Probleme infection Zaccess que faire .

Bonjour, a tous je suis nouveaux sur le forum ,je vous explique mon petit problème
Il y a quelque jour mon Pc est devenue si je puis dire (une véritable écurie champignonnière un nid a virus) il y en a tellement que je ne saurais vous les citer .
j'ai don réaliser un scan combo en suivant scrupuleusement les recommandation donné par plusieurs sites comme on dis google a été mon ami mais la je bloque sur l'interprétation du rapport donc si quelqu'un pourrais me donner la marche a suivre pour éradiquer tout sa et aussi pour prévenir la prochaine fois je suis preneur merci d'avance
tout les réponse seront les bienvenue
(il y aussi ce probleme de Gomeo je me demande si il n'y serais pas pour quelque chose )
Voici le rapport :
ComboFix 11-08-29.03 - koron's 30/08/2011 2:09.1.2 - x86
Microsoft Windows XP Édition familiale 5.1.2600.3.1252.33.1036.18.2047.1685 [GMT 2:00]
Lancé depuis: c:\documents and settings\koron's\Bureau\cacafixounet.exe
.
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\koron's\Application Data\cacaoweb
c:\documents and settings\koron's\Application Data\cacaoweb\errorlog.txt
c:\documents and settings\koron's\Application Data\cacaoweb\npdfile.dat
c:\documents and settings\koron's\Application Data\cacaoweb\replicating8F67E66076B69068B28CFFB1CB446B60.cacao
c:\documents and settings\koron's\Application Data\cacaoweb\storage.db
c:\documents and settings\koron's\Bureau\cacaoweb.exe
c:\documents and settings\koron's\WINDOWS
c:\program files\cacaoweb
c:\program files\cacaoweb\cacaoweb.exe
c:\windows\$NtUninstallKB46880$
c:\windows\$NtUninstallKB46880$\2480090170
c:\windows\$NtUninstallKB46880$\3275721696\{1B372133-BFFA-4dba-9CCF-5474BED6A9F6}
c:\windows\$NtUninstallKB46880$\3275721696\click.tlb
c:\windows\$NtUninstallKB46880$\3275721696\L\bjprseiu
c:\windows\$NtUninstallKB46880$\3275721696\loader(2).tlb
c:\windows\$NtUninstallKB46880$\3275721696\loader.tlb
c:\windows\$NtUninstallKB46880$\3275721696\U\@00000001
c:\windows\$NtUninstallKB46880$\3275721696\U\@000000c0
c:\windows\$NtUninstallKB46880$\3275721696\U\@000000cb
c:\windows\$NtUninstallKB46880$\3275721696\U\@000000cf
c:\windows\$NtUninstallKB46880$\3275721696\U\@80000000
c:\windows\$NtUninstallKB46880$\3275721696\U\@800000c0
c:\windows\$NtUninstallKB46880$\3275721696\U\@800000cb
c:\windows\$NtUninstallKB46880$\3275721696\U\@800000cf
c:\windows\system32\c_47781.nls
.
Une copie infectée de c:\windows\system32\drivers\cdrom.sys a été trouvée et désinfectée
Copie restaurée à partir de - The cat found it :)
Une copie infectée de c:\windows\system32\wuauclt.exe a été trouvée et désinfectée
Copie restaurée à partir de - c:\windows\system32\dllcache\wuauclt.exe
.
c:\program files\Fichiers communs\Apple\Mobile Device Support\AppleMobileDeviceService.exe . . . est infecté!!
.
c:\program files\Bonjour\mDNSResponder.exe . . . est infecté!!
.
c:\program files\iPod\bin\iPodService.exe . . . est infecté!!
.
c:\program files\Java\jre6\bin\jqs.exe . . . est infecté!!
.
c:\program files\PC Connectivity Solution\ServiceLayer.exe . . . est infecté!!
.
.
((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_c33f8be0
.
.
((((((((((((((((((((((((((((( Fichiers créés du 2011-07-28 au 2011-08-30 ))))))))))))))))))))))))))))))))))))
.
.
2011-08-30 00:06 . 2008-04-13 18:40 62976 -c--a-w- c:\windows\system32\dllcache\cdrom.sys
2011-08-30 00:06 . 2008-04-13 18:40 62976 ----a-w- c:\windows\system32\drivers\cdrom.sys
2011-08-29 23:39 . 2011-08-29 23:39 4606 ----a-w- c:\windows\system32\PerfStringBackup.TMP
2011-08-29 23:18 . 2011-08-29 23:18 -------- d-----w- c:\documents and settings\LocalService\Bureau
2011-08-29 23:17 . 2011-08-15 11:08 29504 ----a-w- c:\windows\system32\uxtuneup.dll
2011-08-29 23:15 . 2011-08-15 11:14 31552 ----a-w- c:\windows\system32\TURegOpt.exe
2011-08-29 23:15 . 2011-08-29 23:43 -------- d-----w- c:\documents and settings\koron's\Application Data\TuneUp Software
2011-08-29 23:15 . 2011-08-29 23:17 -------- d-----w- c:\program files\TuneUp Utilities 2011
2011-08-29 23:15 . 2011-08-29 23:17 -------- d-----w- c:\documents and settings\All Users\Application Data\TuneUp Software
2011-08-29 23:15 . 2011-08-29 23:15 -------- d-sh--w- c:\documents and settings\All Users\Application Data\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16}
2011-08-29 23:10 . 2011-08-29 23:10 -------- d-----w- c:\program files\CCleaner
2011-08-29 23:09 . 2011-08-29 23:09 -------- d-----w- c:\program files\SUPERAntiSpyware
2011-08-29 20:03 . 2008-04-13 18:45 20608 -c--a-w- c:\windows\system32\dllcache\usbuhci.sys
2011-08-29 20:03 . 2008-04-13 18:45 20608 ----a-w- c:\windows\system32\drivers\usbuhci.sys
2011-08-29 19:56 . 2011-08-29 19:56 -------- d-----w- c:\windows\system32\wbem\Repository
2011-08-29 19:52 . 2011-08-29 19:52 -------- d-----w- c:\program files\Desktop iPhone
2011-08-29 19:52 . 2011-08-29 19:52 -------- d-----w- c:\program files\Fichiers communs\Nuance
2011-08-29 19:52 . 2011-08-29 19:52 -------- d-----w- c:\program files\Fichiers communs\ScanSoft Shared
2011-08-29 19:52 . 2011-08-29 19:52 -------- d-----w- c:\documents and settings\All Users\Application Data\ScanSoft
2011-08-29 19:52 . 2011-08-29 19:52 -------- d-----w- c:\program files\Nuance
2011-08-29 19:50 . 2011-08-29 19:50 -------- d-----w- c:\program files\Ubisoft
2011-08-29 19:50 . 2011-08-29 19:50 -------- d-----w- c:\program files\Xilisoft
2011-08-29 19:33 . 2011-08-29 19:33 -------- d-----w- c:\documents and settings\koron's\Application Data\SUPERAntiSpyware.com
2011-08-29 19:30 . 2011-08-29 19:30 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2011-08-29 19:11 . 2011-08-29 19:47 -------- d-s---w- c:\documents and settings\Administrateur
2011-08-29 18:49 . 2011-08-29 18:53 -------- d-----w- c:\documents and settings\koron's\Local Settings\Application Data\antiphishing-vmntbcleaner1_0dn
2011-08-29 18:49 . 2011-08-29 19:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Anti-phishing Domain Advisor
2011-08-29 18:49 . 2011-08-29 19:47 -------- d-----w- c:\program files\Toolbar Cleaner
2011-08-28 21:46 . 2011-08-28 21:46 -------- d-----w- c:\documents and settings\koron's\Application Data\Lavasoft
2011-08-28 21:38 . 2011-08-28 21:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes
2011-08-28 21:25 . 2011-08-29 19:48 -------- d-----w- c:\program files\Ad-Remover
2011-08-28 19:22 . 2011-08-29 19:49 -------- d-----w- C:\pebuilder313
2011-08-26 22:12 . 2011-08-26 22:12 -------- d-----w- c:\documents and settings\All Users\Application Data\Electronic Arts
2011-08-26 21:29 . 2011-08-26 21:29 -------- d-----w- c:\documents and settings\koron's\Local Settings\Application Data\Microsoft Corporation
2011-08-26 21:29 . 2011-08-29 19:50 -------- d-----w- c:\program files\Microsoft Windows 7 Upgrade Advisor
2011-08-26 20:51 . 2011-08-26 20:51 -------- d-----w- c:\program files\Realtek
2011-08-26 20:50 . 2011-08-26 20:50 -------- d-----w- c:\program files\Marvell
2011-08-26 20:29 . 2011-08-29 19:52 -------- d-----w- c:\program files\ma-config.com
2011-08-26 20:29 . 2011-08-29 19:52 -------- d-----w- c:\documents and settings\All Users\Application Data\ma-config.com
2011-08-26 16:36 . 2011-08-26 16:36 -------- d-----w- c:\program files\PowerQuest
2011-08-25 09:34 . 2011-08-25 09:34 -------- d-----w- c:\program files\Alcohol Soft
2011-08-25 09:08 . 2011-08-29 19:53 -------- d-----w- c:\documents and settings\NetworkService\UserData
2011-08-25 08:34 . 2011-08-25 08:34 -------- d-----w- c:\documents and settings\koron's\Application Data\Ahead
2011-08-25 08:34 . 2011-08-25 08:34 -------- d-----w- c:\documents and settings\All Users\Application Data\Ahead
2011-08-25 08:07 . 2011-08-29 19:53 -------- d-----w- c:\documents and settings\koron's\Application Data\DeepBurner
2011-08-23 09:13 . 2011-08-29 19:55 -------- d-----w- c:\program files\Analog Devices
2011-08-23 08:29 . 2011-08-23 08:29 -------- d-----w- c:\windows\OPTIONS
.
.
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-06-21 18:17 . 2004-08-05 12:00 371200 ----a-w- c:\windows\system32\html.iec
2011-06-06 11:35 . 2004-08-05 12:00 1859072 ----a-w- c:\windows\system32\win32k.sys
2011-07-27 12:15 . 2011-05-09 19:18 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2002-08-29 . A0EE5C06390357FEE7B7949DBCA156D3 . 165376 . . [5.1.2600.1106] . . c:\windows\system32\appmgmts.dll
.
((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2007-04-16 577536]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-07-19 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2011-05-04 17:54 551296 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk /r \??\C:\0autocheck autochk *
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"cacaoweb"="c:\program files\cacaoweb\cacaoweb.exe" -noplayer
"CTFMON.EXE"=c:\windows\system32\ctfmon.exe
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
"SUPERAntiSpyware"=c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe
"MsnMsgr"="c:\program files\Windows Live\Messenger\MsnMsgr.Exe" /background
"MSMSGS"="c:\program files\Messenger\msmsgs.exe" /background
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"BigDogPath"=c:\windows\VM_STI.EXE Cammaestro 4.2GU build 1105
"DNS7reminder"="c:\program files\Nuance\NaturallySpeaking10\Ereg\Ereg.exe" -r "c:\documents and settings\All Users\Application Data\Nuance\NaturallySpeaking10\Ereg.ini
"QuickTime Task"="c:\program files\QuickTime\qttask.exe" -atboottime
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
"ISUSPM Startup"=c:\progra~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
"TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
"SSBkgdUpdate"="c:\program files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
"ISUSScheduler"="c:\program files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\LimeWire\\LimeWire.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\adslTV\\adsltv.exe"=
"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
"c:\\Program Files\\Nokia\\Nokia Software Updater\\nsu_ui_client.exe"=
"c:\\Program Files\\Fichiers communs\\Nokia\\Service Layer\\A\\nsl_host_process.exe"=
"c:\\Program Files\\eMule\\emule.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Documents and Settings\\koron's\\Application Data\\uTorrent\\Duke3D\\eduke32.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\Nokia\\Nokia PC Suite 7\\PCSuite.exe"=
"c:\\WINDOWS\\system32\\oobe\\msoobe.exe"=
"c:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"=
"c:\\Documents and Settings\\koron's\\Bureau\\SUPERAntiSpyware.exe"=
"d:\\ccsetup310.exe"=
"c:\\Program Files\\TuneUp Utilities 2011\\UpdateWizard.exe"=
"c:\\Program Files\\TuneUp Utilities 2011\\RegWiz.exe"=
"c:\\Program Files\\TuneUp Utilities 2011\\TURatingSynch.exe"=
.
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [22/07/2011 18:27 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [12/07/2011 23:55 67664]
R2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCore.exe [12/08/2011 01:38 116608]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe [15/08/2011 13:10 1526080]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesDriver32.sys [07/10/2010 13:34 10064]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe -k Akamai [05/08/2004 14:00 14336]
S3 DLPortIO;DriverLINX Port I/O Driver;c:\windows\system32\drivers\DLPORTIO.SYS [19/10/2010 17:12 3584]
S3 L6TportK;Service - Line 6 TonePort KB37;c:\windows\system32\drivers\L6TportK.sys [07/08/2009 18:10 532992]
S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\windows\system32\drivers\nmwcdnsu.sys [19/11/2009 20:17 136704]
S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\windows\system32\drivers\nmwcdnsuc.sys [19/11/2009 20:17 8320]
S3 ZSMC302;Cammaestro 4.2GU build 1105;c:\windows\system32\drivers\usbvm302.sys [12/10/2009 21:16 195263]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Akamai REG_MULTI_SZ Akamai
.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp
.
Contenu du dossier 'Tâches planifiées'
.
2011-07-30 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 15:57]
.
.
------- Examen supplémentaire -------
.
uInternet Settings,ProxyOverride = *.local
TCP: DhcpNameServer = 192.168.0.254
FF - ProfilePath - c:\documents and settings\koron's\Application Data\Mozilla\Firefox\Profiles\1ndrfmyr.default\
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-08-30 02:21
Windows 5.1.2600 Service Pack 3 NTFS
.
Recherche de processus cachés ...
.
Recherche d'éléments en démarrage automatique cachés ...
.
Recherche de fichiers cachés ...
.
Scan terminé avec succès
Fichiers cachés: 0
.
**************************************************************************
.
Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: WDC_WD3200AAKS-00L9A0 rev.01.03E01 -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP5T0L0-1f
.
device: opened successfully
user: MBR read successfully
error: Read Un périphérique attaché au système ne fonctionne pas correctement.
kernel: MBR read successfully
detected disk devices:
detected hooks:
\Driver\atapi DriverStartIo -> 0x8A34C31B
user & kernel MBR OK
.
**************************************************************************
.
--------------------- DLLs chargées dans les processus actifs ---------------------
.
- - - - - - - > 'winlogon.exe'(916)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL
c:\windows\system32\Ati2evxx.dll
.
- - - - - - - > 'explorer.exe'(732)
c:\windows\system32\eappprxy.dll
c:\windows\system32\WPDShServiceObj.dll
c:\program files\Nokia\Nokia PC Suite 7\PhoneBrowser.dll
c:\program files\Nokia\Nokia PC Suite 7\NGSCM.DLL
c:\program files\Nokia\Nokia PC Suite 7\Lang\PhoneBrowser_fre.nlr
c:\program files\Nokia\Nokia PC Suite 7\Resource\PhoneBrowser_Nokia.ngr
c:\program files\Microsoft Virtual PC\VPCShExH.DLL
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Autres processus actifs ------------------------
.
c:\windows\system32\Ati2evxx.exe
c:\windows\system32\Ati2evxx.exe
c:\program files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
c:\windows\system32\wscntfy.exe
c:\windows\SOUNDMAN.EXE
.
**************************************************************************
.
Heure de fin: 2011-08-30 02:27:46 - La machine a redémarré
ComboFix-quarantined-files.txt 2011-08-30 00:27
.
Avant-CF: 121 008 619 520 octets libres
Après-CF: 121 659 547 648 octets libres
.
WindowsXP-KB310994-SP2-Home-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP dition familiale" /noexecute=optin /fastdetect
.
- - End Of File - - D736B70E9DD4593B578CE79A6353318C