AU SECOURS!!VIRTUMONDE.DLL

peut tu être plus précise ...

dans ma fenetre de téléchargement le fichier (virtumundo.exe)bloque a 23%meme si j'annule et que je recommence ca fait la meme chose

bon ok ca fonctionne!!!voici le rapport et ensuite je t'envoie le hijack this;)merci!
[04/01/2008, 17:14:55] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Kat\Bureau\VirtumundoBeGone.exe" )
[04/01/2008, 17:15:08] - Detected System Information:
[04/01/2008, 17:15:08] - Windows Version: 5.1.2600, Service Pack 2
[04/01/2008, 17:15:08] - Current Username: Kat (Admin)
[04/01/2008, 17:15:08] - Windows is in NORMAL mode.
[04/01/2008, 17:15:08] - Searching for Browser Helper Objects:
[04/01/2008, 17:15:08] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
[04/01/2008, 17:15:08] - BHO 2: {163CAA89-EEA9-43AD-91FE-10AA407A2E84} ()
[04/01/2008, 17:15:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/01/2008, 17:15:08] - No filename found. Continuing.
[04/01/2008, 17:15:08] - BHO 3: {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} (SWEETIE Class)
[04/01/2008, 17:15:08] - BHO 4: {3CD09E5C-5DCF-4BE6-BE4F-BB9405310D29} ()
[04/01/2008, 17:15:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/01/2008, 17:15:08] - No filename found. Continuing.
[04/01/2008, 17:15:08] - BHO 5: {54624d2e-c519-48da-9c1c-b0aa2c6c4e2a} ()
[04/01/2008, 17:15:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/01/2008, 17:15:08] - No filename found. Continuing.
[04/01/2008, 17:15:08] - BHO 6: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[04/01/2008, 17:15:08] - BHO 7: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[04/01/2008, 17:15:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/01/2008, 17:15:08] - No filename found. Continuing.
[04/01/2008, 17:15:08] - BHO 8: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
[04/01/2008, 17:15:08] - BHO 9: {B6D8F2BD-8C5B-4A91-A889-2983736B1D7F} ()
[04/01/2008, 17:15:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/01/2008, 17:15:08] - No filename found. Continuing.
[04/01/2008, 17:15:08] - BHO 10: {B716CC00-43D4-4ED3-AF69-B00BBD8ACC16} ()
[04/01/2008, 17:15:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/01/2008, 17:15:08] - No filename found. Continuing.
[04/01/2008, 17:15:08] - BHO 11: {C1B9FAB8-7924-4A7B-AF49-F2925CF569CF} ()
[04/01/2008, 17:15:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/01/2008, 17:15:08] - Checking for HKLM\...\Winlogon\Notify\geede
[04/01/2008, 17:15:08] - Key not found: HKLM\...\Winlogon\Notify\geede, continuing.
[04/01/2008, 17:15:08] - BHO 12: {D318119E-CB62-4039-AE9B-CF9575BCAA7F} ()
[04/01/2008, 17:15:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/01/2008, 17:15:08] - No filename found. Continuing.
[04/01/2008, 17:15:08] - Finished Searching Browser Helper Objects
[04/01/2008, 17:15:08] - Finishing up...
[04/01/2008, 17:15:08] - Nothing found! Exiting...

oui c'est bon ! arretes toi la pour l'instant et attends la suite ;)

et au pas de course !!!! :p

poste moi tout cela et on continuras demain si tu veux bien ... en attendant , ne touche pas (trop ) à ce PC ...

ok alors voila le combofix:
ComboFix 08-04-01.2 - Kat 2008-04-01 18:23:13.1 - NTFSx86 MINIMAL
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.788 [GMT -5:00]
Endroit: C:\Documents and Settings\Kat\Bureau\ComboFix.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\BM9f5cab75.xml
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\cdheyxpw.dll
C:\WINDOWS\system32\edeeg.ini
C:\WINDOWS\system32\edeeg.ini2
C:\WINDOWS\system32\geede.dll
C:\WINDOWS\system32\ggwjflpy.dll
C:\WINDOWS\system32\ijjlm.ini
C:\WINDOWS\system32\ijjlm.ini2
C:\WINDOWS\system32\kjkmp.ini
C:\WINDOWS\system32\kjkmp.ini2
C:\WINDOWS\system32\kmllm.ini
C:\WINDOWS\system32\kmllm.ini2
C:\WINDOWS\system32\orqss.ini
C:\WINDOWS\system32\orqss.ini2
C:\WINDOWS\system32\prutv.ini
C:\WINDOWS\system32\prutv.ini2

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-01 to 2008-04-01 ))))))))))))))))))))))))))))))))))))
.

2008-04-01 17:36 . 2008-04-01 17:36 <REP> d-------- C:\VundoFix Backups
2008-03-31 14:11 . 2008-04-01 15:31 <REP> d-------- C:\Documents and Settings\Kat\Application Data\AVG7
2008-03-31 14:10 . 2008-03-31 14:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\avg7
2008-03-31 12:58 . 2008-03-31 12:58 <REP> d-------- C:\Documents and Settings\Kat\Application Data\Grisoft
2008-03-31 12:52 . 2008-03-31 14:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-03-31 12:52 . 2007-05-30 07:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-03-31 11:25 . 2008-03-31 11:27 <REP> d-------- C:\Program Files\Windows Live
2008-03-31 10:53 . 2008-03-31 10:53 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-03-31 10:52 . 2008-04-01 15:27 474 ---hs---- C:\WINDOWS\system32\tajnloyb.ini
2008-03-31 09:24 . 2008-03-31 09:24 654 ---hs---- C:\WINDOWS\system32\kemdceqf.ini
2008-03-31 09:16 . 2008-03-31 09:16 594 ---hs---- C:\WINDOWS\system32\qdjpvdgf.ini
2008-03-31 07:37 . 2008-03-31 08:02 534 ---hs---- C:\WINDOWS\system32\qufelgmr.ini
2008-03-30 18:29 . 2008-03-30 22:07 414 ---hs---- C:\WINDOWS\system32\dixhefte.ini
2008-03-30 15:48 . 2008-03-30 15:48 294 ---hs---- C:\WINDOWS\system32\fnfhesfk.ini
2008-03-30 14:01 . 2008-03-30 14:01 294 ---hs---- C:\WINDOWS\system32\lqejrpsy.ini
2008-03-30 11:59 . 2008-03-31 10:33 891 --a------ C:\WINDOWS\wininit.ini
2008-03-30 08:05 . 2008-03-30 08:05 294 ---hs---- C:\WINDOWS\system32\nhbefyuv.ini
2008-03-30 05:37 . 2008-03-30 05:37 <REP> d-------- C:\Documents and Settings\Marco\Application Data\Nero
2008-03-29 20:15 . 2004-03-09 16:36 140,488 -ra------ C:\WINDOWS\system32\comdlg32.ocx
2008-03-29 20:15 . 2004-03-09 16:36 115,016 -ra------ C:\WINDOWS\system32\MSINET.OCX
2008-03-29 20:15 . 2004-03-09 16:36 89,360 -ra------ C:\WINDOWS\system32\VB5DB.DLL
2008-03-29 20:15 . 2004-03-09 16:36 69,632 -ra------ C:\WINDOWS\system32\xmltok.dll
2008-03-29 20:15 . 2004-03-09 16:36 36,864 -ra------ C:\WINDOWS\system32\xmlparse.dll
2008-03-29 20:15 . 2004-03-09 16:36 35,840 -ra------ C:\WINDOWS\system32\comdlg32.oca
2008-03-29 20:15 . 2004-03-09 16:36 29,184 -ra------ C:\WINDOWS\system32\MSINET.oca
2008-03-29 20:15 . 2004-03-09 16:36 26,096 -ra------ C:\WINDOWS\system32\xmlinst.exe
2008-03-29 18:23 . 2008-03-29 18:23 <REP> d-------- C:\Documents and Settings\Kat\Application Data\Nero
2008-03-29 18:18 . 2008-03-29 18:19 <REP> d-------- C:\Program Files\Fichiers communs\Nero
2008-03-29 11:49 . 2008-03-29 11:49 <REP> d-------- C:\Program Files\Smart Projects
2008-03-28 13:24 . 2004-08-04 00:45 14,848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
2008-03-28 13:24 . 2004-08-04 00:45 14,848 --a--c--- C:\WINDOWS\system32\dllcache\kbdhid.sys
2008-03-28 13:22 . 2008-03-28 13:22 <REP> d-------- C:\Program Files\Logitech
2008-03-28 13:22 . 2008-03-28 13:22 <REP> d-------- C:\Program Files\Fichiers communs\Logitech
2008-03-28 13:22 . 2005-04-12 19:21 45,504 --a------ C:\WINDOWS\system32\drivers\WmXlCore.sys
2008-03-28 13:22 . 2005-04-12 19:21 22,240 --a------ C:\WINDOWS\system32\drivers\WmFilter.sys
2008-03-28 13:22 . 2005-04-12 19:21 10,144 --a------ C:\WINDOWS\system32\drivers\WmBEnum.sys
2008-03-28 13:22 . 2005-04-12 19:21 5,600 --a------ C:\WINDOWS\system32\drivers\WmVirHid.sys
2008-03-28 13:06 . 2008-03-28 13:06 <REP> d-------- C:\WINDOWS\system32\AGEIA
2008-03-28 13:06 . 2008-03-28 13:06 <REP> d-------- C:\Program Files\AGEIA Technologies
2008-03-24 12:49 . 2008-03-24 12:49 <REP> d-------- C:\Program Files\programmesd
2008-03-23 20:38 . 2008-03-23 20:38 <REP> d-------- C:\Documents and Settings\Marco\Application Data\Corel
2008-03-21 22:27 . 2008-03-29 11:14 56 -r-hs---- C:\WINDOWS\system32\13D67817A2.sys
2008-03-21 22:25 . 2008-03-21 22:25 <REP> d-------- C:\Documents and Settings\Kat\Application Data\Corel
2008-03-21 22:25 . 2008-03-21 22:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-03-21 22:24 . 2008-03-21 22:25 <REP> d-------- C:\Program Files\Fichiers communs\Corel
2008-03-21 22:19 . 2008-03-29 11:14 3,350 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-03-21 22:17 . 2008-03-21 22:24 <REP> d-------- C:\Program Files\Corel
2008-03-21 18:27 . 2008-03-21 18:27 <REP> d-------- C:\Documents and Settings\Marco\Application Data\DivX
2008-03-21 18:27 . 2008-03-21 18:27 38 --a------ C:\WINDOWS\avisplitter.INI
2008-03-20 14:26 . 2008-03-20 14:27 <REP> d-------- C:\Program Files\Safari
2008-03-20 12:26 . 2008-03-24 21:33 28 --a------ C:\WINDOWS\system32\kifile
2008-03-20 12:26 . 2008-03-24 21:33 19 --a------ C:\WINDOWS\system32\nifile
2008-03-20 12:25 . 2008-03-20 12:25 <REP> d--hs---- C:\WINDOWS\ftpcache
2008-03-20 12:25 . 2008-03-20 12:25 <REP> d-------- C:\Program Files\Tribal
2008-03-17 12:50 . 2008-03-17 12:50 <REP> d-------- C:\Documents and Settings\Kat\Application Data\skypePM
2008-03-17 12:50 . 2008-03-17 12:50 32 --a------ C:\Documents and Settings\All Users\Application Data\ezsid.dat
2008-03-17 12:48 . 2008-03-17 12:57 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Skype
2008-03-16 18:34 . 2008-03-16 18:34 <REP> d-------- C:\Documents and Settings\Amely\Application Data\Apple Computer
2008-03-15 10:17 . 2008-03-15 10:17 <REP> d-------- C:\Program Files\uTorrent
2008-03-15 10:17 . 2008-03-31 08:00 <REP> d-------- C:\Documents and Settings\Marco\Application Data\uTorrent
2008-03-14 18:23 . 2008-03-14 18:23 20,699 --a------ C:\WINDOWS\system32\TuneUpDefragService_20080314-232340.dmp
2008-03-13 23:15 . 2008-03-13 23:15 <REP> d-------- C:\WINDOWS\Sun
2008-03-13 23:14 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-03-13 23:13 . 2008-03-13 23:14 <REP> d-------- C:\Program Files\Java
2008-03-13 23:13 . 2008-03-13 23:13 <REP> d-------- C:\Program Files\Fichiers communs\Java
2008-03-13 20:24 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-03-13 19:53 . 2008-03-13 19:53 <REP> d-------- C:\Documents and Settings\Marco\Application Data\Ahead
2008-03-13 09:20 . 2008-03-13 09:20 <REP> d--h----- C:\WINDOWS\PIF
2008-03-11 12:32 . 2008-03-11 12:32 <REP> d-------- C:\Program Files\Trend Micro
2008-03-11 12:22 . 2008-03-11 12:22 <REP> d-------- C:\Documents and Settings\Kat\Application Data\Media Player Classic
2008-03-11 10:41 . 2008-03-11 10:41 98,304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2008-03-11 10:37 . 2008-03-29 20:15 <REP> d-------- C:\Program Files\Ubisoft
2008-03-10 22:23 . 2008-03-29 22:05 <REP> d--h----- C:\WINDOWS\Icons
2008-03-10 22:22 . 2008-03-29 22:07 2,277,888 --a------ C:\WINDOWS\system32\TUKernel.exe
2008-03-10 18:07 . 2008-03-10 18:07 <REP> d-------- C:\Documents and Settings\Amely\Application Data\DivX
2008-03-10 16:32 . 2008-03-10 16:33 <REP> d-------- C:\Program Files\Fichiers communs\muvee Technologies
2008-03-10 15:59 . 2008-03-10 15:59 <REP> d-------- C:\Documents and Settings\Amely\Application Data\Creative
2008-03-10 15:05 . 2008-03-10 15:40 <REP> d-------- C:\Program Files\Photo Story 3 for Windows
2008-03-10 10:17 . 2008-03-10 10:17 <REP> d---s---- C:\Documents and Settings\Amely\UserData
2008-03-09 18:53 . 2008-03-09 18:53 <REP> d-------- C:\Documents and Settings\Amely\Application Data\TuneUp Software
2008-03-09 09:14 . 2008-03-09 15:22 <REP> d-------- C:\Documents and Settings\Marco\Application Data\Azureus
2008-03-08 17:58 . 2008-03-19 14:54 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-03-07 12:58 . 2008-03-09 13:48 <REP> d-------- C:\Documents and Settings\Kat\Application Data\Apple Computer
2008-03-06 20:15 . 2008-03-06 20:15 <REP> d-------- C:\Documents and Settings\Marco\Application Data\TuneUp Software
2008-03-06 16:51 . 2008-03-06 16:51 <REP> d-------- C:\Program Files\iPod
2008-03-06 16:51 . 2008-03-06 16:51 <REP> d-------- C:\Documents and Settings\Marco\Application Data\Apple Computer
2008-03-06 16:51 . 2008-04-01 18:32 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-03-06 16:51 . 2008-03-06 16:51 1,409 --a------ C:\WINDOWS\QTFont.for
2008-03-06 16:50 . 2008-03-06 16:50 <REP> d-------- C:\Program Files\QuickTime
2008-03-06 16:50 . 2008-03-06 16:51 <REP> d-------- C:\Program Files\iTunes
2008-03-06 16:50 . 2008-03-06 16:50 <REP> d-------- C:\Program Files\Bonjour
2008-03-06 16:50 . 2008-03-06 16:50 <REP> d-------- C:\Program Files\Apple Software Update
2008-03-06 16:50 . 2008-03-06 16:50 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-03-06 16:49 . 2008-03-06 16:49 <REP> d-------- C:\Program Files\Fichiers communs\Apple
2008-03-06 16:49 . 2008-03-06 16:49 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-03-06 13:42 . 2004-08-04 00:54 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
2008-03-06 13:42 . 2001-08-23 17:47 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2008-03-05 20:19 . 2008-03-05 20:19 <REP> d---s---- C:\Documents and Settings\Marco\UserData
2008-03-05 14:06 . 2008-03-05 16:17 <REP> d-------- C:\Documents and Settings\Kat\Application Data\gtk-2.0
2008-03-05 14:05 . 2008-03-05 14:05 <REP> d-------- C:\Documents and Settings\Kat\.thumbnails

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-29 22:44 196,608 ----a-w C:\WINDOWS\system32\drivers\aStandard.bin
2008-03-03 04:09 --------- d-----w C:\Documents and Settings\Marco\Application Data\Vidéotron
2008-03-03 04:09 --------- d-----w C:\Documents and Settings\Kat\Application Data\Vidéotron
2008-03-03 04:09 --------- d-----w C:\Documents and Settings\Amely\Application Data\Vidéotron
2008-03-03 04:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\Vidéotron
2008-03-02 02:54 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-03-02 02:39 --------- d-----w C:\Program Files\microsoft frontpage
2008-03-02 02:38 --------- d-----w C:\Program Files\Services en ligne
2008-02-21 02:05 9,464 ------w C:\WINDOWS\system32\drivers\cdralw2k.sys
2008-02-21 02:05 9,336 ------w C:\WINDOWS\system32\drivers\cdr4_xp.sys
2008-02-21 02:05 43,528 ------w C:\WINDOWS\system32\drivers\PxHelp20.sys
2007-08-28 18:54 237,568 ----a-w C:\Program Files\mozilla firefox\plugins\CrazyTalk4Native.dll
2007-05-17 22:45 208,991 ----a-w C:\Program Files\mozilla firefox\plugins\ctdomemhelper.dll
2007-05-17 22:45 450,657 ----a-w C:\Program Files\mozilla firefox\plugins\ctplayerobject.dll
2002-06-03 21:46 454,656 ----a-w C:\Program Files\mozilla firefox\plugins\imagickrt.dll
2005-11-09 16:10 204,800 ----a-w C:\Program Files\mozilla firefox\plugins\RLMusicPacker.dll
2005-11-09 16:42 106,496 ----a-w C:\Program Files\mozilla firefox\plugins\RLMusicUnpacker.dll
.

------- Sigcheck -------

2007-12-06 19:47 670208 c057d734b1951393fd07e2607513d4d9 C:\WINDOWS\$hf_mig$\KB944533\SP2QFE\wininet.dll
2004-08-03 23:54 660480 58fe94ef42e074f4cad8bf02e70e6478 C:\WINDOWS\$NtUninstallKB944533$\wininet.dll
2007-12-06 20:07 697856 de04a7293a48d92fddd6ec067a225562 C:\WINDOWS\system32\wininet.dll
2007-12-06 20:07 697856 de04a7293a48d92fddd6ec067a225562 C:\WINDOWS\system32\dllcache\wininet.dll

2007-06-13 08:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\explorer.exe
2007-06-13 08:10 1037312 b795475444d6d57a572c14b9e1a29839 C:\WINDOWS\$hf_mig$\KB938828\SP2QFE\explorer.exe
2004-08-03 23:54 1036288 4c33e5b9a6197b6ed215f6cfba0a2daa C:\WINDOWS\$NtUninstallKB938828$\explorer.exe
2007-06-13 08:22 979456 80a5400514eb32d393654768c4017e46 C:\WINDOWS\system32\dllcache\explorer.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2008-01-02 20:15 103712]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 11:24 1694208]
"ccleaner"="C:\Program Files\CCleaner\CCleaner.exe" [2008-02-20 09:15 816368]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"Creative Live! Cam Manager"="C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe" [2006-05-31 16:00 143360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-13 07:05 16239616 C:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 05:04 2879488 C:\WINDOWS\SkyTel.exe]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-09-25 09:12 90112]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-09-13 15:49 49152]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-23 15:10 56928]
"LanguageShortcut"="C:\Program Files\CyberLink\PowerDVD\Language\Language.exe" [2006-12-05 22:55 54832]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"SweetIM"="C:\Program Files\Macrogaming\SweetIM\SweetIM.exe" [2008-01-02 20:15 103712]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-31 23:13 385024]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 13:10 267048]
"AVFX Engine"="C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe" [2006-06-09 01:11 24576]
"V0230Mon.exe"="C:\WINDOWS\system32\V0230Mon.exe" [2006-07-19 12:00 36961]
"CreativeTaskScheduler"="C:\Program Files\Creative\Shared Files\CTSched.exe" [2006-01-08 21:43 53340]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57 153136]
"NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2007-12-03 14:21 2213160]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 04:25 6731312]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [2008-03-31 14:10 579072]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-03 23:54 15360]
"AVG7_Run"="C:\PROGRA~1\Grisoft\AVG7\avgw.exe" [2008-03-31 14:11 219136]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\yayvvsr]
yayvvsr.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\MSN Gaming Zone\\Windows\\bckgzm.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Documents and Settings\\Marco\\Bureau\\msnmsgr.exe"=
"C:\\Program Files\\Nero\\Nero8\\Nero Home\\NeroHome.exe"=
"C:\\Program Files\\Fichiers communs\\Nero\\Nero Web\\SetupX.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=
"C:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"=

R2 UxTuneUp;TuneUp Extension de thème;C:\WINDOWS\System32\svchost.exe [2004-08-03 23:55]
R3 V0230Vfx;V0230Vfx;C:\WINDOWS\system32\DRIVERS\V0230Vfx.sys [2006-03-23 12:00]
R3 V0230VID;Live! Cam Video IM Pro;C:\WINDOWS\system32\DRIVERS\V0230VID.sys [2006-07-24 12:00]
R3 Video3D;ASUS Video3D Service;C:\WINDOWS\system32\Drivers\Video3D32.sys [2006-09-29 10:06]
R4 atidgllk;atidgllk;C:\WINDOWS\atidgllk.sys [2005-10-20 10:29]
S3 TuneUp.Defrag;TuneUp Drive Defrag Service;C:\WINDOWS\System32\TuneUpDefragService.exe [2008-03-05 12:56]

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-03-27 19:21:03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-04-01 23:32:30 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- C:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-01 18:32:48
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-04-01 18:35:44 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-01 23:35:40
Pre-Run: 20,712,640,512 octets libres
Post-Run: 21,123,792,896 octets libres
.
2008-03-12 18:01:29 --- E O F ---

et voici le hijack this:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:47:54, on 2008-04-01
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\ATKKBService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
C:\WINDOWS\system32\V0230Mon.exe
C:\Program Files\Creative\Shared Files\CTSched.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\H.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://get2.adobe.com/reader/otherversions/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [AVFX Engine] C:\Program Files\Creative\Creative Live! Cam\VideoFX\StartFX.exe
O4 - HKLM\..\Run: [V0230Mon.exe] C:\WINDOWS\system32\V0230Mon.exe
O4 - HKLM\..\Run: [CreativeTaskScheduler] "C:\Program Files\Creative\Shared Files\CTSched.exe" /logon
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Creative Live! Cam Manager] "C:\Program Files\Creative\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RocketDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\RocketDock\RocketDock.exe
O4 - Startup: TransBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\TransBar\TransBar.exe
O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\UberIcon\UberIcon Manager.exe
O4 - Startup: Y'z Shadow.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat 2\YzShadow\YzShadow.exe
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15035/CTPID.cab
O20 - Winlogon Notify: yayvvsr - yayvvsr.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:\WINDOWS\System32\TuneUpDefragService.exe

pas de panique , je me suis juste trompé de destinataire =)
Excuse moi pour le coup sang ...

A+