oui j'ai esssayer ccleaner mais sa a rien changer.
j'ai fait un scan avec spybot rien trouver
avec antivir plusieurs malwares que j'ai laisser en quarantaine
pareil pour malwarebytes j'ai laisser en quarantaines les fichiers infectés
et la voici le rapport HijackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:07:46, on 08/12/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:Windowssystem32Dwm.exe
C:Windowssystem32 askeng.exe
C:WindowsExplorer.EXE
C:Program Filesone LabsoneAlarmzlclient.exe
C:Program FilesAviraAntiVir PersonalEdition Classicavgnt.exe
C:Program FilesSpybot - Search & DestroyTeaTimer.exe
C:WindowsSystem32mobsync.exe
C:Windowssystem32wbemunsecapp.exe
C:Program FilesWindows Media Playerwmpnscfg.exe
C:Program FilesWindows LiveMessengermsnmsgr.exe
C:program filesaviraantivir personaledition classicavcenter.exe
C:UsersubDownloadsHiJackThis.exe
C:Program FilesMozilla Firefox 3 Beta 5firefox.exe
C:PROGRA~1CrawlerToolbarCToolbar.exe
C:Windowssystem32NOTEPAD.EXE
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://search.speedbit.com/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://ie.redirect.hp.com/...
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpnyt.dll
R3 - URLSearchHook: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:Program FilesMyPlayCity bMyP0.dll
R3 - URLSearchHook: toox.com Toolbar - {a841a1c1-4687-4285-89fe-e9df6c5ed4c6} - C:Program Files oox.com btoo1.dll
R3 - URLSearchHook: (no name) - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - (no file)
F2 - REG:system.ini: UserInit=C:Windowssystem32userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:Program FilesYahoo!CompanionInstallscpnyt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 - BHO: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:Program FilesMyPlayCity bMyP0.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - C:Program FilesDealiokb127Dealio.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre6inssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: toox.com Toolbar - {a841a1c1-4687-4285-89fe-e9df6c5ed4c6} - C:Program Files oox.com btoo1.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier4.1.805.4472swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:Program FilesWindows Live Toolbarmsntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6injp2ssv.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:Program FilesCommon FilesSymantec SharedcoSharedBrowser1.5UIBHO.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:Program FilesWindows Live Toolbarmsntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpnyt.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - C:PROGRA~1CrawlerToolbarctbr.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar1.dll
O3 - Toolbar: MyPlayCity Toolbar - {4724c5d8-dfa7-417a-a2f5-1eabfee9b4ac} - C:Program FilesMyPlayCity bMyP0.dll
O3 - Toolbar: toox.com Toolbar - {a841a1c1-4687-4285-89fe-e9df6c5ed4c6} - C:Program Files oox.com btoo1.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:Program FilesDealiokb127Dealio.dll
O4 - HKLM..Run: [ZoneAlarm Client] "C:Program Filesone LabsoneAlarmzlclient.exe"
O4 - HKLM..Run: [avgnt] "C:Program FilesAviraAntiVir PersonalEdition Classicavgnt.exe" /min
O4 - HKCU..Run: [SpybotSD TeaTimer] C:Program FilesSpybot - Search & DestroyTeaTimer.exe
O4 - HKUSS-1-5-18..Run: [msnmsgr] "C:Program FilesWindows LiveMessengermsnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [msnmsgr] "C:Program FilesWindows LiveMessengermsnmsgr.exe" /background (User 'Default user')
O6 - HKLMSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present
O6 - HKLMSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O8 - Extra context menu item: &Windows Live Search -
res://C:Program FilesWindows Live Toolbarmsntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites -
http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: Compare Prices with &Dealio - C:UsersubAppDataLocalLowDealiokb127
esDealioSearch.html
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:PROGRA~1MICROS~3Office12EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:Program FilesWindows LiveWriterWriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~3Office12ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~3Office12ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~3Office12REFIEBAR.DLL
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:Program FilesDealiokb127Dealio.dll
O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:Program FilesDealiokb127Dealio.dll
O13 - Gopher Prefix:
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - C:PROGRA~1CrawlerToolbarctbr.dll
O20 - AppInit_DLLs: C:PROGRA~1GoogleGOOGLE~3GOEC62~1.DLL
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:Program Filesa-squared Freea2service.exe
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:Program FilesAviraAntiVir PersonalEdition Classicsched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:Program FilesAviraAntiVir PersonalEdition Classicavguard.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:Program FilesAreschatServer.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:Program FilesBonjourmDNSResponder.exe
O23 - Service: Boonty Games - Unknown owner - C:Program FilesCommon FilesBOONTY SharedServiceBoonty.exe (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:Program FilesCommon FilesSymantec SharedccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:Program FilesCommon FilesSymantec SharedVAScannercomHost.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:Program FilesCommon FilesPortrait DisplaysSharedDTSRVC.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:Program FilesNOSingetPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.7.802.22438 (GoogleDesktopManager-022208-143751) - Google - C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:Program FilesiPodiniPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:Program FilesCommon FilesLightScribeLSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:Windowssystem32
vvsvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:Program FilesCommon FilesSureThing Sharedstllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:Program FilesCommon FilesSymantec SharedAppCoreAppSvc32.exe
O23 - Service: @%SystemRoot%System32TuneUpDefragService.exe,-1 (TuneUp.Defrag) - TuneUp Software - C:WindowsSystem32TuneUpDefragService.exe
O23 - Service: @%SystemRoot%System32TUProgSt.exe,-1 (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:WindowsSystem32TUProgSt.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:WindowsSystem32oneLabsvsmon.exe
merci de repondre