J'avais déjà regardé pour la restauration système, cela ne semble pas marcher, le service ne m'affichant aucun point de restauration antérieur :s
Voici donc le rapport Hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:30:19, on 26/02/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18241)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program Filesa-squared Freea2service.exe
C:Program FilesFichiers communsAppleMobile Device SupportinAppleMobileDeviceService.exe
C:Program FilesBonjourmDNSResponder.exe
C:WINDOWSsystem32CTsvcCDA.EXE
C:WINDOWSSystem32FTRTSVC.exe
C:Program FilesGoogleUpdateGoogleUpdate.exe
C:Program FilesiPod Access for WindowsiPAHelper.exe
C:Program FilesJavajre6injqs.exe
C:Program FilesMicrosoft LifeCamMSCamS32.exe
C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe
C:WINDOWSsystem32PnkBstrA.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesFichiers communsSoftwinBitDefender Communicatorxcommsvr.exe
C:Program FilesFichiers communsSoftwinBitDefender Scan Serverdss.exe
C:Program FilesFichiers communsSoftwinBitDefender Update Servicelivesrv.exe
C:Program FilesSoftwinBitDefender10vsserv.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:windowssystemhpsysdrv.exe
C:WINDOWSsystem32hphmon06.exe
C:HPKBDKBD.EXE
C:WINDOWSsystem32keyhook.exe
C:WINDOWSAGRSMMSG.exe
C:WINDOWSSOUNDMAN.EXE
C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
C:WINDOWSALCWZRD.EXE
C:WINDOWSALCMTR.EXE
C:PROGRA~1SoftwinBITDEF~1dmcon.exe
C:Program FilesSoftwinBitDefender10dagent.exe
C:WINDOWSvVX3000.exe
C:Program FilesiTunesiTunesHelper.exe
C:Program FilesJavajre6injusched.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesHPDigital Imaginginhpqtra08.exe
C:Program FilesAdobeAcrobat 7.0Reader
eader_sl.exe
C:Program FilesiPodiniPodService.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Documents and SettingsOlivier_2BureauSniffle.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://www.google.fr/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar =
http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Wanadoo
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesFichiers communsMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier5.0.926.3450swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:Program FilesJavajre6injp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:Program FilesJavajre6libdeployjqsiejqs_plugin.dll
O3 - Toolbar: Vue HP - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:Program FilesHPDigital ImaginginHPDTLK02.dll
O4 - HKLM..Run: [hpsysdrv] c:windowssystemhpsysdrv.exe
O4 - HKLM..Run: [HPHUPD06] c:Program FilesHP{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}hphupd06.exe
O4 - HKLM..Run: [HPHmon06] C:WINDOWSsystem32hphmon06.exe
O4 - HKLM..Run: [KBD] C:HPKBDKBD.EXE
O4 - HKLM..Run: [Recguard] C:WINDOWSSMINSTRECGUARD.EXE
O4 - HKLM..Run: [VTTimer] VTTimer.exe
O4 - HKLM..Run: [SiS Windows KeyHook] C:WINDOWSsystem32keyhook.exe
O4 - HKLM..Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [PS2] C:WINDOWSsystem32ps2.exe
O4 - HKLM..Run: [ATIPTA] C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
O4 - HKLM..Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM..Run: [BDMCon] C:PROGRA~1SoftwinBITDEF~1dmcon.exe
O4 - HKLM..Run: [BDAgent] "C:Program FilesSoftwinBitDefender10dagent.exe"
O4 - HKLM..Run: [LifeCam] "C:Program FilesMicrosoft LifeCamLifeExp.exe"
O4 - HKLM..Run: [VX3000] C:WINDOWSvVX3000.exe
O4 - HKLM..Run: [iTunesHelper] "C:Program FilesiTunesiTunesHelper.exe"
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre6injusched.exe"
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [BitTorrent DNA] "C:Program FilesDNAtdna.exe"
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SERVICE RESEAU')
O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:Program FilesHPDigital Imaginginhpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:Program FilesAdobeAcrobat 7.0Reader
eader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel -
res://C:PROGRA~1MICROS~3OFFICE11EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~3OFFICE11REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O10 - Unknown file in Winsock LSP: c:windowssystem32
wprovau.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.fr
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/ms ... b31267.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) -
http://www.musicnotes.com/download/mnviewer.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) -
http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) -
http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) -
http://messenger.zone.msn.com/FR-FR/a-U ... E_UNO1.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) -
http://www.systemrequirementslab.com/sysreqlab2.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) -
http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/Me ... b31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -
http://messenger.zone.msn.com/binary/ZI ... b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/Me ... b56907.cab
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - (no file)
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:Program Filesa-squared Freea2service.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:Program FilesFichiers communsAppleMobile Device SupportinAppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:Program FilesFichiers communsSoftwinBitDefender Scan Serverdss.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:Program FilesBonjourmDNSResponder.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:WINDOWSsystem32CTsvcCDA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:WINDOWSSystem32FTRTSVC.exe
O23 - Service: Service Google Update (gupdate1c98ed029cbf446) (gupdate1c98ed029cbf446) - Google Inc. - C:Program FilesGoogleUpdateGoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesFichiers communsInstallShieldDriver1150Intel 32IDriverT.exe
O23 - Service: iPAHelper.exe - Unknown owner - C:Program FilesiPod Access for WindowsiPAHelper.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:Program FilesiPodiniPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:Program FilesJavajre6injqs.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:Program FilesFichiers communsSoftwinBitDefender Update Servicelivesrv.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:WINDOWSsystem32PnkBstrA.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:Program FilesSoftwinBitDefender10vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:Program FilesFichiers communsSoftwinBitDefender Communicatorxcommsvr.exe
--
End of file - 10871 bytes
Au passage, je me demandais si cela pouvais avoir un quelconque rapport avec des résultats Google redirigés vers des liens commerciaux.
Merci