mirumo

Bonjour voici le résultat de combofix ComboFix 08-06-16.5 - parents 2008-06-18 11:41:02.2 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.617 [GMT 2:00] Endroit: F:\Documents and Settings\parents\Bureau\ComboFix.exe * Création d'un nouveau point de restauration AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !! . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . F:\WINDOWS\BM2b7c9828.xml F:\WINDOWS\cookies.ini F:\WINDOWS\pskt.ini F:\WINDOWS\system32\bhuruiid.ini F:\WINDOWS\system32\cfqfceya.dll F:\WINDOWS\system32\cijqnyqu.dll F:\WINDOWS\system32\crwnjrdn.dll F:\WINDOWS\system32\cwulxffg.ini F:\WINDOWS\system32\eghugvxx.dll F:\WINDOWS\system32\fusrbjde.ini F:\WINDOWS\system32\gffxluwc.dll F:\WINDOWS\system32\gisjgpln.ini F:\WINDOWS\system32\gsaxsiqj.dll F:\WINDOWS\system32\iatewdqh.ini F:\WINDOWS\system32\iflylxol.ini F:\WINDOWS\system32\iglrexvn.ini F:\WINDOWS\system32\iivdijvy.ini F:\WINDOWS\system32\jnlyavdn.dll F:\WINDOWS\system32\kygcwsib.dll F:\WINDOWS\system32\ldjeopnj.dll F:\WINDOWS\system32\lVCfLVGh.ini F:\WINDOWS\system32\lVCfLVGh.ini2 F:\WINDOWS\system32\lxvynnya.ini F:\WINDOWS\system32\mcrh.tmp F:\WINDOWS\system32\nTDMnnnn.ini F:\WINDOWS\system32\nTDMnnnn.ini2 F:\WINDOWS\system32\OnqqAccf.ini F:\WINDOWS\system32\OnqqAccf.ini2 F:\WINDOWS\system32\oprYbccf.ini F:\WINDOWS\system32\oprYbccf.ini2 F:\WINDOWS\system32\opWwwyay.ini2 F:\WINDOWS\system32\pahrtiaw.dll F:\WINDOWS\system32\poflxqmw.dll F:\WINDOWS\system32\pvpunehx.dll F:\WINDOWS\system32\pwvgaylh.ini F:\WINDOWS\system32\qoMdcYrS.dll F:\WINDOWS\system32\rkrxfygx.dll F:\WINDOWS\system32\rxiwrdrh.dll F:\WINDOWS\system32\rypefoef.dll F:\WINDOWS\system32\sgcyovnm.dll F:\WINDOWS\system32\tbhvvaxb.dll F:\WINDOWS\system32\ujisguex.dll F:\WINDOWS\system32\urqNgHAq.dll F:\WINDOWS\system32\utsgnnyf.dll F:\WINDOWS\system32\vcglmsvs.dll F:\WINDOWS\system32\vgqoerof.dll F:\WINDOWS\system32\vlkioume.dll F:\WINDOWS\system32\vlpulrxd.dll F:\WINDOWS\system32\vpifbtnj.dll F:\WINDOWS\system32\wevalxxe.ini F:\WINDOWS\system32\wFfLmnpo.ini F:\WINDOWS\system32\wFfLmnpo.ini2 F:\WINDOWS\system32\wmoaspqh.dll F:\WINDOWS\system32\xhenupvp.ini F:\WINDOWS\system32\yllfooqc.dll . ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-05-18 to 2008-06-18 )))))))))))))))))))))))))))))))))))) . 2008-06-18 09:43 . 2008-06-18 09:43 303,616 --a------ F:\WINDOWS\system32\opnmLfFw.dll 2008-06-18 08:14 . 2008-06-18 08:14 <REP> d-------- F:\Program Files\Defenza 2008-06-17 20:43 . 2008-06-18 08:14 <REP> d-------- F:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2008-06-16 21:26 . 2008-06-16 21:26 300,544 --------- F:\WINDOWS\system32\hGVLfCVl.dll_old 2008-06-16 21:26 . 2008-06-16 21:26 300,544 --a------ F:\WINDOWS\system32\hGVLfCVl.dll 2008-06-16 18:59 . 1996-08-20 20:37 15,840 --a------ F:\WINDOWS\system32\Machnm1.exe 2008-06-16 18:59 . 2005-09-25 16:37 5,632 --a------ F:\WINDOWS\system32\Machnm64.sys 2008-06-16 18:59 . 2008-06-16 18:59 3,120 --a------ F:\WINDOWS\system32\118290.54 2008-06-16 18:59 . 2008-06-16 18:59 3,120 --a------ F:\WINDOWS\118294.78 2008-06-16 18:59 . 2003-08-13 00:27 2,304 --a------ F:\WINDOWS\system32\Machnm32.sys 2008-06-16 18:19 . 2008-06-16 18:19 300,544 --------- F:\WINDOWS\system32\fccbYrpo.dll_old 2008-06-16 18:19 . 2008-06-16 18:19 300,544 --a------ F:\WINDOWS\system32\fccbYrpo.dll 2008-06-15 13:38 . 2008-06-15 13:38 <REP> d-------- F:\Program Files\Avira 2008-06-15 13:38 . 2008-06-15 13:38 <REP> d-------- F:\Documents and Settings\All Users\Application Data\Avira 2008-06-14 23:37 . 2008-06-14 23:37 306,688 --------- F:\WINDOWS\system32\nnnnMDTn.dll_old 2008-06-14 23:37 . 2008-06-14 23:37 306,688 --a------ F:\WINDOWS\system32\nnnnMDTn.dll 2008-06-14 23:31 . 2008-06-15 11:52 14,848 --a------ F:\Documents and Settings\parents\services.exe 2008-06-14 23:28 . 2008-06-14 23:28 0 --a------ F:\WINDOWS\nsreg.dat 2008-06-14 19:46 . 2008-06-14 19:46 <REP> d-------- F:\Program Files\Malwarebytes' Anti-Malware 2008-06-14 19:46 . 2008-06-14 19:46 <REP> d-------- F:\Documents and Settings\parents\Application Data\Malwarebytes 2008-06-14 19:46 . 2008-06-14 19:46 <REP> d-------- F:\Documents and Settings\All Users\Application Data\Malwarebytes 2008-06-14 19:46 . 2008-06-10 19:02 34,296 --a------ F:\WINDOWS\system32\drivers\mbamcatchme.sys 2008-06-14 19:46 . 2008-06-10 19:02 15,864 --a------ F:\WINDOWS\system32\drivers\mbam.sys 2008-06-14 17:05 . 2008-06-14 17:05 <REP> d-------- F:\Program Files\CCleaner 2008-06-14 16:42 . 2008-06-14 16:42 42 --a------ F:\WINDOWS\cookies.MSNFix 2008-06-14 10:48 . 2008-06-14 10:48 143 --a------ F:\WINDOWS\system32\mcrh.MSNFix 2008-06-13 14:14 . 2008-06-14 20:19 <REP> d-------- F:\WINDOWS\system32\RI 2008-06-13 14:14 . 2008-06-13 14:14 <REP> d-------- F:\WINDOWS\system32\oprt 2008-06-13 14:14 . 2008-06-18 08:10 <REP> d-------- F:\WINDOWS\system32\netrax05 2008-06-10 21:28 . 2008-06-10 21:33 <REP> d-------- F:\Documents and Settings\parents\Application Data\MSN6 2008-05-28 17:08 . 2008-05-28 17:08 <REP> d-------- F:\Documents and Settings\All Users\Application Data\UDL 2008-05-28 17:08 . 2003-07-02 01:00 131,072 --a------ F:\WINDOWS\system32\Epcmlib.dll 2008-05-28 17:07 . 2008-05-28 17:07 <REP> d-------- F:\Program Files\EPSON Print CD 2008-05-28 17:05 . 2001-09-04 04:04 182 --a------ F:\WINDOWS\system32\EBPPORT4.DAT 2008-05-28 17:04 . 2008-05-28 17:04 25 --a------ F:\WINDOWS\CDER200Euro.ini 2008-05-25 10:55 . 2008-06-13 19:59 16,574 --a------ F:\WINDOWS\EPISMF00.SWB . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2008-06-18 09:46 --------- d-----w F:\Program Files\Wanadoo 2008-06-18 09:46 --------- d-----w F:\Program Files\Google 2008-06-18 07:32 --------- d-----w F:\Program Files\Java 2008-06-18 06:32 --------- d-----w F:\Documents and Settings\All Users\Application Data\Google Updater 2008-06-18 06:10 --------- d--h--w F:\Program Files\InstallShield Installation Information 2008-06-13 19:27 --------- d-----w F:\Documents and Settings\clems\Application Data\LimeWire 2008-06-07 11:56 --------- d-----w F:\Documents and Settings\emilien\Application Data\LimeWire 2008-05-28 15:09 --------- d-----w F:\Program Files\EPSON 2008-05-11 13:31 60,416 ----a-w F:\WINDOWS\ALCFDRTM.EXE 2008-04-25 15:26 --------- d-----w F:\Documents and Settings\All Users\Application Data\Messenger Plus! 2008-04-21 13:39 --------- d--h--r F:\Documents and Settings\pelo\Application Data\SecuROM 2008-04-21 12:31 107,888 ----a-w F:\WINDOWS\system32\CmdLineExt.dll 2008-04-21 12:31 --------- d--h--r F:\Documents and Settings\emilien\Application Data\SecuROM 2008-04-21 12:30 --------- d-----w F:\Program Files\EA Sports 2008-04-21 11:47 --------- d-----w F:\Program Files\Thrustmaster 2008-04-18 12:27 --------- d-----w F:\Program Files\AviSynth 2.5 2008-04-18 12:22 --------- d-----w F:\Program Files\AVS4YOU 2008-04-18 12:16 --------- d-----w F:\Documents and Settings\emilien\Application Data\AVS4YOU 2008-04-18 12:15 --------- d-----w F:\Program Files\Fichiers communs\AVSMedia 2006-05-03 10:06 163,328 --sh--r F:\WINDOWS\system32\flvDX.dll 2007-02-21 11:47 31,744 --sh--r F:\WINDOWS\system32\msfDX.dll . ((((((((((((((((((((((((((((( snapshot@2008-06-14_19.42.43.31 ))))))))))))))))))))))))))))))))))))))))) . - 2008-06-14 17:38:28 2,048 --s-a-w F:\WINDOWS\bootstat.dat + 2008-06-18 09:46:08 2,048 --s-a-w F:\WINDOWS\bootstat.dat - 2008-03-10 20:14:34 155,136 ----a-r F:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\accicons.exe + 2008-06-16 17:04:45 155,136 ----a-r F:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\accicons.exe - 2008-03-10 20:14:34 22,528 ----a-r F:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\bindico.exe + 2008-06-16 17:04:45 22,528 ----a-r F:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\bindico.exe - 2008-03-10 20:14:34 73,216 ----a-r F:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\fpicon.exe + 2008-06-16 17:04:45 73,216 ----a-r F:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\fpicon.exe - 2008-03-10 20:14:34 28,160 ----a-r F:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\misc.exe + 2008-06-16 17:04:45 28,160 ----a-r F:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\misc.exe - 2008-03-10 20:14:35 104,960 ----a-r F:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\outicon.exe + 2008-06-16 17:04:45 104,960 ----a-r F:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\outicon.exe - 2008-03-10 20:14:35 11,264 ----a-r F:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\PEicons.exe + 2008-06-16 17:04:46 11,264 ----a-r F:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\PEicons.exe - 2008-03-10 20:14:34 30,208 ----a-r F:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\pptico.exe + 2008-06-16 17:04:45 30,208 ----a-r F:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\pptico.exe - 2008-03-10 20:14:34 35,328 ----a-r F:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\wordicon.exe + 2008-06-16 17:04:44 35,328 ----a-r F:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\wordicon.exe - 2008-03-10 20:14:34 69,120 ----a-r F:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\xlicons.exe + 2008-06-16 17:04:44 69,120 ----a-r F:\WINDOWS\Installer\{0000040C-78E1-11D2-B60F-006097C998E7}\xlicons.exe - 2008-05-23 19:22:59 16,384 ----a-w F:\WINDOWS\system32\config\systemprofile\Cookies\index.dat + 2008-06-16 19:47:57 16,384 ----a-w F:\WINDOWS\system32\config\systemprofile\Cookies\index.dat - 2008-05-23 19:22:59 32,768 ----a-w F:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat + 2008-06-16 19:47:57 32,768 ----a-w F:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat - 2008-05-23 19:22:59 32,768 ----a-w F:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2008-06-16 19:47:57 32,768 ----a-w F:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat + 2008-06-15 10:14:36 262,144 ----a-w F:\WINDOWS\system32\config\systemprofile\ntuser.dat + 2008-01-21 16:12:56 41,792 ----a-w F:\WINDOWS\system32\drivers\avgntdd.sys + 2008-01-21 16:11:28 22,336 ----a-w F:\WINDOWS\system32\drivers\avgntmgr.sys + 2008-03-04 11:28:53 79,424 ----a-w F:\WINDOWS\system32\drivers\avipbb.sys + 2007-03-01 08:34:22 28,352 ----a-w F:\WINDOWS\system32\drivers\ssmdrv.sys - 2007-12-13 23:57:22 135,168 ----a-w F:\WINDOWS\system32\java.exe + 2008-02-21 23:23:35 135,168 ----a-w F:\WINDOWS\system32\java.exe - 2007-12-13 23:57:24 135,168 ----a-w F:\WINDOWS\system32\javaw.exe + 2008-02-21 23:23:39 135,168 ----a-w F:\WINDOWS\system32\javaw.exe - 2007-12-14 00:59:16 139,264 ----a-w F:\WINDOWS\system32\javaws.exe + 2008-02-22 00:33:32 139,264 ----a-w F:\WINDOWS\system32\javaws.exe + 2008-06-18 06:15:02 187,328 ----a-w F:\WINDOWS\system32\Restore\rstrlog.dat . -- Snapshot reset to current date -- . ((((((((((((((((((((((((((((((((( Point de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))) . . REGEDIT4 *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{C694F4F5-B2DF-4210-A036-2F92FBF17E93}] 2008-06-14 23:37 306688 --a------ F:\WINDOWS\system32\nnnnMDTn.dll [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="F:\WINDOWS\system32\ctfmon.exe" [2004-08-19 17:09 15360] "WOOKIT"="F:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55 32768] "IncrediMail"="F:\Program Files\IncrediMail\bin\IncMail.exe" [2008-03-11 18:30 243072] "swg"="F:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-03-01 17:17 68856] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "WOOWATCH"="F:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49 20480] "WOOTASKBARICON"="F:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55 32768] "SoundMan"="SOUNDMAN.EXE" [2005-06-14 19:36 77824 F:\WINDOWS\SOUNDMAN.EXE] "Adobe Reader Speed Launcher"="F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792] "OPTENET_GUI"="F:\PROGRA~1\CONTRO~1\bin\optgui.exe" [2007-12-13 19:57 422360] "SunJavaUpdateSched"="F:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] "EPSON Stylus Photo R200 Series (Copie 1)"="F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.exe" [2003-09-11 05:00 99840] "CnxDslTaskBar"="F:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe" [2005-05-20 19:32 278528] "avgnt"="F:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-12 10:06 262401] "PCDAS"="F:\Program Files\Defenza\pcd-as.exe" [2006-12-15 10:47 1359872] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="F:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 17:09 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.I420"= i420vfw.dll "vidc.xvid"= xvid.dll "vidc.yv12"= yv12vfw.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "F:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "F:\\Program Files\\Windows Live\\Messenger\\livecall.exe"= "F:\\Program Files\\LimeWire\\LimeWire.exe"= "F:\\Program Files\\IncrediMail\\bin\\ImApp.exe"= "F:\\Program Files\\IncrediMail\\bin\\IncMail.exe"= "F:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"= R3 CnxEtP;ZTE ZXDSL852 Adapter Filter Driver;F:\WINDOWS\system32\DRIVERS\CnxEtP.sys [2005-05-20 19:27] R3 CnxEtU;ZTE ZXDSL852 Interface Device Driver;F:\WINDOWS\system32\DRIVERS\CnxEtU.sys [2005-05-20 19:27] R3 CnxTgNW;ZTE ZXDSL852 WAN PPPoA Adapter Driver;F:\WINDOWS\system32\DRIVERS\CnxTgNW.sys [2005-05-20 19:28] S2 OPTENET_FILTER;Orange Contrôle Parental;F:\Program Files\Controle Parental\bin\optproxy.exe [2007-12-13 19:53] S3 MBAMCatchMe;MBAMCatchMe;F:\WINDOWS\system32\drivers\mbamcatchme.sys [2008-06-10 19:02] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{6d6361cc-f781-11dc-8bb8-00d0d08cc449}] \Shell\Auto\command - H:\Start.exe \Shell\AutoRun\command - F:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Start.exe . ************************************************************************** catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-06-18 11:47:06 Windows 5.1.2600 Service Pack 2 NTFS Balayage processus cach‚s ... Balayage cach‚ autostart entries ... Balayage des fichiers cach‚s ... Scan termin‚ avec succŠs Les fichiers cach‚s: 0 ************************************************************************** . ------------------------ Other Running Processes ------------------------ . F:\WINDOWS\system32\ati2evxx.exe F:\WINDOWS\system32\ati2evxx.exe F:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe F:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe F:\WINDOWS\system32\FTRTSVC.exe F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe F:\Program Files\Wanadoo\TaskBarIcon.exe F:\Program Files\Controle Parental\bin\OPTGui.exe F:\Program Files\Wanadoo\EspaceWanadoo.exe F:\Program Files\Wanadoo\ComComp.exe F:\Program Files\Google\Google Updater\GoogleUpdater.exe F:\Program Files\Wanadoo\Toaster.exe F:\Program Files\Wanadoo\Inactivity.exe F:\Program Files\Wanadoo\PollingModule.exe F:\WINDOWS\system32\AlertModule\AlertModule.exe F:\Program Files\IncrediMail\bin\ImApp.exe F:\Program Files\Wanadoo\Watch.exe F:\WINDOWS\system32\wscntfy.exe . ************************************************************************** . Temps d'accomplissement: 2008-06-18 11:50:42 - machine was rebooted ComboFix-quarantined-files.txt 2008-06-18 09:50:39 ComboFix2.txt 2008-06-14 17:43:03 Pre-Run: 63,108,980,736 octets libres Post-Run: 63,154,139,136 octets libres 255 merci

J'ai des pub intempestives sans arrêt et des avertissements de virus .... mon pc est devenu fou...... je viens de lancer un nouveau rapport hijackthis... y a-t-il des changements depuis hier et surtout Qu dois-je faire je suis bien démunie Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:56:59, on 16/06/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: F:\WINDOWS\System32\smss.exe F:\WINDOWS\system32\winlogon.exe F:\WINDOWS\system32\services.exe F:\WINDOWS\system32\lsass.exe F:\WINDOWS\system32\svchost.exe F:\WINDOWS\System32\svchost.exe F:\WINDOWS\system32\spoolsv.exe F:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe F:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe F:\WINDOWS\System32\FTRTSVC.exe F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe F:\WINDOWS\System32\svchost.exe F:\WINDOWS\system32\winlogon.exe F:\WINDOWS\system32\wscntfy.exe F:\WINDOWS\Explorer.EXE F:\WINDOWS\SOUNDMAN.EXE F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe F:\PROGRA~1\Wanadoo\TaskBarIcon.exe F:\PROGRA~1\CONTRO~1\bin\optgui.exe F:\Program Files\Java\jre1.6.0_04\bin\jusched.exe F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE F:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe F:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe F:\WINDOWS\system32\rundll32.exe F:\WINDOWS\system32\Rundll32.exe F:\WINDOWS\system32\ctfmon.exe F:\Program Files\IncrediMail\bin\IMApp.exe F:\Program Files\Google\Google Updater\GoogleUpdater.exe F:\Documents and Settings\parents\Mes documents\myriam.fleury\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - F:\PROGRA~1\Wanadoo\SEARCH~1.DLL O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - F:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O4 - HKLM\..\Run: [WOOWATCH] F:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] F:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [OPTENET_GUI] F:\PROGRA~1\CONTRO~1\bin\optgui.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "F:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series (Copie 1)] F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE /P40 "EPSON Stylus Photo R200 Series (Copie 1)" /O5 "LPT1:" /M "Stylus Photo R200" O4 - HKLM\..\Run: [CnxDslTaskBar] "F:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe" "ZTE Corporation\ZXDSL852" O4 - HKLM\..\Run: [LSA Shellu] F:\Documents and Settings\parents\lsass.exe O4 - HKLM\..\Run: [avgnt] "F:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKLM\..\Run: [162e125a] rundll32.exe "F:\WINDOWS\system32\edjbrsuf.dll",b O4 - HKLM\..\Run: [bM2b7c9828] Rundll32.exe "F:\WINDOWS\system32\rxiwrdrh.dll",s O4 - HKCU\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] F:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe O4 - HKCU\..\Run: [incrediMail] F:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Outil de mise à jour Google.lnk = F:\Program Files\Google\Google Updater\GoogleUpdater.exe O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/ O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1203617078109 O17 - HKLM\System\CCS\Services\Tcpip\..\{FF6641AC-EB15-4397-9E5D-ABBFC5A8C894}: NameServer = 80.10.246.130 81.253.149.10 O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - F:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - F:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - F:\WINDOWS\system32\ati2sgag.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - F:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Orange Contrôle Parental (OPTENET_FILTER) - Orange - F:\Program Files\Controle Parental\bin\optproxy.exe -- End of file - 5644 bytes merci de votre aide

en lisant qqs sujets j'ai désinstallé Avast pour le remplcer par ANTIVIR voici le nouveau rapport hijackthis Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:16:32, on 15/06/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: F:\WINDOWS\System32\smss.exe F:\WINDOWS\system32\winlogon.exe F:\WINDOWS\system32\services.exe F:\WINDOWS\system32\lsass.exe F:\WINDOWS\System32\Ati2evxx.exe F:\WINDOWS\system32\svchost.exe F:\WINDOWS\System32\svchost.exe F:\WINDOWS\system32\Ati2evxx.exe F:\WINDOWS\system32\spoolsv.exe F:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe F:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe F:\WINDOWS\System32\FTRTSVC.exe F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe F:\WINDOWS\System32\svchost.exe F:\WINDOWS\Explorer.EXE F:\WINDOWS\SOUNDMAN.EXE F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe F:\PROGRA~1\CONTRO~1\bin\optgui.exe F:\Program Files\Java\jre1.6.0_04\bin\jusched.exe F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE F:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe F:\PROGRA~1\Wanadoo\TaskBarIcon.exe F:\WINDOWS\system32\rundll32.exe F:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe F:\WINDOWS\system32\ctfmon.exe F:\PROGRA~1\Wanadoo\EspaceWanadoo.exe F:\PROGRA~1\Wanadoo\ComComp.exe F:\Program Files\IncrediMail\bin\IMApp.exe F:\PROGRA~1\Wanadoo\Toaster.exe F:\PROGRA~1\Wanadoo\Inactivity.exe F:\PROGRA~1\Wanadoo\PollingModule.exe F:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE F:\Program Files\Google\Google Updater\GoogleUpdater.exe F:\WINDOWS\system32\wscntfy.exe F:\PROGRA~1\Wanadoo\Watch.exe F:\Documents and Settings\parents\Mes documents\myriam.fleury\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - F:\PROGRA~1\Wanadoo\SEARCH~1.DLL O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - F:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O4 - HKLM\..\Run: [WOOWATCH] F:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] F:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [OPTENET_GUI] F:\PROGRA~1\CONTRO~1\bin\optgui.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "F:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series (Copie 1)] F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE /P40 "EPSON Stylus Photo R200 Series (Copie 1)" /O5 "LPT1:" /M "Stylus Photo R200" O4 - HKLM\..\Run: [CnxDslTaskBar] "F:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe" "ZTE Corporation\ZXDSL852" O4 - HKLM\..\Run: [LSA Shellu] F:\Documents and Settings\parents\lsass.exe O4 - HKLM\..\Run: [162e125a] rundll32.exe "F:\WINDOWS\system32\yvjidvii.dll",b O4 - HKLM\..\Run: [avgnt] "F:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min O4 - HKCU\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] F:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe O4 - HKCU\..\Run: [incrediMail] F:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Outil de mise à jour Google.lnk = F:\Program Files\Google\Google Updater\GoogleUpdater.exe O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/ O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1203617078109 O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - F:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - F:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - F:\WINDOWS\system32\ati2sgag.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - F:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Orange Contrôle Parental (OPTENET_FILTER) - Orange - F:\Program Files\Controle Parental\bin\optproxy.exe -- End of file - 5694 bytes merci de vos conseils

merci de votre réponse rapide voici le bloc-notes Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 23:05:46, on 14/06/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: F:\WINDOWS\System32\smss.exe F:\WINDOWS\system32\winlogon.exe F:\WINDOWS\system32\services.exe F:\WINDOWS\system32\lsass.exe F:\WINDOWS\System32\Ati2evxx.exe F:\WINDOWS\system32\svchost.exe F:\WINDOWS\System32\svchost.exe F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe F:\WINDOWS\system32\Ati2evxx.exe F:\Program Files\Alwil Software\Avast4\ashServ.exe F:\WINDOWS\system32\spoolsv.exe F:\WINDOWS\System32\FTRTSVC.exe F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe F:\WINDOWS\System32\svchost.exe F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe F:\Program Files\Alwil Software\Avast4\ashWebSv.exe F:\WINDOWS\system32\wscntfy.exe F:\WINDOWS\Explorer.EXE F:\WINDOWS\SOUNDMAN.EXE F:\PROGRA~1\CONTRO~1\bin\optgui.exe F:\Program Files\Java\jre1.6.0_04\bin\jusched.exe F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE F:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe F:\PROGRA~1\Wanadoo\TaskBarIcon.exe F:\WINDOWS\system32\ctfmon.exe F:\Program Files\Google\Google Updater\GoogleUpdater.exe F:\Program Files\IncrediMail\bin\IMApp.exe F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10MT2.EXE F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10RN2.EXE F:\Program Files\Internet Explorer\iexplore.exe F:\Documents and Settings\parents\Mes documents\myriam.fleury\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - F:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: {382743c1-5e17-fc89-3bc4-09be28864eb3} - {3be46882-eb90-4cb3-98cf-71e51c347283} - F:\WINDOWS\system32\vcglmsvs.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - F:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - F:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - F:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - F:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O4 - HKLM\..\Run: [WOOWATCH] F:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] F:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [OPTENET_GUI] F:\PROGRA~1\CONTRO~1\bin\optgui.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "F:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series (Copie 1)] F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE /P40 "EPSON Stylus Photo R200 Series (Copie 1)" /O5 "LPT1:" /M "Stylus Photo R200" O4 - HKLM\..\Run: [CnxDslTaskBar] "F:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe" "ZTE Corporation\ZXDSL852" O4 - HKCU\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] F:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe O4 - HKCU\..\Run: [incrediMail] F:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Outil de mise à jour Google.lnk = F:\Program Files\Google\Google Updater\GoogleUpdater.exe O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/ O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1203617078109 O17 - HKLM\System\CCS\Services\Tcpip\..\{FF6641AC-EB15-4397-9E5D-ABBFC5A8C894}: NameServer = 81.253.149.1 80.10.246.3 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - F:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - F:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Orange Contrôle Parental (OPTENET_FILTER) - Orange - F:\Program Files\Controle Parental\bin\optproxy.exe -- End of file - 6271 bytes

:\Program Files\IncrediMail\bin\IMApp.exe F:\Program Files\Internet Explorer\IEXPLORE.EXE E:\trojan gen\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - F:\PROGRA~1\Wanadoo\SEARCH~1.DLL O2 - BHO: {382743c1-5e17-fc89-3bc4-09be28864eb3} - {3be46882-eb90-4cb3-98cf-71e51c347283} - F:\WINDOWS\system32\vcglmsvs.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.6.0_04\bin\ssv.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - F:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - F:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - F:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - F:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fr\msntb.dll O4 - HKLM\..\Run: [WOOWATCH] F:\PROGRA~1\Wanadoo\Watch.exe O4 - HKLM\..\Run: [WOOTASKBARICON] F:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [OPTENET_GUI] F:\PROGRA~1\CONTRO~1\bin\optgui.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "F:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series (Copie 1)] F:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE /P40 "EPSON Stylus Photo R200 Series (Copie 1)" /O5 "LPT1:" /M "Stylus Photo R200" O4 - HKLM\..\Run: [CnxDslTaskBar] "F:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe" "ZTE Corporation\ZXDSL852" O4 - HKCU\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [WOOKIT] F:\PROGRA~1\Wanadoo\GestMaj.exe EspaceWanadoo.exe O4 - HKCU\..\Run: [incrediMail] F:\Program Files\IncrediMail\bin\IncMail.exe /c O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: Outil de mise à jour Google.lnk = F:\Program Files\Google\Google Updater\GoogleUpdater.exe O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr/ O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1203617078109 O17 - HKLM\System\CCS\Services\Tcpip\..\{FF6641AC-EB15-4397-9E5D-ABBFC5A8C894}: NameServer = 81.253.149.1 80.10.246.3 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - F:\WINDOWS\system32\ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - F:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - F:\WINDOWS\System32\FTRTSVC.exe O23 - Service: Google Updater Service (gusvc) - Google - F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Orange Contrôle Parental (OPTENET_FILTER) - Orange - F:\Program Files\Controle Parental\bin\optproxy.exe -- End of file - 6109 bytes voilà que faut-il faire et surtout NE PAS FAIRE....