Logfile of HijackThis v1.98.2
Scan saved at 14:35:33, on 05/09/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
 
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Analog Devices\SoundMAX\smagent.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\winupdate.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4pnp.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\svchost32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\wuauclt.exe
G:\hijackthis\HijackThis19802.exe
 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.free.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = res://C:\PROGRA~1\Toolbar\toolbar.dll/sa
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =  
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = res://C:\PROGRA~1\Toolbar\toolbar.dll/sa
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =  
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.tele2internet.fr/?1071190133
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\downloaded program files\googletoolbar2.dll
O2 - BHO: Search Help - {E8EAEB34-F7B5-4C55-87FF-720FAF53D841} - C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\H5gvINdX.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\downloaded program files\googletoolbar2.dll
O3 - Toolbar: (no name) - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - (no file)
O3 - Toolbar: (no name) - {339BB23F-A864-48C0-A59F-29EA915965EC} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\smax4.exe /tray
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\Smax4pnp.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O4 - HKLM\..\Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM\..\Run: [Micr0s0ft Upd4t4z] svchost32.exe
O4 - HKLM\..\Run: [Win32 USB2 Driver] winupdate.exe
O4 - HKLM\..\RunServices: [Win32 USB2.0 Driver] w32usb2.exe
O4 - HKLM\..\RunServices: [XML Service] msxml.exe
O4 - HKLM\..\RunServices: [Micr0s0ft Upd4t4z] svchost32.exe
O4 - HKLM\..\RunServices: [Win32 USB2 Driver] winupdate.exe
O4 - HKLM\..\RunOnce: [Win32 USB2 Driver] winupdate.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Win32 USB2.0 Driver] w32usb2.exe
O4 - HKCU\..\Run: [Win32 USB2 Driver] winupdate.exe
O4 - HKCU\..\RunOnce: [Win32 USB2 Driver] winupdate.exe
O8 - Extra context menu item: &Google Search - res://c:\windows\downloaded program files\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\windows\downloaded program files\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\windows\downloaded program files\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\windows\downloaded program files\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - (no file)
O9 - Extra 'Tools' menuitem: MaxSpeed - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - (no file)
O15 - Trusted Zone: http://www.faqOE.com
O16 - DPF: Win32 Classes -  
O16 - DPF: {17D8B270-9C15-11D3-8F03-00105A9965CA} - http://www.easyclick.com/ie/pc/discount.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/SSC/S [...] vSniff.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft. [...] 3963618796
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6 [...] /cabsa.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = about:blank  
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = res://C:\PROGRA~1\Toolbar\toolbar.dll/sa  
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =  
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = res://C:\PROGRA~1\Toolbar\toolbar.dll/sa  
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =  
R3 - Default URLSearchHook is missing  
O2 - BHO: Search Help - {E8EAEB34-F7B5-4C55-87FF-720FAF53D841} - C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\H5gvINdX.dll (file missing
O3 - Toolbar: (no name) - {C5183ABC-EB6E-4E05-B8C9-500A16B6CF94} - (no file)  
O3 - Toolbar: (no name) - {339BB23F-A864-48C0-A59F-29EA915965EC} - (no file)  
O4 - HKLM\..\Run: [Micr0s0ft Upd4t4z] svchost32.exe  
O4 - HKLM\..\Run: [Win32 USB2 Driver] winupdate.exe  
O4 - HKLM\..\RunServices: [Win32 USB2.0 Driver] w32usb2.exe  
O4 - HKLM\..\RunServices: [XML Service] msxml.exe  
O4 - HKLM\..\RunServices: [Micr0s0ft Upd4t4z] svchost32.exe  
O4 - HKLM\..\RunServices: [Win32 USB2 Driver] winupdate.exe  
O4 - HKLM\..\RunOnce: [Win32 USB2 Driver] winupdate.exe  
O4 - HKCU\..\Run: [Win32 USB2.0 Driver] w32usb2.exe  
O4 - HKCU\..\Run: [Win32 USB2 Driver] winupdate.exe  
O4 - HKCU\..\RunOnce: [Win32 USB2 Driver] winupdate.exe  
O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - (no file)  
O15 - Trusted Zone: http://www.faqOE.com  
O16 - DPF: Win32 Classes -  
 
Ferme tous les programmes, y compris internet explorer.
Lance HijackThis. Coche ces lignes et clique "Fix checked".
 
----------
Redémarre en mode sans échec (en tapotant F8 au démarrage).
Assure-toi que tu as accès aux fichiers cachés.
(explorateur windows->outils->options des dossiers->affichage
""Afficher les fichiers cachés"->coché
"Masquer les extensions.."->décoché)
 
Et supprime:
 
C:\WINDOWS\System32\winupdate.exe  
C:\WINDOWS\System32\svchost32.exe  
 
et recherche les *.exe de fin de lignes O4.
 
------------
 
De plus, ce n'est pas normal que ta barre Google parte de :
c:\windows\downloaded program files
Il devrait avoir son propre dossier.

 
Ok! Merci, je vais faire le nécessaire

Ha oui, et j'oubliais : poste un nouvel HijackThis, après.