Se connecter / S'enregistrer
Votre question

Problème "Your Computer is infected"

Tags :
  • Windows
  • Sécurité
Dernière réponse : dans Sécurité et virus
18 Octobre 2008 10:11:32

Tout d'abord bonjour à tous ,
n'étant pas un pro de l'informatique , je me permets de vous solliciter pour un soucis que je viens de rencontrer sur mon ordinateur:
J'ai un message dans ma barre de tache qui me dit que "Your computer is infected ..." avec une croix blanche dans un rond rouge.
Je viens juste d'avoir internet et j'avoue etre un peu perdu.
Merci d'avance.
Falofa

Autres pages sur : probleme your computer infected

18 Octobre 2008 12:31:51

Personne ne peut m'aider?
Contenus similaires
21 Octobre 2008 10:02:17

Désolé , j'ai des gros soucis de connexion en plus , je te joints le rapport de hijacktis.Merci de ton aide


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:01:01, on 21/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Documents and Settings\All Users\Application Data\dcxyhafi\vuvwjank.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\drivers\svchost.exe
C:\Documents and Settings\Franck\Bureau\rambxpfr.exe
C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\FICHIERS TELECHARGES\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE /P30 "EPSON Stylus Photo R200 Series" /O6 "USB001" /M "Stylus Photo R200"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SVCHOST.EXE] C:\WINDOWS\system32\drivers\svchost.exe
O4 - HKCU\..\Run: [RamBoostXp] C:\Documents and Settings\Franck\Bureau\rambxpfr.exe
O4 - HKLM\..\Policies\Explorer\Run: [IvHVsHituA] C:\Documents and Settings\All Users\Application Data\dcxyhafi\vuvwjank.exe
O4 - HKUS\S-1-5-18\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall....
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://webalbum.foto.com/ImageUploader5.cab
O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www3.photoweb.fr/telechargement/Photoweb_uploade...
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibli...
O16 - DPF: {826287F8-454E-11D9-ADFE-00062919A34C} (ActiveXUploadFotoCom.UserCtrlFotoCom) - http://fotobook.foto.com/activeX/newUploadFotoCom.CAB
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.5 Combo Control) - http://www.pixdiscount.fr/clients/ImageUploader3.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.netprint.com/view/uploader/ImageUploader3.ca...
O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFnacmusic/Fnacmu...
O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibli...
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/virtools.downloa...
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.2.0.6.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com SpeedUploader 1.0 Control) - http://webalbum.foto.com/SFUploader/SpeedUploader.cab
O20 - AppInit_DLLs: karna.dat
O21 - SSODL: procweb - {10329226-E73A-B3F3-7F71-0033631CAE13} - C:\Program Files\uazvmcb\procweb.dll
O23 - Service: CanalPlus.VOD - Canal+ Active - C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

--
End of file - 7877 bytes
a b 8 Sécurité
21 Octobre 2008 12:38:16

Re,

[#ff0000]! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer
    21 Octobre 2008 18:07:55

    Voilà le résultat , merci !

    ComboFix 08-10-19.04 - Franck 2008-10-21 17:52:11.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.539 [GMT 2:00]
    Lancé depuis: C:\Documents and Settings\Franck\Bureau\ComboFix.exe
    * Resident AV is active


    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\Franck\Application Data\inst.exe
    C:\Documents and Settings\Franck\Cookies\dajemu.dll
    C:\Documents and Settings\Franck\Cookies\ipewi.ban
    C:\Documents and Settings\Franck\Menu Démarrer\Programmes\XP_AntiSpyware
    C:\Documents and Settings\Franck\Menu Démarrer\Programmes\XP_AntiSpyware\Uninstall.lnk
    C:\Documents and Settings\Franck\Menu Démarrer\Programmes\XP_AntiSpyware\XP_AntiSpyware.lnk
    C:\Program Files\akl
    C:\Program Files\akl\akl.dll
    C:\Program Files\akl\akl.exe
    C:\Program Files\akl\uninstall.exe
    C:\Program Files\akl\unsetup.exe
    C:\Program Files\Inet Delivery
    C:\Program Files\Inet Delivery\inetdl.exe
    C:\Program Files\Inet Delivery\intdel.exe
    C:\Program Files\internet optimizer
    C:\Program Files\myglobalsearch
    C:\Program Files\myglobalsearch\bar\History\search
    C:\Program Files\XP_AntiSpyware
    C:\Program Files\XP_AntiSpyware\AVEngn.dll
    C:\Program Files\XP_AntiSpyware\data\daily.cvd
    C:\Program Files\XP_AntiSpyware\htmlayout.dll
    C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest
    C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\msvcm80.dll
    C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\msvcp80.dll
    C:\Program Files\XP_AntiSpyware\Microsoft.VC80.CRT\msvcr80.dll
    C:\Program Files\XP_AntiSpyware\pthreadVC2.dll
    C:\Program Files\XP_AntiSpyware\Uninstall.exe
    C:\Program Files\XP_AntiSpyware\wscui.cpl
    C:\Program Files\XP_AntiSpyware\XP_Antispyware.cfg
    C:\WINDOWS\a.bat
    C:\WINDOWS\b.exe
    C:\WINDOWS\base64.tmp
    C:\WINDOWS\bdn.com
    C:\WINDOWS\FVProtect.exe
    C:\WINDOWS\iTunesMusic.exe
    C:\WINDOWS\mslagent
    C:\WINDOWS\mslagent\2_mslagent.dll
    C:\WINDOWS\mslagent\mslagent.exe
    C:\WINDOWS\mslagent\uninstall.exe
    C:\WINDOWS\mssecu.exe
    C:\WINDOWS\system32\_000182_.tmp.dll
    C:\WINDOWS\system32\_000193_.tmp.dll
    C:\WINDOWS\system32\_005615_.tmp.dll
    C:\WINDOWS\system32\_005616_.tmp.dll
    C:\WINDOWS\system32\_005617_.tmp.dll
    C:\WINDOWS\system32\_005618_.tmp.dll
    C:\WINDOWS\system32\_005625_.tmp.dll
    C:\WINDOWS\system32\_005626_.tmp.dll
    C:\WINDOWS\system32\_005627_.tmp.dll
    C:\WINDOWS\system32\_005628_.tmp.dll
    C:\WINDOWS\system32\_005630_.tmp.dll
    C:\WINDOWS\system32\_005631_.tmp.dll
    C:\WINDOWS\system32\_005634_.tmp.dll
    C:\WINDOWS\system32\_005635_.tmp.dll
    C:\WINDOWS\system32\_005637_.tmp.dll
    C:\WINDOWS\system32\_005638_.tmp.dll
    C:\WINDOWS\system32\_005639_.tmp.dll
    C:\WINDOWS\system32\_005641_.tmp.dll
    C:\WINDOWS\system32\_005644_.tmp.dll
    C:\WINDOWS\system32\_005645_.tmp.dll
    C:\WINDOWS\system32\_005649_.tmp.dll
    C:\WINDOWS\system32\_005650_.tmp.dll
    C:\WINDOWS\system32\_005652_.tmp.dll
    C:\WINDOWS\system32\_005655_.tmp.dll
    C:\WINDOWS\system32\_005657_.tmp.dll
    C:\WINDOWS\system32\_005658_.tmp.dll
    C:\WINDOWS\system32\_005659_.tmp.dll
    C:\WINDOWS\system32\_005660_.tmp.dll
    C:\WINDOWS\system32\_005661_.tmp.dll
    C:\WINDOWS\system32\_005664_.tmp.dll
    C:\WINDOWS\system32\_005665_.tmp.dll
    C:\WINDOWS\system32\_005666_.tmp.dll
    C:\WINDOWS\system32\_005667_.tmp.dll
    C:\WINDOWS\system32\_005668_.tmp.dll
    C:\WINDOWS\system32\_005673_.tmp.dll
    C:\WINDOWS\system32\_scui.cpl
    C:\WINDOWS\system32\akttzn.exe
    C:\WINDOWS\system32\anticipator.dll
    C:\WINDOWS\system32\awtoolb.dll
    C:\WINDOWS\system32\bdn.com
    C:\WINDOWS\system32\bsva-egihsg52.exe
    C:\WINDOWS\system32\dao350.dll
    C:\WINDOWS\system32\dpcproxy.exe
    C:\WINDOWS\system32\drivers\svchost.exe
    C:\WINDOWS\system32\emesx.dll
    C:\WINDOWS\system32\h@tkeysh@@k.dll
    C:\WINDOWS\system32\hoproxy.dll
    C:\WINDOWS\system32\hxiwlgpm.dat
    C:\WINDOWS\system32\hxiwlgpm.exe
    C:\WINDOWS\system32\medup012.dll
    C:\WINDOWS\system32\medup020.dll
    C:\WINDOWS\system32\msgp.exe
    C:\WINDOWS\system32\msnbho.dll
    C:\WINDOWS\system32\mssecu.exe
    C:\WINDOWS\system32\msvchost.exe
    C:\WINDOWS\system32\mtr2.exe
    C:\WINDOWS\system32\mwin32.exe
    C:\WINDOWS\system32\netode.exe
    C:\WINDOWS\system32\newsd32.exe
    C:\WINDOWS\system32\ps1.exe
    C:\WINDOWS\system32\psof1.exe
    C:\WINDOWS\system32\psoft1.exe
    C:\WINDOWS\system32\regc64.dll
    C:\WINDOWS\system32\regm64.dll
    C:\WINDOWS\system32\Rundl1.exe
    C:\WINDOWS\system32\smp
    C:\WINDOWS\system32\smp\msrc.exe
    C:\WINDOWS\system32\sncntr.exe
    C:\WINDOWS\system32\ssurf022.dll
    C:\WINDOWS\system32\ssvchost.com
    C:\WINDOWS\system32\ssvchost.exe
    C:\WINDOWS\system32\sysreq.exe
    C:\WINDOWS\system32\taack.dat
    C:\WINDOWS\system32\taack.exe
    C:\WINDOWS\system32\temp#01.exe
    C:\WINDOWS\system32\thun.dll
    C:\WINDOWS\system32\thun32.dll
    C:\WINDOWS\system32\VBIEWER.OCX
    C:\WINDOWS\system32\vbsys2.dll
    C:\WINDOWS\system32\vcatchpi.dll
    C:\WINDOWS\system32\wini104552663.exe
    C:\WINDOWS\system32\winlogonpc.exe
    C:\WINDOWS\system32\winsystem.exe
    C:\WINDOWS\system32\WINWGPX.EXE
    C:\WINDOWS\userconfig9x.dll
    C:\WINDOWS\winsystem.exe
    C:\WINDOWS\zip1.tmp
    C:\WINDOWS\zip2.tmp
    C:\WINDOWS\zip3.tmp
    C:\WINDOWS\zipped.tmp

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2008-09-21 au 2008-10-21 ))))))))))))))))))))))))))))))))))))
    .

    2148-08-07 06:01 . 2148-08-07 06:01 3,120 --a--c--- C:\WINDOWS\MF_C421.lfa
    2148-08-07 06:01 . 2148-08-07 06:01 3,120 --a--c--- C:\WINDOWS\MF_C420.lfa
    2008-10-21 17:45 . 2008-10-21 17:45 3,151 --a------ C:\WINDOWS\system32\spupdsvc.inf
    2008-10-21 17:15 . 2008-10-21 17:35 <REP> d-------- C:\WINDOWS\system32\fr
    2008-10-21 17:15 . 2008-10-21 17:35 <REP> d-------- C:\WINDOWS\system32\bits
    2008-10-21 17:15 . 2008-10-21 17:35 <REP> d-------- C:\WINDOWS\l2schemas
    2008-10-21 17:08 . 2007-10-25 18:43 8,516,608 --a------ C:\WINDOWS\system32\dllcache\shell32.dll
    2008-10-21 09:36 . 2008-10-21 09:36 18,392 --a------ C:\Program Files\Fichiers communs\ilahys.vbs
    2008-10-21 09:36 . 2008-10-21 09:36 18,110 --a------ C:\Documents and Settings\Franck\Application Data\meto.bin
    2008-10-21 09:36 . 2008-10-21 09:36 12,213 --a------ C:\Program Files\Fichiers communs\elixoxep.dat
    2008-10-21 09:36 . 2008-10-21 09:36 10,893 --a------ C:\Documents and Settings\Franck\Application Data\poqusamuv.dll
    2008-10-18 15:00 . 2008-10-18 15:00 <REP> d-------- C:\Documents and Settings\All Users\Application Data\fssg
    2008-10-18 08:45 . 2008-10-18 08:45 152 --a------ C:\Documents and Settings\Franck\delself.bat
    2008-10-17 23:54 . 2008-10-17 23:54 118 --a------ C:\WINDOWS\system32\MRT.INI
    2008-10-17 23:29 . 2008-10-17 23:29 <REP> d-------- C:\Program Files\uazvmcb
    2008-10-17 23:29 . 2008-10-17 23:29 <REP> d-------- C:\Documents and Settings\All Users\Application Data\dcxyhafi
    2008-10-17 16:59 . 2007-12-11 20:22 65,536 --a------ C:\WINDOWS\system32\Autodial2000.dll
    2008-10-16 20:51 . 2008-10-19 21:08 <REP> d-------- C:\Program Files\OrangeHSS
    2008-10-16 14:29 . 2008-10-16 14:29 <REP> d-------- C:\Program Files\Securitoo
    2008-10-16 14:28 . 2006-03-01 18:53 94,208 --a------ C:\WINDOWS\system32\w32n50.dll
    2008-10-16 14:28 . 2003-09-23 10:38 34,688 --a------ C:\WINDOWS\system32\pcampr5.sys
    2008-10-16 14:28 . 2006-03-01 18:53 32,128 --a------ C:\WINDOWS\system32\pcandis5.sys
    2008-10-16 14:26 . 2008-10-16 14:26 <REP> d-------- C:\Program Files\Fichiers communs\France Telecom
    2008-10-05 18:26 . 2008-10-05 18:26 <REP> d-------- C:\Documents and Settings\Franck\Application Data\Serif
    2008-10-05 18:26 . 1998-08-20 13:02 140,800 --a------ C:\WINDOWS\system32\tm20dec.ax
    2008-10-05 18:26 . 1998-09-02 10:28 38,160 --a------ C:\WINDOWS\system32\LMRTREND.dll
    2008-10-05 18:25 . 1998-09-02 10:02 194,320 --a------ C:\WINDOWS\system32\qcut.dll
    2008-10-05 18:25 . 1998-08-27 06:51 182,032 --a------ C:\WINDOWS\system32\dxtmsft3.dll
    2008-10-05 18:25 . 1998-09-02 10:28 63,488 --a------ C:\WINDOWS\system32\unam4ie.exe
    2008-10-05 18:25 . 1998-08-17 11:21 11,776 --a------ C:\WINDOWS\system32\mciqtz.drv
    2008-10-05 18:25 . 1998-08-17 11:21 10,240 --a------ C:\WINDOWS\system32\vidx16.dll
    2008-10-05 18:25 . 1998-08-17 11:21 5,672 --a------ C:\WINDOWS\system32\quartz.vxd
    2008-10-05 18:25 . 2008-10-05 18:25 4,608 --a------ C:\WINDOWS\system32\w95inf32.dll
    2008-10-05 18:25 . 2008-10-05 18:25 2,272 --a------ C:\WINDOWS\system32\w95inf16.dll
    2008-10-05 18:22 . 2008-10-05 18:22 <REP> d-------- C:\Documents and Settings\Franck\Application Data\AquaSoft
    2008-10-05 18:17 . 2008-10-05 18:17 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-10-05 18:12 . 2008-10-05 18:12 <REP> d-------- C:\Anuman Interactive
    2008-10-05 11:10 . 2001-09-24 04:42 217,271 -ra------ C:\WINDOWS\system32\drivers\LV551AV.sys
    2008-10-05 11:10 . 2001-09-24 04:18 131,072 -ra------ C:\WINDOWS\system32\SP5X_32.DLL

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-10-21 07:36 18,780 ----a-w C:\Program Files\Fichiers communs\ebahalos.dl
    2008-10-21 07:36 14,816 ----a-w C:\Program Files\Fichiers communs\qodyz._sy
    2008-10-21 07:36 14,564 ----a-w C:\WINDOWS\toqihyx.reg
    2008-10-21 07:36 13,748 ----a-w C:\WINDOWS\hifazinuv.scr
    2008-10-21 07:36 11,999 ----a-w C:\WINDOWS\axok.vbs
    2008-10-20 20:14 --------- d-----w C:\Documents and Settings\Franck\Application Data\Azureus
    2008-10-18 14:13 --------- d-----w C:\Program Files\PokerStars
    2008-10-17 21:49 --------- d-----w C:\Documents and Settings\Franck\Application Data\LimeWire
    2008-10-05 16:28 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-10-05 08:39 --------- d-----w C:\Documents and Settings\Franck\Application Data\Canon
    2008-09-01 21:18 --------- d-----w C:\Program Files\Ige+Xao
    2008-09-01 21:14 --------- d-----w C:\Program Files\Fichiers communs\Autodesk Shared
    2008-09-01 21:14 --------- d-----w C:\Program Files\Autodesk
    2008-09-01 21:14 --------- d-----w C:\Documents and Settings\All Users\Application Data\Autodesk
    2008-08-28 10:04 333,056 ----a-w C:\WINDOWS\system32\drivers\srv.sys
    2008-08-14 17:55 47,360 ----a-w C:\Documents and Settings\Franck\Application Data\pcouffin.sys
    2006-12-30 19:31 8,192 --sha-w C:\WINDOWS\o2cLicStore.bin
    2006-08-25 15:51 617,472 --sha-w C:\WINDOWS\system32\comctl32.dll
    2003-04-24 12:00 253,952 --sha-w C:\WINDOWS\system32\msvcrt20.dll
    2007-12-04 18:41 550,912 --sha-w C:\WINDOWS\system32\oleaut32.dll
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 15360]
    "RamBoostXp"="C:\Documents and Settings\Franck\Bureau\rambxpfr.exe" [2004-03-09 1542144]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 83608]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-07-25 286720]
    "BitDefender Antiphishing Helper"="C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe" [2007-10-09 61440]
    "BDAgent"="C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe" [2008-10-17 368640]
    "ORAHSSSessionManager"="C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe" [2007-12-12 107248]
    "EPSON Stylus Photo R200 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE" [2003-09-11 99840]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run]
    "IvHVsHituA"="C:\Documents and Settings\All Users\Application Data\dcxyhafi\vuvwjank.exe" [2008-10-17 57344]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "ForceClassicControlPanel"= 1 (0x1)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    "procweb"= {10329226-E73A-B3F3-7F71-0033631CAE13} - C:\Program Files\uazvmcb\procweb.dll [2008-10-17 98304]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "VIDC.SP53"= SP5X_32.DLL
    "VIDC.SP54"= SP5X_32.DLL
    "VIDC.SP55"= SP5X_32.DLL
    "VIDC.SP56"= SP5X_32.DLL
    "VIDC.SP57"= SP5X_32.DLL
    "VIDC.SP58"= SP5X_32.DLL
    "VIDC.SP59"= SP5X_32.DLL
    "vidc.mpng"= d:\Program Files\t@b\0.956\686\tabdec.dll
    "vidc.mjpg"= d:\Program Files\t@b\0.956\686\tabdec.dll
    "vidc.mvjp"= d:\Program Files\t@b\0.956\686\tabdec.dll
    "vidc.444p"= d:\Program Files\t@b\0.956\686\tabdec.dll

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Gamma Loader.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Gamma Loader.lnk
    backup=C:\WINDOWS\pss\Adobe Gamma Loader.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^InterVideo WinCinema Manager.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\InterVideo WinCinema Manager.lnk
    backup=C:\WINDOWS\pss\InterVideo WinCinema Manager.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
    backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Canal Widget]
    --a------ 2008-06-03 15:55 103992 C:\Program Files\Canal\Canal Widget\Launcher.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IncrediMail]
    --a------ 2006-10-31 15:06 204843 C:\Program Files\IncrediMail\bin\IncMail.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LVCOMS]
    --a------ 2001-09-24 10:39 98304 C:\Program Files\Fichiers communs\Logitech\QCDriver\LVComS.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    --a------ 2004-10-13 18:24 1694208 C:\Program Files\Messenger\msmsgs.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
    --a------ 2007-01-19 13:55 5674352 C:\Program Files\MSN Messenger\msnmsgr.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    --a------ 2001-07-09 11:50 155648 C:\WINDOWS\system32\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
    -ra------ 2006-03-30 17:45 313472 C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
    -ra------ 2005-07-22 09:00 81920 C:\WINDOWS\SOUNDMAN.EXE

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001
    "UpdatesDisableNotify"=dword:00000001
    "AntiVirusOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\IncrediMail\\bin\\IMApp.exe"=
    "C:\\Program Files\\IncrediMail\\bin\\IncMail.exe"=
    "C:\\Program Files\\IncrediMail\\bin\\ImpCnt.exe"=
    "C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\SAGENT4.EXE"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\IncrediMail\\bin\\IncrediMail_Install.exe"=
    "C:\\StubInstaller.exe"=
    "D:\\Program Files\\LimeWire\\LimeWire.exe"=
    "D:\\FICHIERS TELECHARGES\\LOGICIELS\\TPS\\ProgDVB.4.62.6\\ProgDVB.exe"=
    "C:\\Program Files\\uTorrent\\uTorrent.exe"=
    "D:\\Program Files\\Azureus\\Azureus.exe"=
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\MSN Messenger\\livecall.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=
    "C:\\Program Files\\OrangeHSS\\Connectivity\\ConnectivityManager.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "1234:UDP"= 1234:UDP:freeplayer udp
    "8080:TCP"= 8080:TCP:freeplayer TCP
    "30433:TCP"= 30433:TCP:Utorrent
    "30555:TCP"= 30555:TCP:Azureus Down

    R2 BT848;Bt878, WDM Video Capture;C:\WINDOWS\system32\drivers\BT848.SYS [2002-06-25 207154]
    R2 BTTUNER;BtTuner, WDM TvTuner;C:\WINDOWS\system32\drivers\BTTUNER.SYS [2002-02-22 8680]
    R2 BTXBAR;BtXBar, WDM Crossbar;C:\WINDOWS\system32\drivers\BTXBAR.SYS [2002-03-07 7930]
    R2 CanalPlus.VOD;CanalPlus.VOD;C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe [2008-06-03 61440]
    R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-06-24 86792]
    R3 LVBulk;LVBulk Service;C:\WINDOWS\system32\DRIVERS\LVBulk.sys [2001-09-24 10261]
    R3 PID_0900_V;Logitech ClickSmart 310(PID_0900_V);C:\WINDOWS\system32\DRIVERS\LV551AV.sys [2001-09-24 217271]
    R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
    R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 26496]
    S1 hwinterface;hwinterface;C:\WINDOWS\system32\Drivers\hwinterface.sys [ ]
    S3 CnxEtP;ZTE ZXDSL852 Adapter Filter Driver;C:\WINDOWS\system32\DRIVERS\CnxEtP.sys [ ]
    S3 CnxEtU;ZTE ZXDSL852 Interface Device Driver;C:\WINDOWS\system32\DRIVERS\CnxEtU.sys [ ]
    S3 CnxTgNW;ZTE ZXDSL852 WAN PPPoA Adapter Driver;C:\WINDOWS\system32\DRIVERS\CnxTgNW.sys [ ]
    S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 21344]
    S3 pctvvbi;PCTVVBI;C:\WINDOWS\system32\DRIVERS\pctvvbi.sys [2001-10-24 6369]
    S3 SetupNTGLM7X;SetupNTGLM7X;E:\NTGLM7X.sys [ ]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bdx REG_MULTI_SZ scan

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4de59cfe-c3ea-11db-a6da-0011098fc159}]
    \Shell\AutoRun\command - M:\AUTORUN.EXE

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{79b7a486-3504-11db-a65e-00d0d08cde8c}]
    \Shell\AutoRun\command - F:\AUTORUN.EXE

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d6d0259c-c823-11db-a6e1-0011098fc159}]
    \Shell\AutoRun\command - M:\Project1.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}]
    rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\fpxpress.inf,PerUserstub
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    HKU-Default-Run-ALUAlert - C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe
    Notify-dimsntfy - (no file)
    MSConfigStartUp-CnxDslTaskBar - C:\Program Files\ZTE Corporation\ZXDSL852\CnxDslTb.exe


    .
    ------- Examen supplémentaire -------
    .
    R0 -: HKCU-Main,Start Page = hxxp://www.orange.fr/
    R1 -: HKCU-Internet Connection Wizard,ShellNext = iexplore

    O16 -: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} - hxxp://webalbum.foto.com/ImageUploader5.cab
    C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ImageUploader5.inf
    C:\WINDOWS\system32\unicows.dll
    C:\WINDOWS\Downloaded Program Files\CONFLICT.1\ImageUploader5.ocx

    O16 -: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} - hxxp://www3.photoweb.fr/telechargement/Photoweb_uploader.cab
    C:\WINDOWS\Downloaded Program Files\CONFLICT.1\telechargement-photoweb.inf
    C:\WINDOWS\system32\unicows.dll
    C:\WINDOWS\Downloaded Program Files\CONFLICT.1\telechargement-photoweb.ocx

    O16 -: {826287F8-454E-11D9-ADFE-00062919A34C} - hxxp://fotobook.foto.com/activeX/newUploadFotoCom.CAB
    C:\WINDOWS\Downloaded Program Files\newUploadFotoCom.INF
    C:\WINDOWS\system32\WS2_32.DLL
    C:\WINDOWS\SYSTEM32\MSCOMCTL.OCX
    C:\WINDOWS\system32\MSSTKPRP.DLL
    C:\WINDOWS\system32\MSPRPFR.DLL
    C:\WINDOWS\system32\OLEAUT32.DLL
    C:\WINDOWS\system32\OLEPRO32.DLL
    C:\WINDOWS\system32\ASYCFILT.DLL
    C:\WINDOWS\system32\STDOLE2.TLB
    C:\WINDOWS\system32\COMCAT.DLL
    C:\WINDOWS\system32\VB6FR.DLL
    C:\WINDOWS\system32\MSVBVM60.DLL
    C:\WINDOWS\fotocom.ico
    C:\WINDOWS\system32\STDFTFR.DLL
    C:\WINDOWS\system32\MSSTDFMT.DLL
    C:\WINDOWS\system32\DPDlg.ocx
    C:\WINDOWS\system32\WINSKFR.DLL
    C:\WINDOWS\system32\MSWINSCK.OCX
    C:\WINDOWS\system32\CMDLGFR.DLL
    C:\WINDOWS\system32\COMDLG32.OCX
    C:\WINDOWS\system32\MSCMCFR.DLL
    C:\WINDOWS\system32\RsaCrypt.dll
    C:\WINDOWS\Downloaded Program Files\newUploadFotoCom.ocx

    O16 -: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - hxxp://drivers1.free.fr/hardwaredetection.cab
    C:\WINDOWS\Downloaded Program Files\HardwareDetection.inf

    O16 -: {92E7E45A-D8C8-480E-AF99-176E43997CAA} - hxxp://www.pixdiscount.fr/clients/ImageUploader3.cab
    C:\WINDOWS\Downloaded Program Files\ImageUploader3.inf
    C:\WINDOWS\system32\unicows.dll
    C:\WINDOWS\Downloaded Program Files\ImageUploader3.ocx

    O16 -: {B9907873-6560-4A36-B76B-9DADE84A7F55} - hxxp://www.fnacmusic.com/telechargementFnacmusic/FnacmusicDnl....
    C:\WINDOWS\Downloaded Program Files\FnacmusicDnl.INF
    C:\WINDOWS\system32\MSSTKPRP.DLL
    C:\WINDOWS\system32\MSPRPFR.DLL
    C:\WINDOWS\system32\asycfilt.dll
    C:\WINDOWS\system32\msvbvm50.dll
    C:\WINDOWS\system32\VB5FR.DLL
    C:\WINDOWS\system32\MSFLXGRD.OCX
    C:\WINDOWS\Downloaded Program Files\DNLMANAGER.DEP
    C:\WINDOWS\Downloaded Program Files\OLELIB.TLB
    C:\WINDOWS\Downloaded Program Files\DNLMANAGER.EXE
    C:\WINDOWS\Downloaded Program Files\FNACMUSICDNL.OCX

    O16 -: {BA162249-F2C5-4851-8ADC-FC58CB424243} - hxxp://copainsdavant.linternaute.com/html_include_bibliotheque/objimageuploader/5.0.15.0/ImageUploader5.cab
    C:\WINDOWS\Downloaded Program Files\ImageUploader5.inf
    C:\WINDOWS\system32\unicows.dll
    C:\WINDOWS\Downloaded Program Files\ImageUploader5.ocx

    O16 -: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} - hxxp://webalbum.foto.com/SFUploader/SpeedUploader.cab
    C:\WINDOWS\Downloaded Program Files\SpeedUploader.inf
    C:\WINDOWS\system32\unicows.dll
    C:\WINDOWS\Downloaded Program Files\SpeedUploader.ocx
    .

    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-21 18:00:01
    Windows 5.1.2600 Service Pack 2 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    ------------------------ Autres processus actifs ------------------------
    .
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    .
    **************************************************************************
    .
    Heure de fin: 2008-10-21 18:05:22 - La machine a redémarré [Franck]
    ComboFix-quarantined-files.txt 2008-10-21 16:05:10

    Avant-CF: 5,938,749,440 octets libres
    Après-CF: 6,613,995,520 octets libres

    410 --- E O F --- 2008-10-21 15:49:53
    a b 8 Sécurité
    21 Octobre 2008 20:02:02

    Reposte un rapport Hijackthis.
    21 Octobre 2008 20:50:54

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:50:36, on 21/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    C:\Documents and Settings\All Users\Application Data\dcxyhafi\vuvwjank.exe
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Documents and Settings\Franck\Bureau\rambxpfr.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\IncrediMail\bin\IncMail.exe
    C:\PROGRA~1\INCRED~1\bin\IMApp.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    D:\FICHIERS TELECHARGES\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
    O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
    O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE /P30 "EPSON Stylus Photo R200 Series" /O6 "USB001" /M "Stylus Photo R200"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [RamBoostXp] C:\Documents and Settings\Franck\Bureau\rambxpfr.exe
    O4 - HKLM\..\Policies\Explorer\Run: [IvHVsHituA] C:\Documents and Settings\All Users\Application Data\dcxyhafi\vuvwjank.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall....
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
    O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://webalbum.foto.com/ImageUploader5.cab
    O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www3.photoweb.fr/telechargement/Photoweb_uploade...
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibli...
    O16 - DPF: {826287F8-454E-11D9-ADFE-00062919A34C} (ActiveXUploadFotoCom.UserCtrlFotoCom) - http://fotobook.foto.com/activeX/newUploadFotoCom.CAB
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
    O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.5 Combo Control) - http://www.pixdiscount.fr/clients/ImageUploader3.cab
    O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.netprint.com/view/uploader/ImageUploader3.ca...
    O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFnacmusic/Fnacmu...
    O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibli...
    O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/virtools.downloa...
    O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.2.0.6.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com SpeedUploader 1.0 Control) - http://webalbum.foto.com/SFUploader/SpeedUploader.cab
    O21 - SSODL: procweb - {10329226-E73A-B3F3-7F71-0033631CAE13} - C:\Program Files\uazvmcb\procweb.dll
    O23 - Service: CanalPlus.VOD - Canal+ Active - C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

    --
    End of file - 7048 bytes
    a b 8 Sécurité
    21 Octobre 2008 21:00:23

    Re,

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.
    Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
    AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM
    22 Octobre 2008 14:04:03

    Voilà le résultat de MBAM:

    Malwarebytes' Anti-Malware 1.29
    Version de la base de données: 1304
    Windows 5.1.2600 Service Pack 2

    21/10/2008 22:38:48
    mbam-log-2008-10-21 (22-38-48).txt

    Type de recherche: Examen complet (C:\|D:\|F:\|)
    Eléments examinés: 146798
    Temps écoulé: 33 minute(s), 45 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 19
    Valeur(s) du Registre infectée(s): 2
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 2
    Fichier(s) infecté(s): 5

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\CLSID\{10329226-E73A-B3F3-7F71-0033631CAE13} (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\dyfuca_bh.sinkobj (Adware.NetOptimizer) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\dyfuca_bh.sinkobj.1 (Adware.NetOptimizer) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\myglobalsearchbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\myglobalsearchbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{339d8aff-0b42-4260-ad82-78ce605a9543} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{a36a5936-cfd9-4b41-86bd-319a1931887f} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{aa4939c3-deca-4a48-a454-97cd587c0ef5} (Adware.NetOptimizer) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{eee4a2e5-9f56-432f-a6ed-f6f625b551e0} (Adware.NetOptimizer) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{ef281620-a3a3-4f08-874f-d68cfc9b7945} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{cea206e8-8057-4a04-ace9-ff0d69a92297} (Adware.NetOptimizer) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{58634367-d62b-4c2c-86be-5aac45cdb671} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{d0288a41-9855-4a9b-8316-babe243648da} (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{0be10b0d-b4db-4693-9b1f-9aead54d17dc} (Adware.NetOptimizer) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SideFind (Trojan.BHO) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\XP_Antispyware (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\WakeNet (Trojan.Adware) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\MyGlobalSearch (Adware.BookedSpace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WSEM Update (Adware.NetOptimizer) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\procweb (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\ivhvshitua (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Program Files\BitDownload (Trojan.Lop) -> Quarantined and deleted successfully.
    C:\Program Files\BitDownload\ZM (Trojan.Lop) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Program Files\uazvmcb\procweb.dll (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
    C:\Documents and Settings\All Users\Application Data\dcxyhafi\vuvwjank.exe (Trojan.FakeAlert.H) -> Quarantined and deleted successfully.
    C:\Program Files\BitDownload\BitDownload.TRC (Trojan.Lop) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Franck\Application Data\Microsoft\Internet Explorer\Quick Launch\XP_AntiSpyware.lnk (Rogue.XPAntiSpyware) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Franck\delself.bat (Malware.Trace) -> Quarantined and deleted successfully.
    a b 8 Sécurité
    22 Octobre 2008 17:22:48

    Reposte un rapport Hijackthis.
    22 Octobre 2008 20:13:00

    Voilà:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:12:22, on 22/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Documents and Settings\Franck\Bureau\rambxpfr.exe
    C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\INCRED~1\bin\IMApp.exe
    D:\Program Files\Azureus\Azureus.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\PROGRA~1\INCRED~1\bin\IncMail.exe
    D:\FICHIERS TELECHARGES\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
    O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
    O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE /P30 "EPSON Stylus Photo R200 Series" /O6 "USB001" /M "Stylus Photo R200"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [RamBoostXp] C:\Documents and Settings\Franck\Bureau\rambxpfr.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall....
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
    O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://webalbum.foto.com/ImageUploader5.cab
    O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www3.photoweb.fr/telechargement/Photoweb_uploade...
    a b 8 Sécurité
    22 Octobre 2008 20:40:18

    Ton rapport n'est pas complet :) 
    22 Octobre 2008 20:43:42

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:42:19, on 22/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
    C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe
    C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Documents and Settings\Franck\Bureau\rambxpfr.exe
    C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\PROGRA~1\INCRED~1\bin\IMApp.exe
    D:\Program Files\Azureus\Azureus.exe
    C:\PROGRA~1\INCRED~1\bin\IncMail.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    D:\FICHIERS TELECHARGES\HiJackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2008\IEToolbar.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2008\IEShow.exe"
    O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2008\bdagent.exe"
    O4 - HKLM\..\Run: [ORAHSSSessionManager] C:\Program Files\OrangeHSS\SessionManager\SessionManager.exe
    O4 - HKLM\..\Run: [EPSON Stylus Photo R200 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0H2.EXE /P30 "EPSON Stylus Photo R200 Series" /O6 "USB001" /M "Stylus Photo R200"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [RamBoostXp] C:\Documents and Settings\Franck\Bureau\rambxpfr.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070711/qtinstall....
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
    O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://webalbum.foto.com/ImageUploader5.cab
    O16 - DPF: {68C1822F-F5C7-4404-A73F-03C10E0E94DA} (telechargement-photoweb) - http://www3.photoweb.fr/telechargement/Photoweb_uploade...
    O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibli...
    O16 - DPF: {826287F8-454E-11D9-ADFE-00062919A34C} (ActiveXUploadFotoCom.UserCtrlFotoCom) - http://fotobook.foto.com/activeX/newUploadFotoCom.CAB
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/hardwaredetection.cab
    O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.5 Combo Control) - http://www.pixdiscount.fr/clients/ImageUploader3.cab
    O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.netprint.com/view/uploader/ImageUploader3.ca...
    O16 - DPF: {B9907873-6560-4A36-B76B-9DADE84A7F55} (FnacmusicDnl.DnlManager) - http://www.fnacmusic.com/telechargementFnacmusic/Fnacmu...
    O16 - DPF: {BA162249-F2C5-4851-8ADC-FC58CB424243} (Image Uploader Control) - http://copainsdavant.linternaute.com/html_include_bibli...
    O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/virtools.downloa...
    O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - http://www.photoways.com/clients/uploader_v2.2.0.6.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {FB90BA05-66E6-4C56-BCD3-D65B0F7EBA39} (Foto.com SpeedUploader 1.0 Control) - http://webalbum.foto.com/SFUploader/SpeedUploader.cab
    O23 - Service: CanalPlus.VOD - Canal+ Active - C:\Program Files\Canal\Canal Widget\VOD\CanalPlus.VOD.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2008\vsserv.exe
    O23 - Service: BitDefender Communicator (XCOMM) - BitDefender - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe

    --
    End of file - 6775 bytes
    a b 8 Sécurité
    23 Octobre 2008 10:50:37

    Encore des soucis ?
    23 Octobre 2008 17:58:14

    Pour l'instant ça a l'air nickel , je te remercie beaucoup pour le temps que tu m'as consacré , un novice comme moi aurait trainé ce truc un long moment.
    a b 8 Sécurité
    23 Octobre 2008 18:40:19

    Bon surf.
    3 Novembre 2008 21:21:44

    Bonjour a tous !

    moi aussi j'ai le meme probleme pour l'icone de la croit blanche sur fond rouge et j'ammerai savoir comment vraiment régler le probleme. j'ai fait un scan avec Hijackthis et voici mon rapport :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:18:07, on 03/11/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\WINDOWS\System32\GEARSec.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\Tablet.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Search Settings\SearchSettings.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\brastk.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    C:\Program Files\RocketDock\RocketDock.exe
    C:\Documents and Settings\VALENTIN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe
    C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe
    C:\Palm\HOTSYNC.EXE
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\WINDOWS\system32\Wtablet\TabUserW.exe
    C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE
    C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe
    C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\RamBoost XP\rambxpfr.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashQuick.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\VALENTIN\Bureau\HiJackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb127\SearchSettings.dll
    O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - C:\Program Files\Dealio\kb127\Dealio.dll (file missing)
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe
    O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [au] C:\Program Files\Dealio\DealioAU.exe
    O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [brastk] C:\WINDOWS\system32\brastk.exe
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
    O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\VALENTIN\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [SRS Audio Sandbox] "C:\Program Files\SRS Labs\Audio Sandbox\SRSSSC.exe" /hideme
    O4 - HKCU\..\Run: [SVCHOST.EXE] C:\WINDOWS\system32\drivers\svchost.exe
    O4 - HKCU\..\Run: [brastk] C:\WINDOWS\system32\brastk.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: UberIcon.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\UberIcon\UberIcon Manager.exe
    O4 - Startup: Y'z Toolbar.lnk = C:\WINDOWS\BricoPacks\Crystal Clear\YzToolbar\YzToolBar.exe
    O4 - Global Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: RocketDock.lnk = C:\Program Files\RocketDock\RocketDock.exe
    O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\Wtablet\TabUserW.exe
    O4 - Global Startup: Wallpaper.lnk = C:\Program Files\Wallpaper\Wallpaper.exe
    O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\VALENTIN\Application Data\Dealio\kb127\res\DealioSearch.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
    O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll (file missing)
    O9 - Extra 'Tools' menuitem: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - C:\Program Files\Dealio\kb127\Dealio.dll (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logitech\Bluetooth\LBTServ.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Fichiers communs\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
    O23 - Service: V2i Protector - PowerQuest Corporation - C:\Program Files\PowerQuest\Drive Image 7.0\Agent\PQV2iSvc.exe

    --
    End of file - 10363 bytes












    Qu'est ce que cela veut dire ? est ce bon ?
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS