Se connecter / S'enregistrer
Votre question

Ordinateur infecté: c'est nuuuuuuuuuuul...

Tags :
  • Fenêtre intempestive
  • Sécurité
Dernière réponse : dans Sécurité et virus
15 Novembre 2007 18:50:19

Bonjour à tous et à toutes!

Voilà mon pitit problème: je fais un jeu, je vais sur internet ou n'importe quoi et j'ai une fenêtre intempestive qui a pour titre "Ads server by rightonads" ou quelque chose comme ça.

De plus, l'ordi commence à ramer et c'est tres ******!!!
Je sais que mon ordinateur est infecté, alors pour vous aider j'ai fait un rapport Hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 18:50:01, on 15/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\Documents and Settings\Mabé\Application Data\tmp3.tmp.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Acer\eRecovery\Monitor.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Acer\Acer eMode Management\AspireService.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\VTTimer.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\Rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Opera\Opera.exe
C:\Documents and Settings\Arnaud\Bureau\Arnaud\Autre\Programmes de maintenance de l'ordinateur\newsscanne.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.icrfast.com/index.php?rvs=hompag
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll (file missing)
O2 - BHO: (no name) - {18B759A9-788A-44E1-A0A3-62F5A4A39785} - C:\WINDOWS\system32\mllmk.dll
O2 - BHO: (no name) - {4B4183B7-13C7-4AC8-B606-A18E74DE41EC} - C:\WINDOWS\system32\mllmk.dll
O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\system32\urqonli.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {89AD4D75-2429-462e-BD4E-443F233F6033} - C:\WINDOWS\system32\tmp3.tmp.dll
O2 - BHO: ads_optimizer - {9C8A568E-4201-478a-8536-526CF371D2E2} - C:\WINDOWS\system32\nsj1A.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: optimizer by rightonadz - {AB71E94E-3DC4-41eb-BBD5-31E82C9FD1D4} - C:\WINDOWS\system32\gzmrotate.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ORAHSSStartup] "C:\Program Files\OrangeHSS\Launcher\Launcher.exe" -appid connectivityapp
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [winsesame_del] C:\Program Files\WinSesame\effaceur.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
O4 - HKLM\..\Run: [320d18a1] rundll32.exe "C:\WINDOWS\rqolll.dll",b
O4 - HKLM\..\Run: [hid_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\gzmrotate.dll" DllVerify
O4 - HKCU\..\Run: [Livecom] "C:\PROGRA~1\LIVECOM\APPLIC~1\CommunicationAgent\CommunicationAgent.exe" -ICom_StartNoSplashScreen
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://manoudev.spaces.msn.com//PhotoUpload/MsnPUpld.ca...
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: urqonli - C:\WINDOWS\SYSTEM32\urqonli.dll
O20 - Winlogon Notify: usrlib - usrlib.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acer Media Server - Unknown owner - C:\Program Files\acer\Acer eConsole\MediaServerService.exe (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
O23 - Service: DomainService - Unknown owner - C:\Documents and Settings\Mabé\Application Data\tmp3.tmp.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe

Autres pages sur : ordinateur infecte nuuuuuuuuuuul

a b 8 Sécurité
15 Novembre 2007 20:13:31

Bonjour,

C'est une infection Vundo.

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
  • Double-clique VundoFix.exe afin de le lancer
  • Clique sur le bouton Scan for Vundo
  • Lorsque le scan est complété, clique sur le bouton Remove Vundo
  • Une invite te demandera si tu veux supprimer les fichiers, clique YES
  • Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
  • Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK
  • Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse
    Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".
    16 Novembre 2007 16:23:25

    Re, voila le rapport Vundofix:


    VundoFix V6.5.7

    Checking Java version...

    Java version is 1.5.0.3
    Old versions of java are exploitable and should be removed.

    Scan started at 11:16:04 09/08/2007

    Listing files found while scanning....

    No infected files were found.


    Beginning removal...

    VundoFix V6.5.7

    Checking Java version...

    Java version is 1.5.0.3
    Old versions of java are exploitable and should be removed.

    Scan started at 13:00:12 06/09/2007

    Listing files found while scanning....

    C:\WINDOWS\system32\tmpE.tmp.dll
    C:\WINDOWS\uutvvw.ini
    C:\WINDOWS\wvvtuu.dll

    Beginning removal...

    Attempting to delete C:\WINDOWS\system32\tmpE.tmp.dll
    C:\WINDOWS\system32\tmpE.tmp.dll Has been deleted!

    Attempting to delete C:\WINDOWS\uutvvw.ini
    C:\WINDOWS\uutvvw.ini Has been deleted!

    Attempting to delete C:\WINDOWS\wvvtuu.dll
    C:\WINDOWS\wvvtuu.dll Has been deleted!

    Performing Repairs to the registry.
    Done!

    Beginning removal...

    Attempting to delete C:\WINDOWS\system32\tmpE.tmp.dll
    C:\WINDOWS\system32\tmpE.tmp.dll Has been deleted!

    Performing Repairs to the registry.
    Done!


    Et le rapport HijackThis:

    Logfile of HijackThis v1.99.1
    Scan saved at 16:23:08, on 16/11/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Unable to get Internet Explorer version!

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
    C:\Documents and Settings\Mabé\Application Data\tmp3.tmp.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\Acer\eRecovery\Monitor.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Acer\Acer eMode Management\AspireService.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\OrangeHSS\Launcher\Launcher.exe
    C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\WINDOWS\System32\Rundll32.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
    C:\Program Files\Opera\Opera.exe
    C:\Documents and Settings\Arnaud\Bureau\Arnaud\Autre\Programmes de maintenance de l'ordinateur\newsscanne.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.icrfast.com/index.php?rvs=hompag
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll (file missing)
    O2 - BHO: (no name) - {4B4183B7-13C7-4AC8-B606-A18E74DE41EC} - C:\WINDOWS\system32\mllmk.dll
    O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\system32\urqonli.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {89AD4D75-2429-462e-BD4E-443F233F6033} - C:\WINDOWS\system32\tmp3.tmp.dll
    O2 - BHO: ads_optimizer - {9C8A568E-4201-478a-8536-526CF371D2E2} - C:\WINDOWS\system32\nsj1A.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: optimizer by rightonadz - {AB71E94E-3DC4-41eb-BBD5-31E82C9FD1D4} - C:\WINDOWS\system32\gzmrotate.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: (no name) - {CA664279-B034-4AFF-BE93-31B2BF14EAF1} - C:\WINDOWS\system32\mllmk.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
    O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [ORAHSSStartup] "C:\Program Files\OrangeHSS\Launcher\Launcher.exe" -appid connectivityapp
    O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
    O4 - HKLM\..\Run: [winsesame_del] C:\Program Files\WinSesame\effaceur.exe
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
    O4 - HKLM\..\Run: [320d18a1] rundll32.exe "C:\WINDOWS\rqolll.dll",b
    O4 - HKLM\..\Run: [hid_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\gzmrotate.dll" DllVerify
    O4 - HKCU\..\Run: [Livecom] "C:\PROGRA~1\LIVECOM\APPLIC~1\CommunicationAgent\CommunicationAgent.exe" -ICom_StartNoSplashScreen
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://manoudev.spaces.msn.com//PhotoUpload/MsnPUpld.ca...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: urqonli - C:\WINDOWS\SYSTEM32\urqonli.dll
    O20 - Winlogon Notify: usrlib - usrlib.dll (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Acer Media Server - Unknown owner - C:\Program Files\acer\Acer eConsole\MediaServerService.exe (file missing)
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
    O23 - Service: DomainService - Unknown owner - C:\Documents and Settings\Mabé\Application Data\tmp3.tmp.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe

    Contenus similaires
    a b 8 Sécurité
    16 Novembre 2007 18:05:16

    Re,

  • Télécharge combofix.exe (par sUBs) sur ton Bureau.
  • Double clique combofix.exe.
  • Tape sur la touche 1 (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

    NOTE : Le rapport se trouve également ici : C:\Combofix.txt
    17 Novembre 2007 13:13:52

    Re,

    La première fois que j'ai lancé Vundofix il ne mas pas demandé d'appuyer sur la touche un ou deux... assez bizarre...

    Il n'Y A PAS DE RAPPORT à C:/ j'ai regardé dans le dossier comboFix et il y a ça:

    ComboFix 07-11-08.1 - Mabé 2007-11-17 12:54:16.3 - FAT32x86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.125 [GMT 1:00]
    Running from: C:\Documents and Settings\Arnaud\Bureau\Arnaud\Autre\Programmes de maintenance de l'ordinateur\ComboFix.exe
    * Created a new restore point
    .

    a b 8 Sécurité
    17 Novembre 2007 13:26:03

    Tu peux recommencer ?
    17 Novembre 2007 18:47:02

    PAs de problème;

    Cette fois encore il ne m'as rien proposé, mais il m'a tout de même donné un rapport:

    ComboFix 07-11-08.1 - Arnaud 2007-11-17 18:33:10.4 - FAT32x86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.65 [GMT 1:00]
    Running from: C:\Documents and Settings\Arnaud\Bureau\Arnaud\Autre\Programmes de maintenance de l'ordinateur\ComboFix.exe
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\Arnaud.\aria.txt
    C:\Documents and Settings\Mab‚\Application Data\tmpBB.tmp.exe
    C:\Documents and Settings\Mab‚\Application Data\tmpF.tmp.exe
    C:\WINDOWS\cookies.ini
    C:\WINDOWS\system32\jkhhi.dll
    C:\WINDOWS\system32\qrutv.bak1
    C:\WINDOWS\system32\qrutv.bak2
    C:\WINDOWS\system32\qrutv.ini
    C:\WINDOWS\system32\vturq.dll
    .
    ---- Previous Run -------
    .
    C:\Documents and Settings\Arnaud\Application Data\tmp24D.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmp297.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmp3.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmp4.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmp42B.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmp46.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmp462.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmp48.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmp4B.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmp4CF.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmp4EC.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmp5.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmp5D.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmp5D4.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmp6.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmp670.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmp732.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmp79.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmp88C.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmp89.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmp8B1.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmp98E.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmpAFA.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmpBDC.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmpC05.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmpC28.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmpC98.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmpD.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmpD2.tmp.exe
    C:\Documents and Settings\Arnaud\Application Data\tmpE.tmp.exe
    C:\Documents and Settings\Bertrand\Application Data\tmp1B.tmp.exe
    C:\Documents and Settings\Bertrand\Application Data\tmp3.tmp.exe
    C:\Documents and Settings\Bertrand\Application Data\tmp4.tmp.exe
    C:\Documents and Settings\Bertrand\Application Data\tmpBF2.tmp.exe
    C:\Documents and Settings\Bertrand\Application Data\tmpBF7.tmp.exe
    C:\Documents and Settings\Bertrand\Application Data\tmpBF8.tmp.exe
    C:\Documents and Settings\Mab‚\Application Data\tmp1.tmp.exe
    C:\Documents and Settings\Mab‚\Application Data\tmp16.tmp.exe
    C:\Documents and Settings\Mab‚\Application Data\tmp1B.tmp.exe
    C:\Documents and Settings\Mab‚\Application Data\tmp1D7.tmp.exe
    C:\Documents and Settings\Mab‚\Application Data\tmp2.tmp.exe
    C:\Documents and Settings\Mab‚\Application Data\tmp22.tmp.exe
    C:\Documents and Settings\Mab‚\Application Data\tmp3.tmp.exe
    C:\Documents and Settings\Mab‚\Application Data\tmp38.tmp.exe
    C:\Documents and Settings\Mab‚\Application Data\tmp4.tmp.exe
    C:\Documents and Settings\Mab‚\Application Data\tmp4D.tmp.exe
    C:\Documents and Settings\Mab‚\Application Data\tmp5.tmp.exe
    C:\Documents and Settings\Mab‚\Application Data\tmp6.tmp.exe
    C:\Documents and Settings\Mab‚\Application Data\tmp6E.tmp.exe
    C:\Documents and Settings\Mab‚\Application Data\tmp6F.tmp.exe
    C:\Documents and Settings\Mab‚\Application Data\tmp7.tmp.exe
    C:\Documents and Settings\Mab‚\Application Data\tmp8.tmp.exe
    C:\Documents and Settings\Mab‚\Application Data\tmp84.tmp.exe
    C:\Documents and Settings\Mab‚\Application Data\tmp87.tmp.exe
    C:\Documents and Settings\Mab‚\Application Data\tmp9.tmp.exe
    C:\Documents and Settings\Mab‚\Application Data\tmpA3.tmp.exe
    C:\Documents and Settings\Mab‚\Application Data\tmpBB.tmp.exe
    C:\Documents and Settings\Mab‚\Application Data\tmpF.tmp.exe
    C:\Documents and Settings\Mab‚\Application Data\tmpF9.tmp.exe
    C:\Documents and Settings\Mabé.\aria.txt
    C:\Documents and Settings\Mabé\Application Data\tmp1.tmp.exe
    C:\Documents and Settings\Mabé\Application Data\tmp16.tmp.exe
    C:\Documents and Settings\Mabé\Application Data\tmp1B.tmp.exe
    C:\Documents and Settings\Mabé\Application Data\tmp1D7.tmp.exe
    C:\Documents and Settings\Mabé\Application Data\tmp2.tmp.exe
    C:\Documents and Settings\Mabé\Application Data\tmp22.tmp.exe
    C:\Documents and Settings\Mabé\Application Data\tmp3.tmp.exe
    C:\Documents and Settings\Mabé\Application Data\tmp38.tmp.exe
    C:\Documents and Settings\Mabé\Application Data\tmp4.tmp.exe
    C:\Documents and Settings\Mabé\Application Data\tmp4D.tmp.exe
    C:\Documents and Settings\Mabé\Application Data\tmp5.tmp.exe
    C:\Documents and Settings\Mabé\Application Data\tmp6.tmp.exe
    C:\Documents and Settings\Mabé\Application Data\tmp6E.tmp.exe
    C:\Documents and Settings\Mabé\Application Data\tmp6F.tmp.exe
    C:\Documents and Settings\Mabé\Application Data\tmp7.tmp.exe
    C:\Documents and Settings\Mabé\Application Data\tmp8.tmp.exe
    C:\Documents and Settings\Mabé\Application Data\tmp84.tmp.exe
    C:\Documents and Settings\Mabé\Application Data\tmp87.tmp.exe
    C:\Documents and Settings\Mabé\Application Data\tmp9.tmp.exe
    C:\Documents and Settings\Mabé\Application Data\tmpA3.tmp.exe
    C:\Documents and Settings\Mabé\Application Data\tmpF9.tmp.exe
    C:\Documents and Settings\Manou\Application Data\tmp10.tmp.exe
    C:\Documents and Settings\Manou\Application Data\tmp13.tmp.exe
    C:\Documents and Settings\Manou\Application Data\tmp16.tmp.exe
    C:\Documents and Settings\Manou\Application Data\tmp162.tmp.exe
    C:\Documents and Settings\Manou\Application Data\tmp2.tmp.exe
    C:\Documents and Settings\Manou\Application Data\tmp3.tmp.exe
    C:\Documents and Settings\Manou\Application Data\tmp4.tmp.exe
    C:\Documents and Settings\Manou\Application Data\tmp5.tmp.exe
    C:\Documents and Settings\Manou\Application Data\tmp7.tmp.exe
    C:\Documents and Settings\Manou\Application Data\tmpB10.tmp.exe
    C:\Documents and Settings\Manou\Application Data\tmpE.tmp.exe
    C:\Documents and Settings\Manou\Bureau\internet.lnk
    C:\Documents and Settings\Manou\Local Settings\Application Data\zbxoyt.dat
    C:\Documents and Settings\Manou\Local Settings\Application Data\zbxoyt.exe
    C:\Documents and Settings\Manou\Local Settings\Application Data\zbxoyt_nav.dat
    C:\Documents and Settings\Manou\Local Settings\Application Data\zbxoyt_navps.dat
    C:\WINDOWS\cookies.ini
    C:\WINDOWS\system32\autorun.ini
    C:\WINDOWS\system32\ilkkj.bak1
    C:\WINDOWS\system32\ilkkj.bak2
    C:\WINDOWS\system32\ilkkj.ini
    C:\WINDOWS\system32\jkkli.dll
    C:\WINDOWS\system32\kmllm.tmp
    C:\WINDOWS\system32\mllmk.dll
    C:\WINDOWS\system32\nvs2.inf
    C:\WINDOWS\system32\opqss.bak1
    C:\WINDOWS\system32\opqss.ini
    C:\WINDOWS\system32\oqtss.bak1
    C:\WINDOWS\system32\oqtss.ini
    C:\WINDOWS\system32\ssqpo.dll
    C:\WINDOWS\system32\sstqo.dll

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

    .
    -------\LEGACY_DOMAINSERVICE
    -------\DomainService




    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-10-17 to 2007-11-17 ))))))))))))))))))))))))))))))))))))
    .

    2007-11-17 09:40 <REP> d-------- C:\Documents and Settings\Bertrand\Application Data\AdobeUM
    2007-11-16 17:04 74,752 --a------ C:\WINDOWS\system32\gzmrotate.dll
    2007-11-16 16:08 <REP> d--hs---- C:\FOUND.092
    2007-11-10 14:30 2,366,380 ---hs---- C:\WINDOWS\llloqr.ini2
    2007-11-07 09:59 <REP> d-------- C:\Team17
    2007-11-04 18:40 <REP> d--hs---- C:\FOUND.091
    2007-11-03 14:39 <REP> d--hs---- C:\FOUND.090
    2007-11-01 19:03 <REP> d-------- C:\Documents and Settings\All Users\Application Data\OrbNetworks
    2007-11-01 19:02 129,784 --------- C:\WINDOWS\system32\pxafs.dll
    2007-11-01 19:02 9,464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
    2007-11-01 19:02 9,336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
    2007-10-31 21:23 339,456 --a------ C:\WINDOWS\system32\urqonli.dll
    2007-10-29 20:03 <REP> d--hs---- C:\FOUND.089
    2007-10-28 21:10 <REP> d--hs---- C:\FOUND.088
    2007-10-27 12:15 <REP> d-------- C:\Program Files\Overland
    2007-10-25 18:05 <REP> d-------- C:\Documents and Settings\Arnaud\Spiderman
    2007-10-25 17:26 41 ---h----- C:\WINDOWS\dsez7839.dat
    2007-10-25 15:47 <REP> d-------- C:\Program Files\Fichiers communs\Hewlett-Packard
    2007-10-25 15:47 626,960 -ra------ C:\WINDOWS\system32\hpvaut32.dll
    2007-10-25 15:47 487,424 -ra------ C:\WINDOWS\system32\hpvcp70.dll
    2007-10-25 15:47 344,064 -ra------ C:\WINDOWS\system32\hpvcr70.dll
    2007-10-25 15:43 <REP> d-------- C:\Program Files\Fichiers communs\HP
    2007-10-25 15:42 43,672 --a------ C:\WINDOWS\system32\drivers\AFS2K.SYS
    2007-10-25 15:30 <REP> d-------- C:\Program Files\HP
    2007-10-25 15:30 38,879 --------- C:\WINDOWS\hpomdl03.dat
    2007-10-25 15:30 29,200 --a------ C:\WINDOWS\hpoins03.dat
    2007-10-23 18:45 <REP> d--hs---- C:\FOUND.086
    2007-10-22 21:35 85,060 --a------ C:\WINDOWS\rqolll.dll
    2007-10-22 19:54 <REP> d-------- C:\Documents and Settings\Bertrand\Application Data\Grisoft
    2007-10-22 19:53 <REP> d-------- C:\Documents and Settings\Bertrand\WINDOWS
    2007-10-22 19:53 <REP> d--h----- C:\Documents and Settings\Bertrand\Voisinage r‚seau
    2007-10-22 19:53 <REP> d--h----- C:\Documents and Settings\Bertrand\Voisinage d'impression
    2007-10-22 19:53 <REP> d--h----- C:\Documents and Settings\Bertrand\ModŠles
    2007-10-22 19:53 <REP> d---s---- C:\Documents and Settings\Bertrand\Mes documents
    2007-10-22 19:53 <REP> dr------- C:\Documents and Settings\Bertrand\Menu D‚marrer
    2007-10-22 19:53 <REP> d---s---- C:\Documents and Settings\Bertrand\Favoris
    2007-10-22 19:53 <REP> d-------- C:\Documents and Settings\Bertrand\Bureau
    2007-10-22 19:53 <REP> d-------- C:\Documents and Settings\Bertrand\Application Data\Symantec
    2007-10-21 13:36 <REP> d--hs---- C:\FOUND.085
    2007-10-19 19:07 157,478 --a------ C:\WINDOWS\system32\dn320d180e.dat
    2007-10-19 18:09 <REP> d--hs---- C:\FOUND.084

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-11-16 17:03 79,875 ----a-w C:\WINDOWS\system32\adssite-remove.exe
    2007-11-16 17:03 40,733 ----a-w C:\WINDOWS\system32\rightonadz-uninst.exe
    2007-11-01 15:06 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
    2007-11-01 15:06 103,736 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
    2007-10-25 16:56 8,510,976 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
    2007-10-14 18:00 --------- d-----w C:\Program Files\WinUpdater
    2007-10-13 11:29 --------- d-----w C:\Program Files\Notepad++
    2007-10-13 11:29 --------- d-----w C:\Documents and Settings\Arnaud\Application Data\Notepad++
    2007-10-13 11:19 --------- d-----w C:\Program Files\Gpotato.eu
    2007-10-10 17:44 --------- d-----w C:\Program Files\PlayMP3z
    2007-10-04 19:51 --------- d-----w C:\Documents and Settings\Arnaud\Application Data\fltk.org
    2007-10-04 13:21 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
    2007-10-03 18:11 --------- d-----w C:\Program Files\Adssite Advanced Toolbar
    2007-10-03 18:11 --------- d-----w C:\Documents and Settings\Arnaud\Application Data\Adssite Advanced Toolbar
    2007-09-06 11:09 801,144 ----a-w C:\WINDOWS\system32\aswBoot.exe
    2007-09-06 11:00 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
    2007-08-22 14:13 96,768 ----a-w C:\WINDOWS\system32\dllcache\inseng.dll
    2007-08-22 14:13 663,040 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
    2007-08-22 14:13 617,472 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
    2007-08-22 14:13 55,808 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
    2007-08-22 14:13 532,480 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
    2007-08-22 14:13 474,624 ----a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
    2007-08-22 14:13 449,024 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
    2007-08-22 14:13 39,424 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
    2007-08-22 14:13 357,888 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
    2007-08-22 14:13 3,079,168 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
    2007-08-22 14:13 251,392 ----a-w C:\WINDOWS\system32\dllcache\iepeers.dll
    2007-08-22 14:13 205,312 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
    2007-08-22 14:13 16,384 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
    2007-08-22 14:13 152,064 ----a-w C:\WINDOWS\system32\dllcache\cdfview.dll
    2007-08-22 14:13 146,432 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
    2007-08-22 14:13 1,495,040 ----a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
    2007-08-22 14:13 1,056,768 ----a-w C:\WINDOWS\system32\dllcache\danim.dll
    2007-08-22 14:13 1,023,488 ----a-w C:\WINDOWS\system32\dllcache\browseui.dll
    2007-08-21 11:30 18,432 ----a-w C:\WINDOWS\system32\dllcache\iedw.exe
    2007-08-21 07:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
    2007-08-21 07:17 683,520 ----a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
    1999-12-13 13:38 135,168 ----a-w C:\WINDOWS\inf\Agfa\message.exe
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0D39A900-0F3A-4C29-A254-3E65244FDC34}]
    C:\Program Files\ContextTool\ContextTool-2.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}]
    2007-10-31 21:24 339456 --a------ C:\WINDOWS\system32\urqonli.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9C8A568E-4201-478a-8536-526CF371D2E2}]
    C:\WINDOWS\system32\nslDC.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AB71E94E-3DC4-41eb-BBD5-31E82C9FD1D4}]
    2007-11-16 17:04 74752 --a------ C:\WINDOWS\system32\gzmrotate.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LaunchApp"="Alaunch" []
    "SoundMan"="SOUNDMAN.EXE" [2005-06-08 08:31 C:\WINDOWS\SOUNDMAN.EXE]
    "ntiMUI"="c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 18:15]
    "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-07-15 01:07]
    "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 05:00]
    "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 05:00]
    "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 05:00]
    "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 05:00]
    "eRecoveryService"="C:\Program Files\Acer\eRecovery\Monitor.exe" [2005-06-20 09:03]
    "AGRSMMSG"="AGRSMMSG.exe" [2004-04-13 12:49 C:\WINDOWS\AGRSMMSG.exe]
    "AspireService"="C:\Program Files\Acer\Acer eMode Management\AspireService.exe" [2005-06-04 12:40]
    "MediaSync"="C:\Program Files\Acer\Acer eConsole\MediaSync.exe" []
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06]
    "VTTimer"="VTTimer.exe" [2005-05-13 12:57 C:\WINDOWS\system32\VTTimer.exe]
    "VTTrayp"="VTtrayp.exe" [2005-05-13 12:57 C:\WINDOWS\system32\VTTrayp.exe]
    "EoEngine"="" []
    "EoWeather"="" []
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-28 19:18]
    "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-01-19 11:05]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-02-24 22:32]
    "nwiz"="nwiz.exe" [2005-02-24 22:32 C:\WINDOWS\system32\nwiz.exe]
    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-02-24 22:32]
    "ORAHSSStartup"="C:\Program Files\OrangeHSS\Launcher\Launcher.exe" [2007-01-04 10:40]
    "SystrayORAHSS"="C:\Program Files\OrangeHSS\Systray\SystrayApp.exe" [2007-01-04 10:45]
    "winsesame_del"="C:\Program Files\WinSesame\effaceur.exe" []
    "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-02-12 16:57]
    "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-02-12 16:59]
    "LogitechGalleryRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-02-12 16:57]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
    "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd.exe" [2003-08-04 17:28]
    "HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 15:18]
    "DXDllRegExe"="dxdllreg.exe" []
    "320d18a1"="C:\WINDOWS\rqolll.dll" [2007-10-22 21:35]
    "hid_start"="C:\WINDOWS\system32\gzmrotate.dll" [2007-11-16 17:04]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Livecom"="C:\PROGRA~1\LIVECOM\APPLIC~1\CommunicationAgent\CommunicationAgent.exe" []
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 05:00]
    "Orb"="C:\Program Files\Winamp Remote\bin\OrbTray.exe" []
    "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableRegistryTools"=0 (0x0)

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}"= C:\WINDOWS\system32\urqonli.dll [2007-10-31 21:24 339456]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
    "UIHost"="LogonUI.EXE"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\urqonli]
    urqonli.dll 2007-10-31 21:24 339456 C:\WINDOWS\system32\urqonli.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\usrlib]
    usrlib.dll

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    "Authentication Packages"= msv1_0 C:\WINDOWS\system32\vturq.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
    backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Arnaud^Menu Démarrer^Programmes^Démarrage^Stardock ObjectDock.lnk]
    path=C:\Documents and Settings\Arnaud\Menu Démarrer\Programmes\Démarrage\Stardock ObjectDock.lnk
    backup=C:\WINDOWS\pss\Stardock ObjectDock.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
    "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hid_start]
    C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\gzmrotate.dll" DllVerify

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
    "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup]
    rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shareaza]
    "C:\Program Files\Shareaza\Shareaza.exe" -tray

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
    "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\warez]
    "C:\Program Files\Warez P2P Client\warez.exe" -h

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
    C:\Program Files\Winamp\winampa.exe

    R1 UBHelper;UBHelper;C:\WINDOWS\system32\drivers\UBHelper.sys
    R2 int15.sys;int15.sys;\??\C:\Program Files\acer\eRecovery\int15.sys
    R2 Vcs;Vcs support;\??\C:\WINDOWS\system32\Drivers\Vcs.sys
    S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe"
    S3 C-Dilla;C-Dilla;\??\C:\WINDOWS\system32\drivers\CDANT.SYS
    S3 dsreader;MaxDrive Driver (dsreader.sys);C:\WINDOWS\system32\Drivers\dsreader.sys
    S3 ovt530;Webcam Deluxe;C:\WINDOWS\system32\Drivers\ov530vid.sys
    S3 s3chipid;s3chipid;\??\C:\DOCUME~1\Arnaud\LOCALS~1\Temp\s3chipid.sys
    S3 sscdbus;SAMSUNG USB Composite Device driver (WDM);C:\WINDOWS\system32\DRIVERS\sscdbus.sys
    S3 sscdmdfl;SAMSUNG CDMA Modem Filter;C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
    S3 sscdmdm;SAMSUNG CDMA Modem Drivers;C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
    S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;C:\WINDOWS\system32\DRIVERS\usb8023.sys
    S3 XDva019;XDva019;\??\C:\WINDOWS\system32\XDva019.sys
    S3 ZDCndis5;ZDCndis5 Protocol Driver;\??\C:\WINDOWS\system32\ZDCndis5.SYS

    .
    **************************************************************************

    catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-11-17 18:41:53
    Windows 5.1.2600 Service Pack 2 FAT NTAPI

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-11-17 18:44:07 - machine was rebooted
    .
    --- E O F ---


    (et un gros en plus)
    a b 8 Sécurité
    18 Novembre 2007 11:21:48

    Reposte un rapport Hijackthis :) 
    18 Novembre 2007 16:05:47

    No problemo;

    Logfile of HijackThis v1.99.1
    Scan saved at 16:04:45, on 18/11/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Unable to get Internet Explorer version!

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\Acer\eRecovery\Monitor.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Acer\Acer eMode Management\AspireService.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\OrangeHSS\Launcher\Launcher.exe
    C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\WINDOWS\System32\Rundll32.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Opera\Opera.exe
    C:\Documents and Settings\Arnaud\Bureau\Arnaud\Autre\Programmes de maintenance de l'ordinateur\newsscanne.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.icrfast.com/index.php?rvs=hompag
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll (file missing)
    O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\system32\urqonli.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: ads_optimizer - {9C8A568E-4201-478a-8536-526CF371D2E2} - C:\WINDOWS\system32\nslDC.dll (file missing)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: optimizer by rightonadz - {AB71E94E-3DC4-41eb-BBD5-31E82C9FD1D4} - C:\WINDOWS\system32\gzmrotate.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: (no name) - {D2DEFEB6-5300-40DB-9B91-43190554EE1C} - C:\WINDOWS\system32\vtutu.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
    O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [ORAHSSStartup] "C:\Program Files\OrangeHSS\Launcher\Launcher.exe" -appid connectivityapp
    O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
    O4 - HKLM\..\Run: [winsesame_del] C:\Program Files\WinSesame\effaceur.exe
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
    O4 - HKLM\..\Run: [320d18a1] rundll32.exe "C:\WINDOWS\rqolll.dll",b
    O4 - HKLM\..\Run: [hid_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\gzmrotate.dll" DllVerify
    O4 - HKCU\..\Run: [Livecom] "C:\PROGRA~1\LIVECOM\APPLIC~1\CommunicationAgent\CommunicationAgent.exe" -ICom_StartNoSplashScreen
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://manoudev.spaces.msn.com//PhotoUpload/MsnPUpld.ca...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: urqonli - C:\WINDOWS\SYSTEM32\urqonli.dll
    O20 - Winlogon Notify: usrlib - usrlib.dll (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Acer Media Server - Unknown owner - C:\Program Files\acer\Acer eConsole\MediaServerService.exe (file missing)
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe

    a b 8 Sécurité
    18 Novembre 2007 21:43:30

    Repasse un coup de Combofix.
    19 Novembre 2007 13:19:27

    Euh, quand je le lance il me dit:

    La date actuelle est le 19/11/2007. Cette copie de ComboFix a expir,.
    Supprimez cette copie avant de t,l,charger une copie ... jour

    [:f@bien27:17]
    a b 8 Sécurité
    19 Novembre 2007 18:27:03

    Citation :
    Supprimez cette copie avant de t,l,charger une copie ... jour

    C'est compliqué ça ? :) 
    19 Novembre 2007 20:37:03

    je dois supprimer ComboFIx et le retélécharger?
    a b 8 Sécurité
    19 Novembre 2007 21:12:07

    Vi :) 
    20 Novembre 2007 11:39:24

    JE l'ai fait quatre fois et il me dit la même chose...
    a b 8 Sécurité
    20 Novembre 2007 12:17:17

    Ton horloge est bien réglée ?
    21 Novembre 2007 10:47:09

    oui, il est bien 10:47.
    a b 8 Sécurité
    21 Novembre 2007 13:37:07

    C'est lié au programme.
    Refais un scan Vundofix.
    21 Novembre 2007 20:12:23

    APres avoir lancé vundofix, j'ai pu lancer COmbofix et voila le scan:

    ComboFix 07-11-19.3 - Arnaud 2007-11-21 19:50:53.5 - FAT32x86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.110 [GMT 1:00]
    Running from: C:\Documents and Settings\Arnaud\Bureau\Arnaud\Autre\Programmes de maintenance de l'ordinateur\ComboFix.exe
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\cookies.ini

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2007-10-21 to 2007-11-21 ))))))))))))))))))))))))))))))))))))
    .

    2007-11-20 12:52 74,752 --a------ C:\WINDOWS\system32\gzmrotate.dll
    2007-11-18 21:03 <REP> d-------- C:\Documents and Settings\Bertrand\Application Data\TransRender
    2007-11-18 21:03 <REP> d-------- C:\Documents and Settings\Bertrand\Application Data\Temporary
    2007-11-18 21:03 <REP> d-------- C:\Documents and Settings\Bertrand\Application Data\Samsung
    2007-11-18 21:03 <REP> d-------- C:\Documents and Settings\Bertrand\Application Data\ConvertTemp
    2007-11-18 19:53 <REP> d--hs---- C:\FOUND.093
    2007-11-18 16:01 6,595 ---hs---- C:\WINDOWS\system32\ututv.bak2
    2007-11-17 18:46 6,486 ---hs---- C:\WINDOWS\system32\ututv.bak1
    2007-11-17 18:45 6,800 ---hs---- C:\WINDOWS\system32\ututv.ini
    2007-11-17 09:40 <REP> d-------- C:\Documents and Settings\Bertrand\Application Data\AdobeUM
    2007-11-16 16:08 <REP> d--hs---- C:\FOUND.092
    2007-11-10 14:30 2,366,380 ---hs---- C:\WINDOWS\llloqr.ini2
    2007-11-07 09:59 <REP> d-------- C:\Team17
    2007-11-04 18:40 <REP> d--hs---- C:\FOUND.091
    2007-11-03 14:39 <REP> d--hs---- C:\FOUND.090
    2007-11-01 19:03 <REP> d-------- C:\Documents and Settings\All Users\Application Data\OrbNetworks
    2007-11-01 19:02 9,464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
    2007-11-01 19:02 9,336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
    2007-10-31 21:15 133 --ah----- C:\WINDOWS\system32\usrlib.dns
    2007-10-29 20:03 <REP> d--hs---- C:\FOUND.089
    2007-10-28 21:10 <REP> d--hs---- C:\FOUND.088
    2007-10-27 12:15 <REP> d-------- C:\Program Files\Overland
    2007-10-25 18:05 <REP> d-------- C:\Documents and Settings\Arnaud\Spiderman
    2007-10-25 17:26 41 ---h----- C:\WINDOWS\dsez7839.dat
    2007-10-25 15:47 <REP> d-------- C:\Program Files\Fichiers communs\Hewlett-Packard
    2007-10-25 15:43 <REP> d-------- C:\Program Files\Fichiers communs\HP
    2007-10-25 15:42 43,672 --a------ C:\WINDOWS\system32\drivers\AFS2K.SYS
    2007-10-25 15:30 <REP> d-------- C:\Program Files\HP
    2007-10-25 15:30 38,879 --------- C:\WINDOWS\hpomdl03.dat
    2007-10-25 15:30 29,200 --a------ C:\WINDOWS\hpoins03.dat
    2007-10-23 18:45 <REP> d--hs---- C:\FOUND.086
    2007-10-22 19:54 <REP> d-------- C:\Documents and Settings\Bertrand\Application Data\Grisoft
    2007-10-22 19:53 <REP> d-------- C:\Documents and Settings\Bertrand\WINDOWS
    2007-10-22 19:53 <REP> d--h----- C:\Documents and Settings\Bertrand\Voisinage réseau
    2007-10-22 19:53 <REP> d--h----- C:\Documents and Settings\Bertrand\Voisinage d'impression
    2007-10-22 19:53 <REP> d--h----- C:\Documents and Settings\Bertrand\Modèles
    2007-10-22 19:53 <REP> d---s---- C:\Documents and Settings\Bertrand\Mes documents
    2007-10-22 19:53 <REP> dr------- C:\Documents and Settings\Bertrand\Menu Démarrer
    2007-10-22 19:53 <REP> d---s---- C:\Documents and Settings\Bertrand\Favoris
    2007-10-22 19:53 <REP> d-------- C:\Documents and Settings\Bertrand\Bureau
    2007-10-22 19:53 <REP> d-------- C:\Documents and Settings\Bertrand\Application Data\Symantec
    2007-10-21 13:36 <REP> d--hs---- C:\FOUND.085

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-11-20 13:50 40,733 ----a-w C:\WINDOWS\system32\rightonadz-uninst.exe
    2007-11-16 17:03 79,875 ----a-w C:\WINDOWS\system32\adssite-remove.exe
    2007-11-01 15:06 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
    2007-11-01 15:06 103,736 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
    2007-10-31 20:24 339,456 ----a-w C:\WINDOWS\system32\urqonli.dll
    2007-10-25 16:56 8,510,976 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
    2007-10-22 20:35 85,060 ----a-w C:\WINDOWS\rqolll.dll
    2007-10-14 18:00 --------- d-----w C:\Program Files\WinUpdater
    2007-10-13 11:29 --------- d-----w C:\Program Files\Notepad++
    2007-10-13 11:29 --------- d-----w C:\Documents and Settings\Arnaud\Application Data\Notepad++
    2007-10-13 11:19 --------- d-----w C:\Program Files\Gpotato.eu
    2007-10-10 17:44 --------- d-----w C:\Program Files\PlayMP3z
    2007-10-04 19:51 --------- d-----w C:\Documents and Settings\Arnaud\Application Data\fltk.org
    2007-10-04 13:21 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
    2007-10-03 18:11 --------- d-----w C:\Program Files\Adssite Advanced Toolbar
    2007-10-03 18:11 --------- d-----w C:\Documents and Settings\Arnaud\Application Data\Adssite Advanced Toolbar
    2007-09-06 11:09 801,144 ----a-w C:\WINDOWS\system32\aswBoot.exe
    2007-09-06 11:00 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
    2007-08-22 14:13 96,768 ----a-w C:\WINDOWS\system32\dllcache\inseng.dll
    2007-08-22 14:13 663,040 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
    2007-08-22 14:13 617,472 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
    2007-08-22 14:13 55,808 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
    2007-08-22 14:13 532,480 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
    2007-08-22 14:13 474,624 ----a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
    2007-08-22 14:13 449,024 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
    2007-08-22 14:13 39,424 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
    2007-08-22 14:13 357,888 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
    2007-08-22 14:13 3,079,168 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
    2007-08-22 14:13 251,392 ----a-w C:\WINDOWS\system32\dllcache\iepeers.dll
    2007-08-22 14:13 205,312 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
    2007-08-22 14:13 16,384 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
    2007-08-22 14:13 152,064 ----a-w C:\WINDOWS\system32\dllcache\cdfview.dll
    2007-08-22 14:13 146,432 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
    2007-08-22 14:13 1,495,040 ----a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
    2007-08-22 14:13 1,056,768 ----a-w C:\WINDOWS\system32\dllcache\danim.dll
    2007-08-22 14:13 1,023,488 ----a-w C:\WINDOWS\system32\dllcache\browseui.dll
    2007-08-21 11:30 18,432 ----a-w C:\WINDOWS\system32\dllcache\iedw.exe
    2007-08-21 07:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
    2007-08-21 07:17 683,520 ----a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
    1999-12-13 13:38 135,168 ----a-w C:\WINDOWS\inf\Agfa\message.exe
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0D39A900-0F3A-4C29-A254-3E65244FDC34}]
    C:\Program Files\ContextTool\ContextTool-2.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}]
    2007-10-31 21:24 339456 --a------ C:\WINDOWS\system32\urqonli.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9C8A568E-4201-478a-8536-526CF371D2E2}]
    C:\WINDOWS\system32\nslDC.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AB71E94E-3DC4-41eb-BBD5-31E82C9FD1D4}]
    2007-11-20 12:52 74752 --a------ C:\WINDOWS\system32\gzmrotate.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CC4E64F9-0BEB-4235-93CA-AAF64C64803E}]
    C:\WINDOWS\system32\vtutu.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Livecom"="C:\PROGRA~1\LIVECOM\APPLIC~1\CommunicationAgent\CommunicationAgent.exe" []
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 05:00]
    "Orb"="C:\Program Files\Winamp Remote\bin\OrbTray.exe" []
    "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LaunchApp"="Alaunch" []
    "SoundMan"="SOUNDMAN.EXE" [2005-06-08 08:31 C:\WINDOWS\SOUNDMAN.EXE]
    "ntiMUI"="c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 18:15]
    "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-07-15 01:07]
    "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 05:00]
    "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 05:00]
    "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 05:00]
    "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 05:00]
    "eRecoveryService"="C:\Program Files\Acer\eRecovery\Monitor.exe" [2005-06-20 09:03]
    "AGRSMMSG"="AGRSMMSG.exe" [2004-04-13 12:49 C:\WINDOWS\AGRSMMSG.exe]
    "AspireService"="C:\Program Files\Acer\Acer eMode Management\AspireService.exe" [2005-06-04 12:40]
    "MediaSync"="C:\Program Files\Acer\Acer eConsole\MediaSync.exe" []
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06]
    "VTTimer"="VTTimer.exe" [2005-05-13 12:57 C:\WINDOWS\system32\VTTimer.exe]
    "VTTrayp"="VTtrayp.exe" [2005-05-13 12:57 C:\WINDOWS\system32\VTTrayp.exe]
    "EoEngine"="" []
    "EoWeather"="" []
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-28 19:18]
    "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-01-19 11:05]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
    "NvCplDaemon"="RUNDLL32.exe" [2004-08-05 05:00 C:\WINDOWS\system32\rundll32.exe]
    "nwiz"="nwiz.exe" [2005-02-24 22:32 C:\WINDOWS\system32\nwiz.exe]
    "NvMediaCenter"="RUNDLL32.exe" [2004-08-05 05:00 C:\WINDOWS\system32\rundll32.exe]
    "ORAHSSStartup"="C:\Program Files\OrangeHSS\Launcher\Launcher.exe" [2007-01-04 10:40]
    "SystrayORAHSS"="C:\Program Files\OrangeHSS\Systray\SystrayApp.exe" [2007-01-04 10:45]
    "winsesame_del"="C:\Program Files\WinSesame\effaceur.exe" []
    "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-02-12 16:57]
    "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-02-12 16:59]
    "LogitechGalleryRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-02-12 16:57]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
    "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd.exe" [2003-08-04 17:28]
    "HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 15:18]
    "DXDllRegExe"="dxdllreg.exe" []
    "320d18a1"="C:\WINDOWS\rqolll.dll" [2007-10-22 21:35]
    "hid_start"="C:\WINDOWS\System32\Rundll32.exe" [2004-08-05 05:00]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 05:00]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2003-09-16 05:19:24]

    [hklm\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}"= C:\WINDOWS\system32\urqonli.dll [2007-10-31 21:24 339456]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
    "UIHost"="LogonUI.EXE"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\urqonli]
    urqonli.dll 2007-10-31 21:24 339456 C:\WINDOWS\system32\urqonli.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\usrlib]
    usrlib.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
    backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Arnaud^Menu Démarrer^Programmes^Démarrage^Stardock ObjectDock.lnk]
    path=C:\Documents and Settings\Arnaud\Menu Démarrer\Programmes\Démarrage\Stardock ObjectDock.lnk
    backup=C:\WINDOWS\pss\Stardock ObjectDock.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
    C:\Program Files\DAEMON Tools\daemon.exe -lang 1033

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hid_start]
    C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\system32\gzmrotate.dll DllVerify

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
    C:\Program Files\MSN Messenger\msnmsgr.exe /background

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup]
    rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shareaza]
    C:\Program Files\Shareaza\Shareaza.exe -tray

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
    C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\warez]
    C:\Program Files\Warez P2P Client\warez.exe -h

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
    2007-10-10 06:28 36352 --a------ C:\Program Files\Winamp\winampa.exe

    R2 int15.sys;int15.sys;\??\C:\Program Files\acer\eRecovery\int15.sys
    S3 C-Dilla;C-Dilla;\??\C:\WINDOWS\system32\drivers\CDANT.SYS
    S3 dsreader;MaxDrive Driver (dsreader.sys);C:\WINDOWS\system32\Drivers\dsreader.sys

    .
    **************************************************************************

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-11-21 19:57:22
    Windows 5.1.2600 Service Pack 2 FAT NTAPI

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-11-21 19:59:12
    C:\ComboFix2.txt ... 2007-11-17 18:44
    .
    --- E O F ---
    a b 8 Sécurité
    21 Novembre 2007 21:49:22

    Re,

    Faudrait se calmer sur le P2p...
    On continue :

    [#ff0000]Désactive ton antivirus ![/#f]

    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    File::
    C:\WINDOWS\system32\gzmrotate.dll
    C:\WINDOWS\system32\ututv.bak2
    C:\WINDOWS\system32\ututv.bak1
    C:\WINDOWS\system32\ututv.ini
    C:\WINDOWS\llloqr.ini2
    C:\WINDOWS\system32\urqonli.dll
    C:\WINDOWS\system32\vtutu.dll
    C:\WINDOWS\rqolll.dll

    Folder::
    C:\FOUND.093
    C:\FOUND.092
    C:\FOUND.091
    C:\FOUND.090
    C:\FOUND.089
    C:\FOUND.088
    C:\FOUND.086
    C:\Program Files\Warez P2P Client

    Registry::
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}]
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AB71E94E-3DC4-41eb-BBD5-31E82C9FD1D4}]
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CC4E64F9-0BEB-4235-93CA-AAF64C64803E}]
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "320d18a1"=-
    "hid_start"=-
    [hklm\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}"=-
    [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\urqonli]
    [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\usrlib] [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hid_start]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\New.net Startup]
    [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\warez]


    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


    Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
    [#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
    24 Novembre 2007 15:11:15

    Re,

    Désolé, je croyais avoir envoyé le scan, j'ai dû faire une mauvaise manipulation.
    Voilà le rapport:

    ComboFix 07-11-19.3 - Arnaud 2007-11-22 13:38:39.6 - FAT32x86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.172 [GMT 1:00]
    Running from: C:\Documents and Settings\Arnaud\Bureau\Arnaud\Autre\Programmes de maintenance de l'ordinateur\ComboFix.exe
    Command switches used :: C:\Documents and Settings\Arnaud\Bureau\CFScript.txt
    * Created a new restore point

    FILE
    C:\WINDOWS\llloqr.ini2
    C:\WINDOWS\rqolll.dll
    C:\WINDOWS\system32\gzmrotate.dll
    C:\WINDOWS\system32\urqonli.dll
    C:\WINDOWS\system32\ututv.bak1
    C:\WINDOWS\system32\ututv.bak2
    C:\WINDOWS\system32\ututv.ini
    C:\WINDOWS\system32\vtutu.dll
    .

    Incapable d'obtenir les privilèges Système

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\FOUND.086
    C:\FOUND.086\FILE0000.CHK
    C:\FOUND.086\FILE0001.CHK
    C:\FOUND.086\FILE0002.CHK
    C:\FOUND.086\FILE0003.CHK
    C:\FOUND.088
    C:\FOUND.088\FILE0000.CHK
    C:\FOUND.089
    C:\FOUND.089\FILE0000.CHK
    C:\FOUND.089\FILE0001.CHK
    C:\FOUND.089\FILE0002.CHK
    C:\FOUND.089\FILE0003.CHK
    C:\FOUND.089\FILE0004.CHK
    C:\FOUND.089\FILE0005.CHK
    C:\FOUND.089\FILE0006.CHK
    C:\FOUND.089\FILE0007.CHK
    C:\FOUND.090
    C:\FOUND.090\FILE0000.CHK
    C:\FOUND.090\FILE0001.CHK
    C:\FOUND.090\FILE0002.CHK
    C:\FOUND.091
    C:\FOUND.091\FILE0000.CHK
    C:\FOUND.091\FILE0001.CHK
    C:\FOUND.091\FILE0002.CHK
    C:\FOUND.091\FILE0003.CHK
    C:\FOUND.091\FILE0004.CHK
    C:\FOUND.091\FILE0005.CHK
    C:\FOUND.091\FILE0006.CHK
    C:\FOUND.092
    C:\FOUND.092\FILE0000.CHK
    C:\FOUND.093
    C:\FOUND.093\FILE0000.CHK
    C:\FOUND.093\FILE0001.CHK
    C:\FOUND.093\FILE0002.CHK
    C:\WINDOWS\llloqr.ini2
    C:\WINDOWS\rqolll.dll
    C:\WINDOWS\system32\gzmrotate.dll
    C:\WINDOWS\system32\urqonli.dll
    C:\WINDOWS\system32\ututv.bak1
    C:\WINDOWS\system32\ututv.bak2
    C:\WINDOWS\system32\ututv.ini

    .
    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-10-22 to 2007-11-22 ))))))))))))))))))))))))))))))))))))
    .

    2007-11-18 21:03 <REP> d-------- C:\Documents and Settings\Bertrand\Application Data\TransRender
    2007-11-18 21:03 <REP> d-------- C:\Documents and Settings\Bertrand\Application Data\Temporary
    2007-11-18 21:03 <REP> d-------- C:\Documents and Settings\Bertrand\Application Data\Samsung
    2007-11-18 21:03 <REP> d-------- C:\Documents and Settings\Bertrand\Application Data\ConvertTemp
    2007-11-17 09:40 <REP> d-------- C:\Documents and Settings\Bertrand\Application Data\AdobeUM
    2007-11-07 09:59 <REP> d-------- C:\Team17
    2007-11-01 19:03 <REP> d-------- C:\Documents and Settings\All Users\Application Data\OrbNetworks
    2007-11-01 19:02 9,464 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
    2007-11-01 19:02 9,336 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
    2007-10-31 21:15 133 --ah----- C:\WINDOWS\system32\usrlib.dns
    2007-10-27 12:15 <REP> d-------- C:\Program Files\Overland
    2007-10-25 18:05 <REP> d-------- C:\Documents and Settings\Arnaud\Spiderman
    2007-10-25 17:26 41 ---h----- C:\WINDOWS\dsez7839.dat
    2007-10-25 15:47 <REP> d-------- C:\Program Files\Fichiers communs\Hewlett-Packard
    2007-10-25 15:43 <REP> d-------- C:\Program Files\Fichiers communs\HP
    2007-10-25 15:42 43,672 --a------ C:\WINDOWS\system32\drivers\AFS2K.SYS
    2007-10-25 15:30 <REP> d-------- C:\Program Files\HP
    2007-10-25 15:30 38,879 --------- C:\WINDOWS\hpomdl03.dat
    2007-10-25 15:30 29,200 --a------ C:\WINDOWS\hpoins03.dat
    2007-10-22 19:54 <REP> d-------- C:\Documents and Settings\Bertrand\Application Data\Grisoft
    2007-10-22 19:53 <REP> d-------- C:\Documents and Settings\Bertrand\WINDOWS
    2007-10-22 19:53 <REP> d--h----- C:\Documents and Settings\Bertrand\Voisinage r‚seau
    2007-10-22 19:53 <REP> d--h----- C:\Documents and Settings\Bertrand\Voisinage d'impression
    2007-10-22 19:53 <REP> d--h----- C:\Documents and Settings\Bertrand\ModŠles
    2007-10-22 19:53 <REP> d---s---- C:\Documents and Settings\Bertrand\Mes documents
    2007-10-22 19:53 <REP> dr------- C:\Documents and Settings\Bertrand\Menu D‚marrer
    2007-10-22 19:53 <REP> d---s---- C:\Documents and Settings\Bertrand\Favoris
    2007-10-22 19:53 <REP> d-------- C:\Documents and Settings\Bertrand\Bureau
    2007-10-22 19:53 <REP> d-------- C:\Documents and Settings\Bertrand\Application Data\Symantec

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-11-20 13:50 40,733 ----a-w C:\WINDOWS\system32\rightonadz-uninst.exe
    2007-11-16 17:03 79,875 ----a-w C:\WINDOWS\system32\adssite-remove.exe
    2007-11-01 15:06 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
    2007-11-01 15:06 103,736 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
    2007-10-25 16:56 8,510,976 ----a-w C:\WINDOWS\system32\dllcache\shell32.dll
    2007-10-14 18:00 --------- d-----w C:\Program Files\WinUpdater
    2007-10-13 11:29 --------- d-----w C:\Program Files\Notepad++
    2007-10-13 11:29 --------- d-----w C:\Documents and Settings\Arnaud\Application Data\Notepad++
    2007-10-13 11:19 --------- d-----w C:\Program Files\Gpotato.eu
    2007-10-10 17:44 --------- d-----w C:\Program Files\PlayMP3z
    2007-10-04 19:51 --------- d-----w C:\Documents and Settings\Arnaud\Application Data\fltk.org
    2007-10-04 13:21 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
    2007-10-03 18:11 --------- d-----w C:\Program Files\Adssite Advanced Toolbar
    2007-10-03 18:11 --------- d-----w C:\Documents and Settings\Arnaud\Application Data\Adssite Advanced Toolbar
    2007-09-06 11:09 801,144 ----a-w C:\WINDOWS\system32\aswBoot.exe
    2007-09-06 11:00 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
    2007-08-22 14:13 96,768 ----a-w C:\WINDOWS\system32\dllcache\inseng.dll
    2007-08-22 14:13 663,040 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
    2007-08-22 14:13 617,472 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
    2007-08-22 14:13 55,808 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
    2007-08-22 14:13 532,480 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
    2007-08-22 14:13 474,624 ----a-w C:\WINDOWS\system32\dllcache\shlwapi.dll
    2007-08-22 14:13 449,024 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
    2007-08-22 14:13 39,424 ----a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
    2007-08-22 14:13 357,888 ----a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
    2007-08-22 14:13 3,079,168 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
    2007-08-22 14:13 251,392 ----a-w C:\WINDOWS\system32\dllcache\iepeers.dll
    2007-08-22 14:13 205,312 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
    2007-08-22 14:13 16,384 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
    2007-08-22 14:13 152,064 ----a-w C:\WINDOWS\system32\dllcache\cdfview.dll
    2007-08-22 14:13 146,432 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
    2007-08-22 14:13 1,495,040 ----a-w C:\WINDOWS\system32\dllcache\shdocvw.dll
    2007-08-22 14:13 1,056,768 ----a-w C:\WINDOWS\system32\dllcache\danim.dll
    2007-08-22 14:13 1,023,488 ----a-w C:\WINDOWS\system32\dllcache\browseui.dll
    1999-12-13 13:38 135,168 ----a-w C:\WINDOWS\inf\Agfa\message.exe
    .

    ((((((((((((((((((((((((((((( snapshot@2007-11-21_19.57.45.68 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2007-03-13 09:57:12 163,328 ----a-w C:\WINDOWS\erdnt\subs\F3M\ERDNT.EXE
    + 2007-11-22 12:45:00 16,384 ----a-w C:\WINDOWS\Temp\Perflib_Perfdata_4c4.dat
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0D39A900-0F3A-4C29-A254-3E65244FDC34}]
    C:\Program Files\ContextTool\ContextTool-2.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9C8A568E-4201-478a-8536-526CF371D2E2}]
    C:\WINDOWS\system32\nslDC.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Livecom"="C:\PROGRA~1\LIVECOM\APPLIC~1\CommunicationAgent\CommunicationAgent.exe" []
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 05:00]
    "Orb"="C:\Program Files\Winamp Remote\bin\OrbTray.exe" []
    "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "LaunchApp"="Alaunch" []
    "SoundMan"="SOUNDMAN.EXE" [2005-06-08 08:31 C:\WINDOWS\SOUNDMAN.EXE]
    "ntiMUI"="c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe" [2005-05-11 18:15]
    "RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2004-07-15 01:07]
    "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-05 05:00]
    "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-05 05:00]
    "PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 05:00]
    "PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [2004-08-05 05:00]
    "eRecoveryService"="C:\Program Files\Acer\eRecovery\Monitor.exe" [2005-06-20 09:03]
    "AGRSMMSG"="AGRSMMSG.exe" [2004-04-13 12:49 C:\WINDOWS\AGRSMMSG.exe]
    "AspireService"="C:\Program Files\Acer\Acer eMode Management\AspireService.exe" [2005-06-04 12:40]
    "MediaSync"="C:\Program Files\Acer\Acer eConsole\MediaSync.exe" []
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 12:06]
    "VTTimer"="VTTimer.exe" [2005-05-13 12:57 C:\WINDOWS\system32\VTTimer.exe]
    "VTTrayp"="VTtrayp.exe" [2005-05-13 12:57 C:\WINDOWS\system32\VTTrayp.exe]
    "EoEngine"="" []
    "EoWeather"="" []
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-28 19:18]
    "LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [2005-01-19 11:05]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
    "NvCplDaemon"="RUNDLL32.exe" [2004-08-05 05:00 C:\WINDOWS\system32\rundll32.exe]
    "nwiz"="nwiz.exe" [2005-02-24 22:32 C:\WINDOWS\system32\nwiz.exe]
    "NvMediaCenter"="RUNDLL32.exe" [2004-08-05 05:00 C:\WINDOWS\system32\rundll32.exe]
    "ORAHSSStartup"="C:\Program Files\OrangeHSS\Launcher\Launcher.exe" [2007-01-04 10:40]
    "SystrayORAHSS"="C:\Program Files\OrangeHSS\Systray\SystrayApp.exe" [2007-01-04 10:45]
    "winsesame_del"="C:\Program Files\WinSesame\effaceur.exe" []
    "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-02-12 16:57]
    "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-02-12 16:59]
    "LogitechGalleryRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-02-12 16:57]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
    "!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd.exe" [2003-08-04 17:28]
    "HP Component Manager"="C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" [2004-05-12 15:18]
    "DXDllRegExe"="dxdllreg.exe" []
    "320d18a1"="C:\WINDOWS\rqolll.dll" []
    "hid_start"="C:\WINDOWS\System32\Rundll32.exe" [2004-08-05 05:00]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 05:00]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableRegistryTools"= 0 (0x0)

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
    "UIHost"="LogonUI.EXE"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\usrlib]
    usrlib.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Adobe Reader Speed Launch.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Adobe Reader Speed Launch.lnk
    backup=C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Arnaud^Menu Démarrer^Programmes^Démarrage^Stardock ObjectDock.lnk]
    path=C:\Documents and Settings\Arnaud\Menu Démarrer\Programmes\Démarrage\Stardock ObjectDock.lnk
    backup=C:\WINDOWS\pss\Stardock ObjectDock.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
    C:\Program Files\DAEMON Tools\daemon.exe -lang 1033

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hid_start]
    C:\WINDOWS\System32\Rundll32.exe C:\WINDOWS\system32\gzmrotate.dll DllVerify

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
    C:\Program Files\MSN Messenger\msnmsgr.exe /background

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Shareaza]
    C:\Program Files\Shareaza\Shareaza.exe -tray

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
    C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
    2007-10-10 06:28 36352 --a------ C:\Program Files\Winamp\winampa.exe

    R1 UBHelper;UBHelper;C:\WINDOWS\system32\drivers\UBHelper.sys
    R2 int15.sys;int15.sys;\??\C:\Program Files\acer\eRecovery\int15.sys
    R2 Vcs;Vcs support;\??\C:\WINDOWS\system32\Drivers\Vcs.sys
    S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe"
    S3 C-Dilla;C-Dilla;\??\C:\WINDOWS\system32\drivers\CDANT.SYS
    S3 dsreader;MaxDrive Driver (dsreader.sys);C:\WINDOWS\system32\Drivers\dsreader.sys
    S3 ovt530;Webcam Deluxe;C:\WINDOWS\system32\Drivers\ov530vid.sys
    S3 s3chipid;s3chipid;\??\C:\DOCUME~1\Arnaud\LOCALS~1\Temp\s3chipid.sys
    S3 sscdbus;SAMSUNG USB Composite Device driver (WDM);C:\WINDOWS\system32\DRIVERS\sscdbus.sys
    S3 sscdmdfl;SAMSUNG CDMA Modem Filter;C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
    S3 sscdmdm;SAMSUNG CDMA Modem Drivers;C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
    S3 USB_RNDIS_51;Broadcom USB Remote NDIS Device Driver;C:\WINDOWS\system32\DRIVERS\usb8023.sys
    S3 XDva019;XDva019;\??\C:\WINDOWS\system32\XDva019.sys
    S3 ZDCndis5;ZDCndis5 Protocol Driver;\??\C:\WINDOWS\system32\ZDCndis5.SYS

    .
    **************************************************************************

    catchme 0.3.1262 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-11-22 13:45:27
    Windows 5.1.2600 Service Pack 2 FAT NTAPI

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-11-22 13:47:17 - machine was rebooted
    C:\ComboFix3.txt ... 2007-11-17 18:44
    C:\ComboFix2.txt ... 2007-11-21 19:59
    .
    --- E O F ---
    a b 8 Sécurité
    24 Novembre 2007 16:16:53

    Reposte un rapport Hijackthis.
    24 Novembre 2007 19:03:41

    Voila chef:

    Logfile of HijackThis v1.99.1
    Scan saved at 19:02:19, on 24/11/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Unable to get Internet Explorer version!

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\Acer\eRecovery\Monitor.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Acer\Acer eMode Management\AspireService.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\OrangeHSS\Launcher\Launcher.exe
    C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Documents and Settings\Arnaud\Bureau\Arnaud\Autre\Programmes de maintenance de l'ordinateur\newsscanne.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.icrfast.com/index.php?rvs=hompag
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: ads_optimizer - {9C8A568E-4201-478a-8536-526CF371D2E2} - C:\WINDOWS\system32\nslDC.dll (file missing)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
    O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [ORAHSSStartup] "C:\Program Files\OrangeHSS\Launcher\Launcher.exe" -appid connectivityapp
    O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
    O4 - HKLM\..\Run: [winsesame_del] C:\Program Files\WinSesame\effaceur.exe
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\binaries\msconfig.exe /auto
    O4 - HKCU\..\Run: [Livecom] "C:\PROGRA~1\LIVECOM\APPLIC~1\CommunicationAgent\CommunicationAgent.exe" -ICom_StartNoSplashScreen
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://manoudev.spaces.msn.com//PhotoUpload/MsnPUpld.ca...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: usrlib - usrlib.dll (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Acer Media Server - Unknown owner - C:\Program Files\acer\Acer eConsole\MediaServerService.exe (file missing)
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe

    26 Novembre 2007 19:28:25

    Franchement ça m'embetais de changer d'antivirus mais celui la est plus rapide et lui, au moins, il trouve des virus...

    Voila El Report:



    AntiVir PersonalEdition Classic
    Report file date: 2007-11-26 17:56

    Scanning for 942367 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Username: SYSTEM
    Computer name: MANAUBÉ

    Version information:
    BUILD.DAT : 270 15603 Bytes 2007-09-19 13:32:00
    AVSCAN.EXE : 7.0.6.1 290856 Bytes 2007-08-23 13:16:30
    AVSCAN.DLL : 7.0.6.0 49192 Bytes 2007-08-16 12:23:52
    LUKE.DLL : 7.0.5.3 147496 Bytes 2007-08-14 15:32:48
    LUKERES.DLL : 7.0.6.1 10280 Bytes 2007-08-21 12:35:22
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 14:27:16
    ANTIVIR1.VDF : 7.0.0.0 1640448 Bytes 2007-09-13 14:26:56
    ANTIVIR2.VDF : 7.0.1.0 1393152 Bytes 2007-11-23 16:54:36
    ANTIVIR3.VDF : 7.0.1.8 27136 Bytes 2007-11-26 16:54:36
    AVEWIN32.DLL : 7.6.0.34 3125760 Bytes 2007-11-26 16:54:36
    AVWINLL.DLL : 1.0.0.7 14376 Bytes 2007-02-26 10:36:28
    AVPREF.DLL : 7.0.2.2 25640 Bytes 2007-07-18 07:39:18
    AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 13:16:24
    AVPACK32.DLL : 7.3.0.15 360488 Bytes 2007-08-03 08:46:02
    AVREG.DLL : 7.0.1.6 30760 Bytes 2007-07-18 07:17:08
    AVARKT.DLL : 1.0.0.20 278568 Bytes 2007-08-28 12:26:34
    AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 2007-07-18 07:10:20
    NETNT.DLL : 7.0.0.0 7720 Bytes 2007-03-08 11:09:44
    RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 2007-08-07 12:38:14
    RCTEXT.DLL : 7.0.62.0 86056 Bytes 2007-08-21 12:50:38
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 2007-07-23 09:37:22

    Configuration settings for the scan:
    Jobname..........................: Complete system scan
    Configuration file...............: c:\program files\avira\antivir personaledition classic\sysscan.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: off
    Scan boot sector.................: on
    Boot sectors.....................: D:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: 2007-11-26 17:56

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'hpqscnvw.exe' - '1' Module(s) have been scanned
    Scan process 'hpqdstcp.exe' - '1' Module(s) have been scanned
    Scan process 'hpqkygrp.exe' - '1' Module(s) have been scanned
    Scan process 'sched.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'avguard.exe' - '1' Module(s) have been scanned
    Scan process 'hpqgalry.exe' - '1' Module(s) have been scanned
    Scan process 'Hpqdirec.exe' - '1' Module(s) have been scanned
    Scan process 'FTCOMModule.exe' - '1' Module(s) have been scanned
    Scan process 'OraConfigRecover.exe' - '1' Module(s) have been scanned
    Scan process 'CoreCom.exe' - '1' Module(s) have been scanned
    Scan process 'ConnectivityManager.exe' - '1' Module(s) have been scanned
    Scan process 'HPZipm12.exe' - '1' Module(s) have been scanned
    Scan process 'hpqtra08.exe' - '1' Module(s) have been scanned
    Scan process 'msnmsgr.exe' - '1' Module(s) have been scanned
    Scan process 'CTFMON.EXE' - '1' Module(s) have been scanned
    Scan process 'AlertModule.exe' - '1' Module(s) have been scanned
    Scan process 'HPCMPMGR.EXE' - '1' Module(s) have been scanned
    Scan process 'hpwuSchd.exe' - '1' Module(s) have been scanned
    Scan process 'AVGAS.EXE' - '1' Module(s) have been scanned
    Scan process 'JUSCHED.EXE' - '1' Module(s) have been scanned
    Scan process 'LogiTray.exe' - '1' Module(s) have been scanned
    Scan process 'SystrayApp.exe' - '1' Module(s) have been scanned
    Scan process 'Launcher.exe' - '1' Module(s) have been scanned
    Scan process 'RUNDLL32.EXE' - '1' Module(s) have been scanned
    Scan process 'LVCOMSX.EXE' - '1' Module(s) have been scanned
    Scan process 'QTTASK.EXE' - '1' Module(s) have been scanned
    Scan process 'VTTimer.exe' - '1' Module(s) have been scanned
    Scan process 'AspireService.exe' - '1' Module(s) have been scanned
    Scan process 'AGRSMMSG.EXE' - '1' Module(s) have been scanned
    Scan process 'Monitor.exe' - '1' Module(s) have been scanned
    Scan process 'PDVDServ.exe' - '1' Module(s) have been scanned
    Scan process 'SOUNDMAN.EXE' - '1' Module(s) have been scanned
    Scan process 'EXPLORER.EXE' - '1' Module(s) have been scanned
    Scan process 'ALG.EXE' - '1' Module(s) have been scanned
    Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
    Scan process 'SNDSrvc.exe' - '1' Module(s) have been scanned
    Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned
    Scan process 'NVSVC32.EXE' - '1' Module(s) have been scanned
    Scan process 'FTRTSVC.EXE' - '1' Module(s) have been scanned
    Scan process 'CDANTSRV.EXE' - '1' Module(s) have been scanned
    Scan process 'CDAC11BA.EXE' - '1' Module(s) have been scanned
    Scan process 'GUARD.EXE' - '1' Module(s) have been scanned
    Scan process 'SPOOLSV.EXE' - '1' Module(s) have been scanned
    Scan process 'ashServ.exe' - '1' Module(s) have been scanned
    Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
    Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
    Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
    Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
    Scan process 'SVCHOST.EXE' - '1' Module(s) have been scanned
    Scan process 'LSASS.EXE' - '1' Module(s) have been scanned
    Scan process 'SERVICES.EXE' - '1' Module(s) have been scanned
    Scan process 'WINLOGON.EXE' - '1' Module(s) have been scanned
    Scan process 'CSRSS.EXE' - '1' Module(s) have been scanned
    Scan process 'SMSS.EXE' - '1' Module(s) have been scanned
    57 processes with 57 modules were scanned

    Start scanning boot sectors:
    Boot sector 'C:\'
    [NOTE] No virus was found!
    Boot sector 'D:\'
    [NOTE] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '44' files ).


    Starting the file scan:

    Begin scan in 'C:\' <ACER>
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\hiberfil.sys
    [WARNING] The file could not be opened!
    C:\WINDOWS\system32\drivers\sptd.sys
    [WARNING] The file could not be opened!
    C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP3\A0001083.dll
    [DETECTION] Is the Trojan horse TR/Vundo.Gen
    [INFO] The file was moved to '477b0e71.qua'!
    C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP5\A0001283.DLL
    [DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
    [INFO] The file was moved to '477b0e81.qua'!
    C:\System Volume Information\_restore{DA1684A3-4776-45C8-851D-DD8A56FF2753}\RP5\A0001289.DLL
    [DETECTION] Is the Trojan horse TR/Vundo.Gen
    [INFO] The file was moved to '477b0e85.qua'!
    C:\qoobox\Quarantine\C\WINDOWS\rqolll.dll.vir
    [DETECTION] Is the Trojan horse TR/Dldr.ConHook.Gen
    [INFO] The file was moved to '47ba0f16.qua'!
    C:\qoobox\Quarantine\C\WINDOWS\system32\urqonli.dll.vir
    [DETECTION] Is the Trojan horse TR/Vundo.Gen
    [INFO] The file was moved to '47bc0f82.qua'!
    Begin scan in 'D:\' <ACERDATA>


    End of the scan: 2007-11-26 19:25
    Used time: 1:28:57 min

    The scan has been done completely.

    9813 Scanning directories
    431309 Files were scanned
    5 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    5 files were moved to quarantine
    0 files were renamed
    3 Files cannot be scanned
    431304 Files not concerned
    9561 Archives were scanned
    3 Warnings
    6 Notes

    a b 8 Sécurité
    26 Novembre 2007 19:37:16

    Reposte un rapport Hijackthis.
    27 Novembre 2007 11:34:06

    Le voila:

    Logfile of HijackThis v1.99.1
    Scan saved at 11:33:30, on 27/11/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Unable to get Internet Explorer version!

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Acer\eRecovery\Monitor.exe
    C:\Program Files\Acer\Acer eMode Management\AspireService.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\OrangeHSS\Launcher\Launcher.exe
    C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Opera\Opera.exe
    C:\Documents and Settings\Arnaud\Bureau\Arnaud\Autre\Programmes de maintenance de l'ordinateur\newsscanne.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.icrfast.com/index.php?rvs=hompag
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: ads_optimizer - {9C8A568E-4201-478a-8536-526CF371D2E2} - C:\WINDOWS\system32\nslDC.dll (file missing)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
    O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [ORAHSSStartup] "C:\Program Files\OrangeHSS\Launcher\Launcher.exe" -appid connectivityapp
    O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
    O4 - HKLM\..\Run: [winsesame_del] C:\Program Files\WinSesame\effaceur.exe
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [Livecom] "C:\PROGRA~1\LIVECOM\APPLIC~1\CommunicationAgent\CommunicationAgent.exe" -ICom_StartNoSplashScreen
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://manoudev.spaces.msn.com//PhotoUpload/MsnPUpld.ca...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: usrlib - usrlib.dll (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Acer Media Server - Unknown owner - C:\Program Files\acer\Acer eConsole\MediaServerService.exe (file missing)
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe

    a b 8 Sécurité
    27 Novembre 2007 18:57:11

    Re,

    Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES

    O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - C:\Program Files\ContextTool\ContextTool-2.dll (file missing)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: ads_optimizer - {9C8A568E-4201-478a-8536-526CF371D2E2} - C:\WINDOWS\system32\nslDC.dll (file missing)
    O20 - Winlogon Notify: usrlib - usrlib.dll (file missing)
    28 Novembre 2007 11:45:45

    Re,

    C'est fait.
    Je ne sais pas si il fallait le faire, mais j'ai fait un rapport:

    Logfile of HijackThis v1.99.1
    Scan saved at 11:45:20, on 28/11/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16544)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\Acer\eRecovery\Monitor.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\Acer\Acer eMode Management\AspireService.exe
    C:\WINDOWS\system32\VTTimer.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\OrangeHSS\Launcher\Launcher.exe
    C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
    C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
    C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
    C:\Program Files\Opera\Opera.exe
    C:\Documents and Settings\Arnaud\Bureau\Arnaud\Autre\Programmes de maintenance de l'ordinateur\newsscanne.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.icrfast.com/index.php?rvs=hompag
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
    O4 - HKLM\..\Run: [LaunchApp] Alaunch
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [ntiMUI] c:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [eRecoveryService] C:\Program Files\Acer\eRecovery\Monitor.exe
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [AspireService] C:\Program Files\Acer\Acer eMode Management\AspireService.exe
    O4 - HKLM\..\Run: [MediaSync] C:\Program Files\Acer\Acer eConsole\MediaSync.exe
    O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
    O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [ORAHSSStartup] "C:\Program Files\OrangeHSS\Launcher\Launcher.exe" -appid connectivityapp
    O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
    O4 - HKLM\..\Run: [winsesame_del] C:\Program Files\WinSesame\effaceur.exe
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [Livecom] "C:\PROGRA~1\LIVECOM\APPLIC~1\CommunicationAgent\CommunicationAgent.exe" -ICom_StartNoSplashScreen
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://manoudev.spaces.msn.com//PhotoUpload/MsnPUpld.ca...
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {88764F69-3831-4EC1-B40B-FF21D8381345} (AdVerifierADPCtrl Class) - https://static.impots.gouv.fr/tdir/static/adpform/AdSig...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Ap...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Acer Media Server - Unknown owner - C:\Program Files\acer\Acer eConsole\MediaServerService.exe (file missing)
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe

    a b 8 Sécurité
    28 Novembre 2007 13:20:12

    Alors ?
    28 Novembre 2007 14:44:36

    Angeldark a dit :
    Alors ?


    Heu... Alors quoi?
    C'est terminé?

    Ben si c'est le cas un Grand Merci (je vais pouvoir rejoindre le P2P lol) et je pense qu'on risque de se revoir bientôt ;) 

    Merci pour l'ordi!
    a b 8 Sécurité
    28 Novembre 2007 17:01:54

    Alors ? toujours pareil ?
    C'était ça ma question :) 
    30 Novembre 2007 12:27:15

    Oui, il lag beaucoup moins ;) 

    Mais je risque d'avoir besoin de vous car mon autre ordinateur est infecté;) je compte sur vous!

    a b 8 Sécurité
    30 Novembre 2007 12:36:15

    No prob.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS