Help! ordi gravement atteint par virus

Bonjours,

Vous etes atteind virus pas tres grave masi recent quand meme.

Redemarrer en mode sans echec et faites un scan complet avec antivir

Cordialement

bonsoir

master-univers, tu n'as toujours pas compris????

antivir vs Vundo, ça marchera pas!

+++++++++++++++


Luccco

1

~Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
http://www.atribune.org/ccount/click.php?id=4
Double-clique VundoFix.exe afin de le lancer
Clique sur le bouton Scan for Vundo.
~Lorsque le scan est complété, clique sur le bouton Remove Vundo
Une invite te demandera si tu veux supprimer les fichiers, clique YES
Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK.
~Copie/colle le contenu du rapport situé dans C:\vundofix.txt
Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo

2

Télécharge Combofix de sUBs :
combofix.exe
et sauvegarde le sur ton bureau et pas ailleurs!

Désactive impérativement ton antivirus avant de lancer l'analyse.

Double-clic sur combofix, Il va te poser une question, réponds en appuyant sur la touche1 puis attends que combofix ait terminé, il est possible que ton PC reboot, c’est normal, un rapport sera créé. Poste le rapport.

3

ajoute un nouveau rapport Hijackthis.

TTed  

Merci je le fait tout de suite (désolé je pouvais pas répondre avant).
mrde j'ai des problème d touches clavier en écrvant....

alors voici le rapport de ComboFix:

ComboFix 07-11-19.4 - Administrateur 2007-11-28 6:24:51.3 - NTFSx86
Running from: F:\Documents and Settings\Administrateur\Bureau\ComboFix.exe
.

((((((((((((((((((((((((((((( Fichiers créés 2007-10-28 to 2007-11-28 ))))))))))))))))))))))))))))))))))))
.

2007-11-28 04:41 2,560 --a------ F:\WINDOWS\system32\settings.aaw
2007-11-28 04:41 976 --a------ F:\WINDOWS\system32\history.aaw
2007-11-28 01:16 <REP> dr------- F:\Documents and Settings\LocalService\Favoris
2007-11-28 00:17 70,656 --a--c--- F:\WINDOWS\system32\dllcache\notepad.exe
2007-11-27 20:24 24,576 --a------ F:\WINDOWS\system32\VundoFixSVC.exe
2007-11-27 13:47 <REP> d-------- F:\Documents and Settings\Administrateur\Application Data\Uniblue
2007-11-27 02:07 78,912 --a------ F:\WINDOWS\system32\csospqmt.dll
2007-11-27 02:07 294 ---hs---- F:\WINDOWS\system32\coaruooc.ini
2007-11-26 06:19 6,058,496 -----c--- F:\WINDOWS\system32\dllcache\ieframe.dll
2007-11-26 06:19 2,455,488 -----c--- F:\WINDOWS\system32\dllcache\ieapfltr.dat
2007-11-26 06:19 1,048,576 -----c--- F:\WINDOWS\system32\dllcache\ieframe.dll.mui
2007-11-26 06:19 383,488 -----c--- F:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-11-26 06:19 267,776 -----c--- F:\WINDOWS\system32\dllcache\iertutil.dll
2007-11-26 06:19 63,488 -----c--- F:\WINDOWS\system32\dllcache\icardie.dll
2007-11-26 06:19 13,824 -----c--- F:\WINDOWS\system32\dllcache\ieudinit.exe
2007-11-26 06:17 <REP> d-------- F:\WINDOWS\system32\fr-fr
2007-11-26 03:21 23,040 -----c--- F:\WINDOWS\system32\dllcache\fltmc.exe
2007-11-26 03:15 <REP> dr------- F:\Documents and Settings\NetworkService\Favoris
2007-11-26 03:06 <REP> d-------- F:\Program Files\MSXML 4.0
2007-11-26 02:10 80,960 --a------ F:\WINDOWS\system32\hmblmbct.dll
2007-11-26 02:04 294 ---hs---- F:\WINDOWS\system32\mwitegpc.ini
2007-11-26 02:04 143 --a------ F:\WINDOWS\system32\mcrh.tmp
2007-11-26 01:57 27,200 --a------ F:\WINDOWS\system32\aQLvs2F5.exe
2007-11-26 01:21 <REP> d-------- F:\VundoFix Backups
2007-11-25 05:15 <REP> d-------- F:\Documents and Settings\All Users\Application Data\Lavasoft
2007-11-25 03:55 <REP> d--h----- F:\WINDOWS\system32\GroupPolicy
2007-11-25 03:10 79,936 --a------ F:\WINDOWS\system32\vuuuxgiy.dll
2007-11-25 03:08 294 ---hs---- F:\WINDOWS\system32\ujdnvkho.ini
2007-11-23 11:26 <REP> d-------- F:\Documents and Settings\All Users\Application Data\Ahead
2007-11-23 11:26 1,994,752 --------- F:\WINDOWS\UNNeroVision.exe
2007-11-23 11:15 125,184 --a------ F:\WINDOWS\system32\drivers\imagesrv.sys
2007-11-23 11:15 5,504 --a------ F:\WINDOWS\system32\drivers\imagedrv.sys
2007-11-23 11:14 <REP> d-------- F:\Program Files\Fichiers communs\Ahead
2007-11-23 11:14 <REP> d-------- F:\Program Files\Ahead
2007-11-22 14:21 <REP> d--hs---- F:\Documents and Settings\Administrateur\UserData
2007-11-22 01:27 <REP> d-------- F:\Documents and Settings\Administrateur\DoctorWeb
2007-11-21 17:26 <REP> d-------- F:\Documents and Settings\Administrateur\Application Data\Sony Ericsson
2007-11-21 17:00 571,392 --a--c--- F:\WINDOWS\system32\dllcache\tintlgnt.ime
2007-11-21 17:00 185,344 --a--c--- F:\WINDOWS\system32\dllcache\thawbrkr.dll
2007-11-21 17:00 46,592 --a--c--- F:\WINDOWS\system32\dllcache\svcext51.dll
2007-11-21 17:00 31,232 --a--c--- F:\WINDOWS\system32\dllcache\tools.dll
2007-11-21 17:00 21,896 --a--c--- F:\WINDOWS\system32\dllcache\tdipx.sys
2007-11-21 17:00 19,464 --a--c--- F:\WINDOWS\system32\dllcache\tdspx.sys
2007-11-21 17:00 13,192 --a--c--- F:\WINDOWS\system32\dllcache\tdasync.sys
2007-11-21 17:00 10,752 --a--c--- F:\WINDOWS\system32\dllcache\smtpapi.dll
2007-11-21 17:00 10,240 --a--c--- F:\WINDOWS\system32\dllcache\tmigrate.dll
2007-11-21 16:59 31,744 --a--c--- F:\WINDOWS\system32\dllcache\pagecnt.dll
2007-11-21 16:58 53,248 --a--c--- F:\WINDOWS\system32\dllcache\nextlink.dll
2007-11-21 16:58 45,056 --a--c--- F:\WINDOWS\system32\dllcache\nsepm.dll
2007-11-21 16:57 257,024 --a--c--- F:\WINDOWS\system32\dllcache\infocomm.dll
2007-11-21 16:57 145,408 --a--c--- F:\WINDOWS\system32\dllcache\iische51.dll
2007-11-21 16:57 60,928 --a--c--- F:\WINDOWS\system32\dllcache\iisclex4.dll
2007-11-21 16:57 25,088 --a--c--- F:\WINDOWS\system32\dllcache\iisadmin.dll
2007-11-21 16:57 23,040 --a--c--- F:\WINDOWS\system32\dllcache\lpdsvc.dll
2007-11-21 16:57 19,456 --a--c--- F:\WINDOWS\system32\dllcache\lprmon.dll
2007-11-21 16:57 19,456 --a--c--- F:\WINDOWS\system32\dllcache\iiscrmap.dll
2007-11-21 16:57 13,312 --a--c--- F:\WINDOWS\system32\dllcache\lonsint.dll
2007-11-21 16:56 10,096,640 --a--c--- F:\WINDOWS\system32\dllcache\hwxcht.dll
2007-11-21 16:56 268,288 --a--c--- F:\WINDOWS\system32\dllcache\httpext.dll
2007-11-21 16:56 62,464 --a--c--- F:\WINDOWS\system32\dllcache\httpod51.dll
2007-11-21 16:56 8,192 --a--c--- F:\WINDOWS\system32\dllcache\httpmb51.dll
2007-11-21 16:56 6,144 --a--c--- F:\WINDOWS\system32\dllcache\ftlx041e.dll
2007-11-21 16:55 198,656 --a--c--- F:\WINDOWS\system32\dllcache\cintime.dll
2007-11-21 16:55 173,568 --a--c--- F:\WINDOWS\system32\dllcache\chtskf.dll
2007-11-21 16:55 97,792 --a--c--- F:\WINDOWS\system32\dllcache\chtmbx.dll
2007-11-21 16:55 57,856 --a--c--- F:\WINDOWS\system32\dllcache\esuimgd.dll
2007-11-21 16:55 56,320 --a--c--- F:\WINDOWS\system32\dllcache\chtskdic.dll
2007-11-21 16:55 45,568 --a--c--- F:\WINDOWS\system32\dllcache\esunid.dll
2007-11-21 16:55 33,792 --a--c--- F:\WINDOWS\system32\dllcache\controt.dll
2007-11-21 16:55 31,744 --a--c--- F:\WINDOWS\system32\dllcache\esucmd.dll
2007-11-21 16:55 25,856 --a--c--- F:\WINDOWS\system32\dllcache\et4000.sys
2007-11-21 16:55 24,064 --a--c--- F:\WINDOWS\system32\dllcache\compfilt.dll
2007-11-21 16:55 21,504 --a--c--- F:\WINDOWS\system32\dllcache\cintlgnt.ime
2007-11-21 16:55 20,480 --a--c--- F:\WINDOWS\system32\dllcache\counters.dll
2007-11-21 16:54 2,134,528 --a--c--- F:\WINDOWS\system32\dllcache\smtpsnap.dll
2007-11-21 16:54 189,440 --a--c--- F:\WINDOWS\system32\dllcache\smtpadm.dll
2007-11-21 16:54 54,528 --a--c--- F:\WINDOWS\system32\dllcache\cap7146.sys
2007-11-21 16:54 45,568 --a--c--- F:\WINDOWS\system32\dllcache\browscap.dll
2007-11-21 16:54 16,384 --a--c--- F:\WINDOWS\system32\dllcache\tcptsat.dll
2007-11-21 16:54 8,192 --a--c--- F:\WINDOWS\system32\dllcache\staxmem.dll
2007-11-21 16:53 281,600 --a--c--- F:\WINDOWS\system32\dllcache\certwiz.ocx
2007-11-21 16:53 184,435 --a--c--- F:\WINDOWS\system32\dllcache\fp4amsft.dll
2007-11-21 16:53 96,768 --a--c--- F:\WINDOWS\system32\dllcache\certmap.ocx
2007-11-21 16:53 78,336 --a--c--- F:\WINDOWS\system32\dllcache\logui.ocx
2007-11-21 16:53 77,824 --a--c--- F:\WINDOWS\system32\dllcache\cnfgprts.ocx
2007-11-21 16:53 47,104 --a--c--- F:\WINDOWS\system32\dllcache\coadmin.dll
2007-11-21 16:53 20,540 --a--c--- F:\WINDOWS\system32\dllcache\author.dll
2007-11-21 16:53 20,536 --a--c--- F:\WINDOWS\system32\dllcache\shtml.dll
2007-11-21 16:45 221,184 --a------ F:\WINDOWS\system32\wmpns.dll
2007-11-21 16:41 749 -rah----- F:\WINDOWS\system32\wuaucpl.cpl.manifest
2007-11-21 16:41 488 -rah----- F:\WINDOWS\system32\logonui.exe.manifest
2007-11-21 16:37 42,577 --a--c--- F:\WINDOWS\system32\dllcache\bckgzm.exe
2007-11-21 16:37 42,575 --a--c--- F:\WINDOWS\system32\dllcache\chkrzm.exe
2007-11-21 16:37 42,573 --a--c--- F:\WINDOWS\system32\dllcache\shvlzm.exe
2007-11-21 16:37 42,573 --a--c--- F:\WINDOWS\system32\dllcache\hrtzzm.exe
2007-11-21 16:37 36,937 --a--c--- F:\WINDOWS\system32\dllcache\zclientm.exe
2007-11-21 16:23 20,992 --a------ F:\WINDOWS\system32\drivers\RTL8139.sys
2007-11-21 16:16 24,661 --a------ F:\WINDOWS\system32\spxcoins.dll
2007-11-21 16:16 13,312 --a------ F:\WINDOWS\system32\irclass.dll
2007-11-21 16:15 1,897,850 --a--c--- F:\WINDOWS\system32\dllcache\NT5.CAT

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-26 07:06 80,960 ----a-w F:\WINDOWS\system32\pygsngvh.dll
2007-11-25 10:15 --------- d-----w F:\Program Files\Lavasoft
2007-11-23 03:38 --------- d-----w F:\Program Files\vanBasco's Karaoke Player
2007-11-23 03:15 --------- d-----w F:\Program Files\Winamp
2007-11-23 01:54 --------- d-----w F:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-22 20:06 --------- d-----w F:\Program Files\Fichiers communs\Wise Installation Wizard
2007-11-22 19:46 79,936 ----a-w F:\WINDOWS\system32\njtojvfn.dll
2007-11-21 22:45 --------- d-----w F:\Program Files\BAR
2007-11-17 18:35 --------- d-----w F:\Program Files\eMule
2007-11-17 07:31 --------- d-----w F:\Program Files\Fichiers communs\Real
2007-11-17 07:12 --------- d-----w F:\Program Files\Real
2007-11-16 03:29 --------- d-----w F:\Program Files\Creative
2007-11-13 03:24 --------- d-----w F:\Program Files\Fichiers communs\Adobe
2007-11-12 22:56 --------- d-----w F:\Program Files\ABBYY FineReader 8.0 Professional Edition
2007-11-12 06:04 --------- d-----w F:\Program Files\ScanView
2007-11-12 06:03 --------- d-----w F:\Program Files\Restorer2000 Professional
2007-11-12 06:02 --------- d-----w F:\Program Files\QuickTime
2007-11-12 05:58 --------- d-----w F:\Program Files\PhoneTools
2007-11-12 05:53 --------- d-----w F:\Program Files\Monkey's Audio
2007-11-12 05:52 --------- d-----w F:\Program Files\MemTurbo
2007-11-12 05:39 --------- d-----w F:\Program Files\GetRight
2007-11-12 05:39 --------- d-----w F:\Program Files\Fichiers communs\Teleca Shared
2007-11-12 05:33 --------- d-----w F:\Program Files\ffdshow
2007-11-12 05:26 --------- d-----w F:\Program Files\DVD Flick
2007-11-12 05:26 --------- d-----w F:\Program Files\DVD Decrypter
2007-11-12 05:18 --------- d-----w F:\Program Files\coolpro2
2007-11-12 05:15 --------- d-----w F:\Program Files\CamStudio
2007-10-25 19:24 --------- d-----w F:\Program Files\Java
2007-10-23 17:25 --------- d-----w F:\Program Files\Medical Databases
2007-10-23 17:25 --------- d-----w F:\Documents and Settings\J.J. Dupont\Application Data\FileMaker
2007-10-22 18:20 --------- d-----w F:\Documents and Settings\J.J. Dupont\Application Data\Uniblue
2007-10-22 18:19 --------- d-----w F:\Program Files\Uniblue
2007-10-17 08:32 --------- d-----w F:\Documents and Settings\All Users\Application Data\Apple Computer
2007-10-17 08:31 --------- d-----w F:\Program Files\Apple Software Update
2007-10-17 08:31 --------- d-----w F:\Documents and Settings\All Users\Application Data\Apple
2007-10-13 04:54 --------- d-----w F:\Program Files\Womble MPEG Editor
2007-10-10 22:58 --------- d-----w F:\Program Files\UnH Solutions
2007-10-10 05:44 --------- d--h--w F:\Program Files\InstallShield Installation Information
2007-10-10 05:44 --------- d-----w F:\Program Files\Justdo Software
2007-10-10 05:44 --------- d-----w F:\Program Files\Fichiers communs\Justdo
2004-10-01 19:00 40,960 -c--a-w F:\Program Files\Uninstall_CDS.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{02B39AF8-B98B-4002-8386-5EE894E599A1}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1CC51FAF-B0BD-4E97-AAE2-5F7D2CD632EF}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{21B9FDBF-088D-4F60-93CF-F91AF8A7C231}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{400AF1C5-8BBF-40A8-A5DD-D93B13010A75}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4146F715-8A26-42B9-BDFB-65E1EB04F65B}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{41C1080F-1E00-495B-834D-790D7265EA47}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{47597bc0-74aa-43c1-a19a-cc19253a88e6}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4e3dcaf3-accc-409a-ab80-51e8cf7e1bf1}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{61a6057d-bf6c-4031-90db-be12111ffd6a}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{669293c7-940c-4a33-b39f-b525e3c4ae95}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8C32F27E-14D9-42BC-AC6E-2E3107A016FA}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A0F4FEB6-C91D-4106-A2E2-01CD82FF7DD7}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a189c9cf-b422-4854-b7c0-d18d033327a1}]
2007-11-27 02:07 78912 --a------ F:\WINDOWS\system32\csospqmt.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A4E9D29D-3F0D-4A4E-86FC-6E0B6D501C37}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{B73D2AEF-D5E0-4B98-9FA5-D8050F8EFB31}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{d79e9633-d14e-4f47-be29-7f3809a922b2}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E8551923-C8F8-4BA9-AE93-B8032A146FB6}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FFFA487C-7C04-404D-9DE0-4F187DA57BA1}]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="F:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15:09]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 06:06]
"SunJavaUpdateSched"="F:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"Adobe Reader Speed Launcher"="F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 18:51]
"NeroFilterCheck"="F:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="F:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 15:09]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\genqfquf]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\hvuppwyf]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\kbdsvc]
kbdsvc.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vturpom]
vturpom.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\F:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Synchronizer.lnk]
backup=F:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\F:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
backup=F:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2007-10-10 18:51 39792 --a------ F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BAR]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
F:\Program Files\QuickTime\qttask.exe -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=3 (0x3)

R0 UNPR;UNPR;F:\WINDOWS\system32\unpr.sys
S3 w300bus;Sony Ericsson W300 Driver driver (WDM);F:\WINDOWS\system32\DRIVERS\w300bus.sys
S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter;F:\WINDOWS\system32\DRIVERS\w300mdfl.sys
S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver;F:\WINDOWS\system32\DRIVERS\w300mdm.sys
S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM);F:\WINDOWS\system32\DRIVERS\w300mgmt.sys
S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface;F:\WINDOWS\system32\DRIVERS\w300obex.sys

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-11-20 02:58:57 F:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- F:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-11-28 05:00:45 F:\WINDOWS\Tasks\At1.job"
- F:\WINDOWS\system32\aQLvs2F5.exe
"2007-11-26 06:57:35 F:\WINDOWS\Tasks\At10.job"
- F:\WINDOWS\system32\aQLvs2F5.exe
"2007-11-27 15:01:37 F:\WINDOWS\Tasks\At11.job"
- F:\WINDOWS\system32\aQLvs2F5.exe
"2007-11-27 16:01:25 F:\WINDOWS\Tasks\At12.job"
- F:\WINDOWS\system32\aQLvs2F5.exe
"2007-11-27 17:00:45 F:\WINDOWS\Tasks\At13.job"
- F:\WINDOWS\system32\aQLvs2F5.exe
"2007-11-27 18:00:45 F:\WINDOWS\Tasks\At14.job"
- F:\WINDOWS\system32\aQLvs2F5.exe
"2007-11-27 19:00:48 F:\WINDOWS\Tasks\At15.job"
- F:\WINDOWS\system32\aQLvs2F5.exe
"2007-11-27 20:01:24 F:\WINDOWS\Tasks\At16.job"
- F:\WINDOWS\system32\aQLvs2F5.exe
"2007-11-27 21:00:45 F:\WINDOWS\Tasks\At17.job"
- F:\WINDOWS\system32\aQLvs2F5.exe
"2007-11-27 22:00:45 F:\WINDOWS\Tasks\At18.job"
- F:\WINDOWS\system32\aQLvs2F5.exe
"2007-11-27 23:00:45 F:\WINDOWS\Tasks\At19.job"
"2007-11-28 06:01:33 F:\WINDOWS\Tasks\At2.job"
- F:\WINDOWS\system32\aQLvs2F5.exe
"2007-11-28 00:00:46 F:\WINDOWS\Tasks\At20.job"
- F:\WINDOWS\system32\aQLvs2F5.exe
"2007-11-28 01:01:35 F:\WINDOWS\Tasks\At21.job"
- F:\WINDOWS\system32\aQLvs2F5.exe
"2007-11-28 02:01:38 F:\WINDOWS\Tasks\At22.job"
- F:\WINDOWS\system32\aQLvs2F5.exe
"2007-11-28 03:00:48 F:\WINDOWS\Tasks\At23.job"
- F:\WINDOWS\system32\aQLvs2F5.exe
"2007-11-28 04:01:29 F:\WINDOWS\Tasks\At24.job"
- F:\WINDOWS\system32\aQLvs2F5.exe
"2007-11-28 07:00:52 F:\WINDOWS\Tasks\At3.job"
- F:\WINDOWS\system32\aQLvs2F5.exe
"2007-11-28 08:00:49 F:\WINDOWS\Tasks\At4.job"
- F:\WINDOWS\system32\aQLvs2F5.exe
"2007-11-28 09:00:52 F:\WINDOWS\Tasks\At5.job"
- F:\WINDOWS\system32\aQLvs2F5.exe
"2007-11-26 10:00:47 F:\WINDOWS\Tasks\At6.job"
"2007-11-28 11:01:30 F:\WINDOWS\Tasks\At7.job"
- F:\WINDOWS\system32\aQLvs2F5.exe
"2007-11-26 06:57:33 F:\WINDOWS\Tasks\At8.job"
- F:\WINDOWS\system32\aQLvs2F5.exe
"2007-11-26 06:57:33 F:\WINDOWS\Tasks\At9.job"
- F:\WINDOWS\system32\aQLvs2F5.exe
.
**************************************************************************

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-28 06:28:17
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

**************************************************************************
.
Completion time: 2007-11-28 6:30:04
F:\ComboFix2.txt ... 2007-11-27 21:16
F:\ComboFix3.txt ... 2007-11-27 19:56
.
--- E O F ---

et celui de Hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 06:31:59, on 2007-11-28
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
F:\Program Files\Alwil Software\Avast4\ashServ.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
F:\WINDOWS\system32\svchost.exe
F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
F:\WINDOWS\system32\devldr32.exe
F:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
F:\WINDOWS\system32\ctfmon.exe
F:\WINDOWS\system32\wscntfy.exe
F:\WINDOWS\explorer.exe
F:\Documents and Settings\Administrateur\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {02B39AF8-B98B-4002-8386-5EE894E599A1} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CC51FAF-B0BD-4E97-AAE2-5F7D2CD632EF} - (no file)
O2 - BHO: (no name) - {21B9FDBF-088D-4F60-93CF-F91AF8A7C231} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - F:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - F:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {400AF1C5-8BBF-40A8-A5DD-D93B13010A75} - (no file)
O2 - BHO: (no name) - {4146F715-8A26-42B9-BDFB-65E1EB04F65B} - (no file)
O2 - BHO: (no name) - {41C1080F-1E00-495B-834D-790D7265EA47} - (no file)
O2 - BHO: (no name) - {47597bc0-74aa-43c1-a19a-cc19253a88e6} - (no file)
O2 - BHO: (no name) - {4e3dcaf3-accc-409a-ab80-51e8cf7e1bf1} - (no file)
O2 - BHO: (no name) - {61a6057d-bf6c-4031-90db-be12111ffd6a} - (no file)
O2 - BHO: (no name) - {669293c7-940c-4a33-b39f-b525e3c4ae95} - (no file)
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - F:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {8C32F27E-14D9-42BC-AC6E-2E3107A016FA} - (no file)
O2 - BHO: (no name) - {A0F4FEB6-C91D-4106-A2E2-01CD82FF7DD7} - (no file)
O2 - BHO: {1a723330-d81d-0c7b-4584-224bfc9c981a} - {a189c9cf-b422-4854-b7c0-d18d033327a1} - F:\WINDOWS\system32\csospqmt.dll
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - F:\Program Files\Fichiers communs\Justdo\Jd2002.dll
O2 - BHO: (no name) - {A4E9D29D-3F0D-4A4E-86FC-6E0B6D501C37} - (no file)
O2 - BHO: (no name) - {B73D2AEF-D5E0-4B98-9FA5-D8050F8EFB31} - (no file)
O2 - BHO: (no name) - {d79e9633-d14e-4f47-be29-7f3809a922b2} - (no file)
O2 - BHO: (no name) - {E8551923-C8F8-4BA9-AE93-B8032A146FB6} - (no file)
O2 - BHO: (no name) - {FFFA487C-7C04-404D-9DE0-4F187DA57BA1} - (no file)
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - F:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O4 - HKLM\..\Run: [avast!] F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - F:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O9 - Extra 'Tools' menuitem: &7 Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - F:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O9 - Extra button: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - F:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O9 - Extra 'Tools' menuitem: &8 Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - F:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O9 - Extra button: RF toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - F:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O9 - Extra 'Tools' menuitem: &9 Robo Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - F:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - F:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - F:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - F:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15030/CTSUEng.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html...
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common...
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan....
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15030/CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - F:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: genqfquf - F:\WINDOWS\
O20 - Winlogon Notify: hvuppwyf - F:\WINDOWS\
O20 - Winlogon Notify: kbdsvc - kbdsvc.dll (file missing)
O20 - Winlogon Notify: vturpom - vturpom.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - F:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Unknown owner - F:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Windows User Mode Driver Framework (UMWdf) - Unknown owner - F:\WINDOWS\system32\wdfmgr.exe (file missing)

bonjour

ce n'était pas la peine de passer Combofix plusieurs fois de suite. un seul passage et tu postes le rapport. C'est un outil puissant...

avant de commencer, upload ce fichier stp:
F:\WINDOWS\system32\aQLvs2F5.exe
ici:
http://upload.malekal.com/


Les fichiers et dossiers cachés du système apparaissent alors dans l'explorateur Windows en transparence.

+++++++++++++++++++++


Copie (Ctrl+C) le texte ci-dessous :



Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte que tu viens de copier.
Sauvegarde ce fichier sous le nom de CFScript.txt

Fait un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe comme sur la capture

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.

Une fois le scan achevé, un rapport va s'afficher: poste son contenu.

Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

Il prend pas les jokers CF ?

Merci angeldark (désolé pour le décalage, j'suis à montréal)
alors voici le travail:

ComboFix 07-11-19.4 - Administrateur 2007-11-28 13:24:04.4 - NTFSx86
Running from: F:\Documents and Settings\Administrateur\Bureau\ComboFix.exe
Command switches used :: F:\Documents and Settings\Administrateur\Bureau\CFScript.txt
* Created a new restore point

FILE
F:\WINDOWS\system32\aQLvs2F5.exe
F:\WINDOWS\system32\coaruooc.ini
F:\WINDOWS\system32\csospqmt.dll
F:\WINDOWS\system32\hmblmbct.dll
F:\WINDOWS\system32\mwitegpc.ini
F:\WINDOWS\system32\njtojvfn.dll
F:\WINDOWS\system32\pygsngvh.dll
F:\WINDOWS\system32\ujdnvkho.ini
F:\WINDOWS\system32\vuuuxgiy.dll
F:\WINDOWS\Tasks\At1.job
F:\WINDOWS\Tasks\At10.job
F:\WINDOWS\Tasks\At11.job
F:\WINDOWS\Tasks\At12.job
F:\WINDOWS\Tasks\At13.job
F:\WINDOWS\Tasks\At14.job
F:\WINDOWS\Tasks\At15.job
F:\WINDOWS\Tasks\At16.job
F:\WINDOWS\Tasks\At17.job
F:\WINDOWS\Tasks\At18.job
F:\WINDOWS\Tasks\At19.job
F:\WINDOWS\Tasks\At2.job
F:\WINDOWS\Tasks\At20.job
F:\WINDOWS\Tasks\At21.job
F:\WINDOWS\Tasks\At22.job
F:\WINDOWS\Tasks\At23.job
F:\WINDOWS\Tasks\At24.job
F:\WINDOWS\Tasks\At3.job
F:\WINDOWS\Tasks\At4.job
F:\WINDOWS\Tasks\At5.job
F:\WINDOWS\Tasks\At6.job
F:\WINDOWS\Tasks\At7.job
F:\WINDOWS\Tasks\At8.job
F:\WINDOWS\Tasks\At9.job
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

F:\VundoFix Backups
F:\VundoFix Backups\genqfquf.dllbox.bad
F:\VundoFix Backups\hhpwdssq.dll.bad
F:\VundoFix Backups\hvuppwyf.dll.bad
F:\VundoFix Backups\hvuppwyf.dllbox.bad
F:\VundoFix Backups\tstyyuhd.dllbox.bad
F:\WINDOWS\system32\aQLvs2F5.exe
F:\WINDOWS\system32\coaruooc.ini
F:\WINDOWS\system32\csospqmt.dll
F:\WINDOWS\system32\hmblmbct.dll
F:\WINDOWS\system32\mwitegpc.ini
F:\WINDOWS\system32\njtojvfn.dll
F:\WINDOWS\system32\pygsngvh.dll
F:\WINDOWS\system32\ujdnvkho.ini
F:\WINDOWS\system32\vuuuxgiy.dll
F:\WINDOWS\Tasks\At1.job
F:\WINDOWS\Tasks\At10.job
F:\WINDOWS\Tasks\At11.job
F:\WINDOWS\Tasks\At12.job
F:\WINDOWS\Tasks\At13.job
F:\WINDOWS\Tasks\At14.job
F:\WINDOWS\Tasks\At15.job
F:\WINDOWS\Tasks\At16.job
F:\WINDOWS\Tasks\At17.job
F:\WINDOWS\Tasks\At18.job
F:\WINDOWS\Tasks\At19.job
F:\WINDOWS\Tasks\At2.job
F:\WINDOWS\Tasks\At20.job
F:\WINDOWS\Tasks\At21.job
F:\WINDOWS\Tasks\At22.job
F:\WINDOWS\Tasks\At23.job
F:\WINDOWS\Tasks\At24.job
F:\WINDOWS\Tasks\At3.job
F:\WINDOWS\Tasks\At4.job
F:\WINDOWS\Tasks\At5.job
F:\WINDOWS\Tasks\At6.job
F:\WINDOWS\Tasks\At7.job
F:\WINDOWS\Tasks\At8.job
F:\WINDOWS\Tasks\At9.job

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-10-28 to 2007-11-28 ))))))))))))))))))))))))))))))))))))
.

2007-11-28 04:41 2,560 --a------ F:\WINDOWS\system32\settings.aaw
2007-11-28 04:41 976 --a------ F:\WINDOWS\system32\history.aaw
2007-11-28 01:16 <REP> dr------- F:\Documents and Settings\LocalService\Favoris
2007-11-28 00:17 70,656 --a--c--- F:\WINDOWS\system32\dllcache\notepad.exe
2007-11-27 20:24 24,576 --a------ F:\WINDOWS\system32\VundoFixSVC.exe
2007-11-27 13:47 <REP> d-------- F:\Documents and Settings\Administrateur\Application Data\Uniblue
2007-11-26 06:19 6,058,496 -----c--- F:\WINDOWS\system32\dllcache\ieframe.dll
2007-11-26 06:19 2,455,488 -----c--- F:\WINDOWS\system32\dllcache\ieapfltr.dat
2007-11-26 06:19 1,048,576 -----c--- F:\WINDOWS\system32\dllcache\ieframe.dll.mui
2007-11-26 06:19 383,488 -----c--- F:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-11-26 06:19 267,776 -----c--- F:\WINDOWS\system32\dllcache\iertutil.dll
2007-11-26 06:19 63,488 -----c--- F:\WINDOWS\system32\dllcache\icardie.dll
2007-11-26 06:19 13,824 -----c--- F:\WINDOWS\system32\dllcache\ieudinit.exe
2007-11-26 06:17 <REP> d-------- F:\WINDOWS\system32\fr-fr
2007-11-26 03:21 23,040 -----c--- F:\WINDOWS\system32\dllcache\fltmc.exe
2007-11-26 03:15 <REP> dr------- F:\Documents and Settings\NetworkService\Favoris
2007-11-26 03:06 <REP> d-------- F:\Program Files\MSXML 4.0
2007-11-25 05:15 <REP> d-------- F:\Documents and Settings\All Users\Application Data\Lavasoft
2007-11-25 03:55 <REP> d--h----- F:\WINDOWS\system32\GroupPolicy
2007-11-23 11:26 <REP> d-------- F:\Documents and Settings\All Users\Application Data\Ahead
2007-11-23 11:26 1,994,752 --------- F:\WINDOWS\UNNeroVision.exe
2007-11-23 11:15 125,184 --a------ F:\WINDOWS\system32\drivers\imagesrv.sys
2007-11-23 11:15 5,504 --a------ F:\WINDOWS\system32\drivers\imagedrv.sys
2007-11-23 11:14 <REP> d-------- F:\Program Files\Fichiers communs\Ahead
2007-11-23 11:14 <REP> d-------- F:\Program Files\Ahead
2007-11-22 14:21 <REP> d--hs---- F:\Documents and Settings\Administrateur\UserData
2007-11-22 01:27 <REP> d-------- F:\Documents and Settings\Administrateur\DoctorWeb
2007-11-21 17:26 <REP> d-------- F:\Documents and Settings\Administrateur\Application Data\Sony Ericsson
2007-11-21 17:00 571,392 --a--c--- F:\WINDOWS\system32\dllcache\tintlgnt.ime
2007-11-21 17:00 185,344 --a--c--- F:\WINDOWS\system32\dllcache\thawbrkr.dll
2007-11-21 17:00 46,592 --a--c--- F:\WINDOWS\system32\dllcache\svcext51.dll
2007-11-21 17:00 31,232 --a--c--- F:\WINDOWS\system32\dllcache\tools.dll
2007-11-21 17:00 21,896 --a--c--- F:\WINDOWS\system32\dllcache\tdipx.sys
2007-11-21 17:00 19,464 --a--c--- F:\WINDOWS\system32\dllcache\tdspx.sys
2007-11-21 17:00 13,192 --a--c--- F:\WINDOWS\system32\dllcache\tdasync.sys
2007-11-21 17:00 10,752 --a--c--- F:\WINDOWS\system32\dllcache\smtpapi.dll
2007-11-21 17:00 10,240 --a--c--- F:\WINDOWS\system32\dllcache\tmigrate.dll
2007-11-21 16:59 31,744 --a--c--- F:\WINDOWS\system32\dllcache\pagecnt.dll
2007-11-21 16:58 53,248 --a--c--- F:\WINDOWS\system32\dllcache\nextlink.dll
2007-11-21 16:58 45,056 --a--c--- F:\WINDOWS\system32\dllcache\nsepm.dll
2007-11-21 16:57 257,024 --a--c--- F:\WINDOWS\system32\dllcache\infocomm.dll
2007-11-21 16:57 145,408 --a--c--- F:\WINDOWS\system32\dllcache\iische51.dll
2007-11-21 16:57 60,928 --a--c--- F:\WINDOWS\system32\dllcache\iisclex4.dll
2007-11-21 16:57 25,088 --a--c--- F:\WINDOWS\system32\dllcache\iisadmin.dll
2007-11-21 16:57 23,040 --a--c--- F:\WINDOWS\system32\dllcache\lpdsvc.dll
2007-11-21 16:57 19,456 --a--c--- F:\WINDOWS\system32\dllcache\lprmon.dll
2007-11-21 16:57 19,456 --a--c--- F:\WINDOWS\system32\dllcache\iiscrmap.dll
2007-11-21 16:57 13,312 --a--c--- F:\WINDOWS\system32\dllcache\lonsint.dll
2007-11-21 16:56 10,096,640 --a--c--- F:\WINDOWS\system32\dllcache\hwxcht.dll
2007-11-21 16:56 268,288 --a--c--- F:\WINDOWS\system32\dllcache\httpext.dll
2007-11-21 16:56 62,464 --a--c--- F:\WINDOWS\system32\dllcache\httpod51.dll
2007-11-21 16:56 8,192 --a--c--- F:\WINDOWS\system32\dllcache\httpmb51.dll
2007-11-21 16:56 6,144 --a--c--- F:\WINDOWS\system32\dllcache\ftlx041e.dll
2007-11-21 16:55 198,656 --a--c--- F:\WINDOWS\system32\dllcache\cintime.dll
2007-11-21 16:55 173,568 --a--c--- F:\WINDOWS\system32\dllcache\chtskf.dll
2007-11-21 16:55 97,792 --a--c--- F:\WINDOWS\system32\dllcache\chtmbx.dll
2007-11-21 16:55 57,856 --a--c--- F:\WINDOWS\system32\dllcache\esuimgd.dll
2007-11-21 16:55 56,320 --a--c--- F:\WINDOWS\system32\dllcache\chtskdic.dll
2007-11-21 16:55 45,568 --a--c--- F:\WINDOWS\system32\dllcache\esunid.dll
2007-11-21 16:55 33,792 --a--c--- F:\WINDOWS\system32\dllcache\controt.dll
2007-11-21 16:55 31,744 --a--c--- F:\WINDOWS\system32\dllcache\esucmd.dll
2007-11-21 16:55 25,856 --a--c--- F:\WINDOWS\system32\dllcache\et4000.sys
2007-11-21 16:55 24,064 --a--c--- F:\WINDOWS\system32\dllcache\compfilt.dll
2007-11-21 16:55 21,504 --a--c--- F:\WINDOWS\system32\dllcache\cintlgnt.ime
2007-11-21 16:55 20,480 --a--c--- F:\WINDOWS\system32\dllcache\counters.dll
2007-11-21 16:54 2,134,528 --a--c--- F:\WINDOWS\system32\dllcache\smtpsnap.dll
2007-11-21 16:54 189,440 --a--c--- F:\WINDOWS\system32\dllcache\smtpadm.dll
2007-11-21 16:54 54,528 --a--c--- F:\WINDOWS\system32\dllcache\cap7146.sys
2007-11-21 16:54 45,568 --a--c--- F:\WINDOWS\system32\dllcache\browscap.dll
2007-11-21 16:54 16,384 --a--c--- F:\WINDOWS\system32\dllcache\tcptsat.dll
2007-11-21 16:54 8,192 --a--c--- F:\WINDOWS\system32\dllcache\staxmem.dll
2007-11-21 16:53 281,600 --a--c--- F:\WINDOWS\system32\dllcache\certwiz.ocx
2007-11-21 16:53 184,435 --a--c--- F:\WINDOWS\system32\dllcache\fp4amsft.dll
2007-11-21 16:53 96,768 --a--c--- F:\WINDOWS\system32\dllcache\certmap.ocx
2007-11-21 16:53 78,336 --a--c--- F:\WINDOWS\system32\dllcache\logui.ocx
2007-11-21 16:53 77,824 --a--c--- F:\WINDOWS\system32\dllcache\cnfgprts.ocx
2007-11-21 16:53 47,104 --a--c--- F:\WINDOWS\system32\dllcache\coadmin.dll
2007-11-21 16:53 20,540 --a--c--- F:\WINDOWS\system32\dllcache\author.dll
2007-11-21 16:53 20,536 --a--c--- F:\WINDOWS\system32\dllcache\shtml.dll
2007-11-21 16:45 221,184 --a------ F:\WINDOWS\system32\wmpns.dll
2007-11-21 16:41 749 -rah----- F:\WINDOWS\system32\wuaucpl.cpl.manifest
2007-11-21 16:37 42,577 --a--c--- F:\WINDOWS\system32\dllcache\bckgzm.exe
2007-11-21 16:37 42,575 --a--c--- F:\WINDOWS\system32\dllcache\chkrzm.exe
2007-11-21 16:37 42,573 --a--c--- F:\WINDOWS\system32\dllcache\shvlzm.exe
2007-11-21 16:37 42,573 --a--c--- F:\WINDOWS\system32\dllcache\hrtzzm.exe
2007-11-21 16:37 36,937 --a--c--- F:\WINDOWS\system32\dllcache\zclientm.exe
2007-11-21 16:23 20,992 --a------ F:\WINDOWS\system32\drivers\RTL8139.sys
2007-11-21 16:16 24,661 --a------ F:\WINDOWS\system32\spxcoins.dll
2007-11-21 16:16 13,312 --a------ F:\WINDOWS\system32\irclass.dll
2007-11-21 16:15 1,897,850 --a--c--- F:\WINDOWS\system32\dllcache\NT5.CAT
2007-11-21 16:15 1,086,058 --a--c--- F:\WINDOWS\system32\dllcache\NTPRINT.CAT
2007-11-21 16:15 809,394 --a--c--- F:\WINDOWS\system32\dllcache\NT5IIS.CAT
2007-11-21 16:15 622,820 --a--c--- F:\WINDOWS\system32\dllcache\NT5INF.CAT
2007-11-21 16:15 103,124 --a--c--- F:\WINDOWS\system32\dllcache\tabletpc.cat
2007-11-21 16:15 30,983 --a--c--- F:\WINDOWS\system32\dllcache\FP4.CAT
2007-11-21 16:15 13,497 --a--c--- F:\WINDOWS\system32\dllcache\HPCRDP.CAT
2007-11-21 16:15 8,599 --a--c--- F:\WINDOWS\system32\dllcache\IASNT4.CAT
2007-11-21 16:15 7,382 --a--c--- F:\WINDOWS\system32\dllcache\OEMBIOS.CAT
2007-11-20 15:05 <REP> d--h----- F:\Documents and Settings\Administrateur\Voisinage r‚seau
2007-11-20 15:05 <REP> d--h----- F:\Documents and Settings\Administrateur\Voisinage d'impression

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-25 10:15 --------- d-----w F:\Program Files\Lavasoft
2007-11-23 03:38 --------- d-----w F:\Program Files\vanBasco's Karaoke Player
2007-11-23 03:15 --------- d-----w F:\Program Files\Winamp
2007-11-23 01:54 --------- d-----w F:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-22 20:06 --------- d-----w F:\Program Files\Fichiers communs\Wise Installation Wizard
2007-11-21 22:45 --------- d-----w F:\Program Files\BAR
2007-11-17 18:35 --------- d-----w F:\Program Files\eMule
2007-11-17 07:31 --------- d-----w F:\Program Files\Fichiers communs\Real
2007-11-17 07:12 --------- d-----w F:\Program Files\Real
2007-11-16 03:29 --------- d-----w F:\Program Files\Creative
2007-11-13 03:24 --------- d-----w F:\Program Files\Fichiers communs\Adobe
2007-11-12 22:56 --------- d-----w F:\Program Files\ABBYY FineReader 8.0 Professional Edition
2007-11-12 06:04 --------- d-----w F:\Program Files\ScanView
2007-11-12 06:03 --------- d-----w F:\Program Files\Restorer2000 Professional
2007-11-12 06:02 --------- d-----w F:\Program Files\QuickTime
2007-11-12 05:58 --------- d-----w F:\Program Files\PhoneTools
2007-11-12 05:53 --------- d-----w F:\Program Files\Monkey's Audio
2007-11-12 05:52 --------- d-----w F:\Program Files\MemTurbo
2007-11-12 05:39 --------- d-----w F:\Program Files\GetRight
2007-11-12 05:39 --------- d-----w F:\Program Files\Fichiers communs\Teleca Shared
2007-11-12 05:33 --------- d-----w F:\Program Files\ffdshow
2007-11-12 05:26 --------- d-----w F:\Program Files\DVD Flick
2007-11-12 05:26 --------- d-----w F:\Program Files\DVD Decrypter
2007-11-12 05:18 --------- d-----w F:\Program Files\coolpro2
2007-11-12 05:15 --------- d-----w F:\Program Files\CamStudio
2007-10-25 19:24 --------- d-----w F:\Program Files\Java
2007-10-23 17:25 --------- d-----w F:\Program Files\Medical Databases
2007-10-23 17:25 --------- d-----w F:\Documents and Settings\J.J. Dupont\Application Data\FileMaker
2007-10-22 18:20 --------- d-----w F:\Documents and Settings\J.J. Dupont\Application Data\Uniblue
2007-10-22 18:19 --------- d-----w F:\Program Files\Uniblue
2007-10-17 08:32 --------- d-----w F:\Documents and Settings\All Users\Application Data\Apple Computer
2007-10-17 08:31 --------- d-----w F:\Program Files\Apple Software Update
2007-10-17 08:31 --------- d-----w F:\Documents and Settings\All Users\Application Data\Apple
2007-10-13 04:54 --------- d-----w F:\Program Files\Womble MPEG Editor
2007-10-10 22:58 --------- d-----w F:\Program Files\UnH Solutions
2007-10-10 05:44 --------- d--h--w F:\Program Files\InstallShield Installation Information
2007-10-10 05:44 --------- d-----w F:\Program Files\Justdo Software
2007-10-10 05:44 --------- d-----w F:\Program Files\Fichiers communs\Justdo
2004-10-01 19:00 40,960 -c--a-w F:\Program Files\Uninstall_CDS.exe
.

((((((((((((((((((((((((((((( snapshot@2007-11-28_ 6.28.30,27 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-28 18:30:22 16,384 ----atw F:\WINDOWS\TEMP\Perflib_Perfdata_4dc.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="F:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15:09]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 06:06]
"SunJavaUpdateSched"="F:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"Adobe Reader Speed Launcher"="F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 18:51]
"NeroFilterCheck"="F:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="F:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 15:09]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\vturpom]
vturpom.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\F:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Synchronizer.lnk]
backup=F:\WINDOWS\pss\Adobe Reader Synchronizer.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\F:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
backup=F:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2007-10-10 18:51 39792 --a------ F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BAR]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Desktop Search]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
F:\Program Files\QuickTime\qttask.exe -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony Ericsson PC Suite]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"gusvc"=3 (0x3)

R0 UNPR;UNPR;F:\WINDOWS\system32\unpr.sys
S3 w300bus;Sony Ericsson W300 Driver driver (WDM);F:\WINDOWS\system32\DRIVERS\w300bus.sys
S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter;F:\WINDOWS\system32\DRIVERS\w300mdfl.sys
S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver;F:\WINDOWS\system32\DRIVERS\w300mdm.sys
S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM);F:\WINDOWS\system32\DRIVERS\w300mgmt.sys
S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface;F:\WINDOWS\system32\DRIVERS\w300obex.sys

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-11-20 02:58:57 F:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- F:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-28 13:31:06
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-28 13:34:41 - machine was rebooted
F:\ComboFix2.txt ... 2007-11-28 06:30
F:\ComboFix3.txt ... 2007-11-27 21:16
.
--- E O F ---

heu, comment dire... c'est moi qui m'occupe de ta désinfection  

reposte un log hijackthis stp

 
/me sors

¦¬þ
t'as pas assez de sujets comme ça?

Nan pas pour l'instant.
/me fera le ménage ici quand il y pensera  

veri welle Sham-Rock
sank you and excuze my french

À qui de droit  

Logfile of HijackThis v1.99.1
Scan saved at 00:03:35, on 2007-11-29
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
F:\Program Files\Alwil Software\Avast4\ashServ.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
F:\WINDOWS\system32\svchost.exe
F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
F:\Program Files\Alwil Software\Avast4\ashWebSv.exe
F:\WINDOWS\Explorer.EXE
F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
F:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
F:\WINDOWS\system32\devldr32.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Documents and Settings\Administrateur\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - F:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - F:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - F:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: SnapFlash Class - {A44CBB0B-C77D-4BF5-87CC-B4EE79AD1B7E} - F:\Program Files\Fichiers communs\Justdo\Jd2002.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - F:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O4 - HKLM\..\Run: [avast!] F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\ctfmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - F:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O9 - Extra 'Tools' menuitem: &7 Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - F:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O9 - Extra button: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - F:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O9 - Extra 'Tools' menuitem: &8 Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - F:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O9 - Extra button: RF toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - F:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O9 - Extra 'Tools' menuitem: &9 Robo Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - F:\Program Files\Siber Systems\AI RoboForm\RoboForm.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - F:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - F:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra 'Tools' menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - F:\Program Files\Fichiers communs\Justdo\IECatcher.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15030/CTSUEng.cab
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html...
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8....
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common...
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www.ca.com/us/securityadvisor/virusinfo/webscan....
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15030/CTPID.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - F:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: vturpom - vturpom.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - F:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Unknown owner - F:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - F:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Windows User Mode Driver Framework (UMWdf) - Unknown owner - F:\WINDOWS\system32\wdfmgr.exe (file missing)

bonjour

supprime C:\qoobox et vide ta corbeille

tu vas remplacer Avast! par Antivir, qui lui est un vrai antivirus, tu vas faire un scan avec et poster le rapport.  


Désinstalle correctement Avast!


Pour le remplacer par Antivir.

-->Tuto<--


Pourquoi changer ? : Avast! vs Antivir

Vraiment merci pour tout les boys !!
Je suis irradié devant tant de génie...

Une question: est-ce que ça vaut la peine de se procurer la version payante à 20 euros ( la version Avira AntiVir PersonalEdition Premium) qui possède en plus:
Protection against spyware and adware - - Special protection against email viruses (POP 3) .

ou celle à 40 euros pour Avira Premium Security Suite qui elle inclue en plus Proactive AntiPhishing - - Inclusive FireWall - - Inclusive AntiSpam - - WebGuard to surf and download safely.

Pour voir le tableau comparatif complet:
http://www.avira.com/en/products/personal.html

Encore un gros merci!
Luc

Encore une derniere question: un conseil pour un bon firewall? j'avais CA etrust antivirus mais j'ai pas aimé...
est-ce que Comodo en combinison avec antivir ferait l'affaire?

bonjour

je t'avais demandé un rapport de scan avec antivir  
la version gratuite est suffisante

comodo est pas mal, kerio aussi