Se connecter / S'enregistrer
Votre question

Metajan trojan Comment le supprimer rappor avec hijackthis

Tags :
  • Trojan
  • Sécurité
Dernière réponse : dans Sécurité et virus
14 Octobre 2008 20:05:41

Voila j'ai installé un programme et il c'est averé que c'etait un virus.
j'ai fait un scan avec norton et j'ai trouvé pas male truck et de trojan dont meajuan :cry:  j'ai fit plusieur recherche et j'ai fais un scan avec
hijackthis voila ce qu'il me dit :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:52:04, on 14/10/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\WiFiConnector\NintendoWFCReg.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [bc753c5a] rundll32.exe "C:\WINDOWS\system32\opptgdiv.dll",b
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Global Startup: Lancer l'utilitaire d'enregistrement.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\smat\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/webplayer/stage6/windows/AutoD...
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD40/JSCDL/jre/6u5-b19/jinstal...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O20 - AppInit_DLLs: nfkzgu.dll ealazw.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Pro Personnel 2007.SP1\Win32\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Pro Personnel 2007.SP1\RpcSandraSrv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 9070 bytes

je crois que c'est la démarche a suivre mais je ne suis pas sure aider moi S.V.P !!!

Autres pages sur : metajan trojan supprimer rappor hijackthis

14 Octobre 2008 21:02:47

s'il vous plait aider moi jarrive pus a rien avec ce virus j'ai 10 000 fenetre qui s'affiche !
14 Octobre 2008 21:26:15

bonsoir

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM


    Contenus similaires
    a b 8 Sécurité
    14 Octobre 2008 21:27:33

    Un bonjour ?

    [#ff0000]! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]

  • Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

    AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
    * le nom de la partition peut changer
    a b 8 Sécurité
    14 Octobre 2008 21:27:57

    :D 
    14 Octobre 2008 21:36:12

    dans l'ordre smat84
    d'abord MalwareByte's Anti-Malware et après ComboFix.

    Angeldark fera le script, ça l'occupera. :whistle: 
    a b 8 Sécurité
    15 Octobre 2008 12:34:13

    On verra si je le fais :D 
    15 Octobre 2008 12:36:32

    Voila le rapport de malwarebyte :

    Malwarebytes' Anti-Malware 1.28
    Version de la base de données: 1270
    Windows 5.1.2600 Service Pack 2

    15/10/2008 07:42:02
    mbam-log-2008-10-15 (07-41-54).txt

    Type de recherche: Examen complet (C:\|I:\|)
    Eléments examinés: 183284
    Temps écoulé: 1 hour(s), 59 minute(s), 13 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 3
    Clé(s) du Registre infectée(s): 11
    Valeur(s) du Registre infectée(s): 2
    Elément(s) de données du Registre infecté(s): 2
    Dossier(s) infecté(s): 0
    Fichier(s) infecté(s): 47

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    C:\WINDOWS\system32\mguahovo.dll (Trojan.Vundo.H) -> No action taken.
    C:\WINDOWS\system32\xxyvwTli.dll (Trojan.Vundo.H) -> No action taken.
    C:\WINDOWS\system32\rqRHxutR.dll (Trojan.Vundo) -> No action taken.

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c40d54ef-a0ee-40f9-ab47-62e18c16914e} (Trojan.Vundo.H) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{c40d54ef-a0ee-40f9-ab47-62e18c16914e} (Trojan.Vundo.H) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{20d23232-aed6-490d-a3c2-f08ba539a1fe} (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{20d23232-aed6-490d-a3c2-f08ba539a1fe} (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\rqrhxutr (Trojan.Vundo) -> No action taken.
    HKEY_CLASSES_ROOT\CLSID\{77f69c64-970e-41ad-9f8a-96a307251116} (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77f69c64-970e-41ad-9f8a-96a307251116} (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Track System (Trojan.Vundo) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> No action taken.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\bc753c5a (Trojan.Vundo.H) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{20d23232-aed6-490d-a3c2-f08ba539a1fe} (Trojan.Vundo) -> No action taken.

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Notification Packages (Trojan.Vundo.H) -> Data: c:\windows\system32\xxyvwtli -> No action taken.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\xxyvwtli -> No action taken.

    Dossier(s) infecté(s):
    (Aucun élément nuisible détecté)

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\xxyvwTli.dll (Trojan.Vundo.H) -> No action taken.
    C:\WINDOWS\system32\ilTwvyxx.ini (Trojan.Vundo.H) -> No action taken.
    C:\WINDOWS\system32\ilTwvyxx.ini2 (Trojan.Vundo.H) -> No action taken.
    C:\WINDOWS\system32\mguahovo.dll (Trojan.Vundo.H) -> No action taken.
    C:\WINDOWS\system32\ovohaugm.ini (Trojan.Vundo.H) -> No action taken.
    C:\WINDOWS\system32\rqRHxutR.dll (Trojan.Vundo) -> No action taken.
    C:\Program Files\Everest Poker\casino.exe (Adware.Adorable casino) -> No action taken.
    C:\Program Files\Everest Poker\gvcrt.dll (Adware.Adorable casino) -> No action taken.
    C:\Program Files\Everest Poker\gvmain.exe (Adware.Adorable casino) -> No action taken.
    C:\Documents and Settings\célya\Local Settings\Temporary Internet Files\Content.IE5\3GVQG3FZ\upd105320[1] (Trojan.Vundo) -> No action taken.
    C:\Documents and Settings\célya\Local Settings\Temporary Internet Files\Content.IE5\DM4SJFNV\nd82m0[1] (Trojan.Vundo) -> No action taken.
    C:\Documents and Settings\célya\Local Settings\Temporary Internet Files\Content.IE5\M7CH14PK\cntr[1] (Trojan.Vundo) -> No action taken.
    C:\Documents and Settings\smat\Local Settings\Temporary Internet Files\Content.IE5\TWMHLJYR\upd105320[1] (Trojan.Vundo) -> No action taken.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\btswebya.dll.vir (Trojan.Vundo) -> No action taken.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\dvcbbn.dll.vir (Trojan.Vundo) -> No action taken.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\fbfcbbnl.dll.vir (Trojan.Vundo) -> No action taken.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\mspxunqe.dll.vir (Trojan.Vundo) -> No action taken.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\pwotuu.dll.vir (Trojan.Vundo) -> No action taken.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\uifkllep.dll.vir (Trojan.Vundo) -> No action taken.
    C:\Qoobox\Quarantine\C\WINDOWS\system32\yayXrsts.dll.vir (Trojan.Vundo) -> No action taken.
    C:\System Volume Information\_restore{74E5A79A-EC5C-4068-ABF9-6A20D5577D0D}\RP329\A0159852.dll (Trojan.Vundo) -> No action taken.
    C:\System Volume Information\_restore{74E5A79A-EC5C-4068-ABF9-6A20D5577D0D}\RP329\A0159853.dll (Trojan.Vundo) -> No action taken.
    C:\System Volume Information\_restore{74E5A79A-EC5C-4068-ABF9-6A20D5577D0D}\RP330\A0160942.dll (Trojan.Vundo) -> No action taken.
    C:\System Volume Information\_restore{74E5A79A-EC5C-4068-ABF9-6A20D5577D0D}\RP332\A0162140.dll (Trojan.Vundo) -> No action taken.
    C:\System Volume Information\_restore{74E5A79A-EC5C-4068-ABF9-6A20D5577D0D}\RP332\A0162141.dll (Trojan.Vundo) -> No action taken.
    C:\System Volume Information\_restore{74E5A79A-EC5C-4068-ABF9-6A20D5577D0D}\RP333\A0162340.dll (Trojan.Vundo) -> No action taken.
    C:\System Volume Information\_restore{74E5A79A-EC5C-4068-ABF9-6A20D5577D0D}\RP333\A0162332.dll (Trojan.Vundo) -> No action taken.
    C:\System Volume Information\_restore{74E5A79A-EC5C-4068-ABF9-6A20D5577D0D}\RP333\A0162334.dll (Trojan.Vundo) -> No action taken.
    C:\System Volume Information\_restore{74E5A79A-EC5C-4068-ABF9-6A20D5577D0D}\RP333\A0162335.dll (Trojan.Vundo) -> No action taken.
    C:\System Volume Information\_restore{74E5A79A-EC5C-4068-ABF9-6A20D5577D0D}\RP333\A0162337.dll (Trojan.Vundo) -> No action taken.
    C:\System Volume Information\_restore{74E5A79A-EC5C-4068-ABF9-6A20D5577D0D}\RP333\A0162338.dll (Trojan.Vundo) -> No action taken.
    C:\System Volume Information\_restore{74E5A79A-EC5C-4068-ABF9-6A20D5577D0D}\RP333\A0162339.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\otvnvwee.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\qladstuk.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\vtUnlIcB.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\geBrsPij.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\awtusspq.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\wvUkIAQH.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\xwtehx.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\yaywxvss.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\iiffDsSj.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\byXQHyay.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\ljJbCVlM.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\ljJDWPGV.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\pmnNFwUl.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\tuvspPjK.dll (Trojan.Vundo) -> No action taken.
    C:\WINDOWS\system32\holtrbsh.dll (Trojan.Vundo) -> No action taken.


    et voila celui de combofix:

    ComboFix 08-10-12.01 - smat 2008-10-15 12:30:51.5 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1566 [GMT 2:00]
    Lancé depuis: C:\Documents and Settings\smat\Bureau\ComboFix.exe

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    ((((((((((((((((((((((((((((( Fichiers créés du 2008-09-15 au 2008-10-15 ))))))))))))))))))))))))))))))))))))
    .

    2008-10-14 21:46 . 2008-10-14 21:46 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-14 21:46 . 2008-10-14 21:46 <REP> d-------- C:\Documents and Settings\smat\Application Data\Malwarebytes
    2008-10-14 21:46 . 2008-10-14 21:46 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-10-14 21:46 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-10-14 21:46 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-10-13 22:59 . 2008-10-13 23:33 <REP> d-------- C:\WINDOWS\BDOSCAN8
    2008-10-13 22:50 . 2008-10-13 22:50 <REP> d-------- C:\_OTMoveIt
    2008-10-13 22:48 . 2008-10-13 22:56 <REP> d-------- C:\Documents and Settings\smat\.SunDownloadManager
    2008-10-13 22:34 . 2008-10-13 22:34 <REP> d-------- C:\VundoFix Backups
    2008-10-13 21:34 . 2008-10-13 21:34 <REP> d-------- C:\Program Files\Trend Micro
    2008-10-11 19:49 . 2008-10-11 19:49 <REP> d-------- C:\Program Files\uTorrent
    2008-10-09 20:02 . 2008-10-09 20:02 <REP> d-------- C:\Program Files\K!TV
    2008-10-05 21:58 . 2008-10-11 10:42 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TrackMania
    2008-10-05 21:55 . 2008-10-05 21:57 <REP> d-------- C:\Program Files\TmNationsForever
    2008-10-05 20:48 . 2008-10-05 21:04 <REP> d-------- C:\Program Files\TrackMania Nations ESWC
    2008-09-28 10:21 . 2008-09-28 10:21 <REP> d-------- C:\Documents and Settings\smat\Application Data\ItsLabel
    2008-09-18 02:41 . 2008-09-18 02:41 42,320 --a------ C:\WINDOWS\system32\xfcodec.dll

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-10-15 10:32 27,826,208 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
    2008-10-15 05:43 326,768 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
    2008-10-15 05:42 --------- d-----w C:\Program Files\Everest Poker
    2008-10-14 20:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
    2008-10-14 19:33 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
    2008-10-14 19:33 --------- d-----w C:\Documents and Settings\smat\Application Data\Symantec
    2008-10-14 18:57 159,992 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
    2008-10-14 18:56 182,928 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
    2008-10-14 17:51 --------- d-----w C:\Program Files\Symantec
    2008-10-13 21:13 --------- d-----w C:\Program Files\MultiMedia France Toolbar
    2008-10-13 19:59 3,310,157 ----a-w C:\WINDOWS\Internet Logs\tvDebug.zip
    2008-10-12 19:26 --------- d-----w C:\Documents and Settings\smat\Application Data\uTorrent
    2008-10-12 07:58 --------- d-----w C:\Program Files\particleIllusion 3.0 demo
    2008-10-12 07:45 --------- d-----w C:\Program Files\Fichiers communs\Adobe
    2008-10-11 22:06 --------- d-----w C:\Documents and Settings\smat\Application Data\EoRezo
    2008-10-11 21:56 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-10-11 21:51 --------- d-----w C:\Program Files\Conquete 2.0
    2008-10-11 21:45 --------- d-----w C:\Program Files\EA SPORTS
    2008-10-11 16:33 --------- d-----w C:\Program Files\eMule
    2008-10-11 11:44 --------- d-----w C:\Program Files\WarRock
    2008-10-10 20:32 --------- d-----w C:\Documents and Settings\smat\Application Data\Xfire
    2008-10-09 14:36 --------- d-----w C:\Program Files\Xfire
    2008-10-06 10:42 --------- d-----w C:\Program Files\FlashGet
    2008-09-27 21:28 --------- d-----w C:\Program Files\EoRezo
    2008-09-06 06:09 --------- d-----w C:\Program Files\LogMeIn
    2008-09-04 19:28 --------- d-----w C:\Program Files\VirtualDJ
    2008-09-04 19:25 --------- d-----w C:\Program Files\DJ Mix Lite
    2008-09-03 11:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\LogMeIn
    2008-09-01 08:07 --------- d-----w C:\Program Files\Messenger Plus! Live
    2008-08-29 10:45 --------- d-----w C:\Documents and Settings\smat\Application Data\teamspeak2
    2008-08-17 09:26 --------- d-----w C:\Documents and Settings\smat\Application Data\Ubisoft
    2008-08-17 09:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ubisoft
    2008-08-17 09:05 --------- d-----w C:\Program Files\Ubisoft
    2008-08-16 17:30 --------- d-----w C:\Program Files\ManyCam 2.3
    2008-08-16 17:28 --------- d-----w C:\Program Files\ManyCam 2.2
    2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
    2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
    2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
    2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
    2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
    2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
    2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
    2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
    2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
    2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
    2008-07-18 18:39 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
    2008-01-25 15:36 22,328 ----a-w C:\Documents and Settings\smat\Application Data\PnkBstrK.sys
    .

    ((((((((((((((((((((((((((((( snapshot@2008-10-13_22.07.20.53 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2008-10-13 20:59:37 45,056 ----a-w C:\WINDOWS\BDOSCAN8\avxdisk.dll
    + 2008-10-13 20:59:37 10,240 ----a-w C:\WINDOWS\BDOSCAN8\avxs.dll
    + 2008-10-13 20:59:37 27,136 ----a-w C:\WINDOWS\BDOSCAN8\avxt.dll
    + 2008-10-13 20:59:39 102,400 ----a-w C:\WINDOWS\BDOSCAN8\bdcore.dll
    + 2006-05-24 23:21:00 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll
    + 2006-05-24 23:21:14 53,248 ----a-w C:\WINDOWS\BDOSCAN8\ipsupd.dll
    + 2008-10-13 20:59:39 142,848 ----a-w C:\WINDOWS\BDOSCAN8\libfn.dll
    + 2008-10-13 20:59:38 86,016 ----a-w C:\WINDOWS\BDOSCAN8\librtvr.dll
    + 2006-05-24 23:22:06 53,248 ----a-w C:\WINDOWS\bdoscandel.exe
    + 2006-05-24 23:21:00 118,784 ----a-w C:\WINDOWS\Downloaded Program Files\bdupd.dll
    + 2006-05-24 23:21:14 53,248 ----a-w C:\WINDOWS\Downloaded Program Files\ipsupd.dll
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 15360]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]
    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 1694208]
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 8523776]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-30 98304]
    "Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 15360]
    "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Lancer l'utilitaire d'enregistrement.lnk - C:\Program Files\WiFiConnector\NintendoWFCReg.exe [2007-11-18 1073152]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
    2008-05-28 12:32 87352 C:\WINDOWS\system32\LMIinit.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=nfkzgu.dll ealazw.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "msacm.enc"= ITIG726.acm
    "VIDC.HFYU"= huffyuv.dll
    "VIDC.XFR1"= xfcodec.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GhostStartTrayApp]
    --a------ 2002-08-19 12:58 94208 C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    --------- 2004-10-13 18:24 1694208 C:\Program Files\Messenger\msmsgs.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    --a------ 2007-03-09 19:53 153136 C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\SiSoftware\\SiSoftware Sandra Pro Personnel 2007.SP1\\sandra.exe"=
    "C:\\Program Files\\SiSoftware\\SiSoftware Sandra Pro Personnel 2007.SP1\\RpcSandraSrv.exe"=
    "C:\\Program Files\\SiSoftware\\SiSoftware Sandra Pro Personnel 2007.SP1\\Win32\\RpcDataSrv.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe"=
    "C:\\Program Files\\WiFiConnector\\NintendoWFCReg.exe"=
    "C:\\WINDOWS\\system32\\PnkBstrA.exe"=
    "C:\\WINDOWS\\system32\\PnkBstrB.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\Xfire\\xfire.exe"=
    "C:\\Program Files\\eMule\\emule.exe"=
    "C:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=
    "C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
    "C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
    "C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
    "C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
    "C:\\Program Files\\uTorrent\\uTorrent.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "21335:TCP"= 21335:TCP:BitComet 21335 TCP
    "21335:UDP"= 21335:UDP:BitComet 21335 UDP

    R1 GhPciScan;GhostPciScanner;C:\Program Files\Symantec\Norton Ghost 2003\ghpciscan.sys [2002-08-14 5632]
    R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\LogMeIn\x86\RaInfo.sys [2008-02-28 12856]
    R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2008-03-07 45848]
    R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\WINDOWS\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
    R3 SCREAMINGBDRIVER;Screaming Bee Audio;C:\WINDOWS\system32\drivers\ScreamingBAudio.sys [2008-05-15 21920]
    S3 k600bus;Sony Ericsson 600i driver (WDM);C:\WINDOWS\system32\DRIVERS\k600bus.sys [2005-05-11 52384]
    S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;C:\WINDOWS\system32\DRIVERS\k600obex.sys [2005-05-11 77072]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c29e5ccf-ca50-11dc-84a1-000d0bffd1f9}]
    \Shell\AutoRun\command - K:\setup\rsrc\Autorun.exe
    \Shell\dinstall\command - K:\Directx\dxsetup.exe

    *Newly Created Service* - CATCHME
    .
    .
    ------- Examen supplémentaire -------
    .
    FireFox -: Profile - C:\Documents and Settings\smat\Application Data\Mozilla\Firefox\Profiles\xdz70uw6.default\
    FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://lo.st
    FF -: plugin - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll
    .

    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-15 12:32:03
    Windows 5.1.2600 Service Pack 2 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    Heure de fin: 2008-10-15 12:33:11
    ComboFix-quarantined-files.txt 2008-10-15 10:33:06
    ComboFix2.txt 2008-10-15 05:53:18
    ComboFix3.txt 2008-10-14 19:42:13
    ComboFix4.txt 2008-10-13 20:33:05
    ComboFix5.txt 2008-10-15 10:30:38

    Avant-CF: 148 264 988 672 octets libres
    Après-CF: 148,244,111,360 octets libres

    189 --- E O F --- 2008-09-10 20:02:01

    a b 8 Sécurité
    15 Octobre 2008 12:43:54

    Tu as bien supprimé les infections avec MBAM ?
    15 Octobre 2008 12:45:56

    ben oui j'ai fai suppression mais jai fai le rapport avant la supression
    a b 8 Sécurité
    15 Octobre 2008 12:51:36

    Re,

    Bon je fais le script alors :D 

    [#ff0000]! Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    Folder::
    C:\Program Files\MultiMedia France Toolbar

    Registry::
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
    "AppInit_DLLs"=""


    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précédemment copié.
    Sauvegarde ce fichier sous le nom de "CFScript.txt" [#ff0000](les guillemets sont importantes)[/#f].

    Glisse maintenant le fichier CFScript.txt dans ComboFix.exe comme dans l'image ci-dessous :


    Cela va relancer ComboFix. Après redémarrage, poste le contenu du rapport (C:\combofix.txt*) accompagné d'un rapport HijackThis.
    [#ff0000]NOTE : S'il n'y a pas de redémarrage, poste quand même les rapports demandés.[/#f]
    * le nom de la partition peut changer
    15 Octobre 2008 13:03:12

    voila le rapport combofix :

    ComboFix 08-10-12.01 - smat 2008-10-15 12:56:49.6 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1507 [GMT 2:00]
    Lancé depuis: C:\Documents and Settings\smat\Bureau\ComboFix.exe
    Commutateurs utilisés :: C:\Documents and Settings\smat\Bureau\CFScript.txt
    * Un nouveau point de restauration a été créé

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Program Files\MultiMedia France Toolbar
    C:\Program Files\MultiMedia France Toolbar\INSTALL.LOG
    C:\Program Files\MultiMedia France Toolbar\Multi_Media_France.exe
    C:\Program Files\MultiMedia France Toolbar\Multi_Media_France.xpi
    C:\Program Files\MultiMedia France Toolbar\UNWISE.EXE

    .
    ((((((((((((((((((((((((((((( Fichiers créés du 2008-09-15 au 2008-10-15 ))))))))))))))))))))))))))))))))))))
    .

    2008-10-14 21:46 . 2008-10-14 21:46 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-14 21:46 . 2008-10-14 21:46 <REP> d-------- C:\Documents and Settings\smat\Application Data\Malwarebytes
    2008-10-14 21:46 . 2008-10-14 21:46 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-10-14 21:46 . 2008-09-10 00:04 38,528 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-10-14 21:46 . 2008-09-10 00:03 17,200 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-10-13 22:59 . 2008-10-13 23:33 <REP> d-------- C:\WINDOWS\BDOSCAN8
    2008-10-13 22:50 . 2008-10-13 22:50 <REP> d-------- C:\_OTMoveIt
    2008-10-13 22:48 . 2008-10-13 22:56 <REP> d-------- C:\Documents and Settings\smat\.SunDownloadManager
    2008-10-13 22:34 . 2008-10-13 22:34 <REP> d-------- C:\VundoFix Backups
    2008-10-13 21:34 . 2008-10-13 21:34 <REP> d-------- C:\Program Files\Trend Micro
    2008-10-11 19:49 . 2008-10-11 19:49 <REP> d-------- C:\Program Files\uTorrent
    2008-10-09 20:02 . 2008-10-09 20:02 <REP> d-------- C:\Program Files\K!TV
    2008-10-05 21:58 . 2008-10-11 10:42 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TrackMania
    2008-10-05 21:55 . 2008-10-05 21:57 <REP> d-------- C:\Program Files\TmNationsForever
    2008-10-05 20:48 . 2008-10-05 21:04 <REP> d-------- C:\Program Files\TrackMania Nations ESWC
    2008-09-28 10:21 . 2008-09-28 10:21 <REP> d-------- C:\Documents and Settings\smat\Application Data\ItsLabel
    2008-09-18 02:41 . 2008-09-18 02:41 42,320 --a------ C:\WINDOWS\system32\xfcodec.dll

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-10-15 10:58 27,918,368 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
    2008-10-15 05:43 326,768 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
    2008-10-15 05:42 --------- d-----w C:\Program Files\Everest Poker
    2008-10-14 20:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
    2008-10-14 19:33 --------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
    2008-10-14 19:33 --------- d-----w C:\Documents and Settings\smat\Application Data\Symantec
    2008-10-14 18:57 159,992 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
    2008-10-14 18:56 182,928 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
    2008-10-14 17:51 --------- d-----w C:\Program Files\Symantec
    2008-10-13 19:59 3,310,157 ----a-w C:\WINDOWS\Internet Logs\tvDebug.zip
    2008-10-12 19:26 --------- d-----w C:\Documents and Settings\smat\Application Data\uTorrent
    2008-10-12 07:58 --------- d-----w C:\Program Files\particleIllusion 3.0 demo
    2008-10-12 07:45 --------- d-----w C:\Program Files\Fichiers communs\Adobe
    2008-10-11 22:06 --------- d-----w C:\Documents and Settings\smat\Application Data\EoRezo
    2008-10-11 21:56 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-10-11 21:51 --------- d-----w C:\Program Files\Conquete 2.0
    2008-10-11 21:45 --------- d-----w C:\Program Files\EA SPORTS
    2008-10-11 16:33 --------- d-----w C:\Program Files\eMule
    2008-10-11 11:44 --------- d-----w C:\Program Files\WarRock
    2008-10-10 20:32 --------- d-----w C:\Documents and Settings\smat\Application Data\Xfire
    2008-10-09 14:36 --------- d-----w C:\Program Files\Xfire
    2008-10-06 10:42 --------- d-----w C:\Program Files\FlashGet
    2008-09-27 21:28 --------- d-----w C:\Program Files\EoRezo
    2008-09-06 06:09 --------- d-----w C:\Program Files\LogMeIn
    2008-09-04 19:28 --------- d-----w C:\Program Files\VirtualDJ
    2008-09-04 19:25 --------- d-----w C:\Program Files\DJ Mix Lite
    2008-09-03 11:05 --------- d-----w C:\Documents and Settings\All Users\Application Data\LogMeIn
    2008-09-01 08:07 --------- d-----w C:\Program Files\Messenger Plus! Live
    2008-08-29 10:45 --------- d-----w C:\Documents and Settings\smat\Application Data\teamspeak2
    2008-08-17 09:26 --------- d-----w C:\Documents and Settings\smat\Application Data\Ubisoft
    2008-08-17 09:19 --------- d-----w C:\Documents and Settings\All Users\Application Data\Ubisoft
    2008-08-17 09:05 --------- d-----w C:\Program Files\Ubisoft
    2008-08-16 17:30 --------- d-----w C:\Program Files\ManyCam 2.3
    2008-08-16 17:28 --------- d-----w C:\Program Files\ManyCam 2.2
    2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
    2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
    2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
    2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
    2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
    2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
    2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
    2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
    2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
    2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
    2008-07-18 18:39 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
    2008-01-25 15:36 22,328 ----a-w C:\Documents and Settings\smat\Application Data\PnkBstrK.sys
    .

    ((((((((((((((((((((((((((((( snapshot@2008-10-13_22.07.20.53 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2008-10-13 20:59:37 45,056 ----a-w C:\WINDOWS\BDOSCAN8\avxdisk.dll
    + 2008-10-13 20:59:37 10,240 ----a-w C:\WINDOWS\BDOSCAN8\avxs.dll
    + 2008-10-13 20:59:37 27,136 ----a-w C:\WINDOWS\BDOSCAN8\avxt.dll
    + 2008-10-13 20:59:39 102,400 ----a-w C:\WINDOWS\BDOSCAN8\bdcore.dll
    + 2006-05-24 23:21:00 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll
    + 2006-05-24 23:21:14 53,248 ----a-w C:\WINDOWS\BDOSCAN8\ipsupd.dll
    + 2008-10-13 20:59:39 142,848 ----a-w C:\WINDOWS\BDOSCAN8\libfn.dll
    + 2008-10-13 20:59:38 86,016 ----a-w C:\WINDOWS\BDOSCAN8\librtvr.dll
    + 2006-05-24 23:22:06 53,248 ----a-w C:\WINDOWS\bdoscandel.exe
    + 2006-05-24 23:21:00 118,784 ----a-w C:\WINDOWS\Downloaded Program Files\bdupd.dll
    + 2006-05-24 23:21:14 53,248 ----a-w C:\WINDOWS\Downloaded Program Files\ipsupd.dll
    .
    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-02 15360]
    "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-03-12 153136]
    "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 1694208]
    "MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-12-05 8523776]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-30 98304]
    "Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 583048]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-02 15360]
    "Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Lancer l'utilitaire d'enregistrement.lnk - C:\Program Files\WiFiConnector\NintendoWFCReg.exe [2007-11-18 1073152]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
    2008-05-28 12:32 87352 C:\WINDOWS\system32\LMIinit.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
    "msacm.enc"= ITIG726.acm
    "VIDC.HFYU"= huffyuv.dll
    "VIDC.XFR1"= xfcodec.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GhostStartTrayApp]
    --a------ 2002-08-19 12:58 94208 C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    --------- 2004-10-13 18:24 1694208 C:\Program Files\Messenger\msmsgs.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    --a------ 2007-03-09 19:53 153136 C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\SiSoftware\\SiSoftware Sandra Pro Personnel 2007.SP1\\sandra.exe"=
    "C:\\Program Files\\SiSoftware\\SiSoftware Sandra Pro Personnel 2007.SP1\\RpcSandraSrv.exe"=
    "C:\\Program Files\\SiSoftware\\SiSoftware Sandra Pro Personnel 2007.SP1\\Win32\\RpcDataSrv.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\WINDOWS\\system32\\ZoneLabs\\avsys\\ScanningProcess.exe"=
    "C:\\Program Files\\WiFiConnector\\NintendoWFCReg.exe"=
    "C:\\WINDOWS\\system32\\PnkBstrA.exe"=
    "C:\\WINDOWS\\system32\\PnkBstrB.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\Xfire\\xfire.exe"=
    "C:\\Program Files\\eMule\\emule.exe"=
    "C:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=
    "C:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"=
    "C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx9.exe"=
    "C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Dx10.exe"=
    "C:\\Program Files\\Ubisoft\\Assassin's Creed\\AssassinsCreed_Launcher.exe"=
    "C:\\Program Files\\uTorrent\\uTorrent.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "21335:TCP"= 21335:TCP:BitComet 21335 TCP
    "21335:UDP"= 21335:UDP:BitComet 21335 UDP

    R1 GhPciScan;GhostPciScanner;C:\Program Files\Symantec\Norton Ghost 2003\ghpciscan.sys [2002-08-14 5632]
    R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\LogMeIn\x86\RaInfo.sys [2008-02-28 12856]
    R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2008-03-07 45848]
    R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;C:\WINDOWS\system32\DRIVERS\ManyCam.sys [2008-01-14 21632]
    R3 SCREAMINGBDRIVER;Screaming Bee Audio;C:\WINDOWS\system32\drivers\ScreamingBAudio.sys [2008-05-15 21920]
    S3 k600bus;Sony Ericsson 600i driver (WDM);C:\WINDOWS\system32\DRIVERS\k600bus.sys [2005-05-11 52384]
    S3 k600obex;Sony Ericsson 600i USB WMC OBEX Interface Drivers;C:\WINDOWS\system32\DRIVERS\k600obex.sys [2005-05-11 77072]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c29e5ccf-ca50-11dc-84a1-000d0bffd1f9}]
    \Shell\AutoRun\command - K:\setup\rsrc\Autorun.exe
    \Shell\dinstall\command - K:\Directx\dxsetup.exe

    *Newly Created Service* - CATCHME
    .

    **************************************************************************

    catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-15 12:58:01
    Windows 5.1.2600 Service Pack 2 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    Heure de fin: 2008-10-15 12:59:02
    ComboFix-quarantined-files.txt 2008-10-15 10:58:59
    ComboFix2.txt 2008-10-15 10:33:12
    ComboFix3.txt 2008-10-15 05:53:18
    ComboFix4.txt 2008-10-14 19:42:13
    ComboFix5.txt 2008-10-15 10:56:20

    Avant-CF: 148 199 047 168 octets libres
    Après-CF: 148,187,889,664 octets libres

    189 --- E O F --- 2008-09-10 20:02:01

    et celui de hijackthis :

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:59:23, on 15/10/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
    C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
    C:\Program Files\WiFiConnector\NintendoWFCReg.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    C:\Program Files\MagicDisc\MagicDisc.exe
    C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\WINDOWS\system32\notepad.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
    O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
    O4 - Global Startup: Lancer l'utilitaire d'enregistrement.lnk = C:\Program Files\WiFiConnector\NintendoWFCReg.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Télécharger avec FlashGet - C:\Program Files\FlashGet\jc_link.htm
    O8 - Extra context menu item: Télécharger tout avec FlashGet - C:\Program Files\FlashGet\jc_all.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
    O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\smat\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/webplayer/stage6/windows/AutoD...
    O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} - http://fichiers.touslesdrivers.com/fichiers/hardwaredet...
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD40/JSCDL/jre/6u5-b19/jinstal...
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.ca...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
    O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
    O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
    O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
    O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Pro Personnel 2007.SP1\Win32\RpcDataSrv.exe
    O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Pro Personnel 2007.SP1\RpcSandraSrv.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    --
    End of file - 9380 bytes
    a b 8 Sécurité
    15 Octobre 2008 13:21:37

    Re,

  • Fais un scan en ligne Kaspersky avec Internet Explorer :
  • Clique sur
  • Clique maintenant sur J'accepte.
  • Valide l'installation d'un ou de plusieurs ActiveX si c'est nécessaire.
  • Patiente pendant l'installation des Mises à jour.
  • Choisis par la suite l'analyse du Poste de travail
  • Sauvegarde puis colle le rapport généré en fin d'analyse.

    AIDE : Tuto sur le scan en ligne

    NOTE : Si tu reçois le message "La licence de Kaspersky On-line Scanner est périmée", va dans Ajout/Suppression de programmes puis désinstalle On-Line Scanner, reconnecte toi sur le site de Kaspersky pour retenter le scan en ligne.
    15 Octobre 2008 22:23:03

    voila ce que cela maffiche a la fin de lanalyse avec kapersky:


    a b 8 Sécurité
    16 Octobre 2008 18:43:28

    Elle est vraiment terminée cette analyse ?
    16 Octobre 2008 18:45:52

    ben oui ya marquer terminer en bas mais le rapport ne s'affiche pas bisar ...
    a b 8 Sécurité
    16 Octobre 2008 19:01:39

    Fais un scan Panda à la place alors.
    16 Octobre 2008 22:41:00

    voila le rapport avec panda activescan 2.0 :

    ;***********************************************************************************************************************************************************************************
    ANALYSIS: 2008-10-16 22:39:20
    PROTECTIONS: 1
    MALWARE: 53
    SUSPECTS: 8
    ;***********************************************************************************************************************************************************************************
    PROTECTIONS
    Description Version Active Updated
    ;===================================================================================================================================================================================
    Zone Alarm Security Suite 7.0.473.000 No No
    ;===================================================================================================================================================================================
    MALWARE
    Id Description Type Active Severity Disinfectable Disinfected Location
    ;===================================================================================================================================================================================
    00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@casalemedia[2].txt
    00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@doubleclick[1].txt
    00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@doubleclick[3].txt
    00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\smat\Cookies\smat@doubleclick[1].txt
    00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Application Data\Mozilla\Firefox\Profiles\9thit057.default\cookies.txt[.doubleclick.net/]
    00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@atdmt[3].txt
    00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@atdmt[2].txt
    00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\smat\Cookies\smat@atdmt[2].txt
    00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@tradedoubler[1].txt
    00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Application Data\Mozilla\Firefox\Profiles\9thit057.default\cookies.txt[.tradedoubler.com/]
    00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Application Data\Mozilla\Firefox\Profiles\9thit057.default\cookies.txt[.tradedoubler.com/]
    00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\smat\Cookies\smat@tradedoubler[1].txt
    00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Application Data\Mozilla\Firefox\Profiles\9thit057.default\cookies.txt[.tradedoubler.com/]
    00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@247realmedia[2].txt
    00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\smat\Cookies\smat@247realmedia[1].txt
    00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Application Data\Mozilla\Firefox\Profiles\9thit057.default\cookies.txt[.fastclick.net/]
    00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@fastclick[2].txt
    00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Application Data\Mozilla\Firefox\Profiles\9thit057.default\cookies.txt[.fastclick.net/]
    00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Application Data\Mozilla\Firefox\Profiles\9thit057.default\cookies.txt[.fastclick.net/]
    00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@tribalfusion[1].txt
    00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@tribalfusion[2].txt
    00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@mediaplex[2].txt
    00159564 Cookie/WUpd TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@revenue[2].txt
    00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@com[1].txt
    00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Application Data\Mozilla\Firefox\Profiles\9thit057.default\cookies.txt[.xiti.com/]
    00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\smat\Cookies\smat@xiti[1].txt
    00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@xiti[2].txt
    00167709 Cookie/fe.lea.lycos TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@fe.lea.lycos[1].txt
    00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@statcounter[1].txt
    00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@statcounter[2].txt
    00168048 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@perf.overture[1].txt
    00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\smat\Cookies\smat@ad.yieldmanager[2].txt
    00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@ad.yieldmanager[3].txt
    00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@ad.yieldmanager[1].txt
    00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Application Data\Mozilla\Firefox\Profiles\9thit057.default\cookies.txt[.apmebf.com/]
    00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@apmebf[2].txt
    00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\smat\Cookies\smat@apmebf[1].txt
    00168076 Cookie/BurstNet TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@burstnet[2].txt
    00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Application Data\Mozilla\Firefox\Profiles\9thit057.default\cookies.txt[.serving-sys.com/]
    00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Application Data\Mozilla\Firefox\Profiles\9thit057.default\cookies.txt[.serving-sys.com/]
    00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Application Data\Mozilla\Firefox\Profiles\9thit057.default\cookies.txt[.serving-sys.com/]
    00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\smat\Cookies\smat@serving-sys[2].txt
    00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Application Data\Mozilla\Firefox\Profiles\9thit057.default\cookies.txt[.serving-sys.com/]
    00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Application Data\Mozilla\Firefox\Profiles\9thit057.default\cookies.txt[.serving-sys.com/]
    00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Application Data\Mozilla\Firefox\Profiles\9thit057.default\cookies.txt[.serving-sys.com/]
    00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@serving-sys[1].txt
    00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@bs.serving-sys[2].txt
    00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Application Data\Mozilla\Firefox\Profiles\9thit057.default\cookies.txt[.bs.serving-sys.com/]
    00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\smat\Cookies\smat@bs.serving-sys[2].txt
    00168095 Cookie/888 TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@888[2].txt
    00168102 Cookie/Falkag TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@as1.falkag[1].txt
    00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@weborama[1].txt
    00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Application Data\Mozilla\Firefox\Profiles\9thit057.default\cookies.txt[.weborama.fr/]
    00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\smat\Cookies\smat@weborama[1].txt
    00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@adtech[2].txt
    00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@adtech[1].txt
    00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@server.iad.liveperson[2].txt
    00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@fl01.ct2.comclick[2].txt
    00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Application Data\Mozilla\Firefox\Profiles\9thit057.default\cookies.txt[.advertising.com/]
    00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Application Data\Mozilla\Firefox\Profiles\9thit057.default\cookies.txt[.advertising.com/]
    00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Application Data\Mozilla\Firefox\Profiles\9thit057.default\cookies.txt[.advertising.com/]
    00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@advertising[2].txt
    00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\smat\Cookies\smat@advertising[1].txt
    00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Application Data\Mozilla\Firefox\Profiles\9thit057.default\cookies.txt[.advertising.com/]
    00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@media.adrevolver[2].txt
    00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@media.adrevolver[1].txt
    00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\smat\Cookies\smat@media.adrevolver[3].txt
    00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@statse.webtrendslive[1].txt
    00170304 Cookie/WebtrendsLive TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@statse.webtrendslive[3].txt
    00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@ads.pointroll[1].txt
    00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@overture[2].txt
    00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@overture[1].txt
    00170556 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@realmedia[1].txt
    00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@questionmarket[1].txt
    00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@zedo[2].txt
    00172449 Cookie/MetriWeb TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@metriweb[1].txt
    00172483 Cookie/888 TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@int.sitestat[1].txt
    00172484 Cookie/Cassava TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@int.sitestat[2].txt
    00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Application Data\Mozilla\Firefox\Profiles\9thit057.default\cookies.txt[.bluestreak.com/]
    00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\smat\Cookies\smat@bluestreak[2].txt
    00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@adrevolver[3].txt
    00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\smat\Cookies\smat@adrevolver[2].txt
    00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@adrevolver[1].txt
    00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@go[1].txt
    00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@searchportal.information[1].txt
    00207862 Cookie/did-it TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@did-it[1].txt
    00207936 Cookie/Adviva TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@adviva[2].txt
    00207936 Cookie/Adviva TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@adviva[1].txt
    00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@smartadserver[1].txt
    00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\smat\Cookies\smat@smartadserver[2].txt
    00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Application Data\Mozilla\Firefox\Profiles\9thit057.default\cookies.txt[.smartadserver.com/]
    00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Application Data\Mozilla\Firefox\Profiles\9thit057.default\cookies.txt[.smartadserver.com/]
    00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Application Data\Mozilla\Firefox\Profiles\9thit057.default\cookies.txt[.smartadserver.com/]
    00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Application Data\Mozilla\Firefox\Profiles\9thit057.default\cookies.txt[.smartadserver.com/]
    00286738 Cookie/Cgi-bin TrackingCookie No 0 Yes No C:\Documents and Settings\célya\Cookies\célya@www1.addfreestats[1].txt
    01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{74E5A79A-EC5C-4068-ABF9-6A20D5577D0D}\RP338\A0163408.EXE
    01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{74E5A79A-EC5C-4068-ABF9-6A20D5577D0D}\RP334\A0162372.EXE
    01185375 Application/Psexec.A HackTools No 0 Yes No C:\System Volume Information\_restore{74E5A79A-EC5C-4068-ABF9-6A20D5577D0D}\RP336\A0162453.EXE
    01196325 Cookie/Enhance TrackingCookie No 0 Yes No C:\Documents and Settings\smat\Cookies\smat@enhance[2].txt
    02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\System Volume Information\_restore{74E5A79A-EC5C-4068-ABF9-6A20D5577D0D}\RP336\A0162438.sys
    02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\System Volume Information\_restore{74E5A79A-EC5C-4068-ABF9-6A20D5577D0D}\RP337\A0163387.sys
    02885963 Rootkit/Booto.C Virus/Worm No 0 Yes No C:\System Volume Information\_restore{74E5A79A-EC5C-4068-ABF9-6A20D5577D0D}\RP333\A0162345.sys
    03445560 Adware/Lop Adware No 0 Yes No C:\Program Files\BitTorrent Fastest Tool\BitDownload-4.5-setup.exe
    03448800 Adware/Lop Adware No 0 Yes No C:\Program Files\BitTorrent Fastest Tool\3wPlayer-1.9.0.0-setup-0312.exe
    03625222 Adware/Popuper Adware No 0 Yes No C:\Program Files\BitTorrent Fastest Tool\BitP.exe
    03738686 Generic Malware Virus/Trojan No 0 No No C:\Documents and Settings\smat\Bureau\ComboFix.exe[32788R22FWJFW\catchme.cfexe]
    03806616 Adware/NaviPromo Adware No 1 Yes No C:\Qoobox\Quarantine\C\WINDOWS\system32\__c003372D.dat.vir
    03839851 Trj/Downloader.MDW Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{74E5A79A-EC5C-4068-ABF9-6A20D5577D0D}\RP339\A0163481.sys
    ;===================================================================================================================================================================================
    SUSPECTS
    Sent Location ܮ
    ;===================================================================================================================================================================================
    No C:\Documents and Settings\smat\Bureau\ComboFix.exe[32788R22FWJFW\psexec.cfexe] ܮ
    No C:\Qoobox\Quarantine\C\WINDOWS\system32\drhsvgqv.dll.vir ܮ
    No C:\Qoobox\Quarantine\C\WINDOWS\system32\ealazw.dll.vir ܮ
    No C:\Qoobox\Quarantine\C\WINDOWS\system32\jragulvd.dll.vir ܮ
    No C:\Qoobox\Quarantine\C\WINDOWS\system32\lkloaobt.dll.vir ܮ
    No C:\Qoobox\Quarantine\C\WINDOWS\system32\nfkzgu.dll.vir ܮ
    No C:\Qoobox\Quarantine\C\WINDOWS\system32\opptgdiv.dll.vir ܮ
    No I:\msdownld.tmp\IXP000.TMP\Setup_ver1.1808.0.exe ܮ
    ;===================================================================================================================================================================================
    VULNERABILITIES
    Id Severity Description ܮ
    ;===================================================================================================================================================================================
    ;===================================================================================================================================================================================
    a b 8 Sécurité
    17 Octobre 2008 18:17:07

    Re,

    Supprime ce dossier :
    C:\Qoobox

    Supprime :
    C:\Program Files\BitTorrent Fastest Tool\BitDownload-4.5-setup.exe
    C:\Program Files\BitTorrent Fastest Tool\3wPlayer-1.9.0.0-setup-0312.exe
    C:\Program Files\BitTorrent Fastest Tool\BitP.exe
    17 Octobre 2008 19:55:47

    Ca y est c'est fait et mintenant ?
    a b 8 Sécurité
    17 Octobre 2008 19:57:45

    Passe un coup de CCleaner. Tu as encore des soucis ?
    17 Octobre 2008 21:46:42

    non j'ai plus de souci enfin j'ai pas remarquer tout remarche aparament
    18 Octobre 2008 11:47:05

    C'est bon je n'est plus de souci j'ai remis mon antivirus
    merci infiniment !!!
    a b 8 Sécurité
    18 Octobre 2008 13:24:16

    Bon surf.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS