Infesté par command services

voila, j'installe les pilotes de mon imprimante. Par contre si je dois tout couper,ça risque pas de m'apporter des ennuis? Spybot me bloque pleins de logiciels qui tentent de changer des valeurs au registres...

Bon mon pc est extremement lent. Avast a d'ailleurs trouvé un virus
Win32:Trojan-gen {other}
du nom de c\windows\s+2law4\asappsrv.dllje ne parviens pas à le supprimer, ni le mettre en quarentaine

A ce stade mon disque dur externe n'est plus branché

voila j'ai suivi ta marche à suivre, il a redémmaré le pc, mais avest retrouves les memes problèmes qu'avant
voici un copié collé du rapport.

Malwarebytes' Anti-Malware 1.12
Version de la base de données: 770

Type de recherche: Examen complet (C:\|D:\|E:\|H:\|)
Eléments examinés: 84138
Temps écoulé: 34 minute(s), 21 second(s)

Processus mémoire infecté(s): 3
Module(s) mémoire infecté(s): 3
Clé(s) du Registre infectée(s): 20
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 2
Fichier(s) infecté(s): 36

Processus mémoire infecté(s):
c:\WINDOWS\S+l2aW4\command.exe (AdWare.CommAd) -> No action taken.
C:\WINDOWS\system32\rwwnw64d.exe (Adware.Agent) -> No action taken.
C:\Documents and Settings\Kévin\lsass.exe (Trojan.Agent) -> No action taken.

Module(s) mémoire infecté(s):
c:\WINDOWS\S+l2aW4\asappsrv.dll (AdWare.CommAd) -> No action taken.
C:\WINDOWS\system32\mysidesearch_sidebar.dll (Adware.BHO) -> No action taken.
C:\WINDOWS\system32\khfEUlki.dll (Trojan.Vundo) -> No action taken.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\cmdservice (AdWare.CommAd) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\cmdservice (AdWare.CommAd) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{9506910a-0f94-4ea1-b567-7070428b8b2b} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1e404d48-670a-4085-a6a0-d195793ddd33} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{1e404d48-670a-4085-a6a0-d195793ddd33} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{faba076a-478a-4c32-a0a5-c774607901c2} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{8d71eeb8-a1a7-4733-8fa2-1cac015c967d} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{9f593aac-ca4c-4a41-a7ff-a00812192d61} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{749ec66f-a838-4b38-b8e5-e65d905fff74} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8a290466-39bd-419b-93db-0e9599506654} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\khfeulki (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysidesearchsearchassistant (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\AppID\Sidebar.DLL (Adware.BHO) -> No action taken.
HKEY_CURRENT_USER\Software\MySidesearch (Adware.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Deewoo Network Manager (Adware.Radio) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winvi (Adware.SoftMate) -> No action taken.
HKEY_CURRENT_USER\Software\winvi (Adware.SoftMate) -> No action taken.
HKEY_CLASSES_ROOT\WR (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{8a290466-39bd-419b-93db-0e9599506654} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\LSA Shellu (Trojan.Agent) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\winvi (Adware.SoftMate) -> No action taken.
C:\Program Files\winvi\dsktp (Adware.SoftMate) -> No action taken.

Fichier(s) infecté(s):
c:\WINDOWS\S+l2aW4\asappsrv.dll (AdWare.CommAd) -> No action taken.
c:\WINDOWS\S+l2aW4\command.exe (AdWare.CommAd) -> No action taken.
C:\WINDOWS\system32\efcYPfgF.dll_old (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\FgfPYcfe.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\FgfPYcfe.ini2 (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\mysidesearch_sidebar.dll (Adware.BHO) -> No action taken.
C:\WINDOWS\system32\khfEUlki.dll (Trojan.Vundo) -> No action taken.
C:\Documents and Settings\Kévin\Local Settings\Temporary Internet Files\Content.IE5\41Y34563\17PHolmes[1].cmt (Trojan.DownLoader) -> No action taken.
C:\Documents and Settings\Kévin\Local Settings\Temporary Internet Files\Content.IE5\41Y34563\dm[1].exe (Trojan.Downloader) -> No action taken.
C:\Documents and Settings\Kévin\Local Settings\Temporary Internet Files\Content.IE5\41Y34563\installer[1].exe (Trojan.Proxy) -> No action taken.
C:\Documents and Settings\Kévin\Local Settings\Temporary Internet Files\Content.IE5\85A389AF\gside[1].exe (Adware.Agent) -> No action taken.
C:\Documents and Settings\Kévin\Local Settings\Temporary Internet Files\Content.IE5\8DIFGHMF\17PHolmes[1].cmt (Trojan.DownLoader) -> No action taken.
C:\Program Files\winvi\update.exe (Trojan.StartPage) -> No action taken.
C:\Program Files\winvi\wupda.exe (Adware.SoftMate) -> No action taken.
C:\System Volume Information\_restore{218F9F14-3DD5-4EA4-8FF9-770364F428FD}\RP12\A0003908.dll (Adware.TargetSaver) -> No action taken.
C:\System Volume Information\_restore{218F9F14-3DD5-4EA4-8FF9-770364F428FD}\RP12\A0003911.vbs (Malware.Trace) -> No action taken.
C:\System Volume Information\_restore{218F9F14-3DD5-4EA4-8FF9-770364F428FD}\RP12\A0003912.exe (Trojan.DownLoader) -> No action taken.
C:\System Volume Information\_restore{218F9F14-3DD5-4EA4-8FF9-770364F428FD}\RP12\A0003913.exe (Trojan.DownLoader) -> No action taken.
C:\System Volume Information\_restore{218F9F14-3DD5-4EA4-8FF9-770364F428FD}\RP12\A0003918.dll (AdWare.CommAd) -> No action taken.
C:\WINDOWS\mrofinu1000106.exe_old (Trojan.DownLoader) -> No action taken.
C:\WINDOWS\mrofinu1188.exe_old (Trojan.DownLoader) -> No action taken.
C:\WINDOWS\system32\mysidesearch_sidebar_uninstall.exe (Adware.BHO) -> No action taken.
C:\WINDOWS\system32\rwwnw64d.exe (Adware.Agent) -> No action taken.
C:\WINDOWS\system32\3056v\Wvram13.exe (Adware.Agent) -> No action taken.
C:\WINDOWS\system32\emL1\roEbdll2.exe (Trojan.StartPage) -> No action taken.
C:\WINDOWS\system32\rDA\dBparsdll.exe (Trojan.Downloader) -> No action taken.
C:\Program Files\winvi\Uninst.exe (Adware.SoftMate) -> No action taken.
C:\Program Files\winvi\version.ini (Adware.SoftMate) -> No action taken.
C:\Program Files\winvi\dsktp\AC_RunActiveContent.js (Adware.SoftMate) -> No action taken.
C:\Program Files\winvi\dsktp\desktop.html (Adware.SoftMate) -> No action taken.
C:\Program Files\winvi\dsktp\internetDetection.swf (Adware.SoftMate) -> No action taken.
C:\Program Files\winvi\dsktp\settings.sol (Adware.SoftMate) -> No action taken.
C:\WINDOWS\system32\winpfz33.sys (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\pac.txt (Malware.Trace) -> No action taken.
C:\Documents and Settings\Kévin\services.exe (Trojan.Agent) -> No action taken.
C:\Documents and Settings\Kévin\lsass.exe (Trojan.Agent) -> No action taken.

toute idée est la bienvenue

ok merci, je suis ta procédure et je te tiens au courant.
Un grand merci pour ton aide en tout cas!

Voici le copié collé du txt de combofix. Désolé pour le retard, je devais souper



ComboFix 08-05-19.4 - Kévin 2008-05-20 18:49:09.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1676 [GMT 2:00]
Endroit: C:\Documents and Settings\Kévin\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Kévin\Menu Démarrer\Programmes\Démarrage\Deewoo.lnk
C:\Documents and Settings\Kévin\Menu Démarrer\Programmes\Démarrage\DW_Start.lnk
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\WINDOWS\S+l2aW4\
C:\WINDOWS\S+l2aW4\\m75Zuqb.vbs
C:\WINDOWS\system32\MSINET.oca
H:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_CMDSERVICE
-------\Legacy_NETWORK_MONITOR
-------\Service_cmdService


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-20 to 2008-05-20 ))))))))))))))))))))))))))))))))))))
.

2008-05-20 17:28 . 2008-05-20 17:28 <REP> d-------- C:\Documents and Settings\All Users\Application Data\HP
2008-05-20 16:44 . 2008-05-20 17:21 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-20 16:44 . 2008-05-20 16:44 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-05-20 16:44 . 2008-05-05 20:46 27,048 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-05-20 16:44 . 2008-05-05 20:46 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-05-20 16:42 . 2008-05-20 16:42 <REP> d-------- C:\Program Files\Fichiers communs\HP
2008-05-20 16:28 . 2008-05-20 16:28 <REP> d-------- C:\Program Files\Hewlett-Packard
2008-05-20 16:16 . 2008-05-20 16:16 <REP> d-------- C:\Program Files\Fichiers communs\Hewlett-Packard
2008-05-20 16:15 . 2008-05-20 16:16 144 --a------ C:\WINDOWS\wininit.ini
2008-05-20 16:13 . 2005-03-08 06:43 51,120 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys
2008-05-20 16:13 . 2005-03-08 06:43 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys
2008-05-20 16:10 . 2005-03-08 06:43 21,744 -ra------ C:\WINDOWS\system32\drivers\HPZius12.sys
2008-05-20 16:08 . 2008-04-13 11:45 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-05-20 16:08 . 2008-04-13 11:45 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-05-20 16:06 . 2004-09-29 12:12 278,584 --a------ C:\WINDOWS\system32\HPZidr12.dll
2008-05-20 16:06 . 2004-09-29 12:15 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll
2008-05-20 16:06 . 2004-09-29 12:09 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll
2008-05-20 16:06 . 2004-09-29 12:14 69,632 --a------ C:\WINDOWS\system32\HPZipm12.exe
2008-05-20 16:06 . 2004-09-29 12:08 61,440 --a------ C:\WINDOWS\system32\HPZinw12.exe
2008-05-20 16:06 . 2004-09-29 12:09 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll
2008-05-20 16:04 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe
2008-05-20 15:57 . 2008-05-20 16:06 <REP> d-------- C:\Program Files\HP
2008-05-20 15:46 . 2008-05-20 18:19 113,587 --a------ C:\WINDOWS\hpoins07.dat
2008-05-20 15:46 . 2005-05-24 08:50 21,124 --------- C:\WINDOWS\hpomdl07.dat
2008-05-20 15:44 . 2008-04-13 11:47 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-05-20 15:44 . 2008-04-13 11:47 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys
2008-05-20 15:09 . 2008-05-20 15:09 298,310 --a------ C:\WINDOWS\system32\gside.exe
2008-05-20 15:09 . 2008-05-20 15:09 200,777 --a------ C:\WINDOWS\system32\mcntqkdm.exe
2008-05-20 15:08 . 2008-05-20 17:24 <REP> d-------- C:\WINDOWS\system32\rDA
2008-05-20 15:08 . 2008-05-20 15:08 <REP> d-------- C:\WINDOWS\system32\logXv18
2008-05-20 15:08 . 2008-05-20 17:24 <REP> d-------- C:\WINDOWS\system32\emL1
2008-05-20 15:08 . 2008-05-20 17:24 <REP> d-------- C:\WINDOWS\system32\3056v
2008-05-20 15:08 . 2008-05-20 15:08 <REP> d-------- C:\Temp\dmpxp32
2008-05-20 15:08 . 2008-05-20 18:49 <REP> d-------- C:\Temp
2008-05-20 15:04 . 2008-05-20 15:04 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-05-20 15:02 . 2008-05-20 15:02 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-05-20 15:02 . 2008-05-20 15:03 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-05-20 15:02 . 2008-05-20 15:05 1,374 --a------ C:\WINDOWS\imsins.BAK
2008-05-20 14:20 . 2008-04-13 11:45 26,368 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-05-20 14:11 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-05-20 14:10 . 2008-05-20 14:10 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-05-20 14:05 . 2008-05-20 14:05 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-05-20 14:02 . 2008-05-20 14:11 <REP> d-------- C:\Program Files\Windows Live
2008-05-20 14:02 . 2008-05-20 14:04 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-05-20 14:02 . 2008-05-20 14:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-05-20 13:57 . 2008-05-20 13:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-05-20 13:53 . 2008-05-20 13:53 <REP> d-------- C:\WINDOWS\nview
2008-05-20 13:53 . 2007-12-05 02:53 356,352 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2008-05-20 13:53 . 2007-12-05 01:41 356,352 --a------ C:\WINDOWS\system32\nvudisp.exe
2008-05-20 13:53 . 2008-05-20 14:00 163,353 --a------ C:\WINDOWS\system32\nvapps.xml
2008-05-20 13:53 . 2007-12-05 01:41 17,737 --a------ C:\WINDOWS\system32\nvdisp.nvu
2008-05-20 13:52 . 2008-05-20 13:52 <REP> d-------- C:\NVIDIA
2008-05-20 13:43 . 2008-05-20 14:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-20 13:38 . 2008-05-20 13:38 1,024 --ah----- C:\Documents and Settings\Default User\NTUSER.DAT.LOG
2008-05-20 13:28 . 2008-05-20 13:28 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-05-20 13:26 . 2008-05-20 13:29 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-05-20 13:25 . 2008-04-13 19:34 294,912 -----c--- C:\WINDOWS\system32\dllcache\dlimport.exe
2008-05-20 13:15 . 2007-08-10 08:18 26,488 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-05-20 13:15 . 2006-12-28 12:01 19,569 --a------ C:\WINDOWS\[u]0[/u]02567_.tmp
2008-05-20 13:11 . 2008-05-20 13:11 <REP> d-------- C:\WINDOWS\EHome
2008-05-20 13:01 . 2008-05-20 13:01 <REP> d-------- C:\Program Files\Logitech
2008-05-20 13:01 . 2008-05-20 13:01 <REP> d-------- C:\Program Files\Fichiers communs\Logitech
2008-05-20 13:01 . 2008-05-20 13:01 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Logitech

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-20 10:38 --------- d-----w C:\Program Files\Marvell
2008-05-20 10:38 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-05-20 10:37 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-20 10:37 --------- d-----w C:\Program Files\Analog Devices
2008-05-20 08:43 --------- d-----w C:\Program Files\microsoft frontpage
2008-05-20 08:40 --------- d-----w C:\Program Files\Services en ligne
2008-04-13 17:50 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
2008-04-13 17:37 332,800 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-13 17:33 98,816 ----a-w C:\WINDOWS\system32\psbase.dll
2008-04-13 17:32 764,416 ----a-w C:\WINDOWS\system32\winntbbu.dll
2008-04-13 17:32 61,471 ----a-w C:\WINDOWS\system32\odbcji32.dll
2008-04-13 17:32 5,632 ----a-w C:\WINDOWS\system32\wmi.dll
2008-04-13 17:10 73,600 ----a-w C:\WINDOWS\system32\drivers\sr.sys
2008-04-13 17:09 80,384 ----a-w C:\WINDOWS\system32\drivers\parport.sys
2008-04-13 17:09 68,608 ----a-w C:\WINDOWS\system32\drivers\pci.sys
2008-04-13 17:09 46,848 ----a-w C:\WINDOWS\system32\drivers\p3.sys
2008-04-13 17:09 120,576 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys
2008-04-13 17:07 2,147,328 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-04-13 17:07 2,025,984 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-04-13 17:06 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll
2008-04-13 17:05 800,256 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys
2008-04-13 17:05 25,216 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys
2008-04-13 17:05 154,496 ----a-w C:\WINDOWS\system32\drivers\dmio.sys
2008-04-13 17:05 14,720 ----a-w C:\WINDOWS\system32\drivers\kbdhid.sys
2008-04-13 17:04 93,184 ------w C:\WINDOWS\system32\msxml6r.dll
2008-04-13 17:04 37,632 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys
2008-04-13 17:03 81,920 ------w C:\WINDOWS\system32\msshavmsg.dll
2008-04-13 17:03 5,504 ----a-w C:\WINDOWS\system32\drivers\intelide.sys
2008-04-13 17:03 40,576 ----a-w C:\WINDOWS\system32\drivers\intelppm.sys
2008-04-13 17:02 50,688 ----a-w C:\WINDOWS\system32\inetres.dll
2008-04-13 17:02 40,960 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys
2008-04-13 17:01 572,416 ----a-w C:\WINDOWS\system32\shdoclc.dll
2008-04-13 17:00 66,048 ----a-w C:\WINDOWS\system32\drivers\serial.sys
2008-04-13 17:00 54,144 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys
2008-04-13 16:59 25,856 ------w C:\WINDOWS\system32\drivers\hidbth.sys
2008-04-13 16:59 10,240 ----a-w C:\WINDOWS\system32\gpkrsrc.dll
2008-04-13 16:58 273,664 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-04-13 16:58 1,845,760 ----a-w C:\WINDOWS\system32\win32k.sys
2008-04-13 16:58 1,647,616 ----a-w C:\WINDOWS\system32\winbrand.dll
2008-04-13 16:57 70,144 ----a-w C:\WINDOWS\system32\browselc.dll
2008-04-13 16:57 58,752 ----a-w C:\WINDOWS\system32\drivers\redbook.sys
2008-04-13 16:57 44,672 ----a-w C:\WINDOWS\system32\drivers\fips.sys
2008-04-13 16:56 57,344 ----a-w C:\WINDOWS\system32\mshtmler.dll
2008-04-13 16:56 53,376 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys
2008-04-13 16:55 701,440 ------w C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-04-13 16:55 40,064 ----a-w C:\WINDOWS\system32\drivers\processr.sys
2008-04-13 16:55 327,168 ------w C:\WINDOWS\system32\drivers\ati2mtaa.sys
2008-04-13 16:54 41,856 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys
2008-04-13 16:54 41,472 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys
2008-04-13 16:54 103,936 ----a-w C:\WINDOWS\system32\dpcdll.dll
2008-04-13 16:53 30,336 ----a-w C:\WINDOWS\system32\drivers\modem.sys
2008-04-13 16:53 23,680 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys
2008-04-13 16:52 188,672 ----a-w C:\WINDOWS\system32\drivers\acpi.sys
2008-04-13 10:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
2008-04-13 10:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys
2008-04-13 10:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys
2008-04-13 10:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-04-13 10:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys
2008-04-13 10:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
2008-04-13 10:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys
2008-04-13 10:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys
2008-04-13 10:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys
2008-04-13 10:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-04-13 10:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
2008-04-13 10:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
2008-04-13 10:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys
2008-04-13 10:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys
2008-04-13 10:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys
2008-04-13 10:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys
2008-04-13 10:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
2008-04-13 10:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-04-13 10:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys
2008-04-13 10:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys
2008-04-13 10:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-04-13 10:00 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys
2008-04-13 09:57 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys
2008-04-13 09:57 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys
2008-04-13 09:57 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys
2008-04-13 09:57 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys
2008-04-13 09:57 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
2008-04-13 09:57 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys
2008-04-13 09:57 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys
2008-04-13 09:56 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys
2008-04-13 09:56 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys
2008-04-13 09:56 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys
2008-04-13 09:56 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys
2008-04-13 09:56 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys
2008-04-13 09:56 30,592 ------w C:\WINDOWS\system32\drivers\rndismpx.sys
2008-04-13 09:56 14,592 ----a-w C:\WINDOWS\system32\drivers\ndisuio.sys
2008-04-13 09:56 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys
2008-04-13 09:56 12,800 ------w C:\WINDOWS\system32\drivers\usb8023x.sys
2008-04-13 09:56 12,288 ----a-w C:\WINDOWS\system32\drivers\tunmp.sys
2008-04-13 09:55 202,624 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-04-13 09:54 11,264 ----a-w C:\WINDOWS\system32\drivers\irenum.sys
2008-04-13 09:53 71,552 ----a-w C:\WINDOWS\system32\drivers\bridge.sys
2008-04-13 09:53 40,320 ----a-w C:\WINDOWS\system32\drivers\nmnt.sys
2008-04-13 09:53 36,608 ----a-w C:\WINDOWS\system32\drivers\ip6fw.sys
2008-04-13 09:53 264,832 ----a-w C:\WINDOWS\system32\drivers\http.sys
2008-04-13 09:51 61,824 ----a-w C:\WINDOWS\system32\drivers\nic1394.sys
2008-04-13 09:51 60,800 ----a-w C:\WINDOWS\system32\drivers\arp1394.sys
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{71632814-CED0-4D18-8AE4-9AF1F16BDB1E}]
C:\WINDOWS\system32\efcYPfgF.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 19:34 15360]
"SpybotSD TeaTimer"="d:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-04-01 10:52 1368064]
"Launch LGDCore"="C:\Program Files\Fichiers communs\Logitech\G-series Software\LGDCore.exe" [2006-07-23 03:22 1126400]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]
"nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 01:41 81920]
"HP Software Update"="D:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12 49152]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-13 19:34 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{8A290466-39BD-419B-93DB-0E9599506654}"= C:\WINDOWS\system32\khfEUlki.dll [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\khfEUlki]
khfEUlki.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-20 18:52:03
Windows 5.1.2600 Service Pack 3 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
--------------------- DLLs a charg‚ sous des processus courants ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> C:\WINDOWS\system32\nview.dll
-> ?:\WINDOWS\System32\CSCDLL.dll
.
------------------------ Other Running Processes ------------------------
.
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
D:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
D:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-05-20 18:53:17 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-20 16:53:13

Pre-Run: 10,190,495,744 octets libres
Post-Run: 10,158,821,376 octets libres

259

Bonjour!
Voila, je viens de suivre ta méthode, et voici le rapport de OTMoveIt.




C:\WINDOWS\system32\gside.exe moved successfully.
File/Folder C:\WINDOWS\system32\mcntqkdm.exe not found.
C:\WINDOWS\system32\rDA moved successfully.
C:\WINDOWS\system32\logXv18 moved successfully.
C:\Temp\dmpxp32 moved successfully.
C:\WINDOWS\system32\3056v moved successfully.
File/Folder C:\WINDOWS\system32\khfEUlki.dll not found.

OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 05222008_161747





Je ne sais pas si ça peut t'aider, mais je n'ai pas du redémarrer mon pc.

Voila, j'attend les suites des opérations. Un tout grand merci pour ton aide en tout cas!

Ah j'oubliais. Je sais d'ou vient le virus. Apparement je l'ai attrapé lors d'un de mes passages à l'imprimerie en ville. Donc il n'est pas sur mon disque dur externe comme je le pensais, mais sur ma clé usb. J'imagine qu'a l'heure actuelle il vaut mieux que je ne branche plus ma clé sur mon pc?

Et sinon je fais comment pour la réutiliser? je dois la formater?

Salut Cyril. Y'a pas de souci, je relis juste la marche à suivre pour combofix, puis je fait tout ce que tu m'as demandé;-)

Alors tout d'abord, le rapport de Combofix




ComboFix 08-05-19.4 - Kévin 2008-05-23 18:27:29.4 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1650 [GMT 2:00]
Endroit: C:\Documents and Settings\Kévin\Bureau\ComboFix.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Documents and Settings\Kévin\lsass.exe

.
((((((((((((((((((((((((((((( Fichiers créés 2008-04-23 to 2008-05-23 ))))))))))))))))))))))))))))))))))))
.

2008-05-23 11:22 . 2008-05-23 11:22 <REP> d-------- C:\Program Files\Trend Micro
2008-05-23 00:12 . 2008-05-23 00:12 49 --a------ C:\WINDOWS\NeroDigital.ini
2008-05-23 00:02 . 2008-05-23 00:02 <REP> d-------- C:\Documents and Settings\Kévin\Application Data\Ahead
2008-05-22 22:43 . 2004-03-25 09:06 1,802,240 --------- C:\WINDOWS\UNNMP.exe
2008-05-22 22:43 . 2004-04-21 08:10 52,418 --------- C:\WINDOWS\UNNMP.cfg
2008-05-22 22:42 . 2001-07-09 11:50 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe
2008-05-22 22:40 . 2004-04-19 05:37 1,814,528 --------- C:\WINDOWS\UNNeroVision.exe
2008-05-22 22:40 . 2004-04-21 08:10 96,891 --------- C:\WINDOWS\UNNeroVision.cfg
2008-05-22 22:40 . 2001-03-08 19:30 24,064 --a------ C:\WINDOWS\system32\msxml3a.dll
2008-05-22 22:39 . 2008-05-22 22:39 <REP> d-------- C:\Program Files\Fichiers communs\Ahead
2008-05-22 22:39 . 2008-05-22 22:39 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Ahead
2008-05-22 22:39 . 2001-07-06 14:41 569,344 --a------ C:\WINDOWS\system32\imagr5.dll
2008-05-22 22:39 . 2001-07-06 12:44 544,768 --a------ C:\WINDOWS\system32\imagx5.dll
2008-05-22 22:39 . 2001-07-06 18:24 283,920 --a------ C:\WINDOWS\system32\ImagXpr5.dll
2008-05-22 22:39 . 2000-06-26 11:45 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll
2008-05-22 22:39 . 2001-06-26 08:15 38,912 --a------ C:\WINDOWS\system32\picn20.dll
2008-05-22 16:32 . 2008-05-22 16:32 <REP> d-------- C:\Documents and Settings\Kévin\Application Data\Corel
2008-05-22 16:17 . 2008-05-22 16:17 <REP> d-------- C:\_OTMoveIt
2008-05-21 19:23 . 2008-05-21 19:23 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-05-21 19:00 . 2008-05-21 19:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Corel
2008-05-21 18:59 . 2008-05-21 18:59 <REP> d-------- C:\Documents and Settings\Kévin\Application Data\InstallShield
2008-05-21 17:50 . 2008-05-21 17:50 <REP> d-------- C:\Documents and Settings\LocalService\Application Data\Xfire
2008-05-21 17:47 . 2008-05-21 17:47 <REP> d-------- C:\Documents and Settings\NetworkService\Application Data\Xfire
2008-05-21 17:46 . 2008-05-21 17:46 <REP> d-------- C:\Documents and Settings\Kévin\Application Data\Logitech
2008-05-21 17:45 . 2008-05-21 17:45 0 --ah----- C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-05-21 17:45 . 2008-05-21 17:45 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_LUsbFilt_01005.Wdf
2008-05-21 17:45 . 2008-05-21 17:45 0 --ah----- C:\WINDOWS\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2008-05-21 17:44 . 2008-05-21 21:00 <REP> d-------- C:\Documents and Settings\Kévin\Application Data\Xfire
2008-05-21 17:44 . 2007-01-23 15:45 1,419,024 --a------ C:\WINDOWS\system32\WdfCoInstaller01005.dll
2008-05-21 17:44 . 2007-01-23 15:44 101,136 --a------ C:\WINDOWS\KHALMNPR.Exe
2008-05-21 17:44 . 2007-01-23 15:45 34,576 --a------ C:\WINDOWS\system32\drivers\LHidFilt.Sys
2008-05-21 17:44 . 2007-01-23 15:45 33,296 --a------ C:\WINDOWS\system32\drivers\LMouFilt.Sys
2008-05-21 17:44 . 2007-01-23 15:45 28,176 --a------ C:\WINDOWS\system32\drivers\LUsbFilt.sys
2008-05-21 17:43 . 2007-01-30 01:46 163,840 --a------ C:\WINDOWS\system32\kemutb.dll
2008-05-21 17:43 . 2007-01-30 01:46 135,168 --a------ C:\WINDOWS\system32\KemUtil.dll
2008-05-21 17:43 . 2007-01-30 01:46 110,592 --a------ C:\WINDOWS\system32\KemWnd.dll
2008-05-21 17:43 . 2007-01-30 01:46 69,632 --a------ C:\WINDOWS\system32\KemXML.dll
2008-05-21 16:58 . 2005-05-26 15:34 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2008-05-21 16:57 . 2008-05-23 13:03 107,832 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2008-05-21 16:57 . 2008-05-21 17:50 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2008-05-21 16:57 . 2008-05-23 13:03 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-05-21 16:57 . 2008-05-21 16:57 22,328 --a------ C:\Documents and Settings\Kévin\Application Data\PnkBstrK.sys
2008-05-21 16:57 . 2008-05-21 16:57 319 --a------ C:\WINDOWS\game.ini
2008-05-21 16:41 . 2008-05-21 16:41 <REP> d--hs---- C:\WINDOWS\ftpcache
2008-05-21 11:25 . 2008-05-21 11:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-05-21 11:11 . 2008-05-21 11:11 <REP> d-------- C:\Program Files\Fichiers communs\Control Panels
2008-05-21 11:09 . 2008-05-21 11:09 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ALM
2008-05-21 10:54 . 2008-05-21 10:54 <REP> d-------- C:\Program Files\QuickTime
2008-05-21 10:37 . 2008-05-21 10:37 <REP> d-------- C:\Program Files\Bonjour
2008-05-21 10:32 . 2008-05-21 10:32 <REP> d-------- C:\Program Files\Fichiers communs\Macrovision Shared
2008-05-21 10:22 . 2008-05-22 21:05 <REP> d-------- C:\Program Files\Fichiers communs\Adobe
2008-05-21 10:12 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-05-21 10:12 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-05-21 10:12 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-05-21 08:46 . 2008-05-21 08:46 1,024 --ah----- C:\WINDOWS\system32\config\systemprofile\NtUser.dat.LOG
2008-05-21 08:29 . 2008-05-21 08:29 385 --a------ C:\WINDOWS\ODBC.INI
2008-05-21 08:28 . 2008-05-21 08:28 <REP> d-------- C:\WINDOWS\ShellNew
2008-05-20 18:53 . 2008-05-20 18:53 <REP> d-------- C:\Documents and Settings\KÚvin
2008-05-20 17:28 . 2008-05-20 17:28 <REP> d-------- C:\Documents and Settings\All Users\Application Data\HP
2008-05-20 16:46 . 2008-05-20 16:46 <REP> d-------- C:\Documents and Settings\Kévin\Application Data\Malwarebytes
2008-05-20 16:44 . 2008-05-20 17:21 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-20 16:44 . 2008-05-20 16:44 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-05-20 16:44 . 2008-05-05 20:46 27,048 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-05-20 16:44 . 2008-05-05 20:46 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-05-20 16:42 . 2008-05-20 16:42 <REP> d-------- C:\Program Files\Fichiers communs\HP
2008-05-20 16:28 . 2008-05-20 16:28 <REP> d-------- C:\Program Files\Hewlett-Packard
2008-05-20 16:16 . 2008-05-20 16:16 <REP> d-------- C:\Program Files\Fichiers communs\Hewlett-Packard
2008-05-20 16:15 . 2008-05-20 16:16 144 --a------ C:\WINDOWS\wininit.ini
2008-05-20 16:13 . 2005-03-08 06:43 51,120 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys
2008-05-20 16:13 . 2005-03-08 06:43 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys
2008-05-20 16:10 . 2005-03-08 06:43 21,744 -ra------ C:\WINDOWS\system32\drivers\HPZius12.sys
2008-05-20 16:08 . 2008-04-13 11:45 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2008-05-20 16:08 . 2008-04-13 11:45 15,104 --a--c--- C:\WINDOWS\system32\dllcache\usbscan.sys
2008-05-20 16:06 . 2004-09-29 12:12 278,584 --a------ C:\WINDOWS\system32\HPZidr12.dll
2008-05-20 16:06 . 2004-09-29 12:15 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll
2008-05-20 16:06 . 2004-09-29 12:09 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll
2008-05-20 16:06 . 2004-09-29 12:14 69,632 --a------ C:\WINDOWS\system32\HPZipm12.exe
2008-05-20 16:06 . 2004-09-29 12:08 61,440 --a------ C:\WINDOWS\system32\HPZinw12.exe
2008-05-20 16:06 . 2004-09-29 12:09 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll
2008-05-20 16:04 . 1998-10-29 16:45 306,688 --a------ C:\WINDOWS\IsUninst.exe
2008-05-20 15:57 . 2008-05-20 16:06 <REP> d-------- C:\Program Files\HP
2008-05-20 15:46 . 2008-05-20 15:46 <REP> d-------- C:\Documents and Settings\Kévin\Application Data\HP
2008-05-20 15:46 . 2008-05-20 18:19 113,587 --a------ C:\WINDOWS\hpoins07.dat
2008-05-20 15:46 . 2005-05-24 08:50 21,124 --------- C:\WINDOWS\hpomdl07.dat
2008-05-20 15:44 . 2008-04-13 11:47 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-05-20 15:44 . 2008-04-13 11:47 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys
2008-05-20 15:08 . 2008-05-20 17:24 <REP> d-------- C:\WINDOWS\system32\emL1
2008-05-20 15:08 . 2008-05-22 16:17 <REP> d-------- C:\Temp
2008-05-20 15:04 . 2008-05-20 15:04 <REP> d-------- C:\Program Files\Windows Media Connect 2
2008-05-20 15:02 . 2008-05-21 16:57 <REP> d-------- C:\WINDOWS\system32\LogFiles
2008-05-20 15:02 . 2008-05-20 15:03 <REP> d-------- C:\WINDOWS\system32\drivers\UMDF
2008-05-20 14:20 . 2008-04-13 11:45 26,368 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-05-20 14:11 . 2006-11-29 13:06 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2008-05-20 14:10 . 2008-05-20 14:10 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2008-05-20 14:06 . 2008-05-20 14:12 <REP> d-------- C:\Documents and Settings\Kévin\Contacts
2008-05-20 14:06 . 2008-05-20 14:12 <REP> d-------- C:\Documents and Settings\Kévin\Contacts
2008-05-20 14:05 . 2008-05-21 17:44 <REP> d----c--- C:\WINDOWS\system32\DRVSTORE
2008-05-20 14:02 . 2008-05-21 19:19 <REP> d-------- C:\Program Files\Windows Live
2008-05-20 14:02 . 2008-05-20 14:04 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-05-20 14:02 . 2008-05-20 14:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-05-20 13:57 . 2008-05-20 13:59 <REP> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-05-20 13:53 . 2008-05-20 13:53 <REP> d-------- C:\WINDOWS\nview
2008-05-20 13:53 . 2007-12-05 02:53 356,352 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2008-05-20 13:53 . 2007-12-05 01:41 356,352 --a------ C:\WINDOWS\system32\nvudisp.exe
2008-05-20 13:53 . 2008-05-20 14:00 163,353 --a------ C:\WINDOWS\system32\nvapps.xml
2008-05-20 13:53 . 2007-12-05 01:41 17,737 --a------ C:\WINDOWS\system32\nvdisp.nvu
2008-05-20 13:52 . 2008-05-20 13:52 <REP> d-------- C:\NVIDIA
2008-05-20 13:43 . 2008-05-23 18:24 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-05-20 13:38 . 2008-05-22 22:44 1,024 --ah----- C:\Documents and Settings\Default User\NTUSER.DAT.LOG
2008-05-20 13:28 . 2008-05-20 13:28 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-05-20 13:26 . 2008-05-20 13:29 <REP> d-------- C:\WINDOWS\ServicePackFiles
2008-05-20 13:25 . 2008-04-13 19:34 294,912 -----c--- C:\WINDOWS\system32\dllcache\dlimport.exe
2008-05-20 13:15 . 2007-08-10 08:18 26,488 --a------ C:\WINDOWS\system32\spupdsvc.exe
2008-05-20 13:15 . 2006-12-28 12:01 19,569 --a------ C:\WINDOWS\[u]0[/u]02567_.tmp
2008-05-20 13:11 . 2008-05-20 13:11 <REP> d-------- C:\WINDOWS\EHome
2008-05-20 13:01 . 2008-05-20 13:01 <REP> d-------- C:\Program Files\Logitech
2008-05-20 13:01 . 2008-05-21 17:44 <REP> d-------- C:\Program Files\Fichiers communs\Logitech
2008-05-20 13:01 . 2008-05-21 17:43 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Logitech
2008-05-14 03:29 . 2008-05-14 03:29 41,296 --a------ C:\WINDOWS\system32\xfcodec.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-21 17:10 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-05-20 10:38 --------- d-----w C:\Program Files\Marvell
2008-05-20 10:38 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-05-20 10:37 --------- d-----w C:\Program Files\Analog Devices
2008-05-20 08:43 --------- d-----w C:\Program Files\microsoft frontpage
2008-05-20 08:40 --------- d-----w C:\Program Files\Services en ligne
2008-04-13 17:50 1,804 ----a-w C:\WINDOWS\system32\dcache.bin
2008-04-13 17:37 332,800 ----a-w C:\WINDOWS\system32\netsetup.exe
2008-04-13 17:33 98,816 ----a-w C:\WINDOWS\system32\psbase.dll
2008-04-13 17:32 764,416 ----a-w C:\WINDOWS\system32\winntbbu.dll
2008-04-13 17:32 61,471 ----a-w C:\WINDOWS\system32\odbcji32.dll
2008-04-13 17:32 5,632 ----a-w C:\WINDOWS\system32\wmi.dll
2008-04-13 17:10 73,600 ----a-w C:\WINDOWS\system32\drivers\sr.sys
2008-04-13 17:09 80,384 ----a-w C:\WINDOWS\system32\drivers\parport.sys
2008-04-13 17:09 68,608 ----a-w C:\WINDOWS\system32\drivers\pci.sys
2008-04-13 17:09 46,848 ----a-w C:\WINDOWS\system32\drivers\p3.sys
2008-04-13 17:09 120,576 ----a-w C:\WINDOWS\system32\drivers\pcmcia.sys
2008-04-13 17:07 2,147,328 ----a-w C:\WINDOWS\system32\ntoskrnl.exe
2008-04-13 17:07 2,025,984 ----a-w C:\WINDOWS\system32\ntkrnlpa.exe
2008-04-13 17:06 4,096 ----a-w C:\WINDOWS\system32\dsprpres.dll
2008-04-13 17:05 800,256 ----a-w C:\WINDOWS\system32\drivers\dmboot.sys
2008-04-13 17:05 25,216 ----a-w C:\WINDOWS\system32\drivers\kbdclass.sys
2008-04-13 17:05 154,496 ----a-w C:\WINDOWS\system32\drivers\dmio.sys
2008-04-13 17:05 14,720 ----a-w C:\WINDOWS\system32\drivers\kbdhid.sys
2008-04-13 17:04 93,184 ------w C:\WINDOWS\system32\msxml6r.dll
2008-04-13 17:04 37,632 ----a-w C:\WINDOWS\system32\drivers\isapnp.sys
2008-04-13 17:03 81,920 ------w C:\WINDOWS\system32\msshavmsg.dll
2008-04-13 17:03 5,504 ----a-w C:\WINDOWS\system32\drivers\intelide.sys
2008-04-13 17:03 40,576 ----a-w C:\WINDOWS\system32\drivers\intelppm.sys
2008-04-13 17:02 50,688 ----a-w C:\WINDOWS\system32\inetres.dll
2008-04-13 17:02 40,960 ----a-w C:\WINDOWS\system32\drivers\crusoe.sys
2008-04-13 17:01 572,416 ----a-w C:\WINDOWS\system32\shdoclc.dll
2008-04-13 17:00 66,048 ----a-w C:\WINDOWS\system32\drivers\serial.sys
2008-04-13 17:00 54,144 ----a-w C:\WINDOWS\system32\drivers\i8042prt.sys
2008-04-13 16:59 25,856 ------w C:\WINDOWS\system32\drivers\hidbth.sys
2008-04-13 16:59 10,240 ----a-w C:\WINDOWS\system32\gpkrsrc.dll
2008-04-13 16:58 273,664 ------w C:\WINDOWS\system32\drivers\bthport.sys
2008-04-13 16:58 1,845,760 ----a-w C:\WINDOWS\system32\win32k.sys
2008-04-13 16:58 1,647,616 ----a-w C:\WINDOWS\system32\winbrand.dll
2008-04-13 16:57 70,144 ----a-w C:\WINDOWS\system32\browselc.dll
2008-04-13 16:57 58,752 ----a-w C:\WINDOWS\system32\drivers\redbook.sys
2008-04-13 16:57 44,672 ----a-w C:\WINDOWS\system32\drivers\fips.sys
2008-04-13 16:56 57,344 ----a-w C:\WINDOWS\system32\mshtmler.dll
2008-04-13 16:56 53,376 ----a-w C:\WINDOWS\system32\drivers\volsnap.sys
2008-04-13 16:55 701,440 ------w C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-04-13 16:55 40,064 ----a-w C:\WINDOWS\system32\drivers\processr.sys
2008-04-13 16:55 327,168 ------w C:\WINDOWS\system32\drivers\ati2mtaa.sys
2008-04-13 16:54 41,856 ----a-w C:\WINDOWS\system32\drivers\amdk7.sys
2008-04-13 16:54 41,472 ----a-w C:\WINDOWS\system32\drivers\amdk6.sys
2008-04-13 16:54 103,936 ----a-w C:\WINDOWS\system32\dpcdll.dll
2008-04-13 16:53 30,336 ----a-w C:\WINDOWS\system32\drivers\modem.sys
2008-04-13 16:53 23,680 ----a-w C:\WINDOWS\system32\drivers\mouclass.sys
2008-04-13 16:52 188,672 ----a-w C:\WINDOWS\system32\drivers\acpi.sys
2008-04-13 10:28 175,744 ----a-w C:\WINDOWS\system32\drivers\rdbss.sys
2008-04-13 10:21 162,816 ----a-w C:\WINDOWS\system32\drivers\netbt.sys
2008-04-13 10:20 91,520 ----a-w C:\WINDOWS\system32\drivers\ndiswan.sys
2008-04-13 10:20 361,344 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
2008-04-13 10:20 182,656 ----a-w C:\WINDOWS\system32\drivers\ndis.sys
2008-04-13 10:19 75,264 ----a-w C:\WINDOWS\system32\drivers\ipsec.sys
2008-04-13 10:19 51,328 ----a-w C:\WINDOWS\system32\drivers\rasl2tp.sys
2008-04-13 10:19 48,384 ----a-w C:\WINDOWS\system32\drivers\raspptp.sys
2008-04-13 10:19 146,048 ----a-w C:\WINDOWS\system32\drivers\portcls.sys
2008-04-13 10:19 138,112 ----a-w C:\WINDOWS\system32\drivers\afd.sys
2008-04-13 10:17 83,072 ----a-w C:\WINDOWS\system32\drivers\wdmaud.sys
2008-04-13 10:17 456,576 ----a-w C:\WINDOWS\system32\drivers\mrxsmb.sys
2008-04-13 10:17 105,344 ----a-w C:\WINDOWS\system32\drivers\mup.sys
2008-04-13 10:16 49,536 ----a-w C:\WINDOWS\system32\drivers\classpnp.sys
2008-04-13 10:16 141,056 ----a-w C:\WINDOWS\system32\drivers\ks.sys
2008-04-13 10:15 60,800 ----a-w C:\WINDOWS\system32\drivers\sysaudio.sys
2008-04-13 10:15 574,976 ----a-w C:\WINDOWS\system32\drivers\ntfs.sys
2008-04-13 10:15 334,848 ----a-w C:\WINDOWS\system32\drivers\srv.sys
2008-04-13 10:14 63,744 ----a-w C:\WINDOWS\system32\drivers\cdfs.sys
2008-04-13 10:14 143,744 ----a-w C:\WINDOWS\system32\drivers\fastfat.sys
2008-04-13 10:00 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
2008-04-13 10:00 19,072 ----a-w C:\WINDOWS\system32\drivers\tdi.sys
2008-04-13 09:57 41,472 ----a-w C:\WINDOWS\system32\drivers\raspppoe.sys
2008-04-13 09:57 40,576 ----a-w C:\WINDOWS\system32\drivers\ndproxy.sys
2008-04-13 09:57 34,560 ----a-w C:\WINDOWS\system32\drivers\wanarp.sys
2008-04-13 09:57 20,864 ----a-w C:\WINDOWS\system32\drivers\ipinip.sys
2008-04-13 09:57 152,832 ----a-w C:\WINDOWS\system32\drivers\ipnat.sys
2008-04-13 09:57 14,336 ----a-w C:\WINDOWS\system32\drivers\asyncmac.sys
2008-04-13 09:57 10,112 ----a-w C:\WINDOWS\system32\drivers\ndistapi.sys
2008-04-13 09:56 88,320 ----a-w C:\WINDOWS\system32\drivers\nwlnkipx.sys
2008-04-13 09:56 69,120 ----a-w C:\WINDOWS\system32\drivers\psched.sys
2008-04-13 09:56 35,072 ----a-w C:\WINDOWS\system32\drivers\msgpc.sys
2008-04-13 09:56 34,688 ----a-w C:\WINDOWS\system32\drivers\netbios.sys
2008-04-13 09:56 30,592 ----a-w C:\WINDOWS\system32\drivers\rndismp.sys
2008-04-13 09:56 30,592 ------w C:\WINDOWS\system32\drivers\rndismpx.sys
2008-04-13 09:56 14,592 ----a-w C:\WINDOWS\system32\drivers\ndisuio.sys
2008-04-13 09:56 12,800 ----a-w C:\WINDOWS\system32\drivers\usb8023.sys
2008-04-13 09:56 12,800 ------w C:\WINDOWS\system32\drivers\usb8023x.sys
2008-04-13 09:56 12,288 ----a-w C:\WINDOWS\system32\drivers\tunmp.sys
2008-04-13 09:55 202,624 ----a-w C:\WINDOWS\system32\drivers\rmcast.sys
2008-04-13 09:54 11,264 ----a-w C:\WINDOWS\system32\drivers\irenum.sys
2008-04-13 09:53 71,552 ----a-w C:\WINDOWS\system32\drivers\bridge.sys
2008-04-13 09:53 40,320 ----a-w C:\WINDOWS\system32\drivers\nmnt.sys
2008-04-13 09:53 36,608 ----a-w C:\WINDOWS\system32\drivers\ip6fw.sys
2008-04-13 09:53 264,832 ----a-w C:\WINDOWS\system32\drivers\http.sys
2008-04-13 09:51 61,824 ----a-w C:\WINDOWS\system32\drivers\nic1394.sys
2008-04-13 09:51 60,800 ----a-w C:\WINDOWS\system32\drivers\arp1394.sys
.

((((((((((((((((((((((((((((( snapshot_2008-05-21_19.26.31,95 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-05-21 17:47:41 26,624 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Accessibility\[u]0[/u]34a44742647d86bbaa1c8f15b7cb528\Accessibility.ni.dll
+ 2008-05-21 17:47:46 888,832 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\AspNetMMCExt\bb304cec0361eca66b0fa89d1a59e969\AspNetMMCExt.ni.dll
+ 2008-05-21 17:47:48 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\a6eea31abed00f52cc062c424092dafd\CustomMarshalers.ni.dll
+ 2008-05-21 17:47:47 15,360 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\dfsvc\1dd3efadaa530f2449dc13c568ea5164\dfsvc.ni.exe
+ 2008-05-21 17:47:52 880,640 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Eng#\6930d162678847a01f47fed348873e15\Microsoft.Build.Engine.ni.dll
+ 2008-05-21 17:47:53 81,920 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Fra#\a2f7cb74d513ff512c4bec4c300aaa15\Microsoft.Build.Framework.ni.dll
+ 2008-05-21 17:48:02 1,687,552 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Tas#\917a297b2ea5a0f5fbd388a4259c26ba\Microsoft.Build.Tasks.ni.dll
+ 2008-05-21 17:48:04 163,840 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.Build.Uti#\c9adde7899f180b78f199267c84fa3a0\Microsoft.Build.Utilities.ni.dll
+ 2008-05-21 17:48:09 1,720,320 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\[u]0[/u]44886a99768c9ee6dfae01b295354c9\Microsoft.VisualBasic.ni.dll
+ 2008-05-21 17:48:16 1,003,520 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\c4ec8ced34ef9ab8954cff5bf5d0fc05\System.Configuration.ni.dll
+ 2008-05-21 17:48:20 1,724,416 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Deployment\600ab411d9ec3bc2df23b85bf663d9f9\System.Deployment.ni.dll
+ 2008-05-21 17:48:25 512,000 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\[u]0[/u]fa46f97e5901f66384d24c91953fca1\System.DirectoryServices.Protocols.ni.dll
+ 2008-05-21 17:48:23 1,216,512 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.DirectorySer#\bcb19767b1dd92ea6ead4713747a3f9d\System.DirectoryServices.ni.dll
+ 2008-05-21 17:48:27 659,456 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\[u]0[/u]cb936db5338057a6eefd08d17cf1749\System.EnterpriseServices.ni.dll
+ 2008-05-21 17:48:27 294,912 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\[u]0[/u]cb936db5338057a6eefd08d17cf1749\System.EnterpriseServices.Wrapper.dll
+ 2008-05-21 17:48:29 729,088 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Security\531fdb92069c959eb4c7f6fc87a2c943\System.Security.ni.dll
+ 2008-05-21 17:48:30 684,032 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Transactions\1f04130d373d41e907397eb57ba046bb\System.Transactions.ni.dll
+ 2008-05-21 18:15:35 2,306,048 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Mobile\830d818643869a46b45df035b39913c0\System.Web.Mobile.ni.dll
+ 2008-05-21 18:15:36 237,568 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.RegularE#\[u]0[/u]83e36946f184bd0578406e00584e953\System.Web.RegularExpressions.ni.dll
+ 2008-05-21 18:15:39 1,941,504 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web.Services\2861d1fbebc0438e1a199f430e2dec4c\System.Web.Services.ni.dll
+ 2008-05-21 18:15:27 12,185,600 ----a-w C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\d1df715e50f008d994d12ef39606a565\System.Web.ni.dll
- 2008-05-21 17:13:02 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-23 16:25:43 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-23 16:25:58 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_4f8.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{71632814-CED0-4D18-8AE4-9AF1F16BDB1E}]
C:\WINDOWS\system32\efcYPfgF.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-13 19:34 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe" [2004-04-01 10:52 1368064]
"Launch LGDCore"="C:\Program Files\Fichiers communs\Logitech\G-series Software\LGDCore.exe" [2006-07-23 03:22 1126400]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 01:41 8523776]
"nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 01:41 81920]
"HP Software Update"="D:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12 49152]
"Acrobat Assistant 8.0"="E:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe" [2007-05-10 22:46 624248]
"Adobe_ID0EYTHM"="C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE" [2007-03-20 16:40 1884160]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2007-01-23 15:44 101136 C:\WINDOWS\KHALMNPR.Exe]
"atwtusb"="atwtusb.exe" [2005-09-21 18:08 290816 C:\WINDOWS\system32\ATWTUSB.EXE]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2008-04-13 19:34 15360]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
HP Digital Imaging Monitor.lnk - D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [11/05/2005 23:23:26 282624]
Logitech SetPoint.lnk - D:\Program Files\Logitech\SetPoint\SetPoint.exe [21/05/2008 17:43:55 688128]
Microsoft Office.lnk - D:\Program Files\Microsoft Office\Office10\OSA.EXE [13/02/2001 09:01:04 83360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.XFR1"= xfcodec.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SpybotSnD"="D:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Fichiers communs\\Adobe\\Adobe Version Cue CS3\\Server\\bin\\VersionCueCS3.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"D:\\Program Files\\Xfire\\xfire.exe"=
"E:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3703:TCP"= 3703:TCP:Adobe Version Cue CS3 Server
"3704:TCP"= 3704:TCP:Adobe Version Cue CS3 Server
"50900:TCP"= 50900:TCP:Adobe Version Cue CS3 Server
"50901:TCP"= 50901:TCP:Adobe Version Cue CS3 Server

R1 aiptektp;HyperPen;C:\WINDOWS\system32\DRIVERS\aiptektp.sys [2004-07-07 16:02]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f36622f6-2710-11dd-ab9a-00112feb2fc8}]
\Shell\Auto\command - I:\Start.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-23 18:29:34
Windows 5.1.2600 Service Pack 3 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
--------------------- DLLs a chargé sous des processus courants ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> C:\WINDOWS\system32\nview.dll
.
Temps d'accomplissement: 2008-05-23 18:30:06
ComboFix-quarantined-files.txt 2008-05-23 16:30:02
ComboFix2.txt 2008-05-21 17:26:44
ComboFix3.txt 2008-05-20 16:53:18

Pre-Run: 7,722,078,208 octets libres
Post-Run: 7,711,100,928 octets libres

341 --- E O F --- 2008-05-21 17:23:37

Ensuite le rapport de Dss...



Deckard's System Scanner v20071014.68
Run by Kévin on 2008-05-23 18:45:21
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
20: 2008-05-23 16:45:34 UTC - RP26 - Deckard's System Scanner Restore Point
19: 2008-05-22 18:53:12 UTC - RP25 - Point de vérification système
18: 2008-05-21 17:17:31 UTC - RP24 - Software Distribution Service 3.0
17: 2008-05-21 16:59:57 UTC - RP23 - Installed Corel Painter X.
16: 2008-05-21 15:56:14 UTC - RP22 - Installed Call of Duty(R) 4 - Modern Warfare(TM) 1.5 Multiplayer


-- First Restore Point --
1: 2008-05-20 13:14:10 UTC - RP7 - Installé Windows Live installer


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Kévin.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:46:17, on 23/05/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
d:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Fichiers communs\Logitech\G-series Software\LGDCore.exe
C:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\rundll32.exe
E:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\atwtusb.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
D:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\TBLMOUSE.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
D:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Kévin\Bureau\dss.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Kévin.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - E:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: (no name) - {71632814-CED0-4D18-8AE4-9AF1F16BDB1E} - C:\WINDOWS\system32\efcYPfgF.dll (file missing)
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - E:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Fichiers communs\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "E:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

Le pc démarre un poil plus vite :D




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:04:45, on 23/05/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
d:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PSIService.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Fichiers communs\Logitech\G-series Software\LGDCore.exe
C:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\rundll32.exe
E:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\WINDOWS\system32\atwtusb.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
D:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\WINDOWS\system32\TBLMOUSE.EXE
d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Fichiers communs\Logitech\khalshared\KHALMNPR.EXE
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
D:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - E:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - E:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Fichiers communs\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "E:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\FICHIE~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] d:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Fichiers communs\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

Il n'y a pas de souci, un tout grand merci :p

Passe une bonne nuit :)