Plus de droit d'admins sur mon pc

Bonjour, j'ai exactement le même problème, sauf que je suis complètement nul en informatique. J'ai fait un scan avec Hijack This, et voici le rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:30:59, on 05/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NavNT\defwatch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\NETGEAR\WG511\Utility\WG511WLU.exe
C:\Program Files\NavNT\vptray.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\proper.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Documents and Settings\Administrateur\Bureau\MULTIMEDIA\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://red.clientapps.yahoo.com/cu [...] .yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/i [...] earch.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 67.0.0.25:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\proper.exe
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: (no name) - {D27987B8-7244-4DE0-AE10-39B826B492F1} - C:\WINDOWS\system32\bronto.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [xwgcc] C:\WINDOWS\system32\ihczxbw.exe
O4 - HKLM\..\Run: [xopyfdgk] C:\WINDOWS\system32\znlvvi.exe
O4 - HKLM\..\Run: [xgbxoal] C:\WINDOWS\system32\nsecqvf.exe
O4 - HKLM\..\Run: [wucm] C:\WINDOWS\system32\rrts.exe
O4 - HKLM\..\Run: [wiesxer] C:\WINDOWS\system32\mwkyvh.exe
O4 - HKLM\..\Run: [WG511WLU] C:\Program Files\NETGEAR\WG511\Utility\WG511WLU.exe -hide
O4 - HKLM\..\Run: [vrbkuyq] C:\WINDOWS\system32\swkziqox.exe
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [uzoag] C:\WINDOWS\system32\awlmzupf.exe
O4 - HKLM\..\Run: [uxylb] C:\WINDOWS\system32\xuvozoc.exe
O4 - HKLM\..\Run: [ufexgwv] C:\WINDOWS\system32\xyklmpvt.exe
O4 - HKLM\..\Run: [topzm] C:\WINDOWS\system32\cmtuefq.exe
O4 - HKLM\..\Run: [tkmmd] C:\WINDOWS\system32\plvvsr.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [shflbrev] C:\WINDOWS\system32\ertpy.exe
O4 - HKLM\..\Run: [sacnr] C:\WINDOWS\system32\rvdrbkgn.exe
O4 - HKLM\..\Run: [ruefgmk] C:\WINDOWS\system32\bqpg.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [qqicrf] C:\WINDOWS\system32\zewhqfe.exe
O4 - HKLM\..\Run: [qlquezr] C:\WINDOWS\system32\pily.exe
O4 - HKLM\..\Run: [pggq] C:\WINDOWS\system32\uaqwhwsr.exe
O4 - HKLM\..\Run: [pbkcnu] C:\WINDOWS\system32\cuioq.exe
O4 - HKLM\..\Run: [okzkp] C:\WINDOWS\system32\gbzzcb.exe
O4 - HKLM\..\Run: [ojtc] C:\WINDOWS\system32\zhapw.exe
O4 - HKLM\..\Run: [oepqv] C:\WINDOWS\system32\lsvqqkny.exe
O4 - HKLM\..\Run: [nrdjm] C:\WINDOWS\system32\toowxm.exe
O4 - HKLM\..\Run: [njmnbd] C:\WINDOWS\system32\eiixsax.exe
O4 - HKLM\..\Run: [muociqp] C:\WINDOWS\system32\xkqo.exe
O4 - HKLM\..\Run: [mtyiu] C:\WINDOWS\system32\quttt.exe
O4 - HKLM\..\Run: [mqqusps] C:\WINDOWS\system32\ekbg.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [lyfwbawx] C:\WINDOWS\system32\jzzetpss.exe
O4 - HKLM\..\Run: [ljzu] C:\WINDOWS\system32\yfim.exe
O4 - HKLM\..\Run: [lhbhb] C:\WINDOWS\system32\xtcxx.exe
O4 - HKLM\..\Run: [kulof] C:\WINDOWS\system32\eaiowfa.exe
O4 - HKLM\..\Run: [kljv] C:\WINDOWS\system32\bmbwivxk.exe
O4 - HKLM\..\Run: [juvyue] C:\WINDOWS\system32\rnbo.exe
O4 - HKLM\..\Run: [jlormaw] C:\WINDOWS\system32\mlhl.exe
O4 - HKLM\..\Run: [jdvqrf] C:\WINDOWS\system32\awtyp.exe
O4 - HKLM\..\Run: [iwbmk] C:\WINDOWS\system32\yxbz.exe
O4 - HKLM\..\Run: [isijkn] C:\WINDOWS\system32\kasxbm.exe
O4 - HKLM\..\Run: [imjzb] C:\WINDOWS\system32\uocf.exe
O4 - HKLM\..\Run: [hxwml] C:\WINDOWS\system32\xypjv.exe
O4 - HKLM\..\Run: [hofuglo] C:\WINDOWS\system32\ftwd.exe
O4 - HKLM\..\Run: [gtfsav] C:\WINDOWS\system32\ojtz.exe
O4 - HKLM\..\Run: [ggkaqjp] C:\WINDOWS\system32\dqhue.exe
O4 - HKLM\..\Run: [gdkt] C:\WINDOWS\system32\xzfiqz.exe
O4 - HKLM\..\Run: [gcwoj] C:\WINDOWS\system32\lijzyklf.exe
O4 - HKLM\..\Run: [flaf] C:\WINDOWS\system32\evipplyh.exe
O4 - HKLM\..\Run: [fdqlh] C:\WINDOWS\system32\pcgty.exe
O4 - HKLM\..\Run: [crkd] C:\WINDOWS\system32\xhsono.exe
O4 - HKLM\..\Run: [crbj] C:\WINDOWS\system32\yjdjvt.exe
O4 - HKLM\..\Run: [cleozfb] C:\WINDOWS\system32\nfmdnwpi.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [bwxv] C:\WINDOWS\system32\appoak.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [arxduhoz] C:\WINDOWS\system32\iynfabkh.exe
O4 - HKLM\..\Run: [arndg] C:\WINDOWS\system32\zwums.exe
O4 - HKLM\..\Run: [abgsit] C:\WINDOWS\system32\fusws.exe
O4 - HKLM\..\Run: [aaxwpexy] C:\WINDOWS\system32\hwyglnlv.exe
O4 - HKLM\..\Run: [NsUpdate] C:\WINDOWS\NsUpdate.exe UPDATE
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Undefined] C:\WINDOWS\system32\winter.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKCU\..\Run: [JavaUpdate0.07] C:\WINDOWS\system32\vgci.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Configuration de la neuf Box] C:\Program Files\neuf telecom\neuf Box\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Undefined] C:\WINDOWS\system32\winter.exe
O4 - Startup: infos.exe
O4 - Global Startup: autos.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01347765-1965-426B-91A4-AA6BB342B9A3} (InstallerObj Class) - http://www.1-click.com/common/file [...] n-test.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/g [...] er_gmn.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.fr/computercheckup/qdiagcc.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/024e3e [...] xIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft. [...] 3987816762
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 4243505343
O16 - DPF: {981D847D-2C06-4FB7-A09C-4F0A48601B2C} (DiagSetup Class) - http://techcity.aol.fr/download/img/DiagSetup.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JA [...] anager.ocx
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ch-creil.net
O17 - HKLM\Software\..\Telephony: DomainName = ch-creil.net
O17 - HKLM\System\CCS\Services\Tcpip\..\{66D4A856-4D97-4614-8462-F935F7AAB41A}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = ch-creil.net
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = ch-creil.net
O20 - AppInit_DLLs: skuns.dat C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe (file missing)
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

--
End of file - 14064 bytes

Salut!
Je ne suis plus administrateur demon propre pc, un comble!!! Je viens de faire un second scan avec Hijack This. Voici ce que ça donne:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:04:36, on 06/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NavNT\defwatch.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\Program Files\NavNT\rtvscan.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.exe
C:\Program Files\NETGEAR\WG511\Utility\WG511WLU.exe
C:\Program Files\NavNT\vptray.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\proper.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
C:\Program Files\Windows Media Player\WMPNetwk.exe
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Documents and Settings\Administrateur\Bureau\MULTIMEDIA\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://red.clientapps.yahoo.com/cu [...] .yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/i [...] earch.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 67.0.0.25:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\system32\proper.exe
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: (no name) - {D27987B8-7244-4DE0-AE10-39B826B492F1} - C:\WINDOWS\system32\bronto.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [xwgcc] C:\WINDOWS\system32\ihczxbw.exe
O4 - HKLM\..\Run: [xopyfdgk] C:\WINDOWS\system32\znlvvi.exe
O4 - HKLM\..\Run: [xgbxoal] C:\WINDOWS\system32\nsecqvf.exe
O4 - HKLM\..\Run: [wucm] C:\WINDOWS\system32\rrts.exe
O4 - HKLM\..\Run: [wiesxer] C:\WINDOWS\system32\mwkyvh.exe
O4 - HKLM\..\Run: [WG511WLU] C:\Program Files\NETGEAR\WG511\Utility\WG511WLU.exe -hide
O4 - HKLM\..\Run: [vrbkuyq] C:\WINDOWS\system32\swkziqox.exe
O4 - HKLM\..\Run: [vptray] C:\Program Files\NavNT\vptray.exe
O4 - HKLM\..\Run: [uzoag] C:\WINDOWS\system32\awlmzupf.exe
O4 - HKLM\..\Run: [uxylb] C:\WINDOWS\system32\xuvozoc.exe
O4 - HKLM\..\Run: [ufexgwv] C:\WINDOWS\system32\xyklmpvt.exe
O4 - HKLM\..\Run: [topzm] C:\WINDOWS\system32\cmtuefq.exe
O4 - HKLM\..\Run: [tkmmd] C:\WINDOWS\system32\plvvsr.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [shflbrev] C:\WINDOWS\system32\ertpy.exe
O4 - HKLM\..\Run: [sacnr] C:\WINDOWS\system32\rvdrbkgn.exe
O4 - HKLM\..\Run: [ruefgmk] C:\WINDOWS\system32\bqpg.exe
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [qqicrf] C:\WINDOWS\system32\zewhqfe.exe
O4 - HKLM\..\Run: [qlquezr] C:\WINDOWS\system32\pily.exe
O4 - HKLM\..\Run: [pggq] C:\WINDOWS\system32\uaqwhwsr.exe
O4 - HKLM\..\Run: [pbkcnu] C:\WINDOWS\system32\cuioq.exe
O4 - HKLM\..\Run: [okzkp] C:\WINDOWS\system32\gbzzcb.exe
O4 - HKLM\..\Run: [ojtc] C:\WINDOWS\system32\zhapw.exe
O4 - HKLM\..\Run: [oepqv] C:\WINDOWS\system32\lsvqqkny.exe
O4 - HKLM\..\Run: [nrdjm] C:\WINDOWS\system32\toowxm.exe
O4 - HKLM\..\Run: [njmnbd] C:\WINDOWS\system32\eiixsax.exe
O4 - HKLM\..\Run: [muociqp] C:\WINDOWS\system32\xkqo.exe
O4 - HKLM\..\Run: [mtyiu] C:\WINDOWS\system32\quttt.exe
O4 - HKLM\..\Run: [mqqusps] C:\WINDOWS\system32\ekbg.exe
O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [lyfwbawx] C:\WINDOWS\system32\jzzetpss.exe
O4 - HKLM\..\Run: [ljzu] C:\WINDOWS\system32\yfim.exe
O4 - HKLM\..\Run: [lhbhb] C:\WINDOWS\system32\xtcxx.exe
O4 - HKLM\..\Run: [kulof] C:\WINDOWS\system32\eaiowfa.exe
O4 - HKLM\..\Run: [kljv] C:\WINDOWS\system32\bmbwivxk.exe
O4 - HKLM\..\Run: [juvyue] C:\WINDOWS\system32\rnbo.exe
O4 - HKLM\..\Run: [jlormaw] C:\WINDOWS\system32\mlhl.exe
O4 - HKLM\..\Run: [jdvqrf] C:\WINDOWS\system32\awtyp.exe
O4 - HKLM\..\Run: [iwbmk] C:\WINDOWS\system32\yxbz.exe
O4 - HKLM\..\Run: [isijkn] C:\WINDOWS\system32\kasxbm.exe
O4 - HKLM\..\Run: [imjzb] C:\WINDOWS\system32\uocf.exe
O4 - HKLM\..\Run: [hxwml] C:\WINDOWS\system32\xypjv.exe
O4 - HKLM\..\Run: [hofuglo] C:\WINDOWS\system32\ftwd.exe
O4 - HKLM\..\Run: [gtfsav] C:\WINDOWS\system32\ojtz.exe
O4 - HKLM\..\Run: [ggkaqjp] C:\WINDOWS\system32\dqhue.exe
O4 - HKLM\..\Run: [gdkt] C:\WINDOWS\system32\xzfiqz.exe
O4 - HKLM\..\Run: [gcwoj] C:\WINDOWS\system32\lijzyklf.exe
O4 - HKLM\..\Run: [flaf] C:\WINDOWS\system32\evipplyh.exe
O4 - HKLM\..\Run: [fdqlh] C:\WINDOWS\system32\pcgty.exe
O4 - HKLM\..\Run: [crkd] C:\WINDOWS\system32\xhsono.exe
O4 - HKLM\..\Run: [crbj] C:\WINDOWS\system32\yjdjvt.exe
O4 - HKLM\..\Run: [cleozfb] C:\WINDOWS\system32\nfmdnwpi.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [bwxv] C:\WINDOWS\system32\appoak.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [arxduhoz] C:\WINDOWS\system32\iynfabkh.exe
O4 - HKLM\..\Run: [arndg] C:\WINDOWS\system32\zwums.exe
O4 - HKLM\..\Run: [abgsit] C:\WINDOWS\system32\fusws.exe
O4 - HKLM\..\Run: [aaxwpexy] C:\WINDOWS\system32\hwyglnlv.exe
O4 - HKLM\..\Run: [NsUpdate] C:\WINDOWS\NsUpdate.exe UPDATE
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Undefined] C:\WINDOWS\system32\winter.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [JavaUpdate0.07] C:\WINDOWS\system32\vgci.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Configuration de la neuf Box] C:\Program Files\neuf telecom\neuf Box\Wizard\QuickAccess.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Undefined] C:\WINDOWS\system32\winter.exe
O4 - Startup: infos.exe
O4 - Global Startup: autos.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {01347765-1965-426B-91A4-AA6BB342B9A3} (InstallerObj Class) - http://www.1-click.com/common/file [...] n-test.cab
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/g [...] er_gmn.cab
O16 - DPF: {4A3CF76B-EC7A-405D-A67D-8DC6B52AB35B} (QDiagAOLCCUpdateObj Class) - http://aolcc.aol.fr/computercheckup/qdiagcc.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/024e3e [...] xIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft. [...] 3987816762
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mi [...] 4243505343
O16 - DPF: {981D847D-2C06-4FB7-A09C-4F0A48601B2C} (DiagSetup Class) - http://techcity.aol.fr/download/img/DiagSetup.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JA [...] anager.ocx
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = ch-creil.net
O17 - HKLM\Software\..\Telephony: DomainName = ch-creil.net
O17 - HKLM\System\CCS\Services\Tcpip\..\{66D4A856-4D97-4614-8462-F935F7AAB41A}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = ch-creil.net
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = ch-creil.net
O20 - AppInit_DLLs: skuns.dat C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: DefWatch - Symantec Corporation - C:\Program Files\NavNT\defwatch.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe (file missing)
O23 - Service: Norton AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\Program Files\NavNT\rtvscan.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

--
End of file - 13865 bytes

Le rapport ComboFix est le suivant:

ComboFix 07-11-05.2 - pnguewou 2007-11-06 1:27:29.1 - NTFSx86
Running from: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Démarrage\infos.exe
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\autos.exe
C:\Documents and Settings\pharma.interne\Menu Démarrer\Programmes\Démarrage\infos.exe
C:\WINDOWS\exefld
C:\WINDOWS\system32\Cache
C:\WINDOWS\system32\Cache\buts.bin
C:\WINDOWS\system32\Cache\casino.bmp
C:\WINDOWS\system32\Cache\date.bmp
C:\WINDOWS\system32\Cache\dating.bmp
C:\WINDOWS\system32\Cache\figures.bmp
C:\WINDOWS\system32\Cache\financial.bmp
C:\WINDOWS\system32\Cache\gambling.bmp
C:\WINDOWS\system32\Cache\herbal.bmp
C:\WINDOWS\system32\Cache\microsoft access1.bmp
C:\WINDOWS\system32\Cache\microsoft access12.bmp
C:\WINDOWS\system32\Cache\msg.bin
C:\WINDOWS\system32\Cache\opened box yellow.bmp
C:\WINDOWS\system32\Cache\peoples 11.bmp
C:\WINDOWS\system32\Cache\search find 2.bmp
C:\WINDOWS\system32\Cache\search find.bmp
C:\WINDOWS\system32\Cache\shopping.bmp
C:\WINDOWS\system32\Cache\showbtn.bmp
C:\WINDOWS\system32\Cache\travel.bmp
C:\WINDOWS\system32\Cache\websearch.bmp
C:\WINDOWS\system32\proper.exe
C:\WINDOWS\system32\winter.exe

.
((((((((((((((((((((((((((((( Fichiers créés 2007-10-06 to 2007-11-06 ))))))))))))))))))))))))))))))))))))
.

2007-11-06 01:24 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-06 00:59 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
2007-11-05 22:19 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-05 22:18 <REP> d-------- C:\Program Files\Spyware Doctor
2007-11-05 22:18 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\PC Tools
2007-11-05 22:18 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2007-11-05 22:18 79,688 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2007-11-05 22:18 62,280 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2007-11-05 22:18 41,288 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2007-11-05 22:18 29,000 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2007-11-05 22:13 <REP> d-------- C:\Program Files\Picasa2
2007-11-05 22:12 <REP> d-------- C:\Program Files\Norton Security Scan
2007-11-05 22:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2007-11-04 03:13 <REP> d-------- C:\Program Files\Sports Interactive
2007-11-01 21:50 <REP> d-------- C:\Program Files\Fichiers communs\NSV
2007-10-27 12:24 582,656 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-05 21:17 --------- d-----w C:\Program Files\Google
2007-11-04 01:49 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2007-10-07 00:57 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\uTorrent
2007-10-05 13:41 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Media Player Classic
2007-09-23 08:51 --------- d-----w C:\Program Files\K-Lite Codec Pack
2007-09-23 08:28 --------- d-----w C:\Program Files\Webteh
2007-09-23 08:27 --------- d-----w C:\Program Files\DivX
2007-09-23 08:27 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\DivX
2007-09-23 08:26 --------- d-----w C:\Program Files\InterVideo
2007-09-20 22:41 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\BSplayer
2007-09-20 00:07 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\BSplayer Pro
2007-09-19 23:45 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Uniblue
2007-09-07 21:30 --------- d-----w C:\Program Files\uTorrent
2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-01-08 23:47 24,424 -c--a-w C:\Documents and Settings\Administrateur\Application Data\GDIPFONTCACHEV1.DAT
2006-05-20 22:30 28 -c--a-w C:\Documents and Settings\Administrateur\Application Data\tvmcwrd.dll
2006-05-19 23:22 519,229 -c--a-w C:\Documents and Settings\Administrateur\Application Data\tvmknwrd.dll
2006-02-24 23:46 30 -c--a-w C:\Documents and Settings\pharma.interne\Application Data\tvmcwrd.dll
2006-02-20 22:13 46 -c--a-w C:\Documents and Settings\pharma.interne\Application Data\tvmuknwrd.dll
2006-02-20 22:12 115 -c--a-w C:\Documents and Settings\pharma.interne\Application Data\tvmdmns.dll
2006-01-15 18:47 484,311 -c--a-w C:\Documents and Settings\pharma.interne\Application Data\tvmknwrd.dll
2005-08-19 19:01 22,448 -c--a-w C:\Documents and Settings\pharma.interne\Application Data\GDIPFONTCACHEV1.DAT
2005-08-14 15:12 38 -c--a-w C:\Documents and Settings\NetworkService\Application Data\tvmuknwrd.dll
2004-08-02 17:12 11,265,432 -c--a-w C:\Documents and Settings\My Downloads\RealPlayer10GOLD_fr.exe
2004-08-02 17:08 10,200,432 -c--a-w C:\Documents and Settings\My Downloads\RealPlayer10GOLD.exe
2004-02-08 04:12 212,992 -c--a-w C:\WINDOWS\inf\DriverRemover.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"xwgcc"="C:\WINDOWS\system32\ihczxbw.exe" []
"xopyfdgk"="C:\WINDOWS\system32\znlvvi.exe" []
"xgbxoal"="C:\WINDOWS\system32\nsecqvf.exe" []
"wucm"="C:\WINDOWS\system32\rrts.exe" []
"wiesxer"="C:\WINDOWS\system32\mwkyvh.exe" []
"WG511WLU"="C:\Program Files\NETGEAR\WG511\Utility\WG511WLU.exe" [2004-04-29 18:28]
"vrbkuyq"="C:\WINDOWS\system32\swkziqox.exe" []
"vptray"="C:\Program Files\NavNT\vptray.exe" [2001-09-26 17:06]
"uzoag"="C:\WINDOWS\system32\awlmzupf.exe" []
"uxylb"="C:\WINDOWS\system32\xuvozoc.exe" []
"ufexgwv"="C:\WINDOWS\system32\xyklmpvt.exe" []
"topzm"="C:\WINDOWS\system32\cmtuefq.exe" []
"tkmmd"="C:\WINDOWS\system32\plvvsr.exe" []
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 03:00]
"SmcService"="C:\PROGRA~1\Sygate\SPF\smc.exe" [2004-10-15 19:40]
"shflbrev"="C:\WINDOWS\system32\ertpy.exe" []
"sacnr"="C:\WINDOWS\system32\rvdrbkgn.exe" []
"ruefgmk"="C:\WINDOWS\system32\bqpg.exe" []
"REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [2002-02-04 21:32]
"qqicrf"="C:\WINDOWS\system32\zewhqfe.exe" []
"qlquezr"="C:\WINDOWS\system32\pily.exe" []
"pggq"="C:\WINDOWS\system32\uaqwhwsr.exe" []
"pbkcnu"="C:\WINDOWS\system32\cuioq.exe" []
"okzkp"="C:\WINDOWS\system32\gbzzcb.exe" []
"ojtc"="C:\WINDOWS\system32\zhapw.exe" []
"oepqv"="C:\WINDOWS\system32\lsvqqkny.exe" []
"nrdjm"="C:\WINDOWS\system32\toowxm.exe" []
"njmnbd"="C:\WINDOWS\system32\eiixsax.exe" []
"muociqp"="C:\WINDOWS\system32\xkqo.exe" []
"mtyiu"="C:\WINDOWS\system32\quttt.exe" []
"mqqusps"="C:\WINDOWS\system32\ekbg.exe" []
"mmtask"="c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe" [2003-06-26 16:04]
"lyfwbawx"="C:\WINDOWS\system32\jzzetpss.exe" []
"ljzu"="C:\WINDOWS\system32\yfim.exe" []
"lhbhb"="C:\WINDOWS\system32\xtcxx.exe" []
"kulof"="C:\WINDOWS\system32\eaiowfa.exe" []
"kljv"="C:\WINDOWS\system32\bmbwivxk.exe" []
"juvyue"="C:\WINDOWS\system32\rnbo.exe" []
"jlormaw"="C:\WINDOWS\system32\mlhl.exe" []
"jdvqrf"="C:\WINDOWS\system32\awtyp.exe" []
"iwbmk"="C:\WINDOWS\system32\yxbz.exe" []
"isijkn"="C:\WINDOWS\system32\kasxbm.exe" []
"imjzb"="C:\WINDOWS\system32\uocf.exe" []
"hxwml"="C:\WINDOWS\system32\xypjv.exe" []
"hofuglo"="C:\WINDOWS\system32\ftwd.exe" []
"gtfsav"="C:\WINDOWS\system32\ojtz.exe" []
"ggkaqjp"="C:\WINDOWS\system32\dqhue.exe" []
"gdkt"="C:\WINDOWS\system32\xzfiqz.exe" []
"gcwoj"="C:\WINDOWS\system32\lijzyklf.exe" []
"flaf"="C:\WINDOWS\system32\evipplyh.exe" []
"fdqlh"="C:\WINDOWS\system32\pcgty.exe" []
"crkd"="C:\WINDOWS\system32\xhsono.exe" []
"crbj"="C:\WINDOWS\system32\yjdjvt.exe" []
"cleozfb"="C:\WINDOWS\system32\nfmdnwpi.exe" []
"CARPService"="carpserv.exe" [2003-05-21 14:35 C:\WINDOWS\system32\carpserv.exe]
"bwxv"="C:\WINDOWS\system32\appoak.exe" []
"ATIPTA"="C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2004-05-15 21:00]
"arxduhoz"="C:\WINDOWS\system32\iynfabkh.exe" []
"arndg"="C:\WINDOWS\system32\zwums.exe" []
"abgsit"="C:\WINDOWS\system32\fusws.exe" []
"aaxwpexy"="C:\WINDOWS\system32\hwyglnlv.exe" []
"NsUpdate"="C:\WINDOWS\NsUpdate.exe" []
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 15:17]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 05:24]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-11-05 22:09]
"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [2007-10-02 16:27]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-11-06 00:56]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JavaUpdate0.07"="C:\WINDOWS\system32\vgci.exe" []
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2007-08-30 17:43]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:09]
"Configuration de la neuf Box"="C:\Program Files\neuf telecom\neuf Box\Wizard\QuickAccess.exe" [2005-12-13 14:19]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" []
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" []

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 08:01:04]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-11-05 22:08:03]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=skuns.dat C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"

R3 AWINDIS5;AWINDIS5 Protocol Driver;\??\C:\WINDOWS\system32\AWINDIS5.SYS
R3 CALIAUD;Conexant AMC 3D Environmental Audio;C:\WINDOWS\system32\drivers\caliaud.sys
R3 CALIHALA;CALIHALA;C:\WINDOWS\system32\drivers\calihal.sys
R3 DP83815;National Semiconductor Corp. DP83815/816 NDIS 5.0 Miniport Driver;C:\WINDOWS\system32\DRIVERS\DP83815.SYS
R3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;C:\WINDOWS\system32\DRIVERS\WlanUIG.sys
S3 FA312;Pilote de la carte Fast Ethernet FA330/FA312/FA311 NETGEAR;C:\WINDOWS\system32\DRIVERS\FA312nd5.sys
S3 k510bus;Sony Ericsson K510 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\k510bus.sys
S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k510mdfl.sys
S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\k510mdm.sys
S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\k510mgmt.sys
S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\k510obex.sys
S3 PRISM_ICB;NETGEAR WG511 Wireless LAN Driver;C:\WINDOWS\system32\DRIVERS\WG511ICB.sys
S3 SQLWriter;Enregistreur VSS SQL Server;"c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe"
S3 WinPhlash;WinPhlash;\??\c:\SWSetup\sp27331\PHLASHNT.SYS

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e3cecad3-1a5c-11db-ab2a-000e7f6f4d87}]
\Shell\AutoRun\command - E:\LaunchU3.exe

*Newly Created Service* - CATCHME
*Newly Created Service* - GOOGLEDESKTOPMANAGER
*Newly Created Service* - GUSVC
*Newly Created Service* - IKFILESEC
*Newly Created Service* - IKSYSFLT
*Newly Created Service* - IKSYSSEC
*Newly Created Service* - MCHINJDRV
*Newly Created Service* - SDAUXSERVICE
*Newly Created Service* - SDCORESERVICE
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-09-07 18:52:08 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-11-05 21:12:17 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
.
**************************************************************************

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-06 01:36:55
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-06 1:38:34
.
--- E O F ---



Merci pour votre aide

ComboFix 07-11-05.2 - pnguewou 2007-11-06 23:38:53.2 - NTFSx86
Running from: C:\Documents and Settings\Administrateur\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Administrateur\Bureau\CFScript.txt..txt
* Created a new restore point
.

((((((((((((((((((((((((((((( Fichiers créés 2007-10-06 to 2007-11-06 ))))))))))))))))))))))))))))))))))))
.

2007-11-06 01:24 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-11-06 00:59 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
2007-11-05 22:19 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-11-05 22:18 <REP> d-------- C:\Program Files\Spyware Doctor
2007-11-05 22:18 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\PC Tools
2007-11-05 22:18 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2007-11-05 22:18 79,688 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2007-11-05 22:18 62,280 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2007-11-05 22:18 41,288 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2007-11-05 22:18 29,000 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2007-11-05 22:13 <REP> d-------- C:\Program Files\Picasa2
2007-11-05 22:12 <REP> d-------- C:\Program Files\Norton Security Scan
2007-11-05 22:08 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2007-11-04 03:13 <REP> d-------- C:\Program Files\Sports Interactive
2007-11-01 21:50 <REP> d-------- C:\Program Files\Fichiers communs\NSV
2007-10-27 12:24 582,656 -----c--- C:\WINDOWS\system32\dllcache\rpcrt4.dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-05 21:17 --------- d-----w C:\Program Files\Google
2007-11-04 01:49 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2007-10-07 00:57 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\uTorrent
2007-10-05 13:41 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Media Player Classic
2007-09-23 08:51 --------- d-----w C:\Program Files\K-Lite Codec Pack
2007-09-23 08:28 --------- d-----w C:\Program Files\Webteh
2007-09-23 08:27 --------- d-----w C:\Program Files\DivX
2007-09-23 08:27 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\DivX
2007-09-23 08:26 --------- d-----w C:\Program Files\InterVideo
2007-09-20 22:41 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\BSplayer
2007-09-20 00:07 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\BSplayer Pro
2007-09-19 23:45 --------- d-----w C:\Documents and Settings\Administrateur\Application Data\Uniblue
2007-09-07 21:30 --------- d-----w C:\Program Files\uTorrent
2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-01-08 23:47 24,424 -c--a-w C:\Documents and Settings\Administrateur\Application Data\GDIPFONTCACHEV1.DAT
2006-05-20 22:30 28 -c--a-w C:\Documents and Settings\Administrateur\Application Data\tvmcwrd.dll
2006-05-19 23:22 519,229 -c--a-w C:\Documents and Settings\Administrateur\Application Data\tvmknwrd.dll
2006-02-24 23:46 30 -c--a-w C:\Documents and Settings\pharma.interne\Application Data\tvmcwrd.dll
2006-02-20 22:13 46 -c--a-w C:\Documents and Settings\pharma.interne\Application Data\tvmuknwrd.dll
2006-02-20 22:12 115 -c--a-w C:\Documents and Settings\pharma.interne\Application Data\tvmdmns.dll
2006-01-15 18:47 484,311 -c--a-w C:\Documents and Settings\pharma.interne\Application Data\tvmknwrd.dll
2005-08-19 19:01 22,448 -c--a-w C:\Documents and Settings\pharma.interne\Application Data\GDIPFONTCACHEV1.DAT
2005-08-14 15:12 38 -c--a-w C:\Documents and Settings\NetworkService\Application Data\tvmuknwrd.dll
2004-08-02 17:12 11,265,432 -c--a-w C:\Documents and Settings\My Downloads\RealPlayer10GOLD_fr.exe
2004-08-02 17:08 10,200,432 -c--a-w C:\Documents and Settings\My Downloads\RealPlayer10GOLD.exe
2004-02-08 04:12 212,992 -c--a-w C:\WINDOWS\inf\DriverRemover.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"JavaUpdate0.07"="C:\WINDOWS\system32\vgci.exe" []
"Yahoo! Pager"="C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.exe" [2007-08-30 17:43]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:09]
"Configuration de la neuf Box"="C:\Program Files\neuf telecom\neuf Box\Wizard\QuickAccess.exe" [2005-12-13 14:19]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" []
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" []

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 08:01:04]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-11-05 22:08:03]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=skuns.dat C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice"

R3 AWINDIS5;AWINDIS5 Protocol Driver;\??\C:\WINDOWS\system32\AWINDIS5.SYS
R3 CALIAUD;Conexant AMC 3D Environmental Audio;C:\WINDOWS\system32\drivers\caliaud.sys
R3 CALIHALA;CALIHALA;C:\WINDOWS\system32\drivers\calihal.sys
R3 DP83815;National Semiconductor Corp. DP83815/816 NDIS 5.0 Miniport Driver;C:\WINDOWS\system32\DRIVERS\DP83815.SYS
R3 WlanUIG;Sagem 802.11g Wireless LAN USB Adapter Driver;C:\WINDOWS\system32\DRIVERS\WlanUIG.sys
S3 FA312;Pilote de la carte Fast Ethernet FA330/FA312/FA311 NETGEAR;C:\WINDOWS\system32\DRIVERS\FA312nd5.sys
S3 k510bus;Sony Ericsson K510 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\k510bus.sys
S3 k510mdfl;Sony Ericsson K510 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k510mdfl.sys
S3 k510mdm;Sony Ericsson K510 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\k510mdm.sys
S3 k510mgmt;Sony Ericsson K510 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\k510mgmt.sys
S3 k510obex;Sony Ericsson K510 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\k510obex.sys
S3 PRISM_ICB;NETGEAR WG511 Wireless LAN Driver;C:\WINDOWS\system32\DRIVERS\WG511ICB.sys
S3 WinPhlash;WinPhlash;\??\c:\SWSetup\sp27331\PHLASHNT.SYS

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e3cecad3-1a5c-11db-ab2a-000e7f6f4d87}]
\Shell\AutoRun\command - E:\LaunchU3.exe

*Newly Created Service* - CATCHME
*Newly Created Service* - GOOGLEDESKTOPMANAGER
*Newly Created Service* - GUSVC
*Newly Created Service* - IKFILESEC
*Newly Created Service* - IKSYSFLT
*Newly Created Service* - IKSYSSEC
*Newly Created Service* - MCHINJDRV
*Newly Created Service* - SDAUXSERVICE
*Newly Created Service* - SDCORESERVICE
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-09-07 18:52:08 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-11-05 21:12:17 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
.
**************************************************************************

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-06 23:44:21
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-11-06 23:46:17
C:\ComboFix2.txt ... 2007-11-06 01:38
.
--- E O F ---

Windows update est également à nouveau accessible. Dois je déjà télécharger les mises à jour de sécurité proposées?

Reposte un rapport Hijackthis.

C'est mieux ?

Je ne parviens pas à me connecter à symantec pour mettre à jour mes définitions de virus . Est ce le site qui a un problème ou c'est dû à qqchose dans mon pc?

Bonjour,
L'emplacement de l'application combofix est C:\Documents and Settings\Administrateur\Bureau
Par contre le terme qoobox ne me dit rien.
Faut t'il désinstaller Combofix?

COMMENT FAIT ON UNE RECHERCHE AVEC ERUNT? C'EST UN LOGICCIEL DE SAUVEGARDE NON?

je ne trouve aucun fichier erunt dans le système

oui, je viens de refaire une nouelle recherche: pas de fichier Erunt sur ce pc. C'est anormal?

Non, mais j'ai trouvé ça: C:\Windows\Erdnt .
C'est la même chose?

Le fichier Erdnt contient trois dossiers:
- le premier s'apelle 10-11-2007
- le second s'appelle AutoBackup
- le troisième s'appelle Subs

Voici le contenu du dossier 10-11-2007. Je ne vois pas. Seuls trois fichiers ont leur suffixe affiché:
ERDNT.COM
ERDNTWIN.LOC
ERDNTl (cf; fichier semblant être un exceptionel
A part ça, on a:
- des fichiers sans sufixe annoncé (software, default, SAM, system, ERDNT, security)

Pardon, je crois que je somnolais déjà. Le contenu du dossier 10-11-2007
est le suivant. 3 fichiers avec leur suffixe annoncé:
- ERDNT.CON
- ERDNTWIN.LOC
- EDNTDOS.LOC
A part ça, on a des fichiers sans suffixe annoncé:
- ERDNT (Informations de configuration)
- software,
- default,
- SAM,
- system,
- SECURITY
- une icone ERDNT qui doit être une fichier executable (Application)
Un dossier Users contenant deux dossiers:
- le premier s'appelant 00000001 qui contient un fichier DAT nommé ntuser
- le second s'appelant 00000002 qui contient un fichier DAT nommé UsrClass

Dans tes points de restauration, quel est le plus proche ?

Essaie de restaurer.

mon pc est devenu lent, et mon antivirus ne semble plus capable de détecter les infections.

bonjour, en lisant ce forum je me rends compte que je ne suis pas le eul a avoir des problemes de virus. En effet j'ai donc le meme probleme du fait que j'ai des restrictions sur mon ordi car mes droits admin sont supprimés, pas d'acces à mon panneau de configuration...
Pouvez vous m'aider?

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX