\SopCast\adv\clips\18CA426D-7B6D-2F41-FCE2-93B1157CCB67\index.htm
C:\Program Files\SopCast\adv\clips\EE067279-16A4-84A3-33F8-B273AB5A44F2\index.htm
C:\Program Files\SopCast\adv\default\default.jpg
C:\Program Files\SopCast\adv\default\default_cn.jpg
C:\Program Files\SopCast\adv\default\home.html
C:\Program Files\SopCast\adv\default\index.html
C:\Program Files\SopCast\adv\sopadver.dat
C:\Program Files\SopCast\adv\SopAdver.exe
C:\Program Files\SopCast\channellist\chlist_adv.xml
C:\Program Files\SopCast\channellist\chlist_live.xml
C:\Program Files\SopCast\channellist\chlist_msg.xml
C:\Program Files\SopCast\channellist\chlist_vod.xml
C:\Program Files\SopCast\config.xml
C:\Program Files\SopCast\CrashReport\XCrashReport.exe
C:\Program Files\SopCast\data
C:\Program Files\SopCast\dbghelp.dll
C:\Program Files\SopCast\install.bat
C:\Program Files\SopCast\IPCamD.ocx
C:\Program Files\SopCast\languages\lang_cn_CH.xml
C:\Program Files\SopCast\languages\lang_cn_HK.xml
C:\Program Files\SopCast\languages\lang_de_DE.xml
C:\Program Files\SopCast\languages\lang_en_US.xml
C:\Program Files\SopCast\languages\lang_es_ES.xml
C:\Program Files\SopCast\languages\lang_fr_FR.xml
C:\Program Files\SopCast\languages\lang_gr_GR.xml
C:\Program Files\SopCast\languages\lang_it_IT.xml
C:\Program Files\SopCast\languages\lang_nl_NL.xml
C:\Program Files\SopCast\languages\lang_pl_PL.xml
C:\Program Files\SopCast\languages\lang_pt_BR.xml
C:\Program Files\SopCast\languages\lang_ro_RO.xml
C:\Program Files\SopCast\languages\lang_sl_SL.xml
C:\Program Files\SopCast\languages\sopcore\lang_en_US.xml
C:\Program Files\SopCast\languages\sopcore\lang_zh_CN.xml
C:\Program Files\SopCast\languages\sopcore\lang_zh_HK.xml
C:\Program Files\SopCast\License.txt
C:\Program Files\SopCast\skin\DURATION_SLIDER_HOVER.bmp
C:\Program Files\SopCast\skin\DURATION_SLIDER_NORMAL.bmp
C:\Program Files\SopCast\skin\DURATION_SLIDER_PRESSED.bmp
C:\Program Files\SopCast\skin\EXPLAYER_DISABLED.bmp
C:\Program Files\SopCast\skin\EXPLAYER_HOVER.bmp
C:\Program Files\SopCast\skin\EXPLAYER_NORMAL.bmp
C:\Program Files\SopCast\skin\EXPLAYER_PRESSED.bmp
C:\Program Files\SopCast\skin\FULLSCREEN_DISABLED.bmp
C:\Program Files\SopCast\skin\FULLSCREEN_HOVER.bmp
C:\Program Files\SopCast\skin\FULLSCREEN_NORMAL.bmp
C:\Program Files\SopCast\skin\FULLSCREEN_PRESSED.bmp
C:\Program Files\SopCast\skin\MAIN_DIALOG.bmp
C:\Program Files\SopCast\skin\MUTE_HOVER.bmp
C:\Program Files\SopCast\skin\MUTE_NORMAL.bmp
C:\Program Files\SopCast\skin\MUTE_PRESSED.bmp
C:\Program Files\SopCast\skin\PAUSE_HOVER.bmp
C:\Program Files\SopCast\skin\PAUSE_NORMAL.bmp
C:\Program Files\SopCast\skin\PAUSE_PRESSED.bmp
C:\Program Files\SopCast\skin\PLAY_HOVER.bmp
C:\Program Files\SopCast\skin\PLAY_NORMAL.bmp
C:\Program Files\SopCast\skin\PLAY_PRESSED.bmp
C:\Program Files\SopCast\skin\sopcore.xml
C:\Program Files\SopCast\skin\SOPLOGO_HOVER.bmp
C:\Program Files\SopCast\skin\SOPLOGO_NORMAL.bmp
C:\Program Files\SopCast\skin\SOPLOGO_PRESSED.bmp
C:\Program Files\SopCast\skin\SOPSTATUS_NORMAL.bmp
C:\Program Files\SopCast\skin\STOP_DISABLED.bmp
C:\Program Files\SopCast\skin\STOP_HOVER.bmp
C:\Program Files\SopCast\skin\STOP_NORMAL.bmp
C:\Program Files\SopCast\skin\STOP_PRESSED.bmp
C:\Program Files\SopCast\skin\UNMUTE_HOVER.bmp
C:\Program Files\SopCast\skin\UNMUTE_NORMAL.bmp
C:\Program Files\SopCast\skin\UNMUTE_PRESSED.bmp
C:\Program Files\SopCast\skin\VOLUME_SLIDER_HOVER.bmp
C:\Program Files\SopCast\skin\VOLUME_SLIDER_NORMAL.bmp
C:\Program Files\SopCast\skin\VOLUME_SLIDER_PRESSED.bmp
C:\Program Files\SopCast\SopCast.exe
C:\Program Files\SopCast\SopCast.url
C:\Program Files\SopCast\sopocx.ocx
C:\Program Files\SopCast\sopvod.exe
C:\Program Files\SopCast\StreamServer\msvcr71.dll
C:\Program Files\SopCast\StreamServer\plugins\libaccess_output_http_plugin.dll
C:\Program Files\SopCast\StreamServer\plugins\plugin_access_file.dll
C:\Program Files\SopCast\StreamServer\plugins\plugin_access_ftp.dll
C:\Program Files\SopCast\StreamServer\plugins\plugin_access_http.dll
C:\Program Files\SopCast\StreamServer\plugins\plugin_access_mms.dll
C:\Program Files\SopCast\StreamServer\plugins\plugin_asf.dll
C:\Program Files\SopCast\StreamServer\plugins\plugin_demuxdump.dll
C:\Program Files\SopCast\StreamServer\plugins\plugin_dummy.dll
C:\Program Files\SopCast\StreamServer\plugins\plugin_hotkeys.dll
C:\Program Files\SopCast\StreamServer\plugins\plugin_ipv4.dll
C:\Program Files\SopCast\StreamServer\plugins\plugin_memcpy.dll
C:\Program Files\SopCast\StreamServer\plugins\plugin_mux_asf.dll
C:\Program Files\SopCast\StreamServer\plugins\plugin_packetizer_copy.dll
C:\Program Files\SopCast\StreamServer\plugins\plugin_rc.dll
C:\Program Files\SopCast\StreamServer\StreamServer.exe
C:\Program Files\SopCast\uninst.exe
C:\Program Files\SopCast\uninstall.bat
C:\Program Files\SopCast\update\SopChecker.exe
C:\Program Files\SopCast\update\UNZIP.EXE
C:\Program Files\SopCast\update\update.bat
C:\WINDOWS\Downloaded Program Files\USDR6V_0001_N19M2604NetInstaller.exe
C:\WINDOWS\QTFont.for
C:\WINDOWS\QTFont.qfn
C:\WINDOWS\wt\updater\wcmdmgr.exe
D:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
D:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
D:\Documents and Settings\All Users\Application Data\SystemDoctor Free
D:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\Abbr
D:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\ActivationCode
D:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\HOURS
D:\Documents and Settings\All Users\Application Data\SystemDoctor Free\Data\ProductCode
D:\Documents and Settings\david.115372460311\Application Data\DriveCleaner 2006 Free
D:\Documents and Settings\david.115372460311\Application Data\DriveCleaner 2006 Free\Logs\update.log
D:\Documents and Settings\david.115372460311\err.log
D:\Documents and Settings\david.115372460311\Local Settings\Temporary Internet Files\sc
D:\Documents and Settings\david.115372460311\Local Settings\Temporary Internet Files\sc\console.html
D:\Documents and Settings\david.115372460311\ResErrors.log

.
((((((((((((((((((((((((((((( Fichiers créés 2007-12-25 to 2008-01-25 ))))))))))))))))))))))))))))))))))))
.

2008-01-24 22:29 . 2008-01-24 22:29 0 --a------ C:\WINDOWS\hpqEmlSz.INI
2008-01-24 14:33 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-01-24 13:04 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-01-24 12:43 . 2008-01-25 15:46 <REP> d-------- C:\Program Files\Foxit Software
2008-01-24 09:52 . 2008-01-24 11:36 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-01-23 18:47 . 2008-01-25 16:47 5,634 --a------ C:\WINDOWS\system32\drivers\fwdrv.err
2008-01-23 17:24 . 2008-01-23 17:24 <REP> d-------- C:\Program Files\Sunbelt Software
2008-01-23 17:08 . 2008-01-23 17:08 <REP> d-------- C:\Program Files\Avira
2008-01-23 15:31 . 2008-01-25 16:05 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-23 15:31 . 2008-01-23 15:31 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-23 11:37 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe
2008-01-09 15:01 . 2008-01-09 15:01 53,248 --a------ C:\WINDOWS\bdoscandel.exe
2008-01-09 15:01 . 2008-01-09 15:01 453 --a------ C:\WINDOWS\bdoscandellang.ini
2007-12-29 16:18 . 2007-12-29 16:19 <REP> d-------- C:\Program Files\QuickTime
2007-12-26 17:35 . 2007-12-27 12:53 <REP> d-------- C:\Program Files\Fichiers communs\uusee

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-24 12:04 --------- d-----w C:\Program Files\Java
2008-01-24 11:33 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-01-23 15:27 --------- d-----w C:\Program Files\Norton Security Scan
2008-01-19 13:21 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-01-02 17:53 --------- d-----w C:\Program Files\TvAnts
2007-12-27 14:06 --------- d-----w C:\Program Files\EasyBurning
2007-11-25 22:43 245,408 ----a-w C:\WINDOWS\system32\unicows.dll
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-11-07 09:28 728,576 ------w C:\WINDOWS\system32\dllcache\lsasrv.dll
2007-10-30 23:23 3,590,656 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-10-30 17:20 360,064 ------w C:\WINDOWS\system32\dllcache\tcpip.sys
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-29 22:43 1,293,824 ------w C:\WINDOWS\system32\dllcache\quartz.dll
2007-10-25 16:43 8,516,608 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
2007-02-23 17:03 774,144 ----a-w C:\Program Files\RngInterstitial.dll
2006-02-19 01:28 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
.

((((((((((((((((((((((((((((( snapshot_2008-01-24_23.35.57.76 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-01-24 22:30:23 688,128 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT
+ 2008-01-25 16:22:30 688,128 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000001\NTUSER.DAT
- 2008-01-24 22:30:23 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat
+ 2008-01-25 16:22:30 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000002\UsrClass.dat
- 2008-01-24 22:30:23 688,128 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT
+ 2008-01-25 16:22:30 688,128 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000003\NTUSER.DAT
- 2008-01-24 22:30:23 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat
+ 2008-01-25 16:22:30 8,192 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000004\UsrClass.dat
- 2008-01-24 22:30:23 5,222,400 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\NTUSER.DAT
+ 2008-01-25 16:22:30 5,222,400 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000005\NTUSER.DAT
- 2008-01-24 22:30:23 249,856 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat
+ 2008-01-25 16:22:31 249,856 ----a-w C:\WINDOWS\erdnt\Hiv-backup\Users\00000006\UsrClass.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55 5674352]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-24 20:04 68856]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00 455168]
"High Definition Audio Property Page Shortcut"="HDAShCut.exe" [2005-01-07 16:07 61952 C:\WINDOWS\system32\HdAShCut.exe]
"ATICCC"="c:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2005-08-12 13:43 45056]
"Vade Retro Outlook Express"="C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" [2004-10-04 12:03 310272]
"Ulead AutoDetector v2"="C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe" [2004-11-26 10:43 90112]
"PCMService"="c:\apps\Powercinema\PCMService.exe" [2005-11-16 13:11 143360]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 13:00 208952]
"ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [2003-05-02 10:31 24576]
"SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 10:38 866816]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 01:41 49152]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\point32.exe" [2003-05-16 00:41 163840]
"wcmdmgr"="C:\WINDOWS\wt\updater\wcmdmgrl.exe" [ ]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-08-01 08:30 1836544]
"LVCOMS"="C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE" [2002-09-20 14:16 90112]
"LogitechGalleryRepair"="C:\Program Files\Logitech\ImageStudio\ISStart.exe" [2002-09-11 11:58 155648]
"LogitechImageStudioTray"="C:\Program Files\Logitech\ImageStudio\LogiTray.exe" [2002-09-11 11:57 45056]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2007-05-14 23:22 35328]
"TomTomHOME.exe"="C:\Program Files\TomTom HOME\TomTomHOME.exe" [2007-03-14 15:52 3770024]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-11-02 09:33 185632]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-11-02 18:36 267048]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24 286720]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-01-24 17:32 249896]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL

R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys [2007-04-26 10:21]
R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys [2007-04-26 10:21]
R2 SPF4;Sunbelt Personal Firewall 4;"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe" [2007-04-26 10:21]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 21:58]
R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 22:08]
S3 k600bus;Sony Ericsson 600i driver (WDM);C:\WINDOWS\system32\DRIVERS\k600bus.sys [2005-03-04 18:08]
S3 k600mdfl;Sony Ericsson 600i USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k600mdfl.sys [2005-03-04 18:11]
S3 k600mdm;Sony Ericsson 600i USB WMC Modem Drivers;C:\WINDOWS\system32\DRIVERS\k600mdm.sys [2005-03-04 18:11]
S3 k600mgmt;Sony Ericsson 600i USB WMC Device Management Drivers;C:\WINDOWS\system32\DRIVERS\k600mgmt.sys [2005-03-04 18:13]
S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;C:\WINDOWS\system32\DRIVERS\k600obex.sys [2005-03-04 18:15]
S3 PhilCam8116;Logitech QuickCam Pro 3000(PID_08B0);C:\WINDOWS\system32\DRIVERS\CamDrL21.sys [2002-06-10 13:16]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c507739b-16a9-11dc-aa72-000e50d2ca9e}]
\Shell\AutoRun\command - K:\InstallTomTomHOME.exe

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-01-19 16:53:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-01-25 16:00:00 C:\WINDOWS\Tasks\Extension de garantie.job"
- C:\APPS\SMP\PBCARNOT.EXE
"2008-01-25 16:00:00 C:\WINDOWS\Tasks\Master CD_DVD Creator.job"
- C:\Apps\SMP\MCDCHECK.EXE
"2006-06-10 10:26:25 C:\WINDOWS\Tasks\Rappel d'enregistrement 2.job"
- C:\WINDOWS\system32\OOBE\oobebaln.exe
"2008-01-25 14:49:17 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
"2008-01-01 05:30:09 C:\WINDOWS\Tasks\WebReg Photosmart C4100 series.job"
- C:\Program Files\HP\Digital Imaging\bin\hpqwrg.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-25 17:28:07
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.


voici le rapport hijack

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:42, on 2008-01-25
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\TomTom HOME\TomTomHOME.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\iTunes\iTunesHelper.exe
c:\apps\Powercinema\Kernel\TV\CLCapSvc.exe
c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLService.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\apps\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\WinRAR\WinRAR.exe
D:\DOCUME~1\DAVID~1.115\LOCALS~1\Temp\Rar$EX00.844\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://forum.rsca.be/board.php?boardid=2&sid=d1fa07a6ae26b981c8f95c1e50123e0c
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.rsca.be/en
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Barre d'outils MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.2607.0\msgr.fr.fr-be\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [ATICCC] "c:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [PCMService] "c:\apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [wcmdmgr] C:\WINDOWS\wt\updater\wcmdmgrl.exe -launch
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver2\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME\TomTomHOME.exe" -s
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: BitTorrent.lnk = C:\Program Files\BitTorrent\bittorrent.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\befr.htm
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://www.gamespy.com
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{9D999207-8832-433A-BE74-63213272BE1E}: NameServer = 195.238.2.22 195.238.2.21
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\apps\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\apps\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - c:\APPS\Powercinema\Kernel\CLML_NTService\CLMLServer.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe

voila deux rapports que jk'ai effectués avec le site! un avec les lieux critiques et l'autre avec l'entièreté!

le premier..;

Friday, January 25, 2008 6:52:48 PM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 25/01/2008
Enregistrements dans la base antivirus Kaspersky : 497470
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Zones critiques
C:\WINDOWS
D:\DOCUME~1\DAVID~1.115\LOCALS~1\Temp\
Statistiques de l'analyse
Total d'objets analysés 24104
Nombre de virus trouvés 0
Nombre d'objets infectés 0 / 0
Nombre d'objets suspects 0
Durée de l'analyse 00:18:12

Nom de l'objet infecté Nom du virus Dernière action
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\ACEEvent.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\DEFAULT L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SOFTWARE L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SYSTEM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\Temp\CLML_AGENT_LOG1.txt L'objet est verrouillé ignoré
C:\WINDOWS\Temp\sqlite_Fek1oGHzckdQldd L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
D:\DOCUME~1\DAVID~1.115\LOCALS~1\Temp\hpodvd09.log L'objet est verrouillé ignoré
D:\DOCUME~1\DAVID~1.115\LOCALS~1\Temp\Perflib_Perfdata_288.dat L'objet est verrouillé ignoré
D:\DOCUME~1\DAVID~1.115\LOCALS~1\Temp\Perflib_Perfdata_494.dat L'objet est verrouillé ignoré
D:\DOCUME~1\DAVID~1.115\LOCALS~1\Temp\Perflib_Perfdata_7c8.dat L'objet est verrouillé ignoré
D:\DOCUME~1\DAVID~1.115\LOCALS~1\Temp\~DF75EC.tmp L'objet est verrouillé ignoré
D:\DOCUME~1\DAVID~1.115\LOCALS~1\Temp\~DF7CB5.tmp L'objet est verrouillé ignoré
D:\DOCUME~1\DAVID~1.115\LOCALS~1\Temp\~DF7CD3.tmp L'objet est verrouillé ignoré
D:\DOCUME~1\DAVID~1.115\LOCALS~1\Temp\~DFF67B.tmp L'objet est verrouillé ignoré
D:\DOCUME~1\DAVID~1.115\LOCALS~1\Temp\~DFF697.tmp L'objet est verrouillé ignoré
D:\DOCUME~1\DAVID~1.115\LOCALS~1\Temp\~DFFE07.tmp L'objet est verrouillé ignoré
Analyse terminée.

la deuxième

Friday, January 25, 2008 8:15:59 PM
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version : 5.0.83.0
Dernière mise à jour de la base antivirus Kaspersky : 25/01/2008
Enregistrements dans la base antivirus Kaspersky : 497470
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie vrai
Cible de l'analyse Poste de travail
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
Statistiques de l'analyse
Total d'objets analysés 109898
Nombre de virus trouvés 0
Nombre d'objets infectés 0 / 0
Nombre d'objets suspects 0
Durée de l'analyse 01:22:13

Nom de l'objet infecté Nom du virus Dernière action
C:\APPS\Powercinema\Kernel\CLML_NTService\CLML_MAIN\CLML.db L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\debug.log L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\debug.log.idx L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\error.log L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\error.log.idx L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\hips.log L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\hips.log.idx L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\ids.log L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\ids.log.idx L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\network.log L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\network.log.idx L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\system.log L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\system.log.idx L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\warning.log L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\warning.log.idx L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\web.log L'objet est verrouillé ignoré
C:\Program Files\Sunbelt Software\Personal Firewall\logs\web.log.idx L'objet est verrouillé ignoré
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP602\change.log L'objet est verrouillé ignoré
C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré
C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré
C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\edb.log L'objet est verrouillé ignoré
C:\WINDOWS\system32\CatRoot2\tmp.edb L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\ACEEvent.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\DEFAULT L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SOFTWARE L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\SYSTEM L'objet est verrouillé ignoré
C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré
C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré
C:\WINDOWS\Temp\CLML_AGENT_LOG1.txt L'objet est verrouillé ignoré
C:\WINDOWS\Temp\sqlite_Fek1oGHzckdQldd L'objet est verrouillé ignoré
C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré
C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré
C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré
D:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat L'objet est verrouillé ignoré
D:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat L'objet est verrouillé ignoré
D:\Documents and Settings\All Users\Documents\Fonts\Config\desktop.idf L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Application Data\Mozilla\Firefox\Profiles\26qnzkem.default\cert8.db L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Application Data\Mozilla\Firefox\Profiles\26qnzkem.default\history.dat L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Application Data\Mozilla\Firefox\Profiles\26qnzkem.default\key3.db L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Application Data\Mozilla\Firefox\Profiles\26qnzkem.default\parent.lock L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Application Data\Mozilla\Firefox\Profiles\26qnzkem.default\search.sqlite L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Application Data\Mozilla\Firefox\Profiles\26qnzkem.default\urlclassifier2.sqlite L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Cookies\index.dat L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\ApplicationHistory\cli.exe.c88dbd71.ini.inuse L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\ApplicationHistory\hpqimzone.exe.3204510e.ini.inuse L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Google\Google Desktop Search\dbc2e.ht1 L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Google\Google Desktop Search\dbdam L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Google\Google Desktop Search\dbdao L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Google\Google Desktop Search\dbeam L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Google\Google Desktop Search\dbeao L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Google\Google Desktop Search\dbm L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Google\Google Desktop Search\dbu2d.ht1 L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Google\Google Desktop Search\dbvm.cf1 L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Google\Google Desktop Search\dbvmh.ht1 L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Google\Google Desktop Search\fii.cf1 L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Google\Google Desktop Search\fiih.ht1 L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Google\Google Desktop Search\hp L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Google\Google Desktop Search\hpt2i.ht1 L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Google\Google Desktop Search\rpm.cf1 L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Google\Google Desktop Search\rpmh.ht1 L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Google\Google Desktop Search\safeweb\goog-black-enchashm.cf1 L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Google\Google Desktop Search\safeweb\goog-black-enchashmh.ht1 L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Google\Google Desktop Search\safeweb\goog-black-urlm.cf1 L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Google\Google Desktop Search\safeweb\goog-black-urlmh.ht1 L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Google\Google Desktop Search\safeweb\goog-malware-domainm.cf1 L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Google\Google Desktop Search\safeweb\goog-malware-domainmh.ht1 L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Google\Google Desktop Search\safeweb\goog-white-domainm.cf1 L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Google\Google Desktop Search\safeweb\goog-white-domainmh.ht1 L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\HP\Digital Imaging\db\administrativeInfo.dbf L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.cdx L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\HP\Digital Imaging\db\albumImagesTable.dbf L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.cdx L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\HP\Digital Imaging\db\albumTable.dbf L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\HP\Digital Imaging\db\CB_Server_Errors.txt L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.cdx L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\HP\Digital Imaging\db\EXIFTable.dbf L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.cdx L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.dbf L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\HP\Digital Imaging\db\imageTable.fpt L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.cdx L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\HP\Digital Imaging\db\keywordImagesTable.dbf L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.cdx L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\HP\Digital Imaging\db\keywordTable.dbf L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\HP\Digital Imaging\db\managedFolderTable.dbf L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.cdx L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\HP\Digital Imaging\db\pathnameTable.dbf L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.cdx L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\HP\Digital Imaging\db\propertiesTable.dbf L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.cdx L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\HP\Digital Imaging\db\ROFImagesTable.dbf L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.cdx L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\HP\Digital Imaging\db\ROFTable.dbf L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Microsoft\Messenger\david_gerard112@hotmail.com\SharingMetadata\Logs\Dfsr00005.log L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Microsoft\Messenger\david_gerard112@hotmail.com\SharingMetadata\pending.dat L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Microsoft\Messenger\david_gerard112@hotmail.com\SharingMetadata\Working\database_E428_6173_2861_4620\dfsr.db L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Microsoft\Messenger\david_gerard112@hotmail.com\SharingMetadata\Working\database_E428_6173_2861_4620\fsr.log L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Microsoft\Messenger\david_gerard112@hotmail.com\SharingMetadata\Working\database_E428_6173_2861_4620\fsrtmp.log L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Microsoft\Messenger\david_gerard112@hotmail.com\SharingMetadata\Working\database_E428_6173_2861_4620\tmp.edb L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Microsoft\Windows Live Contacts\david_gerard112@hotmail.com\real\members.stg L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Microsoft\Windows Live Contacts\david_gerard112@hotmail.com\shadow\members.stg L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Mozilla\Firefox\Profiles\26qnzkem.default\Cache\_CACHE_001_ L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Mozilla\Firefox\Profiles\26qnzkem.default\Cache\_CACHE_002_ L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Mozilla\Firefox\Profiles\26qnzkem.default\Cache\_CACHE_003_ L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\Mozilla\Firefox\Profiles\26qnzkem.default\Cache\_CACHE_MAP_ L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Application Data\PowerCinema\Trace.log L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Historique\History.IE5\MSHist012008012520080126\index.dat L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Temp\hpodvd09.log L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Temp\Perflib_Perfdata_288.dat L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Temp\Perflib_Perfdata_494.dat L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Temp\Perflib_Perfdata_7c8.dat L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Temp\~DF75EC.tmp L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Temp\~DF7CB5.tmp L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Temp\~DF7CD3.tmp L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Temp\~DFF67B.tmp L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Temp\~DFF697.tmp L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Temp\~DFFE07.tmp L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\NTUSER.DAT L'objet est verrouillé ignoré
D:\Documents and Settings\david.115372460311\ntuser.dat.LOG L'objet est verrouillé ignoré
D:\Documents and Settings\LocalService.AUTORITE NT\Cookies\index.dat L'objet est verrouillé ignoré
D:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
D:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
D:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Historique\History.IE5\index.dat L'objet est verrouillé ignoré
D:\Documents and Settings\LocalService.AUTORITE NT\Local Settings\Temporary Internet Files\Content.IE5\index.dat L'objet est verrouillé ignoré
D:\Documents and Settings\LocalService.AUTORITE NT\NTUSER.DAT L'objet est verrouillé ignoré
D:\Documents and Settings\LocalService.AUTORITE NT\ntuser.dat.LOG L'objet est verrouillé ignoré
D:\Documents and Settings\NetworkService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat L'objet est verrouillé ignoré
D:\Documents and Settings\NetworkService.AUTORITE NT\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG L'objet est verrouillé ignoré
D:\Documents and Settings\NetworkService.AUTORITE NT\NTUSER.DAT L'objet est verrouillé ignoré
D:\Documents and Settings\NetworkService.AUTORITE NT\ntuser.dat.LOG L'objet est verrouillé ignoré
D:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP602\change.log L'objet est verrouillé ignoré
Analyse terminée.

ah bien voila deja une bonne nouvelle...merci

mais pour la lenteur?? c'est tjrs aussi pitoyable! je n'ose meme plus utliser mes programmes!

►MP
Bzz

ah voila nickel !je pense que c'est resolu! j'ai une vitesse je dirais normal mtnt! j'espère que ça va perdurer!!! merci bq en tout cas pour ta patience! un tout grand merci!

depuis que j'ai effctué cette dernière operation j'ai mozilla firefox comme module qui demarre mon pc! jusque là pas de prob! mais j'ai un probleme avec mes pages internet qui ne defilent plus correctement vu que j'ai plus les pubs ou autres! les pages n'apparraissent plus correctement! que dois je faire?