bonjour

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

Voici le rapport:

Logfile of HijackThis v1.99.1
Scan saved at 21:55:37, on 14/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\windows\system32\jnwnw64j.exe
C:\WINDOWS\system32\lcntokdm.exe
C:\WINDOWS\System32\Rundll32.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\Creative\Shared Files\CamTray.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\nom\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.whynotsearchhere.com/start.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2D21F137-3A44-43F1-B095-02B766F7D0DD} - C:\WINDOWS\system32\ljJCspnm.dll
O2 - BHO: &Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MySidesearch Search Assistant - {9506910A-0F94-4ea1-B567-7070428B8B2B} - C:\WINDOWS\system32\mysidesearch_sidebar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: gooochi browser optimizer - {b0e5a149-bd62-71db-a197-428ea713581b} - C:\WINDOWS\system32\{30919fbb-7533-2861-2681-ae6cb471c660}.dll
O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SpeedOptimizer] "C:\Program Files\SpeedOptimizer\SPO.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [{BD-D0-0C-C0-DW}] C:\windows\system32\jnwnw64j.exe DWramFF
O4 - HKLM\..\Run: [ExploreUpdSched] C:\WINDOWS\system32\lcntokdm.exe DWramFF
O4 - HKLM\..\Run: [{747e46c6-37ee-d92f-62bb-ffad02d2b37a}] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\{30919fbb-7533-2861-2681-ae6cb471c660}.dll" DllInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WinUpdater] "C:\Program Files\winvi\update.exe" /background
O4 - HKCU\..\Run: [WebSUpdater] "C:\Program Files\winvi\wupda.exe" /background
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Deewoo.lnk = C:\WINDOWS\system32\lcntokdm.exe
O4 - Startup: DW_Start.lnk = C:\WINDOWS\system32\jnwnw64j.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} (SopCore Control) - http://stoogetv.com/SOPCORE.CAB
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V0 [...] /CTPID.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: ljJCspnm - C:\WINDOWS\SYSTEM32\ljJCspnm.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

Rapport MBAM:

Malwarebytes' Anti-Malware 1.12
Version de la base de données: 752

Type de recherche: Examen complet (C:\|)
Eléments examinés: 53947
Temps écoulé: 1 hour(s), 2 minute(s), 29 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 33
Valeur(s) du Registre infectée(s): 3
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 4

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\CLSID\{b0e5a149-bd62-71db-a197-428ea713581b} (Adware.Vapsup) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b0e5a149-bd62-71db-a197-428ea713581b} (Adware.Vapsup) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{9506910a-0f94-4ea1-b567-7070428b8b2b} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{1e404d48-670a-4085-a6a0-d195793ddd33} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{1e404d48-670a-4085-a6a0-d195793ddd33} (Adware.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9506910a-0f94-4ea1-b567-7070428b8b2b} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{faba076a-478a-4c32-a0a5-c774607901c2} (Adware.BHO) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{faba076a-478a-4c32-a0a5-c774607901c2} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{8d71eeb8-a1a7-4733-8fa2-1cac015c967d} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{9f593aac-ca4c-4a41-a7ff-a00812192d61} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{749ec66f-a838-4b38-b8e5-e65d905fff74} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.iebutton (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.iebutton.1 (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{c9ccbb35-d123-4a31-affc-9b2933132116} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.hbinfoband.1 (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{a7cddcdc-beeb-4685-a062-978f5e07ceee} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.iebuttona.1 (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{a16ad1e9-f69a-45af-9462-b1c286708842} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.hbax (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.hbax.1 (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{20ea9658-6bc3-4599-a87d-6371fe9295fc} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\shoppingreport.rprtctrl.1 (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{100eb1fd-d03e-47fd-81f3-ee91287f9465} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{8ad9ad05-36be-4e40-ba62-5422eb0d02fb} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{aebf09e2-0c15-43c8-99bf-928c645d98a0} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{d8560ac2-21b5-4c1a-bdd4-bd12bc83b082} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{cdca70d8-c6a6-49ee-9bed-7429d6c477a2} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d136987f-e1c4-4ccc-a220-893df03ec5df} (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{e343edfc-1e6c-4cb5-aa29-e9c922641c80} (Adware.Shopping.Report) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\{747e46c6-37ee-d92f-62bb-ffad02d2b37a} (Adware.Vapsup) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\system32\{30919fbb-7533-2861-2681-ae6cb471c660}.dll (Adware.Vapsup) -> No action taken.
C:\WINDOWS\system32\mysidesearch_sidebar.dll (Adware.BHO) -> No action taken.
C:\Documents and Settings\nom\Local Settings\Temporary Internet Files\Content.IE5\WXXDCERB\dm[1].exe (Trojan.Downloader) -> No action taken.
C:\Documents and Settings\nom\Local Settings\Temporary Internet Files\Content.IE5\X0EKTZKK\dm[1].exe (Trojan.Downloader) -> No action taken.

Le nouveau rapport (j'espère qu'il ne manque rien):

Malwarebytes' Anti-Malware 1.12
Version de la base de données: 752

Type de recherche: Examen complet (C:\|)
Eléments examinés: 141838
Temps écoulé: 39 minute(s), 35 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 3
Clé(s) du Registre infectée(s): 27
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 14
Fichier(s) infecté(s): 37

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\awpqrhcs.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\byXNdcDw.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\ljJCspnm.dll (Trojan.Vundo) -> No action taken.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{599d5fca-393e-42d7-9b5e-237ef9eb3af0} (Trojan.Vundo) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{599d5fca-393e-42d7-9b5e-237ef9eb3af0} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\mysidesearchsearchassistant (Adware.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\gooochi (Adware.Vapsup) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\shoppingreport (Adware.Shopping.Report) -> No action taken.
HKEY_CLASSES_ROOT\AppID\Sidebar.DLL (Adware.BHO) -> No action taken.
HKEY_CURRENT_USER\Software\MySidesearch (Adware.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\VideoEgg (Adware.VideoEgg) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videoegg.com/Publisher,version=1.5 (Adware.VideoEgg) -> No action taken.
HKEY_CURRENT_USER\Software\VideoEgg (Adware.VideoEgg) -> No action taken.
HKEY_CURRENT_USER\Software\MozillaPlugins\@videoegg.com/Publisher,version=1.5 (Adware.VideoEgg) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Deewoo Network Manager (Adware.Radio) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winvi (Adware.SoftMate) -> No action taken.
HKEY_CURRENT_USER\Software\winvi (Adware.SoftMate) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{2d21f137-3a44-43f1-b095-02b766f7d0dd} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2d21f137-3a44-43f1-b095-02b766f7d0dd} (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ljjcspnm (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\Software\ShoppingReport (Adware.Shopping.Report) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\ShoppingReport (Adware.Shopping.Report) -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\runtime (Rootkit.Agent) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\fccbd06f (Trojan.Vundo) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\WinUpdater (Trojan.Downloader) -> No action taken.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\WebSUpdater (Trojan.Downloader) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\BMfff8e3f3 (Trojan.Agent) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{2d21f137-3a44-43f1-b095-02b766f7d0dd} (Trojan.Vundo) -> No action taken.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\byxndcdw -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\byxndcdw -> No action taken.

Dossier(s) infecté(s):
C:\Program Files\ShoppingReport (Adware.Shopping.Report) -> No action taken.
C:\Program Files\ShoppingReport\Bin (Adware.Shopping.Report) -> No action taken.
C:\Program Files\ShoppingReport\cs (Adware.Shopping.Report) -> No action taken.
C:\Program Files\ShoppingReport\Bin\2.0.26 (Adware.Shopping.Report) -> No action taken.
C:\Program Files\Helper (Adware.BHO) -> No action taken.
C:\Program Files\winvi (Adware.SoftMate) -> No action taken.
C:\Program Files\winvi\dsktp (Adware.SoftMate) -> No action taken.
C:\WINDOWS\system32\dFrnx05 (Trojan.Agent) -> No action taken.
C:\Documents and Settings\nom\Application Data\ShoppingReport (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\nom\Application Data\ShoppingReport\cs (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\nom\Application Data\ShoppingReport\cs\db (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\nom\Application Data\ShoppingReport\cs\dwld (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\nom\Application Data\ShoppingReport\cs\report (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\nom\Application Data\ShoppingReport\cs\res1 (Adware.Shopping.Report) -> No action taken.

Fichier(s) infecté(s):
C:\WINDOWS\system32\awpqrhcs.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\schrqpwa.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\byXNdcDw.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\wDcdNXyb.ini (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\wDcdNXyb.ini2 (Trojan.Vundo) -> No action taken.
C:\System Volume Information\_restore{5EF8B5D2-8566-4E17-B870-EE2DC800351E}\RP406\A0060493.dll (Adware.Vapsup) -> No action taken.
C:\WINDOWS\system32\mysidesearch_sidebar_uninstall.exe (Adware.BHO) -> No action taken.
C:\WINDOWS\system32\{30919fbb-7533-2861-2681-ae6cb471c660}.dll-uninst.exe (Adware.Vapsup) -> No action taken.
C:\WINDOWS\system32\dFrnx05\dFrnx051080.exe (Trojan.DownLoader) -> No action taken.
C:\WINDOWS\system32\GUI2\FI-dt4x.exe (Trojan.Downloader) -> No action taken.
C:\WINDOWS\system32\polX\roEbdll2.exe (Trojan.StartPage) -> No action taken.
C:\WINDOWS\Temp\7CF28762C38CA0D4.tmp (Trojan.Dropper) -> No action taken.
C:\WINDOWS\Temp\AE8AB41F91F72503.tmp (Malware.Trace) -> No action taken.
C:\Program Files\ShoppingReport\Uninst.exe (Adware.Shopping.Report) -> No action taken.
C:\Program Files\winvi\Uninst.exe (Adware.SoftMate) -> No action taken.
C:\Program Files\winvi\version.ini (Adware.SoftMate) -> No action taken.
C:\Program Files\winvi\dsktp\AC_RunActiveContent.js (Adware.SoftMate) -> No action taken.
C:\Program Files\winvi\dsktp\desktop.html (Adware.SoftMate) -> No action taken.
C:\Program Files\winvi\dsktp\internetDetection.swf (Adware.SoftMate) -> No action taken.
C:\Program Files\winvi\dsktp\settings.sol (Adware.SoftMate) -> No action taken.
C:\Documents and Settings\nom\Application Data\ShoppingReport\cs\Config.xml (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\nom\Application Data\ShoppingReport\cs\db\Aliases.dbs (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\nom\Application Data\ShoppingReport\cs\db\Sites.dbs (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\nom\Application Data\ShoppingReport\cs\dwld\WhiteList.xip (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\nom\Application Data\ShoppingReport\cs\report\aggr_storage.xml (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\nom\Application Data\ShoppingReport\cs\report\send_storage.xml (Adware.Shopping.Report) -> No action taken.
C:\Documents and Settings\nom\Application Data\ShoppingReport\cs\res1\WhiteList.dbs (Adware.Shopping.Report) -> No action taken.
C:\WINDOWS\system32\winpfz33.sys (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\vrahwodn.dll (Trojan.Agent) -> No action taken.
C:\WINDOWS\system32\pac.txt (Malware.Trace) -> No action taken.
C:\WINDOWS\rs.txt (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\msnav32.ax (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\zxdnt3d.cfg (Malware.Trace) -> No action taken.
C:\WINDOWS\system32\ljJCspnm.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\5_exception.nls (Trojan.Tibs) -> No action taken.
C:\Documents and Settings\nom\Local Settings\Temp\laf4D.tmp (Trojan.Zlob) -> No action taken.
C:\WINDOWS\explorer.exe.tmp (Heuristics.Reserved.Word.Exploit) -> No action taken.

Je comprends pas je t'assure que j'ai fais exactement ce que tu m'as dit de faire. J'ai supprimé la sélection comme tu me l'a dit puis j'ai enregistré le rapport, c'est bizarre. J'ai peut-être fais une erreur mais j'ai pas l'impression. Je vais le refaire ainsi que le combofix et hijackthis!!

bonjour

il me faut le rapport C:\Combofix.txt

Compte rendu de ComboFix:

ComboFix 08-05-15.3 - nom 2008-05-18 23:08:54.2 - NTFSx86
Endroit: C:\Documents and Settings\nom\Bureau\ComboFix.exe

[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\WINDOWS\dat.txt
C:\WINDOWS\Downloaded Program Files\setup.inf
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\wDcdNXyb.ini

.
((((((((((((((((((((((((((((( Fichiers créés 2008-04-18 to 2008-05-18 ))))))))))))))))))))))))))))))))))))
.

2008-05-16 06:42 . 2008-05-16 16:22 94,208 --------- C:\WINDOWS\system32\awpqrhcs.dll
2008-05-16 06:41 . 2008-05-16 10:24 109,883 --a------ C:\WINDOWS\BMfff8e3f3.xml
2008-05-15 22:05 . 2008-05-15 22:05 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-15 22:05 . 2008-05-15 22:05 <REP> d-------- C:\Documents and Settings\nom\Application Data\Malwarebytes
2008-05-15 22:05 . 2008-05-15 22:05 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-05-15 22:05 . 2008-05-05 20:46 27,048 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-05-15 22:05 . 2008-05-05 20:46 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-05-13 16:33 . 2008-05-13 16:33 401,972 --a------ C:\WINDOWS\system32\g30.exe
2008-05-13 16:25 . 2008-05-16 16:22 <REP> d-------- C:\WINDOWS\system32\polX
2008-05-13 16:25 . 2008-05-16 16:22 <REP> d-------- C:\WINDOWS\system32\GUI2
2008-05-13 16:25 . 2008-05-16 13:54 <REP> d-------- C:\WINDOWS\system32\binR
2008-05-13 16:25 . 2008-05-13 16:25 <REP> d-------- C:\WINDOWS\system32\3036a
2008-05-13 16:25 . 2008-05-13 16:25 <REP> d-------- C:\Temp\tmpvc14
2008-05-13 16:25 . 2008-05-18 01:06 <REP> d-------- C:\Temp
2008-05-13 16:25 . 2008-05-13 16:25 494,165 --a------ C:\Temp\dUbc1002.exe
2008-05-13 16:25 . 2008-05-13 16:26 298,311 --a------ C:\WINDOWS\system32\gside.exe
2008-05-08 22:49 . 2008-05-08 22:31 <REP> d-------- C:\PS3
2008-04-21 17:42 . 2008-04-21 17:42 <REP> d-------- C:\Nouveau dossier
2008-04-21 17:13 . 2008-04-21 17:13 <REP> d-------- C:\Program Files\Winamp Remote
2008-04-21 17:13 . 2008-04-21 17:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\OrbNetworks

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-17 09:07 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-05-17 02:42 --------- d-----w C:\Program Files\SpeedFan
2008-05-16 07:22 --------- d-----w C:\Program Files\eMule
2008-05-16 01:11 --------- d-----w C:\Documents and Settings\nom\Application Data\uTorrent
2008-05-13 15:31 --------- d-----w C:\Program Files\Incomplete
2008-05-13 15:27 --------- d-----w C:\Documents and Settings\nom\Application Data\LimeWire
2008-05-13 15:26 --------- d-----w C:\Program Files\LimeWire
2008-05-01 22:31 5,632 ----a-w C:\WINDOWS\system32\drivers\StarOpen.sys
2008-04-21 15:15 --------- d-----w C:\Program Files\Winamp
2008-04-14 23:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe Systems
2008-04-14 23:14 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-04-14 23:13 --------- d-----w C:\Program Files\Fichiers communs\Adobe Systems Shared
2008-04-14 20:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-04-14 20:08 --------- d-----w C:\Program Files\Fichiers communs\Macrovision Shared
2008-04-06 15:25 --------- d-----w C:\Program Files\TVAnts
2008-03-31 09:55 2,162 ----a-w C:\WINDOWS\system32\PerfStringBackup.TMP
2008-03-31 00:56 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-03-28 21:11 --------- d-----w C:\Documents and Settings\nom\Application Data\Renoise
2008-03-28 21:07 --------- d-----w C:\Program Files\Renoise 1.9.1
2008-03-26 10:42 --------- d-----w C:\Program Files\iTunes
2008-03-26 10:42 --------- d-----w C:\Program Files\iPod
2008-03-26 10:40 --------- d-----w C:\Program Files\QuickTime
2008-03-26 10:40 --------- d-----w C:\Program Files\Bonjour
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-24 17:15 --------- d-----w C:\Program Files\uTorrent
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-19 08:36 --------- d-----w C:\Program Files\DAP
2008-03-01 12:58 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-01-26 07:13 4 --sh--r C:\Documents and Settings\All Users\Application Data\sysqcl1129139270.dat
2008-01-24 01:40 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2007-11-02 11:33 56 --sh--r C:\WINDOWS\system32\4A8AB8273B.sys
2007-11-02 11:33 3,350 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( snapshot@2008-05-18_ 1.33.26.43 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-17 23:13:47 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-18 20:15:52 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-18 20:16:00 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_514.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]
"MSMSGS"="C:\Program Files\Messenger\MSMSGS.exe" [2004-10-13 18:24 1694208]
"Creative WebCam Tray"="C:\Program Files\Creative\Shared Files\CamTray.exe" [2005-10-27 12:00 299008]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-03 03:29 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 09:06 88363 C:\WINDOWS\AGRSMMSG.exe]
"Cmaudio"="cmicnfg.cpl" []
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 15:28 577536 C:\WINDOWS\soundman.exe]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [2007-03-16 11:45 63712]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-13 05:11 185784]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00 132496]
"SpeedOptimizer"="C:\Program Files\SpeedOptimizer\SPO.exe" [2008-01-24 16:07 853488]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-02-01 00:13 385024]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 14:10 267048]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 01:09 15360]

C:\Documents and Settings\nom\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50 113664]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office\OSA9.EXE [1999-02-17 16:05:56 65588]
Run Google Web Accelerator.lnk - C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe [2007-07-09 22:24:38 1134592]
Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2007-02-05 16:40:46 118784]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 16:39 294400]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Mps70.sys]
@="Driver"

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\DAP\\DAP.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\SopCast\\SopCast.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\TVAnts\\Tvants.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
R3 V0260VID;Live! Cam Vista IM;C:\WINDOWS\system32\DRIVERS\V0260Vid.sys [2006-11-04 00:45]
S3 cpuz129;cpuz129;C:\DOCUME~1\nom\LOCALS~1\Temp\cpuz_x32.sys []
S3 idrmkl;idrmkl;C:\DOCUME~1\nom\LOCALS~1\Temp\idrmkl.sys []
S3 Mps70;Mps70;C:\WINDOWS\System32\drivers\Mps70.sys [2008-01-24 23:47]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 17:57]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 17:58]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 17:59]

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-05-05 18:36:10 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-05-18 20:20:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"
- C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-18 23:13:35
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...


**************************************************************************
.
Temps d'accomplissement: 2008-05-18 23:18:01
ComboFix-quarantined-files.txt 2008-05-18 21:16:56

Pre-Run: 101,409,828,864 octets libres
Post-Run: 101,400,530,944 octets libres

169 --- E O F --- 2008-05-17 03:19:03

Rapport Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:22:50, on 18/05/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\Program Files\Creative\Shared Files\CamTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.whynotsearchhere.com/start.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: &Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SpeedOptimizer] "C:\Program Files\SpeedOptimizer\SPO.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} (SopCore Control) - http://stoogetv.com/SOPCORE.CAB
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V0 [...] /CTPID.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - 9360 bytes

Rapport Antivir:

Avira AntiVir Personal
Report file date: 2008-05-19 22:53

Scanning for 1279773 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: nom
Computer name: PC-SFP3YX2E5TUW

Version information:
BUILD.DAT : 8.1.00.295 16479 Bytes 2008-04-09 16:24:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 2008-03-18 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 2008-02-07 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 2008-02-28 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 2008-02-21 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 2008-03-07 13:08:58
ANTIVIR2.VDF : 7.0.4.53 1848832 Bytes 2008-05-17 20:38:34
ANTIVIR3.VDF : 7.0.4.62 56320 Bytes 2008-05-19 20:38:35
Engineversion : 8.1.0.46
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
AESCRIPT.DLL : 8.1.0.33 266618 Bytes 2008-05-19 20:38:52
AESCN.DLL : 8.1.0.18 119156 Bytes 2008-05-19 20:38:51
AERDL.DLL : 8.1.0.20 418165 Bytes 2008-05-19 20:38:50
AEPACK.DLL : 8.1.1.5 364918 Bytes 2008-05-19 20:38:48
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 2008-05-19 20:38:46
AEHEUR.DLL : 8.1.0.29 1253750 Bytes 2008-05-19 20:38:45
AEHELP.DLL : 8.1.0.14 115063 Bytes 2008-05-19 20:38:40
AEGEN.DLL : 8.1.0.21 303477 Bytes 2008-05-19 20:38:39
AEEMU.DLL : 8.1.0.6 430451 Bytes 2008-05-19 20:38:37
AECORE.DLL : 8.1.0.29 168311 Bytes 2008-05-19 20:38:36
AVWINLL.DLL : 1.0.0.7 14593 Bytes 2008-01-23 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 2008-02-18 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 2008-01-23 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 2008-02-28 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 2008-01-23 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 2008-03-10 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 2008-03-06 12:02:11

Configuration settings for the scan:
Jobname..........................: Manual Selection
Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\folder.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: medium
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: 2008-05-19 22:53

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'avgnt.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'iPodService.exe' - '1' Module(s) have been scanned
Scan process 'GoogleWebAccClient.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'GoogleWebAccWarden.exe' - '1' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '1' Module(s) have been scanned
Scan process 'CamTray.exe' - '1' Module(s) have been scanned
Scan process 'msmsgs.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'iTunesHelper.exe' - '1' Module(s) have been scanned
Scan process 'jusched.exe' - '1' Module(s) have been scanned
Scan process 'realsched.exe' - '1' Module(s) have been scanned
Scan process 'apdproxy.exe' - '1' Module(s) have been scanned
Scan process 'soundman.exe' - '1' Module(s) have been scanned
Scan process 'AGRSMMSG.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'searchindexer.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
38 processes with 38 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '32' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
C:\ComboFix\NirCmdC.cfexe
[DETECTION] Contains detection pattern of the application APPL/Tool.NirCmd.D
[WARNING] The file was ignored!
C:\ComboFix\psexec.cfexe
[DETECTION] Contains detection pattern of the application APPL/Rmadmin.131072
[WARNING] The file was ignored!
C:\ComboFix\pv.cfexe
[DETECTION] Contains detection pattern of the SPR/Tool.PV program
[WARNING] The file was ignored!
C:\Documents and Settings\nom\Bureau\ComboFix.exe
[DETECTION] Contains detection pattern of the application APPL/Tool.NirCmd.D
[DETECTION] Contains detection pattern of the application APPL/Rmadmin.131072
[DETECTION] Contains detection pattern of the SPR/Tool.PV program
[WARNING] The file was ignored!
C:\Program Files\Incomplete\T-3545425-money world killa tay.mp3
[DETECTION] Is the Trojan horse TR/Dldr.WMA.Wimad.N
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\Temp\dUbc1002.exe.vir
[DETECTION] Contains detection pattern of the dropper DR/Dldr.Small.buy.142
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\awpqrhcs.dll.vir
[DETECTION] Is the Trojan horse TR/Trash.Gen
[NOTE] The file was deleted!
C:\QooBox\Quarantine\C\WINDOWS\system32\g30.exe.vir
[DETECTION] Contains detection pattern of the dropper DR/Agent.byy
[NOTE] The file was deleted!


End of the scan: 2008-05-20 00:09
Used time: 1:15:16 min

The scan has been done completely.

8259 Scanning directories
196158 Files were scanned
10 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
4 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
196148 Files not concerned
1413 Archives were scanned
5 Warnings
4 Notes

[b]Concernant le rapport ComboFix, aucun rapport n'est apparu et tu me dis que je peux le trouver dans C:\ComboFix.txt mais je ne sais pas ou il se trouve!![/b]

OK MERCI j'y avais etait pourtant mais je l'avais pas capté lolhttp://img.infos-du-net.com/forum/icones/smilies/lol.gif


Rapport Combofix :

ComboFix 08-05-15.3 - nom 2008-05-19 15:54:11.3 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.86 [GMT 2:00]
Endroit: C:\Documents and Settings\nom\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\nom\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]

FILE ::
C:\Temp\dUbc1002.exe
C:\WINDOWS\BMfff8e3f3.xml
C:\WINDOWS\system32\awpqrhcs.dll
C:\WINDOWS\System32\drivers\Mps70.sys
C:\WINDOWS\system32\g30.exe
C:\WINDOWS\system32\gside.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\nom\Local Settings\Application Data\daavljheab.dat
C:\Documents and Settings\nom\Local Settings\Application Data\daavljheab_nav.dat
C:\Documents and Settings\nom\Local Settings\Application Data\daavljheab_navps.dat
C:\Temp\dUbc1002.exe
C:\Temp\tmpvc14
C:\Temp\tmpvc14\dllvc.log
C:\WINDOWS\BMfff8e3f3.xml
C:\WINDOWS\system32\3036a
C:\WINDOWS\system32\awpqrhcs.dll
C:\WINDOWS\system32\binR
C:\WINDOWS\System32\drivers\Mps70.sys
C:\WINDOWS\system32\g30.exe
C:\WINDOWS\system32\gside.exe
C:\WINDOWS\system32\GUI2
C:\WINDOWS\system32\polX

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_CPUZ129
-------\Legacy_IDRMKL
-------\Service_cpuz129
-------\Service_idrmkl
-------\Service_Mps70


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-19 to 2008-05-19 ))))))))))))))))))))))))))))))))))))
.

2008-05-18 23:22 . 2008-05-18 23:22 <REP> d-------- C:\Program Files\Trend Micro
2008-05-15 22:05 . 2008-05-15 22:05 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-15 22:05 . 2008-05-15 22:05 <REP> d-------- C:\Documents and Settings\nom\Application Data\Malwarebytes
2008-05-15 22:05 . 2008-05-15 22:05 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-05-15 22:05 . 2008-05-05 20:46 27,048 --a------ C:\WINDOWS\system32\drivers\mbamcatchme.sys
2008-05-15 22:05 . 2008-05-05 20:46 15,864 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-05-13 16:25 . 2008-05-19 15:54 <REP> d-------- C:\Temp
2008-05-08 22:49 . 2008-05-08 22:31 <REP> d-------- C:\PS3
2008-04-21 17:42 . 2008-04-21 17:42 <REP> d-------- C:\Nouveau dossier
2008-04-21 17:13 . 2008-04-21 17:13 <REP> d-------- C:\Program Files\Winamp Remote
2008-04-21 17:13 . 2008-04-21 17:14 <REP> d-------- C:\Documents and Settings\All Users\Application Data\OrbNetworks

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-18 22:11 --------- d-----w C:\Program Files\eMule
2008-05-17 09:07 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-05-17 02:42 --------- d-----w C:\Program Files\SpeedFan
2008-05-16 01:11 --------- d-----w C:\Documents and Settings\nom\Application Data\uTorrent
2008-05-13 15:31 --------- d-----w C:\Program Files\Incomplete
2008-05-13 15:27 --------- d-----w C:\Documents and Settings\nom\Application Data\LimeWire
2008-05-13 15:26 --------- d-----w C:\Program Files\LimeWire
2008-05-01 22:31 5,632 ----a-w C:\WINDOWS\system32\drivers\StarOpen.sys
2008-04-21 15:15 --------- d-----w C:\Program Files\Winamp
2008-04-14 23:20 --------- d-----w C:\Documents and Settings\All Users\Application Data\Adobe Systems
2008-04-14 23:14 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-04-14 23:13 --------- d-----w C:\Program Files\Fichiers communs\Adobe Systems Shared
2008-04-14 20:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-04-14 20:08 --------- d-----w C:\Program Files\Fichiers communs\Macrovision Shared
2008-04-06 15:25 --------- d-----w C:\Program Files\TVAnts
2008-03-31 09:55 2,162 ----a-w C:\WINDOWS\system32\PerfStringBackup.TMP
2008-03-31 00:56 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-03-28 21:11 --------- d-----w C:\Documents and Settings\nom\Application Data\Renoise
2008-03-28 21:07 --------- d-----w C:\Program Files\Renoise 1.9.1
2008-03-26 10:42 --------- d-----w C:\Program Files\iTunes
2008-03-26 10:42 --------- d-----w C:\Program Files\iPod
2008-03-26 10:40 --------- d-----w C:\Program Files\QuickTime
2008-03-26 10:40 --------- d-----w C:\Program Files\Bonjour
2008-03-25 04:51 621,344 ----a-w C:\WINDOWS\system32\mswstr10.dll
2008-03-25 04:51 194,144 ----a-w C:\WINDOWS\system32\msjint40.dll
2008-03-24 17:15 --------- d-----w C:\Program Files\uTorrent
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-19 08:36 --------- d-----w C:\Program Files\DAP
2008-03-01 12:58 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-01-26 07:13 4 --sh--r C:\Documents and Settings\All Users\Application Data\sysqcl1129139270.dat
2008-01-24 01:40 32 ----a-w C:\Documents and Settings\All Users\Application Data\ezsid.dat
2007-11-02 11:33 56 --sh--r C:\WINDOWS\system32\4A8AB8273B.sys
2007-11-02 11:33 3,350 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( snapshot@2008-05-18_ 1.33.26.43 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-17 23:13:47 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-19 14:00:23 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2008-05-19 14:00:32 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_548.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 01:09 15360]
"MSMSGS"="C:\Program Files\Messenger\MSMSGS.exe" [2004-10-13 18:24 1694208]
"Creative WebCam Tray"="C:\Program Files\Creative\Shared Files\CamTray.exe" [2005-10-27 12:00 299008]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-03 03:29 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 09:06 88363 C:\WINDOWS\AGRSMMSG.exe]
"Cmaudio"="cmicnfg.cpl" []
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 15:28 577536 C:\WINDOWS\soundman.exe]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe" [ ]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-13 05:11 185784]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00 132496]
"SpeedOptimizer"="C:\Program Files\SpeedOptimizer\SPO.exe" [2008-01-24 16:07 853488]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-02-01 00:13 385024]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 14:10 267048]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-20 01:09 15360]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2007-02-05 16:39 294400]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\DAP\\DAP.exe"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\SopCast\\SopCast.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Internet Explorer\\iexplore.exe"=
"C:\\Program Files\\SopCast\\adv\\SopAdver.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\TVAnts\\Tvants.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
R3 V0260VID;Live! Cam Vista IM;C:\WINDOWS\system32\DRIVERS\V0260Vid.sys [2006-11-04 00:45]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 17:57]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 17:58]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 17:59]

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-05-05 18:36:10 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-05-19 13:20:00 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"

Bonjour,

mon pc est clean le fonds d'ecran du bureau est revenu tout ca grace a toi je te remercie beaucoup.

La je reponds rapidement alors je posterai hijackthis + tard.

sinon j'aimerais savoir dois je supprimer Combofix de mon bureau ou pas? et si oui pour pouvoir le supprimer completement y a til quelquechose de special a faire ou juste le mettre dans la corbeille ? Car Antivir le detecte comme un objet malveillant.

Je suis vraiment désolé pour l'attente mais voila le rapport:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:29, on 2008-05-25
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\MSMSGS.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Creative\Shared Files\CamTray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Google\Web Accelerator\googlewebaccclient.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.whynotsearchhere.com/start.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://localhost:9100/proxy.pac
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {0A94B116-4504-4e26-AB05-E61E474AA38B} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: &Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: Ask Toolbar BHO - {F4D76F01-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Ask Toolbar - {F4D76F09-7896-458a-890F-E1F05C46069F} - C:\Program Files\AskPBar\bar\1.bin\ASKPBAR.DLL
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SpeedOptimizer] "C:\Program Files\SpeedOptimizer\SPO.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\MSMSGS.EXE" /background
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Run Google Web Accelerator.lnk = C:\Program Files\Google\Web Accelerator\GoogleWebAccWarden.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-F [...] E_UNO1.cab
O16 - DPF: {8FEFF364-6A5F-4966-A917-A3AC28411659} (SopCore Control) - http://stoogetv.com/SOPCORE.CAB
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su2/CTL_V0 [...] /CTPID.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

--
End of file - 9535 bytes

re

ok je vais faire ce que tu me dis mais je voulais te demander depuis que j'ai fais un log hijackthis licone Antivir n'apparait plus dans la barre des taches au demarrage et plus moyen de le remettre. Comment faire pour regler ca?

re

ce n'est pas possible car on n'a rien fixé avec hijackthis donc, on n'a fait qu'un log de scan, rien d'autre. L'outil n'a rien supprimé suir ton pc.
Est-ce qu'antivir tourne quand même ou pas?
fais ton scan en ligne stp

re

J'ai quand même fais un scan avec Antivir, voici le rapport:

Avira AntiVir Personal
Report file date: 2008-05-25 22:50

Scanning for 1286439 virus strains and unwanted programs.

Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Boot mode: Normally booted
Username: nom
Computer name: PC-SFP3YX2E5TUW

Version information:
BUILD.DAT : 8.1.00.296 16479 Bytes 2008-04-29 10:47:00
AVSCAN.EXE : 8.1.2.12 311553 Bytes 2008-03-18 09:02:56
AVSCAN.DLL : 8.1.1.0 53505 Bytes 2008-02-07 08:43:37
LUKE.DLL : 8.1.2.9 151809 Bytes 2008-02-28 08:41:23
LUKERES.DLL : 8.1.2.1 12033 Bytes 2008-02-21 08:28:40
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 10:33:34
ANTIVIR1.VDF : 7.0.3.2 5447168 Bytes 2008-03-07 13:08:58
ANTIVIR2.VDF : 7.0.4.53 1848832 Bytes 2008-05-17 20:38:34
ANTIVIR3.VDF : 7.0.4.87 158720 Bytes 2008-05-24 22:37:28
Engineversion : 8.1.0.46
AEVDF.DLL : 8.1.0.5 102772 Bytes 2008-02-25 09:58:21
AESCRIPT.DLL : 8.1.0.33 266618 Bytes 2008-05-19 20:38:52
AESCN.DLL : 8.1.0.18 119156 Bytes 2008-05-19 20:38:51
AERDL.DLL : 8.1.0.20 418165 Bytes 2008-05-19 20:38:50
AEPACK.DLL : 8.1.1.5 364918 Bytes 2008-05-19 20:38:48
AEOFFICE.DLL : 8.1.0.18 192890 Bytes 2008-05-19 20:38:46
AEHEUR.DLL : 8.1.0.29 1253750 Bytes 2008-05-19 20:38:45
AEHELP.DLL : 8.1.0.14 115063 Bytes 2008-05-19 20:38:40
AEGEN.DLL : 8.1.0.21 303477 Bytes 2008-05-19 20:38:39
AEEMU.DLL : 8.1.0.6 430451 Bytes 2008-05-19 20:38:37
AECORE.DLL : 8.1.0.29 168311 Bytes 2008-05-19 20:38:36
AVWINLL.DLL : 1.0.0.7 14593 Bytes 2008-01-23 17:07:53
AVPREF.DLL : 8.0.0.1 25857 Bytes 2008-02-18 10:37:50
AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 13:26:47
AVREG.DLL : 8.0.0.0 30977 Bytes 2008-01-23 17:07:49
AVARKT.DLL : 1.0.0.23 307457 Bytes 2008-02-12 08:29:23
AVEVTLOG.DLL : 8.0.0.11 114945 Bytes 2008-02-28 08:31:31
SQLITE3.DLL : 3.3.17.1 339968 Bytes 2008-01-22 17:28:02
SMTPLIB.DLL : 1.2.0.19 28929 Bytes 2008-01-23 17:08:39
NETNT.DLL : 8.0.0.1 7937 Bytes 2008-01-25 12:05:10
RCIMAGE.DLL : 8.0.0.35 2371841 Bytes 2008-03-10 14:37:25
RCTEXT.DLL : 8.0.32.0 86273 Bytes 2008-03-06 12:02:11

Configuration settings for the scan:
Jobname..........................: Local Drives
Configuration file...............: c:\program files\avira\antivir personaledition classic\alldrives.avp
Logging..........................: low
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: on
Scan boot sector.................: on
Boot sectors.....................: C:, D:,
Scan memory......................: on
Process scan.....................: on
Scan registry....................: on
Search for rootkits..............: off
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Deviating archive types..........: +BSD Mailbox, +Netscape/Mozilla Mailbox, +Eudora Mailbox, +Squid cache, +Pegasus Mailbox, +MS Outlook Mailbox,
Macro heuristic..................: on
File heuristic...................: medium
Deviating risk categories........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: 2008-05-25 22:50

The scan of running processes will be started
Scan process 'avscan.exe' - '1' Module(s) have been scanned
Scan process 'avcenter.exe' - '1' Module(s) have been scanned
Scan process 'firefox.exe' - '1' Module(s) have been scanned
Scan process 'GoogleWebAccClient.exe' - '1' Module(s) have been scanned
Scan process 'GoogleWebAccWarden.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
Scan process 'alg.exe' - '1' Module(s) have been scanned
Scan process 'searchindexer.exe' - '1' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '1' Module(s) have been scanned
Scan process 'avguard.exe' - '1' Module(s) have been scanned
Scan process 'sched.exe' - '1' Module(s) have been scanned
Scan process 'spoolsv.exe' - '1' Module(s) have been scanned
Scan process 'explorer.exe' - '1' Module(s) have been scanned
Scan process 'aawservice.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'svchost.exe' - '1' Module(s) have been scanned
Scan process 'lsass.exe' - '1' Module(s) have been scanned
Scan process 'services.exe' - '1' Module(s) have been scanned
Scan process 'winlogon.exe' - '1' Module(s) have been scanned
Scan process 'csrss.exe' - '1' Module(s) have been scanned
Scan process 'smss.exe' - '1' Module(s) have been scanned
25 processes with 25 modules were scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan the registry.
The registry was scanned ( '19' files ).


Starting the file scan:

Begin scan in 'C:\'
C:\pagefile.sys
[WARNING] The file could not be opened!
Begin scan in 'D:\'
Search path D:\ could not be opened!
Le périphérique n'est pas prêt.



End of the scan: 2008-05-25 23:30
Used time: 40:00 min

The scan has been done completely.

8324 Scanning directories
215527 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
1 Files cannot be scanned
215527 Files not concerned
1438 Archives were scanned
1 Warnings
0 Notes

re

- Réparer la barre des tâches :
Un utilitaire téléchargeable à cette adresse www.kellys-korner-xp.com/TaskbarRepairToolPlus!.zip peut vous rendre de grands services. Une fois l'archive ZIP décompressée, double-cliquez sur ce fichier exécutable : TaskbarRepairToolPlus!.exe. Une boîte de dialogue vous avertit que certaines commandes seront désactivées tant que vous n'aurez pas acquis une licence. Dans la liste déroulante Taskbar Problems, cliquez sur ce qui s'apparente à votre problème, puis cliquez sur le bouton Repair.
Voici une liste partielle des problèmes que cet utilitaire peut résoudre :
* La barre des tâches est manquante.
* Les barres d'outils de la Barre des tâches disparaissent à chaque démarrage.
* La commande Verrouiller la Barre des tâches est grisée.
* Les icônes des applications ouvertes n'apparaissent pas dans la barre des tâches.<<<--- pour toi c'est ça
* La commande Barre d'outils est grisée.
* La commande Masquer automatiquement la Barre des tâches est désactivée à chaque redémarrage.
De nombreuses autres options sont disponibles concernant la zone de notification et la zone de lancement rapide.


source:
http://www.hotline-pc.org/barredetaches.htm

re

The icons of the opened applications do not appear in the taskbar