Virus sur vista

slt Outman 14

j' ai bien Vista et je commence a le regretter car trop instable........
Peux tu me dire quelles sont mes infections ? en te remerciant d avance


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:52:19, on 26/02/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Safe mode

Running processes:
C:\Windows\Explorer.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.asus.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\VistaCodecPack\QT\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\rqrsqpm.dll,#1
O4 - HKLM\..\Run: [ooquickpdfv7] "C:\Windows\system32\oopmagentts.exe"
O4 - HKLM\..\Run: [bm] "C:\Program Files\Common Files\AntivirusOrdi\bm.exe" dm=http://antivirusordi.com ad=http://antivirusordi.com sd=http://gregistre.antivirusordi.com
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\philippe\AppData\Local\Temp\opnki.dll,#1
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\philippe\AppData\Local\Temp\tuvwu.dll,c
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MS Juan] rundll32 "C:\Users\philippe\AppData\Local\Temp\onjnxuyp.dll",run
O4 - HKCU\..\Run: [fcc83739] rundll32.exe "C:\Users\philippe\AppData\Local\Temp\nqnrmate.dll",b
O4 - HKCU\..\Run: [BMfffb04a5] Rundll32.exe "C:\Users\philippe\AppData\Local\Temp\golreebn.dll",s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: OFFICE One Startup v7.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe

Slt shadowdu74

je te remercie pour cette aide qui m' evite des crises de nerfs lolll

Cordialement Komicstrip

slt shadow et merci pour ce depannage

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:36:16, on 27/02/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\ASUS\Asus MultiFrame\MultiFrame.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\PowerForPhone\PowerForPhone.exe
C:\Windows\ASScrPro.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Windows\System32\oopmagentts.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\ASScrProlog.exe
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\ASScrPro.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\VistaCodecPack\QT\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ooquickpdfv7] "C:\Windows\system32\oopmagentts.exe"
O4 - HKLM\..\Run: [bm] "C:\Program Files\Common Files\AntivirusOrdi\bm.exe" dm=http://antivirusordi.com ad=http://antivirusordi.com sd=http://gregistre.antivirusordi.com
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\philippe\AppData\Local\Temp\tuvwu.dll,c
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MS Juan] rundll32 "C:\Users\philippe\AppData\Local\Temp\onjnxuyp.dll",run
O4 - HKCU\..\Run: [fcc83739] rundll32.exe "C:\Users\philippe\AppData\Local\Temp\nqnrmate.dll",b
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\philippe\AppData\Local\Temp\jkkjj.dll,#1
O4 - HKCU\..\Run: [BMfffb04a5] Rundll32.exe "C:\Users\philippe\AppData\Local\Temp\golreebn.dll",s
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: OFFICE One Startup v7.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: ADSM Service (ADSMService) - Unknown owner - C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET Smart Security\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
O23 - Service: Syntek AVStream USB2.0 WebCam Service (StkSSrv) - Syntek America Inc. - C:\Windows\System32\StkCSrv.exe

cordialement komicstrip

Grand Resalut a toi le miserable en informatique te repond


ComboFix 08-02-25.3 - philippe 2008-02-27 16:52:36.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.1162 [GMT 1:00]
Endroit: C:\Users\philippe\Desktop\ComboFix.exe
* Création d'un nouveau point de restauration
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Temporary

.
((((((((((((((((((((((((((((( Fichiers créés 2008-01-27 to 2008-02-27 ))))))))))))))))))))))))))))))))))))
.

Pas de nouveau fichier créé dans cet espace de temps

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-27 15:41 27,620 ----a-w C:\Users\philippe\AppData\Roaming\nvModes.dat
2008-02-27 15:40 --------- d-----w C:\Program Files\a-squared Free
2008-02-27 11:26 3,266 ----a-w C:\Windows\System32\tmp.reg
2008-02-27 11:02 --------- d-----w C:\Program Files\AusLogics Disk Defrag
2008-02-27 07:44 --------- d-----w C:\Program Files\Windows Live
2008-02-27 07:44 --------- d-----w C:\Program Files\Microsoft SQL Server Compact Edition
2008-02-27 07:41 --------- d-----w C:\ProgramData\WLInstaller
2008-02-26 07:29 --------- d-----w C:\Program Files\Hijackthis Version Française
2008-02-25 21:33 --------- d-----w C:\Program Files\Trend Micro
2008-02-25 14:18 --------- d-----w C:\ProgramData\Spybot - Search & Destroy
2008-02-25 12:50 --------- d-----w C:\Program Files\Dot1XCfg
2008-02-25 12:03 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-02-25 12:00 --------- d---a-w C:\ProgramData\TEMP
2008-02-25 11:52 --------- d-----w C:\Users\philippe\AppData\Roaming\Download Manager
2008-02-24 08:38 --------- d-----w C:\Users\philippe\AppData\Roaming\ESET
2008-02-24 08:36 --------- d-----w C:\ProgramData\ESET
2008-02-24 08:36 --------- d-----w C:\Program Files\ESET
2008-02-24 07:35 --------- d-----w C:\Program Files\Objective Tarot
2008-02-22 18:10 --------- d-----w C:\Users\philippe\AppData\Roaming\OFFICEOne7
2008-02-22 17:44 86,016 ----a-w C:\Windows\System32\VACFix.exe
2008-02-16 04:49 45,056 ----a-w C:\Windows\System32\acovcnt.exe
2008-02-16 04:24 --------- d-----w C:\Program Files\FoxTarot4
2008-02-15 08:25 --------- d-----w C:\Users\philippe\AppData\Roaming\InstallShield
2008-02-15 08:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-14 21:27 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-02-14 21:27 110,080 ----a-w C:\Windows\system32\drivers\mrxdav.sys
2008-02-14 21:25 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-02-14 21:25 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-02-14 21:25 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-02-14 21:25 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-02-14 21:25 17,464 ----a-w C:\Windows\system32\drivers\intelide.sys
2008-02-14 21:25 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-02-14 21:25 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-02-14 21:24 803,328 ----a-w C:\Windows\system32\drivers\tcpip.sys
2008-02-14 21:24 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-14 21:24 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-14 21:24 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-14 21:24 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-02-14 21:24 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-02-14 21:24 216,632 ----a-w C:\Windows\system32\drivers\netio.sys
2008-02-14 21:24 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-14 21:24 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-14 21:24 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-02-14 21:24 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-02-14 21:24 --------- d-----w C:\ProgramData\Microsoft Help
2008-02-14 21:22 824,832 ----a-w C:\Windows\System32\wininet.dll
2008-02-14 21:22 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-14 21:22 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-14 21:22 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-14 19:04 --------- d-----w C:\Users\philippe\AppData\Roaming\Intel
2008-02-14 16:43 --------- d-----w C:\ProgramData\Grisoft
2008-02-14 15:48 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-02-14 15:48 --------- d-----w C:\Users\philippe\AppData\Roaming\uTorrent
2008-02-14 15:48 --------- d-----w C:\ProgramData\P4G
2008-02-14 13:19 --------- d-----w C:\Users\philippe\AppData\Roaming\Uniblue
2008-02-14 12:32 --------- d-----w C:\Program Files\Everest Poker
2008-02-08 18:43 --------- d-----w C:\Program Files\Nokia
2008-02-08 18:43 --------- d-----w C:\Program Files\Common Files\PCSuite
2008-02-08 18:43 --------- d-----w C:\Program Files\Common Files\Nokia
2008-02-08 18:39 --------- d-----w C:\Program Files\PC Connectivity Solution
2008-02-08 09:37 82,432 ----a-w C:\Windows\System32\IEDFix.exe
2008-02-07 17:22 --------- d-----w C:\Program Files\Common Files\LightScribe
2008-02-07 17:20 --------- d-----w C:\ProgramData\Ahead
2008-02-07 17:19 --------- d-----w C:\Program Files\Common Files\Ahead
2008-02-07 17:16 --------- d-----w C:\ProgramData\Nero
2008-02-07 14:00 --------- d-----w C:\Program Files\eMule
2008-02-03 19:50 164,352 ----a-w C:\Windows\System32\SpoonUninstall.exe
2008-02-02 09:44 --------- d-----w C:\Users\philippe\AppData\Roaming\AntivirusOrdi
2008-01-31 14:00 --------- d-----w C:\Users\philippe\AppData\Roaming\OFFICE One v7
2008-01-31 13:52 --------- d-----w C:\Program Files\ISSENDIS
2008-01-31 13:48 --------- d-----w C:\ProgramData\OFFICE One v7
2008-01-31 13:48 --------- d-----w C:\Program Files\OFFICE One v7
2008-01-31 13:46 --------- d-----w C:\Program Files\OFFICE One Games
2008-01-31 13:41 16,384 ----a-w C:\Windows\System32\DsrSleep.dll
2008-01-31 13:37 77,824 ----a-w C:\Windows\System32\oopmdisp.exe
2008-01-31 13:37 69,632 ----a-w C:\Windows\System32\oopmagentts.exe
2008-01-31 13:37 624,128 ----a-w C:\Windows\System32\PDFCreatorPilot2.dll
2008-01-31 13:37 31,232 ----a-w C:\Windows\System32\progress.exe
2008-01-31 13:37 26,112 ----a-w C:\Windows\System32\oopmpm.dll
2008-01-31 13:36 --------- d-----w C:\ProgramData\Ciel
2008-01-31 13:36 --------- d-----w C:\Program Files\Common Files\Ciel
2008-01-31 13:35 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-01-31 13:24 --------- d-----w C:\Program Files\OFFICE One 7.0
2008-01-31 11:21 --------- d-----w C:\ProgramData\Apple
2008-01-31 11:21 --------- d-----w C:\Program Files\Apple Software Update
2008-01-31 10:41 --------- d-----w C:\Users\philippe\AppData\Roaming\GlarySoft
2008-01-30 11:38 71,176 ----a-w C:\Windows\system32\drivers\epfw.sys
2008-01-30 11:38 54,280 ----a-w C:\Windows\system32\drivers\epfwtdi.sys
2008-01-30 11:38 30,728 ----a-w C:\Windows\system32\drivers\epfwndis.sys
2008-01-30 11:35 39,944 ----a-w C:\Windows\system32\drivers\eamon.sys
2008-01-30 11:35 29,704 ----a-w C:\Windows\system32\drivers\easdrv.sys
2008-01-29 19:16 --------- d-----w C:\ProgramData\Apple Computer
2008-01-29 19:00 --------- d-----w C:\ProgramData\Installations
2008-01-29 18:55 --------- d-----w C:\Users\philippe\AppData\Roaming\PC Suite
2008-01-29 18:53 --------- d-----w C:\Users\philippe\AppData\Roaming\Nokia
2008-01-29 18:48 --------- d-----w C:\ProgramData\Nokia
2008-01-29 18:27 --------- d-----w C:\ProgramData\PC Suite
2008-01-29 18:17 --------- d-----w C:\Program Files\DIFX
2008-01-28 16:38 --------- d-----w C:\Program Files\uTorrent
2008-01-25 08:58 --------- d-----w C:\Users\philippe\AppData\Roaming\Ahead
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon]
@={A825576B-0042-4F0F-8FB0-93CE0F054E69}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ADSMOverlayIcon1]
@={A8D448F4-0431-45AC-9F5E-E1B434AB2249}

[HKEY_CLASSES_ROOT\CLSID\{A825576B-0042-4F0F-8FB0-93CE0F054E69}]
2007-06-15 19:28 147456 --a------ C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt.dll

[HKEY_CLASSES_ROOT\CLSID\{A8D448F4-0431-45AC-9F5E-E1B434AB2249}]
2007-06-02 02:08 143360 --a------ C:\Program Files\ASUS\ASUS Data Security Manager\OverlayIconShlExt1.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-23 14:26 1232896]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2006-11-02 13:35 125440]
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe" [2007-06-20 12:49 451872]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 13:36 201728]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]
"BMfffb04a5"="C:\Users\philippe\AppData\Local\Temp\golreebn.dll" [2008-02-26 17:45 91712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-02-12 22:37 174872]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-05-22 15:34 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-05-22 15:34 8433664]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-05-22 15:34 81920]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-23 12:04 4423680 C:\Windows\RtHDVCpl.exe]
"SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 10:31 630784]
"JMB36X IDE Setup"="C:\Windows\RaidTool\xInsIDE.exe" [2007-03-20 07:36 36864]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-03-01 14:24 857648]
"ATKMEDIA"="C:\Program Files\ASUS\ATK Media\DMEDIA.EXE" [2006-11-02 17:27 61440]
"PowerForPhone"="C:\Program Files\PowerForPhone\PowerForPhone.exe" [2007-06-26 19:10 778240]
"ASUS Camera ScreenSaver"="C:\Windows\ASScrProlog.exe" [2007-11-19 19:59 37232]
"ASUS Screen Saver Protector"="C:\Windows\ASScrPro.exe" [2007-11-19 19:59 33136]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-06-13 08:16 528384]
"QuickTime Task"="C:\Program Files\VistaCodecPack\QT\qttask.exe" [2007-02-16 10:54 282624]
"ooquickpdfv7"="C:\Windows\system32\oopmagentts.exe" [2008-01-31 14:37 69632]
"bm"="C:\Program Files\Common Files\AntivirusOrdi\bm.exe" [ ]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-01 15:57 153136]
"InCD"="C:\Program Files\Nero\Nero 7\InCD\InCD.exe" [2007-06-01 10:05 1057328]
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe" [2008-01-30 12:37 1443072]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 17:35 1294336]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"PromptOnSecureDesktop"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-disabled]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{18D92339-9B37-47F3-91E2-D104D35B2952}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{9C61006D-D3C5-4A80-B996-E7464748E7F4}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)|Edge=TRUE|
"TCP Query User{5BCEFB1A-40C7-479C-B37E-4C66AD4DA138}C:\program files\mozilla firefox\firefox.exe"= UDP:C:\program files\mozilla firefox\firefox.exe:Firefox|Desc=Firefox
"UDP Query User{A5B9D7B6-887D-4E6B-A7D7-2FA3BA353588}C:\program files\mozilla firefox\firefox.exe"= TCP:C:\program files\mozilla firefox\firefox.exe:Firefox|Desc=Firefox
"TCP Query User{2429E1B3-C2F0-42F0-A9BC-D257E1C8D8B2}C:\program files\real\realplayer\realplay.exe"= UDP:C:\program files\real\realplayer\realplay.exe:RealPlayer|Desc=RealPlayer
"UDP Query User{8D745DEA-9911-429C-8325-43563F40982A}C:\program files\real\realplayer\realplay.exe"= TCP:C:\program files\real\realplayer\realplay.exe:RealPlayer|Desc=RealPlayer
"TCP Query User{119CBCA7-C448-461B-BCEF-B4CA34B1BB7E}C:\program files\emule\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule Plus|Desc=eMule Plus
"UDP Query User{2EE34A42-E3D7-4B78-9825-57CD9EFAED48}C:\program files\emule\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule Plus|Desc=eMule Plus
"TCP Query User{2D36A57B-AFC2-4B2F-A44B-23410E7FF295}C:\program files\utorrent\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent|Desc=uTorrent
"UDP Query User{8DC7903F-D5CD-4A55-A8CF-53D078A00DB8}C:\program files\utorrent\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent|Desc=uTorrent
"TCP Query User{C2CE4234-14F2-47D6-B42B-18BE3A3305AE}C:\program files\nokia\nokia software updater\nsu_ui_client.exe"= UDP:C:\program files\nokia\nokia software updater\nsu_ui_client.exe:Nokia Software Updater|Desc=Nokia Software Updater
"UDP Query User{F2E8E18A-5930-4EB2-8D85-88F784CF6A6C}C:\program files\nokia\nokia software updater\nsu_ui_client.exe"= TCP:C:\program files\nokia\nokia software updater\nsu_ui_client.exe:Nokia Software Updater|Desc=Nokia Software Updater
"TCP Query User{4E82C757-55D5-4BA2-8840-83CB8329C176}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe"= UDP:C:\program files\common files\nokia\service layer\a\nsl_host_process.exe:Nokia Service Layer Host Process |Desc=Nokia Service Layer Host Process
"UDP Query User{744069AA-AD2D-4A40-A63C-D22461CF8443}C:\program files\common files\nokia\service layer\a\nsl_host_process.exe"= TCP:C:\program files\common files\nokia\service layer\a\nsl_host_process.exe:Nokia Service Layer Host Process |Desc=Nokia Service Layer Host Process
"{F5CDB068-787A-4A38-8722-83A8D2E43413}"= UDP:4662:emuletcp
"{FBE61D76-0442-4011-9F41-FEB4EFC8A875}"= TCP:4672:emuleudp

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R0 AsDsm;AsDsm;C:\Windows\system32\drivers\AsDsm.sys [2007-04-25 02:28]
R2 ADSMService;ADSM Service;C:\Program Files\ASUS\ASUS Data Security Manager\ADSMSrv.exe [2007-05-18 11:31]
R2 ASLDRService;ASLDR Service;C:\Program Files\ATK Hotkey\ASLDRSrv.exe [2007-02-06 03:13]
R2 SBSDWSCService;SBSD Security Center Service;C:\Program Files\Spybot []
R2 StkSSrv;Syntek AVStream USB2.0 WebCam Service;C:\Windows\System32\StkCSrv.exe [2007-04-19 07:42]
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;C:\Windows\system32\DRIVERS\atl01v32.sys [2007-03-15 07:41]
R3 itecir;ITECIR Infrared Receiver;C:\Windows\system32\DRIVERS\itecir.sys [2007-04-21 01:14]
R3 NETw4v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit;C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-04-30 15:45]
R3 StkCMini;Syntek AVStream USB2.0 1.3M WebCam;C:\Windows\system32\Drivers\StkCMini.sys [2007-05-30 08:22]
S2 ghaio;ghaio;C:\Program Files\ASUS\NB Probe\SPM\ghaio.sys [2006-11-16 03:02]
S3 BthAvrcp;Profil AVRCP Bluetooth;C:\Windows\system32\DRIVERS\BthAvrcp.sys [2007-11-19 19:56]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit;C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 08:30]
S3 RTL8169;Realtek 8169 NT Driver;C:\Windows\system32\DRIVERS\Rtlh86.sys [2006-11-02 08:30]
S3 TPM;TPM;C:\Windows\system32\drivers\tpm.sys [2006-11-02 10:50]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Common Files\LightScribe\LSRunOnce.exe"
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-27 16:05:16 C:\Windows\Tasks\User_Feed_Synchronization-{04C5EED0-AE8B-43C3-BB14-03A1CEA20FFA}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-27 17:08:45
Windows 6.0.6000 NTFS

Balayage processus cachés ...

? [1092]
? [2920]
? [3132]

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------

PROCESS: C:\Windows\Explorer.exe [6.00.6000.16549]
-> C:\Program Files\ASUS\Asus MultiFrame\HookTitle.dll
-> C:\Users\philippe\AppData\Local\Temp\golreebn.dll
.
Temps d'accomplissement: 2008-02-27 17:09:29
.
2008-02-27 14:40:47 --- E O F ---




Cordialement , komicstrip