salut tout le monde j'ai un petit probleme avec windows qui me laisse un message d'erreur lorsque lordi demarre celui ci me signale qu'il est impossible de trouver lapplication svchost.exe comment pourrai je faire pour reinstaller cette application mais surtt oi pouraije la trouver merciiiii d'avance pour votre aide

Bonjour,

Tu n'as pas un ordinateur autre que celui-là ?

Télécharge puis installe Hijackthis (Trend Micro).
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

ui jen ai un autre c une tour

Fais ce que j'ai dit avec Hijackthis avant de continuer.
Tu as le CD de Windows ?

euh ui mai g deja fait la manik avk hijackthis il ma sorti une sorte de rapport

voila le rapport :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:29:26, on 28/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\PROGRA~1\mcafee.com\mps\mcbrhlpr.dll (file missing)
O2 - BHO: McAfee Privacy Service Popup Blocker - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll (file missing)
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {89AD4D75-2429-462e-BD4E-443F233F6033} - C:\WINDOWS\system32\vnocyjpt.dll (file missing)
O2 - BHO: (no name) - {B21C8D77-008B-4D42-8C69-04D3E676F8EE} - (no file)
O2 - BHO: (no name) - {F03E3FF4-2491-430E-BE4F-63E82DB430A7} - C:\WINDOWS\system32\mlljj.dll (file missing)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [scvhost] C:\Program Files\Wiretap Professional\scvhost.exe
O4 - HKLM\..\Run: [74593188] rundll32.exe "C:\WINDOWS\system32\mbhpoyag.dll",b
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll (file missing)
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/ [...] insctl.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c003FF66.dat
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\xkyqbubk.exe (file missing)
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - Unknown owner - c:\program files\mcafee.com\agent\mcdetect.exe (file missing)
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe (file missing)
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - Unknown owner - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe (file missing)
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe (file missing)
O23 - Service: McAfee Personal Firewall Service (MpfService) - Unknown owner - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe (file missing)
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe

--
End of file - 10218 bytes

Il y a une infection Vundo.

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.

• Double-clique VundoFix.exe afin de le lancer
• Clique sur le bouton Scan for Vundo
• Lorsque le scan est complété, clique sur le bouton Remove Vundo
• Une invite te demandera si tu veux supprimer les fichiers, clique YES
• Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
• Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK
• Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse

Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".

voila le rapport vundofix.exe:


VundoFix V6.7.7

Checking Java version...

Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.

Scan started at 18:34:56 28/12/2007

Listing files found while scanning....

C:\WINDOWS\system32\acfodqbd.exe
C:\WINDOWS\system32\aclmiwxk.exe
C:\WINDOWS\system32\aoxodhrj.ini
C:\WINDOWS\system32\ckmdfeij.exe
C:\WINDOWS\system32\csjdtvva.exe
C:\WINDOWS\system32\enhjajfc.exe
C:\WINDOWS\system32\exnbytbi.exe
C:\WINDOWS\system32\gebvslmx.dll
C:\WINDOWS\system32\jdalitvj.exe
C:\WINDOWS\system32\jeqfkvgg.exe
C:\WINDOWS\system32\jgnokkkq.exe
C:\WINDOWS\system32\jrhdoxoa.dll
C:\WINDOWS\system32\kkeibgwy.exe
C:\WINDOWS\system32\koxyeeyt.exe
C:\WINDOWS\system32\lclsffjj.exe
C:\WINDOWS\system32\ltnjjdvv.dll
C:\WINDOWS\system32\mbhpoyag.dll
C:\WINDOWS\system32\njobqtli.exe
C:\WINDOWS\system32\ovqbtpjl.exe
C:\WINDOWS\system32\pntixxex.exe
C:\WINDOWS\system32\qaidlwhq.exe
C:\WINDOWS\system32\qtdbimih.exe
C:\WINDOWS\system32\rgqrgoon.exe
C:\WINDOWS\system32\twsjwcfq.exe
C:\WINDOWS\system32\vhtstuvw.exe
C:\WINDOWS\system32\vnocyjpt.dll
C:\WINDOWS\system32\votqmukn.exe
C:\WINDOWS\system32\wsxpergy.exe
C:\WINDOWS\system32\xmlsvbeg.ini
C:\WINDOWS\system32\ytaaymea.exe

Beginning removal...

Attempting to delete C:\WINDOWS\system32\acfodqbd.exe
C:\WINDOWS\system32\acfodqbd.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\aclmiwxk.exe
C:\WINDOWS\system32\aclmiwxk.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\aoxodhrj.ini
C:\WINDOWS\system32\aoxodhrj.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\ckmdfeij.exe
C:\WINDOWS\system32\ckmdfeij.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\csjdtvva.exe
C:\WINDOWS\system32\csjdtvva.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\enhjajfc.exe
C:\WINDOWS\system32\enhjajfc.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\exnbytbi.exe
C:\WINDOWS\system32\exnbytbi.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\gebvslmx.dll
C:\WINDOWS\system32\gebvslmx.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\jdalitvj.exe
C:\WINDOWS\system32\jdalitvj.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\jeqfkvgg.exe
C:\WINDOWS\system32\jeqfkvgg.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\jgnokkkq.exe
C:\WINDOWS\system32\jgnokkkq.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\jrhdoxoa.dll
C:\WINDOWS\system32\jrhdoxoa.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\kkeibgwy.exe
C:\WINDOWS\system32\kkeibgwy.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\koxyeeyt.exe
C:\WINDOWS\system32\koxyeeyt.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\lclsffjj.exe
C:\WINDOWS\system32\lclsffjj.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\ltnjjdvv.dll
C:\WINDOWS\system32\ltnjjdvv.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\mbhpoyag.dll
C:\WINDOWS\system32\mbhpoyag.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\njobqtli.exe
C:\WINDOWS\system32\njobqtli.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\ovqbtpjl.exe
C:\WINDOWS\system32\ovqbtpjl.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\pntixxex.exe
C:\WINDOWS\system32\pntixxex.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\qaidlwhq.exe
C:\WINDOWS\system32\qaidlwhq.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\qtdbimih.exe
C:\WINDOWS\system32\qtdbimih.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\rgqrgoon.exe
C:\WINDOWS\system32\rgqrgoon.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\twsjwcfq.exe
C:\WINDOWS\system32\twsjwcfq.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\vhtstuvw.exe
C:\WINDOWS\system32\vhtstuvw.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\votqmukn.exe
C:\WINDOWS\system32\votqmukn.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\wsxpergy.exe
C:\WINDOWS\system32\wsxpergy.exe Has been deleted!

Attempting to delete C:\WINDOWS\system32\xmlsvbeg.ini
C:\WINDOWS\system32\xmlsvbeg.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\ytaaymea.exe
C:\WINDOWS\system32\ytaaymea.exe Has been deleted!

Performing Repairs to the registry.
Done!

voila le rapport hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:04:56, on 28/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe
C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: McBrwHelper Class - {227B8AA8-DAF2-4892-BD1D-73F568BCB24E} - c:\PROGRA~1\mcafee.com\mps\mcbrhlpr.dll (file missing)
O2 - BHO: McAfee Privacy Service Popup Blocker - {3EC8255F-E043-4cae-8B3B-B191550C2A22} - c:\program files\mcafee.com\mps\popupkiller.dll (file missing)
O2 - BHO: McAfee AntiPhishing Filter - {41D68ED8-4CFF-4115-88A6-6EBB8AF19000} - c:\program files\mcafee\spamkiller\mcapfbho.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {B21C8D77-008B-4D42-8C69-04D3E676F8EE} - (no file)
O2 - BHO: (no name) - {F03E3FF4-2491-430E-BE4F-63E82DB430A7} - C:\WINDOWS\system32\mlljj.dll (file missing)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [Autoconfigurateur WiFi Neuf] C:\Program Files\Neuf\Kit\WiFi\9wifi.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [scvhost] C:\Program Files\Wiretap Professional\scvhost.exe
O4 - HKLM\..\Run: [74593188] rundll32.exe "C:\WINDOWS\system32\mbhpoyag.dll",b
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: (no name) - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll (file missing)
O9 - Extra 'Tools' menuitem: McAfee AntiPhishing Filter - {39FD89BF-D3F1-45b6-BB56-3582CCF489E1} - c:\program files\mcafee\spamkiller\mcapfbho.dll (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/ [...] insctl.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O20 - AppInit_DLLs: C:\WINDOWS\system32\__c003FF66.dat
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\xkyqbubk.exe (file missing)
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\Logitech\SrvLnch\SrvLnch.exe
O23 - Service: McAfee WSC Integration (McDetect.exe) - Unknown owner - c:\program files\mcafee.com\agent\mcdetect.exe (file missing)
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe (file missing)
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - Unknown owner - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe (file missing)
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe (file missing)
O23 - Service: McAfee Personal Firewall Service (MpfService) - Unknown owner - C:\PROGRA~1\McAfee.com\PERSON~1\MpfService.exe (file missing)
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:\Program Files\WinPcap\rpcapd.exe

--
End of file - 10129 bytes

juste une question est ce que il est normal qun nouveau message d'erreur en plus de celui que j'avais auparavant apparaisse

On va s'occupe du message

Désactive tes protections résidentes (antivirus...) !

• Télécharge Combofix.exe (]sUBs) sur ton Bureau.
• Double clique combofix.exe.
• Tape sur la touche 1 (Yes) pour démarrer le scan.
• Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

voila le rapport



ComboFix 07-12-21.4 - tom 2007-12-28 19:36:07.1 - NTFSx86
Running from: C:\Documents and Settings\tom\Bureau\ComboFix.exe
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\check_LSA7.txt
C:\WINDOWS\cookies.ini
C:\WINDOWS\system32\drivers\npf.sys
C:\WINDOWS\system32\packet.dll
C:\WINDOWS\system32\pthreadVC.dll
C:\WINDOWS\system32\wanpacket.dll
C:\WINDOWS\system32\wpcap.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_DOMAINSERVICE
-------\LEGACY_NPF
-------\DomainService
-------\NPF


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-11-28 to 2007-12-28 ))))))))))))))))))))))))))))))))))))
.

2007-12-28 18:34 . 2007-12-28 18:34 <REP> d-------- C:\VundoFix Backups
2007-12-28 16:21 . 2007-12-28 16:21 <REP> d-------- C:\Program Files\Trend Micro
2007-12-28 15:38 . 2007-12-28 15:38 5,120 --a------ C:\WINDOWS\system32\Hook.dll
2007-12-28 12:05 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-12-28 12:05 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2007-12-28 12:05 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2007-12-28 12:05 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-28 12:05 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-28 12:05 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-28 12:05 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-28 12:05 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-28 11:11 . 2007-12-28 17:11 947,568 ---hs---- C:\WINDOWS\system32\gayophbm.ini
2007-12-27 11:12 . 2007-12-28 11:10 940,756 ---hs---- C:\WINDOWS\system32\auikuhwq.ini
2007-12-26 11:12 . 2007-12-27 11:12 951,372 ---hs---- C:\WINDOWS\system32\wiulodds.ini
2007-12-25 22:28 . 2007-12-25 22:30 <REP> d-------- C:\WINDOWS\system32\fr-fr
2007-12-25 22:22 . 2007-10-11 00:49 6,065,664 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll
2007-12-25 22:22 . 2007-07-01 04:31 2,455,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dat
2007-12-25 22:22 . 2007-07-01 04:36 1,048,576 -----c--- C:\WINDOWS\system32\dllcache\ieframe.dll.mui
2007-12-25 22:22 . 2007-10-11 00:49 459,264 -----c--- C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-12-25 22:22 . 2007-10-11 00:49 383,488 -----c--- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-12-25 22:22 . 2007-10-11 00:49 267,776 -----c--- C:\WINDOWS\system32\dllcache\iertutil.dll
2007-12-25 22:22 . 2007-10-11 00:49 63,488 -----c--- C:\WINDOWS\system32\dllcache\icardie.dll
2007-12-25 22:22 . 2007-10-11 00:49 52,224 -----c--- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-12-25 22:22 . 2007-10-10 11:59 13,824 -----c--- C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-12-25 22:21 . 2007-08-13 18:54 33,792 --a--c--- C:\WINDOWS\system32\dllcache\custsat.dll
2007-12-25 11:12 . 2007-12-26 08:57 939,752 ---hs---- C:\WINDOWS\system32\iovvifse.ini
2007-12-24 11:11 . 2007-12-25 11:11 1,006,943 ---hs---- C:\WINDOWS\system32\faempghe.ini
2007-12-22 23:15 . 2007-12-24 11:09 988,963 ---hs---- C:\WINDOWS\system32\ommwutqr.ini
2007-12-21 23:11 . 2007-12-22 23:12 991,290 ---hs---- C:\WINDOWS\system32\wafvmajk.ini
2007-12-20 23:15 . 2007-12-21 16:45 987,994 ---hs---- C:\WINDOWS\system32\mrwgluga.ini
2007-12-19 23:10 . 2007-12-20 23:10 987,814 ---hs---- C:\WINDOWS\system32\pmlfmkdq.ini
2007-12-19 21:46 . 2007-12-19 21:46 268 --ah----- C:\sqmdata14.sqm
2007-12-19 21:46 . 2007-12-19 21:46 244 --ah----- C:\sqmnoopt14.sqm
2007-12-19 21:00 . 2007-12-19 22:08 986,223 ---hs---- C:\WINDOWS\system32\aemafidy.ini
2007-12-18 20:58 . 2007-12-19 20:58 986,103 ---hs---- C:\WINDOWS\system32\uilngsyt.ini
2007-12-17 20:55 . 2007-12-18 07:43 970,926 ---hs---- C:\WINDOWS\system32\vvdjjntl.ini
2007-12-16 20:54 . 2007-12-17 20:54 971,632 ---hs---- C:\WINDOWS\system32\iekwgruv.ini
2007-12-15 20:52 . 2007-12-16 20:52 970,614 ---hs---- C:\WINDOWS\system32\yescwbsk.ini
2007-12-14 20:54 . 2007-12-15 19:50 952,392 ---hs---- C:\WINDOWS\system32\tadwjdwo.ini
2007-12-13 05:59 . 2007-12-13 05:59 127 --a------ C:\WINDOWS\system32\MRT.INI
2007-12-12 21:32 . 2007-12-12 21:33 <REP> d-------- C:\Program Files\DivX
2007-12-12 21:32 . 2007-12-12 21:33 679 --a------ C:\WINDOWS\mozver.dat
2007-12-12 20:56 . 2007-12-13 07:05 790,209 ---hs---- C:\WINDOWS\system32\jfqugxhp.ini
2007-12-11 23:34 . 2007-12-11 23:34 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
2007-12-11 23:34 . 2007-12-11 23:34 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
2007-12-11 20:56 . 2007-12-12 06:06 824,271 ---hs---- C:\WINDOWS\system32\rjxxdkbr.ini
2007-12-10 20:54 . 2007-12-11 20:54 963,892 ---hs---- C:\WINDOWS\system32\mxewegmd.ini
2007-12-08 21:51 . 2007-12-10 12:12 807,895 ---hs---- C:\WINDOWS\system32\ymtvhcml.ini
2007-12-08 09:57 . 2007-12-28 09:53 <REP> d-------- C:\WINDOWS\system32\recoveryInfo
2007-12-08 09:56 . 2007-12-28 12:19 <REP> d-------- C:\Program Files\Wiretap Professional
2007-12-08 09:56 . 2007-12-08 09:56 <REP> d-------- C:\Program Files\WinPcap
2007-12-08 09:56 . 2007-12-08 09:56 724,992 --a------ C:\WINDOWS\iun6002.exe
2007-12-07 21:48 . 2007-12-08 21:48 807,535 ---hs---- C:\WINDOWS\system32\dkynyybq.ini
2007-12-06 21:58 . 2007-12-07 16:51 818,119 ---hs---- C:\WINDOWS\system32\gddrkdnu.ini
2007-12-05 21:57 . 2007-12-06 21:58 817,939 ---hs---- C:\WINDOWS\system32\hxwlhgsk.ini
2007-12-05 21:33 . 2007-12-05 21:33 878,537 ---hs---- C:\WINDOWS\system32\ecleiyuc.ini
2007-12-04 20:51 . 2007-12-05 21:31 807,443 ---hs---- C:\WINDOWS\system32\waulgsuh.ini
2007-12-03 20:52 . 2007-12-04 17:12 795,244 ---hs---- C:\WINDOWS\system32\waohcbuh.ini
2007-12-02 20:49 . 2007-12-03 20:49 794,992 ---hs---- C:\WINDOWS\system32\avnxorty.ini
2007-12-01 20:58 . 2007-12-02 19:13 794,436 ---hs---- C:\WINDOWS\system32\kxbclhhl.ini
2007-12-01 17:34 . 2007-12-01 18:41 790,344 ---hs---- C:\WINDOWS\system32\eprawcft.ini
2007-11-30 17:32 . 2007-12-01 14:29 790,224 ---hs---- C:\WINDOWS\system32\rwtxwher.ini
2007-11-29 17:32 . 2007-11-30 16:47 790,044 ---hs---- C:\WINDOWS\system32\rfwafgiq.ini
2007-11-28 17:32 . 2007-11-29 17:23 788,213 ---hs---- C:\WINDOWS\system32\klgyngrg.ini

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-28 18:39 --------- d-----w C:\Documents and Settings\tom\Application Data\nView_Wallpaper
2007-12-28 18:32 --------- d-----w C:\Program Files\eMule
2007-12-02 10:04 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-24 13:49 --------- d-----w C:\Documents and Settings\tom\Application Data\Apple Computer
2007-11-23 21:38 --------- d-----w C:\Program Files\DAEMON Tools
2007-11-15 20:49 --------- d-----w C:\Documents and Settings\tom\Application Data\GibbHill Properties Ltd
2007-11-13 10:25 20,480 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F03E3FF4-2491-430E-BE4F-63E82DB430A7}]
C:\WINDOWS\system32\mlljj.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15:09]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-09-05 06:43]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-09-25 18:11]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2003-07-15 20:09]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2003-07-15 20:08]
"nwiz"="nwiz.exe" [2004-03-12 22:57 C:\WINDOWS\system32\nwiz.exe]
"Cpqset"="C:\Program Files\HPQ\Default Settings\cpqset.exe" [2004-03-18 08:18]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 05:24]
"SunJavaUpdateSched"="C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe" [2007-09-03 13:56]
"Autoconfigurateur WiFi Neuf"="C:\Program Files\Neuf\Kit\WiFi\9wifi.exe" [2006-07-06 21:32]
"NeroFilterCheck"="C:\WINDOWS\System32\NeroCheck.exe" [2005-09-25 18:11]
"LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\Logitech\LComMgr\Communications_Helper.exe" [2006-10-31 00:03]
"LVCOMSX"="C:\Program Files\Fichiers communs\Logitech\LComMgr\LVComSX.exe" [2006-11-15 21:01]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-19 15:10 C:\WINDOWS\system32\rundll32.exe]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-07 15:55]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2006-09-14 21:09]
"scvhost"="C:\Program Files\Wiretap Professional\scvhost.exe" [2004-05-20 23:17]
"74593188"="C:\WINDOWS\system32\mbhpoyag.dll" []
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 15:09]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{935FA400-243D-11D3-B06E-857B2AE2BE64}"= C:\PROGRA~1\WIRETA~1\SHELLE~1.DLL [ ]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{19df921e-740e-11dc-938c-00904b92f7fc}]
\Shell\Auto\command - E:\auto.exe
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL auto.exe

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-12-24 15:00:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-28 19:40:05
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Cpqset = C:\Program Files\HPQ\Default Settings\cpqset.exe????????9?8?9?5??????? ?|?B???????????????B? ??????

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-28 19:41:10 - machine was rebooted
.
2007-12-27 09:06:05 --- E O F ---

On va continuer notre petit ménage.

Désactive tes protections résidentes (antivirus...) !
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.