Problème avec un rootkit

Salut
Merci pour l'info je le renvoi, en esperant qu'il soit entier
A+
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:19:32, on 10/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Apps\ActivBoard\nhksrv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\System32\dllhost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton Internet Security\NISUM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Norton Internet Security\SymProxySvc.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Norton Internet Security\NISSERV.EXE
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Norton Internet Security\IAMAPP.EXE
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Fichiers communs\AOL\1143568535\ee\AOLSoftware.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Palm\HOTSYNC.EXE
c:\program files\fichiers communs\aol\1143568535\ee\services\antiSpywareApp\ver2_0_28_1\AOLSP Scheduler.exe
c:\program files\fichiers communs\aol\1143568535\ee\aolsoftware.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\GRISOFT\AVG Anti-Rootkit Free\avgarkt.exe
C:\Program Files\GRISOFT\AVG Anti-Rootkit Free\j3ET.exe
C:\Program Files\AOL 9.0a\waol.exe
C:\Program Files\AOL 9.0a\shellmon.exe
C:\Program Files\Fichiers communs\Aol\aoltpspd.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.free.fr/freebox/index.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll
O2 - BHO: (no name) - {D9E61AA8-3358-38C4-7206-58B7BB51EB6A} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [iamapp] C:\Program Files\Norton Internet Security\IAMAPP.EXE
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1143568535\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [swg] C:\Program Files

Essai encore§§§§§§§§§§§
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:19:32, on 10/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Apps\ActivBoard\nhksrv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\System32\dllhost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton Internet Security\NISUM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Norton Internet Security\SymProxySvc.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Norton Internet Security\NISSERV.EXE
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Norton Internet Security\IAMAPP.EXE
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Fichiers communs\AOL\1143568535\ee\AOLSoftware.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Palm\HOTSYNC.EXE
c:\program files\fichiers communs\aol\1143568535\ee\services\antiSpywareApp\ver2_0_28_1\AOLSP Scheduler.exe
c:\program files\fichiers communs\aol\1143568535\ee\aolsoftware.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\GRISOFT\AVG Anti-Rootkit Free\avgarkt.exe
C:\Program Files\GRISOFT\AVG Anti-Rootkit Free\j3ET.exe
C:\Program Files\AOL 9.0a\waol.exe
C:\Program Files\AOL 9.0a\shellmon.exe
C:\Program Files\Fichiers communs\Aol\aoltpspd.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.free.fr/freebox/index.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll
O2 - BHO: (no name) - {D9E61AA8-3358-38C4-7206-58B7BB51EB6A} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [iamapp] C:\Program Files\Norton Internet Security\IAMAPP.EXE
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1143568535\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [POKE AUDIO] C:\DOCUME~1\yannick\APPLIC~1\ONEMP3~1\copy meow boob.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Hotsync Manager.LNK = C:\Palm\HOTSYNC.EXE
O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart17.exe
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Packard Bell - {1D49B7D4-524D-4ac9-BC34-B4822CAE4BB1} - C:\Apps\IECustom\script.htm
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Porno-Mateur - {7FFF944B-4518-43C0-82F2-CD9453575BFF} - C:\Documents and Settings\yannick\Menu Démarrer\Programmes\Porno-Mateur\Porno-Mateur.lnk (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\AIM.EXE (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=https://www.free.fr/freebox/index.html
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://imin.cvf.fr/imin_data/ocx/MDM.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {17D8B270-9C15-11D3-8F03-00105A9965CA} - http://www.easyclick.com/ie/pc/ec.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {31588C30-7BF8-4194-A42F-4D925DCB1859} - https://fr.yahoo.com/
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - https://www.cult3d.com/
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.fr/computercheckup/qdiagcc.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-17.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/280a2eed77e5ee97a217/netzip/RdxIE601_fr.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {7B804666-6A0B-4ADE-9DD8-356FCA06C509} - http://www.powerged.com/install/FR/PowerGED.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object) - http://www.fnacmusic.com/telechargementFnacmusic/FnacComposant.cab
O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} (SAIX) - http://static.zangocash.com/cab/Zango/ie/bridge-c2.cab?42fa1e8e090a7b6d9a41dcca4de1090231460609a6350ba15b3a43283a940ee103f519ca8154604f0beae4bbafc63588c46e4d1b956cc4961e68ce624b211f420224:d72f3087365a15a695e3d96e225dd94f
O16 - DPF: {E15111B0-95AE-4C05-B91F-F4564057990C} (MovieSystem WAY) - http://services.moviesystem.com/cabs/msway.cab
O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71} (InfosFinder2.InfosFinder) - http://support.packardbell.com/files/activex/InfosFinder2.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{9392014F-4900-4F71-B3AD-7E2716E5E5CB}: NameServer = 84.103.237.142 86.64.145.142
O17 - HKLM\System\CCS\Services\Tcpip\..\{F92338DE-474F-4EB3-99ED-13A7DB0C8B30}: NameServer = 205.188.146.145
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe
O23 - Service: Norton Internet Security Service (NISSERV) - Symantec Corporation - C:\Program Files\Norton Internet Security\NISSERV.EXE
O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Norton Internet Security\NISUM.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Norton Internet Security Proxy Service (SymProxySvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\SymProxySvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

POUFFFFFFF!!! + facile de choper un virus
En esperant
Merci pour la patience
a+
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:19:32, on 10/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Apps\ActivBoard\nhksrv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\System32\dllhost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton Internet Security\NISUM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Norton Internet Security\SymProxySvc.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Norton Internet Security\NISSERV.EXE
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Norton Internet Security\IAMAPP.EXE
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Fichiers communs\AOL\1143568535\ee\AOLSoftware.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Palm\HOTSYNC.EXE
c:\program files\fichiers communs\aol\1143568535\ee\services\antiSpywareApp\ver2_0_28_1\AOLSP Scheduler.exe
c:\program files\fichiers communs\aol\1143568535\ee\aolsoftware.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\GRISOFT\AVG Anti-Rootkit Free\avgarkt.exe
C:\Program Files\GRISOFT\AVG Anti-Rootkit Free\j3ET.exe
C:\Program Files\AOL 9.0a\waol.exe
C:\Program Files\AOL 9.0a\shellmon.exe
C:\Program Files\Fichiers communs\Aol\aoltpspd.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.free.fr/freebox/index.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll
O2 - BHO: (no name) - {D9E61AA8-3358-38C4-7206-58B7BB51EB6A} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Multi Media Toolbar - {b5146c40-189a-4311-bda9-fbae3e023187} - C:\Program Files\Multi_Media\tbMult.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [iamapp] C:\Program Files\Norton Internet Security\IAMAPP.EXE
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1143568535\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [POKE AUDIO] C:\DOCUME~1\yannick\APPLIC~1\ONEMP3~1\copy meow boob.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Hotsync Manager.LNK = C:\Palm\HOTSYNC.EXE
O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart17.exe
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Packard Bell - {1D49B7D4-524D-4ac9-BC34-B4822CAE4BB1} - C:\Apps\IECustom\script.htm
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Porno-Mateur - {7FFF944B-4518-43C0-82F2-CD9453575BFF} - C:\Documents and Settings\yannick\Menu Démarrer\Programmes\Porno-Mateur\Porno-Mateur.lnk (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\AIM.EXE (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=https://www.free.fr/freebox/index.html
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://imin.cvf.fr/imin_data/ocx/MDM.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {17D8B270-9C15-11D3-8F03-00105A9965CA} - http://www.easyclick.com/ie/pc/ec.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {31588C30-7BF8-4194-A42F-4D925DCB1859} - https://fr.yahoo.com/
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - https://www.cult3d.com/
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.fr/computercheckup/qdiagcc.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-17.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/280a2eed77e5ee97a217/netzip/RdxIE601_fr.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {7B804666-6A0B-4ADE-9DD8-356FCA06C509} - http://www.powerged.com/install/FR/PowerGED.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object) - http://www.fnacmusic.com/telechargementFnacmusic/FnacComposant.cab
O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} (SAIX) - http://static.zangocash.com/cab/Zango/ie/bridge-c2.cab?42fa1e8e090a7b6d9a41dcca4de1090231460609a6350ba15b3a43283a940ee103f519ca8154604f0beae4bbafc63588c46e4d1b956cc4961e68ce624b211f420224:d72f3087365a15a695e3d96e225dd94f
O16 - DPF: {E15111B0-95AE-4C05-B91F-F4564057990C} (MovieSystem WAY) - http://services.moviesystem.com/cabs/msway.cab
O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71} (InfosFinder2.InfosFinder) - http://support.packardbell.com/files/activex/InfosFinder2.CAB
O17 - HKLM\System\CCS\Services\Tcpip\..\{9392014F-4900-4F71-B3AD-7E2716E5E5CB}: NameServer = 84.103.237.142 86.64.145.142
O17 - HKLM\System\CCS\Services\Tcpip\..\{F92338DE-474F-4EB3-99ED-13A7DB0C8B30}: NameServer = 205.188.146.145
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe
O23 - Service: Norton Internet Security Service (NISSERV) - Symantec Corporation - C:\Program Files\Norton Internet Security\NISSERV.EXE
O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\Program Files\Norton Internet Security\NISUM.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Norton Internet Security Proxy Service (SymProxySvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\SymProxySvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

Voilà la première parte
merci pour l'aide
# Rapport Lopxp fait le 10/04/2008 à 20:17:52
# Exécuté dans : C:\Program Files\Lopxp
# Version 3.09 - Maj du 28/02/2008


========== FixLog ==========


+- C:\Documents and Settings\All Users\Application Data\Scr Multi Bird Idol
Choix utilisateur : Suppression acceptée.
Déplacé avec succès.

+- C:\Documents and Settings\yannick\Application Data\one mp3
Choix utilisateur : Suppression acceptée.
Déplacé avec succès.

+- C:\Program Files\Adverts
Choix utilisateur : Suppression acceptée.
Déplacé avec succès.

+- C:\Program Files\one mp3
Choix utilisateur : Suppression acceptée.
Déplacé avec succès.

Supprimé: C:\Documents and Settings\yannick\Application Data\BitDownload
Supprimé: C:\Program Files\BitDownload
/!\ C:\Program Files\Multi_Media

+- Registre :
Nettoyage effectué.

+- Fichiers temporaires :
Nettoyage effectué.


========== Listing des dossiers Application Data

+- C:\Documents and Settings\All Users\Application Data

2007-01-20 à 09:57:22 - Adobe
2007-02-17 à 11:25:34 - AOL
2007-02-19 à 17:30:54 - Autodesk
2002-07-30 à 17:16:47 - CyberLink
2006-11-25 à 18:26:58 - Google
2004-06-05 à 08:44:53 - GTek
2005-11-23 à 18:28:16 - Messenger Plus!
2007-08-23 à 12:45:50 - Microsoft
2002-09-08 à 11:03:24 - MSN6
2004-07-05 à 17:54:49 - nView_Profiles
2005-09-16 à 18:40:22 - QuickTime
2002-07-30 à 17:00:24 - SBSI
2008-02-23 à 14:43:17 - SolidDocuments
2006-11-18 à 15:49:33 - Symantec
2004-09-01 à 17:51:36 - Ulead Systems
2004-06-02 à 17:57:58 - Viewpoint
2006-03-26 à 18:31:27 - WinAntiVirus Pro 2006
2005-09-24 à 11:23:09 - Windows Genuine Advantage
2005-05-01 à 15:14:28 - Windows Messenger_5.0.0482
2008-03-20 à 18:07:40 - WLInstaller

+- C:\Documents and Settings\Propri‚taire\Application Data

2002-07-30 à 17:06:24 - Adobe
2002-07-30 à 16:58:04 - Identities
2002-07-30 à 17:06:24 - InterTrust
2002-07-30 à 16:46:20 - Microsoft

+- C:\Documents and Settings\Propri‚taire\Local Settings\Application Data

2002-07-30 à 16:57:44 - Microsoft

+- C:\Documents and Settings\yannick\Application Data

2007-11-15 à 18:45:24 - Adobe
2007-01-20 à 09:54:01 - AdobeUM
2003-02-14 à 17:41:09 - Aim
2004-06-02 à 17:59:38 - AOL
2007-02-18 à 17:10:58 - Autodesk
2008-03-28 à 14:26:22 - Canon
2007-03-04 à 15:16:23 - DivX
2005-05-01 à 10:31:34 - FUJIFILM
2006-11-03 à 09:43:14 - Google
2004-06-05 à 08:44:54 - GTek
2002-09-14 à 13:13:21 - Help
2003-02-16 à 10:24:14 - Identities
2002-07-30 à 17:06:24 - InterTrust
2006-05-14 à 06:35:29 - Lavasoft
2004-07-05 à 17:12:20 - Leadertech
2007-10-16 à 18:09:44 - Macromedia
2006-11-02 à 20:34:57 - Microsoft
2002-09-27 à 19:13:23 - Microsoft Web Folders
2003-03-30 à 16:04:06 - MSN6
2006-10-01 à 14:02:19 - Real
2008-02-07 à 18:53:35 - Samsung
2008-04-06 à 10:51:18 - SolidDocuments
2001-12-31 à 23:22:09 - Sun
2002-09-08 à 10:28:28 - Symantec
2004-08-27 à 14:07:29 - Ulead Systems
2003-01-02 à 16:12:56 - VERITAS
2004-06-02 à 17:58:03 - You've Got Pictures Screensaver

+- C:\Documents and Settings\yannick\Local Settings\Application Data

2005-03-29 à 18:49:34 - Adobe
2003-10-26 à 10:22:31 - Adobe SVG Viewer
2007-01-06 à 18:25:28 - AOL
2007-02-18 à 16:41:56 - Autodesk
2004-03-20 à 13:09:33 - Gearbox Software
2006-11-03 à 09:43:14 - Google
2003-09-13 à 13:38:43 - Help
2003-02-16 à 10:24:14 - Identities
2006-12-22 à 17:57:32 - IM
2005-09-16 à 19:09:35 - Logitech-LS
2007-10-25 à 19:13:48 - Microsoft
2006-03-29 à 16:14:45 - toaster
2006-12-31 à 18:35:23 - WMTools Downloaded Files

========== Listing du dossier Program Files

+- C:\Program Files

2005-06-28 à 17:21:37 - Adobe
2005-09-24 à 08:13:25 - Alwil Software
2004-04-24 à 16:03:28 - American Systems
2002-09-08 à 11:56:15 - AND
2007-01-06 à 18:27:50 - AOL
2006-11-17 à 17:59:50 - AOL 9.0
2007-06-29 à 18:55:44 - AOL 9.0a
2005-06-23 à 17:41:40 - AOL Compagnon
2006-12-21 à 16:58:57 - AOL Toolbar
2003-09-20 à 16:54:00 - ArcSoft
2008-01-02 à 17:16:48 - AutoCAD 2007
2007-02-19 à 17:28:10 - Autodesk
2002-07-30 à 17:07:43 - BackWeb
2007-02-18 à 11:51:11 - BitLord
2002-09-19 à 13:15:22 - Caere
2005-10-16 à 15:16:00 - Canon
2005-10-16 à 08:59:06 - CCleaner
2002-07-30 à 17:16:45 - CyberLink
2007-02-18 à 16:14:13 - DAEMON Tools
2008-01-27 à 09:28:57 - DesignPro 2000
2007-03-04 à 15:20:21 - DivX
2008-03-03 à 18:48:27 - eMule
2002-11-29 à 20:24:06 - EuroTool
2007-03-04 à 17:58:01 - ffdshow
2008-03-20 à 18:08:05 - Fichiers communs
2005-10-16 à 12:28:32 - FinePixViewer
2005-02-05 à 18:25:57 - Fnacmusic
2006-01-05 à 18:37:44 - GDivX Zenith Player
2004-11-11 à 13:55:35 - GedLink
2007-01-28 à 08:22:43 - Google
2008-04-09 à 17:05:34 - GRISOFT
2008-01-07 à 13:05:37 - Guitar Pro 4
2004-03-19 à 18:28:49 - GénéaTique2004
2004-10-17 à 07:32:24 - GénéaTiqueMX
2004-03-19 à 18:42:56 - Génécarte
2002-07-30 à 17:15:29 - HandyBits
2004-04-13 à 09:16:52 - HighMAT CD Writing Wizard
2005-03-27 à 10:15:49 - Illustrate
2007-08-08 à 17:41:42 - IncrediMail
2007-12-23 à 12:03:24 - InstallShield Installation Information
2007-11-05 à 18:23:03 - Internet Explorer
2004-12-23 à 16:12:21 - IrfanView
2008-02-13 à 18:10:34 - Java
2003-09-16 à 20:03:16 - Java Web Start
2003-09-16 à 20:03:16 - Java Web Start(2)
2002-09-08 à 12:57:12 - JavaSoft
2005-09-16 à 19:26:06 - Logitech
2008-04-10 à 18:18:51 - Lopxp
2007-05-29 à 20:52:25 - Messenger
2007-08-29 à 10:48:33 - Messenger Plus! Live
2006-09-27 à 17:25:17 - MessengerPlus! 3
2006-11-26 à 20:52:28 - Micro Application
2003-03-07 à 17:47:07 - microsoft frontpage
2002-07-30 à 17:16:14 - Microsoft Money
2003-02-27 à 17:41:01 - Microsoft Office
2003-03-07 à 17:49:47 - Microsoft Visual Studio
2002-07-30 à 16:58:42 - MouseWare
2005-03-03 à 23:07:13 - Movie Maker
2006-03-23 à 17:48:11 - MP3 Player Utilities 1.47
2003-06-06 à 16:31:04 - MSN
2002-07-30 à 16:50:48 - MSN Gaming Zone
2007-08-29 à 10:48:33 - MSN Messenger
2007-02-27 à 17:44:49 - MSXML 4.0
2008-04-10 à 18:18:46 - Multi_Media
2005-03-03 à 23:00:05 - NetMeeting
2008-04-10 à 17:49:47 - Norton Internet Security
2003-06-17 à 21:28:04 - Nullsoft
2003-02-12 à 17:34:46 - OfficeUpdate
2007-03-03 à 11:36:50 - Orban
2007-11-05 à 18:17:09 - Outlook Express
2004-11-01 à 10:41:32 - Photos de Famille
2005-07-19 à 18:00:14 - PIXELA
2005-07-19 à 17:58:31 - PIXELA(2)
2008-02-20 à 17:51:24 - psconvert
2006-10-01 à 14:10:58 - QuickTime
2004-02-28 à 08:08:58 - Raven
2002-07-30 à 17:10:25 - Real
2005-07-19 à 18:00:38 - REGSHAVE
2006-12-20 à 10:29:47 - Rip It !
2008-03-18 à 19:40:42 - Samsung
2002-07-30 à 17:07:07 - SBApps
2008-02-23 à 16:16:37 - SolidDocuments
2006-10-01 à 11:59:43 - Symantec
2004-08-14 à 09:50:20 - SymNetDrv
2004-06-02 à 17:51:46 - TechCity Solutions
2008-01-06 à 16:01:02 - Terre
2008-04-10 à 17:17:15 - Trend Micro
2004-06-19 à 12:23:37 - Ubi Soft
2004-09-01 à 17:40:31 - Ulead Systems
2004-07-05 à 17:11:03 - Uninstall Information
2003-02-14 à 16:42:16 - Viewpoint
2002-07-30 à 17:10:46 - Virtual CD v4 SDK
2004-10-17 à 07:32:28 - Win Généalogic
2003-02-15 à 21:09:33 - Windows Journal Viewer
2008-03-20 à 18:07:48 - Windows Live
2007-03-03 à 15:54:41 - Windows Media Connect 2
2007-03-04 à 14:33:02 - Windows Media Player
2005-03-03 à 22:59:53 - Windows NT
2004-08-19 à 08:42:09 - WindowsUpdate
2004-12-04 à 09:24:42 - WinRAR
2003-02-12 à 11:10:48 - WinZip
2002-07-30 à 16:54:40 - xerox

========== Tâches planifiées

Rappel d'enregistrement 3.job: C:\WINDOWS\System32\OOBE\oobebaln.exe /sys /r /n:3
Symantec NetDetect.job: C:\Program Files\Symantec\LiveUpdate\NDetect.exe

========== Clés registre


========== Bloqueur popups Internet Explorer

www.lop.com

========== Suggestion ( /!\ Nécessite une interprétation.) ==========

C:\Program Files\Multi_Media

+- Registre : Aucune suggestion.


- Fin du rapport -

et la deuxieme
merci
Search Navipromo version 3.5.3 commencé le 10/04/2008 à 20:26:09.09

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files\navilog1
Session actuelle : "yannick"

Mise à jour le 09.04.2008 à 20h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 6.0.2900.2180
Système de fichiers : NTFS

Executé en mode normal

*** Recherche Programmes installés ***




*** Recherche dossiers dans C:\WINDOWS ***



*** Recherche dossiers dans C:\Program Files ***



*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***




*** Recherche dossiers dans "C:\Documents and Settings\yannick\applic~1" ***



*** Recherche dossiers dans "C:\Documents and Settings\yannick\locals~1\applic~1" ***



*** Recherche dossiers dans "C:\Documents and Settings\yannick\menudm~1\progra~1" ***


*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUD?~1\PROGRA~1 ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

Aucun Fichier trouvé



*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans C:\WINDOWS\system32 *

* Recherche dans "C:\Documents and Settings\yannick\locals~1\applic~1" *

* Recherche dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" *



*** Recherche fichiers ***




*** Recherche clés spécifiques dans le Registre ***


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans C:\WINDOWS\system32 :


* Dans "C:\Documents and Settings\yannick\locals~1\applic~1" :


* Dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" :


3)Recherche Certificats :

Certificat Egroup absent !
Certificat Electronic-Group absent !
Certificat OOO-Favorit absent !
Certificat Sunny-Day-Design-Ltd absent !

4)Recherche fichiers connus :



*** Analyse terminée le 10/04/2008 à 20:35:41.95 ***

impossible de supprimer le dossier(meme en décochant la case lecture seule)
fichier: tbMult.dll 4.5.134.0 conduit toolbar
merci

Bonjour,
Après avoir lancer CCleaner et nettoyer plusieurs fois, j'ai télécharger AVG antispyware avec le lien, lorsque je lance AVG l'ordi s'éteint............
Le FAMEUX ROOktit est toujours là (il s'accroche le bougre).
Merci pour ta patience

Bonsoir,
Gros problème pour rallumer l'ordi, j'ai réussi à rallumer l'ordi en mode sans echec et scanner avec avg, mais Bitdefender me chootait l'ordi. Après pleins de tentative (sans echec, derniere bonne config, j'ai réussi a entrer dans les programmes en passant par deboger l'ordi) supprimer Bitdefender d'où ma reponse tardive.
le rookit est toujours présent, je joins le rapport avg.
merci pour l'aide
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 17:47:56 12/04/2008

+ Résultat de l'analyse:



HKU\S-1-5-21-436374069-1343024091-1801674531-1006\Software\INSTAFINK -> Adware.InstaFinder : Ignoré.
HKU\S-1-5-21-436374069-1343024091-1801674531-1006\Software\INSTAFINK\Reports -> Adware.InstaFinder : Ignoré.
HKU\S-1-5-21-436374069-1343024091-1801674531-1006\Software\INSTAFINK\Reports\38445 -> Adware.InstaFinder : Ignoré.
HKU\S-1-5-21-436374069-1343024091-1801674531-1006\Software\INSTAFINK\Reports\38446 -> Adware.InstaFinder : Ignoré.
HKU\S-1-5-21-436374069-1343024091-1801674531-1006\Software\INSTAFINK\Reports\38447 -> Adware.InstaFinder : Ignoré.
HKU\S-1-5-21-436374069-1343024091-1801674531-1006\Software\INSTAFINK\Reports\38449 -> Adware.InstaFinder : Ignoré.
HKU\S-1-5-21-436374069-1343024091-1801674531-1006\Software\INSTAFINK\Stat -> Adware.InstaFinder : Ignoré.
C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006 -> Adware.RogueSuspect : Ignoré.
HKLM\SYSTEM\CurrentControlSet\Services\vspf -> Adware.WinAntiVirus : Ignoré.
HKLM\SYSTEM\CurrentControlSet\Services\vspf\Security -> Adware.WinAntiVirus : Ignoré.
HKLM\SYSTEM\CurrentControlSet\Services\vspf_hk -> Adware.WinAntiVirus : Ignoré.
HKLM\SYSTEM\CurrentControlSet\Services\vspf_hk\Security -> Adware.WinAntiVirus : Ignoré.
C:\WINDOWS\Downloaded Program Files\aolwc.exe -> Dialer.Generic : Ignoré.
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\USDR6V_0001_D18M3107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : Ignoré.
C:\WINDOWS\Downloaded Program Files\CONFLICT.2\USDR6V_0001_D18M3107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : Ignoré.
C:\WINDOWS\Downloaded Program Files\CONFLICT.3\USDR6V_0001_D18M3107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : Ignoré.
C:\WINDOWS\Downloaded Program Files\CONFLICT.4\USDR6V_0001_D18M3107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : Ignoré.
C:\WINDOWS\Downloaded Program Files\USDR6V_0001_D18M3107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : Ignoré.
C:\Documents and Settings\yannick\Cookies\yannick@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
C:\Documents and Settings\yannick\Cookies\yannick@opodo.122.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
C:\Documents and Settings\yannick\Cookies\yannick@advertising[1].txt -> TrackingCookie.Advertising : Ignoré.
C:\Documents and Settings\yannick\Cookies\yannick@atdmt[1].txt -> TrackingCookie.Atdmt : Ignoré.
C:\Documents and Settings\yannick\Cookies\yannick@bluestreak[2].txt -> TrackingCookie.Bluestreak : Ignoré.
C:\Documents and Settings\yannick\Cookies\yannick@doubleclick[2].txt -> TrackingCookie.Doubleclick : Ignoré.
C:\Documents and Settings\yannick\Cookies\yannick@estat[1].txt -> TrackingCookie.Estat : Ignoré.
C:\Documents and Settings\yannick\Cookies\yannick@ehg-irb.hitbox[1].txt -> TrackingCookie.Hitbox : Ignoré.
C:\Documents and Settings\yannick\Cookies\yannick@mediaplex[1].txt -> TrackingCookie.Mediaplex : Ignoré.
C:\Documents and Settings\yannick\Cookies\yannick@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Ignoré.
C:\Documents and Settings\yannick\Cookies\yannick@statcounter[1].txt -> TrackingCookie.Statcounter : Ignoré.
C:\Documents and Settings\yannick\Cookies\yannick@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Ignoré.
C:\Documents and Settings\yannick\Cookies\yannick@weborama[1].txt -> TrackingCookie.Weborama : Ignoré.


Fin du rapport

ok en esperant que l'ordi supporte
++

Voilà le rapport
il reste des traces de BitDefender comment les supprimer?????????

a priori le fichier asc 35530 est supprimé pas de massage d'avast et il me semble le voir sur le rapport
merci de ton aide et de ta patience

ComboFix 08-04-11.8 - yannick 2008-04-12 22:00:52.1 - NTFSx86 MINIMAL
Endroit: C:\Documents and Settings\yannick\Mes documents\Mes fichiers reçus\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006
C:\Program Files\Fichiers communs\winantivirus pro 2006
C:\Program Files\Fichiers communs\WinSoftware
C:\WINDOWS\system32\drivers\asc3550p.sys
C:\WINDOWS\system32\MabryObj.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_ASC3550P
-------\Legacy_NISUM
-------\Service_asc3550p
-------\Service_NISUM


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-12 to 2008-04-12 ))))))))))))))))))))))))))))))))))))
.

2008-04-12 21:21 . 2008-04-12 21:21 85,520 --a------ C:\WINDOWS\system32\drivers\bdfndisf.sys
2008-04-12 18:10 . 2002-07-30 19:08 <REP> d----c--- C:\Documents and Settings\Administrateur\WINDOWS
2008-04-12 18:10 . 2002-07-30 18:46 <REP> d--h-c--- C:\Documents and Settings\Administrateur\Voisinage r‚seau
2008-04-12 18:10 . 2002-07-30 18:46 <REP> d--h-c--- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-04-12 18:10 . 2002-07-30 18:46 <REP> d--h-c--- C:\Documents and Settings\Administrateur\ModŠles
2008-04-12 18:10 . 2002-07-30 19:06 <REP> dr---c--- C:\Documents and Settings\Administrateur\Mes documents
2008-04-12 18:10 . 2002-07-30 18:46 <REP> dr---c--- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-04-12 18:10 . 2002-07-30 19:10 <REP> dr---c--- C:\Documents and Settings\Administrateur\Favoris
2008-04-12 18:10 . 2002-07-30 19:15 <REP> dr---c--- C:\Documents and Settings\Administrateur\Bureau
2008-04-12 18:10 . 2002-07-30 19:06 <REP> d----c--- C:\Documents and Settings\Administrateur\Application Data\InterTrust
2008-04-11 19:38 . 2008-04-12 21:54 121 --a------ C:\WINDOWS\bdagent.INI
2008-04-11 19:30 . 2008-04-11 19:30 <REP> d----c--- C:\Documents and Settings\yannick\Application Data\BitDefender
2008-04-11 19:27 . 2008-04-11 19:28 <REP> d-------- C:\Program Files\BitDefender
2008-04-11 19:27 . 2008-04-11 19:29 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\BitDefender
2008-04-11 19:21 . 2008-04-11 19:28 <REP> d-------- C:\Program Files\Fichiers communs\BitDefender
2008-04-10 22:10 . 2008-04-10 22:10 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2008-04-10 22:01 . 2008-04-10 22:01 <REP> d----c--- C:\Documents and Settings\yannick\Application Data\Grisoft
2008-04-10 22:00 . 2008-04-10 22:00 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-04-10 22:00 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-04-10 21:52 . 2008-04-10 21:52 <REP> d-------- C:\Program Files\Yahoo!
2008-04-10 20:24 . 2008-04-10 20:36 <REP> d-------- C:\Program Files\Navilog1
2008-04-10 20:02 . 2008-04-10 20:18 <REP> d-------- C:\Program Files\Lopxp
2008-04-10 19:17 . 2008-04-10 19:17 <REP> d-------- C:\Program Files\Trend Micro
2008-04-09 19:05 . 2007-01-18 14:00 3,968 --a------ C:\WINDOWS\system32\drivers\AvgArCln.sys
2008-04-02 18:53 . 2008-03-29 19:31 75,856 --a------ C:\WINDOWS\system32\drivers\aswSP.sys
2008-04-02 18:53 . 2008-03-29 19:35 20,560 --a------ C:\WINDOWS\system32\drivers\aswFsBlk.sys
2008-03-23 15:56 . 2007-07-30 20:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-03-23 15:56 . 2007-07-30 20:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-03-23 15:56 . 2007-07-30 20:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-03-20 20:08 . 2008-03-20 20:08 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-03-20 20:07 . 2008-03-20 20:07 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\WLInstaller

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-12 20:10 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2008-04-12 18:49 --------- d-----w C:\Program Files\Norton Internet Security
2008-04-10 18:54 --------- d-----w C:\WINDOWS\system32\config\systemprofile\Application Data\SolidDocuments
2008-04-10 18:18 --------- d-----w C:\Program Files\Multi_Media
2008-04-06 10:51 --------- dc----w C:\Documents and Settings\yannick\Application Data\SolidDocuments
2008-03-29 17:35 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2008-03-29 17:29 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2008-03-29 17:27 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2008-03-29 17:26 26,944 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2008-03-28 14:26 --------- dc----w C:\Documents and Settings\yannick\Application Data\Canon
2008-03-27 18:57 80,744 -c--a-w C:\Documents and Settings\yannick\Application Data\GDIPFONTCACHEV1.DAT
2008-03-20 18:07 --------- d-----w C:\Program Files\Windows Live
2008-03-18 19:40 --------- d-----w C:\Program Files\Samsung
2008-03-03 18:48 --------- d-----w C:\Program Files\eMule
2008-02-23 16:16 --------- d-----w C:\Program Files\SolidDocuments
2008-02-23 14:43 --------- dc----w C:\Documents and Settings\All Users\Application Data\SolidDocuments
2008-02-20 17:51 --------- d-----w C:\Program Files\psconvert
2008-02-13 18:10 --------- d-----w C:\Program Files\Java
2001-02-20 19:49 54,784 -c--a-w C:\Documents and Settings\yannick\TheEnd.exe
2001-02-20 15:04 788,347 -c--a-w C:\Documents and Settings\yannick\all3934.dll
2000-03-27 09:53 4,096 -c--a-w C:\Documents and Settings\yannick\mingwm10.dll
2000-02-29 23:18 1,688,379 -c--a-w C:\Documents and Settings\yannick\sound.dat
2000-02-29 22:44 365,718 -c--a-w C:\Documents and Settings\yannick\level10.dat
2000-02-29 22:43 349,645 -c--a-w C:\Documents and Settings\yannick\level7.dat
2000-02-29 21:24 12,523 -c--a-w C:\Documents and Settings\yannick\enddat.dat
2000-02-29 15:20 136,824 -c--a-w C:\Documents and Settings\yannick\title.dat
2000-01-03 02:13 54,715 -c--a-w C:\Documents and Settings\yannick\bonus.dat
2000-01-03 01:46 351,774 -c--a-w C:\Documents and Settings\yannick\level4.dat
1999-12-24 03:54 351,367 -c--a-w C:\Documents and Settings\yannick\level1.dat
1997-01-03 17:15 220,648 -c--a-w C:\Documents and Settings\yannick\PACPC2.EXE
2004-08-19 23:09 65,024 --sha-w C:\WINDOWS\system32\asycfilt.dll
2006-08-25 15:51 617,472 --sha-w C:\WINDOWS\system32\comctl32.dll
2004-08-19 23:09 1,028,096 --sha-w C:\WINDOWS\system32\mfc42.dll
2001-08-28 10:00 57,344 --sha-w C:\WINDOWS\system32\mfc42loc.dll
1995-09-20 15:16 35,088 --sha-w C:\WINDOWS\system32\msjint32.dll
1995-09-20 15:13 977,680 --sha-w C:\WINDOWS\system32\msjt3032.dll
1995-09-20 15:16 23,824 --sha-w C:\WINDOWS\system32\msjter32.dll
2004-08-19 23:09 413,696 --sha-w C:\WINDOWS\system32\msvcp60.dll
2004-08-19 23:09 343,040 --sha-w C:\WINDOWS\system32\msvcrt.dll
2001-08-28 10:00 253,952 --sha-w C:\WINDOWS\system32\msvcrt20.dll
2007-05-17 11:29 549,376 --sha-w C:\WINDOWS\system32\oleaut32.dll
2004-08-19 23:09 83,456 --sha-w C:\WINDOWS\system32\olepro32.dll
2004-08-19 23:09 30,749 --sha-w C:\WINDOWS\system32\vbajet32.dll
1995-09-24 10:02 243,472 --sha-w C:\WINDOWS\system32\vbar2232.dll
2000-01-11 15:20 368,912 --sha-w C:\WINDOWS\system32\vbar332.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-19 21:46 68856]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 13:55 5674352]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EM_EXEC"="C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE" [2002-01-28 09:43 35328]
"iamapp"="C:\Program Files\Norton Internet Security\IAMAPP.EXE" [2001-11-13 03:43 382584]
"AOLSAV"="C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe" [2004-11-10 17:18 80384]
"HostManager"="C:\Program Files\Fichiers communs\AOL\1143568535\ee\AOLSoftware.exe" [2006-11-17 15:16 50736]
"NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2004-04-23 13:24 46080]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2004-04-23 13:24 3756032]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 11:52 221184]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 19:37 79224]
"AOLDialer"="C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe" [2007-06-21 12:01 70952]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-01 16:10 98304]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2006-10-01 15:58 185784]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 15:46 61440]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-02-16 17:45 360448]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoLogoff"= 0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ :\WINDOWS\syste

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Contrôleur de calendrier Ulead.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Contrôleur de calendrier Ulead.lnk
backup=C:\WINDOWS\pss\Contrôleur de calendrier Ulead.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Logitech Desktop Messenger.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
backup=C:\WINDOWS\pss\Logitech Desktop Messenger.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Microsoft Office.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
backup=C:\WINDOWS\pss\Microsoft Office.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^MyWebSearch Email Plugin.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\MyWebSearch Email Plugin.lnk
backup=C:\WINDOWS\pss\MyWebSearch Email Plugin.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Raccourci vers ashDisp.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Raccourci vers ashDisp.lnk
backup=C:\WINDOWS\pss\Raccourci vers ashDisp.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^yannick^Menu Démarrer^Programmes^Démarrage^HotSync Manager.lnk]
path=C:\Documents and Settings\yannick\Menu Démarrer\Programmes\Démarrage\HotSync Manager.lnk
backup=C:\WINDOWS\pss\HotSync Manager.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^yannick^Menu Démarrer^Programmes^Démarrage^MyWebSearch Email Plugin.lnk]
path=C:\Documents and Settings\yannick\Menu Démarrer\Programmes\Démarrage\MyWebSearch Email Plugin.lnk
backup=C:\WINDOWS\pss\MyWebSearch Email Plugin.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ACTIVBOARD]
--a--c--- 2001-05-03 18:41 159744 C:\Apps\ActivBoard\MMKeybd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ActivSurf]
--a--c--- 2002-07-30 19:07 16384 C:\apps\ActivSurf\4448364\Program\backweb-4448364.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Birdidolslowactive]
C:\Documents and Settings\All Users\Application Data\Scr Multi Bird Idol\internetgreat.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner]
--a--c--- 2007-11-22 18:10 787696 C:\Program Files\CCleaner\ccleaner.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cFosInst_Check]
--a--c--- 2001-10-24 19:44 352311 C:\WINDOWS\cFosOEM\cfosinst.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2004-08-20 01:09 15360 C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
--a------ 2006-11-12 12:48 157592 C:\Program Files\DAEMON Tools\daemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LDM]
--a--c--- 2005-09-16 20:42 20480 C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechSoftwareUpdate]
--a--c--- 2004-10-08 12:06 196608 C:\Program Files\Logitech\Video\ManifestEngine.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoRepair]
--a--c--- 2004-10-08 12:31 458752 C:\Program Files\Logitech\Video\ISStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogitechVideoTray]
--a--c--- 2004-10-08 12:24 217088 C:\Program Files\Logitech\Video\LogiTray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Media Gateway]
C:\Program Files\Media Gateway\MediaGateway.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MessengerPlus3]
--a--c--- 2006-09-27 19:25 190024 C:\Program Files\MessengerPlus! 3\MsgPlus.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-01-19 13:55 5674352 C:\Program Files\MSN Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Web Search Bar]
C:\PROGRA~1\MYWEBS~1\bar\7.bin\MWSBAR.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
C:\PROGRA~1\MYWEBS~1\bar\7.bin\mwsoemon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2004-04-23 13:24 831488 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OmniPage]
--a--c--- 1998-10-28 13:09 44032 C:\Program Files\Caere\OmniPagePro90\opware32.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\pdfSaver3]
C:\Program Files\Tracker Software\PDF-XChange 3\pdfSaver\pdfSaver3.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Piolet]
C:\Program Files\Piolet\Piolet.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\POKE AUDIO]
C:\DOCUME~1\yannick\APPLIC~1\ONEMP3~1\copy meow boob.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a--c--- 2006-10-01 16:10 98304 C:\Program Files\QuickTime\qttask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
--a--c--- 2006-10-01 15:58 214448 C:\Program Files\Real\RealPlayer\RealPlay.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\REGSHAVE]
-----c--- 2002-02-04 22:32 53248 C:\Program Files\REGSHAVE\REGSHAVE.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shareaza]
C:\Program Files\Shareaza\Shareaza.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Symantec NetDriver Monitor]
--a------ 2006-10-01 13:58 100056 C:\PROGRA~1\SYMNET~1\SNDMon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
--a--c--- 2006-10-01 15:58 185784 C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Update Service]
--a-sc--- 2002-07-30 19:15 30208 C:\PROGRA~1\FICHIE~1\TEKNUM~1\update.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UserFaultCheck]
C:\WINDOWS\system32\dumprep 0 -u

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VCSPlayer]
--a--c--- 2002-05-06 09:53 94208 C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\APPS\\ActivSurf\\4448364\\Program\\backWeb-4448364.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\AOL 9.0\\waol.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\WINDOWS\\system32\\mmc.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"=
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"C:\\WINDOWS\\system32\\fxsclnt.exe"=
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLAcsd.exe"=
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\AOL 9.0a\\waol.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\StubInstaller.exe"=
"C:\\Program Files\\Fichiers communs\\AOL\\1143568535\\ee\\aolsoftware.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]
R1 msikbd2k;Multimedia Keyboard Filter Driver;C:\WINDOWS\system32\DRIVERS\msikbd2k.sys [2000-10-03 15:18]
R1 vcsmpdrv;vcsmpdrv;C:\WINDOWS\system32\DRIVERS\vcsmpdrv.sys [2002-05-03 09:03]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
R2 nhksrv;Netropa NHK Server;C:\Apps\ActivBoard\nhksrv.exe [2000-09-13 16:18]
R2 ousbehci;OrangeWare USB Enhanced Host Controller Service;C:\WINDOWS\system32\Drivers\ousbehci.sys [2005-07-15 15:02]
R2 VCSSecS;Virtual CD v4 Security service (SDK - Version);C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe [2002-05-07 09:32]
R3 ousb2hub;OrangeWare USB 2.0 Root Hub Support;C:\WINDOWS\system32\DRIVERS\ousb2hub.sys [2005-07-15 15:02]
S2 Ca50xav;TRUST 580Z C@M Video Device;C:\WINDOWS\system32\Drivers\Ca50xav.sys []
S2 NISSERV;Norton Internet Security Service;C:\Program Files\Norton Internet Security\NISSERV.EXE [2001-11-13 03:44]
S3 USBCamera;TRUST 580Z C@M Camera Device;C:\WINDOWS\system32\Drivers\Bulk50x.sys []
S3 V90drv;v90drv;C:\WINDOWS\system32\DRIVERS\v90drv.sys []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2002-09-22 19:20:00 C:\WINDOWS\Tasks\Rappel d'enregistrement 3.job"
- C:\WINDOWS\System32\OOBE\oobebaln.exe
"2008-04-12 20:20:00 C:\WINDOWS\Tasks\Symantec NetDetect.job"
- C:\Program Files\Symantec\LiveUpdate\NDetect.exe
.
**************************************************************************

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-12 22:11:40
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\GRISOFT\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Palm\HOTSYNC.EXE
C:\WINDOWS\PSEXESVC.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Fichiers communs\AOL\1143568535\ee\services\antiSpywareApp\ver2_0_28_1\AOLSP Scheduler.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-04-12 22:24:30 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-12 20:24:12
Pre-Run: 20,595,519,488 octets libres
Post-Run: 20,473,294,848 octets libres
.
2007-11-05 18:23:58 --- E O F ---

Bonjour,
Voilà le scan de SDFix


[b]SDFix: Version 1.170 [/b]
Run by yannick on 12/04/2008 at 23:22

Microsoft Windows XP [version 5.1.2600]
Running From: C:\DOCUME~1\yannick\Bureau\SDFix

[b]Checking Services [/b]:


C:\WINDOWS\system32\Microsoft\backup.ftp Found
C:\WINDOWS\system32\Microsoft\backup.tftp Found

[b]Checking files[/b]:

[b]Genuine[/b]:
C:\WINDOWS\system32\Microsoft\backup.ftp
C:\WINDOWS\system32\Microsoft\backup.tftp
C:\WINDOWS\system32\ftp.exe
C:\WINDOWS\system32\tftp.exe
C:\WINDOWS\system32\dllcache\tftp.exe


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting


[b]Checking Files [/b]:

Trojan Files Found:

C:\Documents and Settings\All Users\Application Data\SolidDocuments\Installer\Solid Converter PDF\yannick\SolidSFX_Data\install.dat - Deleted
C:\WINDOWS\system32\Microsoft\backup.ftp - Deleted
C:\WINDOWS\system32\Microsoft\backup.tftp - Deleted



Folder C:\Program Files\Fichiers communs\Carlson - Removed


Removing Temp Files

[b]ADS Check [/b]:



[b]Final Check [/b]:

catchme 0.3.1351.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-12 23:37:49
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:ad,49,2b,f2,aa,05,29,53,9b,54,62,5f,15,24,9f,7f,82,93,2a,ff,dc,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,ff,f5,a2,41,c4,0f,cf,eb,93,44,3c,dd,c1,ac,87,45,61,..
"khjeh"=hex:5e,0e,9b,44,6a,46,68,51,18,99,cb,6b,e5,e3,23,1a,a7,f6,e0,9d,3c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:9e,58,13,04,45,ee,00,a0,44,46,46,17,68,26,96,74,50,ce,6d,7d,fa,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:f9,f6,f4,cc,83,05,e1,6a,32,2b,60,b7,55,1c,69,d1,49,e2,74,12,07,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:ad,49,2b,f2,aa,05,29,53,9b,54,62,5f,15,24,9f,7f,82,93,2a,ff,dc,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,ff,f5,a2,41,c4,0f,cf,eb,93,44,3c,dd,c1,ac,87,45,61,..
"khjeh"=hex:5e,0e,9b,44,6a,46,68,51,18,99,cb,6b,e5,e3,23,1a,a7,f6,e0,9d,3c,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:9e,58,13,04,45,ee,00,a0,44,46,46,17,68,26,96,74,50,ce,6d,7d,fa,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:f9,f6,f4,cc,83,05,e1,6a,32,2b,60,b7,55,1c,69,d1,49,e2,74,12,07,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:d0035959
"s2"=dword:f295544b
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000000
"khjeh"=hex:ad,49,2b,f2,aa,05,29,53,9b,54,62,5f,15,24,9f,7f,82,93,2a,ff,dc,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,ff,f5,a2,41,c4,0f,cf,eb,93,44,3c,dd,c1,ac,87,45,61,..
"khjeh"=hex:5e,0e,9b,44,6a,46,68,51,18,99,cb,6b,e5,e3,23,1a,a7,f6,e0,9d,3c,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:9e,58,13,04,45,ee,00,a0,44,46,46,17,68,26,96,74,50,ce,6d,7d,fa,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:f9,f6,f4,cc,83,05,e1,6a,32,2b,60,b7,55,1c,69,d1,49,e2,74,12,07,..

scanning hidden registry entries ...

scanning hidden files ...


scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 1


[b]Remaining Services [/b]:



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\APPS\\ActivSurf\\4448364\\Program\\backWeb-4448364.exe"="C:\\APPS\\ActivSurf\\4448364\\Program\\backWeb-4448364.exe:*:Disabled:backWeb-4448364"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL 9.0"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\backWeb-8876480.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule Plus"
"C:\\WINDOWS\\system32\\mmc.exe"="C:\\WINDOWS\\system32\\mmc.exe:*:Disabled:Microsoft Management Console"
"C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"="C:\\Program Files\\IncrediMail\\bin\\IMApp.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"="C:\\Program Files\\IncrediMail\\bin\\IncMail.exe:*:Enabled:IncrediMail"
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"="C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe:*:Enabled:IncrediMail"
"C:\\WINDOWS\\system32\\fxsclnt.exe"="C:\\WINDOWS\\system32\\fxsclnt.exe:*:Enabled:Microsoft Fax Console"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLAcsd.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLAcsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\AOL 9.0a\\waol.exe"="C:\\Program Files\\AOL 9.0a\\waol.exe:*:Enabled:AOL"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"C:\\StubInstaller.exe"="C:\\StubInstaller.exe:*:Enabled:LimeWire swarmed installer"
"C:\\Program Files\\Fichiers communs\\AOL\\1143568535\\ee\\aolsoftware.exe"="C:\\Program Files\\Fichiers communs\\AOL\\1143568535\\ee\\aolsoftware.exe:*:Enabled:AOL Shared Components"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL 9.0"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLAcsd.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLAcsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\AOL 9.0a\\waol.exe"="C:\\Program Files\\AOL 9.0a\\waol.exe:*:Enabled:AOL"

[b]Remaining Files [/b]:


File Backups: - C:\DOCUME~1\yannick\Bureau\SDFix\backups\backups.zip

[b]Files with Hidden Attributes [/b]:

Tue 30 Jul 2002 198 A.SH. --- "C:\BOOT.BAK"
Wed 5 May 1999 65,536 A..H. --- "C:\CDP\ADVAPI32.DLL"
Wed 5 May 1999 155,648 A..H. --- "C:\CDP\GDI32.DLL"
Wed 5 May 1999 479,232 A..H. --- "C:\CDP\KERNEL32.DLL"
Mon 21 Aug 2000 1,388,544 A..H. --- "C:\CDP\MSVBVM60.DLL"
Wed 5 May 1999 790,528 A..H. --- "C:\CDP\OLE32.DLL"
Mon 2 Oct 2000 598,288 A..H. --- "C:\CDP\OLEAUT32.DLL"
Wed 5 May 1999 69,632 A..H. --- "C:\CDP\USER32.DLL"
Thu 18 Jun 1998 89,360 A..H. --- "C:\CDP\VB5DB.DLL"
Mon 2 Oct 2000 119,568 A..H. --- "C:\CDP\VB6FR.DLL"
Mon 10 May 2004 54,384 A..H. --- "C:\Program Files\AOL 9.0\aolphx.exe"
Mon 10 May 2004 156,784 A..H. --- "C:\Program Files\AOL 9.0\aoltray.exe"
Mon 10 May 2004 31,344 A..H. --- "C:\Program Files\AOL 9.0\RBM.exe"
Thu 15 Apr 2004 54,384 A..H. --- "C:\Program Files\AOL 9.0a\aolphx.exe"
Mon 10 May 2004 156,784 A..H. --- "C:\Program Files\AOL 9.0a\aoltray.exe"
Thu 15 Apr 2004 31,344 A..H. --- "C:\Program Files\AOL 9.0a\RBM.exe"
Tue 28 Aug 2001 77,824 ...H. --- "C:\Program Files\MSN\msnupdate!@#@.exe"
Fri 20 Aug 2004 65,024 A.SH. --- "C:\WINDOWS\system32\asycfilt.dll"
Fri 25 Aug 2006 617,472 A.SH. --- "C:\WINDOWS\system32\comctl32.dll"
Fri 20 Aug 2004 1,028,096 A.SH. --- "C:\WINDOWS\system32\mfc42.dll"
Tue 28 Aug 2001 57,344 A.SH. --- "C:\WINDOWS\system32\mfc42loc.dll"
Wed 20 Sep 1995 35,088 A.SH. --- "C:\WINDOWS\system32\msjint32.dll"
Wed 20 Sep 1995 977,680 A.SH. --- "C:\WINDOWS\system32\msjt3032.dll"
Wed 20 Sep 1995 23,824 A.SH. --- "C:\WINDOWS\system32\msjter32.dll"
Fri 20 Aug 2004 413,696 A.SH. --- "C:\WINDOWS\system32\msvcp60.dll"
Fri 20 Aug 2004 343,040 A.SH. --- "C:\WINDOWS\system32\msvcrt.dll"
Tue 28 Aug 2001 253,952 A.SH. --- "C:\WINDOWS\system32\msvcrt20.dll"
Thu 17 May 2007 549,376 A.SH. --- "C:\WINDOWS\system32\oleaut32.dll"
Fri 20 Aug 2004 83,456 A.SH. --- "C:\WINDOWS\system32\olepro32.dll"
Fri 20 Aug 2004 30,749 A.SH. --- "C:\WINDOWS\system32\vbajet32.dll"
Sun 24 Sep 1995 243,472 A.SH. --- "C:\WINDOWS\system32\vbar2232.dll"
Tue 11 Jan 2000 368,912 A.SH. --- "C:\WINDOWS\system32\vbar332.dll"
Sun 6 Feb 2005 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Tue 15 Nov 2005 78,104 ..SHR --- "C:\Program Files\Autodesk\Autodesk DWF Viewer\Setup.exe"
Thu 24 Nov 2005 17,920 A.SHR --- "C:\Program Files\Autodesk\Autodesk DWF Viewer\_Setup.dll"
Thu 24 Nov 2005 12,880 A.SHR --- "C:\Program Files\Autodesk\Autodesk DWF Viewer\_Setupx.dll"
Sat 3 Mar 2007 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv03.tmp"
Sun 29 Apr 2007 924 A..H. --- "C:\Program Files\Fichiers communs\AOL\IPHSend\IPH.BAK"
Sun 30 Mar 2003 0 A..H. --- "C:\Program Files\MSN\MSNCoreFiles\Setup\BITC6.tmp"
Sun 30 Mar 2003 0 A..H. --- "C:\Program Files\MSN\MSNCoreFiles\Setup\BITC7.tmp"
Sun 8 Dec 2002 218,624 ...H. --- "C:\Documents and Settings\yannick\Application Data\Microsoft\Word\~WRL1841.tmp"
Sun 8 Dec 2002 551,936 ...H. --- "C:\Documents and Settings\yannick\Application Data\Microsoft\Word\~WRL2044.tmp"
Sun 8 Dec 2002 226,816 ...H. --- "C:\Documents and Settings\yannick\Application Data\Microsoft\Word\~WRL3358.tmp"
Sat 5 Jun 2004 8 A..H. --- "C:\Documents and Settings\All Users\Application Data\GTek\GTUpdate\AUpdate\Channels\ch1\lock.tmp"

[b]Finished![/b]

Et le scan hijackthis

Par contre j'ai toujours une partie de Bitdefender, comment faire pour la supprimer ainsi que tout fichier ou le message suivant apparait, "impossible de supprimer le fichier verifier que fichier n'est pas protegé ou en lecture seul"
Merci pour ton aide
++


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:20:11, on 13/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Norton Internet Security\IAMAPP.EXE
C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
C:\Program Files\Fichiers communs\AOL\1143568535\ee\AOLSoftware.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Apps\ActivBoard\nhksrv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\dllhost.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\wanmpsvc.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Palm\HOTSYNC.EXE
c:\program files\fichiers communs\aol\1143568535\ee\services\antiSpywareApp\ver2_0_28_1\AOLSP Scheduler.exe
c:\program files\fichiers communs\aol\1143568535\ee\aolsoftware.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Microsoft Money\System\urlmap.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O3 - Toolbar: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: (no name) - {b5146c40-189a-4311-bda9-fbae3e023187} - (no file)
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [iamapp] C:\Program Files\Norton Internet Security\IAMAPP.EXE
O4 - HKLM\..\Run: [AOLSAV] C:\PROGRA~1\TECHCI~1\AOLSAV\AOLAgent.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Fichiers communs\AOL\1143568535\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Hotsync Manager.LNK = C:\Palm\HOTSYNC.EXE
O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart17.exe
O4 - Global Startup: AOL 9.0 Icône AOL.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Packard Bell - {1D49B7D4-524D-4ac9-BC34-B4822CAE4BB1} - C:\Apps\IECustom\script.htm
O9 - Extra button: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra 'Tools' menuitem: AOL Toolbar - {4982D40A-C53B-4615-B15B-B5B5E98D167C} - C:\Program Files\AOL Toolbar\toolbar.dll
O9 - Extra button: Porno-Mateur - {7FFF944B-4518-43C0-82F2-CD9453575BFF} - C:\Documents and Settings\yannick\Menu Démarrer\Programmes\Porno-Mateur\Porno-Mateur.lnk (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\AIM.EXE (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyviewer.dll
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=https://www.free.fr/freebox/index.html
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: teleir_cert - https://static.ir.dgi.minefi.gouv.fr/secure/connexion/archives/ie4n4/teleir_cert.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://imin.cvf.fr/imin_data/ocx/MDM.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {17D8B270-9C15-11D3-8F03-00105A9965CA} - http://www.easyclick.com/ie/pc/ec.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {31588C30-7BF8-4194-A42F-4D925DCB1859} - https://fr.yahoo.com/
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - https://www.cult3d.com/
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.fr/computercheckup/qdiagcc.cab
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-17.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/280a2eed77e5ee97a217/netzip/RdxIE601_fr.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {7B804666-6A0B-4ADE-9DD8-356FCA06C509} - http://www.powerged.com/install/FR/PowerGED.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/SSC/SharedContent/common/bin/cabsa.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - https://support.norton.com/sp/en/us/home/current/info
O16 - DPF: {D28C3640-A6D7-4668-A53C-07A9CF67D157} (CFnacComposantCtrl Object) - http://www.fnacmusic.com/telechargementFnacmusic/FnacComposant.cab
O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} - http://static.zangocash.com/cab/Zango/ie/bridge-c2.cab?42fa1e8e090a7b6d9a41dcca4de1090231460609a6350ba15b3a43283a940ee103f519ca8154604f0beae4bbafc63588c46e4d1b956cc4961e68ce624b211f420224:d72f3087365a15a695e3d96e225dd94f
O16 - DPF: {E15111B0-95AE-4C05-B91F-F4564057990C} (MovieSystem WAY) - http://services.moviesystem.com/cabs/msway.cab
O16 - DPF: {E862C832-3A5F-4CEB-BFAA-167B22010A71} (InfosFinder2.InfosFinder) - http://support.packardbell.com/files/activex/InfosFinder2.CAB
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Apps\ActivBoard\nhksrv.exe
O23 - Service: Norton Internet Security Service (NISSERV) - Symantec Corporation - C:\Program Files\Norton Internet Security\NISSERV.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Norton Internet Security Proxy Service (SymProxySvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\SymProxySvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe