Help me please virus bisarre !

Svp, ia donc personne pour m'aider, je suis venue spécialement chez elle se soir en pensant avoir eu une réponse, j'ai un peu de temps de dispo dans l'heure qui suit, si kk1 veut m'aider !

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:38:30, on 04/09/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18294)
Boot mode: Normal

Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\vVX1000.exe
C:\Windows\tsnp2std.exe
C:\Windows\vsnp2std.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\system32\rundll32.exe
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\wbem\wmiprvse.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.plusnetwork.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe" -delete
O4 - HKLM\..\Run: [VX1000] C:\Windows\vVX1000.exe
O4 - HKLM\..\Run: [tsnp2std] C:\Windows\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [cdromloud] "C:\ProgramData\borebuildbuild.9ift7"
O4 - HKCU\..\Run: [Help Creative Meow City] "C:\ProgramData\CAMP SIGN BIRD.9cymss"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/control [...] oader5.cab
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\coIEPlg.dll
O20 - AppInit_DLLs: C:\Windows\System32\iasads32.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.5.0.135\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 11736 bytes

Re,

Télécharge Lop S&D.exe (d’ Eric 71) sur ton Bureau.

• Double-clique sur le raccourci Lop S&D présent sur ton bureau (Si tu es sous Vista, clique droit -> exécuter en tant qu'admin)
• Séléctionne la langue souhaitée , puis choisis l'Option 1 (Recherche)
• Patiente jusqu'à la fin du scan
• Poste le rapport généré (C:\lopR.txt)

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : AMD Sempron(tm) Processor 3800+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Burnel's family ( Not Administrator ! )
BOOT : Normal boot
Antivirus : Norton Internet Security 16.2.0.7 (Activated)
Firewall : Norton Internet Security 16.2.0.7 (Activated)
C:\ (Local Disk) - NTFS - Total:141 Go (Free:84 Go)
D:\ (Local Disk) - NTFS - Total:7 Go (Free:0 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 07/09/2009|19:33 )

[ UAC => 0 ]

--------------------\\ Listing des dossiers dans Local

[27/04/2009|18:15] C:\Users\BURNEL~1\AppData\Local\Adobe
[06/01/2008|16:54] C:\Users\BURNEL~1\AppData\Local\Apple
[02/04/2008|18:40] C:\Users\BURNEL~1\AppData\Local\Apple Computer
[05/01/2008|12:07] C:\Users\BURNEL~1\AppData\Local\Application Data
[04/09/2008|23:03] C:\Users\BURNEL~1\AppData\Local\d3d9caps.dat
[08/08/2009|12:11] C:\Users\BURNEL~1\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[23/06/2009|20:40] C:\Users\BURNEL~1\AppData\Local\GDIPFONTCACHEV1.DAT
[05/06/2008|18:18] C:\Users\BURNEL~1\AppData\Local\gnc.exe
[27/08/2009|19:58] C:\Users\BURNEL~1\AppData\Local\Google
[05/01/2008|12:15] C:\Users\BURNEL~1\AppData\Local\Hewlett-Packard
[05/01/2008|12:07] C:\Users\BURNEL~1\AppData\Local\Historique
[15/01/2008|18:48] C:\Users\BURNEL~1\AppData\Local\HP
[06/09/2009|22:36] C:\Users\BURNEL~1\AppData\Local\IconCache.db
[31/08/2009|15:20] C:\Users\BURNEL~1\AppData\Local\Microsoft
[04/03/2008|20:31] C:\Users\BURNEL~1\AppData\Local\Microsoft Games
[24/05/2008|09:09] C:\Users\BURNEL~1\AppData\Local\Microsoft Help
[05/01/2008|13:22] C:\Users\BURNEL~1\AppData\Local\Mozilla
[07/11/2008|16:57] C:\Users\BURNEL~1\AppData\Local\Seven Zip
[07/09/2009|19:33] C:\Users\BURNEL~1\AppData\Local\Temp
[05/01/2008|12:07] C:\Users\BURNEL~1\AppData\Local\Temporary Internet Files
[15/02/2009|14:31] C:\Users\BURNEL~1\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[07/09/2009 17:37][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{FA9675CE-1F6B-4A41-9C4F-BA729101CF90}.job
[07/09/2009 19:27][--ah-----] C:\Windows\tasks\SA.DAT
[07/09/2009 17:46][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[07/11/2008|16:58] C:\ProgramData\{B3C2C1CD-6B77-4A96-B670-F734AC2A1CBC}
[03/12/2008|19:02] C:\ProgramData\Adobe
[09/04/2009|21:26] C:\ProgramData\aim rect help creative
[06/01/2008|16:52] C:\ProgramData\Apple
[06/01/2008|16:58] C:\ProgramData\Apple Computer
[02/11/2006|15:02] C:\ProgramData\Application Data
[09/04/2009|14:06] C:\ProgramData\borebuildbuild.0zx99g
[09/04/2009|11:54] C:\ProgramData\borebuildbuild.13ei4vy
[09/04/2009|19:35] C:\ProgramData\borebuildbuild.1sk7xd5
[09/04/2009|15:33] C:\ProgramData\borebuildbuild.3fw31
[09/04/2009|14:49] C:\ProgramData\borebuildbuild.3vqv5
[09/04/2009|16:16] C:\ProgramData\borebuildbuild.53x3lnk
[09/04/2009|16:38] C:\ProgramData\borebuildbuild.8s9cln
[09/04/2009|20:20] C:\ProgramData\borebuildbuild.98ysyx
[09/04/2009|21:05] C:\ProgramData\borebuildbuild.9ift7
[09/04/2009|19:57] C:\ProgramData\borebuildbuild.9rd9adj
[09/04/2009|13:44] C:\ProgramData\borebuildbuild.a28sw
[09/04/2009|12:38] C:\ProgramData\borebuildbuild.bar6i3
[09/04/2009|15:55] C:\ProgramData\borebuildbuild.emk0qid
[14/02/2009|19:26] C:\ProgramData\borebuildbuild.hgw0tu
[09/04/2009|13:00] C:\ProgramData\borebuildbuild.jjxg9
[09/04/2009|18:07] C:\ProgramData\borebuildbuild.noxahwy
[14/02/2009|19:26] C:\ProgramData\borebuildbuild.ns3bei
[09/04/2009|17:45] C:\ProgramData\borebuildbuild.p2rel
[09/04/2009|12:16] C:\ProgramData\borebuildbuild.qrb3pg
[09/04/2009|13:22] C:\ProgramData\borebuildbuild.vc6ls
[09/04/2009|17:23] C:\ProgramData\borebuildbuild.w1012i
[09/04/2009|19:13] C:\ProgramData\borebuildbuild.whmeixq
[09/04/2009|14:28] C:\ProgramData\borebuildbuild.wpufk6
[09/04/2009|17:01] C:\ProgramData\borebuildbuild.wy8y9
[09/04/2009|18:51] C:\ProgramData\borebuildbuild.xd24yw
[09/04/2009|20:42] C:\ProgramData\borebuildbuild.z9fwd
[09/04/2009|18:29] C:\ProgramData\borebuildbuild.zmzse
[05/01/2008|12:04] C:\ProgramData\Bureau
[14/02/2009|19:26] C:\ProgramData\CAMP SIGN BIRD.9cymss
[02/11/2006|15:02] C:\ProgramData\Desktop
[02/11/2006|15:02] C:\ProgramData\Documents
[07/02/2009|20:05] C:\ProgramData\eMule
[05/01/2008|12:04] C:\ProgramData\Favoris
[02/11/2006|15:02] C:\ProgramData\Favorites
[28/02/2009|13:24] C:\ProgramData\Google
[25/06/2009|22:22] C:\ProgramData\great hole
[05/01/2008|12:15] C:\ProgramData\Hewlett-Packard
[07/09/2007|01:25] C:\ProgramData\HP
[07/09/2007|01:26] C:\ProgramData\hpzinstall.log
[26/02/2009|14:26] C:\ProgramData\LUUnInstall.LiveUpdate
[05/01/2008|12:04] C:\ProgramData\Menu D‚marrer
[06/10/2008|19:07] C:\ProgramData\Messenger Plus!
[17/03/2008|21:00] C:\ProgramData\Microsoft
[23/06/2009|19:14] C:\ProgramData\Microsoft Help
[05/01/2008|12:04] C:\ProgramData\ModŠles
[07/09/2007|01:34] C:\ProgramData\muvee Technologies
[26/02/2009|14:19] C:\ProgramData\Norton
[26/02/2009|14:19] C:\ProgramData\NortonInstaller
[15/02/2009|10:59] C:\ProgramData\NVIDIA
[07/09/2007|01:40] C:\ProgramData\PC-Doctor
[26/02/2009|14:19] C:\ProgramData\PCSettings
[24/09/2008|09:38] C:\ProgramData\Roxio
[09/02/2009|19:40] C:\ProgramData\Skyline
[07/09/2007|01:26] C:\ProgramData\Sonic
[31/08/2009|13:31] C:\ProgramData\Spybot - Search & Destroy
[02/11/2006|15:02] C:\ProgramData\Start Menu
[26/02/2009|14:33] C:\ProgramData\Symantec
[26/02/2009|14:17] C:\ProgramData\Symantec Temporary Files
[02/11/2006|15:02] C:\ProgramData\Templates
[29/08/2009|14:50] C:\ProgramData\WindowsSearch
[14/01/2008|18:03] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[07/11/2008|16:58] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[03/12/2008|19:01] C:\Program Files\Adobe
[12/08/2009|15:15] C:\Program Files\Apple Software Update
[08/08/2009|18:52] C:\Program Files\Ask Search Assistant
[25/06/2009|22:11] C:\Program Files\AxBx
[11/04/2009|19:50] C:\Program Files\Circl Developement
[26/02/2009|14:25] C:\Program Files\Common Files
[07/09/2007|10:30] C:\Program Files\EasyBits
[07/02/2009|20:05] C:\Program Files\eMule
[05/01/2008|12:04] C:\Program Files\Fichiers communs [C:\Program Files\Common Files]
[28/02/2009|13:25] C:\Program Files\Google
[07/09/2007|01:42] C:\Program Files\Hewlett-Packard
[09/05/2009|17:31] C:\Program Files\HP
[15/03/2008|15:44] C:\Program Files\InstallShield Installation Information
[30/07/2009|10:26] C:\Program Files\Internet Explorer
[02/04/2008|11:36] C:\Program Files\iPod
[02/04/2008|11:36] C:\Program Files\iTunes
[29/10/2008|19:12] C:\Program Files\Java
[29/10/2008|18:53] C:\Program Files\LimeWire
[08/08/2009|18:52] C:\Program Files\Messenger Plus! Live
[02/11/2006|14:37] C:\Program Files\Microsoft Games
[10/01/2008|19:02] C:\Program Files\Microsoft Office
[23/06/2009|19:11] C:\Program Files\Microsoft Works
[10/01/2008|19:02] C:\Program Files\Microsoft.NET
[17/06/2009|00:08] C:\Program Files\Movie Maker
[07/09/2009|19:29] C:\Program Files\Mozilla Firefox
[02/11/2006|14:37] C:\Program Files\MSBuild
[05/01/2008|12:46] C:\Program Files\MSXML 4.0
[07/09/2007|01:34] C:\Program Files\muvee Technologies
[31/08/2009|16:06] C:\Program Files\Navilog1
[26/02/2009|14:30] C:\Program Files\Norton Internet Security
[26/02/2009|14:19] C:\Program Files\NortonInstaller
[12/01/2008|18:43] C:\Program Files\OpenOffice.org 2.3
[07/09/2007|01:58] C:\Program Files\PC-Doctor 5 for Windows
[02/04/2008|11:34] C:\Program Files\QuickTime
[09/05/2009|17:17] C:\Program Files\Realtek
[02/11/2006|14:37] C:\Program Files\Reference Assemblies
[07/09/2007|01:32] C:\Program Files\Roxio
[02/04/2008|11:40] C:\Program Files\Safari
[07/09/2007|01:44] C:\Program Files\Services en ligne
[28/12/2008|11:47] C:\Program Files\Skyline
[31/08/2009|13:28] C:\Program Files\Spybot - Search & Destroy
[26/03/2009|20:29] C:\Program Files\Symantec
[06/03/2008|19:47] C:\Program Files\Toshiba
[04/09/2009|19:36] C:\Program Files\trend micro
[02/11/2006|15:01] C:\Program Files\Uninstall Information
[16/03/2008|16:08] C:\Program Files\VideoLAN
[17/06/2009|00:08] C:\Program Files\Windows Calendar
[17/06/2009|00:08] C:\Program Files\Windows Collaboration
[17/06/2009|00:08] C:\Program Files\Windows Defender
[17/06/2009|00:08] C:\Program Files\Windows Journal
[05/01/2008|13:12] C:\Program Files\Windows Live
[17/06/2009|00:08] C:\Program Files\Windows Mail
[13/08/2009|18:12] C:\Program Files\Windows Media Player
[05/01/2008|12:04] C:\Program Files\Windows NT
[17/06/2009|00:08] C:\Program Files\Windows Photo Gallery
[17/06/2009|00:08] C:\Program Files\Windows Sidebar

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[03/12/2008|19:02] C:\Program Files\Common Files\Adobe
[06/01/2008|16:52] C:\Program Files\Common Files\Apple
[10/01/2008|19:02] C:\Program Files\Common Files\DESIGNER
[07/09/2007|01:25] C:\Program Files\Common Files\HP
[20/01/2008|20:10] C:\Program Files\Common Files\InstallShield
[07/09/2007|01:33] C:\Program Files\Common Files\LightScribe
[07/09/2007|01:33] C:\Program Files\Common Files\LS Getting Started
[23/06/2009|19:12] C:\Program Files\Common Files\microsoft shared
[07/09/2007|01:34] C:\Program Files\Common Files\muvee Technologies
[07/09/2007|01:32] C:\Program Files\Common Files\PX Storage Engine
[07/09/2007|01:32] C:\Program Files\Common Files\Roxio Shared
[02/11/2006|13:18] C:\Program Files\Common Files\Services
[15/03/2008|15:44] C:\Program Files\Common Files\snp2std
[07/09/2007|01:32] C:\Program Files\Common Files\Sonic Shared
[02/11/2006|13:18] C:\Program Files\Common Files\SpeechEngines
[07/09/2007|01:27] C:\Program Files\Common Files\SureThing Shared
[26/02/2009|14:58] C:\Program Files\Common Files\Symantec Shared
[17/06/2009|00:08] C:\Program Files\Common Files\System
[05/01/2008|13:11] C:\Program Files\Common Files\WindowsLiveInstaller

--------------------\\ Process

( 70 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

C:\ProgramData\borebuildbuild.3fw31
C:\ProgramData\borebuildbuild.3vqv5
C:\ProgramData\borebuildbuild.9ift7
C:\ProgramData\borebuildbuild.a28sw
C:\ProgramData\borebuildbuild.jjxg9
C:\ProgramData\borebuildbuild.p2rel
C:\ProgramData\borebuildbuild.vc6ls
C:\ProgramData\borebuildbuild.wy8y9
C:\ProgramData\borebuildbuild.z9fwd
C:\ProgramData\borebuildbuild.zmzse
C:\ProgramData\borebuildbuild.0zx99g
C:\ProgramData\borebuildbuild.8s9cln
C:\ProgramData\borebuildbuild.98ysyx
C:\ProgramData\borebuildbuild.bar6i3
C:\ProgramData\borebuildbuild.hgw0tu
C:\ProgramData\borebuildbuild.ns3bei
C:\ProgramData\borebuildbuild.qrb3pg
C:\ProgramData\borebuildbuild.w1012i
C:\ProgramData\borebuildbuild.wpufk6
C:\ProgramData\borebuildbuild.xd24yw
C:\ProgramData\CAMP SIGN BIRD.9cymss
C:\ProgramData\borebuildbuild.13ei4vy
C:\ProgramData\borebuildbuild.1sk7xd5
C:\ProgramData\borebuildbuild.53x3lnk
C:\ProgramData\borebuildbuild.9rd9adj
C:\ProgramData\borebuildbuild.emk0qid
C:\ProgramData\borebuildbuild.noxahwy
C:\ProgramData\borebuildbuild.whmeixq

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\ProgramData\aim rect help creative
C:\ProgramData\aim rect help creative\long phone.dat
C:\Users\BURNEL~1\AppData\Roaming\MICROS~1\Windows\Cookies\burnel's_family@advertising[2].txt

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cdromloud"="\"C:\\ProgramData\\borebuildbuild.9ift7\""
"Help Creative Meow City"="\"C:\\ProgramData\\CAMP SIGN BIRD.9cymss\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-09-07 19:37:50
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 1374

--------------------\\ Recherche d'autres infections


Aucune autre infection trouvée !

[F:207][D:10]-> C:\Users\BURNEL~1\AppData\Local\Temp
[F:384][D:1]-> C:\Users\BURNEL~1\AppData\Roaming\MICROS~1\Windows\Cookies
[F:2430][D:12]-> C:\Users\BURNEL~1\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:40][D:6]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 07/09/2009|19:45 - Option : [1]

--------------------\\ Fin du rapport a 19:45:15
[ UAC => 1 ]

please!

Depuis 1h j'essayai de me connecter à internet :s le virus m'empèche la connexion! je te post le rapport dès qu'il est terminé.
Merci

Reposte un rapport Hijackthis.

Voilà, je viens de poster un autre rapport HijackThis.

Re,

Refais un scan LopS&D option 1.

&

Télécharge MalwareByte's Anti-Malware sur ton Bureau.

• Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.
• Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
• Afin de lancer la recherche, clic sur"Rechercher".
• Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

~ Si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
~~ Si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau.
~~~~ Fais redémarrer ton ordinateur normalement et poste le rapport dans ta prochaine réponse.

REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.

Note : Si tu ne parviens à télécharger MBAM à part de MajorGeeks, tu peux le télécharger ici!

Aide :

• Comment utiliser MBAM.
• Comment faire démarrer son ordinateur en mode sans échec.

C'est le rapport Malware





Malwarebytes' Anti-Malware 1.41
Version de la base de données: 2785
Windows 6.0.6001 Service Pack 1

13/09/2009 16:05:53
mbam-log-2009-09-13 (16-05-53).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|I:\|)
Eléments examinés: 255981
Temps écoulé: 2 hour(s), 37 minute(s), 41 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 44

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sunjavaupdatesched (Trojan.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Windows\System32\LocalService (Worm.Archive) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Users\Burnel's family\AppData\Local\Temp\29CD.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Burnel's family\AppData\Local\Temp\29DD.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Burnel's family\AppData\Local\Temp\43A4.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Burnel's family\AppData\Local\Temp\4827.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Burnel's family\AppData\Local\Temp\49C0.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Burnel's family\AppData\Local\Temp\4D0.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Burnel's family\AppData\Local\Temp\54F3.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Burnel's family\AppData\Local\Temp\5781.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Burnel's family\AppData\Local\Temp\59F1.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Burnel's family\AppData\Local\Temp\5BA.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Burnel's family\AppData\Local\Temp\5E93.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Burnel's family\AppData\Local\Temp\6160.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Burnel's family\AppData\Local\Temp\7A01.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Burnel's family\AppData\Local\Temp\7E0D.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Burnel's family\AppData\Local\Temp\7EDF.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Burnel's family\AppData\Local\Temp\8259.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Burnel's family\AppData\Local\Temp\9D38.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Burnel's family\AppData\Local\Temp\A9C9.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Burnel's family\AppData\Local\Temp\C024.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Burnel's family\AppData\Local\Temp\D5C8.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Burnel's family\AppData\Local\Temp\D6ED.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Burnel's family\AppData\Local\Temp\D9E4.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Burnel's family\AppData\Local\Temp\EEB1.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Users\Yon Dos\AppData\Local\Temp\7BA7.tmp (Trojan.Dropper) -> Quarantined and deleted successfully.
C:\Windows\System32\558E.tmp (Worm.P2P) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\277.crack.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\277.crack.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\278.keygen.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\278.keygen.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\279.serial.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\279.serial.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\280.setup.zip (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\280.setup.zip.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\281.music.au (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\281.music.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\282.music2.au (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\282.music2.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\283.music3.au (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\283.music3.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\284.music4.au (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\LocalService\284.music4.au.kwd (Worm.Archive) -> Quarantined and deleted successfully.
C:\Windows\System32\GroupPolicy000.dat (Malware.Trace) -> Quarantined and deleted successfully.
C:\Windows\GnuHashes.ini (Malware.Trace) -> Quarantined and deleted successfully.
C:\Program Files\Java\jre6\bin\jusched.exe (Trojan.Agent) -> Delete on reboot.

Pour poster un rapport Hijackthis, il faut faire clic droit/exécuter en tant qu'admin pour le lancer.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:00:06, on 13/09/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18294)
Boot mode: Normal

Running processes:
C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\vVX1000.exe
C:\Windows\tsnp2std.exe
C:\Windows\vsnp2std.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN
C:\Windows\system32\conime.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\trend micro\HijackThis\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.searchslate.com/wp.ashx?ref=home&id=152
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr? [...] pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe" -delete
O4 - HKLM\..\Run: [VX1000] C:\Windows\vVX1000.exe
O4 - HKLM\..\Run: [tsnp2std] C:\Windows\tsnp2std.exe
O4 - HKLM\..\Run: [snp2std] C:\Windows\vsnp2std.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/control [...] oader5.cab
O18 - Protocol: symres - {AA1061FE-6C41-421F-9344-69640C9732AB} - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\coIEPlg.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Norton Internet Security - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\16.7.2.11\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 9043 bytes








Voilà le rapport Hijackthis, ya t'il encore des virus ou pas?

non

Pas pour le moment merci de ton aide.