drivecleaner et autres virus (résolu) BRAVO ANGELDARK!

il faut que tu expliques ton probleme maintenant ! angeldark et ses amis arrivent a ton secours ! moi je suis pas assez caller

Bonjour,
Télécharger
- AVG Anti-Spyware (téléchargement : cliquer ICI
---------------------------------------------------------
- Spybot (téléchargement : cliquer ICI
=>Démo animée: cliquer ICI
---------------------------------------------------------
- Ccleaner : cliqer ICI
- TUTO :cliqer ICI
---------------------------------------------------------
Puis télécharge
- Hijackthis : clique ICI
Renomme le "clique droit renommer " en scanner.exe
Puis lance le
->clique sur Do a system scan and save a logfile
Une fois fini un rapport auras été créé copie tous le rapport est poste le sur le forum

FIX
C:\WINDOWS\SYSTEM\ZGXAIMP.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts [...] ch&ap=b204
O4 - HKLM\..\Run: [zgxaimp] c:\windows\system\zgxaimp.exe
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/121df6 [...] 601_fr.cab
O16 - DPF: {CB5D474E-A510-40A4-B5A4-838933BCBA64} - http://es6-scripts.dlv4.com/binari [...] 4_1065.cab
O16 - DPF: {FA1D6D8F-C6ED-4752-8512-A33283240130} - http://es6-scripts.dlv4.com/binari [...] 4_1066.cab
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://cdn.downloadcontrol.com/fil [...] all_fr.cab

Oui relance un scan une fois le scan fini clique sur les case correspondent a c'est ligne puis refait un scan hijackthis

Fait ctrl+alt+sup quand tu est en mode sans echec puis le processuce ZGXAIMP.EXE tu fait clique droit terminer puis tu vas dans ton disque dur dans le dossier la C:\WINDOWS\SYSTEM\ puis suprime ZGXAIMP.EXE
Puis dans hijackthis fix c'est ligne
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts [...] ch&ap=b204

O4 - HKLM\..\Run: [zgxaimp] c:\windows\system\zgxaimp.exe

Je me suis mis en mode sans echec, j'ai fait ctrl+alt+sup mais je ne comprends pas ce que tu entends par "puis le processuce ZGXAIMP.EXE ". En tout cas, cela n'apparaît pas . Tu peux m'en dire un peu plus?

Mais où se trouve cette icone?

J'ai réessayé mais qd je fais ctrl+alt+sup j'ai une fenêtre qui s'ouvre;à l'intérieur, la seule chose qui est mentionnée c'est "explorer" et dans la partie grise j'ai le choix entre "fin de tâche", "arrêter" ou "annuler"...

Bon... Je fais une pause. Je reprendrai plus tard. En tout cas merci pour ton soutien!

J'essaye d'aider

Merci Angeldark!

2 questions:

1) c c'est le bureau?
2) Comment s'y prend-on pour décompresser un fichier?

Ok. Entre 7zip, winzip etc... quel est le plus simple d'utilisation et où se le procurer?

Bon... J'ai bien respecté toute la procédure à ceci près que je n'ai pas pu créer de nouveau dossier au sein du poste de travail. Mon dossier bfu est donc resté sur le bureau...
Par ailleurs, je ne trouve rien (ni dans le poste de travail, ni sur le bureau) qui me permette de t'envoyer le deuxième rapport (cegd.txt).

En attendant, voici celui d'hijackthis.

Logfile of HijackThis v1.99.1
Scan saved at 13:55:11, on 03/01/07
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.00 (5.00.2919.6304)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\HIDSERV.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\CPQEADM.EXE
C:\COMPAQ\CPQINET\CPQINET.EXE
C:\PROGRAM FILES\COMPAQ\DIGITAL DASHBOARD\DEVGULP.EXE
C:\WINDOWS\TASKMON.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\BTTNSERV.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\LVCOMS.EXE
C:\PROGRAM FILES\FICHIERS COMMUNS\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\SYSTEM\ZGXAIMP.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGCC.EXE
C:\PROGRAM FILES\WANADOO\TASKBARICON.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGEMC.EXE
C:\PROGRAM FILES\GRISOFT\AVG FREE\AVGAMSVR.EXE
C:\WINDOWS\RunDLL.exe
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\EAUSBKBD.EXE
C:\PROGRAM FILES\FICHIERS COMMUNS\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\ADOBE\ACROBAT 4.0\READER\ACRORD32.EXE
C:\WINDOWS\BUREAU\SCANNER.EXE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.wanadoo.fr/go/page_recherche/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.presario.net/scripts [...] ch&ap=b204
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.fr.msn.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\WANADOO\SEARCH~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1036,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button Support\cpqeadm.exe
O4 - HKLM\..\Run: [EACLEAN] C:\Program Files\Compaq\Easy Access Button Support\eaclean.exe
O4 - HKLM\..\Run: [CPQInet] c:\compaq\CPQInet\CpqInet.exe
O4 - HKLM\..\Run: [Digital Dashboard] C:\Program Files\Compaq\Digital Dashboard\DevGulp.exe
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [LVComs] C:\WINDOWS\SYSTEM\LVComS.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [zgxaimp] c:\windows\system\zgxaimp.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGCC.EXE /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGEMC.EXE
O4 - HKLM\..\Run: [AVG7_AMSVR] C:\PROGRA~1\GRISOFT\AVGFRE~1\AVGAMSVR.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [Hidserv] Hidserv.exe run
O4 - HKLM\..\RunServices: [HC Reminder] hc.exe
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRAM FILES\WANADOO\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - Startup: Rappels du Calendrier Microsoft Works.lnk = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/121df6 [...] 601_fr.cab
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://cdn.downloadcontrol.com/fil [...] all_fr.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IncrediMail) - http://www2.incredimail.com/conten [...] loader.cab
O16 - DPF: {FDA26383-C0CF-4D32-AC37-769D7E14581F} - http://es6-scripts.dlv4.com/binari [...] 4_1069.cab

Voici le rapport panda!

Incident Status Location

Adware:Adware/NaviPromo Not disinfected c:\windows\system\zgxaimp.exe
Adware:adware/navipromo Not disinfected c:\windows\system\zgxaimp_navps.dat
Potentially unwanted tool:application/winfixer2005 Not disinfected c:\windows\downloaded program files\UDC6V_0001_D19M0709NetInstaller.exe
Dialerialer.IRK Not disinfected C:\recycled\DC11.DLL
Potentially unwanted tool:Application/InternetGameBox Not disinfected C:\recycled\DC16\InternetGameBox.exe
Spyware:Cookie/Doubleclick Not disinfected C:\Windows\Cookies\anyuser@doubleclick[1].txt
Spyware:Cookie/Zedo Not disinfected C:\Windows\Cookies\anyuser@zedo[2].txt
Spyware:Cookie/Xiti Not disinfected C:\Windows\Cookies\anyuser@xiti[1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Windows\Cookies\anyuser@mediaplex[1].txt
Spyware:Cookie/Weborama Not disinfected C:\Windows\Cookies\anyuser@weborama[2].txt
Spyware:Cookie/Bluestreak Not disinfected C:\Windows\Cookies\anyuser@bluestreak[2].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Windows\Cookies\anyuser@drivecleaner[1].txt
Spyware:Cookie/Winantivirus Not disinfected C:\Windows\Cookies\anyuser@winantivirus[2].txt
Spyware:Cookie/Reliablestats Not disinfected C:\Windows\Cookies\anyuser@stats1.reliablestats[2].txt
Spyware:Cookie/Casinotropez Not disinfected C:\Windows\Cookies\anyuser@casinotropez[1].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Windows\Cookies\anyuser@stats.drivecleaner[2].txt
Spyware:Cookie/FastClick Not disinfected C:\Windows\Cookies\anyuser@fastclick[1].txt
Spyware:Cookie/Advertising Not disinfected C:\Windows\Cookies\anyuser@advertising[1].txt
Spyware:Cookie/Tradedoubler Not disinfected C:\Windows\Cookies\anyuser@tradedoubler[2].txt
Spyware:Cookie/RealMedia Not disinfected C:\Windows\Cookies\anyuser@realmedia[1].txt
Spyware:Cookie/RealMedia Not disinfected C:\Windows\Cookies\anyuser@247realmedia[1].txt
Potentially unwanted tool:Application/SystemDoctor2006 Not disinfected C:\Windows\Downloaded Program Files\USDR6V_0001_D18M3107NetInstaller.exe
Potentially unwanted tool:Application/Winantivirus2006 Not disinfected C:\Mes documents\ErrorSafeFrenchNewReleaseInstall.exe

Je me répète mais... merci d'être toujours présent. Vraiment!

Voici le rapport killbox:

Pocket Killbox version 2.0.0.648
Running on Windows 98 as
was started @ jeudi, janvier 04, 2007, 7:09 PM

# 1 [Delete on Reboot]
Path = c:\windows\system\zgxaimp.exe


# 2 [Delete on Reboot]
Path = c:\windows\system\zgxaimp_navps.dat


# 3 [Delete on Reboot]
Path = c:\windows\downloaded program files\UDC6V_0001_D19M0709NetInstaller.exe


# 4 [Delete on Reboot]
Path = C:\Windows\Downloaded Program Files\USDR6V_0001_D18M3107NetInstaller.exe


# 5 [Delete on Reboot]
Path = c:\windows\system\zgxaimp.exe


# 6 [Delete on Reboot]
Path = c:\windows\system\zgxaimp_navps.dat


# 7 [Delete on Reboot]
Path = c:\windows\downloaded program files\UDC6V_0001_D19M0709NetInstaller.exe


# 8 [Delete on Reboot]
Path = C:\Windows\Downloaded Program Files\USDR6V_0001_D18M3107NetInstaller.exe


Killbox Closed(Exit) @ 7:13:43 PM
__________________________________________________

Pocket Killbox version 2.0.0.648
Running on Windows 98 as
was started @ jeudi, janvier 04, 2007, 7:27 PM

Good job... 5 spyware en moins!


Incident Status Location

Adware:adware/navipromo Not disinfected c:\windows\system\zgxaimp_nav.dat
Spyware:Cookie/Xiti Not disinfected C:\Windows\Cookies\labadie alexandre@xiti[1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Windows\Cookies\labadie alexandre@mediaplex[2].txt
Spyware:Cookie/Xiti Not disinfected C:\Windows\Cookies\anyuser@xiti[1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Windows\Cookies\anyuser@mediaplex[2].txt
Spyware:Cookie/Reliablestats Not disinfected C:\Windows\Cookies\anyuser@stats1.reliablestats[1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Windows\Cookies\anyuser@doubleclick[1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Windows\Cookies\anyuser@casalemedia[2].txt
Spyware:Cookie/RealMedia Not disinfected C:\Windows\Cookies\anyuser@realmedia[2].txt
Spyware:Cookie/Systemdoctor Not disinfected C:\Windows\Cookies\anyuser@www.systemdoctor[1].txt
Spyware:Cookie/Systemdoctor Not disinfected C:\Windows\Cookies\anyuser@systemdoctor[2].txt
Potentially unwanted tool:Application/Winantivirus2006 Not disinfected C:\Mes documents\Alexandre LABADIE\ErrorSafeFrenchNewReleaseInstall.exe
Potentially unwanted tool:Application/SystemDoctor2006 Not disinfected C:\!KillBox\USDR6V_0001_D18M3107NetInstaller.exe
Potentially unwanted tool:Application/DriveCleaner Not disinfected C:\!KillBox\UDC6V_0001_D19M0709NetInstaller.exe
Adware:Adware/NaviPromo Not disinfected C:\!KillBox\zgxaimp.exe
Potentially unwanted tool:Application/SystemDoctor2006 Not disinfected C:\!KillBox\USDR6V_0001_D18M3107NetInstaller.exe( 1)
Potentially unwanted tool:Application/DriveCleaner Not disinfected C:\!KillBox\UDC6V_0001_D19M0709NetInstaller.exe( 2)
Adware:Adware/NaviPromo Not disinfected C:\!KillBox\zgxaimp.exe( 4)

Voici le rapport kill boxocket Killbox version 2.0.0.648
Running on Windows 98 as
was started @ jeudi, janvier 04, 2007, 7:09 PM

# 1 [Delete on Reboot]
Path = c:\windows\system\zgxaimp.exe


# 2 [Delete on Reboot]
Path = c:\windows\system\zgxaimp_navps.dat


# 3 [Delete on Reboot]
Path = c:\windows\downloaded program files\UDC6V_0001_D19M0709NetInstaller.exe


# 4 [Delete on Reboot]
Path = C:\Windows\Downloaded Program Files\USDR6V_0001_D18M3107NetInstaller.exe


# 5 [Delete on Reboot]
Path = c:\windows\system\zgxaimp.exe


# 6 [Delete on Reboot]
Path = c:\windows\system\zgxaimp_navps.dat


# 7 [Delete on Reboot]
Path = c:\windows\downloaded program files\UDC6V_0001_D19M0709NetInstaller.exe


# 8 [Delete on Reboot]
Path = C:\Windows\Downloaded Program Files\USDR6V_0001_D18M3107NetInstaller.exe


Killbox Closed(Exit) @ 7:13:43 PM
__________________________________________________

Pocket Killbox version 2.0.0.648
Running on Windows 98 as
was started @ jeudi, janvier 04, 2007, 7:27 PM

Killbox Closed(Exit) @ 7:28:30 PM
__________________________________________________

Pocket Killbox version 2.0.0.648
Running on Windows 98 as
was started @ vendredi, janvier 05, 2007, 10:47 PM

# 1 [Delete on Reboot]
Path = c:\windows\system\zgxaimp_nav.dat


# 2 [Delete on Reboot]
Path = C:\Mes documents\Alexandre LABADIE\ErrorSafeFrenchNewReleaseInstall.exe


Killbox Closed(Exit) @ 10:48:16 PM
__________________________________________________

Pocket Killbox version 2.0.0.648
Running on Windows 98 as
was started @ vendredi, janvier 05, 2007, 10:54 PM

Epatant!

Juste un petit problème: lorsque je vais sur le site tabcrawler (site de partitions musicales) j'ai encore un drivecleaner qui s'affiche...

Bonjour! j'ai une petite question!

J'ai le meme probleme sur mon ordi, j'ai posté sur le forum mais personne ne me repond... C'est la meme chose a suprimé sur tous les ordi ou cela differe selon je sais pas moi? Car j'ai peur de faire une betise

Logfile of HijackThis v1.99.1
Scan saved at 16:03:33, on 06/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HbTools\Bin\4.8.2.0\HbtOEAddOn.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\Hbtools\HBTV\HBTV.exe
C:\Program Files\HbTools\Bin\4.8.2.0\HbtWeatherOnTray.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\ScreenMates\Felix II\Fr\Felix2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Philips Photo Manager\FunCam\Philips FunCam Monitor.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CCleaner\ccleaner.exe
C:\Program Files\HbTools\Bin\4.8.2.0\HbtSrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Documents and Settings\Propriétaire\Mes documents\Mes images\diver logisiel\anti virus\Scanner.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.co.uk/0SEENWW/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: TVEngine Helper /fleok=1D8A83A5C2E6107C91A475760EA83FA5EF80752B94E2DF7B55784E283BC2 - {4B18DD50-C996-44fc-AC52-0FECFF82ED58} - c:\program files\hbtools\hbtv\hbtvhelper.dll
O2 - BHO: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.8.2.0\HbtHostIE.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.8.2.0\HbtHostIE.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [UpdateManager] "c:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HbTools] C:\Program Files\HbTools\Bin\4.8.2.0\HbtOEAddOn.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [ReJf5vH] C:\WINDOWS\vbbrycg.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe
O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\HbTools\Bin\4.8.2.0\HbtWeatherOnTray.exe
O4 - HKLM\..\Run: [fbmmkwww] C:\WINDOWS\system32\sxoujqtf.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [Felix II] C:\Program Files\ScreenMates\Felix II\Fr\Felix2.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Philips FunCam Monitor.lnk = C:\Program Files\Philips Photo Manager\FunCam\Philips FunCam Monitor.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolb [...] xmk879YYFR
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-ww\msntabres.dll.mui/229?7336fe88beba4a24b0c3ad909ccbf9db
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-ww\msntabres.dll.mui/230?7336fe88beba4a24b0c3ad909ccbf9db
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/n [...] 0.0.15.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.ya [...] urrent.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by15fd.bay15.hotmail.msn.co [...] nPUpld.cab
O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (HbtInstObj) - http://installs.hotbar.com/install [...] btools.cab
O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com SpeedUploader 1.0 Control) - http://express.foto.com/SFUploader/SpeedUploader.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Voici le lien de mon sujet! Merci de m'aidé

Merci Callicles, bonne continuation