Infecté par clcd3.dll

voici le scan hijack :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:12:25, on 04/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Ensemble clavier et souris sans fil Labtec\MagicKey.exe
C:\Program Files\Ensemble clavier et souris sans fil Labtec\MulMouse.exe
C:\Program Files\Ensemble clavier et souris sans fil Labtec\OSD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\HijackThisdestroy\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {00A6FAF1-072E-44cf-8957-5838F569A31D} - (no file)
O2 - BHO: (no name) - {0D2C6FEC-9313-8C2D-BAD8-E1D4950AFD07} - (no file)
O2 - BHO: GigagetIEHelper - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\WINDOWS\system32\gigagetbho_v10.dll
O2 - BHO: Search Assistant - {1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} - C:\WINDOWS\system32\dcads_sidebar.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {57332429-865A-40EA-B15D-DB3898E85EA0} - C:\WINDOWS\system32\clcd3.dll
O2 - BHO: (no name) - {64F56FC1-1272-44CD-BA6E-39723696E350} - (no file)
O2 - BHO: dcads - {6FC3C36D-7635-4D43-BA62-0D9D2F2CD06E} - C:\WINDOWS\system32\nskC.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Tooltipizer - {C004D9F0-A742-4DC7-AFD0-BC29CE3FE04A} - C:\WINDOWS\system32\dcadssuggest.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe
O4 - HKLM\..\Run: [Gigaget] "C:\Program Files\Giganology\Gigaget\GigagetShell.exe" /s
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Activer l'ensemble clavier et souris sans fil Labtec.lnk = C:\Program Files\Ensemble clavier et souris sans fil Labtec\MagicKey.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Download All by Gigaget - C:\Program Files\Giganology\Gigaget\getallurl.htm
O8 - Extra context menu item: &Download by Gigaget - C:\Program Files\Giganology\Gigaget\geturl.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\EROProj.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{6CB70089-7D10-4B6C-9733-0AD56BD9ADC2}: NameServer = 217.175.160.11 217.175.160.12
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Creative Service for CDROM Access - Unknown owner - C:\WINDOWS\system32\CTSVCCDA.EXE (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

--
End of file - 9636 bytes

Bonjour,

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.

Double clique sur combofix.exe afin de le lancer.

Tape sur la touche 1 (Yes) pour démarrer le scan.

Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

voici le resultat du scan  
je n'ai plus beaucoup de temps ici, je de dois rentrer chez moi.
par conséquent il se peut que si tu mets du temps à répondre je ne répondu plus de mon coté ^^

ComboFix 08-01-04.1 - Erwan 2008-01-04 16:30:57.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.576 [GMT 3:00]
Running from: C:\Documents and Settings\Erwan\Bureau\ComboFix.exe
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\system32\cfx32.ocx
C:\WINDOWS\system32\nsk95.dll

.
((((((((((((((((((((((((((((( Fichiers créés 2007-12-04 to 2008-01-04 ))))))))))))))))))))))))))))))))))))
.

2008-01-04 16:29 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-04 16:12 . 2008-01-04 16:12 <REP> d-------- C:\HijackThisdestroy
2008-01-04 14:43 . 2008-01-04 16:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-01-04 14:36 . 2008-01-04 14:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-04 14:20 . 2008-01-04 15:31 <REP> d-------- C:\Program Files\a-squared Free
2008-01-03 20:48 . 2008-01-03 20:48 <REP> d-------- C:\Program Files\Common Files
2008-01-03 20:48 . 2008-01-03 20:48 35 --a------ C:\WINDOWS\Worldbuilder.INI
2008-01-03 20:47 . 2008-01-03 20:47 <REP> d-------- C:\Documents and Settings\Erwan\Application Data\My Battle for Middle-earth(tm) II Files
2008-01-03 19:34 . 2008-01-04 14:04 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-03 19:34 . 2008-01-03 19:34 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-02 22:12 . 2008-01-02 22:12 <REP> d-------- C:\Documents and Settings\Erwan\Application Data\Xfire
2008-01-02 14:15 . 2008-01-02 14:15 0 --a------ C:\warhammer_40000_dawn_of_war_dark_crusade_lotw_v1-5-1.zip
2008-01-01 22:12 . 2008-01-02 08:01 <REP> d-------- C:\Documents and Settings\Admin\Application Data\Xfire
2008-01-01 22:11 . 2008-01-02 22:12 <REP> d---s---- C:\Program Files\Xfire
2008-01-01 22:07 . 2008-01-01 22:06 211,584 --a------ C:\Replay 11-12-2006 - 00-46.zip
2008-01-01 22:02 . 2008-01-01 22:02 141,776 --a------ C:\Replay 22-01-2007 - 00-01.zip
2008-01-01 20:06 . 2008-01-01 20:06 268 --ah----- C:\sqmdata06.sqm
2008-01-01 20:06 . 2008-01-01 20:06 244 --ah----- C:\sqmnoopt06.sqm
2007-12-29 15:42 . 2008-01-04 07:53 116 --a------ C:\WINDOWS\NeroDigital.ini
2007-12-27 18:18 . 2004-10-13 13:28 2,277,376 --------- C:\WINDOWS\UNNMP.exe
2007-12-27 18:18 . 2004-10-20 15:29 45,155 --------- C:\WINDOWS\UNNMP.cfg
2007-12-27 17:54 . 2007-12-27 17:54 <REP> d-------- C:\Program Files\Fichiers communs\Ahead
2007-12-27 17:54 . 2007-12-27 18:18 <REP> d-------- C:\Program Files\Ahead
2007-12-27 17:54 . 2004-07-26 17:16 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll
2007-12-27 17:54 . 2004-07-26 17:16 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll
2007-12-27 17:54 . 2004-07-26 17:16 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll
2007-12-27 17:54 . 2004-07-26 17:16 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll
2007-12-27 17:54 . 2001-07-09 11:50 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe
2007-12-27 17:54 . 2004-03-02 17:37 125,184 --------- C:\WINDOWS\system32\drivers\imagesrv.sys
2007-12-27 17:54 . 2000-06-26 11:45 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll
2007-12-27 17:54 . 2004-03-02 17:37 5,504 --------- C:\WINDOWS\system32\drivers\imagedrv.sys
2007-12-27 17:17 . 2007-12-27 17:17 <REP> dr-h----- C:\MSOCache
2007-12-27 13:57 . 2007-12-27 13:57 <REP> d-------- C:\WINDOWS\73B5C5C0FEF44DC189F3C45DC11957DF.TMP
2007-12-27 11:59 . 2007-12-27 11:59 <REP> d-------- C:\Program Files\Picasa2
2007-12-27 11:59 . 2007-12-27 11:59 <REP> d-------- C:\Program Files\Microsoft Encarta
2007-12-27 11:59 . 2007-12-27 12:00 <REP> d-------- C:\Program Files\AdorageI-GfxDatas
2007-12-27 11:58 . 2007-12-27 11:58 <REP> d-------- C:\Documents and Settings\Admin\Application Data\My Battle for Middle-earth(tm) II Demo Files
2007-12-27 11:57 . 2007-12-27 11:57 <REP> d-------- C:\Program Files\NAMCO BANDAI Games
2007-12-27 11:57 . 2007-12-27 11:57 <REP> d-------- C:\Documents and Settings\Erwan\Application Data\InstallShield
2007-12-27 11:55 . 2007-12-27 11:55 <REP> d-------- C:\Program Files\Mindscape
2007-12-27 11:53 . 2007-12-27 11:53 <REP> d-------- C:\Program Files\Fichiers communs\Broderbund
2007-12-27 11:46 . 2008-01-04 14:35 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2007-12-27 11:43 . 2007-12-27 11:43 <REP> d-------- C:\Documents and Settings\Admin\Application Data\Electronic Arts
2007-12-27 11:42 . 2007-12-27 11:42 <REP> d-------- C:\Program Files\iTunes
2007-12-27 11:42 . 2007-12-27 11:42 <REP> d-------- C:\Program Files\iPod
2007-12-27 11:41 . 2007-12-27 11:41 <REP> d-------- C:\Documents and Settings\Admin\Application Data\vlc
2007-12-27 11:39 . 2007-12-27 11:39 <REP> d-------- C:\Program Files\BitTorrent
2007-12-27 11:38 . 2007-12-27 11:38 <REP> d-------- C:\Program Files\NODouble
2007-12-27 11:38 . 2007-12-27 11:38 <REP> d-------- C:\coktel
2007-12-27 11:30 . 2004-08-05 15:00 1,361 --a------ C:\WINDOWS\system32\fxscount.h
2007-12-26 11:42 . 2007-12-27 11:22 1,943 --a------ C:\WINDOWS\imsins.BAK
2007-12-14 12:07 . 2007-12-14 13:54 <REP> d-------- C:\Documents and Settings\Admin\Application Data\U3
2007-12-11 18:57 . 2007-12-11 18:57 <REP> d-------- C:\Documents and Settings\Erwan\Application Data\Electronic Arts
2007-12-10 19:54 . 2007-12-10 19:54 <REP> d-------- C:\Program Files\OpenAL
2007-12-10 19:54 . 2007-12-10 19:54 413,696 --a------ C:\WINDOWS\system32\wrap_oal.dll
2007-12-10 19:54 . 2007-12-10 19:54 86,016 --a------ C:\WINDOWS\system32\OpenAL32.dll
2007-12-10 19:53 . 2007-12-27 11:43 <REP> d-------- C:\Program Files\Legion of Man
2007-12-09 08:42 . 2007-12-09 08:42 <REP> d-------- C:\Documents and Settings\Erwan\Application Data\teamspeak2
2007-12-07 07:50 . 19,456 C:\WINDOWS\system32\drivers\elthtxpp.dat
2007-12-05 15:06 . 2000-03-25 06:00 84,992 --a------ C:\WINDOWS\system32\clcd3.dll
2007-12-04 20:24 . 2007-12-29 15:08 <REP> d-------- C:\Program Files\Zeb-Utility

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-04 11:36 --------- d-----w C:\Program Files\Lavasoft
2008-01-04 10:59 --------- d-----w C:\Program Files\eMule
2008-01-04 09:04 --------- d-----w C:\Documents and Settings\Admin\Application Data\Skype
2008-01-03 17:43 --------- d-----w C:\Program Files\Electronic Arts
2008-01-01 11:51 --------- d-----w C:\Program Files\Mozilla Thunderbird
2007-12-27 14:43 --------- d-----w C:\Documents and Settings\Admin\Application Data\OpenOffice.org2
2007-12-27 14:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-12-27 14:26 --------- d-----w C:\Program Files\Microsoft Works
2007-12-27 09:54 80,097 ----a-w C:\WINDOWS\system32\dcads-remove.exe
2007-12-27 08:59 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-27 08:56 --------- d-----w C:\Program Files\Warcraft III
2007-12-27 08:53 --------- d-----w C:\Program Files\Broderbund
2007-12-27 08:42 --------- d-----w C:\Program Files\InterVideo
2007-12-27 08:41 --------- d-----w C:\Program Files\Windows Media Connect 2
2007-12-27 08:41 --------- d-----w C:\Program Files\VideoLAN
2007-12-27 08:41 --------- d-----w C:\Program Files\Google
2007-12-27 08:39 --------- d-----w C:\Program Files\DAEMON Tools
2007-12-27 08:39 --------- d-----w C:\Program Files\Astonsoft
2007-12-27 08:38 --------- d-----w C:\Program Files\7-Zip
2007-12-26 07:06 --------- d-----w C:\Program Files\Microsoft Games
2007-12-25 06:11 --------- d-----w C:\Program Files\THQ
2007-12-12 09:04 --------- d-----w C:\Program Files\Pinnacle
2007-12-11 16:32 --------- d-----w C:\Documents and Settings\Erwan\Application Data\Apple Computer
2007-12-11 14:49 59,219 ----a-w C:\WINDOWS\system32\Dcads_sidebar_uninstall.exe
2007-12-09 05:42 434,471 ----a-w C:\WINDOWS\Lord of the Rings 1.exe
2007-12-09 05:42 306,000 ----a-w C:\WINDOWS\Lord of the Rings 1.scr
2007-12-09 05:42 30,208 ----a-w C:\WINDOWS\mickey32.dll
2007-12-04 17:37 --------- d-----w C:\Program Files\LimeWire
2007-12-04 14:56 93,264 -c--a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-12-02 14:50 --------- d-----w C:\Documents and Settings\Erwan\Application Data\vlc
2007-11-30 17:59 --------- d-----w C:\Documents and Settings\Admin\Application Data\Dcads Advanced Toolbar
2007-11-30 13:47 --------- d-----w C:\Program Files\Dcads Advanced Toolbar
2007-11-30 13:46 40,731 ----a-w C:\WINDOWS\system32\superiorads-uninst.exe
2007-11-30 13:46 194,368 ----a-w C:\WINDOWS\system32\dcadssuggest_uninstall.exe
2007-11-30 13:46 --------- d-----w C:\Program Files\Dcads Games Collection
2007-11-30 08:12 --------- d-----w C:\Documents and Settings\Erwan\Application Data\My Battle for Middle-earth(tm) II Demo Files
2007-11-29 21:56 282,624 ----a-w C:\WINDOWS\system32\Dcads_sidebar.dll
2007-11-27 16:43 327,680 ----a-w C:\WINDOWS\system32\dcadssuggest.dll
2007-11-17 16:58 --------- d-----w C:\Program Files\Java
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-11-09 15:23 271,360 ----a-w C:\WINDOWS\system32\drivers\atksgt.sys
2007-11-09 15:23 18,048 ----a-w C:\WINDOWS\system32\drivers\lirsgt.sys
2007-11-09 15:20 --------- d-----w C:\Program Files\AGEIA Technologies
2007-11-09 15:05 --------- d-----w C:\Program Files\Monte Cristo
2007-10-29 22:43 1,293,824 ----a-w C:\WINDOWS\system32\quartz.dll
2007-10-25 06:28 222,720 ----a-w C:\WINDOWS\system32\wmasf.dll
2007-10-17 17:23 10,752 ----a-w C:\WINDOWS\system32\WhoisCL.exe
2005-07-27 04:07 31,772 ----a-w C:\WINDOWS\Fonts\fondamentale.zip
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1648E328-3E5A-4EA5-A9C6-E5F09EE272DA}]
2007-11-30 00:56 282624 --a------ C:\WINDOWS\system32\dcads_sidebar.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{57332429-865A-40EA-B15D-DB3898E85EA0}]
2000-03-25 06:00 84992 --a------ C:\WINDOWS\system32\clcd3.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6FC3C36D-7635-4D43-BA62-0D9D2F2CD06E}]
C:\WINDOWS\system32\nskC.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C004D9F0-A742-4DC7-AFD0-BC29CE3FE04A}]
2007-11-27 19:43 327680 --a------ C:\WINDOWS\system32\dcadssuggest.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46 1460560]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15:00 15360]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55 5674352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 16:00 79224]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-12-14 18:19 221184]
"OpwareSE2"="C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 12:00 49152]
"PinnacleDriverCheck"="C:\WINDOWS\system32\\PSDrvCheck.exe" [2004-03-10 17:21 406016]
"Gigaget"="C:\Program Files\Giganology\Gigaget\GigagetShell.exe" [2006-02-07 10:28 495616]
"AdslTaskBar"="stmctrl.dll" [2005-02-11 09:38 167936 C:\WINDOWS\system32\stmctrl.dll]
"AAWTray"="C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe" [2007-08-08 15:53 88024]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-05 15:00 160768]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 15:00 15360]

C:\Documents and Settings\Admin\Menu D‚marrer\Programmes\D‚marrage\
Skype.lnk - C:\WINDOWS\Installer\{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}\Skype.ico [2007-12-01 16:08:17]
Xfire.lnk - C:\Program Files\Xfire\Xfire.exe [2006-08-30 03:21:11]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Activer l'ensemble clavier et souris sans fil Labtec.lnk - C:\Program Files\Ensemble clavier et souris sans fil Labtec\MagicKey.exe [2005-06-21 08:59:31]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2006-04-24 13:13 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="LogonUI.EXE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll 2007-03-05 17:36 140976 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2004-08-05 15:00 15360 --a--c--- C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\MSN Messenger\msnmsgr.exe /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 11:50 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STYLEXP]
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2007-09-25 01:11 132496 --a------ C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-07-16 17:22 68856 --a------ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"PinnacleDriverCheck"=C:\WINDOWS\system32\\PSDrvCheck.exe
"OM_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe

R0 hlpnzann;hlpnzann;C:\WINDOWS\system32\drivers\elthtxpp.dat []
R0 VOBID;VOBID;C:\WINDOWS\system32\DRIVERS\vobid.sys [2003-08-01 15:47]
R1 kbfilter;Keyboard Filter Driver;C:\WINDOWS\system32\drivers\kbfilter.sys [2003-03-27 12:55]
R1 moufiltr;Mouse Filter Driver;C:\WINDOWS\system32\drivers\moufiltr.sys [2003-01-23 13:29]
R1 vobiw;vobiw;C:\WINDOWS\system32\drivers\vobiw.sys [2004-09-01 15:50]
R3 cdrdrv;Cdrdrv;C:\WINDOWS\system32\Drivers\Cdrdrv.sys [2004-08-03 12:10]
R3 P101bVID;Creative WebCam;C:\WINDOWS\system32\DRIVERS\P101bVid.sys [2002-04-28 15:00]
R3 Stmatm;ATM/ADSL miniport;C:\WINDOWS\system32\DRIVERS\stmatm.sys [2005-07-07 12:07]
R3 TaurusUsb;ADSL Modem USB Service;C:\WINDOWS\system32\DRIVERS\torususb.sys [2005-07-07 12:11]
S1 Asapi;Asapi;C:\WINDOWS\system32\drivers\Asapi.sys [2000-01-08 08:22]
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []

*Newly Created Service* - PROCEXP90
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-04 16:36:11
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-04 16:37:12
ComboFix-quarantined-files.txt 2008-01-04 13:36:57
.
2007-12-27 09:52:39 --- E O F ---

bon et bien ça s'arrete ici pour l'instant. je vais surement expliquer a la mere qui vis ici comment venir arranger ces problemes ici pour qu'elle continue la manip' d'elle meme avec toi  
si ça ne l'interesse pas peut etre je verrais d'ici 3 ou 4 jours  

Ok  
La suite.

[#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :



Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
[#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]

Bonjour angeldark !
Me revoilà   j'ai fait ce que tu m'a demandé, voici le résultat de ComboFix :

ComboFix 08-01-04.1 - Erwan 2008-01-11 10:41:59.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.522 [GMT 3:00]
Running from: C:\Documents and Settings\Erwan\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Erwan\Bureau\CFScript.txt
* Created a new restore point

FILE
C:\warhammer_40000_dawn_of_war_dark_crusade_lotw_v1-5-1.zip
C:\WINDOWS\imsins.BAK
C:\WINDOWS\system32\clcd3.dll
C:\WINDOWS\system32\Dcads_sidebar.dll
C:\WINDOWS\system32\Dcads_sidebar_uninstall.exe
C:\WINDOWS\system32\dcadssuggest.dll
C:\WINDOWS\system32\dcadssuggest_uninstall.exe
C:\WINDOWS\system32\drivers\elthtxpp.dat
C:\WINDOWS\system32\superiorads-uninst.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\warhammer_40000_dawn_of_war_dark_crusade_lotw_v1-5-1.zip
C:\WINDOWS\imsins.BAK
C:\WINDOWS\system32\clcd3.dll
C:\WINDOWS\system32\Dcads_sidebar.dll
C:\WINDOWS\system32\Dcads_sidebar_uninstall.exe
C:\WINDOWS\system32\dcadssuggest.dll
C:\WINDOWS\system32\dcadssuggest_uninstall.exe
C:\WINDOWS\system32\drivers\elthtxpp.dat
C:\WINDOWS\system32\superiorads-uninst.exe

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_HLPNZANN
-------\hlpnzann


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-12-11 to 2008-01-11 ))))))))))))))))))))))))))))))))))))
.

2008-01-11 10:40 . 2008-01-11 10:40 <REP> d-------- C:\Program Files\Trend Micro
2008-01-08 20:08 . 2008-01-08 20:08 <REP> d-------- C:\Documents and Settings\Erwan\Application Data\ScanSoft
2008-01-05 12:56 . 2008-01-05 12:56 <REP> d-------- C:\Documents and Settings\Les jumeaux\Application Data\Electronic Arts
2008-01-04 16:29 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-04 16:12 . 2008-01-04 17:40 <REP> d-------- C:\HijackThisdestroy
2008-01-04 14:43 . 2008-01-04 16:10 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-01-04 14:36 . 2008-01-04 14:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-01-04 14:20 . 2008-01-04 15:31 <REP> d-------- C:\Program Files\a-squared Free
2008-01-03 20:48 . 2008-01-03 20:48 <REP> d-------- C:\Program Files\Common Files
2008-01-03 20:48 . 2008-01-03 20:48 35 --a------ C:\WINDOWS\Worldbuilder.INI
2008-01-03 20:47 . 2008-01-03 20:47 <REP> d-------- C:\Documents and Settings\Erwan\Application Data\My Battle for Middle-earth(tm) II Files
2008-01-03 19:34 . 2008-01-10 13:17 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-03 19:34 . 2008-01-03 19:34 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-02 22:12 . 2008-01-02 22:12 <REP> d-------- C:\Documents and Settings\Erwan\Application Data\Xfire
2008-01-01 22:12 . 2008-01-02 08:01 <REP> d-------- C:\Documents and Settings\Admin\Application Data\Xfire
2008-01-01 22:11 . 2008-01-02 22:12 <REP> d---s---- C:\Program Files\Xfire
2008-01-01 22:07 . 2008-01-01 22:06 211,584 --a------ C:\Replay 11-12-2006 - 00-46.zip
2008-01-01 22:02 . 2008-01-01 22:02 141,776 --a------ C:\Replay 22-01-2007 - 00-01.zip
2008-01-01 20:06 . 2008-01-01 20:06 268 --ah----- C:\sqmdata06.sqm
2008-01-01 20:06 . 2008-01-01 20:06 244 --ah----- C:\sqmnoopt06.sqm
2007-12-29 15:42 . 2008-01-09 09:47 116 --a------ C:\WINDOWS\NeroDigital.ini
2007-12-27 18:18 . 2004-10-13 13:28 2,277,376 --------- C:\WINDOWS\UNNMP.exe
2007-12-27 18:18 . 2004-10-20 15:29 45,155 --------- C:\WINDOWS\UNNMP.cfg
2007-12-27 17:54 . 2007-12-27 17:54 <REP> d-------- C:\Program Files\Fichiers communs\Ahead
2007-12-27 17:54 . 2007-12-27 18:18 <REP> d-------- C:\Program Files\Ahead
2007-12-27 17:54 . 2004-07-26 17:16 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll
2007-12-27 17:54 . 2004-07-26 17:16 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll
2007-12-27 17:54 . 2004-07-26 17:16 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll
2007-12-27 17:54 . 2004-07-26 17:16 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll
2007-12-27 17:54 . 2001-07-09 11:50 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe
2007-12-27 17:54 . 2004-03-02 17:37 125,184 --------- C:\WINDOWS\system32\drivers\imagesrv.sys
2007-12-27 17:54 . 2000-06-26 11:45 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll
2007-12-27 17:54 . 2004-03-02 17:37 5,504 --------- C:\WINDOWS\system32\drivers\imagedrv.sys
2007-12-27 17:17 . 2007-12-27 17:17 <REP> dr-h----- C:\MSOCache
2007-12-27 13:57 . 2008-01-08 12:56 <REP> d-------- C:\WINDOWS\73B5C5C0FEF44DC189F3C45DC11957DF.TMP
2007-12-27 11:59 . 2008-01-09 09:31 <REP> d-------- C:\Program Files\Picasa2
2007-12-27 11:59 . 2007-12-27 11:59 <REP> d-------- C:\Program Files\Microsoft Encarta
2007-12-27 11:59 . 2007-12-27 12:00 <REP> d-------- C:\Program Files\AdorageI-GfxDatas
2007-12-27 11:58 . 2007-12-27 11:58 <REP> d-------- C:\Documents and Settings\Admin\Application Data\My Battle for Middle-earth(tm) II Demo Files
2007-12-27 11:57 . 2007-12-27 11:57 <REP> d-------- C:\Program Files\NAMCO BANDAI Games
2007-12-27 11:57 . 2007-12-27 11:57 <REP> d-------- C:\Documents and Settings\Erwan\Application Data\InstallShield
2007-12-27 11:55 . 2007-12-27 11:55 <REP> d-------- C:\Program Files\Mindscape
2007-12-27 11:53 . 2007-12-27 11:53 <REP> d-------- C:\Program Files\Fichiers communs\Broderbund
2007-12-27 11:46 . 2008-01-04 14:35 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2007-12-27 11:43 . 2007-12-27 11:43 <REP> d-------- C:\Documents and Settings\Admin\Application Data\Electronic Arts
2007-12-27 11:42 . 2007-12-27 11:42 <REP> d-------- C:\Program Files\iTunes
2007-12-27 11:42 . 2007-12-27 11:42 <REP> d-------- C:\Program Files\iPod
2007-12-27 11:39 . 2007-12-27 11:39 <REP> d-------- C:\Program Files\BitTorrent
2007-12-27 11:38 . 2007-12-27 11:38 <REP> d-------- C:\Program Files\NODouble
2007-12-27 11:38 . 2007-12-27 11:38 <REP> d-------- C:\coktel
2007-12-27 11:30 . 2004-08-05 15:00 1,361 --a------ C:\WINDOWS\system32\fxscount.h
2007-12-14 12:07 . 2007-12-14 13:54 <REP> d-------- C:\Documents and Settings\Admin\Application Data\U3
2007-12-11 18:57 . 2007-12-11 18:57 <REP> d-------- C:\Documents and Settings\Erwan\Application Data\Electronic Arts

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-11 07:29 --------- d-----w C:\Documents and Settings\Admin\Application Data\Skype
2008-01-11 07:25 --------- d-----w C:\Program Files\eMule
2008-01-10 07:55 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-01-09 06:19 --------- d-----w C:\Documents and Settings\Admin\Application Data\OpenOffice.org2
2008-01-04 14:04 --------- d-----w C:\Program Files\Lavasoft
2008-01-04 14:04 --------- d-----w C:\Documents and Settings\Admin\Application Data\Lavasoft
2008-01-03 17:43 --------- d-----w C:\Program Files\Electronic Arts
2007-12-29 12:08 --------- d-----w C:\Program Files\Zeb-Utility
2007-12-27 14:30 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2007-12-27 14:26 --------- d-----w C:\Program Files\Microsoft Works
2007-12-27 08:59 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-12-27 08:56 --------- d-----w C:\Program Files\Warcraft III
2007-12-27 08:53 --------- d-----w C:\Program Files\Broderbund
2007-12-27 08:43 --------- d-----w C:\Program Files\Legion of Man
2007-12-27 08:42 --------- d-----w C:\Program Files\InterVideo
2007-12-27 08:41 --------- d-----w C:\Program Files\Windows Media Connect 2
2007-12-27 08:41 --------- d-----w C:\Program Files\VideoLAN
2007-12-27 08:41 --------- d-----w C:\Program Files\Google
2007-12-27 08:39 --------- d-----w C:\Program Files\DAEMON Tools
2007-12-27 08:39 --------- d-----w C:\Program Files\Astonsoft
2007-12-27 08:38 --------- d-----w C:\Program Files\7-Zip
2007-12-26 07:06 --------- d-----w C:\Program Files\Microsoft Games
2007-12-25 06:11 --------- d-----w C:\Program Files\THQ
2007-12-12 09:04 --------- d-----w C:\Program Files\Pinnacle
2007-12-11 16:32 --------- d-----w C:\Documents and Settings\Erwan\Application Data\Apple Computer
2007-12-10 16:54 --------- d-----w C:\Program Files\OpenAL
2007-12-09 05:42 434,471 ----a-w C:\WINDOWS\Lord of the Rings 1.exe
2007-12-09 05:42 306,000 ----a-w C:\WINDOWS\Lord of the Rings 1.scr
2007-12-09 05:42 30,208 ----a-w C:\WINDOWS\mickey32.dll
2007-12-09 05:42 --------- d-----w C:\Documents and Settings\Erwan\Application Data\teamspeak2
2007-12-04 17:37 --------- d-----w C:\Program Files\LimeWire
2007-12-04 14:56 93,264 -c--a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-02 14:50 --------- d-----w C:\Documents and Settings\Erwan\Application Data\vlc
2007-11-30 17:59 --------- d-----w C:\Documents and Settings\Admin\Application Data\Dcads Advanced Toolbar
2007-11-30 13:47 --------- d-----w C:\Program Files\Dcads Advanced Toolbar
2007-11-30 13:46 --------- d-----w C:\Program Files\Dcads Games Collection
2007-11-30 08:12 --------- d-----w C:\Documents and Settings\Erwan\Application Data\My Battle for Middle-earth(tm) II Demo Files
2007-11-17 16:58 --------- d-----w C:\Program Files\Java
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
.

((((((((((((((((((((((((((((( snapshot@2008-01-04_16.36.24,35 )))))))))))))))))))))))))))))))))))))))))
.
- 2007-12-27 11:01:30 121,421 ----a-w C:\WINDOWS\73B5C5C0FEF44DC189F3C45DC11957DF.TMP\WiseCustomCalla.dll
+ 2008-01-08 09:56:12 121,421 ----a-w C:\WINDOWS\73B5C5C0FEF44DC189F3C45DC11957DF.TMP\WiseCustomCalla.dll
+ 2000-08-31 05:00:00 163,328 ----a-w C:\WINDOWS\erdnt\subs\ERDNT.EXE
- 2006-08-17 12:29:49 728,576 -c--a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
+ 2007-11-07 09:28:31 728,576 -c--a-w C:\WINDOWS\system32\dllcache\lsasrv.dll
- 2006-04-20 11:51:50 359,808 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2007-10-30 17:20:55 360,064 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
- 2006-04-20 11:51:50 359,808 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
+ 2007-10-30 17:20:55 360,064 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
- 2006-08-17 12:29:49 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
+ 2007-11-07 09:28:31 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
- 2007-12-02 23:00:05 18,684,536 ----a-w C:\WINDOWS\system32\MRT.exe
+ 2008-01-02 18:21:36 17,642,616 ----a-w C:\WINDOWS\system32\MRT.exe
- 2008-01-04 13:00:55 80,108 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-01-11 07:39:45 82,776 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2008-01-04 13:00:55 94,252 ----a-w C:\WINDOWS\system32\perfc00C.dat
+ 2008-01-11 07:39:45 97,656 ----a-w C:\WINDOWS\system32\perfc00C.dat
- 2008-01-04 13:00:55 449,038 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-01-11 07:39:45 456,122 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2008-01-04 13:00:55 467,646 ----a-w C:\WINDOWS\system32\perfh00C.dat
+ 2008-01-11 07:39:45 476,340 ----a-w C:\WINDOWS\system32\perfh00C.dat
+ 2008-01-11 07:51:25 16,384 ----atw C:\WINDOWS\TEMP\Perflib_Perfdata_568.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15:00 15360]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55 5674352]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-16 17:22 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 16:00 79224]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-12-14 18:19 221184]
"OpwareSE2"="C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 12:00 49152]
"PinnacleDriverCheck"="C:\WINDOWS\system32\\PSDrvCheck.exe" [2004-03-10 17:21 406016]
"Gigaget"="C:\Program Files\Giganology\Gigaget\GigagetShell.exe" [2006-02-07 10:28 495616]
"AdslTaskBar"="stmctrl.dll" [2005-02-11 09:38 167936 C:\WINDOWS\system32\stmctrl.dll]
"AAWTray"="C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe" [2007-08-08 15:53 88024]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 15:00 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2006-04-24 13:13 282624]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="LogonUI.EXE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv]
C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll 2007-03-05 17:36 140976 C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\WbSrv.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=wbsys.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2004-08-05 15:00 15360 --a--c--- C:\WINDOWS\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\MSN Messenger\msnmsgr.exe /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
2001-07-09 11:50 155648 --a------ C:\WINDOWS\system32\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STYLEXP]
C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2007-09-25 01:11 132496 --a------ C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-07-16 17:22 68856 --a------ C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=3 (0x3)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"PinnacleDriverCheck"=C:\WINDOWS\system32\\PSDrvCheck.exe
"OM_Monitor"=C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe

R0 VOBID;VOBID;C:\WINDOWS\system32\DRIVERS\vobid.sys [2003-08-01 15:47]
R1 kbfilter;Keyboard Filter Driver;C:\WINDOWS\system32\drivers\kbfilter.sys [2003-03-27 12:55]
R1 moufiltr;Mouse Filter Driver;C:\WINDOWS\system32\drivers\moufiltr.sys [2003-01-23 13:29]
R1 vobiw;vobiw;C:\WINDOWS\system32\drivers\vobiw.sys [2004-09-01 15:50]
R3 cdrdrv;Cdrdrv;C:\WINDOWS\system32\Drivers\Cdrdrv.sys [2004-08-03 12:10]
R3 P101bVID;Creative WebCam;C:\WINDOWS\system32\DRIVERS\P101bVid.sys [2002-04-28 15:00]
R3 Stmatm;ATM/ADSL miniport;C:\WINDOWS\system32\DRIVERS\stmatm.sys [2005-07-07 12:07]
R3 TaurusUsb;ADSL Modem USB Service;C:\WINDOWS\system32\DRIVERS\torususb.sys [2005-07-07 12:11]
S1 Asapi;Asapi;C:\WINDOWS\system32\drivers\Asapi.sys [2000-01-08 08:22]
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-11 10:52:16
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-01-11 10:56:21
ComboFix-quarantined-files.txt 2008-01-11 07:56:17
ComboFix2.txt 2008-01-04 13:37:12
.
2008-01-09 09:12:53 --- E O F ---

Ben là ça devrait être bon, tu devrais être débarrassé!

ok, j'ai effectivement remarqué que lorsque je clique sur "poste de travail" ou "panneau de config" j'ai plus d'alerte virus ^^
merci a toi angeldark

DIGIT_89 : tu peux me laisser faire ?  
Le_cid, reposte un rapport Hijackthis.

Bien sûr  

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:03:21, on 12/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe
C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe
C:\Program Files\Ensemble clavier et souris sans fil Labtec\MagicKey.exe
C:\Program Files\Ensemble clavier et souris sans fil Labtec\MulMouse.exe
C:\Program Files\Ensemble clavier et souris sans fil Labtec\OSD.EXE
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Giganology\Gigaget\Gigaget.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: GigagetIEHelper - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\WINDOWS\system32\gigagetbho_v10.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe
O4 - HKLM\..\Run: [Gigaget] "C:\Program Files\Giganology\Gigaget\GigagetShell.exe" /s
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AtiTrayTools] "C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe"
O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Activer l'ensemble clavier et souris sans fil Labtec.lnk = C:\Program Files\Ensemble clavier et souris sans fil Labtec\MagicKey.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Download All by Gigaget - C:\Program Files\Giganology\Gigaget\getallurl.htm
O8 - Extra context menu item: &Download by Gigaget - C:\Program Files\Giganology\Gigaget\geturl.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\EROProj.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{6CB70089-7D10-4B6C-9733-0AD56BD9ADC2}: NameServer = 217.175.160.11 217.175.160.12
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Creative Service for CDROM Access - Unknown owner - C:\WINDOWS\system32\CTSVCCDA.EXE (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

--
End of file - 9570 bytes

Re,

On termine  

Désinstalle correctement Avast! pour le remplacer par AntiVir.
Pourquoi changer ? Avast! vs AntiVir

Fais un scan complet puis poste le rapport en fin d'analyse.
AIDE : Tutorial sur l'antivirus AntiVir Personal Edition Classic

o_O

Ne le prend pas comme ça. Mais tu débarques comme ça sur un topic et tu dis que c'est terminé. Alors que je m'occupe de la désinfection depuis le début.

J'ai supprimé Avast! et je télécharge acutllement AntiVir  
8% à 27ko/sec ...

voici le resultat :

AntiVir PersonalEdition Classic
Report file date: samedi 12 janvier 2008 13:09

Scanning for 835736 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: ADMIN-2C74DE9C2

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 11:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 10:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 13:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 10:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 12:27:15
ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 13/09/2007 12:26:55
ANTIVIR2.VDF : 7.0.0.1 2048 Bytes 13/09/2007 12:27:04
ANTIVIR3.VDF : 7.0.0.2 2048 Bytes 13/09/2007 12:27:13
AVEWIN32.DLL : 7.6.0.15 2806272 Bytes 17/09/2007 15:43:56
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 08:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 05:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 11:16:24
AVPACK32.DLL : 7.3.0.15 360488 Bytes 03/08/2007 06:46:00
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 05:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 10:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 05:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 09:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 10:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 10:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 07:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: high
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Deviating risk categories........: +GAME,+JOKE,
Expanded search settings.........: 0x00001000

Start of the scan: samedi 12 janvier 2008 13:09

Starting search for hidden objects.
'75827' objects were checked, '0' hidden objects were found.

[...]

End of the scan: samedi 12 janvier 2008 14:53
Used time: 1:44:07 min

The scan has been done completely.

11943 Scanning directories
400392 Files were scanned
2 viruses and/or unwanted programs were found
2 Files were classified as suspicious:
2 files were deleted
0 files were repaired
2 files were moved to quarantine
0 files were renamed
43 Files cannot be scanned
400390 Files not concerned
2412 Archives were scanned
45 Warnings
0 Notes
75827 Objects were scanned with rootkit scan
0 Hidden objects were found

Reposte un rapport Hijackthis  

voici :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:44:26, on 12/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe
C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe
C:\Program Files\Ensemble clavier et souris sans fil Labtec\MagicKey.exe
C:\Program Files\Ensemble clavier et souris sans fil Labtec\MulMouse.exe
C:\Program Files\Ensemble clavier et souris sans fil Labtec\OSD.EXE
C:\Program Files\Giganology\Gigaget\Gigaget.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Windows Media Player\setup_wm.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: GigagetIEHelper - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:\WINDOWS\system32\gigagetbho_v10.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe
O4 - HKLM\..\Run: [Gigaget] "C:\Program Files\Giganology\Gigaget\GigagetShell.exe" /s
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [AAWTray] C:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [AtiTrayTools] "C:\Program Files\Ray Adams\ATI Tray Tools\atitray.exe"
O4 - HKCU\..\Run: [VoipBuster] "C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe" -nosplash -minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-448539723-1326574676-725345543-1004\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Admin')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-448539723-1326574676-725345543-1004 Startup: Skype.lnk = ? (User 'Admin')
O4 - S-1-5-21-448539723-1326574676-725345543-1004 Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe (User 'Admin')
O4 - S-1-5-21-448539723-1326574676-725345543-1004 User Startup: Skype.lnk = ? (User 'Admin')
O4 - S-1-5-21-448539723-1326574676-725345543-1004 User Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe (User 'Admin')
O4 - Global Startup: Activer l'ensemble clavier et souris sans fil Labtec.lnk = C:\Program Files\Ensemble clavier et souris sans fil Labtec\MagicKey.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Download All by Gigaget - C:\Program Files\Giganology\Gigaget\getallurl.htm
O8 - Extra context menu item: &Download by Gigaget - C:\Program Files\Giganology\Gigaget\geturl.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\EROProj.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O17 - HKLM\System\CCS\Services\Tcpip\..\{6CB70089-7D10-4B6C-9733-0AD56BD9ADC2}: NameServer = 217.175.160.11 217.175.160.12
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Unknown owner - C:\WINDOWS\system32\CTSVCCDA.EXE (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7.exe

--
End of file - 10263 bytes



 

Des soucis ou questions ?  

Non, je n'ai rien remarqué de spécial en dehors du fait qu'un petit defrag s'impose... ^^
mais sinon tiens, j'aimerais savoir, comment t'es-tu spécialisé dans le nettoyage/réparation en quelques 2 ans d'inscription seulement sur le site ?
et en plus tu n'as que 16 ans ?

Bah lecture, analyse toussa.
Tu me fais penser que je suis le plus gros posteur du forum, je pensais pas être aussi geek  

lool je me demandais aussi qui aurait pu avoir plus de 39K