[résolu] pub sur internet(winantivirus, casino, ect)

je connais pas l'art de la lecture des logs de Hijack, mais va sur http://safety.live.com/site/fr-FR#, ça a marché pour un ami..^^
Lu+

wow les reponse sont rapide ici

alors ça a marché?
Lu+

nan il na rien trouver.. oh jen peu plus de c pub mais c simpa de mavoir aidé merci bcp

bah m**** alors, bon bah je vais laisser les pros genre AngelDark s'occuper de ton cas...dsl, sinon pou information http://assiste.free.fr site pas mal avec logithèque bien fournie..voilà en attendant..encore dsl, un échec de plus ! et mince!

Bonsoir,

Infection du type Vundo.

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.

Double-clique VundoFix.exe afin de le lancer

Clique sur le bouton Scan for Vundo

Lorsque le scan est complété, clique sur le bouton Remove Vundo

Une invite te demandera si tu veux supprimer les fichiers, clique YES

Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers

Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK

Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse

Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".

alors la merci pour la rapidité de t réponse bon voila:
Logfile of HijackThis v1.99.1
Scan saved at 22:03:06, on 27/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\SYSTEM32\HPZipm12.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\1XConfig.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Messenger\msmsgs.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Brice\Desktop\HijackThis.exe
c:\program files\internet explorer\iexplore.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - (no file)
O2 - BHO: (no name) - {36187151-fb7b-4ae7-a426-3708cea364b7} - C:\WINDOWS\system32\mmc500.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {74B1BDBA-F89B-896D-41D1-0467F1B41A34} - C:\WINDOWS\system32\gzvmcqc.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A49AD78A-A7AD-4368-8086-1E63FE6A0BD5} - C:\WINDOWS\system32\hgday.dll (file missing)
O2 - BHO: (no name) - {E0E154FC-FA08-45E2-9059-CBABB5AA0397} - (no file)
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [yomizdh.dll] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\yomizdh.dll,aaodhgd
O4 - HKLM\..\Run: [ioloDelayModule] C:\Program Files\iolo\System Mechanic Professional 6\delay.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe"
O4 - HKCU\..\Run: [Jump bags] C:\DOCUME~1\Brice\APPLIC~1\PLUSSE~1\Road regs.exe
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.ca...
O16 - DPF: {5D8844F9-1CB8-11D2-A0A0-00600859EB9F} (PatchCtl Class) - file://C:\Program Files\EA SPORTS\FIFA 2004\update.1.1\patchx2.cab
O16 - DPF: {8C09CA2F-E2FF-4BBB-ACD5-9AFCDC9FC16C} (PGameASPX.PGameControl) - http://powlin.no-ip.org:81/PGameASPX.CAB
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs:
O20 - Winlogon Notify: ComPlusSetup - C:\WINDOWS\system32\catsrvut.dll
O20 - Winlogon Notify: explorer - explorer.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: mmc500 - C:\WINDOWS\SYSTEM32\mmc500.dll
O20 - Winlogon Notify: Sebring - C:\WINDOWS\system32\LgNotify.dll
O20 - Winlogon Notify: winfkx32 - winfkx32.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

VundoFix V6.2.6

Checking Java version...

Java version is 1.5.0.6

Scan started at 21:52:41 27/10/2006

Listing files found while scanning....

C:\WINDOWS\system32\blnqovhk.dll
C:\WINDOWS\system32\gzvmcqc.dll
C:\WINDOWS\system32\hgday.dll
C:\WINDOWS\system32\yadgh.ini
C:\WINDOWS\system32\yadgh.bak1
C:\WINDOWS\system32\yadgh.bak2
C:\WINDOWS\system32\yadgh.ini2
C:\WINDOWS\system32\iesdjqss.dll
C:\WINDOWS\system32\ljtkoyax.dll
C:\WINDOWS\system32\oeqjbrlh.dll
C:\WINDOWS\system32\ohmimeid.dll
C:\WINDOWS\system32\txiripdw.dll
C:\WINDOWS\system32\yomizdh.dll
C:\WINDOWS\system32\hjsuyuhq.exe
C:\WINDOWS\system32\hptfetme.exe
C:\Program Files\Common Files\{4C572522-0639-1033-0128-050203200021}\services.dll
C:\WINDOWS\system32\hgday.dll
C:\WINDOWS\system32\yadgh.ini
C:\WINDOWS\system32\yadgh.bak1
C:\WINDOWS\system32\yadgh.bak2
C:\WINDOWS\system32\yadgh.ini2
C:\WINDOWS\system32\yadgh.ini
C:\WINDOWS\system32\yadgh.bak1
C:\WINDOWS\system32\yadgh.bak2
C:\WINDOWS\system32\yadgh.ini2

Beginning removal...

Le rapport Vundofix n'est pas complet.

escuse moi en effet:

VundoFix V6.2.6

Checking Java version...

Java version is 1.5.0.6

Scan started at 21:52:41 27/10/2006

Listing files found while scanning....

C:\WINDOWS\system32\blnqovhk.dll
C:\WINDOWS\system32\gzvmcqc.dll
C:\WINDOWS\system32\hgday.dll
C:\WINDOWS\system32\yadgh.ini
C:\WINDOWS\system32\yadgh.bak1
C:\WINDOWS\system32\yadgh.bak2
C:\WINDOWS\system32\yadgh.ini2
C:\WINDOWS\system32\iesdjqss.dll
C:\WINDOWS\system32\ljtkoyax.dll
C:\WINDOWS\system32\oeqjbrlh.dll
C:\WINDOWS\system32\ohmimeid.dll
C:\WINDOWS\system32\txiripdw.dll
C:\WINDOWS\system32\yomizdh.dll
C:\WINDOWS\system32\hjsuyuhq.exe
C:\WINDOWS\system32\hptfetme.exe
C:\Program Files\Common Files\{4C572522-0639-1033-0128-050203200021}\services.dll
C:\WINDOWS\system32\hgday.dll
C:\WINDOWS\system32\yadgh.ini
C:\WINDOWS\system32\yadgh.bak1
C:\WINDOWS\system32\yadgh.bak2
C:\WINDOWS\system32\yadgh.ini2
C:\WINDOWS\system32\yadgh.ini
C:\WINDOWS\system32\yadgh.bak1
C:\WINDOWS\system32\yadgh.bak2
C:\WINDOWS\system32\yadgh.ini2

Beginning removal...

Attempting to delete C:\WINDOWS\system32\blnqovhk.dll
C:\WINDOWS\system32\blnqovhk.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\gzvmcqc.dll
C:\WINDOWS\system32\gzvmcqc.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\hgday.dll
C:\WINDOWS\system32\hgday.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\yadgh.ini
C:\WINDOWS\system32\yadgh.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\yadgh.bak1
C:\WINDOWS\system32\yadgh.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\yadgh.bak2
C:\WINDOWS\system32\yadgh.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\yadgh.ini2
C:\WINDOWS\system32\yadgh.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\iesdjqss.dll
C:\WINDOWS\system32\iesdjqss.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ljtkoyax.dll
C:\WINDOWS\system32\ljtkoyax.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\oeqjbrlh.dll
C:\WINDOWS\system32\oeqjbrlh.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ohmimeid.dll
C:\WINDOWS\system32\ohmimeid.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\txiripdw.dll
C:\WINDOWS\system32\txiripdw.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\yomizdh.dll
C:\WINDOWS\system32\yomizdh.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\hjsuyuhq.exe
C:\WINDOWS\system32\hjsuyuhq.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\hptfetme.exe
C:\WINDOWS\system32\hptfetme.exe Has been deleted!

Attempting to delete C:\Program Files\Common Files\{4C572522-0639-1033-0128-050203200021}\services.dll
C:\Program Files\Common Files\{4C572522-0639-1033-0128-050203200021}\services.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\hgday.dll
C:\WINDOWS\system32\hgday.dll Could not be deleted.

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete C:\WINDOWS\system32\hgday.dll
C:\WINDOWS\system32\hgday.dll Has been deleted!

Performing Repairs to the registry.
Done!

la page de pub ki menerve c www.888.com (un truc de casino) ki se met au demarge et ki parfoi kan je fai une application il souvre et fai un giga bug ds mon ordi
jen sui vraiment a bout mais tu me remet de lespoir

Re,

Télécharge combofix.exe (par sUBs) sur ton Bureau

Double clique combofix.exe.

Tape sur la touche Y (Yes) pour démarrer le scan.

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

tu es très rapide toi merci encore de tenir jusk au bou

Brice - 06-10-27 22:55:13,86 Service Pack 2
ComboFix 06.10.19 - Running from: "C:\Program Files\Mozilla Firefox"

((((((((((((((((((((((((((((((((((((((((((((( Look2Me's Log ))))))))))))))))))))))))))))))))))))))))))))))))))


Granting sedebugprivilege to Administrators ... successful


(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\components
C:\Program Files\Common Files\{4C572522-0639-1033-0128-050203200021}


((((((((((((((((((((((((((((((( Files Created from 2006-09-27 to 2006-10-27 ))))))))))))))))))))))))))))))))))


2006-10-27 18:23 16,352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2006-10-27 18:22 90,112 --a------ C:\WINDOWS\system32\AVASTSS.scr
2006-10-27 18:22 87,424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2006-10-27 18:22 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2006-10-27 18:22 666,240 --a------ C:\WINDOWS\system32\aswBoot.exe
2006-10-27 18:22 36,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2006-10-27 18:22 24,560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2006-10-26 20:02 1,269,461 --a------ C:\WINDOWS\system32\server.exe
2006-10-26 18:40 66,560 C:\WINDOWSwinamp 5.3b Keygen[www.eselfilm.de].exe
2006-10-26 12:29 18,610 --a------ C:\WINDOWS\system32\mmc500.dll
2006-10-22 17:25 67,604 --a------ C:\WINDOWS\system32\ihktvfnq.exe
2006-10-21 12:18 53,248 --a------ C:\WINDOWS\system32\Process.exe
2006-10-21 12:18 40,960 --a------ C:\WINDOWS\system32\swsc.exe
2006-10-21 12:18 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2006-10-21 12:18 135,168 --a------ C:\WINDOWS\system32\swreg.exe
2006-10-19 17:01 67,604 --a------ C:\WINDOWS\system32\tqhsryyt.exe
2006-10-17 17:17 135,168 --a------ C:\WINDOWS\system32\igfxres.dll
2006-10-17 17:01 87,424 --a------ C:\WINDOWS\system32\drivers\irda.sys
2006-10-17 17:01 8,192 --a------ C:\WINDOWS\system32\wshirda.dll
2006-10-17 17:01 27,136 --a------ C:\WINDOWS\system32\irmon.dll
2006-10-17 17:01 152,576 --a------ C:\WINDOWS\system32\irftp.exe
2006-10-17 16:52 19,584 --a------ C:\WINDOWS\system32\drivers\rasirda.sys
2006-10-17 16:46 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2006-10-17 16:46 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2006-10-16 21:18 14,848 --a------ C:\WINDOWS\system32\BASSMOD.dll
2006-10-15 23:37 76,560 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2006-10-15 23:23 253 --a------ C:\Documents and Settings\Brice\g.reg
2006-10-05 12:57 206 --a------ C:\WINDOWS\tccbl.dll
2006-10-04 21:02 49,152 --a------ C:\WINDOWS\Iniexpander.exe
2006-10-01 14:32 9,341 --a------ C:\WINDOWS\system32\drivers\filedisk.sys
2006-10-01 14:31 41,472 --a------ C:\WINDOWS\system32\iolobtdfg.exe
2006-10-01 14:31 25,264 --a------ C:\WINDOWS\system32\smrgdf.exe
2006-10-01 14:31 1,212,928 --a------ C:\WINDOWS\system32\Incinerator.dll
2006-10-01 12:03 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys
2006-09-28 06:00 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-10-27 22:55 -------- d-------- C:\Program Files\Common Files
2006-10-27 22:54 -------- d-------- C:\Program Files\Mozilla Firefox
2006-10-27 18:22 -------- d-------- C:\Program Files\Alwil Software
2006-10-27 12:16 -------- d-------- C:\Program Files\Sunbelt Software
2006-10-27 10:54 -------- d-------- C:\Program Files\ewido anti-spyware 4.0
2006-10-26 20:03 -------- d-------- C:\Program Files\EA SPORTS
2006-10-26 18:55 66560 --a------ C:\WINDOWS\winamp 5.3b Keygen[www.eselfilm.de].exe
2006-10-26 11:59 25600 --a------ C:\WINDOWS\system32\igfxtray.exe
2006-10-26 11:59 25600 --a------ C:\WINDOWS\system32\hkcmd.exe
2006-10-26 11:59 -------- d-------- C:\Program Files\Messenger
2006-10-26 11:59 -------- d-------- C:\Documents and Settings\Brice\Application Data\plus seek wma
2006-10-25 20:23 -------- d-------- C:\Documents and Settings\Brice\Application Data\Skype
2006-10-24 15:50 -------- d-------- C:\Program Files\Common Files\Companion Wizard
2006-10-23 19:51 -------- d-------- C:\Program Files\EA GAMES
2006-10-23 17:59 -------- d-------- C:\Program Files\tunebite
2006-10-21 20:08 -------- d-------- C:\Documents and Settings\Brice\Application Data\NetPumper
2006-10-17 18:20 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-10-17 18:20 -------- d-------- C:\Program Files\IVT Corporation
2006-10-17 17:07 -------- d-------- C:\Program Files\Windows Media Player
2006-10-16 22:49 -------- d-a------ C:\Program Files\LieroX-v0.62b
2006-10-16 19:43 -------- d-------- C:\Program Files\Google
2006-10-16 18:43 -------- d-------- C:\Documents and Settings\Brice\Application Data\UseNeXT
2006-10-16 05:39 -------- d-------- C:\Program Files\Internet Explorer
2006-10-16 05:35 -------- d-------- C:\Program Files\D-Tools
2006-10-15 18:02 -------- d---s---- C:\Documents and Settings\Brice\Application Data\Microsoft
2006-10-15 13:20 -------- d-------- C:\Documents and Settings\Brice\Application Data\Syntrillium
2006-10-14 11:56 -------- d-------- C:\Documents and Settings\Brice\Application Data\Image Zone Express
2006-10-14 11:13 447 --a------ C:\Documents and Settings\Brice\Application Data\Hewlett-PackardHP PSC 1400 series1160816356_PROTOCOL.log
2006-10-14 11:13 364 --a------ C:\Documents and Settings\Brice\Application Data\Hewlett-PackardHP PSC 1400 series1160816356_UI.log
2006-10-14 11:13 0 --a------ C:\Documents and Settings\Brice\Application Data\Hewlett-PackardHP PSC 1400 series1160816356_API.log
2006-10-14 11:03 -------- d-------- C:\Documents and Settings\Brice\Application Data\HP
2006-10-14 10:29 2846 --a------ C:\Documents and Settings\Brice\Application Data\Hewlett-PackardHP PSC 1400 series1145277195_UI.log
2006-10-14 10:25 -------- d-------- C:\Program Files\HP
2006-10-14 10:25 -------- d-------- C:\Program Files\Common Files\HP
2006-10-11 20:11 -------- d---s---- C:\Program Files\Xfire
2006-10-11 18:02 -------- d-------- C:\Documents and Settings\Brice\Application Data\Xfire
2006-10-08 09:20 -------- d-------- C:\Program Files\Common Files\Kaspersky Lab
2006-10-06 07:19 -------- d-------- C:\Documents and Settings\Brice\Application Data\Lavasoft
2006-10-06 07:18 -------- d-------- C:\Program Files\Lavasoft
2006-10-05 19:11 -------- d-------- C:\Program Files\WinRAR
2006-10-05 19:11 -------- d-------- C:\Program Files\San Andreas Mod Installer
2006-10-01 22:17 -------- d-------- C:\Documents and Settings\Brice\Application Data\BitTorrent
2006-10-01 14:31 -------- d-------- C:\Program Files\iolo
2006-10-01 14:04 -------- d-------- C:\Documents and Settings\Brice\Application Data\Vso
2006-10-01 12:04 34 --a------ C:\Documents and Settings\Brice\Application Data\pcouffin.log
2006-10-01 12:03 81920 --a------ C:\Documents and Settings\Brice\Application Data\ezpinst.exe
2006-10-01 12:03 7176 --a------ C:\Documents and Settings\Brice\Application Data\pcouffin.cat
2006-10-01 12:03 47360 --a------ C:\Documents and Settings\Brice\Application Data\pcouffin.sys
2006-10-01 12:03 1144 --a------ C:\Documents and Settings\Brice\Application Data\pcouffin.inf
2006-10-01 12:03 -------- d-------- C:\Program Files\VSO
2006-10-01 08:59 -------- d-------- C:\Program Files\Windows Live Toolbar
2006-09-30 18:38 -------- d-------- C:\Program Files\DIFX
2006-09-30 11:16 -------- d-------- C:\Program Files\SlySoft
2006-09-29 17:10 -------- d-------- C:\Documents and Settings\Brice\Application Data\F-Secure
2006-09-29 13:14 -------- d-------- C:\Documents and Settings\Brice\Application Data\ispnews
2006-09-27 18:02 -------- d-------- C:\Program Files\Wanadoo
2006-09-27 16:20 -------- d-------- C:\Program Files\MSN Messenger
2006-09-24 13:27 -------- d-------- C:\Program Files\mobile PhoneTools
2006-09-23 15:24 -------- d-------- C:\Program Files\DivX
2006-09-17 21:09 -------- d-------- C:\Program Files\Core Design
2006-09-17 20:54 89 --a------ C:\Program Files\INSTALL.LOG
2006-09-17 14:14 -------- d-------- C:\Documents and Settings\Brice\Application Data\tunebite
2006-09-17 13:28 1329 --a------ C:\Documents and Settings\Brice\Application Data\Hewlett-PackardHP PSC 1400 series1145277195_PROTOCOL.log
2006-09-17 12:02 -------- d-------- C:\Program Files\Common Files\Real
2006-09-17 12:02 -------- d-------- C:\Documents and Settings\Brice\Application Data\Real
2006-09-17 10:56 694611 --a------ C:\Documents and Settings\Brice\Application Data\NMM-MetaData.db
2006-09-16 15:50 -------- d-------- C:\Program Files\directx
2006-09-04 18:38 -------- d-------- C:\Program Files\Common Files\Microsoft Shared
2006-08-28 00:38 -------- d-------- C:\Program Files\ComPlus Applications
2006-08-27 20:35 -------- d-------- C:\Program Files\LiveUpdate
2006-08-27 20:00 -------- d-------- C:\Program Files\Dell
2006-08-12 15:18 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2006-07-29 19:32 48936 --a------ C:\WINDOWS\system32\sirenacm.dll
2006-07-14 10:19 0 --a--c--- C:\Documents and Settings\Brice\Application Data\Hewlett-PackardHP PSC 1400 series1145277195_API.log


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"SMSystemAnalyzer"="\"C:\\Program Files\\iolo\\System Mechanic Professional 6\\SMSystemAnalyzer.exe\""
"Jump bags"="C:\\DOCUME~1\\Brice\\APPLIC~1\\PLUSSE~1\\Road regs.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"PRONoMgr.exe"="C:\\Program Files\\Intel\\NCS\\PROSet\\PRONoMgr.exe"
"yomizdh.dll"="C:\\WINDOWS\\system32\\rundll32.exe C:\\WINDOWS\\system32\\yomizdh.dll,aaodhgd"
"ioloDelayModule"="C:\\Program Files\\iolo\\System Mechanic Professional 6\\delay.exe"
"igfxtray"="C:\\WINDOWS\\system32\\igfxtray.exe"
"igfxhkcmd"="C:\\WINDOWS\\system32\\hkcmd.exe"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000004

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"="Narrator.exe"
"tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\
33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\runonce]
"RunNarrator"="Narrator.exe"
"tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\
33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=hex:95,00,00,00

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"DisableTaskMgr"=dword:00000001
"DisableRegistryTools"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoCDBurning"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mmc500
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winfkx32

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\A4BC47D2904BC6B2.job

Completion time: 06-10-27 22:59:32.68
C:\ComboFix.txt ... 06-10-27 22:59

Re,



S'il te plaît, va ici pour uploader un fichier douteux pour analyse.

"Your Username:" - Entre ton pseudo sur ce forum

"Topic Where File Was Requested:" - Copie-colle le lien vers cette discussion

"File(s) To Submit:" - Bouton "Parcourir..." pour naviguer vers ce nom de fichier : C:\WINDOWS\system32\mmc500.dll

Cliquez sur Send File

Clic sur le menu Démarrer puis executer et copie/colle ceci :
"%userprofile%\Bureau\combofix.exe" /v mmc500
puis clic sur OK.

Suis les invites.

Ne touche a rien et attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

ca c un très bonne idée davoir crée se site pour uploader le fichier

bon voila le scan
Brice - 06-10-27 23:16:08,26 Service Pack 2
ComboFix 06.10.19 - Running from: "C:\Documents and Settings\Brice\desktop"
Command switches used :: /v mmc500

(((((((((((((((((((((((((((((((((((((((((((((((( Vundo Log )))))))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\mmc500.dll


* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *



((((((((((((((((((((((((((((((( Files Created from 2006-09-27 to 2006-10-27 ))))))))))))))))))))))))))))))))))


2006-10-27 18:23 16,352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2006-10-27 18:22 90,112 --a------ C:\WINDOWS\system32\AVASTSS.scr
2006-10-27 18:22 87,424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2006-10-27 18:22 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2006-10-27 18:22 666,240 --a------ C:\WINDOWS\system32\aswBoot.exe
2006-10-27 18:22 36,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2006-10-27 18:22 24,560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2006-10-26 20:02 1,269,461 --a------ C:\WINDOWS\system32\server.exe
2006-10-26 18:40 66,560 C:\WINDOWSwinamp 5.3b Keygen[www.eselfilm.de].exe
2006-10-22 17:25 67,604 --a------ C:\WINDOWS\system32\ihktvfnq.exe
2006-10-21 12:18 53,248 --a------ C:\WINDOWS\system32\Process.exe
2006-10-21 12:18 40,960 --a------ C:\WINDOWS\system32\swsc.exe
2006-10-21 12:18 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2006-10-21 12:18 135,168 --a------ C:\WINDOWS\system32\swreg.exe
2006-10-19 17:01 67,604 --a------ C:\WINDOWS\system32\tqhsryyt.exe
2006-10-17 17:17 135,168 --a------ C:\WINDOWS\system32\igfxres.dll
2006-10-17 17:01 87,424 --a------ C:\WINDOWS\system32\drivers\irda.sys
2006-10-17 17:01 8,192 --a------ C:\WINDOWS\system32\wshirda.dll
2006-10-17 17:01 27,136 --a------ C:\WINDOWS\system32\irmon.dll
2006-10-17 17:01 152,576 --a------ C:\WINDOWS\system32\irftp.exe
2006-10-17 16:52 19,584 --a------ C:\WINDOWS\system32\drivers\rasirda.sys
2006-10-17 16:46 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2006-10-17 16:46 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2006-10-16 21:18 14,848 --a------ C:\WINDOWS\system32\BASSMOD.dll
2006-10-15 23:37 76,560 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2006-10-15 23:23 253 --a------ C:\Documents and Settings\Brice\g.reg
2006-10-05 12:57 206 --a------ C:\WINDOWS\tccbl.dll
2006-10-04 21:02 49,152 --a------ C:\WINDOWS\Iniexpander.exe
2006-10-01 14:32 9,341 --a------ C:\WINDOWS\system32\drivers\filedisk.sys
2006-10-01 14:31 41,472 --a------ C:\WINDOWS\system32\iolobtdfg.exe
2006-10-01 14:31 25,264 --a------ C:\WINDOWS\system32\smrgdf.exe
2006-10-01 14:31 1,212,928 --a------ C:\WINDOWS\system32\Incinerator.dll
2006-10-01 12:03 47,360 --a------ C:\WINDOWS\system32\drivers\pcouffin.sys
2006-09-28 06:00 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-10-27 23:00 -------- d-------- C:\Program Files\Mozilla Firefox
2006-10-27 22:55 -------- d-------- C:\Program Files\Common Files
2006-10-27 18:22 -------- d-------- C:\Program Files\Alwil Software
2006-10-27 12:16 -------- d-------- C:\Program Files\Sunbelt Software
2006-10-27 10:54 -------- d-------- C:\Program Files\ewido anti-spyware 4.0
2006-10-26 20:03 -------- d-------- C:\Program Files\EA SPORTS
2006-10-26 18:55 66560 --a------ C:\WINDOWS\winamp 5.3b Keygen[www.eselfilm.de].exe
2006-10-26 11:59 25600 --a------ C:\WINDOWS\system32\igfxtray.exe
2006-10-26 11:59 25600 --a------ C:\WINDOWS\system32\hkcmd.exe
2006-10-26 11:59 -------- d-------- C:\Program Files\Messenger
2006-10-26 11:59 -------- d-------- C:\Documents and Settings\Brice\Application Data\plus seek wma
2006-10-25 20:23 -------- d-------- C:\Documents and Settings\Brice\Application Data\Skype
2006-10-24 15:50 -------- d-------- C:\Program Files\Common Files\Companion Wizard
2006-10-23 19:51 -------- d-------- C:\Program Files\EA GAMES
2006-10-23 17:59 -------- d-------- C:\Program Files\tunebite
2006-10-21 20:08 -------- d-------- C:\Documents and Settings\Brice\Application Data\NetPumper
2006-10-17 18:20 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-10-17 18:20 -------- d-------- C:\Program Files\IVT Corporation
2006-10-17 17:07 -------- d-------- C:\Program Files\Windows Media Player
2006-10-16 22:49 -------- d-a------ C:\Program Files\LieroX-v0.62b
2006-10-16 19:43 -------- d-------- C:\Program Files\Google
2006-10-16 18:43 -------- d-------- C:\Documents and Settings\Brice\Application Data\UseNeXT
2006-10-16 05:39 -------- d-------- C:\Program Files\Internet Explorer
2006-10-16 05:35 -------- d-------- C:\Program Files\D-Tools
2006-10-15 18:02 -------- d---s---- C:\Documents and Settings\Brice\Application Data\Microsoft
2006-10-15 13:20 -------- d-------- C:\Documents and Settings\Brice\Application Data\Syntrillium
2006-10-14 11:56 -------- d-------- C:\Documents and Settings\Brice\Application Data\Image Zone Express
2006-10-14 11:13 447 --a------ C:\Documents and Settings\Brice\Application Data\Hewlett-PackardHP PSC 1400 series1160816356_PROTOCOL.log
2006-10-14 11:13 364 --a------ C:\Documents and Settings\Brice\Application Data\Hewlett-PackardHP PSC 1400 series1160816356_UI.log
2006-10-14 11:13 0 --a------ C:\Documents and Settings\Brice\Application Data\Hewlett-PackardHP PSC 1400 series1160816356_API.log
2006-10-14 11:03 -------- d-------- C:\Documents and Settings\Brice\Application Data\HP
2006-10-14 10:29 2846 --a------ C:\Documents and Settings\Brice\Application Data\Hewlett-PackardHP PSC 1400 series1145277195_UI.log
2006-10-14 10:25 -------- d-------- C:\Program Files\HP
2006-10-14 10:25 -------- d-------- C:\Program Files\Common Files\HP
2006-10-11 20:11 -------- d---s---- C:\Program Files\Xfire
2006-10-11 18:02 -------- d-------- C:\Documents and Settings\Brice\Application Data\Xfire
2006-10-08 09:20 -------- d-------- C:\Program Files\Common Files\Kaspersky Lab
2006-10-06 07:19 -------- d-------- C:\Documents and Settings\Brice\Application Data\Lavasoft
2006-10-06 07:18 -------- d-------- C:\Program Files\Lavasoft
2006-10-05 19:11 -------- d-------- C:\Program Files\WinRAR
2006-10-05 19:11 -------- d-------- C:\Program Files\San Andreas Mod Installer
2006-10-01 22:17 -------- d-------- C:\Documents and Settings\Brice\Application Data\BitTorrent
2006-10-01 14:31 -------- d-------- C:\Program Files\iolo
2006-10-01 14:04 -------- d-------- C:\Documents and Settings\Brice\Application Data\Vso
2006-10-01 12:04 34 --a------ C:\Documents and Settings\Brice\Application Data\pcouffin.log
2006-10-01 12:03 81920 --a------ C:\Documents and Settings\Brice\Application Data\ezpinst.exe
2006-10-01 12:03 7176 --a------ C:\Documents and Settings\Brice\Application Data\pcouffin.cat
2006-10-01 12:03 47360 --a------ C:\Documents and Settings\Brice\Application Data\pcouffin.sys
2006-10-01 12:03 1144 --a------ C:\Documents and Settings\Brice\Application Data\pcouffin.inf
2006-10-01 12:03 -------- d-------- C:\Program Files\VSO
2006-10-01 08:59 -------- d-------- C:\Program Files\Windows Live Toolbar
2006-09-30 18:38 -------- d-------- C:\Program Files\DIFX
2006-09-30 11:16 -------- d-------- C:\Program Files\SlySoft
2006-09-29 17:10 -------- d-------- C:\Documents and Settings\Brice\Application Data\F-Secure
2006-09-29 13:14 -------- d-------- C:\Documents and Settings\Brice\Application Data\ispnews
2006-09-27 18:02 -------- d-------- C:\Program Files\Wanadoo
2006-09-27 16:20 -------- d-------- C:\Program Files\MSN Messenger
2006-09-24 13:27 -------- d-------- C:\Program Files\mobile PhoneTools
2006-09-23 15:24 -------- d-------- C:\Program Files\DivX
2006-09-17 21:09 -------- d-------- C:\Program Files\Core Design
2006-09-17 20:54 89 --a------ C:\Program Files\INSTALL.LOG
2006-09-17 14:14 -------- d-------- C:\Documents and Settings\Brice\Application Data\tunebite
2006-09-17 13:28 1329 --a------ C:\Documents and Settings\Brice\Application Data\Hewlett-PackardHP PSC 1400 series1145277195_PROTOCOL.log
2006-09-17 12:02 -------- d-------- C:\Program Files\Common Files\Real
2006-09-17 12:02 -------- d-------- C:\Documents and Settings\Brice\Application Data\Real
2006-09-17 10:56 694611 --a------ C:\Documents and Settings\Brice\Application Data\NMM-MetaData.db
2006-09-16 15:50 -------- d-------- C:\Program Files\directx
2006-09-04 18:38 -------- d-------- C:\Program Files\Common Files\Microsoft Shared
2006-08-28 00:38 -------- d-------- C:\Program Files\ComPlus Applications
2006-08-27 20:35 -------- d-------- C:\Program Files\LiveUpdate
2006-08-27 20:00 -------- d-------- C:\Program Files\Dell
2006-08-12 15:18 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2006-07-29 19:32 48936 --a------ C:\WINDOWS\system32\sirenacm.dll
2006-07-14 10:19 0 --a--c--- C:\Documents and Settings\Brice\Application Data\Hewlett-PackardHP PSC 1400 series1145277195_API.log


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"SMSystemAnalyzer"="\"C:\\Program Files\\iolo\\System Mechanic Professional 6\\SMSystemAnalyzer.exe\""
"Jump bags"="C:\\DOCUME~1\\Brice\\APPLIC~1\\PLUSSE~1\\Road regs.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"PRONoMgr.exe"="C:\\Program Files\\Intel\\NCS\\PROSet\\PRONoMgr.exe"
"yomizdh.dll"="C:\\WINDOWS\\system32\\rundll32.exe C:\\WINDOWS\\system32\\yomizdh.dll,aaodhgd"
"ioloDelayModule"="C:\\Program Files\\iolo\\System Mechanic Professional 6\\delay.exe"
"igfxtray"="C:\\WINDOWS\\system32\\igfxtray.exe"
"igfxhkcmd"="C:\\WINDOWS\\system32\\hkcmd.exe"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000004

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"="Narrator.exe"
"tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\
33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\runonce]
"RunNarrator"="Narrator.exe"
"tscuninstall"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,65,6d,\
33,32,5c,74,73,63,75,70,67,72,64,2e,65,78,65,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=hex:95,00,00,00

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"DisableTaskMgr"=dword:00000001
"DisableRegistryTools"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoCDBurning"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\Sebring
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winfkx32

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"


Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\A4BC47D2904BC6B2.job

Completion time: 06-10-27 23:20:05.46
C:\ComboFix.txt ... 06-10-27 23:20
C:\ComboFix2.txt ... 06-10-27 22:59
merci mille fois!! jespere ke je te reveille pas si tu nen peu plus repon moi dem1!!

Re,

Reposte un rapport Hijackthis.

si tu ne trouve pas de solutions se n'est pas grave je pense que je vais formater l'ordi

Logfile of HijackThis v1.99.1
Scan saved at 13:20:29, on 28/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\SYSTEM32\HPZipm12.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\1XConfig.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Messenger\msmsgs.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Brice\Desktop\scanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {74B1BDBA-F89B-896D-41D1-0467F1B41A34} - C:\WINDOWS\system32\gzvmcqc.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A49AD78A-A7AD-4368-8086-1E63FE6A0BD5} - C:\WINDOWS\system32\hgday.dll (file missing)
O2 - BHO: (no name) - {E0E154FC-FA08-45E2-9059-CBABB5AA0397} - (no file)
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [yomizdh.dll] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\yomizdh.dll,aaodhgd
O4 - HKLM\..\Run: [ioloDelayModule] C:\Program Files\iolo\System Mechanic Professional 6\delay.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe"
O4 - HKCU\..\Run: [Jump bags] C:\DOCUME~1\Brice\APPLIC~1\PLUSSE~1\Road regs.exe
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.ca...
O16 - DPF: {5D8844F9-1CB8-11D2-A0A0-00600859EB9F} (PatchCtl Class) - file://C:\Program Files\EA SPORTS\FIFA 2004\update.1.1\patchx2.cab
O16 - DPF: {8C09CA2F-E2FF-4BBB-ACD5-9AFCDC9FC16C} (PGameASPX.PGameControl) - http://powlin.no-ip.org:81/PGameASPX.CAB
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs:
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: Sebring - C:\WINDOWS\system32\LgNotify.dll
O20 - Winlogon Notify: winfkx32 - winfkx32.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

merci

Re,

Télécharge puis installe AVG Anti-Spyware (AVG AS)
Une fois AVG AS lancé, clique sur "Mise à jour"
Ferme le programme.
AIDE : Tuto de Malekal

Redémarre en mode sans échec

Relance AVG AS puis choisis l'onglet "Analyse"
Puis l'onglet "Paramètres"
Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine"
Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"

/!\ Si un fichier est infecté en fin d'analyse /!\
Clique sur "Appliquer toutes les actions "

Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.

Redémarre normalement
Copie/Colle le rapport ici.

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 16:11:26 28/10/2006

+ Résultat de l'analyse:



C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0011443.dll -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0013043.dll -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0013875.dll -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0015342.dll -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016041.dll -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP14\A0017515.dll -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP14\A0017523.dll -> Adware.VB : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016592.dll -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016593.dll -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016594.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016595.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016596.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016597.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016598.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016599.dll -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016600.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016601.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016603.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016604.dll -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016605.cpl -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016606.dll -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016608.dll -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016609.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016610.dll -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016611.ini -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016612.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016613.dll -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016615.sys -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016616.dll -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016617.dll -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016618.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016619.dll -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016620.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016621.sys -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016622.sys -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016786.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016790.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016792.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016793.sys -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016794.sys -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016795.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0016796.sys -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0017004.dll -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0017007.dll -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0017009.dll -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0017011.ini -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0017012.dll -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP10\A0017015.dll -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP12\A0017147.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP12\A0017148.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP12\A0017149.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP12\A0017150.dll -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP12\A0017151.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP12\A0017205.dll -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP12\A0017207.ini -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP12\A0017208.dll -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP12\A0017209.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP12\A0017210.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP12\A0017211.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP12\A0017212.sys -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP12\A0017213.dll -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP12\A0017214.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP12\A0017215.dll -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP12\A0017216.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP12\A0017217.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP12\A0017221.dll -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP12\A0017222.dll -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP12\A0017223.dll -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP12\A0017224.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP12\A0017225.dll -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP12\A0017226.dll -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP14\A0017516.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP14\A0017517.dll -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP14\A0017518.cpl -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP14\A0017519.sys -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP14\A0017520.sys -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP14\A0017521.sys -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP14\A0017522.exe -> Adware.WinAntiVirus : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP14\A0017623.exe -> Backdoor.VB.aym : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP15\A0017647.exe -> Backdoor.VB.aym : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP16\A0017766.dll -> Logger.VBStat.e : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP16\A0017768.dll -> Logger.VBStat.e : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP16\A0017769.dll -> Logger.VBStat.e : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP16\A0017770.dll -> Logger.VBStat.e : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP16\A0017771.dll -> Logger.VBStat.e : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B8AE83F1-B9B4-4910-98A8-BAA18D0ABF79}\RP16\A0017772.dll -> Logger.VBStat.e : Nettoyé et sauvegardé (mise en quarantaine).
C:\VundoFix Backups\blnqovhk.dll.bad -> Logger.VBStat.e : Nettoyé et sauvegardé (mise en quarantaine).
C:\VundoFix Backups\iesdjqss.dll.bad -> Logger.VBStat.e : Nettoyé et sauvegardé (mise en quarantaine).
C:\VundoFix Backups\ljtkoyax.dll.bad -> Logger.VBStat.e : Nettoyé et sauvegardé (mise en quarantaine).
C:\VundoFix Backups\oeqjbrlh.dll.bad -> Logger.VBStat.e : Nettoyé et sauvegardé (mise en quarantaine).
C:\VundoFix Backups\ohmimeid.dll.bad -> Logger.VBStat.e : Nettoyé et sauvegardé (mise en quarantaine).
C:\VundoFix Backups\txiripdw.dll.bad -> Logger.VBStat.e : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\Andre\Local Settings\Temp\tinst4.exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\Brice\Cookies\brice@msnportal.112.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Brice\Cookies\brice@msnservices.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.28:C:\Documents and Settings\Brice\Application Data\Mozilla\Firefox\Profiles\250gk4nk.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.12:C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{2A962236-2BE4-4E2B-BC87-F659519A0F6D}\{90315A20-76AC-4B86-84F8-0FE4B48FD102}.txt/{90315A20-76AC-4B86-84F8-0FE4B48FD102}.txt -> TrackingCookie.Bluestreak : Erreur lors du nettoyage.
:mozilla.29:C:\Documents and Settings\Brice\Application Data\Mozilla\Firefox\Profiles\250gk4nk.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Brice\Cookies\brice@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Program Files\iolo\System Mechanic Professional 6\Undo\Manual\{0F21B11A-F7EA-4706-8178-F08C185E50E0}\{DE3DCDAF-6842-46F1-8778-D19790932088}.txt/{DE3DCDAF-6842-46F1-8778-D19790932088}.txt -> TrackingCookie.Casinotropez : Nettoyé.
C:\Program Files\iolo\System Mechanic Professional 6\Undo\Manual\{0F21B11A-F7EA-4706-8178-F08C185E50E0}\{D4B26262-26C6-4E50-861D-9AA29707B750}.txt/{D4B26262-26C6-4E50-861D-9AA29707B750}.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.25:C:\Documents and Settings\Brice\Application Data\Mozilla\Firefox\Profiles\250gk4nk.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Brice\Cookies\brice@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Brice\Cookies\brice@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyé.
C:\Documents and Settings\Brice\Cookies\brice@revenue[2].txt -> TrackingCookie.Revenue : Nettoyé.
:mozilla.10:C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{2A962236-2BE4-4E2B-BC87-F659519A0F6D}\{90315A20-76AC-4B86-84F8-0FE4B48FD102}.txt/{90315A20-76AC-4B86-84F8-0FE4B48FD102}.txt -> TrackingCookie.Smartadserver : Erreur lors du nettoyage.
:mozilla.11:C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{2A962236-2BE4-4E2B-BC87-F659519A0F6D}\{90315A20-76AC-4B86-84F8-0FE4B48FD102}.txt/{90315A20-76AC-4B86-84F8-0FE4B48FD102}.txt -> TrackingCookie.Smartadserver : Erreur lors du nettoyage.
:mozilla.22:C:\Documents and Settings\Brice\Application Data\Mozilla\Firefox\Profiles\250gk4nk.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.23:C:\Documents and Settings\Brice\Application Data\Mozilla\Firefox\Profiles\250gk4nk.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.24:C:\Documents and Settings\Brice\Application Data\Mozilla\Firefox\Profiles\250gk4nk.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.9:C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{2A962236-2BE4-4E2B-BC87-F659519A0F6D}\{90315A20-76AC-4B86-84F8-0FE4B48FD102}.txt/{90315A20-76AC-4B86-84F8-0FE4B48FD102}.txt -> TrackingCookie.Smartadserver : Erreur lors du nettoyage.
C:\Program Files\iolo\System Mechanic Professional 6\Undo\Manual\{0F21B11A-F7EA-4706-8178-F08C185E50E0}\{13B2E318-3868-47B7-B193-DB8BB703B51A}.txt/{13B2E318-3868-47B7-B193-DB8BB703B51A}.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.6:C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{2A962236-2BE4-4E2B-BC87-F659519A0F6D}\{90315A20-76AC-4B86-84F8-0FE4B48FD102}.txt/{90315A20-76AC-4B86-84F8-0FE4B48FD102}.txt -> TrackingCookie.Weborama : Erreur lors du nettoyage.
:mozilla.7:C:\Program Files\iolo\System Mechanic 6\Undo\Manual\{2A962236-2BE4-4E2B-BC87-F659519A0F6D}\{90315A20-76AC-4B86-84F8-0FE4B48FD102}.txt/{90315A20-76AC-4B86-84F8-0FE4B48FD102}.txt -> TrackingCookie.Weborama : Erreur lors du nettoyage.
C:\Documents and Settings\Brice\Cookies\brice@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Program Files\iolo\System Mechanic Professional 6\Undo\Manual\{0F21B11A-F7EA-4706-8178-F08C185E50E0}\{CC18C4F2-F337-42A9-B3CA-048328CB6E40}.txt/{CC18C4F2-F337-42A9-B3CA-048328CB6E40}.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Brice\Cookies\brice@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.


Fin du rapport

Reposte un rapport Hijackthis stp.

Logfile of HijackThis v1.99.1
Scan saved at 19:02:29, on 28/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\1XConfig.exe
C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Messenger\msmsgs.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\SYSTEM32\HPZipm12.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Brice\Desktop\scanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1DAEFCB9-06C8-47c6-8F20-3FB54B244DAA} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {74B1BDBA-F89B-896D-41D1-0467F1B41A34} - C:\WINDOWS\system32\gzvmcqc.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A49AD78A-A7AD-4368-8086-1E63FE6A0BD5} - C:\WINDOWS\system32\hgday.dll (file missing)
O2 - BHO: (no name) - {E0E154FC-FA08-45E2-9059-CBABB5AA0397} - (no file)
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [yomizdh.dll] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\yomizdh.dll,aaodhgd
O4 - HKLM\..\Run: [ioloDelayModule] C:\Program Files\iolo\System Mechanic Professional 6\delay.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe"
O4 - HKCU\..\Run: [Jump bags] C:\DOCUME~1\Brice\APPLIC~1\PLUSSE~1\Road regs.exe
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.ca...
O16 - DPF: {5D8844F9-1CB8-11D2-A0A0-00600859EB9F} (PatchCtl Class) - file://C:\Program Files\EA SPORTS\FIFA 2004\update.1.1\patchx2.cab
O16 - DPF: {8C09CA2F-E2FF-4BBB-ACD5-9AFCDC9FC16C} (PGameASPX.PGameControl) - http://powlin.no-ip.org:81/PGameASPX.CAB
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs:
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: Sebring - C:\WINDOWS\system32\LgNotify.dll
O20 - Winlogon Notify: winfkx32 - winfkx32.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

j'ai aussi un autre probleme iexplore.exe est affiché 2 fois ds la barre de tache alors ke je n'utilise pas internet explorer?pouvez vous aussi m'aidez sur ca?

Bonjour,

Télécharge SpySweeper (de Webroot) de ce lien (version d'essai de 14 jours) : http://www.webroot.com/fr/land/karangatrial.php?rc=1611...

Clique sur "Télécharger la version test".

Installe le programme. Une fois installé, il se lancera.

L'option de le mettre à jour s'affichera; clic Oui.

Lorsque les mises à jour seront installées, clic Options sur la gauche.

Clic sur l'onglet Options d'analyse.

Sous A analyser, coche les options suivantes:

Analyser la mémoire

Analyser le Registre

Analyser les cookies

Analyser tous les comptes utilisateurs

Activer l'analyse directe du disque

Analyser le contenu des fichiers compressés

Analyse à la recherche de rootkits

DÉCOCHE Ne pas analyser les dossiers de restauration du système (uniquement pour Windows Me et XP)

Clic Analyser sur la gauche.

Clic sur Démarrer.

Quand le scan est terminé, clic sur Suivant.

Assure-toi que tous les items sont cochés, puis clic sur Suivant.

Tous les items cochés seront éliminés.

Si Spy Sweeper veut redémarrer pour terminer le nettoyage : ACCEPTE.

Clic Journal de session au haut - à droite, et copie tout ce qu'il y a dans la fenêtre.

Clic sur l'onglet Récapitulatif, puis clic sur Terminer.

Colle le contenu du "Journal de session" dans ta prochaine réponse avec un nouveau rapport HijackThis.

merci d'avoir répondu je le ferai plus tard

j'ai un probleme je trouve pas le journal de spy sweeper car il ma demnder de redmarrer lordi apres avoir trouver une erreur
Logfile of HijackThis v1.99.1
Scan saved at 17:03:35, on 29/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SYSTEM32\HPZipm12.exe
C:\WINDOWS\system32\1XConfig.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Messenger\msmsgs.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Brice\Desktop\scanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {74B1BDBA-F89B-896D-41D1-0467F1B41A34} - C:\WINDOWS\system32\gzvmcqc.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A49AD78A-A7AD-4368-8086-1E63FE6A0BD5} - C:\WINDOWS\system32\hgday.dll (file missing)
O2 - BHO: (no name) - {E0E154FC-FA08-45E2-9059-CBABB5AA0397} - (no file)
O4 - HKLM\..\Run: [PRONoMgr.exe] "C:\Program Files\Intel\NCS\PROSet\PRONoMgr.exe"
O4 - HKLM\..\Run: [yomizdh.dll] "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\yomizdh.dll,aaodhgd
O4 - HKLM\..\Run: [ioloDelayModule] "C:\Program Files\iolo\System Mechanic Professional 6\delay.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe"
O4 - HKCU\..\Run: [Jump bags] "C:\DOCUME~1\Brice\APPLIC~1\PLUSSE~1\Road regs.exe"
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.ca...
O16 - DPF: {5D8844F9-1CB8-11D2-A0A0-00600859EB9F} (PatchCtl Class) - file://C:\Program Files\EA SPORTS\FIFA 2004\update.1.1\patchx2.cab
O16 - DPF: {8C09CA2F-E2FF-4BBB-ACD5-9AFCDC9FC16C} (PGameASPX.PGameControl) - http://powlin.no-ip.org:81/PGameASPX.CAB
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs:
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: Sebring - C:\WINDOWS\system32\LgNotify.dll
O20 - Winlogon Notify: winfkx32 - winfkx32.dll (file missing)
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

voila jai trouvé
17:01: | End of Session, dimanche 29 octobre 2006 |

16:57: The Spy Communication shield has blocked access to: AYB.DNS-LOOK-UP.COM
16:57: The Spy Communication shield has blocked access to: AYB.DNS-LOOK-UP.COM

Keylogger Shield: Off
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
16:55: Warning: Windows Messenger Shield: Could not open Messenger Service. Error: The specified service does not exist as an installed service
16:55: Warning: Windows Messenger Shield: Could not open Messenger Service. Error: The specified service does not exist as an installed service
16:55: Warning: Windows Messenger Shield: Could not open Messenger Service. Error: The specified service does not exist as an installed service
Common Ad Sites Shield: Off
Hosts File Shield: On
Spy Communication Shield: On
16:55: Warning: Windows Messenger Shield: Could not open Messenger Service. Error: The specified service does not exist as an installed service
16:55: Warning: Windows Messenger Shield: Could not open Messenger Service. Error: The specified service does not exist as an installed service
16:55: Warning: Windows Messenger Shield: Could not open Messenger Service. Error: The specified service does not exist as an installed service
16:55: Warning: Windows Messenger Shield: Could not open Messenger Service. Error: The specified service does not exist as an installed service
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
Spy Installation Shield: On
Memory Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: Off
16:55: Shield States
16:55: Spyware Definitions: 790
16:54: Spy Sweeper 5.0.7.1608 started
15:38: | End of Session, dimanche 29 octobre 2006 |

15:35: Your spyware definitions have been updated.

15:35: The Spy Communication shield has blocked access to: ADS.DNS-LOOK-UP.COM
15:35: The Spy Communication shield has blocked access to: ADS.DNS-LOOK-UP.COM

Keylogger Shield: Off
BHO Shield: On
IE Security Shield: On
Alternate Data Stream (ADS) Execution Shield: On
Startup Shield: On
Common Ad Sites Shield: Off
Hosts File Shield: On
Spy Communication Shield: On
15:32: Warning: Windows Messenger Shield: Could not open Messenger Service. Error: The specified service does not exist as an installed service
15:32: Warning: Windows Messenger Shield: Could not open Messenger Service. Error: The specified service does not exist as an installed service
15:32: Warning: Windows Messenger Shield: Could not open Messenger Service. Error: The specified service does not exist as an installed service
15:32: Warning: Windows Messenger Shield: Could not open Messenger Service. Error: The specified service does not exist as an installed service
ActiveX Shield: On
Windows Messenger Service Shield: On
IE Favorites Shield: On
Spy Installation Shield: On
Memory Shield: On
IE Hijack Shield: On
IE Tracking Cookies Shield: Off
15:32: Shield States
15:32: Spyware Definitions: 734
15:32: Spy Sweeper 5.0.7.1608 started
15:32: Spy Sweeper 5.0.7.1608 started
15:32: | Start of Session, dimanche 29 octobre 2006 |
********

16:51: Removal process completed. Elapsed time 00:00:22
16:51: Preparing to restart your computer. Please wait...

16:51: Warning: Failed to delete profile shadow file "C:\WINDOWS\Temp\SST100.tmp". Reason: The system cannot find the file specified
16:51: Warning: Failed to delete profile shadow file ".log". Reason: The system cannot find the file specified

16:51: Warning: Failed to delete profile shadow file "C:\WINDOWS\Temp\SST100.tmp". Reason: The system cannot find the file specified
16:51: Warning: Failed to delete profile shadow file ".log". Reason: The system cannot find the file specified

16:51: Quarantining All Traces: xiti cookie
16:51: Quarantining All Traces: weborama cookie
16:51: Quarantining All Traces: tradedoubler cookie
16:51: Quarantining All Traces: passion cookie
16:51: Quarantining All Traces: 2o7.net cookie
16:51: Quarantining All Traces: zedo cookie
16:51: Quarantining All Traces: bluestreak cookie
16:51: Quarantining All Traces: adtech cookie
16:51: Quarantining All Traces: yieldmanager cookie
16:51: Quarantining All Traces: tribalfusion cookie
16:51: Quarantining All Traces: serving-sys cookie
16:51: Quarantining All Traces: partypoker cookie
16:51: Quarantining All Traces: bs.serving-sys cookie
16:51: Quarantining All Traces: adultfriendfinder cookie
16:51: Quarantining All Traces: 3 cookie
16:51: Quarantining All Traces: vs toolbar
16:51: Quarantining All Traces: altnet
16:51: Quarantining All Traces: maxifiles

16:51: Quarantining All Traces: trojan-vbstat-c
16:51: c:\documents and settings\brice\local settings\application data\microsoft\messenger\hernandezbrice850@hotmail.com\sharingmetadata\andre_hernandez@hotmail.com\dfsr\staging\cs{52822105-0a7e-4f1b-7c4a-24be9b1cccd9}\64\440-{b471509e-9d55-462b-b515-d51f9af11eed}-v64-{b471509e-9d55-462b-b515-d51f9af11eed}-v440-partial.frx is in use. It will be removed on reboot.
16:51: potentially rootkit-masked files is in use. It will be removed on reboot.

16:51: Quarantining All Traces: potentially rootkit-masked files
16:51: Quarantining All Traces: trojan-downloader-zlob
16:51: Quarantining All Traces: trojan agent winlogonhook

16:51: Quarantining All Traces: virtumonde

16:51: Removal process initiated

16:48: Traces Found: 29
16:48: Full Sweep has completed. Elapsed time 01:06:31

16:48: File Sweep Complete, Elapsed Time: 01:07:21

Not enough storage is available to process this command
16:46: Warning: Unable to sweep compressed file: System Error. Code: 8.

16:44: c:\documents and settings\brice\local settings\application data\microsoft\messenger\hernandezbrice850@hotmail.com\sharingmetadata\andre_hernandez@hotmail.com\dfsr\staging\cs{52822105-0a7e-4f1b-7c4a-24be9b1cccd9}\64\440-{b471509e-9d55-462b-b515-d51f9af11eed}-v64-{b471509e-9d55-462b-b515-d51f9af11eed}-v440-partial.frx (ID = 0)
16:44: Found System Monitor: potentially rootkit-masked files

16:13: C:\VundoFix Backups\services.dll.bad (ID = 320790)

15:46: C:\System Volume Information\_restore{b8ae83f1-b9b4-4910-98a8-baa18d0abf79}\RP16\A0017776.dll (ID = 320790)
15:46: Found Adware: maxifiles

15:41: Starting File Sweep
15:41: Cookie Sweep Complete, Elapsed Time: 00:00:00
15:41: c:\documents and settings\brice\cookies\brice@zedo[2].txt (ID = 3762)
15:41: c:\documents and settings\brice\cookies\brice@xiti[1].txt (ID = 3717)
15:41: Found Spy Cookie: xiti cookie
15:41: c:\documents and settings\brice\cookies\brice@weborama[2].txt (ID = 3658)
15:41: Found Spy Cookie: weborama cookie
15:41: c:\documents and settings\brice\cookies\brice@tribalfusion[1].txt (ID = 3589)
15:41: c:\documents and settings\brice\cookies\brice@tradedoubler[2].txt (ID = 3575)
15:41: Warning: Windows Messenger Shield: Could not open Messenger Service. Error: The specified service does not exist as an installed service
15:41: Found Spy Cookie: tradedoubler cookie
15:41: Warning: Windows Messenger Shield: Could not open Messenger Service. Error: The specified service does not exist as an installed service
15:41: c:\documents and settings\brice\cookies\brice@serving-sys[2].txt (ID = 3343)
15:41: Warning: Windows Messenger Shield: Could not open Messenger Service. Error: The specified service does not exist as an installed service
15:41: c:\documents and settings\brice\cookies\brice@passion[2].txt (ID = 3113)
15:41: Found Spy Cookie: passion cookie
15:41: c:\documents and settings\brice\cookies\brice@msnportal.112.2o7[1].txt (ID = 1958)
15:41: Found Spy Cookie: 2o7.net cookie
15:41: c:\documents and settings\brice\cookies\brice@c5.zedo[2].txt (ID = 3763)
15:41: Found Spy Cookie: zedo cookie
15:41: c:\documents and settings\brice\cookies\brice@bluestreak[2].txt (ID = 2314)
15:41: Found Spy Cookie: bluestreak cookie
15:41: c:\documents and settings\brice\cookies\brice@adultfriendfinder[2].txt (ID = 2165)
15:41: c:\documents and settings\brice\cookies\brice@adtech[2].txt (ID = 2155)
15:41: Found Spy Cookie: adtech cookie
15:41: c:\documents and settings\brice\cookies\brice@ad.yieldmanager[1].txt (ID = 3751)
15:41: Found Spy Cookie: yieldmanager cookie
15:41: c:\documents and settings\brice\cookies\brice@a.tribalfusion[1].txt (ID = 3590)
15:41: Found Spy Cookie: tribalfusion cookie
15:41: c:\documents and settings\andre\cookies\andre@serving-sys[1].txt (ID = 3343)
15:41: Found Spy Cookie: serving-sys cookie
15:41: c:\documents and settings\andre\cookies\andre@partypoker[2].txt (ID = 3111)
15:41: Found Spy Cookie: partypoker cookie
15:41: c:\documents and settings\andre\cookies\andre@bs.serving-sys[1].txt (ID = 2330)
15:41: Found Spy Cookie: bs.serving-sys cookie
15:41: c:\documents and settings\andre\cookies\andre@adultfriendfinder[2].txt (ID = 2165)
15:41: Found Spy Cookie: adultfriendfinder cookie
15:41: c:\documents and settings\andre\cookies\andre@85.17.3[1].txt (ID = 1960)
15:41: Found Spy Cookie: 3 cookie
15:41: Starting Cookie Sweep
15:41: Registry Sweep Complete, Elapsed Time:00:00:18
1
15:41: HKU\WRSS_Profile_S-1-5-21-484763869-789336058-854245398-1008\software\microsoft\windows\currentversion\ext\stats\{a43385f0-7113-496d-96d7-b9b550e3fcca}\iexplore\ (ID = 1782101)
15:41: Found Trojan Horse: trojan-downloader-zlob

15:41: HKU\WRSS_Profile_S-1-5-21-484763869-789336058-854245398-1008\software\microsoft\internet explorer\toolbar\webbrowser\ || {821f87ff-8245-4972-9e28-732e92ec2f51} (ID = 1722070)
15:41: Found Adware: vs toolbar
15:41: HKLM\software\microsoft\mssmgr\ (ID = 1776755)
15:41: Found Trojan Horse: trojan agent winlogonhook
15:41: HKLM\software\microsoft\windows\currentversion\explorer\browser helper objects\{1daefcb9-06c8-47c6-8f20-3fb54b244daa}\ (ID = 1738180)
15:41: Found Trojan Horse: trojan-vbstat-c
15:41: HKLM\software\nsis\media\ (ID = 1571094)
15:41: Found Trojan Horse: nsis media extension
15:41: HKLM\software\microsoft\dstr5\ (ID = 1511570)
15:41: Found Adware: virtumonde
15:41: HKCR\clsid\{21217018-459b-44a8-9ce0-d566c4d24137}\ (ID = 103464)
15:41: Found Adware: altnet
15:41: Starting Registry Sweep
15:41: Memory Sweep Complete, Elapsed Time: 00:02:08

15:38: Starting Memory Sweep

15:38: Sweep initiated using definitions version 790
15:38: Spy Sweeper 5.0.7.1608 started
15:38: | Start of Session, dimanche 29 octobre 2006 |
********

bon je suis desespere je croi ke je vai formater lordi
merci comme meme pour tou votr patience

esteban54 je vois ke tu es present et ke ta resoolu bcp de problem rapidemen peut u voir mon log stp
merci car vraimen je desespere

j'ai fais beaucoup de nettoyage vs pouvez verrifer si c'est clean mtn?

Logfile of HijackThis v1.99.1
Scan saved at 20:46:57, on 05/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\S24EvMon.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\SYSTEM32\HPZipm12.exe
C:\WINDOWS\system32\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZCfgSvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\1XConfig.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Brice\Desktop\scanner.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SMSystemAnalyzer] "C:\Program Files\iolo\System Mechanic Professional 6\SMSystemAnalyzer.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.ca...
O16 - DPF: {5D8844F9-1CB8-11D2-A0A0-00600859EB9F} (PatchCtl Class) - file://C:\Program Files\EA SPORTS\FIFA 2004\update.1.1\patchx2.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {8C09CA2F-E2FF-4BBB-ACD5-9AFCDC9FC16C} (PGameASPX.PGameControl) - http://powlin.no-ip.org:81/PGameASPX.CAB
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs:
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: Sebring - C:\WINDOWS\system32\LgNotify.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iolo System Guard (IOLO_SRV) - Unknown owner - C:\Program Files\iolo\System Mechanic Professional 6\IoloSGCtrl.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\system32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe

Ca me semble Ok.

merci beacoup pour ta réponse g enfi néttoyer mon ordi