Bonjour,
aidez moi a decrypter mon rapport combofix stp
omboFix 09-04-29.07 - Cécilia 30/04/2009 19:17.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.1023.566 [GMT 2:00]
Lancé depuis: c:\documents and settings\Cécilia\Bureau\prevention et supression des virus\ComboFix.exe
AV: Avira AntiVir PersonalEdition Classic *On-access scanning disabled* (Updated)
FW: Sunbelt Personal Firewall *enabled*
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_BOONTY_GAMES
-------\Service_Boonty Games


((((((((((((((((((((((((((((( Fichiers créés du 2009-05-28 au 2009-4-30 ))))))))))))))))))))))))))))))))))))
.

2009-04-30 12:04 . 2009-04-30 12:04 579584 -c--a-w c:\windows\system32\dllcache\user32.dll
2009-04-30 12:00 . 2009-04-30 12:01 -------- d-----w c:\windows\ERUNT
2009-04-30 11:09 . 2009-04-30 12:32 -------- d-----w C:\SDFix
2009-04-28 12:39 . 2009-04-28 12:44 -------- d-----w c:\program files\MessengerPlus! 3
2009-04-16 12:53 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-16 12:53 . 2009-03-06 14:20 286720 -c----w c:\windows\system32\dllcache\pdh.dll
2009-04-16 12:53 . 2009-02-09 11:23 111104 -c----w c:\windows\system32\dllcache\services.exe
2009-04-16 12:53 . 2009-02-09 10:53 401408 -c----w c:\windows\system32\dllcache\rpcss.dll
2009-04-16 12:53 . 2009-02-09 10:53 473600 -c----w c:\windows\system32\dllcache\fastprox.dll
2009-04-16 12:53 . 2009-02-09 10:53 685568 -c----w c:\windows\system32\dllcache\advapi32.dll
2009-04-16 12:53 . 2009-02-09 10:53 735744 -c----w c:\windows\system32\dllcache\lsasrv.dll
2009-04-16 12:53 . 2009-02-09 10:53 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-16 12:53 . 2009-02-09 10:53 739840 -c----w c:\windows\system32\dllcache\ntdll.dll
2009-04-16 12:36 . 2008-12-16 12:31 354304 -c----w c:\windows\system32\dllcache\winhttp.dll
2009-04-16 12:36 . 2008-04-21 21:15 219136 -c----w c:\windows\system32\dllcache\wordpad.exe
2009-04-10 15:59 . 2009-04-10 15:59 -------- d-----w c:\windows\nview
2009-04-10 15:59 . 2009-03-27 08:03 453152 ----a-w c:\windows\system32\nvudisp.exe
2009-04-10 15:59 . 2009-03-27 06:14 453152 ----a-w c:\windows\system32\NVUNINST.EXE
2009-04-10 15:38 . 2009-04-10 15:38 -------- d-----w c:\program files\SystemRequirementsLab
2009-04-10 15:28 . 2009-04-10 15:29 -------- d-----w c:\program files\SecondLife
2009-04-10 15:17 . 2009-04-10 15:51 -------- d-----w c:\windows\NV29963772.TMP
2009-04-10 14:43 . 2009-04-10 14:43 -------- d--h--w c:\windows\PIF
2009-04-10 14:38 . 2009-04-10 15:51 -------- d-----w c:\windows\NV3596444.TMP
2009-04-10 14:31 . 2009-04-10 14:31 -------- d-----w c:\documents and settings\All Users\Application Data\LogiShrd
2009-04-10 14:28 . 2009-04-10 15:51 -------- d-----w c:\program files\Fichiers communs\Logishrd
2009-04-10 11:24 . 2009-04-10 11:24 -------- d-----w c:\documents and settings\All Users\Application Data\BOONTY
2009-04-10 11:24 . 2009-04-10 11:24 -------- d-----w c:\program files\Fichiers communs\BOONTY Shared
2009-04-10 11:24 . 2009-04-10 11:24 -------- d-----w c:\program files\BoontyGames
2009-04-10 11:24 . 2009-04-10 11:24 -------- d-----w c:\program files\Boonty
2009-04-10 08:21 . 2009-04-10 10:33 -------- d-----w c:\program files\Singles
2009-04-07 13:01 . 2006-06-29 11:07 14048 ------w c:\windows\system32\spmsg2.dll
2009-04-07 12:37 . 2009-04-07 13:00 -------- d-----w c:\windows\system32\XPSViewer
2009-04-07 12:37 . 2009-04-07 12:37 -------- d-----w c:\program files\MSBuild
2009-04-07 12:37 . 2009-04-07 12:37 -------- d-----w c:\program files\Reference Assemblies
2009-04-02 15:45 . 2009-04-02 15:45 -------- d-----w c:\program files\Fichiers communs\xing shared

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-30 11:41 . 2006-03-02 12:00 81734 ----a-w c:\windows\system32\perfc00C.dat
2009-04-30 11:41 . 2006-03-02 12:00 503570 ----a-w c:\windows\system32\perfh00C.dat
2009-04-23 13:56 . 2007-12-31 10:34 -------- d-----w c:\program files\EvilLyrics
2009-04-17 18:20 . 2007-12-21 17:07 -------- d-----w c:\program files\eMule
2009-04-10 15:43 . 2007-12-17 11:47 -------- d-----w c:\program files\Realtek
2009-04-10 14:44 . 2007-12-17 11:30 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-10 14:30 . 2009-04-10 14:30 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2009-04-10 14:30 . 2009-04-10 14:30 0 ---ha-w c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2009-04-10 14:30 . 2009-04-10 14:30 0 ---ha-w c:\windows\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2009-04-10 14:19 . 2008-10-19 11:54 -------- d-----w c:\program files\ma-config.com
2009-04-10 14:19 . 2008-10-19 11:54 -------- d-----w c:\documents and settings\All Users\Application Data\ma-config.com
2009-04-07 12:40 . 2008-10-08 14:52 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-04-06 13:32 . 2008-10-08 14:52 38496 ----a-w c:\windows\system32\drivers\mbamswissarmy.sys
2009-04-06 13:32 . 2008-10-08 14:52 15504 ----a-w c:\windows\system32\drivers\mbam.sys
2009-04-02 15:45 . 2007-12-19 17:30 -------- d-----w c:\program files\Fichiers communs\Real
2009-04-01 14:09 . 2008-10-15 15:21 -------- d-----w c:\program files\Java
2009-03-30 19:53 . 2008-12-18 14:46 -------- d-----w c:\program files\Microsoft Silverlight
2009-03-30 16:32 . 2009-03-30 16:29 -------- d-----w c:\program files\HiYo
2009-03-30 15:13 . 2007-12-17 11:47 5063168 ----a-w c:\windows\system32\drivers\RtkHDAud.sys
2009-03-30 14:51 . 2008-09-10 17:28 -------- d-----w c:\program files\Freeplayer
2009-03-30 12:40 . 2008-10-04 20:58 -------- d-----w c:\program files\Spybot - Search & Destroy
2009-03-27 09:22 . 2007-12-17 11:47 17567744 ----a-w c:\windows\RTHDCPL.EXE
2009-03-17 11:58 . 2007-12-17 11:47 540672 ----a-w c:\windows\RtlExUpd.dll
2009-03-10 12:32 . 2007-12-17 11:47 2168320 ----a-w c:\windows\MicCal.exe
2009-03-09 03:19 . 2008-12-14 11:41 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-06 14:20 . 2006-03-02 12:00 286720 ----a-w c:\windows\system32\pdh.dll
2009-03-03 00:13 . 2006-03-02 12:00 826368 ----a-w c:\windows\system32\wininet.dll
2009-03-02 09:14 . 2007-12-17 11:47 57344 ----a-w c:\windows\ALCMTR.EXE
2009-02-20 17:10 . 2006-03-02 12:00 78336 ----a-w c:\windows\system32\ieencode.dll
2009-02-09 14:05 . 2006-03-02 12:00 1846912 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:23 . 2004-08-19 16:04 2025984 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-02-09 11:23 . 2006-03-02 12:00 2147328 ----a-w c:\windows\system32\ntoskrnl.exe
2009-02-09 11:23 . 2006-03-02 12:00 111104 ----a-w c:\windows\system32\services.exe
2009-02-09 10:53 . 2006-03-02 12:00 735744 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 10:53 . 2006-03-02 12:00 739840 ----a-w c:\windows\system32\ntdll.dll
2009-02-09 10:53 . 2006-03-02 12:00 685568 ----a-w c:\windows\system32\advapi32.dll
2009-02-09 10:53 . 2006-03-02 12:00 401408 ----a-w c:\windows\system32\rpcss.dll
2009-02-06 18:39 . 2009-02-06 18:39 308600 ----a-w c:\windows\WLXPGSS.SCR
2009-02-06 17:52 . 2009-02-06 17:52 49504 ----a-w c:\windows\system32\sirenacm.dll
2009-02-06 17:08 . 2009-02-18 10:38 55152 ----a-w c:\windows\system32\drivers\fssfltr_tdi.sys
2009-02-06 10:39 . 2006-03-02 12:00 35328 ----a-w c:\windows\system32\sc.exe
2009-02-03 19:58 . 2006-03-02 12:00 56832 ----a-w c:\windows\system32\secur32.dll
2008-02-03 18:24 . 2008-02-03 18:26 774144 -c--a-w c:\program files\RngInterstitial.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-12-25 68856]
"ccleaner"="c:\program files\CCleaner\CCleaner.exe" [2008-09-29 1279216]
"MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2009-04-28 190024]
"msnmsgr"="c:\progra~1\WI1F86~1\MESSEN~1\msnmsgr.exe" [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM Startup"="c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\isuspm.exe" [2004-04-17 196608]
"NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"avgnt"="c:\program files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-06-12 266497]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888]
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2009-04-02 198160]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-03-27 13684736]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-03-27 86016]
"MessengerPlus3"="c:\program files\MessengerPlus! 3\MsgPlus.exe" [2009-04-28 190024]
"BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-04-14 110592]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2009-03-27 17567744]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-03-27 1657376]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-9-30 691720]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"c:\\Program Files\\Freeplayer\\vlc\\vlc.exe"=
"c:\\Program Files\\Odebit Multimédia\\V3.2\\Odebit.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Sync\\WindowsLiveSync.exe"=

R3 ATICDSDr;ATICDSDr; [x]
R3 fsssvc;Windows Live Contrôle parental;c:\program files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
R3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2009-03-15 216232]
S0 PzWDM;PzWDM;c:\windows\system32\Drivers\PzWDM.sys [2005-06-29 15172]
S1 SbFw;SbFw;c:\windows\system32\drivers\SbFw.sys [2008-10-31 270888]
S1 sbhips;Sunbelt HIPS Driver;c:\windows\system32\drivers\sbhips.sys [2008-06-21 66600]
S2 fssfltr;fssfltr;c:\windows\system32\DRIVERS\fssfltr_tdi.sys [2009-02-06 55152]
S2 SbPF.Launcher;SbPF.Launcher;c:\program files\Sunbelt Software\Personal Firewall\SbPFLnch.exe [2008-10-31 95528]
S2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-01-14 226656]
S2 SPF4;Sunbelt Personal Firewall 4;c:\program files\Sunbelt Software\Personal Firewall\SbPFSvc.exe [2008-10-31 1365288]
S2 Start BT in service;Start BT in service;c:\program files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2007-09-30 51816]
S3 SBFWIMCL;Sunbelt Software Firewall NDIS IM Filter Miniport;c:\windows\system32\DRIVERS\sbfwim.sys [2008-06-21 65576]
S3 V0260VID;Live! Cam Vista IM;c:\windows\system32\DRIVERS\V0260Vid.sys [2006-04-01 162176]

.
Contenu du dossier 'Tâches planifiées'

2009-04-30 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-12-19 14:05]
.
- - - - ORPHELINS SUPPRIMES - - - -

HKLM-Run-Bluetooth Connection Assistant - LBTWIZ.EXE


.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: microsoft.com\office
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
FF - ProfilePath -
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-30 19:26
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-448539723-963894560-725345543-1004\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-448539723-963894560-725345543-1004\Software\SecuROM\License information*]
"datasecu"=hex:98,22,f1,fd,6f,a7,8e,cc,2c,7e,e4,0e,2e,e8,10,31,3c,26,44,b9,69,
eb,42,0e,29,da,34,11,15,46,14,26,2f,6b,cb,2c,04,29,b6,9f,fa,99,f5,bd,f5,09,\
"rkeysecu"=hex:40,74,11,be,97,20,3c,ef,32,02,b8,59,9a,13,e5,ed
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'explorer.exe'(3656)
c:\program files\MessengerPlus! 3\MsgPlusLoader1.dll
c:\windows\system32\eappprxy.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\program files\Avira\AntiVir PersonalEdition Classic\sched.exe
c:\program files\Avira\AntiVir PersonalEdition Classic\avguard.exe
c:\program files\IVT Corporation\BlueSoleil\BTNtService.exe
c:\windows\system32\drivers\CDAC11BA.EXE
c:\program files\Java\jre6\bin\jqs.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\wbem\wmiapsrv.exe
c:\program files\Sunbelt Software\Personal Firewall\SbPFCl.exe
c:\windows\system32\rundll32.exe
c:\windows\system32\wscntfy.exe
c:\program files\Windows Live\Messenger\msnmsgr.exe
.
**************************************************************************
.
Heure de fin: 2009-04-30 19:31 - La machine a redémarré
ComboFix-quarantined-files.txt 2009-04-30 17:31

Avant-CF: 83 852 505 088 octets libres
Après-CF: 83 792 072 704 octets libres

WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect

226 --- E O F --- 2009-04-29 06:44

Merci d'avanceConfiguration: Windows XP Internet Explorer 7.0