Virus gomeo

Bonjour,



ci joint le rapport d erreur combofix qui peut m aider j en ai assez de gomeo!!!!!!!!!
ComboFix 10-12-10.01 - jstern 11/12/2010 14:54:32.1.2 - x86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.2047.1367 [GMT 1:00]
Lancé depuis: c:\documents and settings\jstern\Bureau\ComboFix.exe
AV: avast! Antivirus *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\docume~1\jstern\LOCALS~1\Temp\{0470813E-B31C-4E0C-A67C-A0DAEA2F261A}\7e28.dll
c:\docume~1\jstern\LOCALS~1\Temp\{3782F4D7-6259-49B1-A7B9-9C2778B055AE}\5784.dll
c:\docume~1\jstern\LOCALS~1\Temp\{4CEB0A9B-41EC-4D93-A51E-E5D4C8C46FD6}\7b46.dll
c:\docume~1\jstern\LOCALS~1\Temp\{B1EA58DE-3FB7-4205-846E-3C6884DDB3BF}\48b0.dll
c:\docume~1\jstern\LOCALS~1\Temp\{E7E35741-441F-4F56-B8E2-521E3257B535}\3f04.dll
c:\docume~1\jstern\LOCALS~1\Temp\{E9E31D2C-748A-4DD2-9AB9-0320FAA39CFF}\3d73.dll
c:\docume~1\jstern\LOCALS~1\Temp\{E9E31D2C-748A-4DD2-9AB9-0320FAA39CFF}\bin\awt.dll
c:\docume~1\jstern\LOCALS~1\Temp\{E9E31D2C-748A-4DD2-9AB9-0320FAA39CFF}\bin\client\jvm.dll
c:\docume~1\jstern\LOCALS~1\Temp\{E9E31D2C-748A-4DD2-9AB9-0320FAA39CFF}\bin\hpi.dll
c:\docume~1\jstern\LOCALS~1\Temp\{E9E31D2C-748A-4DD2-9AB9-0320FAA39CFF}\bin\java.dll
c:\docume~1\jstern\LOCALS~1\Temp\{E9E31D2C-748A-4DD2-9AB9-0320FAA39CFF}\bin\javaw.exe
c:\docume~1\jstern\LOCALS~1\Temp\{E9E31D2C-748A-4DD2-9AB9-0320FAA39CFF}\bin\msvcr71.dll
c:\docume~1\jstern\LOCALS~1\Temp\{E9E31D2C-748A-4DD2-9AB9-0320FAA39CFF}\bin\net.dll
c:\docume~1\jstern\LOCALS~1\Temp\{E9E31D2C-748A-4DD2-9AB9-0320FAA39CFF}\bin\nio.dll
c:\docume~1\jstern\LOCALS~1\Temp\{E9E31D2C-748A-4DD2-9AB9-0320FAA39CFF}\bin\sunmscapi.dll
c:\docume~1\jstern\LOCALS~1\Temp\{E9E31D2C-748A-4DD2-9AB9-0320FAA39CFF}\bin\verify.dll
c:\docume~1\jstern\LOCALS~1\Temp\{E9E31D2C-748A-4DD2-9AB9-0320FAA39CFF}\bin\zip.dll
c:\docume~1\jstern\LOCALS~1\Temp\{E9E31D2C-748A-4DD2-9AB9-0320FAA39CFF}\crypt.dll
c:\docume~1\jstern\LOCALS~1\Temp\{F9638846-83A3-45D8-895A-348B72A13C41}\7bf3.dll
c:\docume~1\jstern\LOCALS~1\Temp\{FE5EEFA7-441F-440D-8200-09D84BBF8577}\38c8.dll
c:\documents and settings\jstern\Local Settings\Temp\{E9E31D2C-748A-4DD2-9AB9-0320FAA39CFF}\3d73.dll
c:\documents and settings\jstern\Local Settings\Temp\{E9E31D2C-748A-4DD2-9AB9-0320FAA39CFF}\bin\awt.dll
c:\documents and settings\jstern\Local Settings\Temp\{E9E31D2C-748A-4DD2-9AB9-0320FAA39CFF}\bin\client\jvm.dll
c:\documents and settings\jstern\Local Settings\Temp\{E9E31D2C-748A-4DD2-9AB9-0320FAA39CFF}\bin\hpi.dll
c:\documents and settings\jstern\Local Settings\Temp\{E9E31D2C-748A-4DD2-9AB9-0320FAA39CFF}\bin\java.dll
c:\documents and settings\jstern\Local Settings\Temp\{E9E31D2C-748A-4DD2-9AB9-0320FAA39CFF}\bin\javaw.exe
c:\documents and settings\jstern\Local Settings\Temp\{E9E31D2C-748A-4DD2-9AB9-0320FAA39CFF}\bin\msvcr71.dll
c:\documents and settings\jstern\Local Settings\Temp\{E9E31D2C-748A-4DD2-9AB9-0320FAA39CFF}\bin\net.dll
c:\documents and settings\jstern\Local Settings\Temp\{E9E31D2C-748A-4DD2-9AB9-0320FAA39CFF}\bin\nio.dll
c:\documents and settings\jstern\Local Settings\Temp\{E9E31D2C-748A-4DD2-9AB9-0320FAA39CFF}\bin\sunmscapi.dll
c:\documents and settings\jstern\Local Settings\Temp\{E9E31D2C-748A-4DD2-9AB9-0320FAA39CFF}\bin\verify.dll
c:\documents and settings\jstern\Local Settings\Temp\{E9E31D2C-748A-4DD2-9AB9-0320FAA39CFF}\bin\zip.dll
c:\documents and settings\jstern\Local Settings\Temp\{E9E31D2C-748A-4DD2-9AB9-0320FAA39CFF}\crypt.dll
c:\documents and settings\jstern\Local Settings\Temporary Internet Files\pse_350_fra.exe

.
((((((((((((((((((((((((((((( Fichiers créés du 2010-11-11 au 2010-12-11 ))))))))))))))))))))))))))))))))))))
.

2010-12-11 13:48 . 2010-12-11 13:48 -------- d-----w- c:\documents and settings\jstern\Local Settings\Application Data\PackageAware
2010-12-11 13:17 . 2010-12-11 13:17 -------- d-----w- c:\program files\Ad-Remover
2010-12-11 07:26 . 2010-12-11 07:26 -------- d-----w- c:\documents and settings\jstern\LimeWire
2010-11-28 17:25 . 2010-11-28 17:25 471040 --sh--w- c:\windows\system32\advlib.dll
2010-11-28 17:25 . 2010-11-28 17:25 55808 --sh--w- c:\windows\system32\bitprf.dll
2010-11-23 12:15 . 2010-12-01 15:24 -------- d-----w- c:\documents and settings\jstern\Local Settings\Application Data\ApplicationHistory
2010-11-23 12:14 . 2010-11-23 12:14 -------- d-----w- c:\windows\system32\URTTEMP
2010-11-21 17:02 . 2010-11-21 17:02 -------- d-----w- c:\documents and settings\jstern\Application Data\Uniblue
2010-11-21 16:53 . 2010-11-21 17:02 -------- d-----w- c:\documents and settings\jstern\Local Settings\Application Data\OpenCandy
2010-11-21 16:53 . 2010-11-21 16:53 -------- d-----w- c:\documents and settings\jstern\Application Data\OpenCandy
2010-11-16 13:51 . 2010-12-05 11:04 -------- d-----w- c:\program files\eMule

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-09-18 10:23 . 2004-08-04 04:54 974848 ----a-w- c:\windows\system32\mfc42u.dll
2010-09-18 06:53 . 2004-08-04 04:54 974848 ----a-w- c:\windows\system32\mfc42.dll
2010-09-18 06:53 . 2002-09-07 00:00 954368 ----a-w- c:\windows\system32\mfc40.dll
2010-09-18 06:53 . 2002-09-07 00:00 953856 ----a-w- c:\windows\system32\mfc40u.dll
2010-09-16 07:57 . 2010-09-16 07:57 206 ----a-w- c:\documents and settings\jstern\Local Settings\Application Data\GLF9D.tmp
2010-09-15 03:50 . 2010-08-31 11:47 472808 ----a-w- c:\windows\system32\deployJava1.dll
2010-09-15 01:29 . 2010-08-31 11:47 73728 ----a-w- c:\windows\system32\javacpl.cpl
1995-09-20 14:16 . 1995-09-20 14:16 456976 ----a-w- c:\program files\Fichiers communs\dao3032.dll
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-10-30 7634944]
"nwiz"="nwiz.exe" [2006-10-30 1622016]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-10-30 86016]
"RTHDCPL"="RTHDCPL.EXE" [2007-04-12 16132608]
"SkyTel"="SkyTel.EXE" [2007-04-13 1822720]
"avast5"="c:\progra~1\ALWILS~1\Avast5\avastUI.exe" [2010-09-07 2838912]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-03-25 49152]
"SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-05-14 248552]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 110592]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-09-23 35760]
"Adobe ARM"="c:\program files\Fichiers communs\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288]
"hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-08-20 150016]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\All Users\Menu D'marrer\Programmes\D'marrage\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=bitprf.dll advlib.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\D:\0autocheck autochk *

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Freeplayer\\vlc\\vlc.exe"=
"c:\\Program Files\\Shareaza\\Shareaza.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgplgtupl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqgpc01.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpse.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqsudi.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqpsapp.exe"=
"c:\\Program Files\\eMule\\eMule.exe"=

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [16/07/2010 13:47 691696]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [14/07/2010 09:34 165584]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [14/07/2010 09:34 17744]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Contenu du dossier 'Tâches planifiées'

2010-12-11 c:\windows\Tasks\Auslogics Boost Speed Disk Defrag Console Defragmentation.job
- c:\program files\Auslogics\Auslogics Disk Defrag\cdefrag.exe [2010-08-27 09:13]

2010-12-11 c:\windows\Tasks\User_Feed_Synchronization-{2728A446-6F96-476D-A79F-020128F8AAFA}.job
- c:\windows\system32\msfeedssync.exe [2007-08-13 02:31]
.
.
------- Examen supplémentaire -------
.
uStart Page = hxxp://www.google.fr/
IE: Download with &Shareaza
IE: Google Sidewiki...
DPF: {A27C56D2-3F58-4ABB-AA31-1168EDA6636F} - hxxp://utilities.pcpitstop.com/Nirvana/controls/pcmatic.cab
FF - ProfilePath - c:\documents and settings\jstern\Application Data\Mozilla\Firefox\Profiles\1nntwoik.default\
FF - prefs.js: browser.startup.homepage - http:/www.google.fr
FF - prefs.js: network.proxy.type - 0
FF - plugin: c:\documents and settings\jstern\Application Data\Mozilla\plugins\np-mswmp.dll
FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - Extension: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff
FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\documents and settings\jstern\Application Data\Mozilla\Firefox\Profiles\1nntwoik.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF - Extension: Tab Mix Plus: {dc572301-7619-498c-a57d-39143191b318} - c:\documents and settings\jstern\Application Data\Mozilla\Firefox\Profiles\1nntwoik.default\extensions\{dc572301-7619-498c-a57d-39143191b318}
FF - Extension: Personas: personas@christopher.beard - c:\documents and settings\jstern\Application Data\Mozilla\Firefox\Profiles\1nntwoik.default\extensions\personas@christopher.beard
FF - Extension: Adblock Plus: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d} - c:\documents and settings\jstern\Application Data\Mozilla\Firefox\Profiles\1nntwoik.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
.
- - - - ORPHELINS SUPPRIMES - - - -

Toolbar-Locked - (no file)
HKLM-Run-LiveMonitor - c:\program files\MSI\Live Update 3\LMonitor.exe
AddRemove-The Sims 8 in 1 - c:\program files\Maxis\The Sims 8 in 1\uninstall.exe



**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2010-12-11 14:57
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
Heure de fin: 2010-12-11 14:59:02
ComboFix-quarantined-files.txt 2010-12-11 13:59

Avant-CF: 171 234 799 616 octets libres
Après-CF: 172 202 516 480 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect /usepmtimer

Current=1 Default=1 Failed=0 LastKnownGood=4 Sets=1,2,3,4
- - End Of File - - A1E63095DB5221E301F3DEB5894F8D82