[Résolu] Rapport hijackthis

Bonsoir à tous,

j'ai des problème pour me connecter sur internet, je n'y arrive pas dutout même!!!

C'est pourquoi j'ai fais un scan hijackthis, mais j'arrive pas à touver ce qui ne joue pas et qui pourrait avoir un lien avec mon problème de connexion.

Si quelqu'un arriverait à me dire si le scan comporte des anormlalies ^^

Merci d'avance



Logfile of HijackThis v1.99.1
Scan saved at 22:55:41, on 06.05.2009
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir Desktop\sched.exe
C:\Program Files\Avira\AntiVir Desktop\avguard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\CTHELPER.EXE
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Mélissa\Bureau\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.fr.msn.ch/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINDOWS\p_981116.exe /Q:A
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://go.securelive.com/speed/uk/WebInstall.dll
O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FICHIE~1\SONYSH~1\AVLib\Sptisrv.exe

Slt Destrio,

j'ai commencé l'analyse, dès que c'est fini je la poste
Cependant, puis mettre à jour windows sans la connexion ? et comment?
merci

Voila le résultat du scan:

Malwarebytes' Anti-Malware 1.36
Version de la base de données: 1945
Windows 5.1.2600 Service Pack 1

07.05.2009 00:11:40
mbam-log-2009-05-07 (00-11-40).txt

Type de recherche: Examen rapide
Eléments examinés: 63346
Temps écoulé: 9 minute(s), 16 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 13
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 6
Fichier(s) infecté(s): 89

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\TypeLib\{0494d0d0-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0494d0d4-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0494d0d6-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0494d0da-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{0494d0dc-f8e0-41ad-92a3-14154ece70ac} (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\Comet (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\MyWay (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar (Adware.MyWay) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin (Adware.MyWay) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\Comet\Install\Temp\addremove.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\angel.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\armask.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\arskin.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\autosrch.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\band.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\brbho12a.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\cc3.ico (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\CC_42_1x.inf (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\close.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\clsdown.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\clsmask.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\clsover.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\clsskin.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\cnfmgr.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\comet.exe (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\comutil.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\context.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\controlpanel.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\core.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\csapputil.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\CSBand.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\csbho.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\csbrange.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\cscore.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\csctx.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\cseng.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\csietb.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\csinst.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\csres.dat (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\csutil.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\czlink.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\def_arr.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\fclnk.exe (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\fileutil.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\friend.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\help.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\instcore.exe (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\intro.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\license.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\logging.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\luiclient.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\MasterConfig.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\mcc2.ico (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\mccmask.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\mccoff.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\mccskin.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\nletter.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\onlinecheck.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\orbitz.xsl (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\pcursor.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\pix.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\refbutton.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\related.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\related.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\related.xsl (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\scr_mcc.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\scr_wait.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\skinui.dll (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\strip.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\supdate.cab (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\supdate.cab.di (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\tbmgr.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\tbproducts.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\title.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\titlelabel_ar.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\title_arui.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\toolbar.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\travel.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\travel_context.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\unins.ico (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_autosearch.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_errorsearch.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_funbutton.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_funcursors.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_platform.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_refbutton.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_relatedsearch.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_searchassist.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_shopbutton.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_travel.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_travelbutton.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_webbutton.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\un_webcursors.xml (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\update.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\utillauncher.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\vdivider.gif (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\Comet\Install\Temp\winutil.js (Spyware.Comet.Cursor) -> Quarantined and deleted successfully.
C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL (Adware.MyWay) -> Quarantined and deleted successfully.

Re ^^
ayant fait tes manipulations comme décrit, le PC à redémarrer, mais j'ai pas d'accès disponible

Par modem, j'ai deux PC sur celui-ci.
Celui que j'utilise ici (ethernet), puis l'autre par usb qui ne veut pas être mon ami et fonctioner

Installe le SP2 :
http://www.microsoft.com/downloads [...] laylang=fr

---> Tu verras si ton modem est reconnu.

Je vais bien.

C'est quoi comme modem ?

Tu as essayé un autre port USB ?

Pas reconnu dans le gestionnaire de périphériques, c'est ça ?

/!\ Désactive tes protections résidentes (Antivirus, etc...) /!\

• Télécharge ComboFix (sUBs) sur ton Bureau.
• Double-clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
• Il va te demander d'installer la console de récupération : accepte.
• Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\Combofix.txt) dans ta prochaine réponse.

Pour t'aider : Un guide et un tutoriel sur l'utilisation de ComboFix

Ok

Merci pour les nouvelles

Si tu estimes que ton problème est résolu :

---> Ajoute maintenant [Résolu] au titre. Pour cela :

• Clique, dans ton premier message, sur le bouton Editer .
• Rajoute la mention [Résolu] devant le titre.
• Clique ensuite sur Valider votre message.