Se connecter / S'enregistrer
Votre question

[Résolu]Petit virus, génant ...

Tags :
  • Sécurité
Dernière réponse : dans Sécurité et virus
6 Avril 2008 13:01:46

Bonjour, et tout dabord merci de ce site et des personnes qui contribuent à son évolution, cela va faire 2 fois que je vien, et je n'est jamais était déçu, bref voila mon problème:

Depuis quelque temps, cela va faire 2-3 jours, quand j'allume mon PC, j'ai une toute petite fenetre qui s'ouvre, et il est marqué dessus "Opactiums Bot - You'..." je ne peux pas supprimé cette fenêtre, ni la réduire, mais juste l'agrandissant en cliquant deux fois dessu, ce qui me met une grande page blanche ou je peux voir marqué tout en haut "Opactiums Bot - You'r infected" c'est trés génant car sa revient tout le temps.

Deuxieme petit problème, apparut en même temps, quand j'allume mon pc, non seulement j'ai le virus "Opactiums Bot" qui se lance, mais j'ai aussi le dossier "Mes documents" qui s'ouvre tout seul, avec l'option "Dossiers" activé.

Voila si quelque pourrait me donné un petit coup de pouce, sa serait gentil.

Autres pages sur : resolu petit virus genant

a b 8 Sécurité
6 Avril 2008 13:41:46

Bonjour,

2 fois déjà. Il faudrait faire attention...

Télécharge puis installe Hijackthis (Trend Micro).
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
6 Avril 2008 14:25:01

Merci voila le rapport:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:24:45, on 06/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\SoftwareProtection\systemvital.exe
C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\rsvp.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\PROGRA~1\WINDOW~4\MESSEN~1\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3sp.exe
C:\Documents and Settings\sesta\Bureau\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
O4 - HKLM\..\Run: [BullGuard] "C:\Program Files\BullGuard Software\BullGuard\bullguard.exe" -boot
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Activision Updater] C:\WINDOWS\system32\CoD4 Keygen.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [system34] C:\WINDOWS\SoftwareProtection\systemvital.exe
O4 - HKCU\..\Run: [Activision Updater] C:\WINDOWS\system32\CoD4 Keygen.exe
O4 - HKCU\..\RunServices: [Activision Updater] C:\WINDOWS\system32\CoD4 Keygen.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-3815621044-878468310-594419632-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'IUSR_NMPR')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.medion.fr
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall....
O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/odc.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://grandmonaco.microgaming.com/french/FlashAX.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1BE3CA3B-A6E9-4361-808E-C94C4B352A4C}: NameServer = 194.117.200.10,194.117.200.15
O17 - HKLM\System\CCS\Services\Tcpip\..\{B63762E9-7B7B-4116-B8DC-AF2C51C765EF}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{1BE3CA3B-A6E9-4361-808E-C94C4B352A4C}: NameServer = 194.117.200.10,194.117.200.15
O23 - Service: Intel(R) Alert Service (AlertService) - Intel Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Serveur Média Intel(R) Viiv(TM) (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

--
End of file - 12198 bytes
Contenus similaires
a b 8 Sécurité
6 Avril 2008 14:29:42

Re,

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM
    6 Avril 2008 15:03:11

    Voila le rapport : Jai modifié le log, je met le bon, la ou j'ai supprimé les virus je m'etais trompé de log


    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 12
    Valeur(s) du Registre infectée(s): 1
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CLASSES_ROOT\AppID\{127df9b4-d75d-44a6-af78-8c3a8ceb03db} (Adware.WhenUSave) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\acm.acmfactory (Adware.WhenUSave) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\acm.acmfactory.1 (Adware.WhenUSave) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{a9aae1ab-9688-42c5-86f5-c12f6b9015ad} (Adware.WhenUSave) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{43382522-a846-46f4-ac57-1f71ae6e1086} (Adware.WhenUSave) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{572fb162-c0ba-4edf-8cff-e3846153b9b0} (Adware.WhenUSave) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Interface\{72a836d1-bc00-43c0-a941-17960e4fb842} (Adware.WhenUSave) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\Typelib\{df901432-1b9f-4f5b-9e56-301c553f9095} (Adware.WhenUSave) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\WhenUSave (Adware.WhenUSave) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\AppID\ACM.DLL (Adware.WhenUSave) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{f0993251-2512-4710-af6e-0a13ea199d02} (Trojan.Zlob) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    6 Avril 2008 15:41:06

    Le virus Opactiums Bot, et l'ouverture du dossier "Mes documents" au démarrage sont toujours présents :sweat: 
    a b 8 Sécurité
    6 Avril 2008 15:44:15

    Tu as bien supprimé les infections ?
    6 Avril 2008 16:32:44

    Je ne peux rien faire d'autre ?
    a b 8 Sécurité
    6 Avril 2008 16:59:54

    Reposte un rapport Hijackthis.
    6 Avril 2008 17:03:57

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:03:39, on 06/04/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\brsvc01a.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\brss01a.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
    C:\Program Files\Microsoft IntelliType Pro\itype.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files\BroadJump\Client Foundation\CFD.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
    C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
    C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\system32\rsvp.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\iTunes\iTunes.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\distnoted.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\eMule\emule.exe
    C:\Documents and Settings\sesta\Bureau\HiJackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
    O4 - HKLM\..\Run: [BullGuard] "C:\Program Files\BullGuard Software\BullGuard\bullguard.exe" -boot
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
    O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [Activision Updater] C:\WINDOWS\system32\CoD4 Keygen.exe
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
    O4 - HKCU\..\Run: [system34] C:\WINDOWS\SoftwareProtection\systemvital.exe
    O4 - HKCU\..\Run: [Activision Updater] C:\WINDOWS\system32\CoD4 Keygen.exe
    O4 - HKCU\..\RunServices: [Activision Updater] C:\WINDOWS\system32\CoD4 Keygen.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-21-3815621044-878468310-594419632-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'IUSR_NMPR')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.medion.fr
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall....
    O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/odc.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://grandmonaco.microgaming.com/french/FlashAX.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{1BE3CA3B-A6E9-4361-808E-C94C4B352A4C}: NameServer = 194.117.200.10,194.117.200.15
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B63762E9-7B7B-4116-B8DC-AF2C51C765EF}: NameServer = 192.168.1.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{1BE3CA3B-A6E9-4361-808E-C94C4B352A4C}: NameServer = 194.117.200.10,194.117.200.15
    O23 - Service: Intel(R) Alert Service (AlertService) - Intel Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
    O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: Serveur Média Intel(R) Viiv(TM) (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
    O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --
    End of file - 11500 bytes
    a b 8 Sécurité
    6 Avril 2008 17:09:05

    Re,

    [#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

  • Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur combofix.exe afin de le lancer.
  • Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
    6 Avril 2008 17:15:26

    ComboFix 08-04-04.1 - sesta 2008-04-06 17:10:41.6 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.2317 [GMT 2:00]
    Endroit: C:\Documents and Settings\sesta\Bureau\ComboFix.exe
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    ((((((((((((((((((((((((((((( Fichiers créés 2008-03-06 to 2008-04-06 ))))))))))))))))))))))))))))))))))))
    .

    2008-04-06 15:37 . 2008-04-06 15:37 <REP> d-------- C:\Program Files\iPod
    2008-04-06 15:13 . 2008-04-06 15:13 50 --a------ C:\WINDOWS\MegaManager.INI
    2008-04-06 14:35 . 2008-04-06 14:35 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-04-06 14:35 . 2008-04-06 14:35 <REP> d-------- C:\Documents and Settings\sesta\Application Data\Malwarebytes
    2008-04-06 14:35 . 2008-04-06 14:35 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-04-04 19:00 . 2008-03-28 23:19 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
    2008-04-04 19:00 . 2008-03-26 08:50 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
    2008-04-04 18:50 . 2008-04-04 18:50 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ATI
    2008-04-04 18:50 . 2008-04-04 18:50 0 --a------ C:\WINDOWS\ativpsrm.bin
    2008-04-04 18:43 . 2008-02-25 21:05 593,920 --------- C:\WINDOWS\system32\ati2sgag.exe
    2008-04-03 22:57 . 2007-12-18 22:41 908,031 --a------ C:\WINDOWS\system32\CoD4 Keygen.exe
    2008-04-03 22:57 . 2008-04-03 22:57 246 --a------ C:\WINDOWS\system32\run.bat
    2008-04-03 21:50 . 2008-04-05 12:57 <REP> d-------- C:\WINDOWS\SoftwareProtection
    2008-04-03 17:53 . 2008-04-06 16:53 <REP> d-------- C:\Program Files\Activision
    2008-04-02 14:48 . 2008-04-03 18:01 319 --a------ C:\WINDOWS\game.ini
    2008-04-02 11:11 . 2008-04-04 17:52 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe
    2008-04-02 11:11 . 2008-04-04 17:52 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
    2008-04-02 11:11 . 2008-04-03 18:02 22,328 --a------ C:\Documents and Settings\sesta\Application Data\PnkBstrK.sys
    2008-04-02 11:10 . 2008-04-03 19:36 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
    2008-04-01 23:01 . 2008-04-01 23:01 <REP> d-------- C:\Logs
    2008-03-28 23:37 . 2008-03-28 23:37 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
    2008-03-28 23:37 . 2008-03-28 23:37 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts
    2008-03-27 20:18 . 1998-06-18 01:00 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
    2008-03-27 20:18 . 2000-03-17 09:21 69,632 --a------ C:\WINDOWS\system32\xmltok.dll
    2008-03-27 20:18 . 2000-03-17 09:21 36,864 --a------ C:\WINDOWS\system32\xmlparse.dll
    2008-03-27 20:18 . 2002-04-24 13:43 35,840 --a------ C:\WINDOWS\system32\comdlg32.oca
    2008-03-27 20:18 . 2002-04-09 18:23 29,184 --a------ C:\WINDOWS\system32\MSINET.oca
    2008-03-27 20:18 . 2002-10-17 11:35 26,096 --a------ C:\WINDOWS\system32\xmlinst.exe
    2008-03-27 20:18 . 2002-01-07 17:30 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
    2008-03-27 20:15 . 2003-03-02 18:44 7,552 --a------ C:\WINDOWS\system32\drivers\enodpl.sys
    2008-03-27 20:15 . 2003-04-19 01:32 4,736 --a------ C:\WINDOWS\system32\drivers\tandpl.sys
    2008-03-15 00:58 . 2008-03-15 00:58 118 --a------ C:\WINDOWS\system32\MRT.INI

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-04-06 15:04 --------- d-----w C:\Program Files\eMule
    2008-04-06 13:37 --------- d-----w C:\Program Files\iTunes
    2008-04-06 13:36 --------- d-----w C:\Program Files\QuickTime
    2008-04-06 13:31 --------- d-----w C:\Program Files\Warcraft III
    2008-04-06 13:13 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-04-06 13:12 --------- d-----w C:\Program Files\Windows Live
    2008-04-04 17:16 3,904 ----a-w C:\WINDOWS\system32\tmp.reg
    2008-04-04 16:50 --------- d-----w C:\Documents and Settings\sesta\Application Data\ATI
    2008-04-04 16:46 --------- d-----w C:\Program Files\ATI Technologies
    2008-04-04 16:45 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\ATI
    2008-04-01 21:01 --------- d-----w C:\Program Files\World of Warcraft
    2008-03-31 20:21 --------- d-----w C:\Program Files\Steam
    2008-03-04 15:49 --------- d-----w C:\Program Files\Dofus
    2008-03-01 16:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-02-26 05:51 2,863,616 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
    2008-02-26 03:12 372,736 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
    2008-02-26 03:10 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
    2008-02-26 03:10 299,520 ----a-w C:\WINDOWS\system32\ati2dvag.dll
    2008-02-26 03:02 172,032 ----a-w C:\WINDOWS\system32\atipdlxx.dll
    2008-02-26 03:02 126,976 ----a-w C:\WINDOWS\system32\Oemdspif.dll
    2008-02-26 03:01 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
    2008-02-26 03:01 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
    2008-02-26 03:01 126,976 ----a-w C:\WINDOWS\system32\ati2evxx.dll
    2008-02-26 03:00 520,192 ----a-w C:\WINDOWS\system32\ati2evxx.exe
    2008-02-26 02:59 9,797,632 ----a-w C:\WINDOWS\system32\atioglx2.dll
    2008-02-26 02:58 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
    2008-02-26 02:49 3,176,480 ----a-w C:\WINDOWS\system32\ati3duag.dll
    2008-02-26 02:41 1,755,264 ----a-w C:\WINDOWS\system32\ativvaxx.dll
    2008-02-26 02:29 46,080 ----a-w C:\WINDOWS\system32\amdpcom32.dll
    2008-02-26 02:25 393,216 ----a-w C:\WINDOWS\system32\atikvmag.dll
    2008-02-26 02:23 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
    2008-02-26 02:22 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
    2008-02-26 02:21 5,439,488 ----a-w C:\WINDOWS\system32\atioglxx.dll
    2008-02-26 02:19 167,936 ----a-w C:\WINDOWS\system32\atiok3x2.dll
    2008-02-26 02:16 520,192 ----a-w C:\WINDOWS\system32\ati2cqag.dll
    2008-02-20 17:44 --------- d-----w C:\Program Files\Microsoft Games
    2008-02-13 13:21 --------- d-----w C:\Program Files\Image Convert 1.0
    2008-02-11 23:32 98,304 ----a-w C:\WINDOWS\system32CmdLineExt.dll
    2008-02-11 14:57 --------- d-----w C:\Documents and Settings\sesta\Application Data\Megaupload
    2008-02-11 00:31 --------- d-----w C:\Program Files\MSBuild
    2008-02-11 00:28 --------- d-----w C:\Program Files\Reference Assemblies
    2008-02-10 12:00 6,766 ----a-w C:\Documents and Settings\sesta\Application Data\wklnhst.dat
    2008-01-29 10:02 107,368 ----a-w C:\WINDOWS\system32\GEARAspi.dll
    2008-01-20 22:03 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
    2008-01-18 20:56 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll
    2006-12-30 12:37 251 ----a-w C:\Program Files\wt3d.ini
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-24 14:00 15360]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 10:59 204288]
    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
    "BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" [ ]
    "system34"="C:\WINDOWS\SoftwareProtection\systemvital.exe" [2008-04-03 21:50 624608]
    "Activision Updater"="C:\WINDOWS\system32\CoD4 Keygen.exe" [2007-12-18 22:41 908031]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
    "Activision Updater"="C:\WINDOWS\system32\CoD4 Keygen.exe" [2007-12-18 22:41 908031]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-09-29 14:01 67584]
    "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-07-06 07:15 151552]
    "RTHDCPL"="RTHDCPL.EXE" [2006-05-18 14:27 16207872 C:\WINDOWS\RTHDCPL.exe]
    "SkyTel"="SkyTel.EXE" [2006-05-16 18:04 2879488 C:\WINDOWS\SkyTel.exe]
    "CCUTRAYICON"="C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe" [2006-07-10 21:48 303104]
    "BullGuard"="C:\Program Files\BullGuard Software\BullGuard\bullguard.exe" [ ]
    "NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]
    "itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" [2006-07-08 01:14 576320]
    "IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2006-07-08 01:15 600896]
    "BJCFD"="C:\Program Files\BroadJump\Client Foundation\CFD.exe" [2003-01-27 18:16 376912]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 04:06 40048]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-12-18 22:48 249896]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-12 00:12 49152]
    "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [ ]
    "Activision Updater"="C:\WINDOWS\system32\CoD4 Keygen.exe" [2007-12-18 22:41 908031]
    "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 12:17 61440]
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-24 14:00 15360]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-12 00:23:26 282624]
    NETGEAR WG111v2 Smart Wizard.lnk - C:\Program Files\NETGEAR\WG111v2\WG111v2.exe [2006-05-17 17:05:52 2297856]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "msacm.l3acm"= L3CODECA.ACM
    "MSVideo8"= VfWWDM32.dll
    "msacm.lhacm"= lhacm.acm

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "FirewallOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
    "C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\WINDOWS\\system32\\PnkBstrA.exe"=
    "C:\\WINDOWS\\system32\\PnkBstrB.exe"=
    "C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=

    R3 3xHybrid;Philips SAA713x PCI Card;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-04-28 16:34]
    R3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;C:\WINDOWS\system32\DRIVERS\wg111v2.sys [2006-03-27 18:53]
    R3 X10Hid;X10 Hid Device;C:\WINDOWS\system32\Drivers\x10hid.sys [2005-11-28 10:45]
    S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" [2007-01-17 17:55]
    S3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys [2004-10-15 13:50]
    S3 se44bus;Sony Ericsson Device 068 driver (WDM);C:\WINDOWS\system32\DRIVERS\se44bus.sys [2006-11-30 14:58]
    S3 se44mdfl;Sony Ericsson Device 068 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se44mdfl.sys [2006-11-30 14:58]
    S3 se44mdm;Sony Ericsson Device 068 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se44mdm.sys [2006-11-30 14:58]
    S3 se44mgmt;Sony Ericsson Device 068 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se44mgmt.sys [2006-11-30 14:58]
    S3 se44nd5;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (NDIS);C:\WINDOWS\system32\DRIVERS\se44nd5.sys [2006-11-30 14:58]
    S3 se44obex;Sony Ericsson Device 068 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se44obex.sys [2006-11-30 14:58]
    S3 se44unic;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (WDM);C:\WINDOWS\system32\DRIVERS\se44unic.sys [2006-11-30 14:58]

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2007-12-10 21:24:32 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-06 17:13:45
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-04-06 17:14:32
    ComboFix-quarantined-files.txt 2008-04-06 15:14:04
    Pre-Run: 177,155,366,912 octets libres
    Post-Run: 177,139,671,040 octets libres
    .
    2008-03-20 17:06:19 --- E O F ---
    6 Avril 2008 17:17:19

    C'est bizard car, aprés que le scan est finit, l'explorer c'est enlevé et c'est remis, je suppose que c'est normal, et juste aprés j'ai toujours "mes documents" qui s'ouvre seul
    a b 8 Sécurité
    6 Avril 2008 17:24:27

    Si tu évitais les cracks...

    [#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    File::
    C:\WINDOWS\system32\CoD4 Keygen.exe

    Registry::
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Activision Updater"=-


    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


    Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
    [#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
    6 Avril 2008 17:30:32

    ComboFix 08-04-04.1 - sesta 2008-04-06 17:28:11.7 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.2327 [GMT 2:00]
    Endroit: C:\Documents and Settings\sesta\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\sesta\Bureau\CFScript.txt
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

    FILE ::
    C:\WINDOWS\system32\CoD4 Keygen.exe
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\system32\CoD4 Keygen.exe

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-03-06 to 2008-04-06 ))))))))))))))))))))))))))))))))))))
    .

    2008-04-06 15:37 . 2008-04-06 15:37 <REP> d-------- C:\Program Files\iPod
    2008-04-06 15:13 . 2008-04-06 15:13 50 --a------ C:\WINDOWS\MegaManager.INI
    2008-04-06 14:35 . 2008-04-06 14:35 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-04-06 14:35 . 2008-04-06 14:35 <REP> d-------- C:\Documents and Settings\sesta\Application Data\Malwarebytes
    2008-04-06 14:35 . 2008-04-06 14:35 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-04-04 19:00 . 2008-03-28 23:19 86,528 --a------ C:\WINDOWS\system32\VACFix.exe
    2008-04-04 19:00 . 2008-03-26 08:50 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
    2008-04-04 18:50 . 2008-04-04 18:50 <REP> d-------- C:\Documents and Settings\All Users\Application Data\ATI
    2008-04-04 18:50 . 2008-04-04 18:50 0 --a------ C:\WINDOWS\ativpsrm.bin
    2008-04-04 18:43 . 2008-02-25 21:05 593,920 --------- C:\WINDOWS\system32\ati2sgag.exe
    2008-04-03 22:57 . 2008-04-03 22:57 246 --a------ C:\WINDOWS\system32\run.bat
    2008-04-03 21:50 . 2008-04-05 12:57 <REP> d-------- C:\WINDOWS\SoftwareProtection
    2008-04-03 17:53 . 2008-04-06 16:53 <REP> d-------- C:\Program Files\Activision
    2008-04-02 14:48 . 2008-04-03 18:01 319 --a------ C:\WINDOWS\game.ini
    2008-04-02 11:11 . 2008-04-04 17:52 103,736 --a------ C:\WINDOWS\system32\PnkBstrB.exe
    2008-04-02 11:11 . 2008-04-04 17:52 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
    2008-04-02 11:11 . 2008-04-03 18:02 22,328 --a------ C:\Documents and Settings\sesta\Application Data\PnkBstrK.sys
    2008-04-02 11:10 . 2008-04-03 19:36 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
    2008-04-01 23:01 . 2008-04-01 23:01 <REP> d-------- C:\Logs
    2008-03-28 23:37 . 2008-03-28 23:37 90,112 --a------ C:\WINDOWS\system32\QuickTimeVR.qtx
    2008-03-28 23:37 . 2008-03-28 23:37 57,344 --a------ C:\WINDOWS\system32\QuickTime.qts
    2008-03-27 20:18 . 1998-06-18 01:00 89,360 --a------ C:\WINDOWS\system32\VB5DB.DLL
    2008-03-27 20:18 . 2000-03-17 09:21 69,632 --a------ C:\WINDOWS\system32\xmltok.dll
    2008-03-27 20:18 . 2000-03-17 09:21 36,864 --a------ C:\WINDOWS\system32\xmlparse.dll
    2008-03-27 20:18 . 2002-04-24 13:43 35,840 --a------ C:\WINDOWS\system32\comdlg32.oca
    2008-03-27 20:18 . 2002-04-09 18:23 29,184 --a------ C:\WINDOWS\system32\MSINET.oca
    2008-03-27 20:18 . 2002-10-17 11:35 26,096 --a------ C:\WINDOWS\system32\xmlinst.exe
    2008-03-27 20:18 . 2002-01-07 17:30 24,576 --a------ C:\WINDOWS\system32\msxml3a.dll
    2008-03-27 20:15 . 2003-03-02 18:44 7,552 --a------ C:\WINDOWS\system32\drivers\enodpl.sys
    2008-03-27 20:15 . 2003-04-19 01:32 4,736 --a------ C:\WINDOWS\system32\drivers\tandpl.sys
    2008-03-15 00:58 . 2008-03-15 00:58 118 --a------ C:\WINDOWS\system32\MRT.INI

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-04-06 15:18 --------- d-----w C:\Program Files\eMule
    2008-04-06 13:37 --------- d-----w C:\Program Files\iTunes
    2008-04-06 13:36 --------- d-----w C:\Program Files\QuickTime
    2008-04-06 13:31 --------- d-----w C:\Program Files\Warcraft III
    2008-04-06 13:13 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-04-06 13:12 --------- d-----w C:\Program Files\Windows Live
    2008-04-04 17:16 3,904 ----a-w C:\WINDOWS\system32\tmp.reg
    2008-04-04 16:50 --------- d-----w C:\Documents and Settings\sesta\Application Data\ATI
    2008-04-04 16:46 --------- d-----w C:\Program Files\ATI Technologies
    2008-04-04 16:45 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\ATI
    2008-04-01 21:01 --------- d-----w C:\Program Files\World of Warcraft
    2008-03-31 20:21 --------- d-----w C:\Program Files\Steam
    2008-03-04 15:49 --------- d-----w C:\Program Files\Dofus
    2008-03-01 16:52 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-02-26 05:51 2,863,616 ----a-w C:\WINDOWS\system32\drivers\ati2mtag.sys
    2008-02-26 03:12 372,736 ----a-w C:\WINDOWS\system32\ATIDEMGX.dll
    2008-02-26 03:10 307,200 ----a-w C:\WINDOWS\system32\atiiiexx.dll
    2008-02-26 03:10 299,520 ----a-w C:\WINDOWS\system32\ati2dvag.dll
    2008-02-26 03:02 172,032 ----a-w C:\WINDOWS\system32\atipdlxx.dll
    2008-02-26 03:02 126,976 ----a-w C:\WINDOWS\system32\Oemdspif.dll
    2008-02-26 03:01 43,520 ----a-w C:\WINDOWS\system32\ati2edxx.dll
    2008-02-26 03:01 26,112 ----a-w C:\WINDOWS\system32\Ati2mdxx.exe
    2008-02-26 03:01 126,976 ----a-w C:\WINDOWS\system32\ati2evxx.dll
    2008-02-26 03:00 520,192 ----a-w C:\WINDOWS\system32\ati2evxx.exe
    2008-02-26 02:59 9,797,632 ----a-w C:\WINDOWS\system32\atioglx2.dll
    2008-02-26 02:58 53,248 ----a-w C:\WINDOWS\system32\ATIDDC.DLL
    2008-02-26 02:49 3,176,480 ----a-w C:\WINDOWS\system32\ati3duag.dll
    2008-02-26 02:41 1,755,264 ----a-w C:\WINDOWS\system32\ativvaxx.dll
    2008-02-26 02:29 46,080 ----a-w C:\WINDOWS\system32\amdpcom32.dll
    2008-02-26 02:25 393,216 ----a-w C:\WINDOWS\system32\atikvmag.dll
    2008-02-26 02:23 17,408 ----a-w C:\WINDOWS\system32\atitvo32.dll
    2008-02-26 02:22 49,152 ----a-w C:\WINDOWS\system32\drivers\ati2erec.dll
    2008-02-26 02:21 5,439,488 ----a-w C:\WINDOWS\system32\atioglxx.dll
    2008-02-26 02:19 167,936 ----a-w C:\WINDOWS\system32\atiok3x2.dll
    2008-02-26 02:16 520,192 ----a-w C:\WINDOWS\system32\ati2cqag.dll
    2008-02-20 17:44 --------- d-----w C:\Program Files\Microsoft Games
    2008-02-13 13:21 --------- d-----w C:\Program Files\Image Convert 1.0
    2008-02-11 23:32 98,304 ----a-w C:\WINDOWS\system32CmdLineExt.dll
    2008-02-11 14:57 --------- d-----w C:\Documents and Settings\sesta\Application Data\Megaupload
    2008-02-11 00:31 --------- d-----w C:\Program Files\MSBuild
    2008-02-11 00:28 --------- d-----w C:\Program Files\Reference Assemblies
    2008-02-10 12:00 6,766 ----a-w C:\Documents and Settings\sesta\Application Data\wklnhst.dat
    2008-01-29 10:02 107,368 ----a-w C:\WINDOWS\system32\GEARAspi.dll
    2008-01-20 22:03 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
    2008-01-18 20:56 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll
    2006-12-30 12:37 251 ----a-w C:\Program Files\wt3d.ini
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-24 14:00 15360]
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-03 10:59 204288]
    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 18:24 1694208]
    "BitTorrent"="C:\Program Files\BitTorrent\bittorrent.exe" [ ]
    "system34"="C:\WINDOWS\SoftwareProtection\systemvital.exe" [2008-04-03 21:50 624608]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
    "Activision Updater"="C:\WINDOWS\system32\CoD4 Keygen.exe" [ ]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-09-29 14:01 67584]
    "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2006-07-06 07:15 151552]
    "RTHDCPL"="RTHDCPL.EXE" [2006-05-18 14:27 16207872 C:\WINDOWS\RTHDCPL.exe]
    "SkyTel"="SkyTel.EXE" [2006-05-16 18:04 2879488 C:\WINDOWS\SkyTel.exe]
    "CCUTRAYICON"="C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe" [2006-07-10 21:48 303104]
    "BullGuard"="C:\Program Files\BullGuard Software\BullGuard\bullguard.exe" [ ]
    "NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2006-01-12 16:40 155648]
    "itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" [2006-07-08 01:14 576320]
    "IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2006-07-08 01:15 600896]
    "BJCFD"="C:\Program Files\BroadJump\Client Foundation\CFD.exe" [2003-01-27 18:16 376912]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 04:06 40048]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-12-18 22:48 249896]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-12 00:12 49152]
    "DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [ ]
    "Activision Updater"="C:\WINDOWS\system32\CoD4 Keygen.exe" [ ]
    "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 12:17 61440]
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-03-28 23:37 413696]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-24 14:00 15360]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-12 00:23:26 282624]
    NETGEAR WG111v2 Smart Wizard.lnk - C:\Program Files\NETGEAR\WG111v2\WG111v2.exe [2006-05-17 17:05:52 2297856]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "msacm.l3acm"= L3CODECA.ACM
    "MSVideo8"= VfWWDM32.dll
    "msacm.lhacm"= lhacm.acm

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "FirewallOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
    "C:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\WINDOWS\\system32\\PnkBstrA.exe"=
    "C:\\WINDOWS\\system32\\PnkBstrB.exe"=
    "C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=

    R3 3xHybrid;Philips SAA713x PCI Card;C:\WINDOWS\system32\DRIVERS\3xHybrid.sys [2006-04-28 16:34]
    R3 RTLWUSB;NETGEAR WG111v2 54Mbps Wireless USB 2.0 Adapter NT Driver;C:\WINDOWS\system32\DRIVERS\wg111v2.sys [2006-03-27 18:53]
    R3 X10Hid;X10 Hid Device;C:\WINDOWS\system32\Drivers\x10hid.sys [2005-11-28 10:45]
    S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" [2007-01-17 17:55]
    S3 BrScnUsb;Brother USB Still Image driver;C:\WINDOWS\system32\Drivers\BrScnUsb.sys [2004-10-15 13:50]
    S3 se44bus;Sony Ericsson Device 068 driver (WDM);C:\WINDOWS\system32\DRIVERS\se44bus.sys [2006-11-30 14:58]
    S3 se44mdfl;Sony Ericsson Device 068 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se44mdfl.sys [2006-11-30 14:58]
    S3 se44mdm;Sony Ericsson Device 068 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se44mdm.sys [2006-11-30 14:58]
    S3 se44mgmt;Sony Ericsson Device 068 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se44mgmt.sys [2006-11-30 14:58]
    S3 se44nd5;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (NDIS);C:\WINDOWS\system32\DRIVERS\se44nd5.sys [2006-11-30 14:58]
    S3 se44obex;Sony Ericsson Device 068 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se44obex.sys [2006-11-30 14:58]
    S3 se44unic;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (WDM);C:\WINDOWS\system32\DRIVERS\se44unic.sys [2006-11-30 14:58]

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2007-12-10 21:24:32 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-06 17:28:48
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-04-06 17:29:11
    ComboFix-quarantined-files.txt 2008-04-06 15:28:57
    ComboFix2.txt 2008-04-06 15:14:33
    Pre-Run: 177,234,657,280 octets libres
    Post-Run: 177,218,564,096 octets libres
    .
    2008-03-20 17:06:19 --- E O F ---


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:30:17, on 06/04/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\brss01a.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
    C:\Program Files\Microsoft IntelliType Pro\itype.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files\BroadJump\Client Foundation\CFD.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\Program Files\Intel\IntelDH\CCU\CCU_Engine.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
    C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
    C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\system32\rsvp.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\eMule\emule.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Documents and Settings\sesta\Bureau\HiJackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [CCUTRAYICON] C:\Program Files\Intel\IntelDH\CCU\CCU_TrayIcon.exe
    O4 - HKLM\..\Run: [BullGuard] "C:\Program Files\BullGuard Software\BullGuard\bullguard.exe" -boot
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
    O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
    O4 - HKLM\..\Run: [BJCFD] C:\Program Files\BroadJump\Client Foundation\CFD.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [Activision Updater] C:\WINDOWS\system32\CoD4 Keygen.exe
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
    O4 - HKCU\..\Run: [system34] C:\WINDOWS\SoftwareProtection\systemvital.exe
    O4 - HKCU\..\RunServices: [Activision Updater] C:\WINDOWS\system32\CoD4 Keygen.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-21-3815621044-878468310-594419632-1004\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'IUSR_NMPR')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v2\WG111v2.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MI1933~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.medion.fr
    O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://a1540.g.akamai.net/7/1540/52/20070501/qtinstall....
    O16 - DPF: {2ED9BC2B-4DF1-472E-9B5E-55477D2C97F5} (Microsoft Data Collection Control) - https://support.microsoft.com/OAS/ActiveX/odc.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Contro...
    O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://grandmonaco.microgaming.com/french/FlashAX.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{1BE3CA3B-A6E9-4361-808E-C94C4B352A4C}: NameServer = 194.117.200.10,194.117.200.15
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B63762E9-7B7B-4116-B8DC-AF2C51C765EF}: NameServer = 192.168.1.1
    O17 - HKLM\System\CS1\Services\Tcpip\..\{1BE3CA3B-A6E9-4361-808E-C94C4B352A4C}: NameServer = 194.117.200.10,194.117.200.15
    O23 - Service: Intel(R) Alert Service (AlertService) - Intel Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
    O23 - Service: Intel(R) Quick Resume technology (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology Drivers\Elservice.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Intel(R) Software Services Manager (ISSM) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: Serveur Média Intel(R) Viiv(TM) (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe
    O23 - Service: Intel(R) Application Tracker (MCLServiceATL) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Intel(R) Remoting Service (Remote UI Service) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe
    O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

    --
    End of file - 11211 bytes
    6 Avril 2008 17:35:39

    Aprés redémarrage, tout marche nickel, plus de virus ni de dossier qui s'ouvre tout seul :) 
    a b 8 Sécurité
    6 Avril 2008 17:38:39

    Tu as encore des questions ?
    6 Avril 2008 17:41:54

    Heu non, juste si tu as un logiciel (Ccleaner je crois) qui enleve tout se que j'ai mis (hijackthis et combofix), sinon merci beacoup à toi.
    a b 8 Sécurité
    6 Avril 2008 17:43:43

    Tout est indiqué ci-dessous :) 

  • Télécharge ToolsCleaner sur ton Bureau.
  • Clique sur Recherche et laisse le scan se terminer.
  • Clique sur Suppression pour finaliser.
  • Clique sur Quitter, pour que le rapport puisse se créer.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\)

    Désactive puis réactive la restauration du système : Voir aide

    Ajoute maintenant [Résolu] au titre. Pour cela :
    * Clique, dans ton premier message, sur le bouton "Editer"
    * Rajoute la mention [Résolu] au titre
    * Clique ensuite sur "Valider votre message"

    Lis le dossier dossier sur la prévention et la protection pour ne plus avoir ce genre de problème en cliquant sur l'image ci-dessous :

    6 Avril 2008 17:47:49

    voila c'est bon, dis moi une derniere question, je peux gardé Mawlarebytes' Anti-Malware comme logiciel ?
    a b 8 Sécurité
    6 Avril 2008 17:52:59

    Oui ;) 
    6 Avril 2008 17:55:32

    Ok, ben merci beacoup encore une fois, tu fais du bon boulot :love:  et pis ben bon courage pour la suite, aller bye bye :hello: 
    a b 8 Sécurité
    6 Avril 2008 18:02:01

    Bon surf0.
    18 Avril 2008 00:29:50

    Bonjour,
    je viens de trouver votre post sur un sujet qui m.intéresse bien...en effet j'ai le même souci...avec Opactiumsbot...

    Estce que je peux vous mettre la copie de mon rapport Hijackyhis pour savoir quelle manip à faire pour faire disparaitre cette bande grise...
    --
    rapport
    --
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:09:12 AM, on 18/04/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\ibmpmsvc.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\IPSSVC.EXE
    C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
    C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
    C:\Program Files\Symantec AntiVirus\DefWatch.exe
    C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\inetsrv\inetinfo.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Symantec AntiVirus\SavRoam.exe
    c:\program files\lenovo\system update\suservice.exe
    C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe
    C:\WINDOWS\System32\TPHDEXLG.EXE
    C:\WINDOWS\system32\TpKmpSVC.exe
    C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
    C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe
    C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
    C:\WINDOWS\system32\UTSCSI.EXE
    C:\Program Files\RankQuest\WatchRank\bin\scheduler.exe
    C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
    C:\Program Files\Fichiers communs\Lenovo\Logger\logmon.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\ThinkPad\ConnectUtilities\SvcGuiHlpr.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
    C:\WINDOWS\system32\TpShocks.exe
    C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
    C:\Program Files\Analog Devices\Core\smax4pnp.exe
    C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\WINDOWS\system32\winddos.exe
    C:\Program Files\Lenovo\PkgMgr\HOTKEY\TPONSCR.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
    C:\Program Files\Lenovo\PkgMgr\HOTKEY_1\TpScrex.exe
    C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\ThinkVantage\AMSG\Amsg.exe
    C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe
    C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe
    C:\Program Files\Lenovo\Client Security Solution\cssauth.exe
    C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
    C:\PROGRA~1\SYMANT~2\VPTray.exe
    C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Last.fm\LastFMHelper.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.radio-canada.ca/radio/techno/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    F2 - REG:system.ini: Shell=explorer.exe C:\WINDOWS\system32\winddos.exe
    O1 - Hosts: 164.109.86.233 skingenesis.lorealparis.ca
    O1 - Hosts: 207.253.194.35 skingenesis.lorealparis.ml.nurun.com collagen-remodeler.lorealparis.ml.nurun.com barenaturale.lorealparis.ml.nurun.com
    O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 6\SnagItIEAddin.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [PWRMGRTR] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\PWRMGRTR.DLL,PwrMgrBkGndMonitor
    O4 - HKLM\..\Run: [BLOG] rundll32 C:\PROGRA~1\ThinkPad\UTILIT~1\BatLogEx.DLL,StartBattLog
    O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
    O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Program Files\ThinkPad\Utilities\TpKmapAp.exe -helper
    O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
    O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\Lenovo\PkgMgr\HOTKEY\TPHKMGR.exe
    O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
    O4 - HKLM\..\Run: [SoundMAX] C:\Program Files\Analog Devices\SoundMAX\Smax4.exe /tray
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [LPManager] C:\PROGRA~1\THINKV~2\PrdCtr\LPMGR.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [AMSG] C:\Program Files\ThinkVantage\AMSG\Amsg.exe
    O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [AwaySch] C:\Program Files\Lenovo\AwayTask\AwaySch.EXE
    O4 - HKLM\..\Run: [TVT Scheduler Proxy] C:\Program Files\Fichiers communs\Lenovo\Scheduler\scheduler_proxy.exe
    O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
    O4 - HKLM\..\Run: [PDService.exe] "C:\Program Files\Lenovo\SafeGuard PrivateDisk\pdservice.exe"
    O4 - HKLM\..\Run: [cssauth] "C:\Program Files\Lenovo\Client Security Solution\cssauth.exe" silent
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~2\VPTray.exe
    O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [CanalPlayerHelper] C:\Program Files\Lecteur CANALPLAY\CanalPlayerHelper.exe
    O4 - HKLM\..\Run: [WIndows Update] C:\WINDOWS\system32\winddos.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [WIndows Update] C:\WINDOWS\system32\winddos.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\RunServices: [WIndows Update] C:\WINDOWS\system32\winddos.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Last.fm Helper.lnk = C:\Program Files\Last.fm\LastFMHelper.exe
    O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
    O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - C:\Program Files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Open RSS Feed - C:\Program Files\Feed Mix\getlink.htm
    O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O9 - Extra button: (no name) - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
    O9 - Extra 'Tools' menuitem: ThinkVantage Password Manager... - {0045D4BC-5189-4b67-969C-83BB1906C421} - C:\Program Files\Lenovo\Client Security Solution\tvtpwm_ie_com.dll
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler\Fiddler.exe" (file missing)
    O9 - Extra 'Tools' menuitem: Fiddler - {CF819DA3-9882-4944-ADF5-6EF17ECF3C6E} - "C:\Program Files\Fiddler\Fiddler.exe" (file missing)
    O9 - Extra button: System Update - {DA320635-F48C-4613-8325-D75A933C549E} - C:\Program Files\Lenovo\System Update\sulauncher.exe
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://www.lenovo.com/welcome/thinkpad
    O15 - Trusted Zone: *.canalplay.com
    O15 - Trusted Zone: *.canalplusactive.com
    O15 - Trusted Zone: *.canalplay.com (HKLM)
    O15 - Trusted Zone: *.canalplusactive.com (HKLM)
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = nurun.com
    O17 - HKLM\Software\..\Telephony: DomainName = nurun.com
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = nurun.com
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
    O23 - Service: Ac Profile Manager Service (AcPrfMgrSvc) - Unknown owner - C:\Program Files\ThinkPad\ConnectUtilities\AcPrfMgrSvc.exe
    O23 - Service: Access Connections Main Service (AcSvc) - Lenovo - C:\Program Files\ThinkPad\ConnectUtilities\AcSvc.exe
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\ThinkPad\Bluetooth Software\bin\btwdins.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
    O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
    O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: ThinkPad PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Service de base IPS (IPSSVC) - Lenovo Group Limited - C:\WINDOWS\system32\IPSSVC.EXE
    O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
    O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    O23 - Service: System Update (SUService) - - c:\program files\lenovo\system update\suservice.exe
    O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    O23 - Service: ThinkVantage Registry Monitor Service - Unknown owner - C:\Program Files\Fichiers communs\Lenovo\tvt_reg_monitor_svc.exe
    O23 - Service: ThinkPad HDD APS Logging Service (TPHDEXLGSVC) - Lenovo. - C:\WINDOWS\System32\TPHDEXLG.EXE
    O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe
    O23 - Service: TSS Core Service (TSSCoreService) - IBM - C:\Program Files\Lenovo\Client Security Solution\tvttcsd.exe
    O23 - Service: TVT Backup Service - Lenovo Group Limited - C:\Program Files\Lenovo\Rescue and Recovery\rrservice.exe
    O23 - Service: TVT Scheduler - Lenovo Group Limited - C:\Program Files\Fichiers communs\Lenovo\Scheduler\tvtsched.exe
    O23 - Service: tvtnetwk - Unknown owner - C:\Program Files\Lenovo\Rescue and Recovery\ADM\IUService.exe
    O23 - Service: USBest Service Zero (UTSCSI) - USBest - C:\WINDOWS\system32\UTSCSI.EXE
    O23 - Service: WatchRank-Scheduler-Service (WatchRankScheduler) - Unknown owner - C:\Program Files\RankQuest\WatchRank\bin\scheduler.exe

    --
    End of file - 18183 bytes


    Merci de votre aide

    ng
    18 Avril 2008 15:36:32

    Je viens de résoudre mon pb.
    J'ai suivi les étapes dans le post jusqu'à ComboFix.exe, et cela a réglé tous mes soucis.

    merci de cette aide détaillée!!!
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS