voila mon scan:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:28:16, on 12/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
I:\Program Files\Alwil Software\Avast4\ashServ.exe
I:\WINDOWS\system32\spoolsv.exe
I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
I:\WINDOWS\runservice.exe
I:\WINDOWS\system32\nvsvc32.exe
I:\WINDOWS\system32\svchost.exe
I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
I:\Program Files\Alwil Software\Avast4\ashWebSv.exe
I:\WINDOWS\system32\WgaTray.exe
I:\WINDOWS\system32\explorer.exe
I:\WINDOWS\system32\ctfmon.exe
I:\WINDOWS\system32\RUNDLL32.EXE
I:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
I:\WINDOWS\system32\rundll32.exe
I:\WINDOWS\RTHDCPL.EXE
I:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
I:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
I:\Program Files\Fichiers communs\VirusGarde\stmon.exe
I:\Program Files\Fichiers communs\SysDepannage\strpmon.exe
I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
I:\Program Files\DAEMON Tools\daemon.exe
I:\Program Files\iTunes\iTunesHelper.exe
I:\Program Files\Windows Live\Messenger\msnmsgr.exe
I:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
I:\Program Files\Google\Google Updater\GoogleUpdater.exe
I:\Program Files\OpenOffice.org 2.3\program\soffice.exe
I:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
I:\Program Files\iPod\bin\iPodService.exe
I:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
I:\Program Files\Windows Live\Messenger\usnsvc.exe
I:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
I:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
I:\Program Files\Internet Explorer\iexplore.exe
I:\Documents and Settings\Admin\Bureau\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - i:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - I:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - I:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - I:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - i:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE I:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "I:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Smart Start UP] I:\Program Files\NewSoft\Smart Start UP\PnPDetect.exe /Automation
O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] I:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "I:\WINDOWS\TEMP\E_S88.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "I:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Photo Downloader] "I:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avast!] I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Salestart] "I:\Program Files\Fichiers communs\VirusGarde\stmon.exe" dm=http://virusgarde.com; ad=http://virusgarde.com
O4 - HKLM\..\Run: [Salestart(1)] "I:\Program Files\Fichiers communs\SysDepannage\strpmon.exe" dm=http://sysdepannage.com; ad=http://sysdepannage.com
O4 - HKLM\..\Run: [spa_start] I:\WINDOWS\System32\Rundll32.exe "I:\WINDOWS\system32\spads.dll" DllVerify
O4 - HKLM\..\Run: [TkBellExe] "I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DAEMON Tools] "I:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "I:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [swg] I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "I:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RegistryBooster 2 d’Uniblue ] I:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "I:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "I:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = I:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = I:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = I:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = I:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = I:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - I:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - I:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 - Unknown file in Winsock LSP: i:\windows\system32\nwprovau.dll
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - I:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - I:\WINDOWS\runservice.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - Unknown owner - I:\WINDOWS\system32\lkcitdl.exe (file missing)
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - Unknown owner - I:\WINDOWS\system32\lkads.exe (file missing)
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - Unknown owner - I:\WINDOWS\system32\lktsrv.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OpcEnum - Unknown owner - I:\WINDOWS\system32\OpcEnum.exe (file missing)
O24 - Desktop Component 0: (no name) - http://www.fond-ecran.net/fonds/bebe_015.jpg
O24 - Desktop Component 1: (no name) - http://wallpapers.boolsite.net/srv [...] dation.jpg

--
End of file - 10964 bytes

Malwarebytes' Anti-Malware 1.11
Version de la base de données: 615

Type de recherche: Examen complet (I:\|)
Eléments examinés: 112237
Temps écoulé: 17 minute(s), 31 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 20
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 4
Fichier(s) infecté(s): 9

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\iebrowsercmp.browsercmp (Adware.RightOnAds) -> No action taken.
HKEY_CLASSES_ROOT\iebrowsercmp.browsercmp.1 (Adware.RightOnAds) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1d8282e6-bc4f-469b-aaed-7e4ff077ad93} (Adware.RightOnAds) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{c1a6d8b8-93c3-4186-9dd1-13983f9f1d9b} (Adware.RightOnAds) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{3160f356-e8c3-4de2-a698-92eeeb3d3400} (Adware.RightOnAds) -> No action taken.
HKEY_CLASSES_ROOT\dc_ads.ads (Adware.Fotomoto) -> No action taken.
HKEY_CLASSES_ROOT\dc_ads.ads.1 (Adware.Fotomoto) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{6fc3c36d-7635-4d43-ba62-0d9d2f2cd06e} (Adware.Fotomoto) -> No action taken.
HKEY_CLASSES_ROOT\rotator.gizmo3 (Trojan.Zlob) -> No action taken.
HKEY_CLASSES_ROOT\rotator.gizmo3.1 (Trojan.Zlob) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{8e015787-b1e3-404a-95de-3e71e1fa0305} (Trojan.Zlob) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0d39a900-0f3a-4c29-a254-3e65244fdc34} (Adware.PlayaZ) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\contexttool (Adware.PlayaZ) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\playmp3 (Adware.PlayMP3Z) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\AdvRemoteDbg (Adware.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Purchased Products (Rogue.Multiple) -> No action taken.
HKEY_CURRENT_USER\Software\MediaHoldings (Adware.PlayMP3Z) -> No action taken.
HKEY_CURRENT_USER\Software\PlayMP3 (Adware.PlayMP3Z) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\dcadssocial (Adware.RightOnAds) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\IeBrowserCmp.BrowserCmp (Adware.RightOnAds) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\spa_start (Adware.Agent) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
I:\Program Files\contexttool (Adware.PlayaZ) -> No action taken.
I:\Program Files\PlayMP3z (Adware.PlayMP3Z) -> No action taken.
I:\Documents and Settings\All Users\Application Data\SalesMonitor (Rogue.Multiple) -> No action taken.
I:\Documents and Settings\All Users\Application Data\SalesMonitor\Data (Rogue.Multiple) -> No action taken.

Fichier(s) infecté(s):
I:\WINDOWS\system32\KCMDNIns.exe (Trojan.Inject) -> No action taken.
I:\Program Files\contexttool\pcre3.dll (Adware.PlayaZ) -> No action taken.
I:\Program Files\contexttool\uninstall.exe (Adware.PlayaZ) -> No action taken.
I:\Program Files\PlayMP3z\uninstall.exe (Adware.PlayMP3Z) -> No action taken.
I:\WINDOWS\system32\rundll32.exe (Adware.Agent) -> No action taken.
I:\WINDOWS\system32\DcadsSocial-uninstall.exe (Adware.RightOnAds) -> No action taken.
I:\Documents and Settings\Admin\Application Data\urlredir.cfg (Adware.RightOnAds) -> No action taken.
I:\WINDOWS\explorer.exe.tmp (Heuristics.Reserved.Word.Exploit) -> No action taken.
I:\Documents and Settings\Admin\Bureau\explorer.exe (Heuristics.Reserved.Word.Exploit) -> No action taken.

Reposte un rapport Hijackthis.

Re,

Désactive tes protections résidentes (antivirus, Spybot...) !

• Télécharge Combofix (sUBs) sur ton Bureau.
• Double clique sur combofix.exe afin de le lancer.
• Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

Tu as redémarré ? Toujours pareil ?

Démarrer > Exécuter >explorer.exe

Voila le rapport combofix j'ai finalement réussi à le récupéré.J'éspére que cela pourra vous aider.merci

ComboFix 08-04-11.8 - Admin 2008-04-13 22:11:44.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.199 [GMT 2:00]
Endroit: I:\Documents and Settings\Admin\Bureau\ComboFix.exe

[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

I:\Documents and Settings\All Users\Application Data\salesmonitor
.
---- Previous Run -------
.
I:\Documents and Settings\All Users\Application Data\salesmonitor
I:\WINDOWS\system32\dcads-remove.exe
I:\WINDOWS\system32\explorer.exe
I:\WINDOWS\system32\real.txt

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_FMTR


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-13 to 2008-04-13 ))))))))))))))))))))))))))))))))))))
.

2008-04-13 22:17 . 2008-04-13 22:17 <REP> dr------- I:\Documents and Settings\All Users\Application Data\SalesMonitor
2008-04-12 14:02 . 2008-04-12 14:02 <REP> d-------- I:\Program Files\Malwarebytes' Anti-Malware
2008-04-12 14:02 . 2008-04-12 14:02 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-12 14:02 . 2008-04-12 14:02 <REP> d-------- I:\Documents and Settings\Admin\Application Data\Malwarebytes
2008-04-12 13:59 . 2008-04-12 13:59 <REP> d-------- I:\WINDOWS\ServicePackFiles
2008-04-12 13:59 . 2004-07-17 11:40 19,528 --a------ I:\WINDOWS\000001_.tmp
2008-04-11 22:52 . 2008-04-11 22:52 73,269 --a------ I:\WINDOWS\pspbrwse.jbf
2008-04-11 22:52 . 2008-04-11 22:52 7,912 --a------ I:\WINDOWS\system32\pspbrwse.jbf
2008-04-11 19:21 . 2008-04-11 19:21 12,900 --a------ I:\WINDOWS\system32\normaliz[1].zip
2008-04-11 18:45 . 2007-12-07 04:08 383,488 --------- I:\WINDOWS\system32\SET26.tmp
2008-04-09 22:25 . 2008-04-09 22:25 <REP> d-------- I:\Documents and Settings\Admin\Application Data\Uniblue
2008-04-09 20:01 . 2005-07-26 13:43 8,704 --a------ I:\WINDOWS\system32\kbdjpn.dll
2008-04-09 20:01 . 2005-07-26 13:43 8,192 --a------ I:\WINDOWS\system32\kbdkor.dll
2008-04-09 20:01 . 2005-07-26 13:43 6,144 --a------ I:\WINDOWS\system32\kbd106.dll
2008-04-09 20:01 . 2005-07-26 13:43 6,144 --a------ I:\WINDOWS\system32\kbd101c.dll
2008-04-09 20:01 . 2005-07-26 13:43 6,144 --a------ I:\WINDOWS\system32\kbd101b.dll
2008-04-09 20:01 . 2005-07-26 13:43 5,632 --a------ I:\WINDOWS\system32\kbd103.dll
2008-04-09 19:59 . 2008-04-09 19:59 <REP> d-------- I:\Program Files\sina
2008-04-09 17:03 . 2008-04-09 17:03 <REP> d-------- I:\Program Files\Safari
2008-04-09 17:02 . 2008-04-09 17:02 <REP> d-------- I:\Program Files\iTunes
2008-04-09 17:02 . 2008-04-09 17:02 <REP> d-------- I:\Program Files\iPod
2008-04-09 17:02 . 2008-04-13 22:17 54,156 --ah----- I:\WINDOWS\QTFont.qfn
2008-04-09 17:02 . 2008-04-09 17:02 1,409 --a------ I:\WINDOWS\QTFont.for
2008-04-09 17:00 . 2008-04-09 17:01 <REP> d-------- I:\Program Files\QuickTime
2008-03-28 23:37 . 2008-03-28 23:37 90,112 --a------ I:\WINDOWS\system32\QuickTimeVR.qtx
2008-03-28 23:37 . 2008-03-28 23:37 57,344 --a------ I:\WINDOWS\system32\QuickTime.qts
2008-03-28 16:03 . 2008-03-30 10:26 <REP> d-------- I:\Program Files\Fichiers communs\Symantec Shared
2008-03-20 19:40 . 2008-04-13 20:31 <REP> d-------- I:\Program Files\Incomplete

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-13 18:38 --------- d-----r I:\Program Files\LimeWire
2008-04-13 18:25 --------- d-----w I:\Documents and Settings\Admin\Application Data\LimeWire
2008-04-13 16:43 --------- d-----w I:\Documents and Settings\All Users\Application Data\Google Updater
2008-04-13 09:07 --------- d-----w I:\Documents and Settings\Admin\Application Data\OpenOffice.org2
2008-04-12 13:23 --------- d-----w I:\Program Files\Java
2008-04-12 12:01 --------- d-----w I:\Program Files\Common Files
2008-04-12 10:21 --------- d--h--w I:\Program Files\InstallShield Installation Information
2008-04-12 10:21 --------- d-----w I:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-04-09 15:07 --------- d-----w I:\Documents and Settings\Admin\Application Data\Apple Computer
2008-04-09 07:54 37,074 ----a-w I:\Documents and Settings\Admin\laesiixt.exe
2008-04-04 11:08 20,570 ----a-w I:\Documents and Settings\Admin\Application Data\wklnhst.dat
2008-03-29 12:33 --------- d-----w I:\Program Files\National Instruments
2008-03-29 12:33 --------- d-----w I:\Documents and Settings\All Users\Application Data\National Instruments
2008-03-29 12:29 --------- d-----w I:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-03-29 12:00 --------- d-----w I:\Program Files\eMule
2008-03-19 10:06 32,008 ----a-w I:\Documents and Settings\Admin\Application Data\GDIPFONTCACHEV1.DAT
2008-03-08 16:55 --------- d-----w I:\Program Files\Everest Poker
2008-02-27 21:10 --------- d-----w I:\Program Files\Windows Live
2008-02-01 10:17 587,264 ----a-w I:\WINDOWS\WLXPGSS.SCR
2007-11-25 11:08 191,512 ----a-w I:\Documents and Settings\Admin\Application Data\install_fr[2].exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-11-22 19:15 68856]
"MsnMsgr"="I:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"ctfmon.exe"="I:\WINDOWS\system32\ctfmon.exe" [2004-08-19 18:09 15360]
"RegistryBooster 2 d’Uniblue "="I:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="I:\WINDOWS\system32\NvCpl.dll" [2006-07-12 07:19 7626752]
"nwiz"="nwiz.exe" [2006-07-12 07:19 1519616 I:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="I:\WINDOWS\system32\NvMcTray.dll" [2006-07-12 07:19 86016]
"SunJavaUpdateSched"="I:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-01 09:48 16208384 I:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 11:04 2879488 I:\WINDOWS\SkyTel.exe]
"Smart Start UP"="I:\Program Files\NewSoft\Smart Start UP\PnPDetect.exe" [2003-01-21 14:25 98304]
"Sony Ericsson PC Suite"="I:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-03-28 01:07 593920]
"Adobe Photo Downloader"="I:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [ ]
"avast!"="I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 15:00 79224]
"Salestart(1)"="I:\Program Files\Fichiers communs\SysDepannage\strpmon.exe" [2007-11-12 20:44 424960]
"TkBellExe"="I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-01-05 16:35 185896]
"DAEMON Tools"="I:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48 157592]
"QuickTime Task"="I:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="I:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="I:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Config"="I:\WINDOWS\system32\run.cmd" [2005-08-23 13:24 341]
"nlsf"="cmd.exe" [2004-08-19 18:09 400896 I:\WINDOWS\system32\cmd.exe]
"tscuninstall"="I:\WINDOWS\system32\tscupgrd.exe" [2004-08-19 17:52 44544]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
"NoAutoUpdate"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
"NoAutoUpdate"= 1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"I:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"I:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"I:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"I:\\Program Files\\Internet Explorer\\iexplore.exe"=
"I:\\Program Files\\LimeWire\\LimeWire.exe"=
"I:\\Program Files\\iTunes\\iTunes.exe"=

R0 Achernar;Achernar - SCSI Command Filters;I:\WINDOWS\system32\Drivers\Achernar.sys [2005-09-23 13:50]
R0 xmasbus;xmasbus;I:\WINDOWS\system32\DRIVERS\xmasbus.sys [2003-12-21 18:24]
R0 xmasscsi;xmasscsi;I:\WINDOWS\system32\Drivers\xmasscsi.sys [2003-12-20 21:03]
R2 LicCtrlService;LicCtrl Service;I:\WINDOWS\runservice.exe [2007-01-10 20:05]
R3 Aldebaran;Aldebaran - SCSI Command Filters;I:\WINDOWS\system32\Drivers\Aldebaran.sys [2005-09-23 13:50]
R3 fbxusb;Carte réseau virtuelle FreeBox USB (32 bits);I:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2007-08-27 16:12]
S3 DSCVc;Video Capture;I:\WINDOWS\system32\DRIVERS\CoachVc.sys [2003-11-03 17:31]
S3 SE2Ebus;Sony Ericsson Device 046 Driver driver (WDM);I:\WINDOWS\system32\DRIVERS\SE2Ebus.sys [2006-11-10 19:23]
S3 se59bus;Sony Ericsson Device 089 driver (WDM);I:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 20:07]
S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter;I:\WINDOWS\system32\DRIVERS\se59mdfl.sys [2006-09-05 20:07]
S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver;I:\WINDOWS\system32\DRIVERS\se59mdm.sys [2006-09-05 20:07]
S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM);I:\WINDOWS\system32\DRIVERS\se59mgmt.sys [2006-09-05 20:08]
S3 se59nd5;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS);I:\WINDOWS\system32\DRIVERS\se59nd5.sys [2006-09-05 20:06]
S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface;I:\WINDOWS\system32\DRIVERS\se59obex.sys [2006-09-05 20:09]
S3 se59unic;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM);I:\WINDOWS\system32\DRIVERS\se59unic.sys [2006-09-05 20:06]
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);I:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 12:38]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{58e5fbb4-d63f-11db-ad8e-b73e16f1665b}]
\Shell\Auto\command - bittorrent.exe e
\Shell\AutoRun\command - I:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL bittorrent.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72c08a86-a01b-11db-ad6a-91db3fbdde5a}]
\Shell\AutoRun\command - H:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7745e461-1a5b-11dc-adcb-85da6f5e425d}]
\Shell\AutoRun\command - J:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cdec06f6-c28b-11dc-ae4e-0007cb0000ff}]
\Shell\AutoRun\command - K:\LaunchU3.exe -a

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-04-09 13:38:02 I:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- I:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-04-13 20:15:11 I:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- I:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
.
**************************************************************************

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-13 22:17:29
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
I:\Program Files\Alwil Software\Avast4\ashServ.exe
I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
I:\WINDOWS\system32\nvsvc32.exe
I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
I:\Program Files\Alwil Software\Avast4\ashWebSv.exe
I:\WINDOWS\system32\WgaTray.exe
I:\WINDOWS\system32\taskmgr.exe
I:\WINDOWS\system32\rundll32.exe
I:\WINDOWS\system32\rundll32.exe
I:\Program Files\Alwil Software\Avast4\ashDisp.exe
I:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
I:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
I:\Program Files\Google\Google Updater\GoogleUpdater.exe
I:\Program Files\OpenOffice.org 2.3\program\soffice.exe
I:\Program Files\OpenOffice.org 2.3\program\soffice.bin
I:\Program Files\iPod\bin\iPodService.exe
I:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
I:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
I:\Program Files\Windows Live\Messenger\usnsvc.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-04-13 22:21:08 - machine was rebooted [Admin]
ComboFix-quarantined-files.txt 2008-04-13 20:21:03
Pre-Run: 202,683,633,664 octets libres
Post-Run: 202,702,131,200 octets libres
.
2008-04-12 13:14:16 --- E O F ---

Voila pour le rapport:
merci

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:45:42, on 14/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
I:\Program Files\Alwil Software\Avast4\ashServ.exe
I:\WINDOWS\system32\spoolsv.exe
I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
I:\WINDOWS\runservice.exe
I:\WINDOWS\system32\nvsvc32.exe
I:\WINDOWS\system32\svchost.exe
I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
I:\Program Files\Alwil Software\Avast4\ashWebSv.exe
I:\WINDOWS\system32\WgaTray.exe
I:\WINDOWS\system32\ctfmon.exe
I:\Documents and Settings\Admin\WINDOWS\system\explorer.exe
I:\WINDOWS\system32\RUNDLL32.EXE
I:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
I:\WINDOWS\RTHDCPL.EXE
I:\WINDOWS\system32\rundll32.exe
I:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
I:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
I:\Program Files\Fichiers communs\SysDepannage\strpmon.exe
I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
I:\Program Files\DAEMON Tools\daemon.exe
I:\Program Files\iTunes\iTunesHelper.exe
I:\Program Files\Windows Live\Messenger\msnmsgr.exe
I:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
I:\Program Files\Google\Google Updater\GoogleUpdater.exe
I:\Program Files\OpenOffice.org 2.3\program\soffice.exe
I:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
I:\Program Files\iPod\bin\iPodService.exe
I:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
I:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
I:\Program Files\Windows Live\Messenger\usnsvc.exe
I:\Program Files\internet explorer\iexplore.exe
I:\Documents and Settings\Admin\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - i:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - I:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - I:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - I:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - i:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE I:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "I:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Smart Start UP] I:\Program Files\NewSoft\Smart Start UP\PnPDetect.exe /Automation
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "I:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Photo Downloader] "I:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [avast!] I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Salestart(1)] "I:\Program Files\Fichiers communs\SysDepannage\strpmon.exe" dm=http://sysdepannage.com; ad=http://sysdepannage.com
O4 - HKLM\..\Run: [TkBellExe] "I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DAEMON Tools] "I:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "I:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [swg] I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "I:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RegistryBooster 2 d’Uniblue ] I:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "I:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "I:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = I:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = I:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = I:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = I:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = I:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - I:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - I:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: i:\windows\system32\nwprovau.dll
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - I:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - I:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - I:\WINDOWS\runservice.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - Unknown owner - I:\WINDOWS\system32\lkcitdl.exe (file missing)
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - Unknown owner - I:\WINDOWS\system32\lkads.exe (file missing)
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - Unknown owner - I:\WINDOWS\system32\lktsrv.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OpcEnum - Unknown owner - I:\WINDOWS\system32\OpcEnum.exe (file missing)
O24 - Desktop Component 0: (no name) - http://www.fond-ecran.net/fonds/bebe_015.jpg
O24 - Desktop Component 1: (no name) - http://wallpapers.boolsite.net/srv [...] dation.jpg

--
End of file - 10247 bytes

Voila pour combo fix:

ComboFix 08-04-11.8 - Admin 2008-04-14 19:03:28.4 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.419 [GMT 2:00]
Endroit: I:\Documents and Settings\Admin\Bureau\ComboFix.exe
Command switches used :: I:\Documents and Settings\Admin\Bureau\CFScript.txt..txt
* Création d'un nouveau point de restauration

[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]

FILE ::
I:\Documents and Settings\Admin\laesiixt.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

I:\Documents and Settings\Admin\laesiixt.exe
I:\Documents and Settings\All Users\Application Data\salesmonitor
I:\Program Files\Fichiers communs\SysDepannage
I:\Program Files\Fichiers communs\SysDepannage\strpmon.exe

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-14 to 2008-04-14 ))))))))))))))))))))))))))))))))))))
.

2008-04-12 14:02 . 2008-04-12 14:02 <REP> d-------- I:\Program Files\Malwarebytes' Anti-Malware
2008-04-12 14:02 . 2008-04-12 14:02 <REP> d-------- I:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-12 14:02 . 2008-04-12 14:02 <REP> d-------- I:\Documents and Settings\Admin\Application Data\Malwarebytes
2008-04-12 13:59 . 2008-04-12 13:59 <REP> d-------- I:\WINDOWS\ServicePackFiles
2008-04-12 13:59 . 2004-07-17 11:40 19,528 --a------ I:\WINDOWS\000001_.tmp
2008-04-11 22:52 . 2008-04-11 22:52 73,269 --a------ I:\WINDOWS\pspbrwse.jbf
2008-04-11 22:52 . 2008-04-11 22:52 7,912 --a------ I:\WINDOWS\system32\pspbrwse.jbf
2008-04-11 19:21 . 2008-04-11 19:21 12,900 --a------ I:\WINDOWS\system32\normaliz[1].zip
2008-04-11 18:45 . 2007-12-07 04:08 383,488 --------- I:\WINDOWS\system32\SET26.tmp
2008-04-09 22:25 . 2008-04-09 22:25 <REP> d-------- I:\Documents and Settings\Admin\Application Data\Uniblue
2008-04-09 20:01 . 2005-07-26 13:43 8,704 --a------ I:\WINDOWS\system32\kbdjpn.dll
2008-04-09 20:01 . 2005-07-26 13:43 8,192 --a------ I:\WINDOWS\system32\kbdkor.dll
2008-04-09 20:01 . 2005-07-26 13:43 6,144 --a------ I:\WINDOWS\system32\kbd106.dll
2008-04-09 20:01 . 2005-07-26 13:43 6,144 --a------ I:\WINDOWS\system32\kbd101c.dll
2008-04-09 20:01 . 2005-07-26 13:43 6,144 --a------ I:\WINDOWS\system32\kbd101b.dll
2008-04-09 20:01 . 2005-07-26 13:43 5,632 --a------ I:\WINDOWS\system32\kbd103.dll
2008-04-09 19:59 . 2008-04-09 19:59 <REP> d-------- I:\Program Files\sina
2008-04-09 17:03 . 2008-04-09 17:03 <REP> d-------- I:\Program Files\Safari
2008-04-09 17:02 . 2008-04-09 17:02 <REP> d-------- I:\Program Files\iTunes
2008-04-09 17:02 . 2008-04-09 17:02 <REP> d-------- I:\Program Files\iPod
2008-04-09 17:02 . 2008-04-14 07:07 54,156 --ah----- I:\WINDOWS\QTFont.qfn
2008-04-09 17:02 . 2008-04-09 17:02 1,409 --a------ I:\WINDOWS\QTFont.for
2008-04-09 17:00 . 2008-04-09 17:01 <REP> d-------- I:\Program Files\QuickTime
2008-03-28 23:37 . 2008-03-28 23:37 90,112 --a------ I:\WINDOWS\system32\QuickTimeVR.qtx
2008-03-28 23:37 . 2008-03-28 23:37 57,344 --a------ I:\WINDOWS\system32\QuickTime.qts
2008-03-28 16:03 . 2008-03-30 10:26 <REP> d-------- I:\Program Files\Fichiers communs\Symantec Shared
2008-03-20 19:40 . 2008-04-13 20:31 <REP> d-------- I:\Program Files\Incomplete

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-14 05:08 --------- d-----w I:\Documents and Settings\Admin\Application Data\OpenOffice.org2
2008-04-13 18:38 --------- d-----r I:\Program Files\LimeWire
2008-04-13 18:25 --------- d-----w I:\Documents and Settings\Admin\Application Data\LimeWire
2008-04-13 16:43 --------- d-----w I:\Documents and Settings\All Users\Application Data\Google Updater
2008-04-12 13:23 --------- d-----w I:\Program Files\Java
2008-04-12 12:01 --------- d-----w I:\Program Files\Common Files
2008-04-12 10:21 --------- d--h--w I:\Program Files\InstallShield Installation Information
2008-04-12 10:21 --------- d-----w I:\Documents and Settings\All Users\Application Data\TuneUp Software
2008-04-09 15:07 --------- d-----w I:\Documents and Settings\Admin\Application Data\Apple Computer
2008-04-04 11:08 20,570 ----a-w I:\Documents and Settings\Admin\Application Data\wklnhst.dat
2008-03-29 12:33 --------- d-----w I:\Program Files\National Instruments
2008-03-29 12:33 --------- d-----w I:\Documents and Settings\All Users\Application Data\National Instruments
2008-03-29 12:29 --------- d-----w I:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-03-29 12:00 --------- d-----w I:\Program Files\eMule
2008-03-19 10:06 32,008 ----a-w I:\Documents and Settings\Admin\Application Data\GDIPFONTCACHEV1.DAT
2008-03-08 16:55 --------- d-----w I:\Program Files\Everest Poker
2008-02-27 21:10 --------- d-----w I:\Program Files\Windows Live
2008-02-01 10:17 587,264 ----a-w I:\WINDOWS\WLXPGSS.SCR
2007-11-25 11:08 191,512 ----a-w I:\Documents and Settings\Admin\Application Data\install_fr[2].exe
.

((((((((((((((((((((((((((((( snapshot@2008-04-13_22.20.52.60 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-04-14 17:06:29 16,384 ----atw I:\WINDOWS\Temp\Perflib_Perfdata_5d0.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"swg"="I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-11-22 19:15 68856]
"MsnMsgr"="I:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]
"ctfmon.exe"="I:\WINDOWS\system32\ctfmon.exe" [2004-08-19 18:09 15360]
"RegistryBooster 2 d’Uniblue "="I:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="I:\WINDOWS\system32\NvCpl.dll" [2006-07-12 07:19 7626752]
"nwiz"="nwiz.exe" [2006-07-12 07:19 1519616 I:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="I:\WINDOWS\system32\NvMcTray.dll" [2006-07-12 07:19 86016]
"SunJavaUpdateSched"="I:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"RTHDCPL"="RTHDCPL.EXE" [2006-06-01 09:48 16208384 I:\WINDOWS\RTHDCPL.exe]
"SkyTel"="SkyTel.EXE" [2006-05-16 11:04 2879488 I:\WINDOWS\SkyTel.exe]
"Smart Start UP"="I:\Program Files\NewSoft\Smart Start UP\PnPDetect.exe" [2003-01-21 14:25 98304]
"Sony Ericsson PC Suite"="I:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2007-03-28 01:07 593920]
"Adobe Photo Downloader"="I:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe" [ ]
"avast!"="I:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 15:00 79224]
"TkBellExe"="I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-01-05 16:35 185896]
"DAEMON Tools"="I:\Program Files\DAEMON Tools\daemon.exe" [2006-11-12 12:48 157592]
"QuickTime Task"="I:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="I:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="I:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Config"="I:\WINDOWS\system32\run.cmd" [2005-08-23 13:24 341]
"nlsf"="cmd.exe" [2004-08-19 18:09 400896 I:\WINDOWS\system32\cmd.exe]
"tscuninstall"="I:\WINDOWS\system32\tscupgrd.exe" [2004-08-19 17:52 44544]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
"NoAutoUpdate"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoSMHelp"= 1 (0x1)
"MemCheckBoxInRunDlg"= 1 (0x1)
"NoSMBalloonTip"= 1 (0x1)
"NoDesktopCleanupWizard"= 1 (0x1)
"NoWelcomeScreen"= 1 (0x1)
"NoAutoUpdate"= 1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 nwprovau

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"I:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"I:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"I:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"I:\\Program Files\\Internet Explorer\\iexplore.exe"=
"I:\\Program Files\\LimeWire\\LimeWire.exe"=
"I:\\Program Files\\iTunes\\iTunes.exe"=

R0 Achernar;Achernar - SCSI Command Filters;I:\WINDOWS\system32\Drivers\Achernar.sys [2005-09-23 13:50]
R0 xmasbus;xmasbus;I:\WINDOWS\system32\DRIVERS\xmasbus.sys [2003-12-21 18:24]
R0 xmasscsi;xmasscsi;I:\WINDOWS\system32\Drivers\xmasscsi.sys [2003-12-20 21:03]
R2 LicCtrlService;LicCtrl Service;I:\WINDOWS\runservice.exe [2007-01-10 20:05]
R3 Aldebaran;Aldebaran - SCSI Command Filters;I:\WINDOWS\system32\Drivers\Aldebaran.sys [2005-09-23 13:50]
R3 fbxusb;Carte réseau virtuelle FreeBox USB (32 bits);I:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2007-08-27 16:12]
S3 DSCVc;Video Capture;I:\WINDOWS\system32\DRIVERS\CoachVc.sys [2003-11-03 17:31]
S3 SE2Ebus;Sony Ericsson Device 046 Driver driver (WDM);I:\WINDOWS\system32\DRIVERS\SE2Ebus.sys [2006-11-10 19:23]
S3 se59bus;Sony Ericsson Device 089 driver (WDM);I:\WINDOWS\system32\DRIVERS\se59bus.sys [2006-09-05 20:07]
S3 se59mdfl;Sony Ericsson Device 089 USB WMC Modem Filter;I:\WINDOWS\system32\DRIVERS\se59mdfl.sys [2006-09-05 20:07]
S3 se59mdm;Sony Ericsson Device 089 USB WMC Modem Driver;I:\WINDOWS\system32\DRIVERS\se59mdm.sys [2006-09-05 20:07]
S3 se59mgmt;Sony Ericsson Device 089 USB WMC Device Management Drivers (WDM);I:\WINDOWS\system32\DRIVERS\se59mgmt.sys [2006-09-05 20:08]
S3 se59nd5;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (NDIS);I:\WINDOWS\system32\DRIVERS\se59nd5.sys [2006-09-05 20:06]
S3 se59obex;Sony Ericsson Device 089 USB WMC OBEX Interface;I:\WINDOWS\system32\DRIVERS\se59obex.sys [2006-09-05 20:09]
S3 se59unic;Sony Ericsson Device 089 USB Ethernet Emulation SEMC59 (WDM);I:\WINDOWS\system32\DRIVERS\se59unic.sys [2006-09-05 20:06]
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);I:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-28 12:38]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{58e5fbb4-d63f-11db-ad8e-b73e16f1665b}]
\Shell\Auto\command - bittorrent.exe e
\Shell\AutoRun\command - I:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL bittorrent.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{72c08a86-a01b-11db-ad6a-91db3fbdde5a}]
\Shell\AutoRun\command - H:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7745e461-1a5b-11dc-adcb-85da6f5e425d}]
\Shell\AutoRun\command - J:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cdec06f6-c28b-11dc-ae4e-0007cb0000ff}]
\Shell\AutoRun\command - K:\LaunchU3.exe -a

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-04-09 13:38:02 I:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- I:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-04-14 17:06:43 I:\WINDOWS\Tasks\Maintenance en 1 clic.job"
- I:\Program Files\TuneUp Utilities 2008\OneClickStarter.exe
.
**************************************************************************

catchme 0.3.1351 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-14 19:07:15
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
I:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
I:\Program Files\Alwil Software\Avast4\ashServ.exe
I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
I:\WINDOWS\system32\nvsvc32.exe
I:\WINDOWS\system32\WgaTray.exe
I:\WINDOWS\system32\taskmgr.exe
I:\WINDOWS\system32\rundll32.exe
I:\WINDOWS\system32\rundll32.exe
I:\Program Files\Alwil Software\Avast4\ashDisp.exe
I:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
I:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
I:\Program Files\Google\Google Updater\GoogleUpdater.exe
I:\Program Files\OpenOffice.org 2.3\program\soffice.exe
I:\Program Files\OpenOffice.org 2.3\program\soffice.bin
I:\WINDOWS\system32\wscntfy.exe
I:\Program Files\iPod\bin\iPodService.exe
I:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
I:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-04-14 19:10:59 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-14 17:10:54
ComboFix2.txt 2008-04-13 20:21:16
Pre-Run: 202,803,658,752 octets libres
Post-Run: 202,781,712,384 octets libres
.
2008-04-12 13:14:16 --- E O F ---

Ton pc se comporte mieux ?

Désinstalle correctement Avast! pour le remplacer par AntiVir.
Pourquoi changer ? Avast! vs AntiVir

Fais un scan complet puis poste le rapport en fin d'analyse.
AIDE : Tutorial sur l'antivirus AntiVir Personal Edition Classic

Reposte un rapport Hijackthis.

Encore des soucis ?

Ces problèmes ne sont pas lié à un virus pour moi.
Tu avais AVG avant ?

Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:42:34, on 15/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\WINDOWS\system32\spoolsv.exe
I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
I:\WINDOWS\runservice.exe
I:\WINDOWS\system32\nvsvc32.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\system32\WgaTray.exe
I:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
I:\WINDOWS\system\explorer.exe
I:\WINDOWS\system32\RUNDLL32.EXE
I:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
I:\WINDOWS\system32\rundll32.exe
I:\WINDOWS\RTHDCPL.EXE
I:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
I:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
I:\Program Files\DAEMON Tools\daemon.exe
I:\Program Files\iTunes\iTunesHelper.exe
I:\Program Files\Windows Live\Messenger\msnmsgr.exe
I:\WINDOWS\system32\ctfmon.exe
I:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
I:\Program Files\Google\Google Updater\GoogleUpdater.exe
I:\Program Files\OpenOffice.org 2.3\program\soffice.exe
I:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
I:\Program Files\iPod\bin\iPodService.exe
I:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
I:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
I:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
I:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
I:\Program Files\Windows Live\Messenger\usnsvc.exe
I:\Program Files\internet explorer\iexplore.exe
I:\Documents and Settings\Admin\Bureau\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - I:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - I:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - I:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - i:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - I:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - I:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - I:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - i:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE I:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "I:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Smart Start UP] I:\Program Files\NewSoft\Smart Start UP\PnPDetect.exe /Automation
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "I:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [Adobe Photo Downloader] "I:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "I:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DAEMON Tools] "I:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "I:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "I:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "I:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [swg] I:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "I:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] I:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RegistryBooster 2 d’Uniblue ] I:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "I:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "I:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = I:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = I:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = I:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = I:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = I:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - I:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - I:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - I:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - I:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: i:\windows\system32\nwprovau.dll
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - I:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - I:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - I:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Updater Service (gusvc) - Google - I:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - I:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - I:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - I:\WINDOWS\runservice.exe
O23 - Service: Lookout Citadel Server (LkCitadelServer) - Unknown owner - I:\WINDOWS\system32\lkcitdl.exe (file missing)
O23 - Service: National Instruments PSP Server Locator (lkClassAds) - Unknown owner - I:\WINDOWS\system32\lkads.exe (file missing)
O23 - Service: National Instruments Time Synchronization (lkTimeSync) - Unknown owner - I:\WINDOWS\system32\lktsrv.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe
O23 - Service: OpcEnum - Unknown owner - I:\WINDOWS\system32\OpcEnum.exe (file missing)

--
End of file - 9667 bytes

Je n'ai toujours pas de barre de tache a pars si je vais en télécharger une. Mais même quand j'en télécharge un je peu plus acceder à mes documents. Je comprend pas. Et si je formate est ce que je peu etre sur que mes fichiers sont bien sur mon disque dur? j'aimerais ne pas tout perdre.

Non toujours pas. Je suis vraiment désolé, c'est la première fois que ce probleme arrive à quelqu'un? Merci d'essayer de trouver une solution a mon problème moi je suis completement perdu.

C'est là que je me sent très bête car malheuresement j'ai pas voulu acheté de windows du coup maintenant je me retrouve sans véritable cd windows pour restaurer.Je n'ai même pas de cd du tous on me l'avait prété a l'époque.

ok d'accord merci pour tous. Vraiment sympa ton aide.
A une prochaine fois peu étre pour un problème plus simple a résoudre j'éspère!