Trojan downloader.xs et adebot.

Voici le rapport COmboFix
ComboFix 08-05-01.3 - Mandine 2008-05-09 9:05:41.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.515 [GMT -4:00]
Endroit: C:\Documents and Settings\Mandine\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Mandine\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

((((((((((((((((((((((((((((( Fichiers créés 2008-04-09 to 2008-05-09 ))))))))))))))))))))))))))))))))))))
.

2008-05-06 08:41 . 2008-05-06 08:41 <REP> d-------- C:\Program Files\Avira
2008-05-06 08:41 . 2008-05-06 08:41 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-05-05 21:23 . 2007-10-11 21:57 195,096 --a------ C:\WINDOWS\system32\lvci1150.dll
2008-05-05 21:23 . 2008-05-09 07:57 0 --a------ C:\WINDOWS\system32\drivers\logiflt.iad
2008-05-05 21:21 . 2008-05-05 21:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Logishrd
2008-05-05 14:31 . 2008-05-05 14:31 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-05 14:31 . 2008-05-05 14:31 <REP> d-------- C:\Documents and Settings\Mandine\Application Data\Malwarebytes
2008-05-05 14:31 . 2008-05-05 14:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-05-05 11:43 . 2008-05-05 11:43 <REP> d-------- C:\WINDOWS\ERUNT
2008-05-05 11:37 . 2008-05-05 11:38 <REP> d-------- C:\SDFix
2008-05-05 11:04 . 2008-04-28 21:35 4,096 --a------ C:\WINDOWS\a.MSNFix
2008-05-05 10:44 . 2008-05-05 10:44 <REP> d-------- C:\Program Files\Trend Micro
2008-04-29 19:29 . 2008-05-05 11:07 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
2008-04-29 19:29 . 2008-05-05 11:05 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-04-29 18:39 . 2008-04-29 19:28 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-04-29 15:31 . 2005-09-23 07:29 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2008-04-29 12:00 . 2008-04-29 12:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-04-28 21:44 . 2008-05-05 15:28 <REP> d-------- C:\Documents and Settings\All Users\Application Data\opunqtsx
2008-04-28 21:35 . 2008-04-28 21:35 4,096 --a------ C:\WINDOWS\system32\WINWGPX.MSNFix
2008-04-28 21:35 . 2008-04-28 21:35 4,096 --a------ C:\WINDOWS\system32\winsystem.MSNFix
2008-04-28 21:35 . 2008-04-28 21:35 4,096 --a------ C:\WINDOWS\system32\winlogonpc.MSNFix
2008-04-14 08:55 . 2008-05-09 08:08 <REP> d-------- C:\Documents and Settings\Mandine\Application Data\skypePM
2008-04-14 08:55 . 2008-04-14 08:55 32 --a------ C:\Documents and Settings\All Users\Application Data\ezsid.dat
2008-04-14 08:54 . 2008-04-14 08:54 <REP> d-------- C:\Program Files\Fichiers communs\Skype

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-09 12:58 --------- d-----w C:\Documents and Settings\Mandine\Application Data\Skype
2008-05-09 11:57 0 ----a-w C:\WINDOWS\system32\drivers\lvuvc.hs
2008-05-06 12:35 --------- d-----w C:\Program Files\Alwil Software
2008-05-06 01:23 --------- d-----w C:\Program Files\Fichiers communs\LogiShrd
2008-05-06 01:20 --------- d-----w C:\Program Files\Logitech
2008-04-29 02:10 --------- d-----w C:\Program Files\Microsoft ActiveSync
2008-04-08 20:30 --------- d-----w C:\Program Files\Windows Live
2008-04-05 23:41 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-13 17:44 --------- d-----w C:\Documents and Settings\Mandine\Application Data\Greyfirst
2008-03-13 17:43 --------- d-----w C:\Program Files\Celtx
2008-03-01 12:58 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2007-09-25 02:15 2,198 -c--a-w C:\Program Files\INSTALL.LOG
2007-05-05 14:11 35,140 -c--a-w C:\Documents and Settings\Mandine\Application Data\wklnhst.dat
2006-03-22 13:37 58,592 -c--a-w C:\Documents and Settings\Mandine\Application Data\GDIPFONTCACHEV1.DAT
.

((((((((((((((((((((((((((((( snapshot@2008-05-05_13.38.06,95 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-05 17:28:32 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-09 11:57:43 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-06 01:24:22 15,086 ----a-r C:\WINDOWS\Installer\{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}\ARPPRODUCTICON.exe
+ 2008-05-06 01:24:22 15,086 ----a-r C:\WINDOWS\Installer\{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}\DesktopShortcut_10110FE91EE84A3DADFD1294F86BE5FC.exe
+ 2008-05-06 01:24:22 53,248 ----a-r C:\WINDOWS\Installer\{945AC98B-3DC8-45BE-BAE0-22CEEE37A103}\ProgramGroupShortcut_EFA2BBEBCF93493B904B1B970B8DFAB6.exe
+ 2008-01-21 22:12:56 41,792 ----a-w C:\WINDOWS\system32\drivers\avgntdd.sys
+ 2008-01-21 22:11:28 22,336 ----a-w C:\WINDOWS\system32\drivers\avgntmgr.sys
+ 2008-03-04 17:28:53 79,424 ----a-w C:\WINDOWS\system32\drivers\avipbb.sys
- 2007-02-06 15:42:40 1,691,808 ----a-w C:\WINDOWS\system32\drivers\Lvckap.sys
+ 2007-10-19 17:16:30 2,109,976 ----a-w C:\WINDOWS\system32\drivers\Lvckap.sys
- 2007-02-06 15:44:36 1,964,064 ----a-w C:\WINDOWS\system32\drivers\LVMVdrv.sys
+ 2007-10-11 22:59:02 2,142,488 ----a-w C:\WINDOWS\system32\drivers\LVMVdrv.sys
- 2007-02-03 08:30:58 1,507,232 ----a-w C:\WINDOWS\system32\drivers\lvpopflt.sys
+ 2007-10-12 01:59:12 1,920,920 ----a-w C:\WINDOWS\system32\drivers\lvpopflt.sys
- 2007-02-06 15:45:04 25,632 ----a-w C:\WINDOWS\system32\drivers\LVPr2Mon.sys
+ 2007-10-11 22:59:24 25,624 ----a-w C:\WINDOWS\system32\drivers\LVPr2Mon.sys
- 2007-02-03 08:32:36 41,504 ----a-w C:\WINDOWS\system32\drivers\LVUSBSta.sys
+ 2007-10-12 02:00:42 41,752 ----a-w C:\WINDOWS\system32\drivers\LVUSBSta.sys
- 2007-02-03 08:32:46 1,939,360 ----a-w C:\WINDOWS\system32\drivers\lvuvc.sys
+ 2007-10-12 02:00:54 3,647,384 ----a-w C:\WINDOWS\system32\drivers\lvuvc.sys
- 2007-02-03 08:33:00 22,560 ----a-w C:\WINDOWS\system32\drivers\lvuvcflt.sys
+ 2007-10-12 02:01:06 23,832 ----a-w C:\WINDOWS\system32\drivers\lvuvcflt.sys
+ 2007-03-01 14:34:22 28,352 ----a-w C:\WINDOWS\system32\drivers\ssmdrv.sys
+ 2006-11-20 16:02:42 847,392 -c--a-w C:\WINDOWS\system32\DRVSTORE\lv321v_B62F53422CAFF994DD031623AB63B906862AFCA9\lv321av.sys
+ 2006-11-20 16:04:12 264,992 -c--a-w C:\WINDOWS\system32\DRVSTORE\lv321v_B62F53422CAFF994DD031623AB63B906862AFCA9\lvcodec2.dll
+ 2006-11-20 16:04:24 121,632 -c--a-w C:\WINDOWS\system32\DRVSTORE\lv321v_B62F53422CAFF994DD031623AB63B906862AFCA9\lvcoinst.dll
+ 2006-11-20 16:07:04 211,744 -c--a-w C:\WINDOWS\system32\DRVSTORE\lv321v_B62F53422CAFF994DD031623AB63B906862AFCA9\LVUI2.dll
+ 2006-11-20 16:07:14 527,136 -c--a-w C:\WINDOWS\system32\DRVSTORE\lv321v_B62F53422CAFF994DD031623AB63B906862AFCA9\LVUI2RC.dll
+ 2006-11-20 16:07:48 166,688 -c--a-w C:\WINDOWS\system32\DRVSTORE\lv321v_B62F53422CAFF994DD031623AB63B906862AFCA9\lvWIAext.dll
+ 2003-02-21 02:42:22 348,160 -c--a-w C:\WINDOWS\system32\DRVSTORE\lv321v_B62F53422CAFF994DD031623AB63B906862AFCA9\msvcr71.dll
+ 2007-02-03 08:27:56 490,784 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvELCHv_9F7BE67F2856843252665E5DA13A0A0939AA29AB\LV561AV.sys
+ 2007-02-03 08:29:08 264,992 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvELCHv_9F7BE67F2856843252665E5DA13A0A0939AA29AB\lvcodec2.dll
+ 2007-02-03 08:29:20 129,824 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvELCHv_9F7BE67F2856843252665E5DA13A0A0939AA29AB\lvcoinst.dll
+ 2007-02-03 08:32:22 215,840 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvELCHv_9F7BE67F2856843252665E5DA13A0A0939AA29AB\LVUI2.dll
+ 2007-02-03 08:32:22 527,136 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvELCHv_9F7BE67F2856843252665E5DA13A0A0939AA29AB\LVUI2RC.dll
+ 2007-02-03 08:32:36 41,504 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvELCHv_9F7BE67F2856843252665E5DA13A0A0939AA29AB\LVUSBSta.sys
+ 2007-02-03 08:33:10 166,688 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvELCHv_9F7BE67F2856843252665E5DA13A0A0939AA29AB\lvWIAext.dll
+ 2003-02-21 02:42:22 348,160 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvELCHv_9F7BE67F2856843252665E5DA13A0A0939AA29AB\msvcr71.dll
+ 2007-02-03 14:17:30 435,736 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvELCHv_9F7BE67F2856843252665E5DA13A0A0939AA29AB\WUApp32.exe
+ 2007-10-12 01:56:20 490,776 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvELCHv_BBE6DEA618C212D1D4C404825FD824D3C6FE5D57\LV561AV.sys
+ 2007-10-12 01:57:28 416,280 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvELCHv_BBE6DEA618C212D1D4C404825FD824D3C6FE5D57\lvcodec2.dll
+ 2007-10-12 01:57:40 195,096 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvELCHv_BBE6DEA618C212D1D4C404825FD824D3C6FE5D57\lvcoinst.dll
+ 2007-10-12 02:00:20 490,008 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvELCHv_BBE6DEA618C212D1D4C404825FD824D3C6FE5D57\LVUI2.dll
+ 2007-10-12 02:00:32 465,432 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvELCHv_BBE6DEA618C212D1D4C404825FD824D3C6FE5D57\LVUI2RC.dll
+ 2007-10-12 02:00:42 41,752 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvELCHv_BBE6DEA618C212D1D4C404825FD824D3C6FE5D57\LVUSBSta.sys
+ 2007-10-12 02:01:28 236,056 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvELCHv_BBE6DEA618C212D1D4C404825FD824D3C6FE5D57\lvWIAext.dll
+ 2007-10-12 02:03:10 439,568 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvELCHv_BBE6DEA618C212D1D4C404825FD824D3C6FE5D57\WUApp32.exe
+ 2007-10-12 01:55:58 13,848 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPEPI2s_62F19BA954DED83DBA6DF160C36D5918D3EEA33F\lv302af.sys
+ 2007-10-12 01:57:40 195,096 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPEPI2s_62F19BA954DED83DBA6DF160C36D5918D3EEA33F\lvcoinst.dll
+ 2007-10-12 02:00:42 41,752 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPEPI2s_62F19BA954DED83DBA6DF160C36D5918D3EEA33F\LVUSBSta.sys
+ 2007-10-12 02:03:10 439,568 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPEPI2s_62F19BA954DED83DBA6DF160C36D5918D3EEA33F\WUApp32.exe
+ 2007-10-12 01:55:58 1,279,000 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPEPI2v_19F47D0F20E353A86247DADE40C70EC0358A7AE9\LV302V32.SYS
+ 2007-10-12 01:57:28 416,280 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPEPI2v_19F47D0F20E353A86247DADE40C70EC0358A7AE9\lvcodec2.dll
+ 2007-10-12 01:57:40 195,096 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPEPI2v_19F47D0F20E353A86247DADE40C70EC0358A7AE9\lvcoinst.dll
+ 2007-10-12 02:00:20 490,008 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPEPI2v_19F47D0F20E353A86247DADE40C70EC0358A7AE9\LVUI2.dll
+ 2007-10-12 02:00:32 465,432 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPEPI2v_19F47D0F20E353A86247DADE40C70EC0358A7AE9\LVUI2RC.dll
+ 2007-10-12 02:00:42 41,752 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPEPI2v_19F47D0F20E353A86247DADE40C70EC0358A7AE9\LVUSBSta.sys
+ 2007-10-12 02:01:28 236,056 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPEPI2v_19F47D0F20E353A86247DADE40C70EC0358A7AE9\lvWIAext.dll
+ 2007-10-12 02:03:10 439,568 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPEPI2v_19F47D0F20E353A86247DADE40C70EC0358A7AE9\WUApp32.exe
+ 2007-02-03 08:27:16 14,240 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPEPIs_1EA7FC9E4D54C554A2B1C0552ED30ADE85DE0187\lv302af.sys
+ 2007-02-03 08:29:20 129,824 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPEPIs_1EA7FC9E4D54C554A2B1C0552ED30ADE85DE0187\lvcoinst.dll
+ 2007-02-03 08:32:36 41,504 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPEPIs_1EA7FC9E4D54C554A2B1C0552ED30ADE85DE0187\LVUSBSta.sys
+ 2007-02-03 14:17:30 435,736 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPEPIs_1EA7FC9E4D54C554A2B1C0552ED30ADE85DE0187\WUApp32.exe
+ 2007-02-03 08:27:28 938,272 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPEPIv_92318949FCA64BA41E43C18548BE271658B9709C\LV302V32.SYS
+ 2007-02-03 08:29:08 264,992 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPEPIv_92318949FCA64BA41E43C18548BE271658B9709C\lvcodec2.dll
+ 2007-02-03 08:29:20 129,824 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPEPIv_92318949FCA64BA41E43C18548BE271658B9709C\lvcoinst.dll
+ 2007-02-03 08:32:22 215,840 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPEPIv_92318949FCA64BA41E43C18548BE271658B9709C\LVUI2.dll
+ 2007-02-03 08:32:22 527,136 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPEPIv_92318949FCA64BA41E43C18548BE271658B9709C\LVUI2RC.dll
+ 2007-02-03 08:32:36 41,504 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPEPIv_92318949FCA64BA41E43C18548BE271658B9709C\LVUSBSta.sys
+ 2007-02-03 08:33:10 166,688 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPEPIv_92318949FCA64BA41E43C18548BE271658B9709C\lvWIAext.dll
+ 2003-02-21 02:42:22 348,160 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPEPIv_92318949FCA64BA41E43C18548BE271658B9709C\msvcr71.dll
+ 2007-02-03 14:17:30 435,736 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPEPIv_92318949FCA64BA41E43C18548BE271658B9709C\WUApp32.exe
+ 2007-02-03 08:31:34 66,848 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO3c_614DC83852B13504853C99BAD2166FFB56D07935\lvselsus.sys
+ 2007-02-03 08:33:00 22,560 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO3c_614DC83852B13504853C99BAD2166FFB56D07935\lvuvcflt.sys
+ 2007-02-03 08:29:20 129,824 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO3s_637BBD470692B4142169E3F4D52A7F3055BF7B3D\lvcoinst.dll
+ 2007-02-03 08:30:58 1,507,232 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO3s_637BBD470692B4142169E3F4D52A7F3055BF7B3D\lvpopflt.sys
+ 2007-02-03 08:31:34 66,848 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO3s_637BBD470692B4142169E3F4D52A7F3055BF7B3D\lvselsus.sys
+ 2007-02-03 08:32:36 41,504 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO3s_637BBD470692B4142169E3F4D52A7F3055BF7B3D\LVUSBSta.sys
+ 2007-02-03 14:17:30 435,736 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO3s_637BBD470692B4142169E3F4D52A7F3055BF7B3D\WUApp32.exe
+ 2007-02-03 08:29:08 264,992 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO3v_34FDA56461F22AA0217B087391C6CD78C1732BC4\lvcodec2.dll
+ 2007-02-03 08:29:20 129,824 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO3v_34FDA56461F22AA0217B087391C6CD78C1732BC4\lvcoinst.dll
+ 2007-02-03 08:32:22 215,840 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO3v_34FDA56461F22AA0217B087391C6CD78C1732BC4\LVUI2.dll
+ 2007-02-03 08:32:22 527,136 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO3v_34FDA56461F22AA0217B087391C6CD78C1732BC4\LVUI2RC.dll
+ 2007-02-03 08:32:36 41,504 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO3v_34FDA56461F22AA0217B087391C6CD78C1732BC4\LVUSBSta.sys
+ 2007-02-03 08:32:46 1,939,360 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO3v_34FDA56461F22AA0217B087391C6CD78C1732BC4\lvuvc.sys
+ 2007-02-03 08:33:10 166,688 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO3v_34FDA56461F22AA0217B087391C6CD78C1732BC4\lvWIAext.dll
+ 2003-02-21 02:42:22 348,160 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO3v_34FDA56461F22AA0217B087391C6CD78C1732BC4\msvcr71.dll
+ 2007-02-03 14:17:30 435,736 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO3v_34FDA56461F22AA0217B087391C6CD78C1732BC4\WUApp32.exe
+ 2007-10-12 02:01:06 23,832 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO5c_F4502E86C545666FAEEA2E5BC0ECF142B1B952DA\lvuvcflt.sys
+ 2007-10-12 01:57:40 195,096 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO5s_FF147DEF58280327E126F11A9918B00DAAF40F64\lvcoinst.dll
+ 2007-10-12 01:59:12 1,920,920 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO5s_FF147DEF58280327E126F11A9918B00DAAF40F64\lvpopflt.sys
+ 2007-10-12 02:00:08 2,091,800 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO5s_FF147DEF58280327E126F11A9918B00DAAF40F64\lvrs.sys
+ 2007-10-12 02:00:20 66,456 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO5s_FF147DEF58280327E126F11A9918B00DAAF40F64\lvselsus.sys
+ 2007-10-12 02:00:42 41,752 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO5s_FF147DEF58280327E126F11A9918B00DAAF40F64\LVUSBSta.sys
+ 2007-10-12 02:03:10 439,568 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO5s_FF147DEF58280327E126F11A9918B00DAAF40F64\WUApp32.exe
+ 2007-10-12 01:57:28 416,280 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO5v_D6FAB2B0793183BA050A90A5CC9D79EF71551623\lvcodec2.dll
+ 2007-10-12 01:57:40 195,096 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO5v_D6FAB2B0793183BA050A90A5CC9D79EF71551623\lvcoinst.dll
+ 2007-10-12 02:00:20 490,008 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO5v_D6FAB2B0793183BA050A90A5CC9D79EF71551623\LVUI2.dll
+ 2007-10-12 02:00:32 465,432 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO5v_D6FAB2B0793183BA050A90A5CC9D79EF71551623\LVUI2RC.dll
+ 2007-10-12 02:00:42 41,752 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO5v_D6FAB2B0793183BA050A90A5CC9D79EF71551623\LVUSBSta.sys
+ 2007-10-12 02:00:54 3,647,384 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO5v_D6FAB2B0793183BA050A90A5CC9D79EF71551623\lvuvc.sys
+ 2007-10-12 02:01:28 236,056 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO5v_D6FAB2B0793183BA050A90A5CC9D79EF71551623\lvWIAext.dll
+ 2007-10-12 02:03:10 439,568 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPRO5v_D6FAB2B0793183BA050A90A5CC9D79EF71551623\WUApp32.exe
+ 2007-02-03 08:29:20 129,824 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPROs_892D6A9698543E26AE9E1E4CD4202F838392F36D\lvcoinst.dll
+ 2007-02-03 08:32:36 41,504 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPROs_892D6A9698543E26AE9E1E4CD4202F838392F36D\LVUSBSta.sys
+ 2007-02-03 14:17:30 435,736 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPROs_892D6A9698543E26AE9E1E4CD4202F838392F36D\WUApp32.exe
+ 2007-02-03 08:25:56 1,075,360 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPROv_2F8FA311AB273C3C2B47DA430D29C591CDDDB624\Camdrl.sys
+ 2007-02-03 08:26:08 154,400 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPROv_2F8FA311AB273C3C2B47DA430D29C591CDDDB624\CamExL20.dll
+ 2007-02-03 08:29:08 264,992 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPROv_2F8FA311AB273C3C2B47DA430D29C591CDDDB624\lvcodec2.dll
+ 2007-02-03 08:29:20 129,824 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPROv_2F8FA311AB273C3C2B47DA430D29C591CDDDB624\lvcoinst.dll
+ 2007-02-03 08:32:22 215,840 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPROv_2F8FA311AB273C3C2B47DA430D29C591CDDDB624\LVUI2.dll
+ 2007-02-03 08:32:22 527,136 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPROv_2F8FA311AB273C3C2B47DA430D29C591CDDDB624\LVUI2RC.dll
+ 2007-02-03 08:32:36 41,504 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPROv_2F8FA311AB273C3C2B47DA430D29C591CDDDB624\LVUSBSta.sys
+ 2007-02-03 08:33:10 166,688 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPROv_2F8FA311AB273C3C2B47DA430D29C591CDDDB624\lvWIAext.dll
+ 2003-02-21 02:42:22 348,160 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPROv_2F8FA311AB273C3C2B47DA430D29C591CDDDB624\msvcr71.dll
+ 2007-02-03 14:17:30 435,736 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvPROv_2F8FA311AB273C3C2B47DA430D29C591CDDDB624\WUApp32.exe
+ 2006-11-20 16:06:30 65,824 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvS213c_2ED6B19949B63F5F3BD3FC5BAC40FE63CEFC27E0\lvselsus.sys
+ 2006-11-20 16:07:38 21,536 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvS213c_2ED6B19949B63F5F3BD3FC5BAC40FE63CEFC27E0\lvuvcflt.sys
+ 2006-11-20 16:04:12 264,992 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvS213v_25D0BF886C34221FF88541C44ECCE6F52E647BAC\lvcodec2.dll
+ 2006-11-20 16:04:24 121,632 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvS213v_25D0BF886C34221FF88541C44ECCE6F52E647BAC\lvcoinst.dll
+ 2006-11-20 16:07:04 211,744 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvS213v_25D0BF886C34221FF88541C44ECCE6F52E647BAC\LVUI2.dll
+ 2006-11-20 16:07:14 527,136 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvS213v_25D0BF886C34221FF88541C44ECCE6F52E647BAC\LVUI2RC.dll
+ 2006-11-20 16:07:26 40,352 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvS213v_25D0BF886C34221FF88541C44ECCE6F52E647BAC\LVUSBSta.sys
+ 2006-11-20 16:07:38 1,085,216 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvS213v_25D0BF886C34221FF88541C44ECCE6F52E647BAC\lvuvc.sys
+ 2006-11-20 16:07:48 166,688 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvS213v_25D0BF886C34221FF88541C44ECCE6F52E647BAC\lvWIAext.dll
+ 2003-02-21 02:42:22 348,160 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvS213v_25D0BF886C34221FF88541C44ECCE6F52E647BAC\msvcr71.dll
+ 2007-01-08 14:52:00 65,824 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvSCBYc_96D0E39DE53FC74E2F1845FA7AA7B24B9CABD2E1\lvselsus.sys
+ 2007-01-08 14:52:34 21,536 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvSCBYc_96D0E39DE53FC74E2F1845FA7AA7B24B9CABD2E1\lvuvcflt.sys
+ 2007-01-08 14:51:36 121,632 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvSCBYs_31A1B329DDE39E828D05492B2D0D4E12163A13DF\lvcoinst.dll
+ 2007-01-08 14:51:48 1,512,224 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvSCBYs_31A1B329DDE39E828D05492B2D0D4E12163A13DF\lvpopflt.sys
+ 2007-01-08 14:52:00 65,824 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvSCBYs_31A1B329DDE39E828D05492B2D0D4E12163A13DF\lvselsus.sys
+ 2007-01-08 14:52:22 40,352 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvSCBYs_31A1B329DDE39E828D05492B2D0D4E12163A13DF\LVUSBSta.sys
+ 2007-01-08 14:51:26 264,992 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvSCBYv_19AE5E7076A880D970D3D9DE0FFE6044740B6561\lvcodec2.dll
+ 2007-01-08 14:51:36 121,632 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvSCBYv_19AE5E7076A880D970D3D9DE0FFE6044740B6561\lvcoinst.dll
+ 2007-01-08 14:52:10 211,744 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvSCBYv_19AE5E7076A880D970D3D9DE0FFE6044740B6561\LVUI2.dll
+ 2007-01-08 14:52:10 527,136 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvSCBYv_19AE5E7076A880D970D3D9DE0FFE6044740B6561\LVUI2RC.dll
+ 2007-01-08 14:52:22 40,352 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvSCBYv_19AE5E7076A880D970D3D9DE0FFE6044740B6561\LVUSBSta.sys
+ 2007-01-08 14:52:34 1,085,216 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvSCBYv_19AE5E7076A880D970D3D9DE0FFE6044740B6561\lvuvc.sys
+ 2007-01-08 14:52:38 166,688 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvSCBYv_19AE5E7076A880D970D3D9DE0FFE6044740B6561\lvWIAext.dll
+ 2003-02-21 02:42:22 348,160 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvSCBYv_19AE5E7076A880D970D3D9DE0FFE6044740B6561\msvcr71.dll
+ 2007-01-08 14:53:14 847,392 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvVLMAv_016D215D90315FD225D4A5DC395573873D874507\lv321av.sys
+ 2007-01-08 14:53:24 264,992 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvVLMAv_016D215D90315FD225D4A5DC395573873D874507\lvcodec2.dll
+ 2007-01-08 14:53:36 121,632 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvVLMAv_016D215D90315FD225D4A5DC395573873D874507\lvcoinst.dll
+ 2007-01-08 14:53:48 211,744 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvVLMAv_016D215D90315FD225D4A5DC395573873D874507\LVUI2.dll
+ 2007-01-08 14:54:00 527,136 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvVLMAv_016D215D90315FD225D4A5DC395573873D874507\LVUI2RC.dll
+ 2007-01-08 14:54:06 166,688 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvVLMAv_016D215D90315FD225D4A5DC395573873D874507\lvWIAext.dll
+ 2003-02-21 02:42:22 348,160 -c--a-w C:\WINDOWS\system32\DRVSTORE\lvVLMAv_016D215D90315FD225D4A5DC395573873D874507\msvcr71.dll
- 2007-02-03 08:29:08 264,992 -c--a-w C:\WINDOWS\system32\lvcodec2.dll
+ 2007-10-12 01:57:28 416,280 ----a-w C:\WINDOWS\system32\lvcodec2.dll
- 2007-02-03 08:32:22 215,840 -c--a-w C:\WINDOWS\system32\LVUI2.dll
+ 2007-10-12 02:00:20 490,008 ----a-w C:\WINDOWS\system32\LVUI2.dll
- 2007-02-03 08:32:22 527,136 -c--a-w C:\WINDOWS\system32\LVUI2RC.dll
+ 2007-10-12 02:00:32 465,432 ----a-w C:\WINDOWS\system32\LVUI2RC.dll
- 2007-02-03 08:33:10 166,688 ----a-w C:\WINDOWS\twain_32\QuickCam\lvWIAext.dll
+ 2007-10-12 02:01:28 236,056 ----a-w C:\WINDOWS\twain_32\QuickCam\lvWIAext.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 09:00 15360]
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe" [2003-09-15 11:19 65536]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 12:34 5724184]
"H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE" [2005-01-19 09:18 405583]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2008-02-01 17:22 21898024]
"CloantoSoftwareManager"="C:\Program Files\Fichiers communs\Cloanto\Software Manager\softmngr.exe" [2007-10-02 22:14 320616]
"PopitNG"="C:\Documents and Settings\All Users\Documents\Logiciels\Post it\popitng_popitng_4.0_francais_43874.exe" [ ]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45 313472]
"NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" [2004-08-20 06:47 1912832]
"Wallpaper"="C:\Program Files\Wallpaper\Wallpaper.exe" [2007-08-20 19:27 233472]
"olimsxzz"="C:\WINDOWS\system32\ahqbqpoj.exe" [ ]
"qbkwpxgf"="C:\WINDOWS\system32\qbaraxwx.exe" [ ]
"odthviuc"="C:\WINDOWS\system32\ujyditkt.exe" [ ]
"snbildku"="C:\WINDOWS\system32\utmjipmj.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MotiveReportAgent"="C:\Program Files\Fichiers communs\Motive\McciBootStrapper.exe" [ ]
"Utilitaire d'enrichissement d'image Toshiba"="C:\Program Files\TOSHIBA\TOSHIBA Picture Enhancement Utility\TosPEHK.exe" [2005-02-17 06:32 638976]
"Tvs"="C:\Program Files\TOSHIBA\Tvs\TvsTray.exe" [2004-11-12 12:57 73728]
"TPSODDCtl"="TPSODDCtl.exe" [2004-12-29 07:22 102400 C:\WINDOWS\system32\TPSODDCtl.exe]
"TPSMain"="TPSMain.exe" [2004-12-29 07:22 266240 C:\WINDOWS\system32\TPSMain.exe]
"TouchED"="C:\Program Files\TOSHIBA\TouchED\TouchED.Exe" [2003-03-11 08:58 122880]
"TosHKCW.exe"="C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe" [2002-09-09 10:07 49152]
"TFNF5"="TFNF5.exe" [2004-06-28 13:16 73728 C:\WINDOWS\system32\TFNF5.exe]
"TFncKy"="TFncKy.exe" []
"SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-10-14 04:11 1388544]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2004-08-06 03:27 860160]
"SmoothView"="C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe" [2004-12-21 04:48 118784]
"PadTouch"="C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe" [2004-11-17 05:56 1077327]
"nwiz"="nwiz.exe" [2005-01-13 14:01 1490944 C:\WINDOWS\system32\nwiz.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-01-13 14:01 5509120]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 06:50 155648]
"Kraidman"="C:\Program Files\Toshiba\TOSHIBA RAID\Console\Kraidman.exe" [2005-02-10 20:02 1081426]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-02-12 08:38 49152]
"HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 10:18 241664]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2004-08-09 23:04 59392]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-09-27 20:05 127035]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2004-08-10 09:00 110592 C:\WINDOWS\system32\bthprops.cpl]
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2004-03-24 01:40 196608]
"AGRSMMSG"="AGRSMMSG.exe" [2004-12-21 11:10 88358 C:\WINDOWS\agrsmmsg.exe]
"00THotkey"="C:\WINDOWS\system32\[u]0[/u]0THotkey.exe" [2005-01-27 05:33 270336]
"000StTHK"="000StTHK.exe" [2001-06-23 15:28 24576 C:\WINDOWS\system32\[u]0[/u]00StTHK.exe]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-10-19 21:16 286720]
"iTunesHelper"="D:\Logiciels\I Tunes\iTunesHelper.exe" [2007-11-02 19:36 267048]
"LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 16:33 563984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 16:37 2178832]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 09:00 15360]

C:\Documents and Settings\Mandine\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide de Microsoft Office OneNote 2003.lnk - C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2004-06-17 03:03:44 59080]
Outil de d‚tection de support Picture Motion Browser.lnk - D:\Utilitaires Sony\VolumeWatcher\SPUVolumeWatcher.exe [2007-12-25 08:39:33 344064]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2006-04-08 11:57:03 110592]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-05-28 17:31:38 241664]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 21:05:26 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSACM.CEGSM"= mobilev.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"C:\\WINDOWS\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"=
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"D:\\Logiciels\\I Tunes\\iTunes.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=

R0 KR10N;KR10N;C:\WINDOWS\system32\drivers\KR10N.sys [2005-01-11 19:05]
R3 tosrfec;Bluetooth ACPI from TOSHIBA;C:\WINDOWS\system32\DRIVERS\tosrfec.sys [2004-05-17 18:18]
R3 ttv200x;TOSHIBA PCI TV Tuner type W;C:\WINDOWS\system32\DRIVERS\ttv200x.sys [2005-01-06 19:29]
S3 MBAMCatchMe;MBAMCatchMe;C:\Program Files\Malwarebytes' Anti-Malware\catchme.sys [2008-04-07 20:17]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 17:58]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 18:08]

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-05-07 00:31:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2005-10-18 15:12:35 C:\WINDOWS\Tasks\Rappel d'enregistrement 1.job"
- C:\WINDOWS\system32\OOBE\oobebaln.exe
"2005-10-18 15:12:35 C:\WINDOWS\Tasks\Rappel d'enregistrement 2.job"
- C:\WINDOWS\system32\OOBE\oobebaln.exe
"2005-10-18 15:12:36 C:\WINDOWS\Tasks\Rappel d'enregistrement 3.job"
- C:\WINDOWS\system32\OOBE\oobebaln.exe
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-09 09:09:21
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 59

**************************************************************************
.
Temps d'accomplissement: 2008-05-09 9:11:11
ComboFix-quarantined-files.txt 2008-05-09 13:10:57
ComboFix2.txt 2008-05-05 18:13:02
ComboFix3.txt 2008-05-05 18:00:04
ComboFix4.txt 2008-05-05 17:38:30
ComboFix5.txt 2008-05-05 17:27:31

Pre-Run: 35,956,989,952 octets libres
Post-Run: 36,287,483,904 octets libres

327 --- E O F --- 2008-04-12 02:43:23

Voici le hihjack:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:30:56, on 09/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Toshiba\TOSHIBA RAID\Service\kraidsvc.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\TOSHIBA\TOSHIBA Picture Enhancement Utility\TosPEHK.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\WINDOWS\system32\TFNF5.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Toshiba\TOSHIBA RAID\Console\Kraidman.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\00THotkey.exe
C:\Program Files\QuickTime\qttask.exe
D:\Logiciels\I Tunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Fichiers communs\Cloanto\Software Manager\softmngr.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
D:\Utilitaires Sony\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Trend Micro\test\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://cm.fr.my.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [MotiveReportAgent] "C:\Program Files\Fichiers communs\Motive\McciBootStrapper.exe" /url="-url=file://C:\Program Files\Fichiers communs\Motive\ReportAgent.html" /browsertype=CustomMSIE /browserpath="C:\Program Files\Common Files\Motive\motivebrowser.exe" /hidden
O4 - HKLM\..\Run: [Utilitaire d'enrichissement d'image Toshiba] C:\Program Files\TOSHIBA\TOSHIBA Picture Enhancement Utility\TosPEHK.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TPSODDCtl] TPSODDCtl.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [TosHKCW.exe] "C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe"
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Kraidman] C:\Program Files\Toshiba\TOSHIBA RAID\Console\Kraidman.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Logiciels\I Tunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [CloantoSoftwareManager] "C:\Program Files\Fichiers communs\Cloanto\Software Manager\softmngr.exe" /s
O4 - HKCU\..\Run: [PopitNG] C:\Documents and Settings\All Users\Documents\Logiciels\Post it\popitng_popitng_4.0_francais_43874.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter
O4 - HKCU\..\Run: [olimsxzz] C:\WINDOWS\system32\ahqbqpoj.exe
O4 - HKCU\..\Run: [qbkwpxgf] C:\WINDOWS\system32\qbaraxwx.exe
O4 - HKCU\..\Run: [odthviuc] C:\WINDOWS\system32\ujyditkt.exe
O4 - HKCU\..\Run: [snbildku] C:\WINDOWS\system32\utmjipmj.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (User 'SYSTEM')
O4 - S-1-5-18 Startup: Outil de détection de support Picture Motion Browser.lnk = D:\Utilitaires Sony\VolumeWatcher\SPUVolumeWatcher.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (User 'Default user')
O4 - .DEFAULT Startup: Outil de détection de support Picture Motion Browser.lnk = D:\Utilitaires Sony\VolumeWatcher\SPUVolumeWatcher.exe (User 'Default user')
O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = D:\Utilitaires Sony\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TOSHIBA RAID Service (kraidsvc) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA RAID\Service\kraidsvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

Voici le hihjack:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:30:56, on 09/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Toshiba\TOSHIBA RAID\Service\kraidsvc.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\TOSHIBA\TOSHIBA Picture Enhancement Utility\TosPEHK.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\WINDOWS\system32\TFNF5.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Toshiba\TOSHIBA RAID\Console\Kraidman.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\00THotkey.exe
C:\Program Files\QuickTime\qttask.exe
D:\Logiciels\I Tunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Fichiers communs\Cloanto\Software Manager\softmngr.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
D:\Utilitaires Sony\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Trend Micro\test\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://cm.fr.my.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [MotiveReportAgent] "C:\Program Files\Fichiers communs\Motive\McciBootStrapper.exe" /url="-url=file://C:\Program Files\Fichiers communs\Motive\ReportAgent.html" /browsertype=CustomMSIE /browserpath="C:\Program Files\Common Files\Motive\motivebrowser.exe" /hidden
O4 - HKLM\..\Run: [Utilitaire d'enrichissement d'image Toshiba] C:\Program Files\TOSHIBA\TOSHIBA Picture Enhancement Utility\TosPEHK.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TPSODDCtl] TPSODDCtl.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [TosHKCW.exe] "C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe"
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Kraidman] C:\Program Files\Toshiba\TOSHIBA RAID\Console\Kraidman.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Logiciels\I Tunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [CloantoSoftwareManager] "C:\Program Files\Fichiers communs\Cloanto\Software Manager\softmngr.exe" /s
O4 - HKCU\..\Run: [PopitNG] C:\Documents and Settings\All Users\Documents\Logiciels\Post it\popitng_popitng_4.0_francais_43874.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter
O4 - HKCU\..\Run: [olimsxzz] C:\WINDOWS\system32\ahqbqpoj.exe
O4 - HKCU\..\Run: [qbkwpxgf] C:\WINDOWS\system32\qbaraxwx.exe
O4 - HKCU\..\Run: [odthviuc] C:\WINDOWS\system32\ujyditkt.exe
O4 - HKCU\..\Run: [snbildku] C:\WINDOWS\system32\utmjipmj.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (User 'SYSTEM')
O4 - S-1-5-18 Startup: Outil de détection de support Picture Motion Browser.lnk = D:\Utilitaires Sony\VolumeWatcher\SPUVolumeWatcher.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (User 'Default user')
O4 - .DEFAULT Startup: Outil de détection de support Picture Motion Browser.lnk = D:\Utilitaires Sony\VolumeWatcher\SPUVolumeWatcher.exe (User 'Default user')
O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = D:\Utilitaires Sony\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TOSHIBA RAID Service (kraidsvc) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA RAID\Service\kraidsvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

Il faut donc que je fasse: Chercher les erreurs dans la section Registre?
Est ce que je supprime toutes celles qu'il aura détectées?

Les erreurs détectés ont été supprimées!
Veux tu que je refasse une analyse Hihjackthis?

Cela fait plusieurs jours que e n'ai pas eu de fenêtre intempestives et a première vu mon PC va mieux!

Quels logiciels (antivirus...) sont les meilleurs pour protéger un PC, selon toi?
Aurais tu des conseils pour éviter de choper de viliain truc sur le PC?

Dans le cas de ce virus ci, je sais la bétise que j'ai faites et je ne le referais plus!

Voici le rapport antivir


Avira AntiVir Personal
Report file date: dimanche 11 mai 2008 19:02

Scanning for 1260844 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: SYSTEM
Computer name: QOSMIO

Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 09/04/2008 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 18/03/2008 15:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 07/02/2008 14:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 28/02/2008 14:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 21/02/2008 14:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 16:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 07/03/2008 19:08:58
ANTIVIR2.VDF : 7.0.4.0 1554432 Bytes 05/05/2008 12:42:53
ANTIVIR3.VDF : 7.0.4.25 125952 Bytes 11/05/2008 23:01:08
Engineversion : 8.1.0.42
AEVDF.DLL : 8.1.0.5 102772 Bytes 25/02/2008 15:58:21
AESCRIPT.DLL : 8.1.0.31 262522 Bytes 09/05/2008 13:28:54
AESCN.DLL : 8.1.0.16 119156 Bytes 08/05/2008 13:29:10
AERDL.DLL : 8.1.0.20 418165 Bytes 06/05/2008 12:43:23
AEPACK.DLL : 8.1.1.4 364918 Bytes 06/05/2008 12:43:16
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 06/05/2008 12:43:12
AEHEUR.DLL : 8.1.0.26 1237366 Bytes 09/05/2008 13:28:53
AEHELP.DLL : 8.1.0.14 115063 Bytes 06/05/2008 12:43:01
AEGEN.DLL : 8.1.0.20 299380 Bytes 08/05/2008 13:29:09
AEEMU.DLL : 8.1.0.6 430451 Bytes 08/05/2008 13:29:06
AECORE.DLL : 8.1.0.28 168310 Bytes 08/05/2008 13:29:04
AVWINLL.DLL : 1.0.0.7 14593 Bytes 23/01/2008 23:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 18/02/2008 16:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 19:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 23/01/2008 23:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 12/02/2008 14:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 28/02/2008 14:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 22/01/2008 23:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 23/01/2008 23:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 25/01/2008 18:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 10/03/2008 20:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 06/03/2008 18:02:11

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: dimanche 11 mai 2008 19:02

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'wmplayer.exe' - '1' Module(s) have been scanned
Scan process 'WLLoginProxy.exe' - '1' Module(s) have been scanned
Scan process 'iexplore.exe' - '1' Module(s) have been scanned
Scan process 'usnsvc.exe' - '1' Module(s) have been scanned
Scan process 'skypePM.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'COCIManager.exe' - '1' Module(s) have been scanned
Scan process 'SPUVolumeWatcher.exe' - '1' Module(s) have been scanned
Scan process 'softmngr.exe' - '1' Module(s) have been scanned
Scan process 'Skype.exe' - '1' Module(s) have been scanned
Scan process 'wcescomm.exe' - '1' Module(s) have been scanned
Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
Scan process 'TOSCDSPD.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'ApntEx.exe' - '1' Module(s) have been scanned
Scan process 'Quickcam.exe' - '1' Module(s) have been scanned
Scan process 'Communications_Helper.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'QTTask.exe' - '1' Module(s) have been scanned
Scan process '00THotkey.exe' - '1' Module(s) have been scanned
Scan process 'ehmsas.exe' - '1' Module(s) have been scanned
Scan process 'agrsmmsg.exe' - '1' Module(s) have been scanned
Scan process 'Apoint.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'tfswctrl.exe' - '1' Module(s) have been scanned
Scan process 'ehtray.exe' - '1' Module(s) have been scanned
Scan process 'hpcmpmgr.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'kraidman.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'PadExe.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'TPSBattM.exe' - '1' Module(s) have been scanned
Scan process 'SmoothView.exe' - '1' Module(s) have been scanned
Scan process 'SMax4PNP.exe' - '1' Module(s) have been scanned
Scan process 'TFncKy.exe' - '1' Module(s) have been scanned
Scan process 'TFNF5.exe' - '1' Module(s) have been scanned
Scan process 'TosHKCW.exe' - '1' Module(s) have been scanned
Scan process 'TouchED.exe' - '1' Module(s) have been scanned
Scan process 'TPSMain.exe' - '1' Module(s) have been scanned
Scan process 'TvsTray.exe' - '1' Module(s) have been scanned
Scan process 'TosPEHK.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'dllhost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SMAgent.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'LVComSer.exe' - '1' Module(s) have been scanned
Scan process 'kraidsvc.exe' - '1' Module(s) have been scanned
Scan process 'ehSched.exe' - '1' Module(s) have been scanned
Scan process 'ehRecvr.exe' - '1' Module(s) have been scanned
Scan process 'CFSvcs.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'LVPrcSrv.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
71 processes with 71 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!
Master boot sector HD1
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!
Boot sector 'D:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '59' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\'


End of the scan: dimanche 11 mai 2008 19:48
Used time: 45:51 min

The scan has been done completely.

7365 Scanning directories
278340 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
278340 Files not concerned
7690 Archives were scanned
2 Warnings
0 Notes

Voila avec Tool Cleaner

-->- Recherche:

C:\SDFIX: trouvé !
C:\Qoobox: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Mandine\Bureau\SdFix.exe: trouvé !
C:\Documents and Settings\Mandine\Bureau\Msnfix.zip: trouvé !
C:\Documents and Settings\Mandine\Bureau\ComboFix.exe: trouvé !
C:\Documents and Settings\Mandine\Bureau\SDFIX: trouvé !
C:\Documents and Settings\Mandine\Bureau\MsnFix: trouvé !
C:\Documents and Settings\Mandine\Recent\MSNFix.lnk: trouvé !
C:\Documents and Settings\Mandine\Recent\HijackThis.lnk: trouvé !
C:\Program Files\Trend Micro\test\HijackThis.exe: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\Mandine\Bureau\SdFix.exe: supprimé !
C:\Documents and Settings\Mandine\Bureau\Msnfix.zip: supprimé !
C:\Documents and Settings\Mandine\Bureau\ComboFix.exe: supprimé !
C:\Documents and Settings\Mandine\Recent\MSNFix.lnk: supprimé !
C:\Documents and Settings\Mandine\Recent\HijackThis.lnk: supprimé !
C:\Program Files\Trend Micro\test\HijackThis.exe: supprimé !
C:\SDFIX: supprimé !
C:\Qoobox: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\Mandine\Bureau\SDFIX: supprimé !
C:\Documents and Settings\Mandine\Bureau\MsnFix: supprimé !

Voici le rapport hihjackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:08:55, on 12/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Toshiba\TOSHIBA RAID\Service\kraidsvc.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\TOSHIBA\TOSHIBA Picture Enhancement Utility\TosPEHK.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\WINDOWS\system32\TFNF5.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Toshiba\TOSHIBA RAID\Console\Kraidman.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\00THotkey.exe
C:\Program Files\QuickTime\qttask.exe
D:\Logiciels\I Tunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Fichiers communs\Cloanto\Software Manager\softmngr.exe
D:\Utilitaires Sony\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://cm.fr.my.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Utilitaire d'enrichissement d'image Toshiba] C:\Program Files\TOSHIBA\TOSHIBA Picture Enhancement Utility\TosPEHK.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TPSODDCtl] TPSODDCtl.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [TosHKCW.exe] "C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe"
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Kraidman] C:\Program Files\Toshiba\TOSHIBA RAID\Console\Kraidman.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Logiciels\I Tunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [MotiveReportAgent] "C:\Program Files\Fichiers communs\Motive\McciBootStrapper.exe" /url="-url=file://C:\Program Files\Fichiers communs\Motive\ReportAgent.html" /browsertype=CustomMSIE /browserpath="C:\Program Files\Common Files\Motive\motivebrowser.exe" /hidden
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [CloantoSoftwareManager] "C:\Program Files\Fichiers communs\Cloanto\Software Manager\softmngr.exe" /s
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter
O4 - HKCU\..\Run: [PopitNG] C:\Documents and Settings\All Users\Documents\Logiciels\Post it\popitng_popitng_4.0_francais_43874.exe
O4 - HKCU\..\Run: [olimsxzz] C:\WINDOWS\system32\ahqbqpoj.exe
O4 - HKCU\..\Run: [qbkwpxgf] C:\WINDOWS\system32\qbaraxwx.exe
O4 - HKCU\..\Run: [odthviuc] C:\WINDOWS\system32\ujyditkt.exe
O4 - HKCU\..\Run: [snbildku] C:\WINDOWS\system32\utmjipmj.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (User 'SYSTEM')
O4 - S-1-5-18 Startup: Outil de détection de support Picture Motion Browser.lnk = D:\Utilitaires Sony\VolumeWatcher\SPUVolumeWatcher.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (User 'Default user')
O4 - .DEFAULT Startup: Outil de détection de support Picture Motion Browser.lnk = D:\Utilitaires Sony\VolumeWatcher\SPUVolumeWatcher.exe (User 'Default user')
O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = D:\Utilitaires Sony\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TOSHIBA RAID Service (kraidsvc) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA RAID\Service\kraidsvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

Voici le rapport hihjackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:08:55, on 12/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Toshiba\TOSHIBA RAID\Service\kraidsvc.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\TOSHIBA\TOSHIBA Picture Enhancement Utility\TosPEHK.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\WINDOWS\system32\TFNF5.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Toshiba\TOSHIBA RAID\Console\Kraidman.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\00THotkey.exe
C:\Program Files\QuickTime\qttask.exe
D:\Logiciels\I Tunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Fichiers communs\Cloanto\Software Manager\softmngr.exe
D:\Utilitaires Sony\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://cm.fr.my.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Utilitaire d'enrichissement d'image Toshiba] C:\Program Files\TOSHIBA\TOSHIBA Picture Enhancement Utility\TosPEHK.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TPSODDCtl] TPSODDCtl.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [TosHKCW.exe] "C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe"
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Kraidman] C:\Program Files\Toshiba\TOSHIBA RAID\Console\Kraidman.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Logiciels\I Tunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [MotiveReportAgent] "C:\Program Files\Fichiers communs\Motive\McciBootStrapper.exe" /url="-url=file://C:\Program Files\Fichiers communs\Motive\ReportAgent.html" /browsertype=CustomMSIE /browserpath="C:\Program Files\Common Files\Motive\motivebrowser.exe" /hidden
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [CloantoSoftwareManager] "C:\Program Files\Fichiers communs\Cloanto\Software Manager\softmngr.exe" /s
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter
O4 - HKCU\..\Run: [PopitNG] C:\Documents and Settings\All Users\Documents\Logiciels\Post it\popitng_popitng_4.0_francais_43874.exe
O4 - HKCU\..\Run: [olimsxzz] C:\WINDOWS\system32\ahqbqpoj.exe
O4 - HKCU\..\Run: [qbkwpxgf] C:\WINDOWS\system32\qbaraxwx.exe
O4 - HKCU\..\Run: [odthviuc] C:\WINDOWS\system32\ujyditkt.exe
O4 - HKCU\..\Run: [snbildku] C:\WINDOWS\system32\utmjipmj.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (User 'SYSTEM')
O4 - S-1-5-18 Startup: Outil de détection de support Picture Motion Browser.lnk = D:\Utilitaires Sony\VolumeWatcher\SPUVolumeWatcher.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (User 'Default user')
O4 - .DEFAULT Startup: Outil de détection de support Picture Motion Browser.lnk = D:\Utilitaires Sony\VolumeWatcher\SPUVolumeWatcher.exe (User 'Default user')
O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = D:\Utilitaires Sony\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TOSHIBA RAID Service (kraidsvc) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA RAID\Service\kraidsvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

Voici le rapport hihjackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:08:55, on 12/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Toshiba\TOSHIBA RAID\Service\kraidsvc.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\TOSHIBA\TOSHIBA Picture Enhancement Utility\TosPEHK.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\WINDOWS\system32\TFNF5.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Toshiba\TOSHIBA RAID\Console\Kraidman.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\00THotkey.exe
C:\Program Files\QuickTime\qttask.exe
D:\Logiciels\I Tunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Fichiers communs\Cloanto\Software Manager\softmngr.exe
D:\Utilitaires Sony\VolumeWatcher\SPUVolumeWatcher.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://cm.fr.my.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Utilitaire d'enrichissement d'image Toshiba] C:\Program Files\TOSHIBA\TOSHIBA Picture Enhancement Utility\TosPEHK.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [TPSODDCtl] TPSODDCtl.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [TosHKCW.exe] "C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe"
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Kraidman] C:\Program Files\Toshiba\TOSHIBA RAID\Console\Kraidman.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\Logiciels\I Tunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [MotiveReportAgent] "C:\Program Files\Fichiers communs\Motive\McciBootStrapper.exe" /url="-url=file://C:\Program Files\Fichiers communs\Motive\ReportAgent.html" /browsertype=CustomMSIE /browserpath="C:\Program Files\Common Files\Motive\motivebrowser.exe" /hidden
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [CloantoSoftwareManager] "C:\Program Files\Fichiers communs\Cloanto\Software Manager\softmngr.exe" /s
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Wallpaper] "C:\Program Files\Wallpaper\Wallpaper.exe" Starter
O4 - HKCU\..\Run: [PopitNG] C:\Documents and Settings\All Users\Documents\Logiciels\Post it\popitng_popitng_4.0_francais_43874.exe
O4 - HKCU\..\Run: [olimsxzz] C:\WINDOWS\system32\ahqbqpoj.exe
O4 - HKCU\..\Run: [qbkwpxgf] C:\WINDOWS\system32\qbaraxwx.exe
O4 - HKCU\..\Run: [odthviuc] C:\WINDOWS\system32\ujyditkt.exe
O4 - HKCU\..\Run: [snbildku] C:\WINDOWS\system32\utmjipmj.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (User 'SYSTEM')
O4 - S-1-5-18 Startup: Outil de détection de support Picture Motion Browser.lnk = D:\Utilitaires Sony\VolumeWatcher\SPUVolumeWatcher.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (User 'Default user')
O4 - .DEFAULT Startup: Outil de détection de support Picture Motion Browser.lnk = D:\Utilitaires Sony\VolumeWatcher\SPUVolumeWatcher.exe (User 'Default user')
O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Startup: Outil de détection de support Picture Motion Browser.lnk = D:\Utilitaires Sony\VolumeWatcher\SPUVolumeWatcher.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall.info.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TOSHIBA RAID Service (kraidsvc) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA RAID\Service\kraidsvc.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

Salut,

Voila ce qui apparait quand j'utilise Tollcleaner

-->- Recherche:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\Mandine\Bureau\HijackThis.lnk: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\Mandine\Bureau\HijackThis.lnk: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !

Merci beaucoup de ton aide!

Je voisla différence avec un PC tout nettoyé!

Encore merci!