Cheval de trois sur mon ordi par msn

mon antivirus ne va pas faire de conflit avec tout ca????

je me lance souhaite moi bonne chance

voila le test
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:04:54, on 13/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Neuf\Media Center\MediaCenter.exe
C:\Program Files\MessengerSkinner\MessengerSkinner.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Antipub\antipub.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.talti.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
R3 - URLSearchHook: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-5c19516be1a8} - C:\Program Files\Share_Accelerator\tbSha1.dll
R3 - URLSearchHook: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\%%%.exe
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\3.bin\MWSSRCAS.DLL
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\3.bin\MWSBAR.DLL
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Shareaza\Plugins\RazaWebHook.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-5c19516be1a8} - C:\Program Files\Share_Accelerator\tbSha1.dll
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-5c19516be1a8} - C:\Program Files\Share_Accelerator\tbSha1.dll
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\3.bin\MWSBAR.DLL,S
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [OlStatusMon] "C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe" dvcStatusMinimize
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
O4 - HKLM\..\Run: [NI.UAVIFR_0001_N105M2404] "C:\Documents and Settings\tutut\Bureau\install_fr.exe" -nag
O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [Flash Media] C:\WINDOWS\system32\%%%.exe
O4 - HKCU\..\Run: [OE Backup] "C:\Program Files\Bodrag\Outlook Express Backup Expert\OEBackup.exe" /start
O4 - HKCU\..\Run: [ErrorSafeFree] "C:\Program Files\ErrorSafe Free\uers.exe" /scan
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\3.bin\mwsoemon.exe
O4 - HKCU\..\Run: [start bat] C:\DOCUME~1\tutut\APPLIC~1\SKIPAC~1\scr16axis.exe
O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\Neuf\Media Center\MediaCenter.exe"
O4 - HKCU\..\Run: [messengerskinner] C:\Program Files\MessengerSkinner\MessengerSkinner.exe
O4 - HKCU\..\Run: [Advanced Woman Calendar] "C:\Program Files\Advanced Woman Calendar\WomanCalendar.exe" -m
O4 - HKCU\..\Run: [rybgye] c:\documents and settings\tutut\local settings\application data\rybgye.exe rybgye
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNxmk879YYFR
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Shareaza\Plugins\RazaWebHook.dll/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?1f1197ca11414bbeb7b1656f9241c45
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?1f1197ca11414bbeb7b1656f9241c45
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://cdn.downloadcontrol.com/files/installers/cab/SystemDoctor2006FreeInstall_fr.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15-3.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: olMntrService - Olivetti - C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

moi aussi j'ai le virus cheval de trois mais je n'arrive pas a le suprimer pouvez vous m'aider svp

ca n as pas fonctionner

tu as vu mon rapport test

rapport
BTFix 1.095 (par bibi26) - 13/04/2008 16:31:36 - Analyse
Lancé depuis C:\Documents and Settings\tutut\Bureau\BTFix\BTFix.exe

---> Fichiers/Dossiers trouvés

- C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.15-3.inf
- C:\WINDOWS\system32\f3PSSavr.scr
- C:\Program Files\MyWebSearch\
- C:\Program Files\HbTools\
- C:\Program Files\Hotbar\
- C:\Program Files\FunWebProducts\
- C:\Program Files\AskTBar\
- C:\Program Files\AdVantage\
- C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll
- C:\Program Files\Internet Explorer\msimg32.dll
- C:\Program Files\MSN Messenger\RICHED20.dll
- C:\Documents and Settings\tutut\Application Data\HbTools_Icons\
- C:\Documents and Settings\tutut\Application Data\HbTools\
- C:\Documents and Settings\tutut\Application Data\FunWebProducts\

---> Analyse terminée le 13/04/2008 16:32:27

ca suis sont cour
tu crois que c est grave docteur

tu pourras me donner un antivirus de qualite gratuit pour ne plus avoir ce genre de probleme
j apprecie vraiment ton aide je me voyais tout vire de mon ordi
merci

3eme rapport
SmitFraudFix v2.312

Rapport fait à 16:56:02,25, 13/04/2008
Executé à partir de C:\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Neuf\Media Center\MediaCenter.exe
C:\Program Files\MessengerSkinner\MessengerSkinner.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\documents and settings\tutut\local settings\application data\poqnbfkvx.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Antipub\antipub.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Documents and Settings\tutut\Bureau\BTFix\BTFix.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\tutut


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\tutut\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\tutut\Favoris


»»»»»»»»»»»»»»»»»»»»»»»» Bureau


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues


»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"


»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="avgrsstx.dll"
"LoadAppInit_DLLs"=dword:00000001


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,C:\\WINDOWS\\system32\\%%%.exe"
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Carte Fast Ethernet PCI de base SiS 900 - Miniport d'ordonnancement de paquets
DNS Server Search Order: 192.168.30.1
DNS Server Search Order: 0.0.0.0

HKLM\SYSTEM\CCS\Services\Tcpip\..\{35F7337C-0A87-45E6-8B86-5193298959FF}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS1\Services\Tcpip\..\{35F7337C-0A87-45E6-8B86-5193298959FF}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\..\{35F7337C-0A87-45E6-8B86-5193298959FF}: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.30.1 0.0.0.0
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.30.1 0.0.0.0


»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll


»»»»»»»»»»»»»»»»»»»»»»»» Fin

rapport 1
BTFix 1.095 (par bibi26) - 13/04/2008 17:09:42 - Nettoyage - Mode normal
Lancé depuis C:\Documents and Settings\tutut\Bureau\BTFix\BTFix.exe

---> Fichiers/dossiers supprimés (Première passe)

- Fichiers temporaires effacés
- C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.15-3.inf
- C:\WINDOWS\system32\f3PSSavr.scr
- C:\Program Files\MyWebSearch\bar\1.bin\
- C:\Program Files\MyWebSearch\bar\2.bin\
- C:\Program Files\MyWebSearch\bar\3.bin\
- C:\Program Files\MyWebSearch\bar\4.bin\
- C:\Program Files\MyWebSearch\bar\Avatar\
- C:\Program Files\MyWebSearch\bar\Cache\
- C:\Program Files\MyWebSearch\bar\Game\
- C:\Program Files\MyWebSearch\bar\History\
- C:\Program Files\MyWebSearch\bar\Message\
- C:\Program Files\MyWebSearch\bar\MSNBackgrounds\
- C:\Program Files\MyWebSearch\bar\Notifier\
- C:\Program Files\MyWebSearch\bar\Search\
- C:\Program Files\MyWebSearch\bar\Settings\
- C:\Program Files\MyWebSearch\bar\
- C:\Program Files\MyWebSearch\SrchAstt\2.bin\
- C:\Program Files\MyWebSearch\SrchAstt\3.bin\
- C:\Program Files\MyWebSearch\SrchAstt\
- C:\Program Files\MyWebSearch\
- C:\Program Files\HbTools\Bin\4.8.4.0\
- C:\Program Files\HbTools\Bin\
- C:\Program Files\HbTools\
- C:\Program Files\Hotbar\
- C:\Program Files\FunWebProducts\ScreenSaver\Images\
- C:\Program Files\FunWebProducts\ScreenSaver\
- C:\Program Files\FunWebProducts\Shared\Cache\
- C:\Program Files\FunWebProducts\Shared\
- C:\Program Files\FunWebProducts\
- C:\Program Files\AskTBar\bar\1.bin\
- C:\Program Files\AskTBar\bar\Cache\
- C:\Program Files\AskTBar\bar\History\
- C:\Program Files\AskTBar\bar\Settings\
- C:\Program Files\AskTBar\bar\
- C:\Program Files\AskTBar\PopSwatr\History\
- C:\Program Files\AskTBar\PopSwatr\
- C:\Program Files\AskTBar\SrchAstt\1.bin\
- C:\Program Files\AskTBar\SrchAstt\
- C:\Program Files\AskTBar\
- C:\Program Files\AdVantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\chrome\content\
- C:\Program Files\AdVantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\chrome\locale\en-US\
- C:\Program Files\AdVantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\chrome\locale\
- C:\Program Files\AdVantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\chrome\
- C:\Program Files\AdVantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\components\
- C:\Program Files\AdVantage\{A89AED22-9133-424c-88E7-C8235C5FF302}\
- C:\Program Files\AdVantage\
- C:\Program Files\Mozilla Firefox\plugins\NPMyWebS.dll
- C:\Program Files\Internet Explorer\msimg32.dll
- C:\Program Files\MSN Messenger\RICHED20.dll
- C:\Documents and Settings\tutut\Application Data\HbTools_Icons\
- C:\Documents and Settings\tutut\Application Data\HbTools\eskin\
- C:\Documents and Settings\tutut\Application Data\HbTools\IESkins\
- C:\Documents and Settings\tutut\Application Data\HbTools\v3.0\HbTools\dynamic\hstat\
- C:\Documents and Settings\tutut\Application Data\HbTools\v3.0\HbTools\dynamic\TooltipXML\
- C:\Documents and Settings\tutut\Application Data\HbTools\v3.0\HbTools\dynamic\ustat\
- C:\Documents and Settings\tutut\Application Data\HbTools\v3.0\HbTools\dynamic\
- C:\Documents and Settings\tutut\Application Data\HbTools\v3.0\HbTools\static\1\
- C:\Documents and Settings\tutut\Application Data\HbTools\v3.0\HbTools\static\2\
- C:\Documents and Settings\tutut\Application Data\HbTools\v3.0\HbTools\static\DownLoad\
- C:\Documents and Settings\tutut\Application Data\HbTools\v3.0\HbTools\static\
- C:\Documents and Settings\tutut\Application Data\HbTools\v3.0\HbTools\
- C:\Documents and Settings\tutut\Application Data\HbTools\v3.0\HostOI\dynamic\
- C:\Documents and Settings\tutut\Application Data\HbTools\v3.0\HostOI\static\1\
- C:\Documents and Settings\tutut\Application Data\HbTools\v3.0\HostOI\static\2\
- C:\Documents and Settings\tutut\Application Data\HbTools\v3.0\HostOI\static\DownLoad\
- C:\Documents and Settings\tutut\Application Data\HbTools\v3.0\HostOI\static\
- C:\Documents and Settings\tutut\Application Data\HbTools\v3.0\HostOI\
- C:\Documents and Settings\tutut\Application Data\HbTools\v3.0\HostOL\dynamic\
- C:\Documents and Settings\tutut\Application Data\HbTools\v3.0\HostOL\static\1\
- C:\Documents and Settings\tutut\Application Data\HbTools\v3.0\HostOL\static\2\
- C:\Documents and Settings\tutut\Application Data\HbTools\v3.0\HostOL\static\DownLoad\
- C:\Documents and Settings\tutut\Application Data\HbTools\v3.0\HostOL\static\
- C:\Documents and Settings\tutut\Application Data\HbTools\v3.0\HostOL\
- C:\Documents and Settings\tutut\Application Data\HbTools\v3.0\
- C:\Documents and Settings\tutut\Application Data\HbTools\
- C:\Documents and Settings\tutut\Application Data\FunWebProducts\Data\tutut\
- C:\Documents and Settings\tutut\Application Data\FunWebProducts\Data\
- C:\Documents and Settings\tutut\Application Data\FunWebProducts\

---> Nettoyage terminé le 13/04/2008 17:12:31

pas de rapport car pas de certificats a supprimer je vais sur msnfix
a de suite

je reprend la 1ere procedure???????????

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:06:56, on 13/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
C:\WINDOWS\system32\PSIService.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Neuf\Media Center\MediaCenter.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Antipub\antipub.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-5c19516be1a8} - C:\Program Files\Share_Accelerator\tbSha1.dll
R3 - URLSearchHook: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Shareaza\Plugins\RazaWebHook.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-5c19516be1a8} - C:\Program Files\Share_Accelerator\tbSha1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-5c19516be1a8} - C:\Program Files\Share_Accelerator\tbSha1.dll
O3 - Toolbar: Multi Media France Toolbar - {7009fcd4-05be-44f4-9583-93fe419ab7b0} - C:\Program Files\Multi_Media_France\tbMul0.dll
O3 - Toolbar: AVGTOOLBAR - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [OlStatusMon] "C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe" dvcStatusMinimize
O4 - HKLM\..\Run: [NI.UAVIFR_0001_N105M2404] "C:\Documents and Settings\tutut\Bureau\install_fr.exe" -nag
O4 - HKLM\..\Run: [TrayServer] C:\Program Files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [OE Backup] "C:\Program Files\Bodrag\Outlook Express Backup Expert\OEBackup.exe" /start
O4 - HKCU\..\Run: [ErrorSafeFree] "C:\Program Files\ErrorSafe Free\uers.exe" /scan
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [start bat] C:\DOCUME~1\tutut\APPLIC~1\SKIPAC~1\scr16axis.exe
O4 - HKCU\..\Run: [Neuf Media Center] "C:\Program Files\Neuf\Media Center\MediaCenter.exe"
O4 - HKCU\..\Run: [Advanced Woman Calendar] "C:\Program Files\Advanced Woman Calendar\WomanCalendar.exe" -m
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Anti-Pub.lnk = C:\Program Files\Antipub\antipub.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Shareaza\Plugins\RazaWebHook.dll/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?1f1197ca11414bbeb7b1656f9241c45
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?1f1197ca11414bbeb7b1656f9241c45
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://cdn.downloadcontrol.com/files/installers/cab/SystemDoctor2006FreeInstall_fr.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: olMntrService - Olivetti - C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

je suis pas sur d avoir bien fait ce qu il fallait pour ta derniere instruction
WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professionnel" /noexecute=optin /fastdetect
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

il faut que j arret tout mon antivirus mon par feu???j ai du mal avec ta derniere instruction

rapport
ComboFix 08-04-12.10 - tutut 2008-04-13 20:59:40.1 - NTFSx86
Endroit: C:\Documents and Settings\tutut\Bureau\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\WinAntiVirus Pro 2006
C:\Documents and Settings\tutut\Application Data\SystemDoctor 2006 Free
C:\Documents and Settings\tutut\Application Data\SystemDoctor 2006 Free\Logs\update.log
C:\Documents and Settings\tutut\Application Data\WinAntiVirus Pro 2006
C:\Documents and Settings\tutut\Application Data\WinAntiVirus Pro 2006\Logs\update.log
C:\Documents and Settings\tutut\Application Data\WinAntiVirus Pro 2006\Logs\wa6Support.log
C:\Documents and Settings\tutut\Application Data\WinAntiVirus Pro 2006\Logs\winav.log
C:\Documents and Settings\tutut\Application Data\WinAntiVirus Pro 2006\PGE.dat
C:\Documents and Settings\tutut\err.log
C:\Program Files\Fichiers communs\winantivirus pro 2006
C:\Program Files\Fichiers communs\winantivirus pro 2006\err.log
C:\WA6P
C:\WINDOWS\dialerexe.ini
C:\WINDOWS\system32\_000005_.tmp.dll
C:\WINDOWS\system32\_000006_.tmp.dll
C:\WINDOWS\system32\_000007_.tmp.dll
C:\WINDOWS\system32\_000008_.tmp.dll
C:\WINDOWS\system32\_000009_.tmp.dll
C:\WINDOWS\system32\_000010_.tmp.dll
C:\WINDOWS\system32\stera.log

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_FOPN
-------\Legacy_VSPF
-------\Legacy_VSPF_HK
-------\Service_FOPN
-------\Service_vspf
-------\Service_vspf_hk


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-13 to 2008-04-13 ))))))))))))))))))))))))))))))))))))
.

2008-04-13 17:56 . 2008-04-13 17:57 <REP> d-------- C:\WINDOWS\ERUNT
2008-04-13 16:56 . 2008-04-13 17:50 3,148 --a------ C:\WINDOWS\system32\tmp.reg
2008-04-13 16:56 . 2008-04-13 16:56 0 --a------ C:\WINDOWS\system32\tmp.MSNFix
2008-04-13 16:54 . 2008-04-13 16:58 <REP> d-------- C:\SmitfraudFix
2008-04-13 16:35 . 2008-04-13 17:21 <REP> d-------- C:\Program Files\Navilog1
2008-04-13 16:24 . 2008-04-13 16:24 96,520 --a------ C:\WINDOWS\system32\drivers\avgldx86.sys
2008-04-13 16:24 . 2008-04-13 16:24 75,272 --a------ C:\WINDOWS\system32\drivers\avgtdix.sys
2008-04-13 16:24 . 2008-04-13 16:24 12,424 --a------ C:\WINDOWS\system32\drivers\avgrkx86.sys
2008-04-13 16:24 . 2008-04-13 16:24 10,520 --a------ C:\WINDOWS\system32\avgrsstx.dll
2008-04-13 16:23 . 2008-04-13 16:23 <REP> d-------- C:\WINDOWS\system32\drivers\Avg
2008-04-13 16:23 . 2008-04-13 16:23 <REP> d-------- C:\Documents and Settings\tutut\Application Data\AVGTOOLBAR
2008-04-13 16:22 . 2008-04-13 16:22 <REP> d-------- C:\Program Files\AVG
2008-04-13 16:22 . 2008-04-13 16:22 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\avg8
2008-04-13 16:04 . 2008-04-13 16:04 <REP> d-------- C:\Program Files\Trend Micro
2008-04-13 00:42 . 2008-04-13 00:42 232 --ah-c--- C:\sqmdata06.sqm
2008-04-11 23:46 . 2002-04-29 02:10 <REP> d--h-c--- C:\Documents and Settings\Administrateur\Voisinage r‚seau
2008-04-11 23:46 . 2002-04-29 02:10 <REP> d--h-c--- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-04-11 23:46 . 2002-04-29 00:19 <REP> d--h-c--- C:\Documents and Settings\Administrateur\ModŠles
2008-04-11 23:46 . 2002-04-29 02:10 <REP> d----c--- C:\Documents and Settings\Administrateur\Mes documents
2008-04-11 23:46 . 2002-04-29 02:10 <REP> dr---c--- C:\Documents and Settings\Administrateur\Menu D‚marrer
2008-04-11 23:46 . 2002-04-29 02:10 <REP> d----c--- C:\Documents and Settings\Administrateur\Favoris
2008-04-11 23:46 . 2002-04-29 02:10 <REP> d----c--- C:\Documents and Settings\Administrateur\Bureau
2008-04-11 23:28 . 2008-04-11 23:29 <REP> d--h----- C:\WINDOWS\$hf_mig$
2008-04-11 23:13 . 2008-04-11 23:13 232 --ah-c--- C:\sqmdata05.sqm
2008-04-11 23:08 . 2008-04-11 23:11 <REP> d-------- C:\Program Files\Unlocker
2008-04-11 23:08 . 2008-04-11 23:08 <REP> d-------- C:\Documents and Settings\tutut\Application Data\Desktopicon
2008-04-11 00:30 . 2008-04-11 00:30 232 --ah-c--- C:\sqmdata04.sqm
2008-04-10 20:41 . 2008-04-10 20:41 <REP> d-------- C:\Documents and Settings\tutut\Application Data\Nokia Multimedia Player
2008-04-10 20:21 . 2008-04-10 20:21 232 --ah-c--- C:\sqmdata03.sqm
2008-04-10 20:14 . 2008-04-10 20:14 <REP> d-------- C:\Program Files\Fichiers communs\PCSuite
2008-04-10 20:14 . 2008-04-10 20:14 <REP> d-------- C:\Program Files\Fichiers communs\Nokia
2008-04-10 20:13 . 2006-10-10 08:54 12,800 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-04-10 20:13 . 2006-10-10 08:54 12,800 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-04-10 20:13 . 2006-10-10 08:54 9,216 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-04-10 20:12 . 2008-04-10 20:20 <REP> d-------- C:\Program Files\Nokia
2008-04-10 20:12 . 2006-10-10 08:54 138,240 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-04-10 20:12 . 2006-10-10 08:54 30,720 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-04-10 20:12 . 2006-10-10 08:54 4,608 --a------ C:\WINDOWS\system32\nmwcdlog.dll
2008-04-10 01:49 . 2008-04-10 01:49 232 --ah-c--- C:\sqmdata02.sqm
2008-04-09 12:15 . 2008-04-09 12:17 <REP> d-------- C:\Documents and Settings\tutut\Application Data\U3
2008-04-08 23:01 . 2008-04-08 23:01 232 --ah-c--- C:\sqmdata01.sqm
2008-04-08 17:09 . 2008-04-08 17:09 232 --ah-c--- C:\sqmdata00.sqm
2008-04-06 14:45 . 2007-10-25 18:56 8,510,976 --------- C:\WINDOWS\system32\SETF7.tmp
2008-04-06 14:45 . 2007-10-25 18:56 8,510,976 --------- C:\WINDOWS\system32\SETD1.tmp
2008-04-06 14:45 . 2007-10-25 18:56 8,510,976 --------- C:\WINDOWS\system32\SET6B.tmp
2008-04-06 14:45 . 2007-10-25 18:56 8,510,976 --------- C:\WINDOWS\system32\SET64.tmp
2008-04-06 14:45 . 2007-10-25 18:56 8,510,976 --a------ C:\WINDOWS\system32\SET225.tmp
2008-04-06 14:45 . 2007-10-25 18:56 8,510,976 --------- C:\WINDOWS\system32\SET1CE.tmp
2008-04-06 14:45 . 2007-10-25 18:56 8,510,976 --------- C:\WINDOWS\system32\SET1C1.tmp
2008-04-06 14:35 . 2007-07-30 19:19 38,232 --a------ C:\WINDOWS\system32\wucltui.dll.mui
2008-04-06 14:35 . 2007-07-30 19:20 30,040 --a------ C:\WINDOWS\system32\wuaucpl.cpl.mui
2008-04-06 14:35 . 2007-07-30 19:19 30,040 --a------ C:\WINDOWS\system32\wuapi.dll.mui
2008-04-06 14:35 . 2007-07-30 19:18 21,336 --a------ C:\WINDOWS\system32\wuaueng.dll.mui
2008-04-05 18:13 . 2008-04-05 18:13 0 --a------ C:\WINDOWS\system32\real.MSNFix
2008-04-05 15:56 . 2008-04-05 15:56 <REP> d-------- C:\Program Files\Avira
2008-04-05 15:56 . 2008-04-05 15:56 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\Avira
2008-03-27 00:21 . 2008-03-27 00:21 <REP> d----c--- C:\Lphant
2008-03-14 11:52 . 2007-12-08 00:36 14,745,654 --a------ C:\WINDOWS\system32\Desk_Cal
2008-03-14 11:50 . 2008-03-14 11:59 <REP> d-------- C:\Program Files\Advanced Woman Calendar

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-13 15:12 --------- d-----w C:\Program Files\MSN Messenger
2008-04-10 21:21 --------- d-----w C:\Program Files\Audacity
2008-04-10 18:11 --------- dc----w C:\Documents and Settings\All Users\Application Data\Downloaded Installations
2008-04-05 15:15 --------- d-----w C:\Program Files\MultiMedia France Toolbar
2008-03-10 08:46 --------- d-----w C:\Program Files\eMule
2008-03-09 13:02 --------- d-----w C:\Program Files\Lphant
2008-03-06 16:40 --------- d-----w C:\Program Files\Fichiers communs\xing shared
2008-03-06 16:39 --------- d-----w C:\Program Files\Fichiers communs\Real
2008-03-06 16:36 --------- d-----w C:\Program Files\Real
2008-03-06 16:11 --------- d-----w C:\Program Files\PCStitch Pro
2008-03-01 23:39 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-02-20 08:57 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-18 15:20 --------- d-----w C:\Program Files\Emoticons-plus.com
2008-02-13 09:06 --------- d-----w C:\Program Files\Calculette Premium XE
2007-03-11 18:48 1,140,304 -c--a-w C:\Documents and Settings\All Users\Application Data\pswi_preloaded.exe
2007-01-21 15:02 344 -c--a-w C:\Program Files\downloads.txt
2007-01-21 14:58 344 -c--a-w C:\Program Files\downloads.bak
2004-08-09 21:30 40,960 -c--a-w C:\Program Files\Uninstall_CDS.exe
2007-04-11 17:22 614,400 ----a-w C:\Program Files\mozilla firefox\plugins\MannequinPlayer2.dll
2007-03-17 16:46 88 --sh--r C:\WINDOWS\system32\FDA24CFFB0.sys
2007-03-17 18:29 3,350 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
2008-04-13 16:23 2051328 --a------ C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{A057A204-BACC-4D26-9990-79A187E2698E}"= "C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL" [2008-04-13 16:23 2051328]

[HKEY_CLASSES_ROOT\clsid\{a057a204-bacc-4d26-9990-79a187e2698e}]
[HKEY_CLASSES_ROOT\avgtoolbar.AVGTOOLBAR]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OE Backup"="C:\Program Files\Bodrag\Outlook Express Backup Expert\OEBackup.exe" [ ]
"ErrorSafeFree"="C:\Program Files\ErrorSafe Free\uers.exe" [ ]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 10:27 153136]
"start bat"="C:\DOCUME~1\tutut\APPLIC~1\SKIPAC~1\scr16axis.exe" [ ]
"Neuf Media Center"="C:\Program Files\Neuf\Media Center\MediaCenter.exe" [2007-10-15 17:57 1025264]
"Advanced Woman Calendar"="C:\Program Files\Advanced Woman Calendar\WomanCalendar.exe" [ ]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 16:57 153136]
"Cmaudio"="cmicnfg.cpl" []
"OlStatusMon"="C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe" [2006-07-26 17:20 106496]
"NI.UAVIFR_0001_N105M2404"="C:\Documents and Settings\tutut\Bureau\install_fr.exe" [ ]
"TrayServer"="C:\Program Files\MAGIX\Video_deluxe_2008_e-version\TrayServer.exe" [ ]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 02:11 132496]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2008-03-06 18:37 185896]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-04-05 15:58 249896]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-01-23 11:19 223232]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [2008-03-01 07:10 15872]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-04-13 16:23 1177368]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-19 16:09 15360]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 23:18 443968]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55 5674352]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2006-11-09 17:15 1634304]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Flash Media]
C:\WINDOWS\system32\%%%.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
"C:\\Program Files\\Zapu\\Zapu\\wDivi.exe"=
"C:\\WINDOWS\\system32\\[Emoticons-plus.com] Winkaa 2.0.exe"=
"C:\\WINDOWS\\system32\\javaw.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\WINDOWS\\system32\\rundll32.exe"=
"C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
"C:\Program Files\Neuf\Media Center\httpd\httpd.exe"= C:\Program Files\Neuf\Media Center\httpd\httpd.exe:172.16.255.0/255.255.255.0,192.168.1.2/255.255.255.255:Enabled:Serveur de partage Media Center (Player Neuf Cegetel)
"C:\\Program Files\\Lphant\\eLePhantClient.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"C:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=

R0 AvgRkx86;avgrkx86.sys;C:\WINDOWS\system32\Drivers\avgrkx86.sys [2008-04-13 16:24]
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\WINDOWS\system32\Drivers\avgldx86.sys [2008-04-13 16:24]
R2 avg8emc;AVG8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-04-13 16:23]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-04-13 16:23]
R2 AvgTdiX;AVG8 Network Redirector;C:\WINDOWS\system32\Drivers\avgtdix.sys [2008-04-13 16:24]
R2 olMntrService;olMntrService;"C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe" [2006-07-24 13:02]
R3 ovt530;Webcam Deluxe;C:\WINDOWS\system32\Drivers\ov530vid.sys [2005-03-15 18:04]
S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" [2007-10-10 14:54]

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-04-12 18:23:12 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-04-13 18:19:01 C:\WINDOWS\Tasks\Vérifier les mises à jour de Windows Live Toolbar.job"