veuillez analyser mon rapport SVP
et me dire s'il y a des infections ou pas ^^
merci


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:22:35, on 4/05/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\My Files\Games\PacSteam\Steam.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\conime.exe
C:\Windows\System32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\BitDefender\BitDefender 2008\uiscan.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\My Files\Setup Files\Antivirus\anti spyware\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ShoppingReport - {100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\My Files\Programs\FlashGet\jccatch_2.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\My Files\Programs\FlashGet\getflash.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {C130E860-7C1C-44F0-996C-1F995C10B61E} - (no file)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Flashget] C:\My Files\Programs\FlashGet\flashget.exe /min
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
O4 - HKCU\..\Run: [Steam] "c:\my files\games\pacsteam\steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\My Files\Programs\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\My Files\Programs\FlashGet\FlashGet.exe
O13 - Gopher Prefix:
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - http://upload.facebook.com/controls/Fac ... oader3.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fich ... 0_4_13.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/Fac ... der4_5.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Net Control 2 Remote Desktop Server Service (NC2RemoteDesktop) - Unknown owner - C:\Program Files\Net Control 2\ncvserver.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 12011 bytes

Bonjour, en effet il y a une infection.

• Télécharge BTFix de Bibi26.
• Dézippe l'archive sur ton Bureau.
• Ouvre le dossier BTFix.
• Double clique sur BTFix.exe.
• Clique sur Rechercher.
• Un rapport va apparaître, copie/colle-le dans ta prochaine réponse, ne nettoie pas directement, on vérifie d'abord ce qui est listé.

voila

BTFix 1.098 (par bibi26) - 04/05/2008 13:49:19 - Analyse
Lancé depuis C:\My Files\Setup Files\Antivirus\anti spyware\BTFix\BTFix.exe

---> Fichiers/Dossiers trouvés

- C:\Program Files\ShoppingReport\

---> Analyse terminée le 04/05/2008 13:49:19

C'est bon.

• Ouvre BTFix.
• Clique sur Nettoyer.
• Un rapport va apparaître, copie/colle-le dans ta prochaine réponse, puis poste un nouveau rapport HijackThis stp.

BTFix 1.098 (par bibi26) - 04/05/2008 14:02:04 - Nettoyage - Mode normal
Lancé depuis C:\My Files\Setup Files\Antivirus\anti spyware\BTFix\BTFix.exe

---> Fichiers/dossiers supprimés (Première passe)

- Fichiers temporaires effacés
- C:\Program Files\ShoppingReport\Bin\2.5.0\
- C:\Program Files\ShoppingReport\Bin\
- C:\Program Files\ShoppingReport\

---> Nettoyage terminé le 04/05/2008 14:02:23

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:04:05, on 4/05/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\My Files\Setup Files\Antivirus\anti spyware\BTFix\BTFix.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\My Files\Setup Files\Antivirus\anti spyware\HiJackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\My Files\Programs\FlashGet\jccatch_2.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\My Files\Programs\FlashGet\getflash.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {C130E860-7C1C-44F0-996C-1F995C10B61E} - (no file)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Flashget] C:\My Files\Programs\FlashGet\flashget.exe /min
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
O4 - HKCU\..\Run: [Steam] "c:\my files\games\pacsteam\steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\My Files\Programs\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\My Files\Programs\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\My Files\Programs\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\My Files\Programs\FlashGet\FlashGet.exe
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - http://upload.facebook.com/controls/Fac ... oader3.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fich ... 0_4_13.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/Fac ... der4_5.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Net Control 2 Remote Desktop Server Service (NC2RemoteDesktop) - Unknown owner - C:\Program Files\Net Control 2\ncvserver.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 10599 bytes

Ok. Relance HijackThis via clic droit exécuter en tant qu'administrateur, et coche cette ligne :

O23 - Service: Net Control 2 Remote Desktop Server Service (NC2RemoteDesktop) - Unknown owner - C:\Program Files\Net Control 2\ncvserver.exe (file missing)

Puis fais fix checked, en bas à gauche, et ce sera bon.

c'est fait ( exécuter en tant qu'administrateur )
mais la ligne :
O23 - Service: Net Control 2 Remote Desktop Server Service (NC2RemoteDesktop) - Unknown owner - C:\Program Files\Net Control 2\ncvserver.exe (file missing)

ne veut toujours pas disparaitre

je vous met un rapport hjt :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:11:16, on 4/05/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\conime.exe
C:\Windows\explorer.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\My Files\Programs\FlashGet\flashget.exe
C:\Windows\system32\SearchFilterHost.exe
C:\My Files\Setup Files\Antivirus\anti spyware\HiJackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\My Files\Programs\FlashGet\jccatch_2.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\My Files\Programs\FlashGet\getflash.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {C130E860-7C1C-44F0-996C-1F995C10B61E} - (no file)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Flashget] C:\My Files\Programs\FlashGet\flashget.exe /min
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
O4 - HKCU\..\Run: [Steam] "c:\my files\games\pacsteam\steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\My Files\Programs\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\My Files\Programs\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\My Files\Programs\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\My Files\Programs\FlashGet\FlashGet.exe
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - http://upload.facebook.com/controls/Fac ... oader3.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fich ... 0_4_13.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/Fac ... der4_5.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: Net Control 2 Remote Desktop Server Service (NC2RemoteDesktop) - Unknown owner - C:\Program Files\Net Control 2\ncvserver.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 10621 bytes

Télécharge combofix.exe de sUBs et sauvegarde le sur ton bureau (et pas ailleurs).

• Double-clique combofix.exe afin de l'exécuter et suis les instructions.
• Lorsque l'analyse sera terminée, un rapport apparaîtra.
• Copie-colle ce rapport dans ta prochaine réponse.
  Le rapport se trouve dans : C:\Combofix.txt (si jamais).
• Pour plus d'information et un tuto illustré, voici le seul tuto officiel et autorisé : http://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

ComboFix 08-05-01.3 - Younes 2008-05-04 14:24:26.4 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.947 [GMT 2:00]
Endroit: C:\Users\Younes\Desktop\ComboFix.exe
* Création d'un nouveau point de restauration
* Resident AV is active

.

((((((((((((((((((((((((((((( Fichiers créés 2008-04-04 to 2008-05-04 ))))))))))))))))))))))))))))))))))))
.

2008-05-03 21:28 . 2008-05-03 21:30 298,180,397 --a------ C:\Windows\MEMORY.DMP
2008-04-25 14:11 . 2008-04-25 16:06 <REP> d-------- C:\Users\Younes\AppData\Roaming\Ahead
2008-04-25 13:59 . 2008-04-25 14:05 <REP> d-------- C:\Program Files\Common Files\Ahead
2008-04-24 17:07 . 2008-04-24 17:15 <REP> d-------- C:\Users\All Users\TrackMania
2008-04-24 17:07 . 2008-04-24 17:15 <REP> d-------- C:\PROGRA~2\TrackMania
2008-04-24 16:02 . 2008-04-24 16:08 <REP> d-------- C:\Program Files\Yahoo!
2008-04-24 01:04 . 2008-04-24 01:04 98,304 --a------ C:\Windows\System32\CmdLineExt.dll
2008-04-22 22:18 . 2008-04-26 12:25 <REP> d-------- C:\Users\Younes\AppData\Roaming\uTorrent
2008-04-20 14:32 . 2008-04-20 14:32 <REP> dr------- C:\Windows\System32\config\systemprofile\Videos
2008-04-20 14:32 . 2008-04-20 14:32 <REP> dr------- C:\Windows\System32\config\systemprofile\Searches
2008-04-20 14:32 . 2008-04-20 14:32 <REP> dr------- C:\Windows\System32\config\systemprofile\Saved Games
2008-04-20 14:32 . 2008-04-20 14:32 <REP> dr------- C:\Windows\System32\config\systemprofile\Pictures
2008-04-20 14:32 . 2008-04-20 14:32 <REP> dr------- C:\Windows\System32\config\systemprofile\Links
2008-04-20 14:32 . 2008-04-20 14:32 <REP> dr------- C:\Windows\System32\config\systemprofile\Downloads
2008-04-20 14:32 . 2008-04-20 14:32 <REP> dr------- C:\Windows\System32\config\systemprofile\Documents
2008-04-20 13:09 . 2008-05-04 13:14 121 --a------ C:\Windows\bdagent.INI
2008-04-19 19:25 . 2008-04-19 19:25 <REP> d-------- C:\Users\Younes\AppData\Roaming\Bitdefender
2008-04-19 19:24 . 2008-04-19 19:27 <REP> d-------- C:\Users\All Users\BitDefender
2008-04-19 19:24 . 2008-04-19 19:24 <REP> d-------- C:\Program Files\BitDefender
2008-04-19 19:24 . 2008-04-19 19:27 <REP> d-------- C:\PROGRA~2\BitDefender
2008-04-19 19:23 . 2008-04-19 19:24 <REP> d-------- C:\Program Files\Common Files\BitDefender
2008-04-19 17:06 . 2008-04-19 17:06 <REP> d-------- C:\Users\All Users\Kaspersky Lab Setup Files
2008-04-19 17:06 . 2008-04-19 17:06 <REP> d-------- C:\PROGRA~2\Kaspersky Lab Setup Files
2008-04-19 16:16 . 2008-04-19 16:16 52 --a------ C:\Windows\wininit.ini
2008-04-18 23:40 . 2008-04-21 01:19 <REP> d-------- C:\Program Files\Microsoft Silverlight
2008-04-18 12:05 . 2008-04-18 12:06 <REP> d-------- C:\Program Files\Common Files\Merge Modules
2008-04-18 12:03 . 2008-04-18 12:03 <REP> d-------- C:\Program Files\Microsoft SDKs
2008-04-18 03:01 . 2008-04-19 16:16 <REP> d-------- C:\Program Files\Common Files\Kaspersky Lab
2008-04-16 21:46 . 2008-04-16 21:46 <REP> d-------- C:\Program Files\Common Files\L&H
2008-04-16 04:04 . 2008-04-16 04:04 <REP> d-------- C:\Users\All Users\WindowsSearch
2008-04-16 04:04 . 2008-04-16 04:04 <REP> d-------- C:\PROGRA~2\WindowsSearch
2008-04-15 20:38 . 2008-04-15 20:48 691 --a------ C:\Users\Younes\AppData\Roaming\GetValue.vbs
2008-04-15 20:38 . 2008-04-15 20:48 35 --a------ C:\Users\Younes\AppData\Roaming\SetValue.bat
2008-04-15 20:10 . 2008-04-18 14:48 <REP> d-------- C:\Program Files\Microsoft Visual Studio 9.0
2008-04-15 12:35 . 2007-09-06 00:22 289,144 --a------ C:\Windows\System32\VCCLSID.exe
2008-04-15 12:35 . 2006-04-27 17:49 288,417 --a------ C:\Windows\System32\SrchSTS.exe
2008-04-15 12:35 . 2008-04-14 19:28 86,528 --a------ C:\Windows\System32\VACFix.exe
2008-04-15 12:35 . 2008-04-12 13:49 82,432 --a------ C:\Windows\System32\IEDFix.exe
2008-04-15 12:35 . 2003-06-05 21:13 53,248 --a------ C:\Windows\System32\Process.exe
2008-04-15 12:35 . 2004-07-31 18:50 51,200 --a------ C:\Windows\System32\dumphive.exe
2008-04-15 12:35 . 2007-10-04 00:36 25,600 --a------ C:\Windows\System32\WS2Fix.exe
2008-04-15 05:21 . 2008-04-15 23:11 <REP> d-------- C:\Users\Younes\AppData\Roaming\ma-config.com
2008-04-15 05:21 . 2008-04-15 05:21 <REP> d-------- C:\Program Files\ma-config.com
2008-04-15 03:04 . 2008-04-15 03:04 <REP> d-------- C:\Program Files\MSN Password Recovery
2008-04-14 13:16 . 2008-04-14 13:23 <REP> d-------- C:\Users\Younes\AppData\Roaming\Dev-Cpp
2008-04-14 13:12 . 2008-04-18 12:20 <REP> d-------- C:\Program Files\Microsoft SQL Server
2008-04-13 16:37 . 2008-04-21 13:09 737,280 --a------ C:\Windows\iun6002.exe
2008-04-13 16:36 . 2008-04-21 13:09 <REP> d-------- C:\Windows\System32\athan
2008-04-13 16:36 . 2008-04-17 14:07 <REP> d-------- C:\Program Files\Athan
2008-04-13 02:32 . 2008-04-13 02:32 <REP> d-------- C:\Users\Younes\AppData\Roaming\JLC's Software
2008-04-13 02:32 . 2008-04-13 02:32 <REP> d-------- C:\Program Files\JLC's Software
2008-04-13 01:22 . 2008-04-13 01:22 <REP> d-------- C:\Program Files\WinISO
2008-04-12 21:45 . 2008-04-12 21:45 <REP> d-------- C:\Program Files\Cedelia
2008-04-09 09:18 . 2008-02-22 04:50 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
2008-04-09 09:18 . 2008-02-22 07:01 826,880 --a------ C:\Windows\System32\wininet.dll
2008-04-09 09:18 . 2008-02-22 06:57 295,936 --a------ C:\Windows\System32\gdi32.dll
2008-04-09 09:17 . 2008-02-29 09:11 988,216 --a------ C:\Windows\System32\winload.exe
2008-04-09 09:17 . 2008-02-29 09:11 927,288 --a------ C:\Windows\System32\winresume.exe
2008-04-09 09:17 . 2008-02-22 07:05 615,992 --a------ C:\Windows\System32\ci.dll
2008-04-09 09:17 . 2008-02-29 08:53 378,368 --a------ C:\Windows\System32\srcore.dll
2008-04-09 09:17 . 2008-02-29 06:12 318,464 --a------ C:\Windows\System32\rstrui.exe
2008-04-09 09:17 . 2008-02-29 08:53 46,592 --a------ C:\Windows\System32\setbcdlocale.dll
2008-04-09 09:17 . 2008-02-29 08:53 40,960 --a------ C:\Windows\System32\srclient.dll
2008-04-09 09:17 . 2008-02-29 09:14 19,000 --a------ C:\Windows\System32\kd1394.dll
2008-04-09 09:17 . 2008-02-29 06:12 14,848 --a------ C:\Windows\System32\srdelayed.exe
2008-04-09 09:17 . 2008-02-29 08:35 6,656 --a------ C:\Windows\System32\kbd106n.dll
2008-04-09 09:16 . 2008-02-29 06:21 2,032,128 --a------ C:\Windows\System32\win32k.sys
2008-04-08 02:14 . 2008-04-08 02:14 <REP> d-------- C:\Users\Younes\AppData\Roaming\ESET

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-03 21:35 --------- d-----w C:\Users\Younes\AppData\Roaming\Skype
2008-05-03 19:33 --------- d-----w C:\Users\Younes\AppData\Roaming\skypePM
2008-05-01 16:20 27,934 ----a-w C:\Users\Younes\AppData\Roaming\nvModes.dat
2008-04-30 22:04 --------- d-----w C:\Program Files\Common Files\Roxio Shared
2008-04-30 21:06 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-04-28 17:45 --------- d-----w C:\Program Files\MSN Messenger
2008-04-28 09:49 --------- d-----w C:\Users\Younes\AppData\Roaming\LimeWire
2008-04-25 11:59 --------- d-----w C:\Program Files\Nero
2008-04-25 11:59 --------- d-----w C:\PROGRA~2\Nero
2008-04-24 13:18 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-24 12:15 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-04-19 17:20 --------- d-----w C:\Program Files\Common Files\Steam
2008-04-18 12:47 --------- d-----w C:\PROGRA~2\Microsoft Help
2008-04-18 10:17 --------- d-----w C:\Program Files\Microsoft.NET
2008-04-17 22:18 --------- d-----w C:\Program Files\Microsoft Visual Studio 8
2008-04-17 22:15 --------- d-----w C:\PROGRA~2\Steam
2008-04-17 01:04 --------- d-----w C:\Program Files\GetFlash
2008-04-16 18:14 --------- d-----w C:\Users\Younes\AppData\Roaming\Roxio
2008-04-15 18:48 7,796 ----a-w C:\Windows\System32\tmp.reg
2008-04-09 15:29 --------- d-----w C:\Program Files\Windows Mail
2008-03-31 00:42 --------- d-----w C:\Users\Younes\AppData\Roaming\Winamp
2008-03-29 13:54 --------- d-----w C:\Program Files\Windows Live
2008-03-29 13:50 --------- d-----w C:\PROGRA~2\WLInstaller
2008-03-29 13:44 --------- d-----w C:\PROGRA~2\Office Genuine Advantage
2008-03-28 14:46 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-03-25 20:02 174 --sha-w C:\Program Files\desktop.ini
2008-03-25 19:48 --------- d-----w C:\Program Files\Windows Sidebar
2008-03-25 19:48 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-03-25 19:48 --------- d-----w C:\Program Files\Windows Journal
2008-03-25 19:48 --------- d-----w C:\Program Files\Windows Defender
2008-03-25 19:48 --------- d-----w C:\Program Files\Windows Collaboration
2008-03-25 19:48 --------- d-----w C:\Program Files\Windows Calendar
2008-03-25 04:03 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-03-25 04:03 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-03-20 22:03 --------- d-----w C:\Program Files\Common Files\Adobe
2008-03-20 20:57 --------- d-----w C:\PROGRA~2\Roxio
2008-03-20 20:05 --------- d-----w C:\PROGRA~2\LightScribe
2008-03-20 16:27 --------- d-----w C:\PROGRA~2\Quark
2008-03-20 14:40 --------- d-----w C:\Program Files\Common Files\Adobe Systems Shared
2008-03-20 13:34 --------- d-----w C:\Users\Younes\AppData\Roaming\Nero
2008-03-17 08:13 --------- d-----w C:\PROGRA~2\PopCap Games
2008-03-17 00:27 --------- d-----w C:\Program Files\Common Files\Thraex Software
2008-03-11 03:05 --------- d-----w C:\Program Files\Custom-Strike
2008-03-10 11:37 --------- d-----w C:\Program Files\Java
2008-03-07 02:56 --------- d---a-w C:\PROGRA~2\TEMP
2008-03-07 02:29 --------- d-----w C:\Program Files\Deskshare
2008-03-07 02:20 --------- d-----w C:\Program Files\Common Files\DeskShare Shared
2008-03-06 03:27 --------- d-----w C:\Users\Younes\AppData\Roaming\vlc
2008-03-06 03:26 --------- d-----w C:\Program Files\VideoLAN
2008-02-26 03:28 2,828 --sha-w C:\Windows\System32\KGyGaAvL.sys
2008-02-17 13:26 32 ----a-w C:\Users\All Users\ezsid.dat
2008-02-17 13:26 32 ----a-w C:\PROGRA~2\ezsid.dat
2008-02-17 11:21 2,560 ----a-w C:\Windows\_MSRSTRT.EXE
2008-02-17 11:02 58,904 ----a-w C:\Windows\System32\is4tray.dll
2008-02-04 17:23 693,792 ----a-w C:\Windows\System32\OGACheckControl.DLL
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 09:33 1233920]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2007-12-15 12:02 482760]
"Steam"="c:\my files\games\pacsteam\steam.exe" [2008-04-19 19:20 1271032]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 09:33 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-19 09:38 1008184]
"SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-01-16 23:34 634880]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-09-15 03:50 1021224]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-09 19:50 4390912 C:\Windows\RtHDVCpl.exe]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 16:37 174872]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2007-04-23 18:11 176128]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-02-13 11:38 159744]
"HP Health Check Scheduler"="C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-12 11:54 50696]
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 13:18 472776]
"WAWifiMessage"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 16:12 317128]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 03:29 102400]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-11-07 09:05 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-11-07 09:05 8534560]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-11-07 09:05 81920]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 08:00 33648]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"Flashget"="C:\My Files\Programs\FlashGet\flashget.exe" [2007-09-25 10:10 2007088]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 15:46 61440]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-02-16 17:45 360448]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-09 18:53 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"ValidateAdminCodeSignatures"= 1 (0x1)
"FilterAdministratorToken"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3fhg"= mp3fhg.acm
"msacm.divxa32"= divxa32.acm
"VIDC.X264"= x264vfw.dll
"VIDC.HFYU"= huffyuv.dll
"vidc.i263"= i263_32.drv
"VIDC.YV12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{F31761E5-80D6-4B35-A236-9EB3B7367415}"= C:\Program Files\HP\QuickPlay\QP.exe:Quick Play
"{215FBE56-B330-47FA-8A2A-9AA6613A6305}"= C:\Program Files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"{875F1762-79BF-49AF-AE97-AA5BC085BA41}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{7AB7F30E-297A-4CA5-BBF1-BC91297AD1DC}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{DF19AA5F-7DD8-4EC8-9E36-B343FFD05B3F}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{762A60F9-58D2-4344-89B2-8CF01B25AAA0}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{1BF04210-AC18-4AC0-A73F-C674FABA20A5}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{1CCD7C8F-E293-48F2-8E42-C8FC06550D7F}"= UDP:C:\My Files\Programs\LimeWire\LimeWire.exe:LimeWire
"{E8F4BFBA-9B1F-4493-BD62-CC4893BC02E4}"= TCP:C:\My Files\Programs\LimeWire\LimeWire.exe:LimeWire
"{7D948B97-8715-4C5D-AC47-F88CD71C26F8}"= UDP:C:\My Files\Games\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{06D7BF47-C3B1-4E3B-B17E-BCACA044CC32}"= TCP:C:\My Files\Games\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{CE2FB6EE-FF9B-4E6F-803D-AF9C40B38F79}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{5C6CE629-0FD7-4DAE-827D-22C7420BD4A5}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{7B465427-4B31-4A98-BB79-B9A897423CE8}C:\\my files\\programs\\emule\\emule.exe"= UDP:C:\my files\programs\emule\emule.exe:eMule
"UDP Query User{A375CB6C-AC58-42ED-A118-63CBBC7D691D}C:\\my files\\programs\\emule\\emule.exe"= TCP:C:\my files\programs\emule\emule.exe:eMule
"TCP Query User{3770EDD6-2951-4009-80FE-0D4FBB4762BF}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 7.0.1.325\\english\\setup.exe"= UDP:C:\programdata\kaspersky lab setup files\kaspersky internet security 7.0.1.325\english\setup.exe:Kaspersky Internet Security 7.0 Setup
"UDP Query User{9E5BE247-0994-4FB5-8701-27698B67E9D4}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 7.0.1.325\\english\\setup.exe"= TCP:C:\programdata\kaspersky lab setup files\kaspersky internet security 7.0.1.325\english\setup.exe:Kaspersky Internet Security 7.0 Setup
"{34A4D864-6886-47A2-A9C9-A593DC6BE183}"= UDP:C:\My Files\Games\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{A051865C-4C82-42A6-B923-A8F77F3E4386}"= TCP:C:\My Files\Games\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"TCP Query User{3791B61D-6BFA-4642-A9C8-E9FA31EA3BD4}C:\\my files\\programs\\flashget\\flashget.exe"= UDP:C:\my files\programs\flashget\flashget.exe:FlashGet
"UDP Query User{C99C8104-B0F3-48C2-BD17-FC95A897AE1A}C:\\my files\\programs\\flashget\\flashget.exe"= TCP:C:\my files\programs\flashget\flashget.exe:FlashGet
"TCP Query User{D5FE528B-E5F2-4E8D-9024-7A82F6997CDB}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 7.0.1.325\\french\\setup.exe"= UDP:C:\programdata\kaspersky lab setup files\kaspersky internet security 7.0.1.325\french\setup.exe:Programme d'installation de Kaspersky Internet Security 7.0
"UDP Query User{9FD2BD1E-4E6F-4818-B3F3-A43806A035EB}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 7.0.1.325\\french\\setup.exe"= TCP:C:\programdata\kaspersky lab setup files\kaspersky internet security 7.0.1.325\french\setup.exe:Programme d'installation de Kaspersky Internet Security 7.0
"{A9F7B0DC-E203-43CB-BD9A-57D02F9DEEE3}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{9A43B23F-644A-469E-A0A5-88C6251D85D6}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{8A8F94DA-0244-455A-BD37-C90101A93E87}"= UDP:C:\My Files\Setup Files\utorrent.exe:µTorrent
"{4571E20E-358E-4B2D-8653-DAE13B2FD8E2}"= TCP:C:\My Files\Setup Files\utorrent.exe:µTorrent
"{6E36A23E-256A-444E-B01E-3B2265E557D5}"= UDP:C:\My Files\Programs\utorrent.exe:µTorrent
"{539F83F9-49EE-409F-8F8A-B78E20FEB541}"= TCP:C:\My Files\Programs\utorrent.exe:µTorrent
"{7FFCAAE3-1905-4E32-852E-728EAF0F8713}"= Disabled:UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{648525E5-BBBE-42AC-9F1C-89C1AD9AFB96}"= Disabled:TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{2F6F40A0-54FA-4BD9-B387-6E2DCC481176}"= Disabled:UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{D4A9EE0C-E1BC-4D8D-875C-CFE0C4CC1723}"= Disabled:TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\My Files\\Programs\\BitTorrent\\bittorrent.exe"= C:\My Files\Programs\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R2 SQLWriter;Enregistreur VSS SQL Server;"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2007-02-10 05:29]
R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\Windows\system32\DRIVERS\bdfndisf.sys [2008-01-25 15:40]
S3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11;C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 09:30]
S3 ddsxeiservice;ddsxeiservice2;C:\My Files\Games\CS cheats\sXe Injected\ddsxei.sys [2008-04-29 20:15]
S3 NC2RemoteDesktop;Net Control 2 Remote Desktop Server Service;"C:\Program Files\Net Control 2\ncvserver.exe" /SERVICE []
S3 ncvhook;ncvhook;C:\Windows\system32\DRIVERS\ncvhook.sys [2007-09-30 17:54]
S3 R5U870FLx86;R5U870 UVC Lower Filter ;C:\Windows\system32\Drivers\R5U870FLx86.sys [2006-10-18 02:09]
S3 R5U870FUx86;R5U870 UVC Upper Filter ;C:\Windows\system32\Drivers\R5U870FUx86.sys [2006-10-18 02:09]
S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-04-19 19:20]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
bdx REG_MULTI_SZ scan

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9c8f1a26-db2b-11dc-afea-001b24c8b8cc}]
\shell\AutoRun\command - H:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dec108f9-089b-11dd-bc5f-001b24c8b8cc}]
\shell\AutoRun\command - I:\LaunchU3.exe -a

.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-04 14:29:25
Windows 6.0.6001 Service Pack 1 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...


**************************************************************************
.
Temps d'accomplissement: 2008-05-04 14:31:42
ComboFix-quarantined-files.txt 2008-05-04 12:30:36

Pre-Run: 38,924,128,256 octets libres
Post-Run: 38,937,088,000 octets libres

261 --- E O F --- 2008-04-18 21:40:58

Ouvre le bloc notes. Copie colle ceci dedans :

Driver::
NC2RemoteDesktop

Folder::
C:\Program Files\Net Control 2

* Sauvegarde cela comme fichier texte nommé CFScript

Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture

• Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
• Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises: c'est normal ! Ne touche à rien tant que le scan n'est pas terminé.
• Une fois le scan achevé, un rapport va s'afficher: poste son contenu.
• Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

Il n'y a pas eu de message type 1 or 2
j'ai fait ce que vous m'avez demandé
et voila le rapport :

ComboFix 08-05-01.3 - Younes 2008-05-04 15:01:05.5 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6001.1.1252.1.1036.18.892 [GMT 2:00]
Endroit: C:\Users\Younes\Desktop\ComboFix.exe
Command switches used :: C:\Users\Younes\Desktop\CFScript.txt
* Création d'un nouveau point de restauration
* Resident AV is active

.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Service_NC2RemoteDesktop


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-04 to 2008-05-04 ))))))))))))))))))))))))))))))))))))
.

2008-05-03 21:28 . 2008-05-03 21:30 298,180,397 --a------ C:\Windows\MEMORY.DMP
2008-04-25 14:11 . 2008-04-25 16:06 <REP> d-------- C:\Users\Younes\AppData\Roaming\Ahead
2008-04-25 13:59 . 2008-04-25 14:05 <REP> d-------- C:\Program Files\Common Files\Ahead
2008-04-24 17:07 . 2008-04-24 17:15 <REP> d-------- C:\Users\All Users\TrackMania
2008-04-24 17:07 . 2008-04-24 17:15 <REP> d-------- C:\PROGRA~2\TrackMania
2008-04-24 16:02 . 2008-04-24 16:08 <REP> d-------- C:\Program Files\Yahoo!
2008-04-24 01:04 . 2008-04-24 01:04 98,304 --a------ C:\Windows\System32\CmdLineExt.dll
2008-04-22 22:18 . 2008-04-26 12:25 <REP> d-------- C:\Users\Younes\AppData\Roaming\uTorrent
2008-04-20 14:32 . 2008-04-20 14:32 <REP> dr------- C:\Windows\System32\config\systemprofile\Videos
2008-04-20 14:32 . 2008-04-20 14:32 <REP> dr------- C:\Windows\System32\config\systemprofile\Searches
2008-04-20 14:32 . 2008-04-20 14:32 <REP> dr------- C:\Windows\System32\config\systemprofile\Saved Games
2008-04-20 14:32 . 2008-04-20 14:32 <REP> dr------- C:\Windows\System32\config\systemprofile\Pictures
2008-04-20 14:32 . 2008-04-20 14:32 <REP> dr------- C:\Windows\System32\config\systemprofile\Links
2008-04-20 14:32 . 2008-04-20 14:32 <REP> dr------- C:\Windows\System32\config\systemprofile\Downloads
2008-04-20 14:32 . 2008-04-20 14:32 <REP> dr------- C:\Windows\System32\config\systemprofile\Documents
2008-04-20 13:09 . 2008-05-04 15:05 121 --a------ C:\Windows\bdagent.INI
2008-04-19 19:25 . 2008-04-19 19:25 <REP> d-------- C:\Users\Younes\AppData\Roaming\Bitdefender
2008-04-19 19:24 . 2008-04-19 19:27 <REP> d-------- C:\Users\All Users\BitDefender
2008-04-19 19:24 . 2008-04-19 19:24 <REP> d-------- C:\Program Files\BitDefender
2008-04-19 19:24 . 2008-04-19 19:27 <REP> d-------- C:\PROGRA~2\BitDefender
2008-04-19 19:23 . 2008-04-19 19:24 <REP> d-------- C:\Program Files\Common Files\BitDefender
2008-04-19 17:06 . 2008-04-19 17:06 <REP> d-------- C:\Users\All Users\Kaspersky Lab Setup Files
2008-04-19 17:06 . 2008-04-19 17:06 <REP> d-------- C:\PROGRA~2\Kaspersky Lab Setup Files
2008-04-19 16:16 . 2008-04-19 16:16 52 --a------ C:\Windows\wininit.ini
2008-04-18 23:40 . 2008-04-21 01:19 <REP> d-------- C:\Program Files\Microsoft Silverlight
2008-04-18 12:05 . 2008-04-18 12:06 <REP> d-------- C:\Program Files\Common Files\Merge Modules
2008-04-18 12:03 . 2008-04-18 12:03 <REP> d-------- C:\Program Files\Microsoft SDKs
2008-04-18 03:01 . 2008-04-19 16:16 <REP> d-------- C:\Program Files\Common Files\Kaspersky Lab
2008-04-16 21:46 . 2008-04-16 21:46 <REP> d-------- C:\Program Files\Common Files\L&H
2008-04-16 04:04 . 2008-04-16 04:04 <REP> d-------- C:\Users\All Users\WindowsSearch
2008-04-16 04:04 . 2008-04-16 04:04 <REP> d-------- C:\PROGRA~2\WindowsSearch
2008-04-15 20:38 . 2008-04-15 20:48 691 --a------ C:\Users\Younes\AppData\Roaming\GetValue.vbs
2008-04-15 20:38 . 2008-04-15 20:48 35 --a------ C:\Users\Younes\AppData\Roaming\SetValue.bat
2008-04-15 20:10 . 2008-04-18 14:48 <REP> d-------- C:\Program Files\Microsoft Visual Studio 9.0
2008-04-15 12:35 . 2007-09-06 00:22 289,144 --a------ C:\Windows\System32\VCCLSID.exe
2008-04-15 12:35 . 2006-04-27 17:49 288,417 --a------ C:\Windows\System32\SrchSTS.exe
2008-04-15 12:35 . 2008-04-14 19:28 86,528 --a------ C:\Windows\System32\VACFix.exe
2008-04-15 12:35 . 2008-04-12 13:49 82,432 --a------ C:\Windows\System32\IEDFix.exe
2008-04-15 12:35 . 2003-06-05 21:13 53,248 --a------ C:\Windows\System32\Process.exe
2008-04-15 12:35 . 2004-07-31 18:50 51,200 --a------ C:\Windows\System32\dumphive.exe
2008-04-15 12:35 . 2007-10-04 00:36 25,600 --a------ C:\Windows\System32\WS2Fix.exe
2008-04-15 05:21 . 2008-04-15 23:11 <REP> d-------- C:\Users\Younes\AppData\Roaming\ma-config.com
2008-04-15 05:21 . 2008-04-15 05:21 <REP> d-------- C:\Program Files\ma-config.com
2008-04-15 03:04 . 2008-04-15 03:04 <REP> d-------- C:\Program Files\MSN Password Recovery
2008-04-14 13:16 . 2008-04-14 13:23 <REP> d-------- C:\Users\Younes\AppData\Roaming\Dev-Cpp
2008-04-14 13:12 . 2008-04-18 12:20 <REP> d-------- C:\Program Files\Microsoft SQL Server
2008-04-13 16:37 . 2008-04-21 13:09 737,280 --a------ C:\Windows\iun6002.exe
2008-04-13 16:36 . 2008-04-21 13:09 <REP> d-------- C:\Windows\System32\athan
2008-04-13 16:36 . 2008-04-17 14:07 <REP> d-------- C:\Program Files\Athan
2008-04-13 02:32 . 2008-04-13 02:32 <REP> d-------- C:\Users\Younes\AppData\Roaming\JLC's Software
2008-04-13 02:32 . 2008-04-13 02:32 <REP> d-------- C:\Program Files\JLC's Software
2008-04-13 01:22 . 2008-04-13 01:22 <REP> d-------- C:\Program Files\WinISO
2008-04-12 21:45 . 2008-04-12 21:45 <REP> d-------- C:\Program Files\Cedelia
2008-04-09 09:18 . 2008-02-22 04:50 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
2008-04-09 09:18 . 2008-02-22 07:01 826,880 --a------ C:\Windows\System32\wininet.dll
2008-04-09 09:18 . 2008-02-22 06:57 295,936 --a------ C:\Windows\System32\gdi32.dll
2008-04-09 09:17 . 2008-02-29 09:11 988,216 --a------ C:\Windows\System32\winload.exe
2008-04-09 09:17 . 2008-02-29 09:11 927,288 --a------ C:\Windows\System32\winresume.exe
2008-04-09 09:17 . 2008-02-22 07:05 615,992 --a------ C:\Windows\System32\ci.dll
2008-04-09 09:17 . 2008-02-29 08:53 378,368 --a------ C:\Windows\System32\srcore.dll
2008-04-09 09:17 . 2008-02-29 06:12 318,464 --a------ C:\Windows\System32\rstrui.exe
2008-04-09 09:17 . 2008-02-29 08:53 46,592 --a------ C:\Windows\System32\setbcdlocale.dll
2008-04-09 09:17 . 2008-02-29 08:53 40,960 --a------ C:\Windows\System32\srclient.dll
2008-04-09 09:17 . 2008-02-29 09:14 19,000 --a------ C:\Windows\System32\kd1394.dll
2008-04-09 09:17 . 2008-02-29 06:12 14,848 --a------ C:\Windows\System32\srdelayed.exe
2008-04-09 09:17 . 2008-02-29 08:35 6,656 --a------ C:\Windows\System32\kbd106n.dll
2008-04-09 09:16 . 2008-02-29 06:21 2,032,128 --a------ C:\Windows\System32\win32k.sys
2008-04-08 02:14 . 2008-04-08 02:14 <REP> d-------- C:\Users\Younes\AppData\Roaming\ESET

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-03 21:35 --------- d-----w C:\Users\Younes\AppData\Roaming\Skype
2008-05-03 19:33 --------- d-----w C:\Users\Younes\AppData\Roaming\skypePM
2008-05-01 16:20 27,934 ----a-w C:\Users\Younes\AppData\Roaming\nvModes.dat
2008-04-30 22:04 --------- d-----w C:\Program Files\Common Files\Roxio Shared
2008-04-30 21:06 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-04-28 17:45 --------- d-----w C:\Program Files\MSN Messenger
2008-04-28 09:49 --------- d-----w C:\Users\Younes\AppData\Roaming\LimeWire
2008-04-25 11:59 --------- d-----w C:\Program Files\Nero
2008-04-25 11:59 --------- d-----w C:\PROGRA~2\Nero
2008-04-24 13:18 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-24 12:15 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-04-19 17:20 --------- d-----w C:\Program Files\Common Files\Steam
2008-04-18 12:47 --------- d-----w C:\PROGRA~2\Microsoft Help
2008-04-18 10:17 --------- d-----w C:\Program Files\Microsoft.NET
2008-04-17 22:18 --------- d-----w C:\Program Files\Microsoft Visual Studio 8
2008-04-17 22:15 --------- d-----w C:\PROGRA~2\Steam
2008-04-17 01:04 --------- d-----w C:\Program Files\GetFlash
2008-04-16 18:14 --------- d-----w C:\Users\Younes\AppData\Roaming\Roxio
2008-04-09 15:29 --------- d-----w C:\Program Files\Windows Mail
2008-03-31 00:42 --------- d-----w C:\Users\Younes\AppData\Roaming\Winamp
2008-03-29 13:54 --------- d-----w C:\Program Files\Windows Live
2008-03-29 13:50 --------- d-----w C:\PROGRA~2\WLInstaller
2008-03-29 13:44 --------- d-----w C:\PROGRA~2\Office Genuine Advantage
2008-03-28 14:46 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-03-25 20:02 174 --sha-w C:\Program Files\desktop.ini
2008-03-25 19:48 --------- d-----w C:\Program Files\Windows Sidebar
2008-03-25 19:48 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-03-25 19:48 --------- d-----w C:\Program Files\Windows Journal
2008-03-25 19:48 --------- d-----w C:\Program Files\Windows Defender
2008-03-25 19:48 --------- d-----w C:\Program Files\Windows Collaboration
2008-03-25 19:48 --------- d-----w C:\Program Files\Windows Calendar
2008-03-20 22:03 --------- d-----w C:\Program Files\Common Files\Adobe
2008-03-20 20:57 --------- d-----w C:\PROGRA~2\Roxio
2008-03-20 20:05 --------- d-----w C:\PROGRA~2\LightScribe
2008-03-20 16:27 --------- d-----w C:\PROGRA~2\Quark
2008-03-20 14:40 --------- d-----w C:\Program Files\Common Files\Adobe Systems Shared
2008-03-20 13:34 --------- d-----w C:\Users\Younes\AppData\Roaming\Nero
2008-03-17 08:13 --------- d-----w C:\PROGRA~2\PopCap Games
2008-03-17 00:27 --------- d-----w C:\Program Files\Common Files\Thraex Software
2008-03-11 03:05 --------- d-----w C:\Program Files\Custom-Strike
2008-03-10 11:37 --------- d-----w C:\Program Files\Java
2008-03-07 02:56 --------- d---a-w C:\PROGRA~2\TEMP
2008-03-07 02:29 --------- d-----w C:\Program Files\Deskshare
2008-03-07 02:20 --------- d-----w C:\Program Files\Common Files\DeskShare Shared
2008-03-06 03:27 --------- d-----w C:\Users\Younes\AppData\Roaming\vlc
2008-03-06 03:26 --------- d-----w C:\Program Files\VideoLAN
2008-02-17 13:26 32 ----a-w C:\Users\All Users\ezsid.dat
2008-02-17 13:26 32 ----a-w C:\PROGRA~2\ezsid.dat
2008-02-17 11:21 2,560 ----a-w C:\Windows\_MSRSTRT.EXE
.

((((((((((((((((((((((((((((( snapshot@2008-05-04_14.30.15,77 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-04 11:16:34 67,584 --s-a-w C:\Windows\bootstat.dat
+ 2008-05-04 13:08:15 67,584 --s-a-w C:\Windows\bootstat.dat
- 2008-05-04 11:19:00 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-05-04 13:08:27 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\NTUSER.DAT
+ 2008-05-04 13:08:27 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2008-05-04 11:33:11 524,288 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
+ 2008-05-04 13:09:10 524,288 --sha-w C:\Windows\ServiceProfiles\NetworkService\NTUSER.DAT
- 2008-05-04 11:19:55 10,922 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-966014692-314144330-3634896158-1000_UserData.bin
+ 2008-05-04 13:11:14 11,312 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-966014692-314144330-3634896158-1000_UserData.bin
- 2008-05-04 11:19:55 81,468 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-05-04 13:11:14 81,538 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 09:33 1233920]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2007-12-15 12:02 482760]
"Steam"="c:\my files\games\pacsteam\steam.exe" [2008-04-19 19:20 1271032]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55 5674352]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 09:33 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-19 09:38 1008184]
"SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe" [2007-01-16 23:34 634880]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-09-15 03:50 1021224]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-09 19:50 4390912 C:\Windows\RtHDVCpl.exe]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2007-02-12 16:37 174872]
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe" [2007-04-23 18:11 176128]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-02-13 11:38 159744]
"HP Health Check Scheduler"="C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-12 11:54 50696]
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 13:18 472776]
"WAWifiMessage"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe" [2007-01-10 16:12 317128]
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784]
"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe" [2007-09-15 03:29 102400]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-11-07 09:05 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-11-07 09:05 8534560]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-11-07 09:05 81920]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 08:00 33648]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"Flashget"="C:\My Files\Programs\FlashGet\flashget.exe" [2007-09-25 10:10 2007088]
"BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 15:46 61440]
"BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-02-16 17:45 360448]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-03-09 18:53 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)
"ValidateAdminCodeSignatures"= 1 (0x1)
"FilterAdministratorToken"= 1 (0x1)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.l3fhg"= mp3fhg.acm
"msacm.divxa32"= divxa32.acm
"VIDC.X264"= x264vfw.dll
"VIDC.HFYU"= huffyuv.dll
"vidc.i263"= i263_32.drv
"VIDC.YV12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{F31761E5-80D6-4B35-A236-9EB3B7367415}"= C:\Program Files\HP\QuickPlay\QP.exe:Quick Play
"{215FBE56-B330-47FA-8A2A-9AA6613A6305}"= C:\Program Files\HP\QuickPlay\QPService.exe:Quick Play Resident Program
"{875F1762-79BF-49AF-AE97-AA5BC085BA41}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{7AB7F30E-297A-4CA5-BBF1-BC91297AD1DC}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{DF19AA5F-7DD8-4EC8-9E36-B343FFD05B3F}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{762A60F9-58D2-4344-89B2-8CF01B25AAA0}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{1BF04210-AC18-4AC0-A73F-C674FABA20A5}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{1CCD7C8F-E293-48F2-8E42-C8FC06550D7F}"= UDP:C:\My Files\Programs\LimeWire\LimeWire.exe:LimeWire
"{E8F4BFBA-9B1F-4493-BD62-CC4893BC02E4}"= TCP:C:\My Files\Programs\LimeWire\LimeWire.exe:LimeWire
"{7D948B97-8715-4C5D-AC47-F88CD71C26F8}"= UDP:C:\My Files\Games\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{06D7BF47-C3B1-4E3B-B17E-BCACA044CC32}"= TCP:C:\My Files\Games\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{CE2FB6EE-FF9B-4E6F-803D-AF9C40B38F79}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{5C6CE629-0FD7-4DAE-827D-22C7420BD4A5}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{7B465427-4B31-4A98-BB79-B9A897423CE8}C:\\my files\\programs\\emule\\emule.exe"= UDP:C:\my files\programs\emule\emule.exe:eMule
"UDP Query User{A375CB6C-AC58-42ED-A118-63CBBC7D691D}C:\\my files\\programs\\emule\\emule.exe"= TCP:C:\my files\programs\emule\emule.exe:eMule
"TCP Query User{3770EDD6-2951-4009-80FE-0D4FBB4762BF}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 7.0.1.325\\english\\setup.exe"= UDP:C:\programdata\kaspersky lab setup files\kaspersky internet security 7.0.1.325\english\setup.exe:Kaspersky Internet Security 7.0 Setup
"UDP Query User{9E5BE247-0994-4FB5-8701-27698B67E9D4}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 7.0.1.325\\english\\setup.exe"= TCP:C:\programdata\kaspersky lab setup files\kaspersky internet security 7.0.1.325\english\setup.exe:Kaspersky Internet Security 7.0 Setup
"{34A4D864-6886-47A2-A9C9-A593DC6BE183}"= UDP:C:\My Files\Games\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"{A051865C-4C82-42A6-B923-A8F77F3E4386}"= TCP:C:\My Files\Games\KONAMI\Pro Evolution Soccer 2008\PES2008.exe:Pro Evolution Soccer 2008
"TCP Query User{3791B61D-6BFA-4642-A9C8-E9FA31EA3BD4}C:\\my files\\programs\\flashget\\flashget.exe"= UDP:C:\my files\programs\flashget\flashget.exe:FlashGet
"UDP Query User{C99C8104-B0F3-48C2-BD17-FC95A897AE1A}C:\\my files\\programs\\flashget\\flashget.exe"= TCP:C:\my files\programs\flashget\flashget.exe:FlashGet
"TCP Query User{D5FE528B-E5F2-4E8D-9024-7A82F6997CDB}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 7.0.1.325\\french\\setup.exe"= UDP:C:\programdata\kaspersky lab setup files\kaspersky internet security 7.0.1.325\french\setup.exe:Programme d'installation de Kaspersky Internet Security 7.0
"UDP Query User{9FD2BD1E-4E6F-4818-B3F3-A43806A035EB}C:\\programdata\\kaspersky lab setup files\\kaspersky internet security 7.0.1.325\\french\\setup.exe"= TCP:C:\programdata\kaspersky lab setup files\kaspersky internet security 7.0.1.325\french\setup.exe:Programme d'installation de Kaspersky Internet Security 7.0
"{A9F7B0DC-E203-43CB-BD9A-57D02F9DEEE3}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{9A43B23F-644A-469E-A0A5-88C6251D85D6}"= C:\Program Files\MSN Messenger\livecall.exe:Windows Live Messenger 8.1 (Phone)
"{8A8F94DA-0244-455A-BD37-C90101A93E87}"= UDP:C:\My Files\Setup Files\utorrent.exe:µTorrent
"{4571E20E-358E-4B2D-8653-DAE13B2FD8E2}"= TCP:C:\My Files\Setup Files\utorrent.exe:µTorrent
"{6E36A23E-256A-444E-B01E-3B2265E557D5}"= UDP:C:\My Files\Programs\utorrent.exe:µTorrent
"{539F83F9-49EE-409F-8F8A-B78E20FEB541}"= TCP:C:\My Files\Programs\utorrent.exe:µTorrent
"{7FFCAAE3-1905-4E32-852E-728EAF0F8713}"= Disabled:UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{648525E5-BBBE-42AC-9F1C-89C1AD9AFB96}"= Disabled:TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{2F6F40A0-54FA-4BD9-B387-6E2DCC481176}"= Disabled:UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{D4A9EE0C-E1BC-4D8D-875C-CFE0C4CC1723}"= Disabled:TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\My Files\\Programs\\BitTorrent\\bittorrent.exe"= C:\My Files\Programs\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent

R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\Windows\system32\DRIVERS\bdfndisf.sys [2008-01-25 15:40]
S3 BCM43XV;Pilote de la carte réseau extensible Broadcom 802.11;C:\Windows\system32\DRIVERS\bcmwl6.sys [2006-11-02 09:30]
S3 ddsxeiservice;ddsxeiservice2;C:\My Files\Games\CS cheats\sXe Injected\ddsxei.sys [2008-04-29 20:15]
S3 ncvhook;ncvhook;C:\Windows\system32\DRIVERS\ncvhook.sys [2007-09-30 17:54]
S3 R5U870FLx86;R5U870 UVC Lower Filter ;C:\Windows\system32\Drivers\R5U870FLx86.sys [2006-10-18 02:09]
S3 R5U870FUx86;R5U870 UVC Upper Filter ;C:\Windows\system32\Drivers\R5U870FUx86.sys [2006-10-18 02:09]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
bdx REG_MULTI_SZ scan

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
\shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL copy.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{9c8f1a26-db2b-11dc-afea-001b24c8b8cc}]
\shell\AutoRun\command - H:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{dec108f9-089b-11dd-bc5f-001b24c8b8cc}]
\shell\AutoRun\command - I:\LaunchU3.exe -a

.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-04 15:08:39
Windows 6.0.6001 Service Pack 1 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 2

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Windows\System32\audiodg.exe
C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
C:\Windows\System32\conime.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\wbem\unsecapp.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Common Files\microsoft shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\dllhost.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-05-04 15:34:50 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-04 13:33:57
ComboFix2.txt 2008-05-04 12:31:43

Pre-Run: 36,923,461,632 octets libres
Post-Run: 36,692,742,144 octets libres

302 --- E O F --- 2008-04-18 21:40:58

Bien. Tu devrais être débarrassé de la ligne dans HijackThis (de toute façon inoffensive : le fichier n'était réellement pas là, et le dossier correspondant était vide, ça je le lis dans le rapport).

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:51:25, on 4/05/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\conime.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\HP\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Synaptics\SynTP\SynTPStart.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\My Files\Programs\FlashGet\flashget.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\Explorer.exe
C:\My Files\Games\PacSteam\Steam.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Windows\system32\SearchFilterHost.exe
C:\My Files\Setup Files\Antivirus\anti spyware\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\My Files\Programs\FlashGet\jccatch_2.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\My Files\Programs\FlashGet\getflash.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {C130E860-7C1C-44F0-996C-1F995C10B61E} - (no file)
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SynTPStart] C:\Program Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Flashget] C:\My Files\Programs\FlashGet\flashget.exe /min
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
O4 - HKCU\..\Run: [Steam] "c:\my files\games\pacsteam\steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O8 - Extra context menu item: &Tout télécharger avec FlashGet - C:\My Files\Programs\FlashGet\jc_all.htm
O8 - Extra context menu item: &Télécharger avec FlashGet - C:\My Files\Programs\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\My Files\Programs\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\My Files\Programs\FlashGet\FlashGet.exe
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - http://upload.facebook.com/controls/Fac ... oader3.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://fichiers.touslesdrivers.com/fich ... 0_4_13.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/Fac ... der4_5.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Common Files\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 10735 bytes

Le rapport est clean.

Il faudrait régler définitivement ces histoires, ce n'est pas ta première désinfection, et tu as été réinfecté.
Cela vient certainement du p2p, de cracks et ou de sites piégés.

Si tu ne veux pas être réinfecter, il faut suivre un certain nombre de conseils pour éviter une réinfection :
prevention-comment-eviter-bien-des-infections-t24540.html
Version détaillée, si tu préfères :
prevention-et-protection-comment-vous-premunir-des-dangers-t26418.html

Je te conseille en particulier d'utiliser StripMyRights pour protéger tes navigateurs :
strip-my-rights-t26176.html

Et si ta version de BitDefender n'a pas de firewall, d'en installer un plus costaud que celui de Vista, par exemple Comodo, facile à prendre en main et gratuit : http://www.personalfirewall.comodo.com/
Au besoin (optionnel) troque-le contre un antivirus plus réactif et souple, comme Antivir.

Sans cela, tu seras continuellement réinfecté.

merci c vraiment gentil
merci bcp