probleme avec Win32:Trojan-gen{Other} de l'aide

Bonjour,

Quel emplacement ?

C:\WINDOWS\system32\iifdbcc.dll

Voila le rapport de scan que j'ai eu avec Antivir, merci pour l'aide

AntiVir PersonalEdition Classic
Report file date: jeudi 6 mars 2008 21:50

Scanning for 1136109 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: SYSTEM
Computer name: MEZ

Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007 20:33:50
ANTIVIR2.VDF : 7.0.2.181 1993728 Bytes 24/02/2008 20:33:50
ANTIVIR3.VDF : 7.0.2.245 216576 Bytes 06/03/2008 20:33:50
AVEWIN32.DLL : 7.6.0.73 3334656 Bytes 06/03/2008 20:33:52
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 06/03/2008 20:33:52
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21

Configuration settings for the scan:
Jobname..........................: Complete system scan
Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: Intelligent file selection
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: medium

Start of the scan: jeudi 6 mars 2008 21:50

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'update.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'wuauclt.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'guardgui.exe' - '1' Module(s) have been scanned
Scan process 'wscntfy.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'SMAgent.exe' - '1' Module(s) have been scanned
Scan process 'hpqste08.exe' - '1' Module(s) have been scanned
Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'FxSvr2.exe' - '1' Module(s) have been scanned
Scan process 'GoogleUpdater.exe' - '1' Module(s) have been scanned
Scan process 'reader_sl.exe' - '1' Module(s) have been scanned
Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned
Scan process 'ApntEx.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'rundll32.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'hpwuSchd2.exe' - '1' Module(s) have been scanned
Scan process 'Application Launcher.exe' - '1' Module(s) have been scanned
Scan process 'hcwemMON.exe' - '1' Module(s) have been scanned
Scan process 'LogiTray.exe' - '1' Module(s) have been scanned
Scan process 'LVCOMSX.EXE' - '1' Module(s) have been scanned
Scan process 'sgtray.exe' - '1' Module(s) have been scanned
Scan process 'eabservr.exe' - '1' Module(s) have been scanned
Scan process 'QTTask.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'AGRSMMSG.exe' - '1' Module(s) have been scanned
Scan process 'Apoint.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
65 processes with 65 modules were scanned

Start scanning boot sectors:
Boot sector 'C:\'
[NOTE] No virus was found!

Starting to scan the registry.
C:\WINDOWS\system32\ihoxoved.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[WARNING] An error has occurred and the file was not deleted. ErrorID: 16003
[WARNING] The file could not be deleted!
C:\WINDOWS\system32\ihoxoved.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
C:\WINDOWS\system32\drpjxkxc.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[WARNING] An error has occurred and the file was not deleted. ErrorID: 16003
[WARNING] The file could not be deleted!
C:\WINDOWS\system32\drpjxkxc.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen

The registry was scanned ( '48' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\hiberfil.sys
[WARNING] The file could not be opened!
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\Documents and Settings\Lise\Local Settings\Temporary Internet Files\Content.IE5\8NBD2DVG\ptch[1]
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48335d55.qua'!
C:\Documents and Settings\Lise\Local Settings\Temporary Internet Files\Content.IE5\AY4SBK31\ptch[1]
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48335d5c.qua'!
C:\Documents and Settings\Lise\Local Settings\Temporary Internet Files\Content.IE5\AY4SBK31\tr[1]
[DETECTION] Is the Trojan horse TR/Vundo.DWB
[INFO] The file was moved to '482b5d5d.qua'!
C:\Documents and Settings\Lise\Local Settings\Temporary Internet Files\Content.IE5\KX2LIHQ1\CAL02DLJ
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '481c5d2f.qua'!
C:\Documents and Settings\Lise\Local Settings\Temporary Internet Files\Content.IE5\KX2LIHQ1\cmp638[1]
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48405d5e.qua'!
C:\Documents and Settings\Lise\Local Settings\Temporary Internet Files\Content.IE5\KX2LIHQ1\hctp[3]
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48445d57.qua'!
C:\System Volume Information\_restore{01D86062-9663-4A3E-B3F1-9804119BC23C}\RP184\A0052747.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '4800623f.qua'!
C:\System Volume Information\_restore{01D86062-9663-4A3E-B3F1-9804119BC23C}\RP185\A0053747.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48006243.qua'!
C:\System Volume Information\_restore{01D86062-9663-4A3E-B3F1-9804119BC23C}\RP186\A0053788.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '4800630a.qua'!
C:\System Volume Information\_restore{01D86062-9663-4A3E-B3F1-9804119BC23C}\RP187\A0053815.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48006310.qua'!
C:\System Volume Information\_restore{01D86062-9663-4A3E-B3F1-9804119BC23C}\RP188\A0053861.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48006316.qua'!
C:\System Volume Information\_restore{01D86062-9663-4A3E-B3F1-9804119BC23C}\RP188\A0053875.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48006340.qua'!
C:\System Volume Information\_restore{01D86062-9663-4A3E-B3F1-9804119BC23C}\RP188\A0053876.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48006374.qua'!
C:\System Volume Information\_restore{01D86062-9663-4A3E-B3F1-9804119BC23C}\RP190\A0055954.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '4800637d.qua'!
C:\System Volume Information\_restore{01D86062-9663-4A3E-B3F1-9804119BC23C}\RP190\A0055955.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48006382.qua'!
C:\System Volume Information\_restore{01D86062-9663-4A3E-B3F1-9804119BC23C}\RP190\A0056009.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48006392.qua'!
C:\System Volume Information\_restore{01D86062-9663-4A3E-B3F1-9804119BC23C}\RP191\A0056025.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48006398.qua'!
C:\System Volume Information\_restore{01D86062-9663-4A3E-B3F1-9804119BC23C}\RP191\A0056072.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '4800639e.qua'!
C:\System Volume Information\_restore{01D86062-9663-4A3E-B3F1-9804119BC23C}\RP191\A0056201.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '4800642a.qua'!
C:\System Volume Information\_restore{01D86062-9663-4A3E-B3F1-9804119BC23C}\RP193\A0057284.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '4800643b.qua'!
C:\System Volume Information\_restore{01D86062-9663-4A3E-B3F1-9804119BC23C}\RP194\A0057327.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48006440.qua'!
C:\System Volume Information\_restore{01D86062-9663-4A3E-B3F1-9804119BC23C}\RP194\A0057328.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48006452.qua'!
C:\System Volume Information\_restore{01D86062-9663-4A3E-B3F1-9804119BC23C}\RP195\A0057383.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48006483.qua'!
C:\System Volume Information\_restore{01D86062-9663-4A3E-B3F1-9804119BC23C}\RP195\A0057384.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48006486.qua'!
C:\System Volume Information\_restore{01D86062-9663-4A3E-B3F1-9804119BC23C}\RP196\A0057442.dll
[DETECTION] Is the Trojan horse TR/Virtumod.PB
[INFO] The file was moved to '48006540.qua'!
C:\System Volume Information\_restore{01D86062-9663-4A3E-B3F1-9804119BC23C}\RP196\A0057445.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48006544.qua'!
C:\System Volume Information\_restore{01D86062-9663-4A3E-B3F1-9804119BC23C}\RP200\A0058653.exe
[DETECTION] Is the Trojan horse TR/Dldr.Adload.QY
[INFO] The file was moved to '48006554.qua'!
C:\WINDOWS\system32\aupyovuu.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '4840677c.qua'!
C:\WINDOWS\system32\drpjxkxc.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[WARNING] An error has occurred and the file was not deleted. ErrorID: 16003
[WARNING] The file could not be deleted!
C:\WINDOWS\system32\evnadupo.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '483e67d1.qua'!
C:\WINDOWS\system32\evpjslan.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '484067d4.qua'!
C:\WINDOWS\system32\fsbjrqde.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '4832682b.qua'!
C:\WINDOWS\system32\fsdrqgyi.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '4834686f.qua'!
C:\WINDOWS\system32\gjpkogrq.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '4840686d.qua'!
C:\WINDOWS\system32\gksfvxcu.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '4843687b.qua'!
C:\WINDOWS\system32\gmvdiimh.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '484668a7.qua'!
C:\WINDOWS\system32\ihoxoved.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[WARNING] An error has occurred and the file was not deleted. ErrorID: 16003
[WARNING] The file could not be deleted!
C:\WINDOWS\system32\ipvdwaui.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '4846692d.qua'!
C:\WINDOWS\system32\irchioco.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48336939.qua'!
C:\WINDOWS\system32\jsnrnsbj.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '483e6941.qua'!
C:\WINDOWS\system32\mfrdoqkh.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48426958.qua'!
C:\WINDOWS\system32\ncpxmbak.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '4840697e.qua'!
C:\WINDOWS\system32\neecqybs.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48356985.qua'!
C:\WINDOWS\system32\nqsfrupk.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48436999.qua'!
C:\WINDOWS\system32\omfhaupg.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '483669cb.qua'!
C:\WINDOWS\system32\putdujhh.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '484469e5.qua'!
C:\WINDOWS\system32\qhkjvymn.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '483b69f1.qua'!
C:\WINDOWS\system32\scihjmna.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48396a08.qua'!
C:\WINDOWS\system32\sfrjjejb.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48426a51.qua'!
C:\WINDOWS\system32\teeoxbos.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48356a8e.qua'!
C:\WINDOWS\system32\turqsewe.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48426aaa.qua'!
C:\WINDOWS\system32\txnegxpi.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was deleted!
C:\WINDOWS\system32\ukbhsvmt.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48327215.qua'!
C:\WINDOWS\system32\uvgxgbkc.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48377229.qua'!
C:\WINDOWS\system32\uxwlqdvd.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48477241.qua'!
C:\WINDOWS\system32\vyptamap.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '4840724c.qua'!
C:\WINDOWS\system32\whllacby.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '483c7243.qua'!
C:\WINDOWS\system32\wqrpwbga.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48427267.qua'!
C:\WINDOWS\system32\xextcvkq.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48487264.qua'!
C:\WINDOWS\system32\xsiqunyc.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48397276.qua'!
C:\WINDOWS\system32\yajthhnq.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '483a7267.qua'!
C:\WINDOWS\system32\yogubkmj.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48377279.qua'!
C:\WINDOWS\system32\ysnuxgbe.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '483e7280.qua'!
C:\WINDOWS\system32\yxdxhrlc.dll
[DETECTION] Is the Trojan horse TR/Vundo.Gen
[INFO] The file was moved to '48347288.qua'!
C:\WINDOWS\system32\nGpxx01\nGpxx011065.exe
[DETECTION] Is the Trojan horse TR/Dldr.VB.cge
[INFO] The file was moved to '484072e9.qua'!


End of the scan: jeudi 6 mars 2008 23:39
Used time: 1:49:54 min

The scan has been done completely.

6357 Scanning directories
206585 Files were scanned
67 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
1 files were deleted
0 files were repaired
62 files were moved to quarantine
0 files were renamed
2 Files cannot be scanned
206518 Files not concerned
1867 Archives were scanned
6 Warnings
113 Notes

Reposte un rapport Hijackthis.

Hijackthis?

Désolé :

Télécharge puis installe Hijackthis (Trend Micro).
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

Oké,
Voila le rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:50:53, on 09/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\hcwemMON.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {393AFDB6-28EA-4D2C-BD5B-B8D393EEDF08} - C:\WINDOWS\system32\ssqrp.dll (file missing)
O2 - BHO: (no name) - {5951D459-A139-4FFD-A9C6-9B1E6975E579} - C:\Program Files\NetMeeting\nipysatogC:\WINDOWS\system32\uwce9\renamd83122.exe.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: {5a1e28bd-b136-0e79-77f4-85346ce6840e} - {e0486ec6-4358-4f77-97e0-631bdb82e1a5} - C:\WINDOWS\system32\gksfvxcu.dll (file missing)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [hcwemMON] hcwemMON.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [787466f7] rundll32.exe "C:\WINDOWS\system32\ihoxoved.dll",b
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [BM7b47556b] Rundll32.exe "C:\WINDOWS\system32\drpjxkxc.dll",s
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [Drmupgds] C:\Program Files\Drmupgds\Drmupgds.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: iifdbcc - iifdbcc.dll (file missing)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 7679 bytes

Re,

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.

Double clique sur combofix.exe afin de le lancer.

Tape sur la touche 1 (Yes) pour démarrer le scan.

Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

voila le rapport,

ComboFix 08-03-10.1 - Lise 2008-03-10 20:29:12.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.85 [GMT 1:00]
Endroit: C:\Documents and Settings\Lise\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Program Files\Drmupgds
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\nGpxx01
C:\WINDOWS\system32\pac.txt
C:\WINDOWS\system32\prqss.ini
C:\WINDOWS\system32\prqss.ini2

.
((((((((((((((((((((((((((((( Fichiers créés 2008-02-10 to 2008-03-10 ))))))))))))))))))))))))))))))))))))
.

2008-03-09 20:50 . 2008-03-09 20:50 <REP> d-------- C:\Program Files\Trend Micro
2008-03-09 14:07 . 2008-03-09 14:07 <REP> d-------- C:\Program Files\Xvid
2008-03-09 14:07 . 2007-06-28 18:52 765,952 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-03-09 14:07 . 2007-06-28 18:54 180,224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-03-09 14:07 . 2007-06-28 18:55 77,824 --a------ C:\WINDOWS\system32\xvid.ax
2008-03-09 09:51 . 2007-02-28 17:02 2,182,400 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-03-09 09:51 . 2007-02-28 17:02 2,138,112 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-03-09 09:51 . 2007-02-28 17:02 2,059,648 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-03-09 09:51 . 2007-02-28 17:02 2,017,792 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-03-09 09:47 . 2006-06-01 19:48 163,840 -----c--- C:\WINDOWS\system32\dllcache\jgdw400.dll
2008-03-09 09:47 . 2006-06-01 19:48 27,648 -----c--- C:\WINDOWS\system32\dllcache\jgpl400.dll
2008-03-09 09:30 . 2008-03-09 09:30 <REP> d-------- C:\Program Files\MSXML 4.0
2008-03-07 16:35 . 2008-03-07 21:03 <REP> d-------- C:\VundoFix Backups
2008-03-06 21:31 . 2008-03-06 21:31 <REP> d-------- C:\Program Files\Avira
2008-03-06 21:16 . 2008-03-06 21:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-03-05 20:47 . 2008-03-06 21:47 332 ---hs---- C:\WINDOWS\system32\devoxohi.ini
2008-03-04 20:39 . 2008-03-05 20:39 5,034 ---hs---- C:\WINDOWS\system32\ydeeghws.ini
2008-03-04 18:38 . 2008-03-04 20:33 4,794 ---hs---- C:\WINDOWS\system32\ogmwysbt.ini
2008-03-03 18:04 . 2008-03-04 18:05 4,674 ---hs---- C:\WINDOWS\system32\qpsnkdhs.ini
2008-03-03 16:24 . 2008-03-03 16:24 4,374 ---hs---- C:\WINDOWS\system32\xwuupmsi.ini
2008-03-02 15:52 . 2008-03-03 15:52 4,314 ---hs---- C:\WINDOWS\system32\rvohlbac.ini
2008-02-28 12:17 . 2008-03-02 15:52 4,014 ---hs---- C:\WINDOWS\system32\lnkrasab.ini
2008-02-27 08:12 . 2008-02-28 12:08 3,414 ---hs---- C:\WINDOWS\system32\cbfipybi.ini
2008-02-25 21:11 . 2008-02-27 08:09 3,114 ---hs---- C:\WINDOWS\system32\kxuihmrq.ini
2008-02-25 12:52 . 2008-02-25 21:05 2,754 ---hs---- C:\WINDOWS\system32\oogmstqi.ini
2008-02-24 11:33 . 2008-02-25 12:47 2,634 ---hs---- C:\WINDOWS\system32\porwgnoc.ini
2008-02-24 10:36 . 2008-02-24 10:36 2,394 ---hs---- C:\WINDOWS\system32\cqgxuyyi.ini
2008-02-22 10:34 . 2008-02-24 10:35 2,334 ---hs---- C:\WINDOWS\system32\rhjcrpoj.ini
2008-02-22 10:22 . 2008-02-28 12:08 147 --a------ C:\WINDOWS\BM7b47556b.xml
2008-02-22 09:22 . 2008-02-22 09:22 1,734 ---hs---- C:\WINDOWS\system32\trfdjlbl.ini
2008-02-20 21:12 . 2008-02-22 09:19 1,674 ---hs---- C:\WINDOWS\system32\turtxtlk.ini
2008-02-19 18:12 . 2008-02-20 21:10 1,554 ---hs---- C:\WINDOWS\system32\xslowptx.ini
2008-02-18 18:14 . 2008-02-19 18:10 1,314 ---hs---- C:\WINDOWS\system32\ulxvhyhn.ini
2008-02-17 18:21 . 2008-02-18 17:41 1,194 ---hs---- C:\WINDOWS\system32\ijiwtgcx.ini
2008-02-16 17:59 . 2008-02-17 18:00 954 ---hs---- C:\WINDOWS\system32\dqdcpype.ini
2008-02-15 17:45 . 2008-02-16 17:56 834 ---hs---- C:\WINDOWS\system32\achciiqt.ini
2008-02-14 14:43 . 2008-02-15 17:43 714 ---hs---- C:\WINDOWS\system32\wdchxrpk.ini

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-07 20:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-03-07 18:01 --------- d-----w C:\Documents and Settings\Lise\Application Data\dvdcss
2008-03-05 17:08 --------- d-----w C:\Program Files\VideoLAN
2008-02-12 09:41 --------- d-----w C:\Program Files\BitTorrent
2008-02-05 21:34 --------- d-----w C:\Documents and Settings\Lise\Application Data\BitTorrent
2008-01-28 10:29 --------- d-----w C:\Documents and Settings\Lise\Application Data\Media Player Classic
2008-01-28 10:25 --------- d-----w C:\Program Files\Media Player Classic
2007-01-24 22:23 56 --sh--r C:\WINDOWS\system32\D3D819630B.sys
2007-01-24 22:23 1,890 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{393AFDB6-28EA-4D2C-BD5B-B8D393EEDF08}]
C:\WINDOWS\system32\ssqrp.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5951D459-A139-4FFD-A9C6-9B1E6975E579}]
C:\Program Files\NetMeeting\nipysatogC:\WINDOWS\system32\uwce9\renamd83122.exe.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{e0486ec6-4358-4f77-97e0-631bdb82e1a5}]
C:\WINDOWS\system32\gksfvxcu.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2004-10-08 12:06 196608]
"BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" [ ]
"Drmupgds"="C:\Program Files\Drmupgds\Drmupgds.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 13:00 208952]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00 455168]
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2003-10-08 19:40 159744]
"AGRSMMSG"="AGRSMMSG.exe" [2004-09-04 04:52 88363 C:\WINDOWS\AGRSMMSG.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-04-08 11:22 4730880]
"nwiz"="nwiz.exe" [2004-04-08 11:22 323584 C:\WINDOWS\system32\nwiz.exe]
"Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [2004-03-01 13:05 200766]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2004-06-08 13:31 286720]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 05:24 286720]
"eabconfg.cpl"="C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-08-19 11:50 290816]
"UpdateManager"="C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" [2003-08-19 01:01 110592]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 11:52 221184]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-10-08 12:31 458752]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-10-08 12:24 217088]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50 155648]
"hcwemMON"="hcwemMON.exe" [2007-03-29 22:22 61440 C:\WINDOWS\hcwemMON.exe]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2006-11-24 00:06 487424]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41 49152]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-11-12 17:56 185632]
"787466f7"="C:\WINDOWS\system32\ihoxoved.dll" [ ]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-03-06 21:33 249896]
"BM7b47556b"="C:\WINDOWS\system32\drpjxkxc.dll" [ ]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\iifdbcc]
iifdbcc.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=

S3 se44bus;Sony Ericsson Device 068 driver (WDM);C:\WINDOWS\system32\DRIVERS\se44bus.sys [2006-11-30 13:58]
S3 se44mdfl;Sony Ericsson Device 068 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se44mdfl.sys [2006-11-30 13:58]
S3 se44mdm;Sony Ericsson Device 068 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se44mdm.sys [2006-11-30 13:58]
S3 se44mgmt;Sony Ericsson Device 068 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se44mgmt.sys [2006-11-30 13:58]
S3 se44nd5;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (NDIS);C:\WINDOWS\system32\DRIVERS\se44nd5.sys [2006-11-30 13:58]
S3 se44obex;Sony Ericsson Device 068 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se44obex.sys [2006-11-30 13:58]
S3 se44unic;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (WDM);C:\WINDOWS\system32\DRIVERS\se44unic.sys [2006-11-30 13:58]
S3 USB28xxBGA;WinTV HVR-900;C:\WINDOWS\system32\DRIVERS\emBDA.sys [2007-01-30 02:20]
S3 USB28xxOEM;WinTV OEM Filter;C:\WINDOWS\system32\DRIVERS\emOEM.sys [2007-01-30 02:19]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1a0b40c7-ad22-11db-936e-00904bb83f12}]
\Shell\Auto\command - MicrosoftPowerPoint.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL MicrosoftPowerPoint.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5985fbbb-73b5-11dc-9497-000fb0466893}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b65b6bbc-6c21-11dc-9481-000fb0466893}]
\Shell\AutoRun\command - ntde1ect.com
\Shell\explore\Command - ntde1ect.com
\Shell\open\Command - ntde1ect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ddc48e49-470f-11dc-9438-000fb0466893}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL systems.com
\Shell\read\command - explorer.exe
\Shell\start\command - systems.com

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-23 08:05:05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-10 20:36:31
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\HPQ\Default Settings\cpqset.exe????????4?0?6?9??????? ???B???????????????B? ??????

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-03-10 20:39:11 - machine was rebooted
ComboFix-quarantined-files.txt 2008-03-10 19:39:07
.
2008-03-09 12:10:08 --- E O F ---



quand mon ordi ce rallume il dit: Eurreur de chargement de C:\WINDOWS\system32\ihoxoved.dll
impossible de trouver le fichier spécifié

On supprime  

[#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :



Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
[#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]

ComboFix 08-03-10.1 - Lise 2008-03-11 21:00:01.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.196 [GMT 1:00]
Endroit: C:\Documents and Settings\Lise\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Lise\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

FILE ::
C:\WINDOWS\BM7b47556b.xml
C:\WINDOWS\system32\achciiqt.ini
C:\WINDOWS\system32\cbfipybi.ini
C:\WINDOWS\system32\cqgxuyyi.ini
C:\WINDOWS\system32\devoxohi.ini
C:\WINDOWS\system32\dqdcpype.ini
C:\WINDOWS\system32\drpjxkxc.dll
C:\WINDOWS\system32\ihoxoved.dll
C:\WINDOWS\system32\ijiwtgcx.ini
C:\WINDOWS\system32\kxuihmrq.ini
C:\WINDOWS\system32\lnkrasab.ini
C:\WINDOWS\system32\ogmwysbt.ini
C:\WINDOWS\system32\oogmstqi.ini
C:\WINDOWS\system32\porwgnoc.ini
C:\WINDOWS\system32\qpsnkdhs.ini
C:\WINDOWS\system32\rhjcrpoj.ini
C:\WINDOWS\system32\rvohlbac.ini
C:\WINDOWS\system32\trfdjlbl.ini
C:\WINDOWS\system32\turtxtlk.ini
C:\WINDOWS\system32\ulxvhyhn.ini
C:\WINDOWS\system32\wdchxrpk.ini
C:\WINDOWS\system32\xslowptx.ini
C:\WINDOWS\system32\xwuupmsi.ini
C:\WINDOWS\system32\ydeeghws.ini
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\BM7b47556b.xml
C:\WINDOWS\system32\achciiqt.ini
C:\WINDOWS\system32\cbfipybi.ini
C:\WINDOWS\system32\cqgxuyyi.ini
C:\WINDOWS\system32\devoxohi.ini
C:\WINDOWS\system32\dqdcpype.ini
C:\WINDOWS\system32\ijiwtgcx.ini
C:\WINDOWS\system32\kxuihmrq.ini
C:\WINDOWS\system32\lnkrasab.ini
C:\WINDOWS\system32\ogmwysbt.ini
C:\WINDOWS\system32\oogmstqi.ini
C:\WINDOWS\system32\porwgnoc.ini
C:\WINDOWS\system32\qpsnkdhs.ini
C:\WINDOWS\system32\rhjcrpoj.ini
C:\WINDOWS\system32\rvohlbac.ini
C:\WINDOWS\system32\trfdjlbl.ini
C:\WINDOWS\system32\turtxtlk.ini
C:\WINDOWS\system32\ulxvhyhn.ini
C:\WINDOWS\system32\uwce9\
C:\WINDOWS\system32\wdchxrpk.ini
C:\WINDOWS\system32\xslowptx.ini
C:\WINDOWS\system32\xwuupmsi.ini
C:\WINDOWS\system32\ydeeghws.ini

.
((((((((((((((((((((((((((((( Fichiers créés 2008-02-11 to 2008-03-11 ))))))))))))))))))))))))))))))))))))
.

2008-03-09 20:50 . 2008-03-09 20:50 <REP> d-------- C:\Program Files\Trend Micro
2008-03-09 14:07 . 2008-03-09 14:07 <REP> d-------- C:\Program Files\Xvid
2008-03-09 14:07 . 2007-06-28 18:52 765,952 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-03-09 14:07 . 2007-06-28 18:54 180,224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-03-09 14:07 . 2007-06-28 18:55 77,824 --a------ C:\WINDOWS\system32\xvid.ax
2008-03-09 09:51 . 2007-02-28 17:02 2,182,400 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
2008-03-09 09:51 . 2007-02-28 17:02 2,138,112 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
2008-03-09 09:51 . 2007-02-28 17:02 2,059,648 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
2008-03-09 09:51 . 2007-02-28 17:02 2,017,792 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
2008-03-09 09:47 . 2006-06-01 19:48 163,840 -----c--- C:\WINDOWS\system32\dllcache\jgdw400.dll
2008-03-09 09:47 . 2006-06-01 19:48 27,648 -----c--- C:\WINDOWS\system32\dllcache\jgpl400.dll
2008-03-09 09:30 . 2008-03-09 09:30 <REP> d-------- C:\Program Files\MSXML 4.0
2008-03-07 16:35 . 2008-03-07 21:03 <REP> d-------- C:\VundoFix Backups
2008-03-06 21:31 . 2008-03-06 21:31 <REP> d-------- C:\Program Files\Avira
2008-03-06 21:16 . 2008-03-06 21:31 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-07 20:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
2008-03-07 18:01 --------- d-----w C:\Documents and Settings\Lise\Application Data\dvdcss
2008-03-05 17:08 --------- d-----w C:\Program Files\VideoLAN
2008-02-12 09:41 --------- d-----w C:\Program Files\BitTorrent
2008-02-05 21:34 --------- d-----w C:\Documents and Settings\Lise\Application Data\BitTorrent
2008-01-28 10:29 --------- d-----w C:\Documents and Settings\Lise\Application Data\Media Player Classic
2008-01-28 10:25 --------- d-----w C:\Program Files\Media Player Classic
2007-01-24 22:23 56 --sh--r C:\WINDOWS\system32\D3D819630B.sys
2007-01-24 22:23 1,890 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogitechSoftwareUpdate"="C:\Program Files\Logitech\Video\ManifestEngine.exe" [2004-10-08 12:06 196608]
"BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 13:00 208952]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 13:00 455168]
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2003-10-08 19:40 159744]
"AGRSMMSG"="AGRSMMSG.exe" [2004-09-04 04:52 88363 C:\WINDOWS\AGRSMMSG.exe]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-04-08 11:22 4730880]
"nwiz"="nwiz.exe" [2004-04-08 11:22 323584 C:\WINDOWS\system32\nwiz.exe]
"Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [2004-03-01 13:05 200766]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2004-06-08 13:31 286720]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 05:24 286720]
"eabconfg.cpl"="C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe" [2004-08-19 11:50 290816]
"UpdateManager"="C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" [2003-08-19 01:01 110592]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2004-10-08 11:52 221184]
"LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-10-08 12:31 458752]
"LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-10-08 12:24 217088]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50 155648]
"hcwemMON"="hcwemMON.exe" [2007-03-29 22:22 61440 C:\WINDOWS\hcwemMON.exe]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2006-11-24 00:06 487424]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 02:41 49152]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-11-12 17:56 185632]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-03-06 21:33 249896]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2007-06-07 12:18:49 110592]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22 288472]
Lancement rapide d'Adobe Reader.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2005-09-23 22:05:26 29696]
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 21:05:56 65588]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-11-12 16:54:25 126136]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=

S3 se44bus;Sony Ericsson Device 068 driver (WDM);C:\WINDOWS\system32\DRIVERS\se44bus.sys [2006-11-30 13:58]
S3 se44mdfl;Sony Ericsson Device 068 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se44mdfl.sys [2006-11-30 13:58]
S3 se44mdm;Sony Ericsson Device 068 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se44mdm.sys [2006-11-30 13:58]
S3 se44mgmt;Sony Ericsson Device 068 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se44mgmt.sys [2006-11-30 13:58]
S3 se44nd5;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (NDIS);C:\WINDOWS\system32\DRIVERS\se44nd5.sys [2006-11-30 13:58]
S3 se44obex;Sony Ericsson Device 068 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se44obex.sys [2006-11-30 13:58]
S3 se44unic;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (WDM);C:\WINDOWS\system32\DRIVERS\se44unic.sys [2006-11-30 13:58]
S3 USB28xxBGA;WinTV HVR-900;C:\WINDOWS\system32\DRIVERS\emBDA.sys [2007-01-30 02:20]
S3 USB28xxOEM;WinTV OEM Filter;C:\WINDOWS\system32\DRIVERS\emOEM.sys [2007-01-30 02:19]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1a0b40c7-ad22-11db-936e-00904bb83f12}]
\Shell\Auto\command - MicrosoftPowerPoint.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL MicrosoftPowerPoint.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5985fbbb-73b5-11dc-9497-000fb0466893}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL antihost.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b65b6bbc-6c21-11dc-9481-000fb0466893}]
\Shell\AutoRun\command - ntde1ect.com
\Shell\explore\Command - ntde1ect.com
\Shell\open\Command - ntde1ect.com

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ddc48e49-470f-11dc-9438-000fb0466893}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL systems.com
\Shell\read\command - explorer.exe
\Shell\start\command - systems.com

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-02-23 08:05:05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-03-11 21:02:58
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\HPQ\Default Settings\cpqset.exe????????4?0?6?9??P???? ???B???????????????B? ??????

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-03-11 21:03:51
ComboFix-quarantined-files.txt 2008-03-11 20:03:28
ComboFix2.txt 2008-03-10 19:39:12
.
2008-03-09 12:10:08 --- E O F ---

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:07, on 11/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\WINDOWS\hcwemMON.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [hcwemMON] hcwemMON.exe
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\SHARED\HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 7149 bytes

Ton pc se comporte mieux ?

ça a l'air merci beaucoup

Bon surf  

Télécharge ToolsCleaner sur ton Bureau.

Clique sur Recherche et laisse le scan se terminer.

Clique sur Suppression pour finaliser.

Clique sur Quitter, pour que le rapport puisse se créer.

Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\)

Désactive puis réactive la restauration du système : Voir aide

Ajoute maintenant [Résolu] au titre. Pour cela :
* Clique, dans ton premier message, sur le bouton "Editer"
* Rajoute la mention [Résolu] au titre
* Clique ensuite sur "Valider votre message"

Lis le dossier dossier sur la prévention et la protection pour ne plus avoir ce genre de problème en cliquant sur l'image ci-dessous :