apparition Drive clean et autre antivirus

Bonjour

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
http://www.atribune.org/ccount/click.php?id=4

* Double-clique VundoFix.exe afin de le lancer.
* Lorsque l'outil se lance à nouveau, clique sur le bouton Scan for Vundo
* Clique sur le bouton Scan for Vundo.
* Lorsque le scan est complété, clique sur le bouton Remove Vundo.
* Une invite te demandera si tu veux supprimer les fichiers, clique YES
* Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
* Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown"); clique OK

Démarre ton PC à nouveau.

Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".


Télécharge Combofix.exe (par sUBs) sur ton Bureau
http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Double clique combofix.exe et suis les invites.
Lorsque le scan sera complété, un rapport apparaîtra.

Copie/colle ce rapport dans ta prochaine réponse avec un nouveau HijackThis et le contenu du rapport situé dans C:\vundofix.txt

"Administrateur" - 2007-07-20 9:49:57 - ComboFix 07-07-14.6 - Service Pack 2 NTFS


((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\rrdbshqv.exe
C:\WINDOWS\system32\sysdm.exe


((((((((((((((((((((((((( Files Created from 2007-06-20 to 2007-07-20 )))))))))))))))))))))))))))))))


2007-07-20 09:49 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-20 09:42 <REP> d-------- C:\VundoFix Backups
2007-07-19 13:12 <REP> d-------- C:\Program Files\DAEMON Tools
2007-07-18 20:15 <REP> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\vlc
2007-07-18 18:47 <REP> d-------- C:\WINDOWS\system32\ActiveScan
2007-07-18 18:28 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-07-17 19:42 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2007-07-17 19:25 <REP> d-------- C:\Program Files\Navilog1
2007-07-15 21:43 1,029,887 --------- C:\WINDOWS\system32\mpqss.bak2
2007-07-15 09:43 1,056,324 --------- C:\WINDOWS\system32\mpqss.bak1
2007-07-15 09:34 <REP> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\DAEMON Tools Pro
2007-07-14 19:14 <REP> d-------- C:\Program Files\Lavasoft
2007-07-14 19:14 <REP> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Lavasoft
2007-07-11 19:58 <REP> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Ahead
2007-07-11 14:53 <REP> d-------- C:\Program Files\K!TV
2007-07-09 11:16 <REP> d-------- C:\Program Files\Google
2007-07-09 11:16 <REP> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Google
2007-07-09 10:58 <REP> d-------- C:\Program Files\Memory-Map
2007-07-09 10:58 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2007-07-09 09:51 <REP> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\OpenOffice.org2
2007-07-09 09:50 <REP> d-------- C:\Program Files\OpenOffice.org 2.2
2007-07-08 14:30 472,644 -ra------ C:\WINDOWS\system32\drivers\HCWBT8XX.sys
2007-07-08 14:29 <REP> d-------- C:\Program Files\MeuhMeuhTV
2007-07-08 14:18 94,264 --a------ C:\WINDOWS\system32\hcwi2c32.dll
2007-07-08 14:18 90,174 --a------ C:\WINDOWS\system32\bt848wst.dll
2007-07-08 14:18 524,353 --a------ C:\WINDOWS\system32\HCWTVWND.dll
2007-07-08 14:18 393,216 --a------ C:\WINDOWS\system32\hcwsnbd9.dll
2007-07-08 14:18 36,921 -ra------ C:\WINDOWS\system32\hcwutl32.dll
2007-07-08 14:18 229,432 --a------ C:\WINDOWS\system32\hcwpnp32.dll
2007-07-08 14:18 213,050 --a------ C:\WINDOWS\system32\Hcwchan.dll
2007-07-08 14:18 12,288 --a------ C:\WINDOWS\system32\btgpio32.dll
2007-07-08 14:18 11,264 --a------ C:\WINDOWS\system32\hcwhook.dll
2007-07-08 14:18 106,559 --a------ C:\WINDOWS\system32\Hcwtvdlg.dll
2007-07-08 14:18 <REP> d-------- C:\Program Files\WinTV
2007-07-06 13:57 <REP> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\MMTVConfig
2007-07-06 13:43 49,152 --a------ C:\WINDOWS\system32\ChCfg.exe
2007-07-06 13:43 147,456 --a------ C:\WINDOWS\system32\RtlCPAPI.dll
2007-07-06 13:43 10,528,768 --a------ C:\WINDOWS\system32\RTLCPL.exe
2007-07-06 13:43 <REP> d-------- C:\Program Files\Realtek AC97
2007-07-06 13:08 1,156 --a------ C:\WINDOWS\mozver.dat
2007-07-05 12:55 65,536 --a------ C:\WINDOWS\system32\dmcrypto.dll
2007-07-05 12:55 118,784 --a------ C:\WINDOWS\system32\MSSTDFMT.DLL
2007-07-05 12:55 <REP> d-------- C:\WINDOWS\system32\hauppauge
2007-07-05 12:55 <REP> d-------- C:\Program Files\vtplus
2007-07-05 12:54 <REP> d-------- C:\MyVideos
2007-07-05 12:53 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys
2007-07-05 12:53 54,784 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2007-07-05 12:53 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2007-07-05 12:53 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2007-07-05 12:53 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys
2007-07-05 12:53 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys
2007-07-05 12:53 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys
2007-07-05 12:53 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys
2007-07-02 19:31 <REP> d-------- C:\Program Files\Gabest
2007-07-02 14:13 <REP> d-------- C:\Program Files\PeerTV
2007-07-02 13:50 <REP> d-------- C:\WINDOWS\MaxTV
2007-07-01 16:31 <REP> d-------- C:\Program Files\VideoLAN
2007-07-01 16:30 <REP> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\Media Player Classic
2007-06-30 09:36 <REP> d-------- C:\WINDOWS\system32\FlashAX
2007-06-29 16:17 <REP> d-------- C:\Program Files\e-Carte Bleue
2007-06-29 14:31 108,144 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2007-06-29 14:31 <REP> dr-h----- C:\DOCUME~1\ADMINI~1\APPLIC~1\SecuROM
2007-06-24 18:10 81,768 --a------ C:\WINDOWS\system32\xinput1_3.dll
2007-06-24 18:10 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2007-06-24 18:10 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll
2007-06-24 18:10 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2007-06-24 18:10 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-06-24 18:10 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll
2007-06-24 18:10 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll
2007-06-24 18:10 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2007-06-24 18:10 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2007-06-24 18:10 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2007-06-24 18:10 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2007-06-24 18:10 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2007-06-24 18:10 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2007-06-24 18:10 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll
2007-06-24 18:10 <REP> d-------- C:\WINDOWS\system32\DirectX
2007-06-24 12:48 7,552 --a------ C:\WINDOWS\system32\drivers\SONYPVU1.SYS
2007-06-23 18:30 <REP> d--h----- C:\WINDOWS\$hf_mig$
2007-06-23 17:42 <REP> d-------- C:\DOCUME~1\ADMINI~1\Contacts
2007-06-23 14:53 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2007-06-23 14:53 6,272 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2007-06-23 14:53 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2007-06-23 14:53 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2007-06-23 14:53 5,376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2007-06-23 14:53 4,992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys
2007-06-23 14:53 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2007-06-23 14:53 172,416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2007-06-23 14:53 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2007-06-23 14:52 7,552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys
2007-06-23 14:52 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2007-06-23 14:52 58,496 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-06-23 14:51 77,312 --a------ C:\WINDOWS\system32\usbui.dll
2007-06-23 14:51 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-06-23 14:51 46,464 --a------ C:\WINDOWS\system32\drivers\GAGP30KX.SYS
2007-06-23 14:51 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-06-23 14:51 146,048 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-06-23 14:51 10,624 --a------ C:\WINDOWS\system32\drivers\gameenum.sys
2007-06-23 14:49 970,752 --a------ C:\WINDOWS\NOTEPAD.EXE
2007-06-23 14:49 9,936 --a------ C:\WINDOWS\system\LZEXPAND.DLL


(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-07-11 07:02:11 73,570 ----a-w C:\WINDOWS\system32\perfc00C.dat
2007-07-11 07:02:11 465,206 ----a-w C:\WINDOWS\system32\perfh00C.dat
2007-06-13 19:50:17 43,152 ----a-w C:\WINDOWS\system32\drivers\ativvpxx.vp
2007-06-13 19:25:36 339,968 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
2007-06-13 19:24:32 268,288 ----a-w C:\WINDOWS\system32\ati2dvag.dll
2007-06-13 19:24:13 2,155,520 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-06-13 19:23:23 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
2007-06-13 19:17:37 139,264 ----a-w C:\WINDOWS\system32\atipdlxx.dll
2007-06-13 19:17:26 118,784 ----a-w C:\WINDOWS\system32\Oemdspif.dll
2007-06-13 19:17:18 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
2007-06-13 19:17:12 42,496 ----a-w C:\WINDOWS\system32\ati2edxx.dll
2007-06-13 19:16:59 118,784 ----a-w C:\WINDOWS\system32\ati2evxx.dll
2007-06-13 19:15:39 483,328 ----a-w C:\WINDOWS\system32\ati2evxx.exe
2007-06-13 19:14:51 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
2007-06-13 19:10:33 8,097,792 ----a-w C:\WINDOWS\system32\atioglx2.dll
2007-06-13 19:07:26 2,922,208 ----a-w C:\WINDOWS\system32\ati3duag.dll
2007-06-13 18:57:21 1,512,960 ----a-w C:\WINDOWS\system32\ativvaxx.dll
2007-06-13 18:46:28 5,431,296 ----a-w C:\WINDOWS\system32\atioglxx.dll
2007-06-13 18:43:53 262,144 ----a-w C:\WINDOWS\system32\atikvmag.dll
2007-06-13 18:42:29 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
2007-06-13 18:41:46 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
2007-06-13 18:41:06 50,176 ----a-w C:\WINDOWS\system32\atiok3x2.dll
2007-06-13 18:36:45 368,640 ----a-w C:\WINDOWS\system32\ati2cqag.dll
2007-05-18 01:30:41 972,072 ----a-w C:\WINDOWS\system32\ativva6x.dat
2007-05-18 01:30:41 3,107,788 ----a-w C:\WINDOWS\system32\ativva5x.dat
2007-04-25 14:22:35 144,896 ----a-w C:\WINDOWS\system32\schannel.dll


((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2E03C0FD-4C48-43A7-9A54-00240C70FF16}]
2002-12-20 09:15 69632 --a------ C:\WINDOWS\system32\BhoECart.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30C2A3B1-BC8C-444A-8163-10531C7EFA67}]
C:\WINDOWS\system32\pmkjh.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2007-03-14 03:43 501400 --a------ C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UberIcon"="C:\Program Files\UberIcon\UberIcon Manager.exe" [2005-08-12 20:52]
"Styler"="C:\Program Files\styler\Styler.exe" [2006-05-03 11:48]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2007-01-10 21:59]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"SoundMan"="SOUNDMAN.EXE" [2006-11-17 05:42 C:\WINDOWS\soundman.exe]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-28 16:00]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 14:50]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-04-04 00:29]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"nltide_3"=rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoRemoteRecursiveEvents"=1 (0x1)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"=1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"=1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqpm]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\eCarteBleue-CDE-P3]
C:\Program Files\e-Carte Bleue\Caisse Epargne\Ma e-Carte Bleue\ECB-CDE.exe /dontopenmycards

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalService WebClient LmHosts upnphost SSDPSRV


**************************************************************************

catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-20 09:51:15
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-07-20 9:51:49
C:\ComboFix-quarantined-files.txt ... 2007-07-20 09:51

--- E O F ---





VundoFix V6.5.6

Checking Java version...

Scan started at 09:42:26 20/07/2007

Listing files found while scanning....

C:\windows\system32\ehlfmpuy.ini
C:\WINDOWS\system32\gdxqyvwp.dll
C:\windows\system32\hggfdab.dll
C:\WINDOWS\system32\hjkmp.bak1
C:\WINDOWS\system32\hjkmp.bak2
C:\WINDOWS\system32\hjkmp.ini
C:\WINDOWS\system32\ljjgfcd.dll
C:\windows\system32\opnkhed.dll
C:\windows\system32\pkjxmnwu.ini
C:\WINDOWS\system32\pmkjh.dll
C:\windows\system32\qomjgfe.dll
C:\windows\system32\tuvurqo.dll
C:\windows\system32\uwnmxjkp.dll
C:\windows\system32\yixhyrlm.exe
C:\WINDOWS\system32\yupmflhe.dll

Beginning removal...

Attempting to delete C:\windows\system32\ehlfmpuy.ini
C:\windows\system32\ehlfmpuy.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\gdxqyvwp.dll
C:\WINDOWS\system32\gdxqyvwp.dll Has been deleted!

Attempting to delete C:\windows\system32\hggfdab.dll
C:\windows\system32\hggfdab.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\hjkmp.bak1
C:\WINDOWS\system32\hjkmp.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\hjkmp.bak2
C:\WINDOWS\system32\hjkmp.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\hjkmp.ini
C:\WINDOWS\system32\hjkmp.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\ljjgfcd.dll
C:\WINDOWS\system32\ljjgfcd.dll Could not be deleted.

Attempting to delete C:\windows\system32\opnkhed.dll
C:\windows\system32\opnkhed.dll Has been deleted!

Attempting to delete C:\windows\system32\pkjxmnwu.ini
C:\windows\system32\pkjxmnwu.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\pmkjh.dll
C:\WINDOWS\system32\pmkjh.dll Has been deleted!

Attempting to delete C:\windows\system32\qomjgfe.dll
C:\windows\system32\qomjgfe.dll Has been deleted!

Attempting to delete C:\windows\system32\tuvurqo.dll
C:\windows\system32\tuvurqo.dll Has been deleted!

Attempting to delete C:\windows\system32\uwnmxjkp.dll
C:\windows\system32\uwnmxjkp.dll Has been deleted!

Attempting to delete C:\windows\system32\yixhyrlm.exe
C:\windows\system32\yixhyrlm.exe Could not be deleted.

Attempting to delete C:\WINDOWS\system32\yupmflhe.dll
C:\WINDOWS\system32\yupmflhe.dll Could not be deleted.

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete C:\WINDOWS\system32\ljjgfcd.dll
C:\WINDOWS\system32\ljjgfcd.dll Has been deleted!

Attempting to delete C:\windows\system32\yixhyrlm.exe
C:\windows\system32\yixhyrlm.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\yupmflhe.dll
C:\WINDOWS\system32\yupmflhe.dll Has been deleted!

Performing Repairs to the registry.
Done!



Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 09:53, on 20/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\UberIcon\UberIcon Manager.exe
C:\Windows\System32\VisualTaskTips.exe
C:\Program Files\styler\Styler.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Windows Sidebar\sidebar.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Administrateur\Bureau\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: (no name) - {30C2A3B1-BC8C-444A-8163-10531C7EFA67} - C:\WINDOWS\system32\pmkjh.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"
O4 - HKLM\..\Run: [Styler] C:\Program Files\styler\Styler.exe
O4 - HKLM\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {428088E0-96DB-4960-99D5-3C809C5A7D74} (GamOnUpdate Control) - http://www.wcgzone.com/GamOnUpdate.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} - http://download.sopcast.com/download/SOPCORE.CAB
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O20 - Winlogon Notify: ssqpm - C:\WINDOWS\
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing)
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe

--
End of file - 7029 bytes

Mercii !!!
Apparement je n'ai plus de pub et la vitesse de mon navigateur est redevenu normal.

1000 fois merci!

C'est mieux, mais ce n'est pas fini.


Relance un scan HijackThis et coche les lignes ci-dessous :

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (file missing)
O2 - BHO: (no name) - {30C2A3B1-BC8C-444A-8163-10531C7EFA67} - C:\WINDOWS\system32\pmkjh.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O16 - DPF: {428088E0-96DB-4960-99D5-3C809C5A7D74} (GamOnUpdate Control) - http://www.wcgzone.com/GamOnUpdate.cab
O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} - http://download.sopcast.com/download/SOPCORE.CAB
O20 - Winlogon Notify: ssqpm - C:\WINDOWS\

Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »


Télécharge OTMoveIt (de Old_Timer) sur ton Bureau.
http://download.bleepingcomputer.com/oldtimer/OTMoveIt....
Double-clique sur OTMoveIt.exe pour le lancer.
Copie la liste qui se trouve ci-dessous, et colle-la dans le cadre de gauche de OTMoveIt  aste List of Files/Folders to be moved.

C:\WINDOWS\system32\mpqss.bak2
C:\WINDOWS\system32\mpqss.bak1

Clique sur MoveIt! pour lancer la suppression.
Le résultat apparaitra dans le cadre Results.
Clique sur Exit pour fermer.

Il te sera peut-être demander de redémarrer le PC pour achever la suppression. Si c'est le cas accepte par Yes.


Fais une analyse antivirus en ligne sur Kaspersky
http://webscanner.kaspersky.fr/
Clique sur Démarrer Online Scanner.
Sélectionne le poste de travail comme analyse.

Colle son rapport ici avec le rapport situé dans C:\_OTMoveIt\MovedFiles.



Quel est ton antivirus ?