Msconfig application win32 non valide [Résolu]

Salut !

je pense que tu y es peut être aller un peu fort en supprimer certains fichiers infectés, du coup il y a peut être des fonctions qui ne marchent plus ... mais on va voir ça :

Telecharge ceci :

http://www.infos-du-net.com/telecharger/HijackThis.html = lien

http://pageperso.aol.fr/balltrap34/demohijack.htm = démo

( Merci à Balltrap )

Choisis l'option "do a scan and a logfile", il va te générer un rapport, copie et colle sur le forum.

@+

Logfile of HijackThis v1.99.1
Scan saved at 21:56:25, on 13/03/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe
C:\PROGRA~1\ICROSO~1\csrss.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
E:\Program Files\KiddiesBarre\KiddiesBarre.exe
C:\Documents and Settings\Xav\Mes documents\Nettoyer Windows\Hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\RunServices: [Windows mod Verifier] Windows-mod.exe
O4 - HKCU\..\Run: [AWMON] "C:\PROGRA~1\Lavasoft\AD-AWA~1\Ad-Watch.exe"
O4 - HKCU\..\Run: [Tobb] "C:\PROGRA~1\ICROSO~1\csrss.exe" -vt ndrv
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1142107746801
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://eu-housecall.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} (Mirar_Dummy_ATS1 Class) - http://awbeta.net-nucleus.com/FIX/WinATS.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

Quelle rapidité lol !

Relance HijackThis : choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked" :

O4 - HKCU\..\Run: [Tobb] "C:\PROGRA~1\ICROSO~1\csrss.exe" -vt ndrv

O16 - DPF: {8A0DCBDB-6E20-489C-9041-C1E8A0352E75} (Mirar_Dummy_ATS1 Class) - http://awbeta.net-nucleus.com/FIX/WinATS.cab

ensuite :

HijackThis -> Open the misc tools sections -> open Uninstall manager -> clique sur "Save list" -> enregistre le fichier -> fais-en un copier/coller ici.

@+

Acoustica Effects Pack
Acoustica Mixcraft
Ad-Aware SE Professional
Adobe Reader 7.0.5 - Français
Archiveur WinRAR
avast! Antivirus
CDex extraction audio
DivX
EasyCleaner
eMule
Google Toolbar for Internet Explorer
HijackThis 1.99.1
J2SE Runtime Environment 5.0 Update 6
KiddiesBarre 1.0
Language pack for Ad-Aware SE
Lecteur Windows Media 10
Macromedia Flash Player 8
Microsoft Office PowerPoint Viewer 2003
Microsoft Office Word Viewer 2003
MSN Messenger 7.5
My Drivers 3.11
Nero 6
Tweakui Powertoy for Windows XP
Windows Media Format Runtime

C:\Documents and Settings\Xav\Bureau\CDex.lnk=>D:\Program Files\CDex_150\CDex.exe
Infected with: Win32.Sality.E

C:\Documents and Settings\Xav\Bureau\CDex.lnk=>D:\Program Files\CDex_150\CDex.exe
Disinfection failed

C:\Documents and Settings\Xav\Bureau\CDex.lnk=>D:\Program Files\CDex_150\CDex.exe
Deleted

C:\Documents and Settings\Xav\Bureau\CDex.lnk
Update failed

C:\Documents and Settings\Xav\Bureau\Mixcraft.lnk=>D:\Program Files\Acoustica Mixcraft\mixcraft.exe
Infected with: Win32.Sality.E

C:\Documents and Settings\Xav\Bureau\Mixcraft.lnk=>D:\Program Files\Acoustica Mixcraft\mixcraft.exe
Disinfection failed

C:\Documents and Settings\Xav\Bureau\Mixcraft.lnk=>D:\Program Files\Acoustica Mixcraft\mixcraft.exe
Deleted

C:\Documents and Settings\Xav\Bureau\Mixcraft.lnk
Update failed

C:\Documents and Settings\Xav\Local Settings\Temp\!update.exe
Infected with: Win32.Sality.E

C:\Documents and Settings\Xav\Local Settings\Temp\!update.exe
Disinfection failed

C:\Documents and Settings\Xav\Local Settings\Temp\!update.exe
Deleted

C:\Documents and Settings\Xav\Mes documents\Nettoyer Windows\My Drivers 3.11.lnk=>D:\Program Files\My Drivers\MyDrivers.exe
Infected with: Win32.Sality.E

C:\Documents and Settings\Xav\Mes documents\Nettoyer Windows\My Drivers 3.11.lnk=>D:\Program Files\My Drivers\MyDrivers.exe
Disinfection failed

C:\Documents and Settings\Xav\Mes documents\Nettoyer Windows\My Drivers 3.11.lnk=>D:\Program Files\My Drivers\MyDrivers.exe
Deleted

C:\Documents and Settings\Xav\Mes documents\Nettoyer Windows\My Drivers 3.11.lnk
Update failed

C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup=>D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Infected with: Win32.Sality.E

C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup=>D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Disinfection failed

C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup=>D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
Deleted

C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup
Update failed

C:\WINDOWS\surv3.exe
Infected with: Trojan.Downloader.Vb.VV

C:\WINDOWS\surv3.exe
Disinfection failed

C:\WINDOWS\surv3.exe
Deleted

C:\WINDOWS\system32\csrs.exe
Infected with: Backdoor.Rbot.APD

C:\WINDOWS\system32\csrs.exe
Disinfection failed

C:\WINDOWS\system32\csrs.exe
Deleted

C:\WINDOWS\system32\ctfmsvc.ini
Infected with: Backdoor.HackDef.Gen

C:\WINDOWS\system32\ctfmsvc.ini
Disinfection failed

C:\WINDOWS\system32\ctfmsvc.ini
Deleted

C:\WINDOWS\system32\ndriver.exe
Infected with: Trojan.Proxy.Daemonize.BX

C:\WINDOWS\system32\ndriver.exe
Deleted

C:\WINDOWS\system32\wmimgr32.dll
Infected with: Win32.Worm.Sality.A

C:\WINDOWS\system32\wmimgr32.dll
Disinfection failed

C:\WINDOWS\system32\wmimgr32.dll
Deleted

C:\WINDOWS\Temp\winflpgà.exe
Infected with: Trojan.Agent.PM

C:\WINDOWS\Temp\winflpgà.exe
Disinfection failed

C:\WINDOWS\Temp\winflpgà.exe
Deleted

C:\WINDOWS\Temp\winqmajddŒ.exe
Infected with: Trojan.Agent.PM

C:\WINDOWS\Temp\winqmajddŒ.exe
Disinfection failed

C:\WINDOWS\Temp\winqmajddŒ.exe
Deleted

D:\Program Files\Acoustica Mixcraft\UNWISE.EXE
Infected with: Win32.Sality.E

D:\Program Files\Acoustica Mixcraft\UNWISE.EXE
Disinfection failed

D:\Program Files\Acoustica Mixcraft\UNWISE.EXE
Deleted

D:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
Infected with: Win32.Sality.E

D:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
Disinfection failed

D:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
Deleted

D:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe
Infected with: Win32.Sality.E

D:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe
Disinfection failed

D:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe
Deleted

D:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
Infected with: Win32.Sality.E

D:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
Disinfection failed

D:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe
Deleted

D:\Program Files\Adobe\Acrobat 7.0\Reader\Updater\acroaum.exe
Infected with: Win32.Sality.E

D:\Program Files\Adobe\Acrobat 7.0\Reader\Updater\acroaum.exe
Disinfection failed

D:\Program Files\Adobe\Acrobat 7.0\Reader\Updater\acroaum.exe
Deleted

D:\Program Files\CDex_150\uninstall.exe
Infected with: Win32.Sality.E

D:\Program Files\CDex_150\uninstall.exe
Disinfection failed

D:\Program Files\CDex_150\uninstall.exe
Deleted

D:\Program Files\DivX\DivX\config.exe
Infected with: Win32.Sality.E

D:\Program Files\DivX\DivX\config.exe
Disinfection failed

D:\Program Files\DivX\DivX\config.exe
Deleted

D:\Program Files\DivX\DivX\DivX EKG.exe
Infected with: Win32.Sality.E

D:\Program Files\DivX\DivX\DivX EKG.exe
Disinfection failed

D:\Program Files\DivX\DivX\DivX EKG.exe
Deleted

D:\Program Files\My Drivers\Uninstal.exe
Infected with: Win32.Sality.E

D:\Program Files\My Drivers\Uninstal.exe
Disinfection failed

D:\Program Files\My Drivers\Uninstal.exe
Deleted

D:\Program Files\My Drivers\UNWISE.EXE
Infected with: Win32.Sality.E

D:\Program Files\My Drivers\UNWISE.EXE
Disinfection failed

D:\Program Files\My Drivers\UNWISE.EXE
Deleted

D:\Program Files\ToniArts\EasyCleaner\EasyClea.exe
Infected with: Win32.Sality.E

D:\Program Files\ToniArts\EasyCleaner\EasyClea.exe
Disinfection failed

D:\Program Files\ToniArts\EasyCleaner\EasyClea.exe
Deleted

D:\Program Files\WinRAR\Rar.exe
Infected with: Win32.Sality.E

D:\Program Files\WinRAR\Rar.exe
Disinfection failed

D:\Program Files\WinRAR\Rar.exe
Deleted

D:\Program Files\WinRAR\RarExtLoader.exe
Infected with: Win32.Sality.E

D:\Program Files\WinRAR\RarExtLoader.exe
Disinfection failed

D:\Program Files\WinRAR\RarExtLoader.exe
Deleted

D:\Program Files\WinRAR\Uninstall.exe
Infected with: Win32.Sality.E

D:\Program Files\WinRAR\Uninstall.exe
Disinfection failed

D:\Program Files\WinRAR\Uninstall.exe
Deleted

D:\Program Files\WinRAR\UnRAR.exe
Infected with: Win32.Sality.E

D:\Program Files\WinRAR\UnRAR.exe
Disinfection failed

D:\Program Files\WinRAR\UnRAR.exe
Deleted

D:\Program Files\WinRAR\WinRAR.exe
Infected with: Win32.Sality.E

D:\Program Files\WinRAR\WinRAR.exe
Disinfection failed

D:\Program Files\WinRAR\WinRAR.exe
Deleted

Re !

petit nettoyage maintenant :

télécharge ceci : ( si ce n'est pas déjà fait ! )

1) Ad-Aware (gratuit) :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/11643.html

2) Le patch en Français pour Ad-Aware (gratuit) :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/25543.html

tuto : (merci à Moe) http://perso.wanadoo.fr/entraide-hijackthis/AdAware/AdAware.htm

3) Spybot (gratuit) :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/26157.html

tuto : (merci à Ballatrap )
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm

4) A-squared (gratuit) :
http://www.emsisoft.net/fr/software/download/

5) Ewido (gratuit) :
http://www.ewido.net/fr/download/

tuto : (merci à Moe) http://perso.wanadoo.fr/entraide-hijackthis/Ewido/

6) CleanUp40 (qui élimine les fichiers temporaires + cookies : gratuit )
http://pageperso.aol.fr/Balltrap34/CleanUp40.exe

tuto : (merci à Balltrap) http://pageperso.aol.fr/balltrap34/democleanup.htm


mets tout à jour,lance les scans en mode sans echec : pour cela redemarre en appuillant sur le touche F8 ou F5

dis nous après ce qu'il en est : bon courage !

@+

Alors, j'ai fais plusieur scan en ligne, plus: ad aware, avast!, blacklight, easy cleaner.
Je pense maintenant être débarasser des virus mais les commandes msconfig et regedit ne fonctionne toujour pas.
Se qui m'enbette comme meme.

Salut !

ok : essaye ça ==> tape dans Exécuter C:\Windows\regedit.exe

@+

Merci de ta réponse rapide !

Mais maleureusment sa ne marche pas :s
j'ai essayer aussi de l'activer directement a partir du fichier dans windows mes rien ni fait :(

Re !

et bien je pense qu'il ne reste plus qu'à faire une reparation win ...

car comme je te l'avais dis precedement : je pense qu'il y a pas mal de fichiers qui ont dû être supprimés et non déinfectés ...

tiens nous au courant

bon courage, @+

Ok, ba je te remerci bien de ton aide et je croi que je v me passer de msconfig, apré tout c pas si importent si y a plus de virus c'est le principal, surtout que lordi je v biento le doner a mon frere et il ne se servira jamai de cette comand alor bon ...

En tout cas merci de mavoir consacré de ton temp et bonne continuation tchô!

c'est toi qui vois ...

bon surf !

@+

hello
il y a une façon de faire réapparaître msconfig
je cherche la soluce ds ma bécane

C'est bon j'ai trouver !!! Il falait tout simplement réinstaller le service pack 2 de windows xp.

Maintenant mon ordi et tout niquel sa fait plaisir :)

Merci de vos aide, bonne continuation.

Salut !

c'est cool :-)

bon surf !

@+

Je ne sais pas si c'est bien ici qu'il faut poster mon rapport,si quelqu'un peut m'aider merci beaucoup




Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 15:18:08, on 29/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\FDD + FMD Combo Reader\CZFMDSER.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\SysBoard\sysboard.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Station\Bureau\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SearchPageURL.dll
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {0618C227-5938-4EB2-AE95-41C522C41C6D} - \
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-3.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: (no name) - {22E016DB-095C-49E6-A337-7F6AE6F28A50} - \
O2 - BHO: Lefty - {275296E0-75EC-4380-BB5F-900636889A8D} - C:\WINDOWS\system32\nsu13.dll
O2 - BHO: ohb - {5ED7D3DE-6DBE-4516-8712-01B1B64B7057} - C:\WINDOWS\system32\UpMedia\ContentTool.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8192EACA-3FCC-4FA1-AA93-A8C63936AFFB} - \
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {965DE5CA-2548-469C-A33E-6D911C5413F8} - \
O2 - BHO: (no name) - {9747ADDD-0AE0-47AD-9D35-5FB37420D9B4} - \
O2 - BHO: (no name) - {987554CD-97C7-4ED3-8C48-D1BCC12DE6C7} - \
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {CD64879D-92F8-45DC-9084-EB689C4D7E90} - \
O2 - BHO: (no name) - {DCA011C6-D91C-4D30-BEB3-7FB3D42F9F3E} - \
O2 - BHO: (no name) - {E8B08B52-97E0-4926-8B6C-BCCC2E501DAF} - \
O2 - BHO: (no name) - {EC3DC5AC-55B1-4643-99EB-B4BD958FC1A8} - \
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O4 - HKLM\..\Run: [adstart] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\adspipe.dll" DllVerify
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [bend city flaw hold] C:\Documents and Settings\All Users\Application Data\pollsoftwarebendcity\Skipdrive.exe
O4 - HKLM\..\Run: [webHancer Agent] C:\Program Files\webHancer\Programs\whagent.exe
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [CZFMDXPK] C:\PROGRA~1\FDD + FMD Combo Reader\CZFMDXPK.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKCU\..\Run: [hecktitle] C:\DOCUME~1\Station\APPLIC~1\FLAGDA~1\01 idol.exe
O4 - HKCU\..\Run: [SysBoard32] C:\Program Files\SysBoard\sysboard.exe
O4 - HKCU\..\Run: [WinPop] C:\Program Files\WinPop\winpop.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Think-Adz.lnk = C:\WINDOWS\system32\owinnodt.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?1a9bb78bbbdc4e24bcefb48d9fad13cb
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?1a9bb78bbbdc4e24bcefb48d9fad13cb
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - "C:\PROGRA~1\Livecom\APPLIC~1\COMMUN~1\Messager.exe" (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - "C:\PROGRA~1\Livecom\APPLIC~1\COMMUN~1\Messager.exe" (file missing)
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{26AB687C-4B3A-4EA6-9459-AA2F05B83CD4}: NameServer = 192.168.1.1,80.10.246.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{26AB687C-4B3A-4EA6-9459-AA2F05B83CD4}: NameServer = 192.168.1.1,80.10.246.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{26AB687C-4B3A-4EA6-9459-AA2F05B83CD4}: NameServer = 192.168.1.1,80.10.246.2
O20 - AppInit_DLLs: dxclib303562752.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CZFMDSER.EXE - Unknown owner - C:\PROGRA~1\FDD + FMD Combo Reader\CZFMDSER.EXE
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O24 - Desktop Component 0: (no name) - http://loulou123456789.ifrance.com/img/image_fond.jpg

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 15:18:08, on 29/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\FDD + FMD Combo Reader\CZFMDSER.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\SysBoard\sysboard.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\MessengerDiscovery\MessengerDiscovery Live.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Station\Bureau\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SearchPageURL.dll
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {0618C227-5938-4EB2-AE95-41C522C41C6D} - \
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-3.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: (no name) - {22E016DB-095C-49E6-A337-7F6AE6F28A50} - \
O2 - BHO: Lefty - {275296E0-75EC-4380-BB5F-900636889A8D} - C:\WINDOWS\system32\nsu13.dll
O2 - BHO: ohb - {5ED7D3DE-6DBE-4516-8712-01B1B64B7057} - C:\WINDOWS\system32\UpMedia\ContentTool.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {8192EACA-3FCC-4FA1-AA93-A8C63936AFFB} - \
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {965DE5CA-2548-469C-A33E-6D911C5413F8} - \
O2 - BHO: (no name) - {9747ADDD-0AE0-47AD-9D35-5FB37420D9B4} - \
O2 - BHO: (no name) - {987554CD-97C7-4ED3-8C48-D1BCC12DE6C7} - \
O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - C:\Program Files\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {CD64879D-92F8-45DC-9084-EB689C4D7E90} - \
O2 - BHO: (no name) - {DCA011C6-D91C-4D30-BEB3-7FB3D42F9F3E} - \
O2 - BHO: (no name) - {E8B08B52-97E0-4926-8B6C-BCCC2E501DAF} - \
O2 - BHO: (no name) - {EC3DC5AC-55B1-4643-99EB-B4BD958FC1A8} - \
O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} - C:\Program Files\AskTBar\bar\1.bin\ASKTBAR.DLL
O4 - HKLM\..\Run: [adstart] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\adspipe.dll" DllVerify
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [bend city flaw hold] C:\Documents and Settings\All Users\Application Data\pollsoftwarebendcity\Skipdrive.exe
O4 - HKLM\..\Run: [webHancer Agent] C:\Program Files\webHancer\Programs\whagent.exe
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [CZFMDXPK] C:\PROGRA~1\FDD + FMD Combo Reader\CZFMDXPK.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKCU\..\Run: [hecktitle] C:\DOCUME~1\Station\APPLIC~1\FLAGDA~1\01 idol.exe
O4 - HKCU\..\Run: [SysBoard32] C:\Program Files\SysBoard\sysboard.exe
O4 - HKCU\..\Run: [WinPop] C:\Program Files\WinPop\winpop.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Think-Adz.lnk = C:\WINDOWS\system32\owinnodt.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?1a9bb78bbbdc4e24bcefb48d9fad13cb
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?1a9bb78bbbdc4e24bcefb48d9fad13cb
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - "C:\PROGRA~1\Livecom\APPLIC~1\COMMUN~1\Messager.exe" (file missing)
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - "C:\PROGRA~1\Livecom\APPLIC~1\COMMUN~1\Messager.exe" (file missing)
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{26AB687C-4B3A-4EA6-9459-AA2F05B83CD4}: NameServer = 192.168.1.1,80.10.246.2
O17 - HKLM\System\CS1\Services\Tcpip\..\{26AB687C-4B3A-4EA6-9459-AA2F05B83CD4}: NameServer = 192.168.1.1,80.10.246.2
O17 - HKLM\System\CS2\Services\Tcpip\..\{26AB687C-4B3A-4EA6-9459-AA2F05B83CD4}: NameServer = 192.168.1.1,80.10.246.2
O20 - AppInit_DLLs: dxclib303562752.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CZFMDSER.EXE - Unknown owner - C:\PROGRA~1\FDD + FMD Combo Reader\CZFMDSER.EXE
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing)
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O24 - Desktop Component 0: (no name) - http://loulou123456789.ifrance.com/img/image_fond.jpg

Salut

# Télécharge ceci: (merci a S!RI pour ce petit programme).

http://siri.urz.free.fr/Fix/SmitfraudFix.zip

Exécute le, Double click sur Smitfraudfix.cmd choisit l’option 1,
voila a quoi cela ressemble : http://siri.urz.free.fr/Fix/SmitfraudFix.php
il va générer un rapport : copie/colle le sur le poste stp.


++

merci j'essaye

ça me met :

erreur CScript: l'accès a windows script host est désactivé sur cette machine. Contacter votre administrateur systéme pour plus d'informations.
'SetPatchs.bat' n'est pas reconnu comme commande interne
ou externe, un programme exécutable ou un fichier de commande.
Impossible de trouver C:\Documents and Sitting\Station\Bureau\SetPatch.bat

Fichier process.exe absent !
Dezippez la totalité de l'archive dans un dossier.

Process.exe file missing !
Unzip all the archive in a folder.

appuyer sur une touche pour continuer

j'ai essayer de dezippez rien a faire.