Smitfraud

voila, désolé de pas avoir répondu plus tot mais j'avais des choses à faire !
g fait tout ce que tu m'avais dit. voici tout les rapports.
je n'ai pas trouver mywebsearch dans le panneaux de configuration et le fix de keenvalue n'a rien trouvé.

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 11:28:35 25/11/2006

+ Résultat de l'analyse:



HKLM\SOFTWARE\180solutions -> Adware.180Solutions : Aucune action entreprise.
C:\WINDOWS\system32\Xcite.exe -> Adware.F1Organizer : Aucune action entreprise.
C:\RECYCLER\NPROTECT\00061912.EXE -> Adware.Gator : Aucune action entreprise.
C:\RECYCLER\NPROTECT\00061914.EXE -> Adware.Gator : Aucune action entreprise.
C:\WINDOWS\NDNuninstall6_22.exe -> Adware.NewDotNet : Aucune action entreprise.
C:\RECYCLER\NPROTECT\00063046.CPL -> Adware.P2PNet : Aucune action entreprise.
HKU\S-1-5-21-2000478354-796845957-682003330-1003\Software\SCom -> Dialer.Generic : Aucune action entreprise.
C:\Documents and Settings\Luci@\Cookies\luci@@247realmedia[1].txt -> TrackingCookie.247realmedia : Aucune action entreprise.
C:\RECYCLER\S-1-5-21-2000478354-796845957-682003330-1003\Dc2146.txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\Luci@\Cookies\luci@@adbrite[2].txt -> TrackingCookie.Adbrite : Aucune action entreprise.
C:\RECYCLER\S-1-5-21-2000478354-796845957-682003330-1003\Dc2133.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
C:\RECYCLER\S-1-5-21-2000478354-796845957-682003330-1003\Dc2132.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
C:\RECYCLER\S-1-5-21-2000478354-796845957-682003330-1003\Dc2150.txt -> TrackingCookie.Reliablestats : Aucune action entreprise.
C:\RECYCLER\S-1-5-21-2000478354-796845957-682003330-1003\Dc2151.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
C:\Documents and Settings\Luci@\Cookies\luci@@weborama[2].txt -> TrackingCookie.Weborama : Aucune action entreprise.


Fin du rapport

----------------------------------------------------------------------------

rapport bitdeffender

Scanned File
Status

C:\RECYCLER\NPROTECT\00062992.EXE=>(NSIS o)=>zlib_nsis0002
Infected with: Trojan.Downloader.Keenval.F

C:\RECYCLER\NPROTECT\00062992.EXE=>(NSIS o)=>zlib_nsis0002
Disinfection failed

C:\RECYCLER\NPROTECT\00062992.EXE=>(NSIS o)=>zlib_nsis0002
Deleted

C:\RECYCLER\NPROTECT\00062992.EXE=>(NSIS o)
Update failed

C:\WINDOWS\system32\drivers\etc\hosts
Infected with: Trojan.Qhost.CS

C:\WINDOWS\system32\drivers\etc\hosts
Disinfection failed

C:\WINDOWS\system32\drivers\etc\hosts
Deleted

C:\WINDOWS\system32\drivers\etc\hosts.msn
Infected with: Trojan.Qhost.CS

C:\WINDOWS\system32\drivers\etc\hosts.msn
Disinfection failed

C:\WINDOWS\system32\drivers\etc\hosts.msn
Deleted

F:\Mes documents\Mes images\arrières plans\bisous(1).exe
Detected with: Application.Joke.Justakiss.B

F:\Mes documents\Mes images\arrières plans\bisous(1).exe
Disinfection failed

F:\Mes documents\Mes images\arrières plans\bisous(1).exe
Deleted

---------------------------------------------------------------------------


Logfile of HijackThis v1.99.1
Scan saved at 18:44:40, on 25/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\CTSvcCDA.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe
F:\mes documents\programme files\quick time\qttask.exe
C:\Program Files\Lexmark 3100 Series\lxbrbmon.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hijacthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://kochonland.playmoa.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [rvbrvrhxd] C:\WINDOWS\System32\hnzibsh.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Lexmark 3100 Series] "C:\Program Files\Lexmark 3100 Series\lxbrbmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "F:\mes documents\programme files\quick time\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: GoTranslate - http://ut.gotranslate.com/utd/ieutd-r.htm
O9 - Extra button: GoTranslate - {21C9EF41-92BE-11d3-9AB8-005004B85154} - http://ut.gotranslate.com/utd/ieutd-b.htm (file missing)
O9 - Extra 'Tools' menuitem: GoTranslate - {21C9EF41-92BE-11d3-9AB8-005004B85154} - http://ut.gotranslate.com/utd/ieutd-b.htm (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab27571.cab
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - http://components.metastream.com/MTSInstallers/MetaStream3.cab
O16 - DPF: {22945A69-1191-4DCF-9E6F-409BDE94D101} (EModelNonVersionSpecificViewControl Class) - https://www.solidworks.com/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab27571.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab27571.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe