Bonjours win32bho-kd

voici mon rapport combofix





ComboFix 08-01-23.2 - Angelique 2008-01-23 15:18:52.2 - NTFSx86

Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.522 [GMT 1:00]
Endroit: C:\Documents and Settings\Angelique\Bureau\ComboFix.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\Documents and Settings\All Users\Application Data\salesmonitor
C:\Documents and Settings\Angelique\new.txt
C:\Program Files\webmediaplayer
C:\Program Files\webmediaplayer\resources\languages.xml
C:\Program Files\webmediaplayer\resources\webmedias
C:\Program Files\webmediaplayer\skins\classic.skn
C:\Program Files\webmediaplayer\WebMediaPlayer.url
C:\WINDOWS\pack.epk
C:\WINDOWS\system32\befcdrupto.dat
C:\WINDOWS\system32\befcdrupto_nav.dat
C:\WINDOWS\system32\befcdrupto_navps.dat
C:\WINDOWS\system32\neksbixfmb.dat
C:\WINDOWS\system32\neksbixfmb_nav.dat
C:\WINDOWS\system32\neksbixfmb_navps.dat

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_IPRIP
-------\Iprip




((((((((((((((((((((((((((((( Fichiers créés 2007-12-23 to 2008-01-23 ))))))))))))))))))))))))))))))))))))
.

2008-01-23 14:52 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\Nircmd.exe
2008-01-23 14:25 . 2008-01-23 14:28 <REP> d-------- C:\Program Files\Navilog1
2008-01-23 12:53 . 2008-01-23 12:53 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-01-23 12:35 . 2008-01-23 12:35 <REP> d-------- C:\Program Files\Trend Micro
2008-01-23 12:26 . 2008-01-23 12:26 2,648 --a------ C:\WINDOWS\sql70.MIF
2008-01-22 20:41 . 2008-01-22 20:41 <REP> d-------- C:\Program Files\Enigma Software Group
2008-01-22 16:48 . 2008-01-23 15:04 25,752 --a------ C:\WINDOWS\DSC01497.zip
2008-01-22 16:48 . 2008-01-22 12:49 25,600 -r-hsc--- C:\WINDOWS\system32\dllcache\spoolms.exe
2008-01-18 18:45 . 2008-01-18 18:45 <REP> d---s---- C:\WINDOWS\system32\%SystemDrive%
2008-01-18 18:45 . 2008-01-18 18:45 <REP> d-------- C:\WINDOWS\Google Toolbar
2008-01-18 18:33 . 2008-01-18 18:46 <REP> d-------- C:\Program Files\Norton Security Scan
2008-01-18 18:29 . 2008-01-18 18:29 867,560 --a------ C:\Program Files\Google Updater.exe
2008-01-12 21:04 . 2008-01-12 21:04 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-12 21:04 . 2008-01-12 21:04 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-12 09:16 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-01-12 09:16 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-01-12 09:16 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-01-12 09:16 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-01-12 09:16 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-01-12 09:16 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-01-12 09:16 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-01-12 09:16 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-01-12 09:11 . 2008-01-12 09:14 19,004,560 --a------ C:\Program Files\setupfre.exe
2008-01-09 12:18 . 2008-01-09 12:18 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-01-09 12:18 . 2008-01-09 12:18 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2008-01-09 12:18 . 2008-01-09 12:18 524,288 --a------ C:\WINDOWS\system32\DivXsm.exe
2008-01-09 12:18 . 2008-01-09 12:18 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2008-01-09 12:18 . 2008-01-09 12:18 9,878 --a------ C:\WINDOWS\system32\dsm_fr.qm
2008-01-09 12:18 . 2008-01-09 12:18 4,816 --a------ C:\WINDOWS\system32\divxsm.tlb
2008-01-09 12:16 . 2008-01-09 12:16 823,296 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2008-01-09 12:16 . 2008-01-09 12:16 823,296 --a------ C:\WINDOWS\system32\divx_xx07.dll
2008-01-09 12:16 . 2008-01-09 12:16 802,816 --a------ C:\WINDOWS\system32\divx_xx11.dll
2008-01-09 12:16 . 2008-01-09 12:16 682,496 --a------ C:\WINDOWS\system32\DivX.dll
2008-01-09 12:16 . 2008-01-09 12:16 196,608 --a------ C:\WINDOWS\system32\dtu100.dll
2008-01-09 12:16 . 2008-01-09 12:16 81,920 --a------ C:\WINDOWS\system32\dpl100.dll
2008-01-09 12:16 . 2008-01-09 12:16 416 --a------ C:\WINDOWS\system32\dtu100.dll.manifest
2008-01-09 12:16 . 2008-01-09 12:16 416 --a------ C:\WINDOWS\system32\dpl100.dll.manifest
2008-01-09 12:15 . 2008-01-09 12:15 630,784 --a------ C:\WINDOWS\system32\divxdec.ax
2008-01-06 21:25 . 2008-01-06 21:25 <REP> d-------- C:\Program Files\Macrogaming
2008-01-04 16:16 . 2008-01-04 16:16 <REP> d-------- C:\Program Files\SAGEM
2008-01-03 21:17 . 2008-01-04 16:17 21 --a------ C:\WINDOWS\kit.ini
2008-01-03 19:42 . 2008-01-03 19:43 7,020,185 --a------ C:\Program Files\Gestionnaire_internetLB.exe
2008-01-03 19:13 . 2008-01-03 19:13 535,512 --a------ C:\Program Files\pllangs.exe
2008-01-03 19:11 . 2008-01-03 19:11 2,855,080 --a------ C:\Program Files\ad-aware-se-personal_ad-aware_se_personal_1.6_anglais_12797.exe
2008-01-03 18:45 . 2008-01-03 18:45 407,680 --a------ C:\Program Files\aswclnr.exe
2008-01-03 18:28 . 2008-01-03 18:24 18,164,640 --a------ C:\Program Files\aaw2007.exe
2008-01-03 18:28 . 2008-01-03 18:23 2,724,328 --a------ C:\Program Files\ccsetup203.exe
2008-01-01 13:04 . 2008-01-01 13:04 <REP> d-------- C:\Program Files\Browser Mouse
2007-12-31 20:04 . 1999-01-05 11:57 32,060 --a------ C:\WINDOWS\system32\cliconf.hlp
2007-12-31 20:03 . 2008-01-23 12:26 <REP> d-------- C:\MSSQL7
2007-12-31 20:03 . 2008-01-02 18:45 899 --------- C:\WINDOWS\setup~0.iss
2007-12-31 19:19 . 2007-12-31 19:22 16,840,120 --a------ C:\Program Files\IE7Setup_G_FR.exe
2007-12-31 18:23 . 2007-12-31 18:23 244 --ah----- C:\sqmnoopt01.sqm
2007-12-31 18:23 . 2007-12-31 18:23 232 --ah----- C:\sqmdata01.sqm
2007-12-31 17:52 . 2007-12-31 17:52 244 --ah----- C:\sqmnoopt00.sqm
2007-12-31 17:52 . 2007-12-31 17:52 232 --ah----- C:\sqmdata00.sqm
2007-12-26 12:55 . 19,456 C:\WINDOWS\system32\drivers\rmbelszq.dat
2007-12-26 11:59 . 2001-08-28 13:00 84,992 --a------ C:\WINDOWS\system32\avwa.dll
2007-12-24 14:02 . 2007-12-24 14:02 319,488 --a------ C:\WINDOWS\system32\adssite_sidebar.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-22 16:54 --------- d-----w C:\Program Files\DivX
2008-01-18 20:26 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-01-18 19:33 --------- d-----w C:\Program Files\Google
2008-01-04 15:17 --------- d-----w C:\Program Files\Wanadoo
2008-01-04 15:16 90 ----a-w C:\Program Files\Setup.log
2008-01-03 18:11 --------- d-----w C:\Program Files\Lavasoft
2008-01-03 17:57 5,720 ----a-w C:\Program Files\aswclnr.log
2008-01-03 17:45 672,256 ----a-w C:\Program Files\aswclnr.tmp
2007-12-27 19:37 --------- d-----w C:\Program Files\JPEG Compression
2007-12-26 10:59 77,369 ----a-w C:\WINDOWS\system32\adssite_sidebar_uninstall.exe
2007-12-22 14:16 --------- d-----w C:\Program Files\AkvaarioGes
2007-12-22 14:03 --------- d-----w C:\Program Files\Aquapep2
2007-12-22 13:56 --------- d-----w C:\Program Files\MSN Messenger
2007-12-22 13:56 --------- d-----w C:\Program Files\Messenger Plus! Live
2007-12-11 19:44 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-12-11 19:44 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-12-11 19:44 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-12-11 19:44 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-12-11 19:44 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-12-11 19:44 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-12-11 19:44 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-12-11 19:43 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2007-12-03 07:55 --------- d-----w C:\Program Files\MSN Pictures Displayer
2007-11-30 18:43 79,868 ----a-w C:\WINDOWS\system32\adssite-remove.exe
2007-11-28 17:16 --------- d-----w C:\Program Files\Fichiers communs\SansenDommagement
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-25 08:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-24 00:47 96,760 ----a-w C:\WINDOWS\system32\dfshim.dll
2007-10-24 00:47 84,480 ----a-w C:\WINDOWS\system32\mscories.dll
2007-10-24 00:47 282,112 ----a-w C:\WINDOWS\system32\mscoree.dll
2007-10-24 00:47 158,720 ----a-w C:\WINDOWS\system32\mscorier.dll
2007-10-23 16:49 586,752 ----a-w C:\WINDOWS\WLXPGSS.SCR
2007-08-17 07:56 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
2006-11-30 15:34 57,115,310 ----a-w C:\Program Files\openofficeorg3.cab
2006-11-30 15:34 3,293,189 ----a-w C:\Program Files\openofficeorg4.cab
2006-11-30 15:25 15,519,277 ----a-w C:\Program Files\openofficeorg2.cab
2006-11-30 15:22 18,447,022 ----a-w C:\Program Files\openofficeorg1.cab
2006-11-30 15:17 5,298,688 ----a-w C:\Program Files\openofficeorg21.msi
2006-11-30 15:17 217 ----a-w C:\Program Files\setup.ini
2006-11-13 16:31 315,392 ----a-w C:\Program Files\setup.exe
2006-11-01 20:06 7,022,328 ----a-w C:\Program Files\logicielphotoOrangeFR.exe
2002-03-11 09:06 1,822,520 ----a-w C:\Program Files\instmsiw.exe
2002-03-11 08:45 1,708,856 ----a-w C:\Program Files\instmsia.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1648E328-3E5A-4EA5-A9C6-E5F09EE272DA}]
2007-12-24 14:02 319488 --a------ C:\WINDOWS\system32\adssite_sidebar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{61C2BD6D-8C4C-4C6B-BAFE-DAD1FDCA3357}]
2001-08-28 13:00 84992 --a------ C:\WINDOWS\system32\avwa.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-09 16:41 68856]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:09 15360]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 09:59 204288]
"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2008-01-02 20:15 103712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11 132496]
"SSBkgdUpdate"="C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 10:22 155648]
"SetDefPrt"="C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe" [2005-01-26 18:02 49152]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 19:17 57393]
"Omnipage"="C:\Program Files\ScanSoft\OmniPageSE\opware32.exe" [2002-02-20 19:01 49152]
"nwiz"="nwiz.exe" [2003-07-28 14:19 323584 C:\WINDOWS\system32\nwiz.exe]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 19:30 40960]
"Creative WebCam Tray"="C:\Program Files\Creative\Shared Files\CAMTRAY.EXE" [2005-10-27 11:00 299008]
"ControlCenter2.0"="C:\Program Files\Brother\ControlCenter2\brctrcen.exe" [2005-05-17 17:42 933888]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 19:51 39792]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 14:28 577536 C:\WINDOWS\soundman.exe]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 15:17 159744]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [2005-06-23 19:33 57344]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-09-09 17:48 155648]
"OWS Setup CmdLine"="C:\Program Files\Fichiers communs\Microsoft Shared\Web Server Extensions\40\bin\cfgwiz.exe" [2004-08-20 00:09 188480]
"LWBMOUSE"="C:\Program Files\Browser Mouse\Browser Mouse\1.0\lwbwheel.exe" [2001-03-26 05:35 429568]
"iKeyWorks"="C:\PROGRA~1\HotKeys\Ikeymain.exe" [2001-09-12 08:44 49152]
"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2008-01-02 20:15 103712]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"spoolms"="C:\WINDOWS\system32\dllcache\spoolms.exe" [2008-01-22 12:49 25600]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 00:09 15360]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Contr“leur d'‚tat.lnk - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2007-01-15 14:23:08 802816]
Gestionnaire de services SQL Server.lnk - C:\MSSQL7\Binn\sqlmangr.exe [2007-12-31 20:04:19 110592]
Logiciel de Synchronisation Orange.lnk - C:\Program Files\Orange\Logiciel de Synchronisation Orange\Voxsync.exe [2007-05-14 12:05:16 684032]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [2000-01-21 09:15:56 65588]
NkvMon.exe.lnk - C:\Program Files\Nikon\NkView5\NkvMon.exe [2005-09-17 16:03:33 233472]
Raccourci vers wlancfg.lnk - C:\thomson\wlancfg.exe [2007-08-17 10:40:30 1466368]
Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2007-02-05 14:40:46 118784]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 14:39 294400]

R0 ttyxpzsj;ttyxpzsj;C:\WINDOWS\system32\drivers\rmbelszq.dat []
R3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys [2004-10-15 12:50]
R3 Intels51;Creatix V.9X DSP Data Fax Modem;C:\WINDOWS\system32\DRIVERS\ctxs51.sys [2002-07-01 15:10]
R3 V0260VID;Live! Cam Vista IM;C:\WINDOWS\system32\DRIVERS\V0260Vid.sys [2006-11-03 23:45]
S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" [2006-02-18 17:54]
S3 p2pgasvc;Authentification de groupe réseau homologue;C:\WINDOWS\System32\svchost.exe [2004-08-20 00:10]
S3 p2pimsvc;Gestionnaire d'identité réseau homologue;C:\WINDOWS\System32\svchost.exe [2004-08-20 00:10]
S3 p2psvc;Réseau homologue;C:\WINDOWS\System32\svchost.exe [2004-08-20 00:10]
S3 PNRPSvc;Protocole de résolution de noms d'homologues;C:\WINDOWS\System32\svchost.exe [2004-08-20 00:10]
S3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2006-03-01 18:37]
S3 w200bus;Sony Ericsson W200 driver (WDM);C:\WINDOWS\system32\DRIVERS\w200bus.sys [2006-11-07 08:42]
S3 w200mdfl;Sony Ericsson W200 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w200mdfl.sys [2006-11-07 08:42]
S3 w200mdm;Sony Ericsson W200 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w200mdm.sys [2006-11-07 08:42]
S3 w200mgmt;Sony Ericsson W200 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w200mgmt.sys [2006-11-07 08:42]
S3 w200obex;Sony Ericsson W200 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w200obex.sys [2006-11-07 08:42]
S3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;C:\WINDOWS\system32\DRIVERS\WlanUIG.sys []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
p2psvc REG_MULTI_SZ p2psvc p2pimsvc p2pgasvc PNRPSvc

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-01-18 17:34:17 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
"2008-01-23 14:22:00 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-23 15:22:14
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.