Rapports après avoir tenté d'enlever le virus MSN...

Bonjour à tous !!! :)

Je suis tombé sur la rubrique "Comment enlever le virus MSN en 4 étapes facile" et à la fin il est dit de venir poster ici les 4 rapports une fois terminé.

Alors voilà !

*****************************

RAPPORT VUNDO :

C:\windows\system32\aeerfnnf.dll
C:\windows\system32\bkjjwrfy.dll
C:\windows\system32\caicagxf.dll
C:\windows\system32\calvksfd.dll
C:\windows\system32\cpisqjgn.dll
C:\windows\system32\ctjptcui.dll
C:\WINDOWS\system32\dicph.dll
C:\WINDOWS\system32\divxdec_0407.dll
C:\WINDOWS\system32\divxdec_0411.dll
C:\windows\system32\ejmchyag.dll
C:\windows\system32\ekxuwoga.dll
C:\windows\system32\engvldrh.dll
C:\windows\system32\ewcjfrac.dll
C:\windows\system32\fybpaxuj.dll
C:\windows\system32\fyxbenuf.dll
C:\windows\system32\geddiufx.dll
C:\windows\system32\htfxjnic.dll
C:\windows\system32\iqvinspg.dll
C:\windows\system32\jnntohck.dll
C:\windows\system32\joqqenmb.dll
C:\windows\system32\jvlsaeyv.dll
C:\windows\system32\jvyndqqs.dll
C:\windows\system32\kofobojj.dll
C:\windows\system32\kqowdpwp.dll
C:\windows\system32\kshfwaiw.dll
C:\windows\system32\kuquhgsb.dll
C:\windows\system32\kyevloij.dll
C:\windows\system32\lmefjcmw.dll
C:\windows\system32\mjsbqeou.dll
C:\windows\system32\mnlyfmfh.dll
C:\windows\system32\muvlxaox.dll
C:\windows\system32\nflylbot.dll
C:\windows\system32\ofptmesi.dll
C:\windows\system32\ojkhiwij.dll
C:\windows\system32\omkcawtr.dll
C:\windows\system32\oyowyxlc.dll
C:\windows\system32\pbejlxrd.dll
C:\windows\system32\physvqun.dll
C:\windows\system32\prrclrmb.dll
C:\windows\system32\qbsimbnb.dll
C:\windows\system32\qhscrpth.dll
C:\windows\system32\qmmjlipw.dll
C:\windows\system32\rygrahiq.dll
C:\windows\system32\seovsgkp.dll
C:\windows\system32\trygousj.dll
C:\windows\system32\tuxhmdus.dll
C:\windows\system32\uaihamao.dll
C:\windows\system32\verutyyi.dll
C:\windows\system32\whwmnuci.dll
C:\WINDOWS\system32\wtrpcboy.dll
C:\windows\system32\xrbvfrel.dll
C:\windows\system32\xuubhuay.dll
C:\windows\system32\yenkvboc.dll
C:\windows\system32\yevrjcgm.dll
C:\windows\system32\yhpvtmwj.dll
C:\WINDOWS\system32\yobcprtw.ini

***************************************

RAPPORT VBG

[02/10/2008, 14:07:58] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\Nan\Bureau\VirtumundoBeGone.exe" )
[02/10/2008, 14:08:08] - Detected System Information:
[02/10/2008, 14:08:08] - Windows Version: 5.1.2600, Service Pack 2
[02/10/2008, 14:08:08] - Current Username: Nan (Admin)
[02/10/2008, 14:08:08] - Windows is in NORMAL mode.
[02/10/2008, 14:08:08] - Searching for Browser Helper Objects:
[02/10/2008, 14:08:08] - BHO 1: {02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
[02/10/2008, 14:08:08] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
[02/10/2008, 14:08:08] - BHO 3: {089FD14D-132B-48FC-8861-0048AE113215} ()
[02/10/2008, 14:08:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/10/2008, 14:08:08] - Checking for HKLM\...\Winlogon\Notify\SiteAdv
[02/10/2008, 14:08:08] - Key not found: HKLM\...\Winlogon\Notify\SiteAdv, continuing.
[02/10/2008, 14:08:08] - BHO 4: {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} (SWEETIE Class)
[02/10/2008, 14:08:08] - BHO 5: {2238BF6B-E2AA-460D-9F57-CF88533583C0} ()
[02/10/2008, 14:08:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/10/2008, 14:08:08] - Checking for HKLM\...\Winlogon\Notify\eeepqtig
[02/10/2008, 14:08:08] - Key not found: HKLM\...\Winlogon\Notify\eeepqtig, continuing.
[02/10/2008, 14:08:08] - BHO 6: {6CC2BE0E-586B-4445-B0FA-3CE13A1F2DB8} ()
[02/10/2008, 14:08:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/10/2008, 14:08:08] - Checking for HKLM\...\Winlogon\Notify\caicagxf
[02/10/2008, 14:08:08] - Key not found: HKLM\...\Winlogon\Notify\caicagxf, continuing.
[02/10/2008, 14:08:08] - BHO 7: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[02/10/2008, 14:08:08] - BHO 8: {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} (AOL Toolbar Launcher)
[02/10/2008, 14:08:08] - BHO 9: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} (scriptproxy)
[02/10/2008, 14:08:08] - BHO 10: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[02/10/2008, 14:08:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/10/2008, 14:08:08] - No filename found. Continuing.
[02/10/2008, 14:08:08] - BHO 11: {8CA5ED52-F3FB-4414-A105-2E3491156990} (IEHlprObj Class)
[02/10/2008, 14:08:08] - BHO 12: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
[02/10/2008, 14:08:08] - BHO 13: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[02/10/2008, 14:08:08] - BHO 14: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[02/10/2008, 14:08:08] - BHO 15: {EB7E08DD-AAD3-44FE-90C2-83DF8C3F1160} ()
[02/10/2008, 14:08:08] - WARNING: BHO has no default name. Checking for Winlogon reference.
[02/10/2008, 14:08:08] - Checking for HKLM\...\Winlogon\Notify\caicagxf
[02/10/2008, 14:08:08] - Key not found: HKLM\...\Winlogon\Notify\caicagxf, continuing.
[02/10/2008, 14:08:08] - BHO 16: {F3727275-224F-4AB0-8642-7D461EFB82D8} (CIEPl Object)
[02/10/2008, 14:08:08] - Finished Searching Browser Helper Objects
[02/10/2008, 14:08:08] - Finishing up...
[02/10/2008, 14:08:08] - Nothing found! Exiting...

*********************************************

RAPPORT HiJackThis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:11:59, on 2008-02-10
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\McAfee\MPF\MPFSrv.exe
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\Explorer.EXE
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
C:\WINDOWS\vVX3000.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\CPSHelpRunner.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Nan\Bureau\test.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_BAND_SEARCHBAR_HTML
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
R3 - URLSearchHook: (no name) - {BE89472C-B803-4D1D-9A9A-0A63660E0FE3} - C:\PROGRA~1\COPERN~1\COPERN~1.DLL
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: (no name) - {2238BF6B-E2AA-460D-9F57-CF88533583C0} - C:\WINDOWS\system32\eeepqtig.dll
O2 - BHO: (no name) - {6CC2BE0E-586B-4445-B0FA-3CE13A1F2DB8} - C:\WINDOWS\system32\caicagxf.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: IEHlprObj Class - {8CA5ED52-F3FB-4414-A105-2E3491156990} - C:\PROGRA~1\IWINGA~1\IWINGA~1.DLL
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\downloaded program files\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.1121.2472\swg.dll
O2 - BHO: (no name) - {EB7E08DD-AAD3-44FE-90C2-83DF8C3F1160} - C:\WINDOWS\system32\caicagxf.dll (file missing)
O2 - BHO: CIEPl Object - {F3727275-224F-4AB0-8642-7D461EFB82D8} - C:\WINDOWS\system32\iokvo.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} - C:\Program Files\SiteAdvisor\6253\SiteAdv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\downloaded program files\googletoolbar4.dll
O3 - Toolbar: Copernic Agent - {F2E259E8-0FC8-438C-A6E0-342DD80FA53E} - C:\Program Files\Copernic Agent\CopernicAgentExt.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\Smtray.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [sfuiYfH] C:\WINDOWS\yiusuqyq.exe
O4 - HKLM\..\Run: [GAjlMa9QS] C:\WINDOWS\yiusuqyq.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [Ulead Quick-Drop] "C:\Program Files\Ulead Systems\Ulead DVD MovieFactory 4.0 Disc Creator TBYB\Ulead Quick-Drop 1.0\Quick-Drop.exe" WINDOWCALL
O4 - HKLM\..\Run: [dvd43] C:\Program Files\dvd43\dvd43_tray.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04b\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [RoxioDragToDisc] "C:\Program Files\Roxio\Easy Media Creator 8\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatchTray.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SiteAdvisor] C:\Program Files\SiteAdvisor\6172\SiteAdv.exe
O4 - HKLM\..\Run: [hxgame-update] C:\Program Files\hxupdate\hxgame-update.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [VX3000] C:\WINDOWS\vVX3000.exe
O4 - HKLM\..\Run: [LifeCam] "C:\Program Files\Microsoft LifeCam\LifeExp.exe"
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [autoupdatev2] C:\WINDOWS\system32\autoupdatev2.exe
O4 - HKCU\..\Run: [adobemgr] C:\WINDOWS\system32\adobemgr.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] ~"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_8 -reboot 1
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AOL Toolbar Search - c:\program files\aol\aim toolbar 5.0\resources\en-us\local\search.html
O8 - Extra context menu item: Chercher avec Copernic Agent - res://C:\Program Files\Copernic Agent\CopernicAgentExt.rdl/INTEGRATION_MENU_SEARCHEXT
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra 'Tools' menuitem: Démarrer Copernic Agent - {193B17B0-7C9F-4D5B-AEAB-8D3605EFC084} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: Copernic Agent - {688DC797-DC11-46A7-9F1B-445F4F58CE6E} - C:\PROGRA~1\COPERN~1\COPERN~1.EXE
O9 - Extra button: PartyBingo.com - {B987E7E7-5997-4330-A5F9-9FFEFC1CCFD0} - C:\Program Files\PartyGaming\PartyBingo\RunBingo.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyBingo.com - {B987E7E7-5997-4330-A5F9-9FFEFC1CCFD0} - C:\Program Files\PartyGaming\PartyBingo\RunBingo.exe (file missing)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Nan\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.infoclick.ca
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei/ZwinkyInitialSetup1.0.0.15.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0} (Snapfish Activia) - http://www2.snapfish.com/SnapfishActivia.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/fr-ca/4,0,0,90/mcinsctl.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/fr/big/1.1.62-big/GoogleNav.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/fr-ca/1,0,0,23/mcgdmgr.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game12.zylom.com/activex/zylomgamesplayer.cab
O20 - Winlogon Notify: dxtmsfl - C:\WINDOWS\SYSTEM32\dxtmsfl.dll
O20 - Winlogon Notify: iokvo - C:\WINDOWS\SYSTEM32\iokvo.dll
O20 - Winlogon Notify: jcmhp - C:\WINDOWS\SYSTEM32\jcmhp.dll
O20 - Winlogon Notify: kgkrj - C:\WINDOWS\SYSTEM32\kgkrj.dll
O20 - Winlogon Notify: lolih - C:\WINDOWS\SYSTEM32\lolih.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\program files\fichiers communs\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\FICHIE~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: LiveShare P2P Server (RoxLiveShare) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxLiveShare.exe
O23 - Service: RoxMediaDB - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxMediaDB.exe
O23 - Service: RoxUpnpRenderer (RoxUPnPRenderer) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCom\RoxUpnpRenderer.exe
O23 - Service: RoxUpnpServer - Sonic Solutions - C:\Program Files\Roxio\Easy Media Creator 8\Digital Home\RoxUpnpServer.exe
O23 - Service: Roxio Hard Drive Watcher (RoxWatch) - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\SharedCOM8\RoxWatch.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 17677 bytes

************************************************

RAPPORT MSNFix

MSNFix 1.657

C:\Documents and Settings\Nan\Bureau\MSNFix
Fix exécuté le 2008-02-10 - 14:16:20,20 By Nan
mode normal

************************ Recherche les fichiers présents

... C:\WINDOWS\system32\mcrh.tmp

************************ Recherche les dossiers présents

Aucun dossier trouvé




************************ Suppression des fichiers

.. OK ... C:\WINDOWS\system32\mcrh.tmp



************************ Nettoyage du registre



************************ Fichiers suspects

Aucun Fichier trouvé


Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 2008-02-10_14194814.zip


Information ...... Information ...... Information ......

/!\ /!\ MSNFix n'est pas affilié a livekill CleanMessenger /!\ /!\

Ce pseudo antivirus copie les bases de MSNFix pour se tenir a jour


/!\ /!\ MSNFix is not affiliated with Livekill CleanMessenger /!\ /!\

------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------

************************************************

TOUT s'est passé très bien... sauf peut-être pour l'étape #2 où mon ordinateur n'a pas redémarré, ni fait d'erreur fatale.. il a just rien fait *hehe*

J'aimerais savoir si ça a fonctionné quand même, ou si le virus est toujours présent!?

MERCI beaucoup à l'avance pour toutes infos que vous pourriez me donner.. c'est grandement apprécié! :D

Annie .. qui déteste les virus :/ .. :)

salut tu as des infection au taquet
fait ceci
Télécharger et enregistrer sur le bureau
Combofix

=Double-clic sur Combofix
= Presser 1 quand demandé
= Attendre la fermeture de l’outil ( 5 à 10 mn)
=Copier/coller le rapport dans la réponse
Un rapport dans C:\Combofix.txt à mettre dans la réponse
ComboFix-quarantined-files + Qoobox sont eux à supprimer

MERCI beaucoup je fais ça tout de suite ! :)

Ajout du 10-02-2008 à 20:47:

Hmm ReAllo !! :P



hmm.. quand je clique sur ComboFix.exe .. je vois une barre qui se remplie de vert et ensuite j'ai reçu un message de mon anti-virus (McAfee) me disant que c'était un programme potentiellement dangeureux.



J'ai dit de le "truster" .. mais j'ai reçu ce message d'erreur :



*********************



C:\WINDOWS\system32\kmd.exe



Windows ne trouve pas 'C:\WINDOWS\system32\kmd.exe'. Vérifiez que vous avez entré le nom correctement et essayez à nouveau. Pour rechercher un fichier, cliquez sur le bouton Démarrer, puis sur Rechercher.



*********************



Qu'est-ce que je dois faire ?



MERCI!

relance combofix en desactivant ton antivirus