pub pop virus

bonjour

j'ai un petit souci, j'ai fait un scan bit defender online et aussi un vundofix sans succès

voici mon hijackthis

merci

bonsoir

Désactive toute protection résidente ! (Antivirus, antispywares..)
Télécharge ComboFix (créé par sUBs) sur ton Bureau

Démarre en mode sans echec

Double clique combofix.exe.

Tape sur la touche Y (Yes) pour démarrer le scan.

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse,et nouveau rapport hijackthis

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

tuto ici

bonjour le lien ne marche pas pour le téléchargement de combofix,
cordialement,

Emile

j'ai réussi à le trouver ailleurs


ComboFix 08-02.05.3 - portable 2008-02-07 12:42:45.1 - NTFSx86 MINIMAL
Endroit: C:\Documents and Settings\portable\Bureau\ComboFix.exe

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\Program Files\Hewlett-Packard\IAM\Bin\ASWLNPkg.dll
C:\WINDOWS\system32\awtqnon.dll
C:\WINDOWS\system32\kmllm.ini
C:\WINDOWS\system32\kmllm.ini2
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\mllmk.dll

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-01-07 to 2008-02-07 ))))))))))))))))))))))))))))))))))))
.

2008-02-05 21:13 . 2008-02-07 12:36 276,512 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-02-05 21:13 . 2008-02-07 12:36 5,360 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-02-05 21:04 . 2008-02-05 21:04 <REP> d-------- C:\VundoFix Backups
2008-02-05 19:07 . 2008-02-05 21:03 <REP> d-------- C:\Program Files\Navilog1
2008-02-05 18:18 . 2008-02-05 18:18 <REP> d-------- C:\Program Files\Zone Labs
2008-02-05 18:18 . 2008-02-05 18:18 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2008-02-05 18:17 . 2008-02-07 12:33 <REP> d-------- C:\WINDOWS\Internet Logs
2008-02-05 12:15 . 2004-08-03 23:08 26,496 --a--c--- C:\WINDOWS\system32\dllcache\usbstor.sys
2008-02-05 08:11 . 2008-02-05 08:11 <REP> d-------- C:\Program Files\MSXML 4.0
2008-02-04 22:35 . 2008-02-05 12:51 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-02-04 21:28 . 2008-02-04 21:28 <REP> d-------- C:\Program Files\Bonjour
2008-02-04 21:14 . 2008-02-04 21:14 <REP> d-------- C:\Program Files\Fichiers communs\Macrovision Shared
2008-02-04 18:35 . 2008-02-04 22:23 <REP> d-------- C:\Program Files\eMule
2008-02-04 18:02 . 2008-02-04 18:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-02-04 16:41 . 2007-02-20 16:04 2,463,976 --a------ C:\WINDOWS\system32\NPSWF32.dll
2008-02-04 16:41 . 2007-02-20 16:04 190,696 --a------ C:\WINDOWS\system32\NPSWF32_FlashUtil.exe
2008-02-04 16:28 . 2008-02-04 21:48 <REP> d-------- C:\Program Files\Fichiers communs\Adobe
2008-02-04 16:20 . 2008-02-04 16:20 <REP> d-------- C:\Documents and Settings\portable\Application Data\Nero
2008-02-04 16:20 . 2008-02-04 16:20 <REP> d-------- C:\Documents and Settings\All Users\Application Data\LightScribe
2008-02-04 16:15 . 2008-02-04 16:15 <REP> d-------- C:\Program Files\Nero
2008-02-04 16:15 . 2008-02-04 16:15 <REP> d-------- C:\Program Files\Fichiers communs\Nero
2008-02-04 16:15 . 2008-02-04 16:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-02-04 16:04 . 2008-02-05 08:25 <REP> d-------- C:\Program Files\AskTBar
2008-02-04 16:04 . 2003-06-19 01:31 17,920 --a------ C:\WINDOWS\system32\mdimon.dll
2008-02-04 16:04 . 2008-02-04 16:04 385 --a------ C:\WINDOWS\ODBC.INI
2008-02-04 16:02 . 2008-02-04 16:03 <REP> d-------- C:\WINDOWS\SHELLNEW
2008-02-04 16:02 . 2008-02-04 16:02 <REP> d-------- C:\Program Files\Microsoft.NET
2008-02-04 15:52 . 2008-02-04 15:59 <REP> d-------- C:\Program Files\PDFCreator
2008-02-04 15:52 . 2005-04-15 19:58 1,071,088 --a------ C:\WINDOWS\system32\MSCOMCTL.OCX
2008-02-04 15:52 . 2004-03-09 00:00 662,288 --a------ C:\WINDOWS\system32\MSCOMCT2.OCX
2008-02-04 15:52 . 2005-10-15 12:32 196,608 --a------ C:\WINDOWS\system32\pdfcmnnt.dll
2008-02-04 15:52 . 1998-07-13 01:08 141,312 --a------ C:\WINDOWS\system32\MSCMCFR.DLL
2008-02-04 15:52 . 1998-06-24 00:00 137,000 --a------ C:\WINDOWS\system32\MSMAPI32.OCX
2008-02-04 15:52 . 1998-07-13 01:08 119,568 --a------ C:\WINDOWS\system32\VB6FR.DLL
2008-02-04 15:52 . 1998-07-13 01:08 59,904 --a------ C:\WINDOWS\system32\MSCC2FR.DLL
2008-02-04 15:52 . 1998-07-06 00:00 23,552 --a------ C:\WINDOWS\system32\MSMPIDE.DLL
2008-02-04 06:09 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2008-02-04 06:09 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2008-02-04 06:09 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2008-02-03 21:50 . 2008-02-03 21:50 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-02-03 18:51 . 2008-02-03 18:51 <REP> d-------- C:\Program Files\FileZillaPortable
2008-02-03 17:58 . 2008-02-06 08:42 <REP> d-------- C:\Documents and Settings\portable\Contacts
2008-02-03 17:35 . 2008-02-03 17:58 <REP> d-------- C:\Program Files\Windows Live
2008-02-03 17:35 . 2008-02-03 17:58 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2008-02-03 17:34 . 2008-02-03 17:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-02-03 16:14 . 2008-02-03 16:14 <REP> d--hs---- C:\Documents and Settings\portable\UserData
2008-02-03 16:13 . 2008-02-03 18:46 <REP> d-------- C:\Documents and Settings\portable\Application Data\FileZilla
2008-02-03 15:54 . 2008-02-03 15:54 <REP> d-------- C:\Program Files\uTorrent
2008-02-03 15:54 . 2008-02-04 18:56 <REP> d-------- C:\Documents and Settings\portable\Application Data\uTorrent
2008-02-03 14:29 . 2008-02-03 14:29 <REP> d-------- C:\Program Files\IZArc
2008-02-03 13:30 . 2008-02-03 13:30 1,698 -rahs---- C:\WINDOWS\system32\drivers\103C_HP_NTBK_HP Compaq 8510p_YN_0U_QCNU7341GMS_EU_46_I30C5_SHP_VKBC Version 71.32_B68MVD Ver. F.05_T070725_WXP2_L40C_M2048_J120_7Intel_8Core2 Duo T7100_91.8_#080203_N80861049_()_XMOBILE_CN10_Z_2F.05_G10029581.MRK
2008-02-03 13:28 . 2002-10-15 11:13 32,356 --------- C:\WINDOWS\system32\pusbfd1.sys
2008-02-03 13:28 . 2002-10-15 11:13 26,629 --------- C:\WINDOWS\system32\pusbfd2.vxd
2008-02-03 13:27 . 2006-04-19 12:50 17,152 -----c--- C:\WINDOWS\system32\dllcache\usbohci.sys
2008-02-03 12:47 . 2008-02-03 12:47 <REP> d-------- C:\Program Files\Analog Devices
2008-02-03 12:47 . 2001-09-11 15:20 1,285,632 --a------ C:\WINDOWS\system32\SMMedia.dll
2008-02-03 12:47 . 2005-05-04 09:20 53,248 --a------ C:\WINDOWS\system32\wdmioctl.dll
2008-02-03 12:47 . 2006-07-10 15:42 49,152 --a------ C:\WINDOWS\system32\DSndUp.exe
2008-02-03 12:47 . 2002-04-17 15:05 45,056 --a------ C:\WINDOWS\system32\CleanUp.exe
2008-02-03 12:40 . 2008-02-04 21:23 1,348 --a------ C:\WINDOWS\mozver.dat
2008-02-03 12:36 . 2008-02-03 12:36 0 --a------ C:\WINDOWS\nsreg.dat
2008-02-03 11:12 . 2008-02-03 11:12 <REP> d-------- C:\Program Files\MSXML 6.0
2008-02-03 10:29 . 2008-02-03 21:04 <REP> d--h----- C:\WINDOWS\$hf_mig$
2008-02-03 10:26 . 2008-02-03 10:26 <REP> d-------- C:\Program Files\Alwil Software
2008-02-03 10:26 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-02-03 10:26 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-02-03 10:26 . 2007-12-04 13:54 95,608 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-02-03 10:26 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-02-03 10:26 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-02-03 10:26 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-02-03 10:26 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-02-03 10:26 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-02-03 10:20 . 2008-02-03 10:20 13,646 --a------ C:\WINDOWS\system32\wpa.bak
2008-02-03 10:18 . 2006-12-20 01:08 47,616 --a------ C:\WINDOWS\system32\drivers\rismc32.sys
2008-02-03 10:18 . 2007-02-24 14:42 39,936 --a------ C:\WINDOWS\system32\drivers\rimmptsk.sys
2008-02-03 10:04 . 2008-02-03 10:04 <REP> d-------- C:\WINDOWS\system32\config\systemprofile\Application Data\Infineon
2008-02-03 10:04 . 2008-02-03 10:04 <REP> d-------- C:\Documents and Settings\portable\Application Data\AT&T
2008-02-03 10:01 . 2005-11-08 10:21 45,056 --a------ C:\WINDOWS\FPDRV_Ver.dll
2008-02-03 09:59 . 2008-02-03 09:59 <REP> d-------- C:\Program Files\Fichiers communs\ActivIdentity
2008-02-03 09:59 . 2008-02-03 09:59 <REP> d-------- C:\Program Files\ActivIdentity
2008-02-03 09:59 . 2007-06-28 15:11 53,248 --a------ C:\WINDOWS\iwlandrvxpver.dll
2008-02-03 09:58 . 2008-02-03 09:58 <REP> d-------- C:\WINDOWS\system32\config\systemprofile\Application Data\Intel
2008-02-03 09:58 . 2008-02-03 10:07 356,352 --a------ C:\WINDOWS\system32\AegisI5Installer.exe
2008-02-03 09:58 . 2007-07-03 14:45 7,168 --a------ C:\WINDOWS\iwlanver.dll
2008-02-03 09:57 . 2008-02-03 09:57 <REP> d-------- C:\Program Files\Fichiers communs\LightScribe
2008-02-03 09:56 . 2007-01-24 14:28 325,120 --a------ C:\WINDOWS\system32\accelerometercp.CPL
2008-02-03 09:56 . 2007-01-24 14:28 124,928 --a------ C:\WINDOWS\system32\accelerometerST.exe
2008-02-03 09:56 . 2006-07-24 00:00 22,016 --a------ C:\WINDOWS\system32\drivers\Accelerometer.sys
2008-02-03 09:56 . 2006-07-24 00:00 17,920 --a------ C:\WINDOWS\system32\drivers\hpdskflt.sys
2008-02-03 09:56 . 2007-01-05 16:42 7,680 --a------ C:\WINDOWS\system32\accelerometerdll.DLL
2008-02-03 09:56 . 2007-01-24 13:08 195 -r-hs---- C:\WINDOWS\system32\vssver2.scc
2008-02-03 09:54 . 2008-02-03 09:54 <REP> d-------- C:\Program Files\Broadcom
2008-02-03 09:54 . 2008-02-03 09:54 822,272 --a------ C:\WINDOWS\system32\drivers\BCMWL5.SYS
2008-02-03 09:53 . 2008-02-03 09:53 <REP> d-------- C:\Documents and Settings\portable\Application Data\Infineon
2008-02-03 09:53 . 2008-02-03 09:53 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Infineon
2008-02-03 09:52 . 2008-02-03 09:52 155,136 --a------ C:\WINDOWS\system32\imapihp.exe
2008-02-03 09:51 . 2008-02-03 09:51 <REP> d-------- C:\Program Files\Fingerprint Sensor
2008-02-03 09:51 . 2008-02-03 09:51 <REP> d-------- C:\Documents and Settings\portable\Bluetooth Software
2008-02-03 09:51 . 2008-02-03 09:51 <REP> d-------- C:\Documents and Settings\portable\Application Data\hpqLog
2008-02-03 09:51 . 2005-01-19 16:25 339,968 -ra------ C:\WINDOWS\system32\msvcr70.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-03 12:30 1,698 --sha-r C:\WINDOWS\system32\drivers\103C_HP_NTBK_HP Compaq 8510p_YN_0U_QCNU7341GMS_EU_46_I30C5_SHP_VKBC Version 71.32_B68MVD Ver. F.05_T070725_WXP2_L40C_M2048_J120_7Intel_8Core2 Duo T7100_91.8_#080203_N80861049_()_XMOBILE_CN10_Z_2F.05_G10029581.MRK
2008-02-03 12:25 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-03 12:25 --------- d-----w C:\Program Files\Hewlett-Packard
2008-02-03 09:08 --------- d-----w C:\Program Files\Intel
2008-02-03 08:55 33,664 ----a-w C:\WINDOWS\system32\drivers\BCMWLNPF.SYS
2008-02-02 22:42 --------- d-----w C:\Program Files\Fichiers communs\SpeechEngines
2008-02-02 22:42 --------- d-----w C:\Program Files\Fichiers communs\ODBC
2008-02-02 22:25 --------- d-----w C:\Program Files\Synaptics
2008-02-02 22:25 --------- d-----w C:\Program Files\CONEXANT
2008-02-02 22:23 --------- d-----w C:\Program Files\Hp
2008-02-02 22:22 --------- d-----w C:\Program Files\HPQ
2008-02-02 22:22 --------- d-----w C:\Documents and Settings\portable\Application Data\Sierra Wireless
2008-02-02 22:21 0 ---ha-w C:\WINDOWS\system32\drivers\MsftWdf_Kernel_01005_Coinstaller_Critical.Wdf
2008-02-02 22:21 0 ---ha-w C:\WINDOWS\system32\drivers\Msft_Kernel_HpqKbFiltr_01005.Wdf
2008-02-02 22:20 --------- d-----w C:\Program Files\SP36691
2008-02-02 22:20 --------- d-----w C:\Documents and Settings\portable\Application Data\InstallShield
2008-02-02 22:19 --------- d-----w C:\Documents and Settings\portable\Application Data\SampleView
2008-02-02 22:14 --------- d-----w C:\Program Files\WIDCOMM
2008-02-02 22:08 --------- d-----w C:\Documents and Settings\portable\Application Data\ATI
2008-02-02 22:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\ATI
2008-02-02 22:06 --------- d-----w C:\Program Files\ATI Technologies
2008-02-02 22:01 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2008-02-02 21:53 --------- d-----w C:\Program Files\microsoft frontpage
2008-02-02 21:51 --------- d-----w C:\Program Files\Services en ligne
2008-02-02 21:51 --------- d-----w C:\Program Files\Fichiers communs\MSSoap
2007-12-13 18:27 75,248 ----a-w C:\WINDOWS\zllsputility.exe
2007-12-13 18:27 42,384 ----a-w C:\WINDOWS\zllsputility_loc040c.dll
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]
"LightScribe Control Panel"="C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe" [2007-10-18 15:27 455968]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" [2007-12-13 19:10 1688872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 12:35 90112]
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" [2007-03-01 13:18 472776]
"Recguard"="C:\WINDOWS\Sminst\Recguard.exe" [2005-12-20 16:51 1187840]
"Reminder"="C:\WINDOWS\Creator\Remind_XP.exe" [2006-03-09 17:38 806912]
"Scheduler"="C:\WINDOWS\SMINST\Scheduler.exe" [2006-10-09 11:23 697976]
"QlbCtrl"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe" [2007-11-06 16:34 177456]
"AirCardEnabler"="" []
"WatcherHelper"="C:\Program Files\HPQ\HP Connection Manager\WaHelper.exe" [2007-07-24 15:48 120352]
"HP Software Update"="c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe" [2005-02-16 23:11 49152]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-01-12 14:36 827392]
"Cpqset"="C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe" [2007-05-03 10:52 57344]
"AT&T Communication Manager"="c:\Program Files\AT&T\Communication Manager\ATTCM.exe" [2007-05-26 12:38 22528]
"PTHOSTTR"="c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.exe" [2007-01-09 15:52 145184]
"CognizanceTS"="c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll" [2003-12-22 17:12 17920]
"IFXSPMGT"="c:\WINDOWS\system32\ifxspmgt.exe" [2007-05-23 14:04 677408]
"Broadcom Wireless Manager UI"="C:\WINDOWS\system32\WLTRAY.exe" [2008-02-03 09:55 1499136]
"AccelerometerSysTrayApplet"="C:\WINDOWS\system32\AccelerometerSt.exe" [2007-01-24 14:28 124928]
"accrdsub"="c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe" [2007-05-03 18:51 293168]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" [2007-01-05 17:36 872448]
"SoundMAX"="C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" [2006-07-13 08:12 729088]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2007-03-01 14:57 153136]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-12-13 19:27 919016]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2004-08-05 13:00 160768]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ackpbsc]
c:\WINDOWS\system32\ackpbsc.dll 2007-05-03 18:51 112640 c:\WINDOWS\system32\ackpbsc.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\acunlock]
c:\Program Files\ActivIdentity\ActivClient\acunlock.dll 2007-05-03 18:51 281088 c:\Program Files\ActivIdentity\ActivClient\acunlock.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\DeviceNP]
DeviceNP.dll 2007-04-30 08:19 49152 C:\WINDOWS\system32\DeviceNP.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=APSHook.dll

R0 SafeBoot;SafeBoot;C:\WINDOWS\system32\drivers\SafeBoot.sys [2007-04-26 19:23]
R0 SbAlg;SbAlg;C:\WINDOWS\system32\drivers\SbAlg.sys [2006-10-09 13:31]
R0 SbFsLock;SbFsLock;C:\WINDOWS\system32\drivers\SbFsLock.sys [2007-03-29 16:54]
R1 PersonalSecureDrive;PersonalSecureDrive;C:\WINDOWS\system32\drivers\psd.sys [2007-04-18 19:32]
R3 IFXTPM;IFXTPM;C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2007-04-04 19:16]
S1 RsvLock;RsvLock;C:\WINDOWS\system32\drivers\RsvLock.sys [2007-04-26 19:23]
S2 accoca;ActivClient Middleware Service;"c:\Program Files\ActivIdentity\ActivClient\accoca.exe" [2007-05-03 18:51]
S2 ASBroker;Courtier de session de connexion;C:\WINDOWS\System32\svchost.exe [2004-08-05 13:00]
S2 ASChannel;Canal de communication local;C:\WINDOWS\System32\svchost.exe [2004-08-05 13:00]
S2 HpFkCryptService;Drive Encryption Service;"c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe" [2007-04-27 10:58]
S3 DAMDrv;DAMDrv;C:\WINDOWS\system32\DRIVERS\DAMDrv.sys [2007-04-23 13:13]
S3 FLCDLOCK;Verrouillage des périphériques / Audition HP ProtectTools;c:\WINDOWS\system32\flcdlock.exe [2007-04-30 08:28]
S3 rismc32;RICOH Smart Card Reader;C:\WINDOWS\system32\DRIVERS\rismc32.sys [2006-12-20 01:08]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Cognizance REG_MULTI_SZ ASBroker ASChannel

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ced60b66-d3bc-11dc-a687-001a739860ba}]
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL LISEZMOI.HTM


[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
"C:\Program Files\Fichiers communs\LightScribe\LSRunOnce.exe"
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-07 12:52:25
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\Program Files\ActivIdentity\ActivClient\acevents.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-02-07 12:56:03 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-07 11:55:52
.
2008-02-05 07:29:27 --- E O F ---

voici le rapport

par contre après avoir redémarrer , j'ai du faire une restauration système en mode sans echec car mon HP au démarrage après la barre de chargement XP m'affichait un grand ecran noir... peut etre que combofix avait supprimé des fichiers necessaire au chargmeent de windows...

résultat case départ et toujours les virus...

remet moi un hijackthis stp!!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:49:22, on 07/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Program Files\ActivIdentity\ActivClient\accoca.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\WINDOWS\system32\ifxspmgt.exe
c:\WINDOWS\system32\ifxtcs.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
c:\WINDOWS\system32\IfxPsdSv.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\WINDOWS\SMINST\Scheduler.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe
C:\Program Files\HPQ\HP Connection Manager\WaHelper.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\AccelerometerSt.exe
C:\Program Files\ActivIdentity\ActivClient\accrdsub.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe
c:\Program Files\ActivIdentity\ActivClient\acevents.exe
c:\Program Files\Hewlett-Packard\Embedded Security Software\PSDrt.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\FileZillaPortable\FileZillaPortable.exe
C:\Program Files\FileZillaPortable\App\filezilla\FileZilla.exe
C:\Documents and Settings\portable\Bureau\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\Sminst\Recguard.exe
O4 - HKLM\..\Run: [Reminder] C:\WINDOWS\Creator\Remind_XP.exe
O4 - HKLM\..\Run: [Scheduler] C:\WINDOWS\SMINST\Scheduler.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [WatcherHelper] "C:\Program Files\HPQ\HP Connection Manager\WaHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\Hewlett-Packard\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [AT&T Communication Manager] "c:\Program Files\AT&T\Communication Manager\ATTCM.exe" -a
O4 - HKLM\..\Run: [PTHOSTTR] c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [IFXSPMGT] c:\WINDOWS\system32\ifxspmgt.exe /NotifyLogon
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKLM\..\Run: [AccelerometerSysTrayApplet] C:\WINDOWS\system32\AccelerometerSt.exe
O4 - HKLM\..\Run: [accrdsub] "c:\Program Files\ActivIdentity\ActivClient\accrdsub.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C2512936-E5F8-419C-AEB3-C111E8551814}: NameServer = 192.168.1.1
O20 - AppInit_DLLs: APSHook.dll
O20 - Winlogon Notify: ackpbsc - c:\WINDOWS\system32\ackpbsc.dll
O20 - Winlogon Notify: acunlock - c:\Program Files\ActivIdentity\ActivClient\acunlock.dll
O20 - Winlogon Notify: DeviceNP - C:\WINDOWS\SYSTEM32\DeviceNP.dll
O23 - Service: ActivClient Middleware Service (accoca) - ActivIdentity - c:\Program Files\ActivIdentity\ActivClient\accoca.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Verrouillage des périphériques / Audition HP ProtectTools (FLCDLOCK) - Hewlett-Packard Ltd - c:\WINDOWS\system32\flcdlock.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - SafeBoot International - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Security Platform Management Service (IFXSpMgtSrv) - Infineon Technologies AG - c:\WINDOWS\system32\ifxspmgt.exe
O23 - Service: Trusted Platform Core Service (IFXTCS) - Infineon Technologies AG - c:\WINDOWS\system32\ifxtcs.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: PC Angel (PCA) - SoftThinks - C:\WINDOWS\SMINST\PCAngel.exe
O23 - Service: Personal Secure Drive service for encrypted drives (PersonalSecureDriveService) - Infineon Technologies AG - c:\WINDOWS\system32\IfxPsdSv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE

--
End of file - 11489 bytes

Avast! est loin de ce que l'on a fait de mieux en matière de protection, voir ce lien pour plus d'informations : http://forum.malekal.com/ftopic3123.php

Clairement, Antivir est beaucoup plus performant, c'est pourquoi, je te conseille TRES VIVEMENT de désinstaller Avast! et installer Antivir à la place : http://www.malekal.com/tutorial_antivir.php ( ce n est pas une obligation)
- Après l'installation, mets le à jour - si ton firewall fait une alerte.. accepte la connexion.
- Assure toi qu'Antivir est bien à jour, vérifie la date d'update.

-- Redémarre en mode sans échec, pour cela, redémarre l'ordinateur, avant le logo Windows, tapote sur la touche F8, un menu va apparaître, choisis Mode sans échec et appuye sur la touche entrée du clavier.

- Ouvre Antivir par le menu Démarrer / Programmes
- Cliquez sur l'onglet Scanner.
- Sélectionne Manual Selection
- Sélectionne le disque C
- Lance le scan - Mets en quarantaine tous les éléments détectés.
- Une fois le scan terminé Enregistre le rapport.

Redémarre en mode normal.

Poste le rapport ici.