Votre question

comment supprimer virus virtumonde

Tags :
  • Adware
  • Sécurité
Dernière réponse : dans Sécurité et virus
18 Mars 2008 10:06:42

bonjour
mon antivirus nod 32 m'affiche en permanence le message suivant:

menace: win32/adware.virtumonde application

rapport hijack this :

Logfile of HijackThis v1.99.1
Scan saved at 10:05:42, on 18/03/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
H:\logiciel\spyware doctor\Spyware Doctor\sdhelp.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Eset\nod32kui.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
H:\fichier compresser\changeur fond d'ecran\Data\CFE TrayIcon.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\visionneuse\Avant Browser\avant.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Messenger\msmsgs.exe
H:\logiciel\hijack this\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - H:\logiciel\SPYWAR~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - blank (file missing)
O2 - BHO: (no name) - {6902F36D-E8DE-4F58-9A64-5B68B888130D} - C:\DOCUME~1\teber\LOCALS~1\Temp\~DP13.dll (file missing)
O2 - BHO: (no name) - {73676454-A932-7669-B377-AC3A0147A262} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: {14960b05-3c6f-d0ea-0654-5407ae4c99e8} - {8e99c4ea-7045-4560-ae0d-f6c350b06941} - C:\WINDOWS\system32\ycbnunlp.dll
O2 - BHO: (no name) - {92AC9FF9-D2D5-4B32-B182-DA2F1FAEA35F} - C:\WINDOWS\system32\pmnlk.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - H:\logiciel\SPYWAR~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: (no name) - {DE48606D-0903-200A-B678-4BD04AA89B8F} - blank (file missing)
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [BM47072347] Rundll32.exe "C:\WINDOWS\system32\myeoselo.dll",s
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MSN\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Vidalia] "H:\logiciel\T O R\Vidalia\vidalia.exe"
O4 - Startup: CFE TrayIcon.lnk = H:\fichier compresser\changeur fond d'ecran\Data\CFE TrayIcon.exe
O4 - Startup: CFE.lnk = H:\fichier compresser\changeur fond d'ecran\Data\CFE.exe
O4 - Startup: HDDlife.lnk = H:\logiciel\hddlife\HDDlifePro.exe
O4 - Global Startup: Privoxy.lnk = H:\logiciel\T O R\Privoxy\privoxy.exe
O8 - Extra context menu item: Bloquer ce serveur... - C:\visionneuse\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Bloquer cette publicité... - C:\visionneuse\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir tous les liens de la page... - C:\visionneuse\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Personnaliser - c:\reverso\promtie4\options.htm
O8 - Extra context menu item: Rechercher sur Internet - c:\reverso\promtie4\search.htm
O8 - Extra context menu item: Rechercher sur le Web... - C:\visionneuse\Avant Browser\Search.htm
O8 - Extra context menu item: Surligner - C:\visionneuse\Avant Browser\Highlight.htm
O8 - Extra context menu item: Traduire - c:\reverso\promtie4\translat.htm
O8 - Extra context menu item: Traduire dans WebView - c:\reverso\promtie4\webview.htm
O8 - Extra context menu item: Traduire la page - c:\reverso\promtie4\page.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - H:\logiciel\SPYWAR~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - H:\logiciel\titan poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - H:\logiciel\titan poker\Titan Poker\casino.exe
O9 - Extra button: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe
O9 - Extra 'Tools' menuitem: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe
O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - c:\reverso\promtie4\promtie5.htm
O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - c:\reverso\promtie4\promtie5.htm
O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - c:\reverso\promtie4\options.htm
O9 - Extra 'Tools' menuitem: Personnalisez traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - c:\reverso\promtie4\options.htm
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\AIM\aim.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/2575a1141fef8049c006/netzip/RdxIE6...
O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall....
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-fe252e6120df2123.spaces.live.com/PhotoUpload...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267....
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Autodata Limited License Service - Unknown owner - C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - Unknown owner - C:\Program Files\F-Secure Internet Security\fswsclds.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NTLOAD - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe (file missing)
O23 - Service: NTSVCMGR - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe (file missing)
O23 - Service: Norman Virus Control on-access component (nvcoas) - Unknown owner - (no file)
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Unknown owner - (no file)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - H:\logiciel\spyware doctor\Spyware Doctor\sdhelp.exe


si quelqun a une solution
merci

Autres pages sur : supprimer virus virtumonde

a b 8 Sécurité
18 Mars 2008 12:33:33

Bonjour,

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

  • Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur combofix.exe afin de le lancer.
  • Tape sur la touche 1 (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
    18 Mars 2008 21:41:06

    ComboFix 08-03-17.1 - teber 2008-03-18 21:19:11.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.415 [GMT 1:00]
    Endroit: C:\Documents and Settings\teber\Bureau\ComboFix.exe
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\All Users\Documents\_desktop.ini
    C:\Documents and Settings\All Users\Documents\Ma musique\_desktop.ini
    C:\Documents and Settings\All Users\Documents\Ma musique\Desktop_.ini
    C:\Documents and Settings\All Users\Documents\Ma musique\chantillons de musique\_desktop.ini
    C:\Documents and Settings\All Users\Documents\Ma musique\chantillons de musique\Desktop_.ini
    C:\Documents and Settings\All Users\Documents\Ma musique\My Playlists\_desktop.ini
    C:\Documents and Settings\All Users\Documents\Ma musique\My Playlists\Desktop_.ini
    C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\_desktop.ini
    C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\02A591E2\_desktop.ini
    C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\02A591E2\Desktop_.ini
    C:\Documents and Settings\All Users\Documents\Ma musique\Sample Playlists\Desktop_.ini
    C:\Documents and Settings\All Users\Documents\Ma musique\Sync Playlists\_desktop.ini
    C:\Documents and Settings\All Users\Documents\Ma musique\Sync Playlists\03D753FE\_desktop.ini
    C:\Documents and Settings\All Users\Documents\Ma musique\Sync Playlists\03D753FE\Desktop_.ini
    C:\Documents and Settings\All Users\Documents\Ma musique\Sync Playlists\Desktop_.ini
    C:\Documents and Settings\All Users\Documents\Mes images\_desktop.ini
    C:\Documents and Settings\All Users\Documents\Mes images\Desktop_.ini
    C:\Documents and Settings\All Users\Documents\Mes images\chantillons d'images\_desktop.ini
    C:\Documents and Settings\All Users\Documents\Mes images\chantillons d'images\Desktop_.ini
    C:\Documents and Settings\All Users\Documents\Mes images\logiciel aida32\_desktop.ini
    C:\Documents and Settings\All Users\Documents\Mes images\logiciel aida32\AIDA32 - Enterprise System Information\_desktop.ini
    C:\Documents and Settings\All Users\Documents\Mes images\logiciel aida32\AIDA32 - Enterprise System Information\Desktop_.ini
    C:\Documents and Settings\All Users\Documents\Mes images\logiciel aida32\Desktop_.ini
    C:\Documents and Settings\All Users\Documents\Mes vid‚os\_desktop.ini
    C:\Documents and Settings\All Users\Documents\Mes vid‚os\Desktop_.ini
    C:\WINDOWS\BM47072347.xml
    C:\WINDOWS\cookies.ini
    C:\WINDOWS\Downloaded Program Files\rave
    C:\WINDOWS\Downloaded Program Files\rave\avirexe.vdm
    C:\WINDOWS\Downloaded Program Files\rave\avirscr.vdm
    C:\WINDOWS\Downloaded Program Files\rave\base.vdm
    C:\WINDOWS\Downloaded Program Files\rave\daily.vdm
    C:\WINDOWS\Downloaded Program Files\rave\daily.vdt
    C:\WINDOWS\Downloaded Program Files\rave\filters.vdm
    C:\WINDOWS\Downloaded Program Files\rave\kernel.vdk
    C:\WINDOWS\Downloaded Program Files\rave\keyring.vdk
    C:\WINDOWS\Downloaded Program Files\rave\mapi_vdm.vdm
    C:\WINDOWS\Downloaded Program Files\rave\modules.vdk
    C:\WINDOWS\Downloaded Program Files\rave\rav8def.vdm
    C:\WINDOWS\Downloaded Program Files\rave\rufs.vdm
    C:\WINDOWS\Downloaded Program Files\rave\rufsplg.vdm
    C:\WINDOWS\Downloaded Program Files\rave\unarch.vdm
    C:\WINDOWS\Downloaded Program Files\rave\unmail.vdm
    C:\WINDOWS\Downloaded Program Files\rave\unpack.vdm
    C:\WINDOWS\msnp.exe
    C:\WINDOWS\pskt.ini
    C:\WINDOWS\system32\bqvkvasv.dll
    C:\WINDOWS\system32\klnmp.ini
    C:\WINDOWS\system32\klnmp.ini2
    C:\WINDOWS\system32\laachfau.dll
    C:\WINDOWS\system32\myeoselo.dll
    C:\WINDOWS\system32\twwwpuie.dll
    C:\WINDOWS\system32\uafhcaal.ini
    C:\WINDOWS\system32\ycbnunlp.dll

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_NTLOAD
    -------\Service_NTLOAD


    ((((((((((((((((((((((((((((( Fichiers créés 2008-02-18 to 2008-03-18 ))))))))))))))))))))))))))))))))))))
    .

    2008-03-18 21:29 . 2008-03-18 21:30 370 --ahs---- C:\WINDOWS\system32\klnmp.ini
    2008-03-18 09:31 . 2008-03-18 09:31 24,576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe
    2008-03-18 08:30 . 2008-03-18 09:31 <REP> d-------- C:\VundoFix Backups
    2008-03-16 23:17 . 2008-03-16 23:17 290,816 --------- C:\WINDOWS\system32\pmnlk.dll
    2008-03-16 23:17 . 2008-03-16 23:17 63 --a------ C:\WINDOWS\system32\44340255
    2008-03-16 23:12 . 2007-02-09 18:34 420,816 --a------ C:\Documents and Settings\teber\Application Data\wunauclt.exe
    2008-03-16 23:12 . 2008-03-15 16:57 199,445 --a------ C:\Documents and Settings\teber\Application Data\toolbar.dll
    2008-03-16 23:12 . 2008-03-15 14:24 82,937 --a------ C:\Documents and Settings\teber\Application Data\space1.exe
    2008-03-16 23:12 . 2008-03-12 20:25 57,344 --------- C:\Documents and Settings\teber\Application Data\dr.exe
    2008-03-16 23:12 . 2008-03-16 23:12 36,864 --a------ C:\WINDOWS\system32\khfccbx.dll.vir
    2008-03-16 22:50 . 2008-03-16 22:50 <REP> d--hs---- C:\WINDOWS\ftpcache
    2008-03-11 09:21 . 2008-03-11 09:21 234 --a------ C:\WINDOWS\PrnHlpLogConfig.ini
    2008-03-05 08:58 . 2008-03-05 08:58 <REP> d-------- C:\WINDOWS\system32\AGEIA
    2008-03-05 08:58 . 2008-03-05 08:59 <REP> d-------- C:\Program Files\AGEIA Technologies
    2008-03-05 08:57 . 2008-03-05 08:57 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-03-05 08:55 . 2007-03-12 16:42 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-03-18 19:51 --------- d-----w C:\Documents and Settings\teber\Application Data\Vidalia
    2008-03-18 09:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-03-18 06:00 --------- d-----w C:\Program Files\ESET
    2008-03-16 09:06 --------- d-----w C:\Program Files\Everest Poker
    2008-03-16 08:02 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-03-13 19:28 --------- d-----w C:\Program Files\MSN Messenger
    2008-03-10 19:45 --------- d-----w C:\Documents and Settings\teber\Application Data\Tor
    2008-02-07 17:56 --------- d-----w C:\Program Files\CODECS
    2008-01-28 18:02 1,409 ----a-w C:\WINDOWS\Fonts\sncf09.fot
    2007-09-24 09:16 284,672 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp
    2007-03-18 18:21 87,608 ----a-w C:\Documents and Settings\teber\Application Data\ezpinst.exe
    2007-03-18 18:21 47,360 ----a-w C:\Documents and Settings\teber\Application Data\pcouffin.sys
    2006-09-26 20:10 124,664 ----a-w C:\Documents and Settings\teber\Application Data\GDIPFONTCACHEV1.DAT
    2005-05-11 22:36 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
    2004-08-11 18:49 192,512 ----a-w C:\WINDOWS\inf\unregmp2(2).exe
    2004-08-19 23:09 65,024 --sha-w C:\WINDOWS\system32\asycfilt.dll
    2006-08-25 15:51 617,472 --sha-w C:\WINDOWS\system32\comctl32.dll
    2004-08-19 23:09 1,028,096 --sha-w C:\WINDOWS\system32\mfc42.dll
    2001-08-28 12:00 57,344 --sha-w C:\WINDOWS\system32\mfc42loc.dll
    2004-08-19 23:09 413,696 --sha-w C:\WINDOWS\system32\msvcp60.dll
    2004-08-19 23:09 343,040 --sha-w C:\WINDOWS\system32\msvcrt.dll
    2001-08-28 12:00 253,952 --sha-w C:\WINDOWS\system32\msvcrt20.dll
    2007-12-04 18:41 550,912 --sha-w C:\WINDOWS\system32\oleaut32.dll
    2004-08-19 23:09 83,456 --sha-w C:\WINDOWS\system32\olepro32.dll
    2004-08-19 23:09 30,749 --sha-w C:\WINDOWS\system32\vbajet32.dll
    1999-01-28 10:40 368,912 --sha-w C:\WINDOWS\system32\Vbar332.dll
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6902F36D-E8DE-4F58-9A64-5B68B888130D}]
    C:\DOCUME~1\teber\LOCALS~1\Temp\~DP13.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8e99c4ea-7045-4560-ae0d-f6c350b06941}]
    C:\WINDOWS\system32\ycbnunlp.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DE48606D-0903-200A-B678-4BD04AA89B8F}]

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F49B5525-4B28-4740-B360-C44745F4E4B2}]
    2008-03-16 23:17 290816 --------- C:\WINDOWS\system32\pmnlk.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MessengerPlus3"="C:\Program Files\MSN\MsgPlus.exe" [2006-04-16 20:42 190024]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:09 15360]
    "Vidalia"="H:\logiciel\T O R\Vidalia\vidalia.exe" [2006-07-07 20:58 8915456]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-08-11 14:43 7630848]
    "Microsoft Works Update Detection"="C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe" [2001-10-05 15:51 28738]
    "EM_EXEC"="C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE" [2002-07-01 08:50 28672]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-06-11 18:31 180269]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12 49152]
    "nwiz"="nwiz.exe" [2006-08-11 14:43 1519616 C:\WINDOWS\system32\nwiz.exe]
    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-08-11 14:43 86016]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2004-02-09 14:01 77824]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
    "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-10-26 09:10 949376]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [ ]
    "Spyware Doctor"="" []

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Authentication Packages REG_MULTI_SZ msv1_0 C:\WINDOWS\system32\pmnlk.dll

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide du logiciel HP Image Zone.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide du logiciel HP Image Zone.lnk
    backup=C:\WINDOWS\pss\Démarrage rapide du logiciel HP Image Zone.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
    backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Hulk Maximyzer.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Hulk Maximyzer.lnk
    backup=C:\WINDOWS\pss\Hulk Maximyzer.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^teber^Menu Démarrer^Programmes^Démarrage^HDDlife.lnk]
    path=C:\Documents and Settings\teber\Menu Démarrer\Programmes\Démarrage\HDDlife.lnk
    backup=C:\WINDOWS\pss\HDDlife.lnkStartup

    [HKLM\~\startupfolder\C:^Documents and Settings^teber^Menu Démarrer^Programmes^Démarrage^Intégrateur PROjectMT 98.lnk]
    path=C:\Documents and Settings\teber\Menu Démarrer\Programmes\Démarrage\Intégrateur PROjectMT 98.lnk
    backup=C:\WINDOWS\pss\Intégrateur PROjectMT 98.lnkStartup

    [HKLM\~\startupfolder\C:^Documents and Settings^teber^Menu Démarrer^Programmes^Démarrage^Programme Garnier Nutritionist.lnk]
    path=C:\Documents and Settings\teber\Menu Démarrer\Programmes\Démarrage\Programme Garnier Nutritionist.lnk
    backup=C:\WINDOWS\pss\Programme Garnier Nutritionist.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
    --a------ 2005-09-03 14:18 94208 C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer]
    --a------ 2001-11-15 11:08 1216512 C:\WINDOWS\mixer.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
    --a------ 2006-11-12 11:48 157592 C:\Program Files\DAEMON Tools\daemon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    --a------ 2001-07-09 10:50 155648 C:\WINDOWS\system32\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    --a------ 2004-02-09 14:01 77824 C:\Program Files\QuickTime\qttask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
    --a------ 2006-01-30 11:30 19486248 H:\logiciel\skype\Phone\Skype.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    --a------ 2006-11-09 15:07 49263 C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
    -ra------ 2006-06-06 09:07 40960 C:\Program Files\Macrogaming\SweetIM\SweetIM.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
    --a------ 2005-11-15 20:31 33792 C:\Program Files\Winamp\winampa.exe

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=
    "C:\\soulseek\\slsk.exe"=
    "C:\\KAZAA\\Kazaa Lite K++\\KazaaLite.kpp"=
    "C:\\AIM\\aim.exe"=
    "C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
    "H:\\Freeplayer\\vlc\\vlc.exe"=
    "C:\\WINDOWS\\system32\\rundll32.exe"=
    "C:\\WINDOWS\\system32\\dpvsetup.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
    "H:\\logiciel\\vlc freebox tv\\VLC\\vlc.exe"=
    "C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
    "C:\\visionneuse\\Avant Browser\\avant.exe"=
    "H:\\logiciel\\emule 0.47c xtreme 5.4\\emule.exe"=
    "H:\\logiciel\\emule 0.47c beba v1.2\\emule.exe"=
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\MSN Messenger\\livecall.exe"=
    "H:\\logiciel\\skype\\Phone\\Skype.exe"=
    "H:\\logiciel\\emule 0.48a\\eMule.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
    "4669:TCP"= 4669:TCP:emule tcp
    "5555:UDP"= 5555:UDP:emule udp
    "6346:TCP"= 6346:TCP:shareaza

    R3 ham50;V9X HAM 1394V;C:\WINDOWS\system32\DRIVERS\CTXH51.sys [2001-08-04 16:50]
    S2 Fswsclds;F-Secure Windows Security Center Legacy Detection Service;C:\Program Files\F-Secure Internet Security\fswsclds.exe []
    S2 nvcap;nVidia WDM Video Capture (universal);C:\WINDOWS\system32\DRIVERS\nvcap.sys [2002-01-29 23:42]
    S2 NVXBAR;nVidia WDM A/V Crossbar;C:\WINDOWS\system32\DRIVERS\NVxbar.sys [2002-01-29 23:42]
    S3 adiusbae;USB ADSL LAN Adapter;C:\WINDOWS\system32\DRIVERS\adiusbae.sys []
    S3 CH341SER;CH341SER;C:\WINDOWS\system32\Drivers\CH341SER.SYS [2006-06-05 00:00]
    S3 fbxusb;FreeBox USB Network Adapter;C:\WINDOWS\system32\DRIVERS\fbxusb.sys [2003-12-31 11:35]
    S3 ids0004C;ids0004C;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0004C.sys []
    S3 ids0005c;ids0005c;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0005c.sys []
    S3 musbehco;musbehco;C:\DOCUME~1\teber\LOCALS~1\Temp\musbehco.sys []
    S3 nvcfsr;nvcfsr;C:\NORMAN VIRUS CONTROL\nvc\BIN\nvcfsr.sys []
    S3 nvcoafl51;nvcoafl51;C:\NORMAN VIRUS CONTROL\nvc\BIN\nvcoafl51.sys []
    S3 USBModem000;LGE Mobile USB Modem TC;C:\WINDOWS\system32\DRIVERS\usbser.sys [2004-08-04 07:08]
    S3 V0090VID;Creative WebCam Vista Plus;C:\WINDOWS\system32\DRIVERS\V0090Vid.sys [2004-09-06 02:00]
    S3 viafilter;VIA USB Filter;C:\WINDOWS\system32\Drivers\viausb.sys [2001-08-21 05:11]
    S3 Wdm1;USB Bridge Cable Driver;C:\WINDOWS\system32\Drivers\usbbc.sys [2001-12-13 14:35]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d116a174-8775-11db-9aae-0010dc21fba9}]
    \Shell\AutoRun\command - I:\autorun.exe


    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{32D08D3D-0C7E-2D2B-6A6E-85C8A618B1A7}]
    C:\WINDOWS\System32\Dractx.exe 2
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-03-16 22:12:21 C:\WINDOWS\Tasks\At1.job"
    - C:\Documents
    "2008-03-16 22:12:23 C:\WINDOWS\Tasks\At2.job"
    - C:\Documents
    "2008-03-16 22:12:27 C:\WINDOWS\Tasks\At3.job"
    - C:\Documents
    "2008-03-14 16:15:00 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
    - H:\fichier compresser\SystemOptimizer.exe
    "2008-03-18 18:18:40 C:\WINDOWS\Tasks\{F897AA24-BDC3-11D1-B85B-00C04FB93981}_BERTRAND_teber.job"
    - C:\WINDOWS\system32\mobsync.exeC /Schedule=
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-18 21:29:44
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    --------------------- DLLs a chargé sous des processus courants ---------------------

    PROCESS: C:\WINDOWS\system32\lsass.exe [5.01.2600.2180]
    -> C:\WINDOWS\system32\pmnlk.dll
    -> C:\Program Files\Eset\pr_imon.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\HPZipm12.exe
    H:\logiciel\spyware doctor\Spyware Doctor\sdhelp.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\system32\wscntfy.exe
    H:\fichier compresser\changeur fond d'ecran\Data\CFE TrayIcon.exe
    .
    **************************************************************************
    .
    Temps d'accomplissement: 2008-03-18 21:37:23 - machine was rebooted
    ComboFix-quarantined-files.txt 2008-03-18 20:36:58
    .
    2008-03-12 20:11:30 --- E O F ---
    Contenus similaires
    a b 8 Sécurité
    18 Mars 2008 23:04:49

    Reposte un rapport Hijackthis.
    18 Mars 2008 23:07:51

    Logfile of HijackThis v1.99.1
    Scan saved at 23:07:36, on 18/03/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Eset\nod32krn.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\HPZipm12.exe
    H:\logiciel\spyware doctor\Spyware Doctor\sdhelp.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\alg.exe
    C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\ctfmon.exe
    H:\fichier compresser\changeur fond d'ecran\Data\CFE TrayIcon.exe
    C:\WINDOWS\explorer.exe
    C:\visionneuse\Avant Browser\avant.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    H:\logiciel\hijack this\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - H:\logiciel\SPYWAR~1\SPYWAR~1\tools\iesdsg.dll
    O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - blank (file missing)
    O2 - BHO: (no name) - {6902F36D-E8DE-4F58-9A64-5B68B888130D} - C:\DOCUME~1\teber\LOCALS~1\Temp\~DP13.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - H:\logiciel\SPYWAR~1\SPYWAR~1\tools\iesdpb.dll
    O2 - BHO: (no name) - {DE48606D-0903-200A-B678-4BD04AA89B8F} - blank (file missing)
    O2 - BHO: (no name) - {F49B5525-4B28-4740-B360-C44745F4E4B2} - C:\WINDOWS\system32\pmnlk.dll
    O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MSN\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Vidalia] "H:\logiciel\T O R\Vidalia\vidalia.exe"
    O4 - Startup: CFE TrayIcon.lnk = H:\fichier compresser\changeur fond d'ecran\Data\CFE TrayIcon.exe
    O4 - Startup: CFE.lnk = H:\fichier compresser\changeur fond d'ecran\Data\CFE.exe
    O4 - Startup: HDDlife.lnk = H:\logiciel\hddlife\HDDlifePro.exe
    O4 - Global Startup: Privoxy.lnk = H:\logiciel\T O R\Privoxy\privoxy.exe
    O8 - Extra context menu item: Bloquer ce serveur... - C:\visionneuse\Avant Browser\AddAllToADBlackList.htm
    O8 - Extra context menu item: Bloquer cette publicité... - C:\visionneuse\Avant Browser\AddToADBlackList.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Ouvrir tous les liens de la page... - C:\visionneuse\Avant Browser\OpenAllLinks.htm
    O8 - Extra context menu item: Personnaliser - c:\reverso\promtie4\options.htm
    O8 - Extra context menu item: Rechercher sur Internet - c:\reverso\promtie4\search.htm
    O8 - Extra context menu item: Rechercher sur le Web... - C:\visionneuse\Avant Browser\Search.htm
    O8 - Extra context menu item: Surligner - C:\visionneuse\Avant Browser\Highlight.htm
    O8 - Extra context menu item: Traduire - c:\reverso\promtie4\translat.htm
    O8 - Extra context menu item: Traduire dans WebView - c:\reverso\promtie4\webview.htm
    O8 - Extra context menu item: Traduire la page - c:\reverso\promtie4\page.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - H:\logiciel\SPYWAR~1\SPYWAR~1\tools\iesdpb.dll
    O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - H:\logiciel\titan poker\Titan Poker\casino.exe
    O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - H:\logiciel\titan poker\Titan Poker\casino.exe
    O9 - Extra button: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe
    O9 - Extra 'Tools' menuitem: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe
    O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - c:\reverso\promtie4\promtie5.htm
    O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - c:\reverso\promtie4\promtie5.htm
    O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - c:\reverso\promtie4\options.htm
    O9 - Extra 'Tools' menuitem: Personnalisez traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - c:\reverso\promtie4\options.htm
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\AIM\aim.exe
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
    O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150/2575a1141fef8049c006/netzip/RdxIE6...
    O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall....
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall...
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-fe252e6120df2123.spaces.live.com/PhotoUpload...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267....
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Autodata Limited License Service - Unknown owner - C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - Unknown owner - C:\Program Files\F-Secure Internet Security\fswsclds.exe (file missing)
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: NTSVCMGR - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe (file missing)
    O23 - Service: Norman Virus Control on-access component (nvcoas) - Unknown owner - (no file)
    O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Unknown owner - (no file)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
    O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - H:\logiciel\spyware doctor\Spyware Doctor\sdhelp.exe

    a b 8 Sécurité
    18 Mars 2008 23:09:03

    Re,

    Télécharge MalwareBytes' Anti-Malwares < ici

    Double clique sur mbam-setup.exe pour lancer l'installation
    Autorise le téléchargement des mises à jour !

    Redémarre en mode sans echec ( > Mode Sans Echec < )

    Double clique sur le raccourci Malwarebytes présent sur ton bureau
    Coche Exécuter un examen complet , puis clique sur [Rechercher]
    A la fin du scan , clique sur [Afficher les resultats]
    Si objets infectés sont trouvés , clique sur [Supprimer la sélection]

    Poste le rapport ( il se trouve aussi dans l'onglet Rapports/Logs )
    19 Mars 2008 09:04:56

    Malwarebytes' Anti-Malware 1.08
    Version de la base de données: 501

    Type de recherche: Examen complet (C:\|D:\|E:\|H:\|)
    Eléments examinés: 132105
    Temps écoulé: 1 hour(s), 21 minute(s), 49 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 1
    Clé(s) du Registre infectée(s): 13
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 2
    Dossier(s) infecté(s): 421
    Fichier(s) infecté(s): 3424

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    C:\WINDOWS\system32\pmnlk.dll (Trojan.Vundo) -> Unloaded module successfully.

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5b06fd41-dc33-48f7-94b3-d8c3759f536f} (Trojan.Vundo) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{5b06fd41-dc33-48f7-94b3-d8c3759f536f} (Trojan.Vundo) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\aldd (Malware.Trace) -> Delete on reboot.
    HKEY_CURRENT_USER\Software\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\pmnlk.dll -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\pmnlk.dll -> Delete on reboot.

    Dossier(s) infecté(s):
    C:\Casino (Adware.Casino) -> Delete on reboot.
    C:\Casino\Europa Casino (Adware.Casino) -> Delete on reboot.
    C:\Casino\Europa Casino\00000c4c.tmp (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\aroundtheworld (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\baccarat (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\baccarat_ln (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\baccarat_progressive (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\baccarat_video (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\balls (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\blackjack (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\blackjack_duel (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\blackjack_ln (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\blackjack_pontoon (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\blackjack_progressive (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\blackjack_switch (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\blackjack_video (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\bonusbowling (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\casinowar (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\common (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\craps (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\darts (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\dicetwister (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\genieshilo (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\headsortails (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\horseracing (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\keno (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\keno_x (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\lobby (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\mahjong (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\pachinko (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\penaltyshootout (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\poker_3card (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\poker_caribbean (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\poker_holdem (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\poker_letthemride (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\poker_paigow (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\poker_tequila (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\popbingo (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\reddog (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\rockpaperscissors (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\rollercoasterdice (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\roulette (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\roulette00 (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\roulette_ln (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\roulette_mini (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\roulette_video (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\sicbo (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\sicbo_ln (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\sicbo_video (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_8ball (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_8ball_xl (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_alchemist (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_alien25line (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_amigos (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_amigos_xl (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_beachlife20line (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_bermuda (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_bermuda_xl (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_captain (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_chinese8line (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_cinerama5reel (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_crazy (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_crazy_xl (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_desert20line (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_diamond5reel (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_europa (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_europa_xl (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_footballrules25line (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_fountain (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_fountain_xl (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_fruitmania5reel (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_globaltraveler20line (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_goblin (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_gold8line (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_golf (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_haunted (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_haunted_xl (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_highway (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_jungle (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_jungle_xl (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_lotto20line (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_lovemore20line (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_magic (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_millionaireslane20line (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_monkey (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_monkey_xl (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_neptune (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_neptune_xl (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_nightout20line (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_ocean (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_party (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_party_xl (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_profits (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_pyramids9line (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_rock (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_rock_xl (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_safecracker (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_silver (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_sultan (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_sultan_xl (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_thrillseekers50line (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_treasures5reel (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_treasures5reel_xl (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_tropic (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_uggabugga (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_ultimate8line (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_vacation8line (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_wall5reel (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\spinawin (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\stravaganza (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\videopoker_10jacks (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\videopoker_10orbetter (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\videopoker_25aces (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\videopoker_4aces (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\videopoker_4deuceswild (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\videopoker_4jacks (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\videopoker_50jacks (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\videopoker_aces (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\videopoker_deuceswild (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\videopoker_highlow (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\videopoker_jacks (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\videopoker_joker (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\videopoker_megajacks (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\aroundtheworld\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\aroundtheworld\windows (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\baccarat\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\baccarat_progressive\gold_dark (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\baccarat_video\table (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\balls\buttons (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\balls\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\balls\tables (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\balls\tables\cocktail (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\balls\tables\colors (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\balls\tables\firstlast (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\balls\tables\jackpot (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\balls\tables\numbers (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\balls\tables\sixth (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\balls\tables\steps (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\balls\tables\total (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\blackjack\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\blackjack_duel\3d (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\blackjack_progressive\gold_dark (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\blackjack_video\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\bonusbowling\anim (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\bonusbowling\fonts (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\bonusbowling\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\common\fonts (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\common\interface (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\common\ui (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\craps\3d (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\craps\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\darts\buttons (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\darts\fonts (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\darts\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\darts\texts (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\dicetwister\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\genieshilo\buttons (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\genieshilo\cards (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\genieshilo\jackpot (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\genieshilo\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\headsortails\3d (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\headsortails\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\horseracing\buttons (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\horseracing\info (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\horseracing\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\horseracing\stadium (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\horseracing\start (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\horseracing\tables (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\horseracing\texts (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\keno\3d (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\keno\buttons (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\keno\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\keno_x\3d (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\keno_x\buttons (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\keno_x\fonts (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\keno_x\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\lobby\ln (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\lobby\login (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\lobby\menu (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\lobby\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\mahjong\buttons (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\mahjong\paytable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\mahjong\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\mahjong\window_win (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\pachinko\components (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\pachinko\gems (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\pachinko\minigames (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\pachinko\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\pachinko\yokoku (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\penaltyshootout\anims (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\penaltyshootout\buttons (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\penaltyshootout\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\popbingo\fonts (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\popbingo\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\rockpaperscissors\buttons (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\rockpaperscissors\fonts (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\rockpaperscissors\info (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\rockpaperscissors\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\rollercoasterdice\3d (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\rollercoasterdice\buttons (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\rollercoasterdice\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\roulette\3d (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\roulette\buttons (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\roulette\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\roulette\zoom (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\roulette00\3d (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\roulette00\zoom (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\roulette_mini\3d (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\roulette_mini\luxury (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\roulette_mini\luxury\3d (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\3d (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\3reel (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\3reel_xl (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\5reel (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\5reel_xl (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\8line (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\9line (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\blackjack (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\buttons (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\cards (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\coins (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\dollarball (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\doublescreen (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\fonts (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\html (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\interface (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\live_buttons (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\ln (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\slots_multispin (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\tablegames (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\tablesigns (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\ui (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\videopoker_4line (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\videopoker_deuces (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\videopoker_jacks (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\videopoker_multiline (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\cards\poker (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\cards\textures (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\cards\videopoker_multiline (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\coins\tablecoins (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\dollarball\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\html\chat (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\html\chat\emoticons (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\interface\chat (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\interface\ui (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\sounds\dealervoices (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\sounds\numbers (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\sounds\dealervoices\numbers (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\tablegames\gold_dark (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\videopoker_4line\buttons (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\shared\videopoker_multiline\buttons (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\sicbo\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_8ball\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_alchemist\3d (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_alchemist\bonus (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_alchemist\fonts (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_alchemist\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_alien25line\animations (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_alien25line\bonus1 (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_alien25line\bonus2 (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_alien25line\fonts (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_alien25line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_alien25line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_amigos\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_beachlife20line\animation (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_beachlife20line\betlines (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_beachlife20line\bonusgame (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_beachlife20line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_beachlife20line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_bermuda\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_captain\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_captain\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_chinese8line\fonts (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_chinese8line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_chinese8line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_cinerama5reel\3d (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_cinerama5reel\bonus (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_cinerama5reel\bonus2 (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_cinerama5reel\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_cinerama5reel\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_cinerama5reel\bonus\select (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_cinerama5reel\bonus2\select (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_crazy\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_desert20line\bonusgame (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_desert20line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_desert20line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_diamond5reel\bonus (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_diamond5reel\fonts (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_diamond5reel\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_diamond5reel\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_diamond5reel\bonus\screen (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_europa\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_europa_xl\animation (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_europa_xl\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_footballrules25line\bonus (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_footballrules25line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_footballrules25line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_footballrules25line\sounds\bonus (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_fountain\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_fruitmania5reel\bonus (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_fruitmania5reel\fonts (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_fruitmania5reel\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_fruitmania5reel\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_globaltraveler20line\animation (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_globaltraveler20line\betlines (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_globaltraveler20line\bonus (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_globaltraveler20line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_globaltraveler20line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_goblin\animation (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_goblin\bonusgame (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_goblin\fonts (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_goblin\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_goblin\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_gold8line\bonus (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_gold8line\fonts (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_gold8line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_gold8line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_gold8line\bonus\screen (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_golf\bonusgame (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_golf\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_golf\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_haunted\animation (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_haunted\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_haunted_xl\animation (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_highway\animation (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_highway\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_highway\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_jungle\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_jungle_xl\animation (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_lotto20line\activate_window (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_lotto20line\animation (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_lotto20line\bonusgame (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_lotto20line\fonts (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_lotto20line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_lotto20line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_lovemore20line\dollarball (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_lovemore20line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_lovemore20line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_magic\3d (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_magic\bonus (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_magic\buttons (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_magic\fonts (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_magic\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_millionaireslane20line\animation (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_millionaireslane20line\bonusgame (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_millionaireslane20line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_millionaireslane20line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_monkey\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_monkey_xl\animation (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_neptune\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_neptune_xl\animation (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_nightout20line\bonusgame (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_nightout20line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_nightout20line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_ocean\animation (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_ocean\fonts (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_ocean\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_ocean\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_party\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_party_xl\animation (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_profits\3d (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_profits\animation (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_profits\bonusgame (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_profits\fonts (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_profits\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_profits\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_pyramids9line\3d (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_pyramids9line\bonus (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_pyramids9line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_pyramids9line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_rock\animation (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_rock\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_rock_xl\animation (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_safecracker\3d (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_safecracker\bonus (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_safecracker\fonts (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_safecracker\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_silver\animation (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_silver\dollarball (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_silver\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_silver\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_sultan\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_sultan_xl\animation (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_thrillseekers50line\animation (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_thrillseekers50line\bonus (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_thrillseekers50line\loading (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_thrillseekers50line\payline (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_thrillseekers50line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_thrillseekers50line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_treasures5reel\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_treasures5reel_xl\animation (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_treasures5reel_xl\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_tropic\3d (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_tropic\animation (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_tropic\fonts (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_tropic\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_tropic\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_uggabugga\animation (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_uggabugga\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_uggabugga\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_ultimate8line\anim (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_ultimate8line\bonus (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_ultimate8line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_ultimate8line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_vacation8line\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_vacation8line\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_wall5reel\3d (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_wall5reel\bonus (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_wall5reel\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_wall5reel\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_wall5reel\bonus\select (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\spinawin\buttons (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\spinawin\sounds (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\videopoker_10jacks\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\videopoker_25aces\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\videopoker_50jacks\wintable (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\videopoker_highlow\doublescreen (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\videopoker_joker\animation (Adware.Casino) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\pmnlk.dll (Trojan.Vundo) -> Delete on reboot.
    C:\WINDOWS\system32\klnmp.ini (Trojan.Vundo) -> Delete on reboot.
    C:\WINDOWS\system32\klnmp.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\(offline).db (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\cactivex.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\casino.exe (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\casino.hlp (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\casino.ico (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\CEF35956392.db (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\directsounddriver.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\fileinfo.dat (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\fileinfo2.dat (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\fileinfo2r.dat (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\gdigraphdriver.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\h264dec.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\nvssd450.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\replace.exe (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\unicows.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\aroundtheworld.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\aroundtheworld.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\baccarat.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\baccarat.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\baccaratlive.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\baccaratln.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\baccarat_progressive.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\baccarat_video.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\baccarat_video_japanese_ln.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\baccarat_video_ln.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\baccarat_video_mini_japanese_ln.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\baccarat_video_mini_ln.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\baccarat_video_progressive_ln.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\baccarat_video_vip_ln.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\balls.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\balls.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\blackjack.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\blackjack.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\blackjacklive.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\blackjackln.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\blackjack_5h.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\blackjack_5h_pontoon.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\blackjack_5h_progressive.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\blackjack_5h_surrender.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\blackjack_duel.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\blackjack_duel.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\blackjack_pontoon.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\blackjack_surrender.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\blackjack_switch.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\blackjack_video.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\blackjack_video_ln.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\bonusbowling.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\bonusbowling.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\cards.swf (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\cashier.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\cashier.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\casinowar.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\casinowar.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\common.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\common.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\craps.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\craps.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\darts.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\darts.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\dicetwister.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\dicetwister.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\genieshilo.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\genieshilo.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\genieshilo_jackpot.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\headsortails.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\headsortails.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\horseracing.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\horseracing.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\keno.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\keno.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\keno_x.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\loader.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\loader.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\lobby.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\lobby.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\mahjong_pro_japan.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\mahjong_pro_wmf.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\mahjong_solo_japan.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\mahjong_solo_wmf.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\pachinko.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\pachinko.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\penaltyshootout.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\penaltyshootout.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\pokergames.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\poker_3card.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\poker_caribbean.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\poker_holdem.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\poker_letthemride.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\poker_paigow.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\poker_tequila.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\popbingo.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\popbingo.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\receive_video.swf (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\reddog.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\reddog.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\rockpaperscissors.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\rockpaperscissors.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\rollercoasterdice.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\rollercoasterdice.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\roulette.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\roulette00.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\roulettelive.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\rouletteln.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\roulette_french.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\roulette_mini.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\roulette_video.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\roulette_video_ln.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\sicbo.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\sicbo.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\sicbolive.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\sicboln.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\sicbo_video.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\sicbo_video_ln.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slotmachines.dll (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_8ball.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_8ball_xl.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_alchemist.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_alien25line.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_amigos.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_amigos_xl.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_beachlife20line.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_bermuda.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_bermuda_xl.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_captain.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_chinese8line.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_cinerama5reel.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_crazy.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_crazy_xl.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_custom3reel.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_custom3reel_xl.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_custom5reel.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_custom5reel_xl.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_desert20line.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_diamond5reel.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_footballrules25line.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_fountain.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_fountain_xl.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_fruitmania5reel.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_globaltraveler20line.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_goblin.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_gold8line.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_golf.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_haunted.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_haunted_xl.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_highway.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_jungle.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_jungle_xl.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_lotto20line.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_lovemore20line.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_magic.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_millionaireslane20line.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_monkey.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_monkey_xl.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_neptune.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_neptune_xl.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_nightout20line.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_ocean.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_party.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_party_xl.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_profits.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_pyramids9line.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_rock.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_rock_xl.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_safe.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_silver.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_sultan.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_sultan_xl.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_thrillseekers50line.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_tropic.gam (Adware.Casino) -> Quarantined and deleted successfully.
    C:\Casino\Europa Casino\data\slots_uggabugga.gam (Adwa
    a b 8 Sécurité
    19 Mars 2008 16:29:40

    Reposte un rapport Hijackthis.
    19 Mars 2008 16:56:12

    Logfile of HijackThis v1.99.1
    Scan saved at 16:55, on 2008-03-19
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\visionneuse\Avant Browser\avant.exe
    H:\logiciel\hijack this\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: SWEETIE Class - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll (file missing)
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - H:\logiciel\SPYWAR~1\SPYWAR~1\tools\iesdsg.dll
    O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - blank (file missing)
    O2 - BHO: (no name) - {6902F36D-E8DE-4F58-9A64-5B68B888130D} - C:\DOCUME~1\teber\LOCALS~1\Temp\~DP13.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - H:\logiciel\SPYWAR~1\SPYWAR~1\tools\iesdpb.dll
    O2 - BHO: (no name) - {DE48606D-0903-200A-B678-4BD04AA89B8F} - blank (file missing)
    O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
    O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - H:\logiciel\bitdefender\IEToolbar.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MSN\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Startup: CFE TrayIcon.lnk = H:\fichier compresser\changeur fond d'ecran\Data\CFE TrayIcon.exe
    O4 - Startup: CFE.lnk = H:\fichier compresser\changeur fond d'ecran\Data\CFE.exe
    O8 - Extra context menu item: Bloquer ce serveur... - C:\visionneuse\Avant Browser\AddAllToADBlackList.htm
    O8 - Extra context menu item: Bloquer cette publicité... - C:\visionneuse\Avant Browser\AddToADBlackList.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Ouvrir tous les liens de la page... - C:\visionneuse\Avant Browser\OpenAllLinks.htm
    O8 - Extra context menu item: Personnaliser - c:\reverso\promtie4\options.htm
    O8 - Extra context menu item: Rechercher sur Internet - c:\reverso\promtie4\search.htm
    O8 - Extra context menu item: Rechercher sur le Web... - C:\visionneuse\Avant Browser\Search.htm
    O8 - Extra context menu item: Surligner - C:\visionneuse\Avant Browser\Highlight.htm
    O8 - Extra context menu item: Traduire - c:\reverso\promtie4\translat.htm
    O8 - Extra context menu item: Traduire dans WebView - c:\reverso\promtie4\webview.htm
    O8 - Extra context menu item: Traduire la page - c:\reverso\promtie4\page.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - H:\logiciel\SPYWAR~1\SPYWAR~1\tools\iesdpb.dll
    O9 - Extra button: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe (file missing)
    O9 - Extra 'Tools' menuitem: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe (file missing)
    O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - c:\reverso\promtie4\promtie5.htm
    O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - c:\reverso\promtie4\promtie5.htm
    O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - c:\reverso\promtie4\options.htm
    O9 - Extra 'Tools' menuitem: Personnalisez traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - c:\reverso\promtie4\options.htm
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\AIM\aim.exe
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
    O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150/2575a1141fef8049c006/netzip/RdxIE6...
    O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall....
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall...
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-fe252e6120df2123.spaces.live.com/PhotoUpload...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267....
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Autodata Limited License Service - Unknown owner - C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - Unknown owner - C:\Program Files\F-Secure Internet Security\fswsclds.exe (file missing)
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe" /service (file missing)
    O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
    O23 - Service: NTSVCMGR - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe (file missing)
    O23 - Service: Norman Virus Control on-access component (nvcoas) - Unknown owner - (no file)
    O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Unknown owner - (no file)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
    O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - H:\logiciel\spyware doctor\Spyware Doctor\sdhelp.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - H:\logiciel\bitdefender\vsserv.exe" /service (file missing)
    O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe" /service (file missing)

    a b 8 Sécurité
    19 Mars 2008 17:29:56

    Refais un scan Combofix :) 
    19 Mars 2008 20:16:29

    ComboFix 08-03-17.1 - teber 2008-03-19 20:09:04.3 - NTFSx86 NETWORK
    Endroit: C:\Documents and Settings\teber\Bureau\ComboFix.exe

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    ---- Previous Run -------
    .
    C:\WINDOWS\BM47072347.xml
    C:\WINDOWS\pskt.ini
    C:\WINDOWS\system32\jkjdbtnb.dll
    C:\WINDOWS\system32\klnmp.ini
    C:\WINDOWS\system32\klnmp.ini2
    C:\WINDOWS\system32\nhdowrsp.ini
    C:\WINDOWS\system32\pmnlk.dll
    C:\WINDOWS\system32\psrwodhn.dll
    C:\WINDOWS\system32\qwoudqxe.dll

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-02-19 to 2008-03-19 ))))))))))))))))))))))))))))))))))))
    .

    2008-03-19 17:01 . 2008-03-19 17:45 <REP> d-------- C:\WINDOWS\BDOSCAN8
    2008-03-19 16:59 . 2008-03-19 17:01 <REP> d-------- C:\WINDOWS\LastGood
    2008-03-19 09:55 . 2008-03-19 15:47 121 --a------ C:\WINDOWS\bdagent.INI
    2008-03-19 09:47 . 2008-03-19 09:47 <REP> d-------- C:\Documents and Settings\teber\Application Data\BitDefender
    2008-03-19 09:45 . 2008-03-19 09:45 <REP> d-------- C:\Program Files\BitDefender
    2008-03-19 09:45 . 2008-03-19 09:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
    2008-03-19 09:43 . 2008-03-19 09:45 <REP> d-------- C:\Program Files\Fichiers communs\BitDefender
    2008-03-18 23:12 . 2008-03-18 23:12 <REP> d-------- C:\Documents and Settings\teber\Application Data\Malwarebytes
    2008-03-18 23:12 . 2008-03-18 23:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-03-18 09:31 . 2008-03-18 09:31 24,576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe
    2008-03-18 08:30 . 2008-03-18 09:31 <REP> d-------- C:\VundoFix Backups
    2008-03-16 23:17 . 2008-03-16 23:17 63 --a------ C:\WINDOWS\system32\44340255
    2008-03-16 23:12 . 2007-02-09 18:34 420,816 --a------ C:\Documents and Settings\teber\Application Data\wunauclt.exe
    2008-03-16 23:12 . 2008-03-15 16:57 199,445 --a------ C:\Documents and Settings\teber\Application Data\toolbar.dll
    2008-03-16 23:12 . 2008-03-15 14:24 82,937 --a------ C:\Documents and Settings\teber\Application Data\space1.exe
    2008-03-16 23:12 . 2008-03-12 20:25 57,344 --------- C:\Documents and Settings\teber\Application Data\dr.exe
    2008-03-16 23:12 . 2008-03-16 23:12 36,864 --a------ C:\WINDOWS\system32\khfccbx.dll.vir
    2008-03-16 22:50 . 2008-03-16 22:50 <REP> d--hs---- C:\WINDOWS\ftpcache
    2008-03-11 09:21 . 2008-03-11 09:21 234 --a------ C:\WINDOWS\PrnHlpLogConfig.ini
    2008-03-05 08:58 . 2008-03-05 08:58 <REP> d-------- C:\WINDOWS\system32\AGEIA
    2008-03-05 08:58 . 2008-03-05 08:59 <REP> d-------- C:\Program Files\AGEIA Technologies
    2008-03-05 08:57 . 2008-03-05 08:57 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-03-05 08:55 . 2007-03-12 16:42 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-03-19 15:59 69,689 ----a-w C:\WINDOWS\UNZIP.DLL
    2008-03-19 15:59 507,904 ----a-w C:\WINDOWS\TMUPDATE.DLL
    2008-03-19 15:59 286,720 ----a-w C:\WINDOWS\PATCH.EXE
    2008-03-19 09:49 85,520 ----a-w C:\WINDOWS\system32\drivers\bdfndisf.sys
    2008-03-19 09:47 77,824 ----a-w C:\WINDOWS\system32\xcomm.dll
    2008-03-19 07:57 --------- d-----w C:\Documents and Settings\teber\Application Data\Vidalia
    2008-03-18 09:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-03-18 06:00 --------- d-----w C:\Program Files\ESET
    2008-03-16 09:06 --------- d-----w C:\Program Files\Everest Poker
    2008-03-16 08:02 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-03-13 19:28 --------- d-----w C:\Program Files\MSN Messenger
    2008-03-10 19:45 --------- d-----w C:\Documents and Settings\teber\Application Data\Tor
    2008-02-07 17:56 --------- d-----w C:\Program Files\CODECS
    2008-01-28 18:02 1,409 ----a-w C:\WINDOWS\Fonts\sncf09.fot
    2007-09-24 09:16 284,672 ----a-w C:\WINDOWS\Internet Logs\xDB1.tmp
    2007-03-18 18:21 87,608 ----a-w C:\Documents and Settings\teber\Application Data\ezpinst.exe
    2007-03-18 18:21 47,360 ----a-w C:\Documents and Settings\teber\Application Data\pcouffin.sys
    2006-09-26 20:10 124,664 ----a-w C:\Documents and Settings\teber\Application Data\GDIPFONTCACHEV1.DAT
    2005-05-11 22:36 12,288 ----a-w C:\WINDOWS\Fonts\RandFont.dll
    2004-08-11 18:49 192,512 ----a-w C:\WINDOWS\inf\unregmp2(2).exe
    2004-08-19 23:09 65,024 --sha-w C:\WINDOWS\system32\asycfilt.dll
    2006-08-25 15:51 617,472 --sha-w C:\WINDOWS\system32\comctl32.dll
    2004-08-19 23:09 1,028,096 --sha-w C:\WINDOWS\system32\mfc42.dll
    2001-08-28 12:00 57,344 --sha-w C:\WINDOWS\system32\mfc42loc.dll
    2004-08-19 23:09 413,696 --sha-w C:\WINDOWS\system32\msvcp60.dll
    2004-08-19 23:09 343,040 --sha-w C:\WINDOWS\system32\msvcrt.dll
    2001-08-28 12:00 253,952 --sha-w C:\WINDOWS\system32\msvcrt20.dll
    2007-12-04 18:41 550,912 --sha-w C:\WINDOWS\system32\oleaut32.dll
    2004-08-19 23:09 83,456 --sha-w C:\WINDOWS\system32\olepro32.dll
    2004-08-19 23:09 30,749 --sha-w C:\WINDOWS\system32\vbajet32.dll
    1999-01-28 10:40 368,912 --sha-w C:\WINDOWS\system32\Vbar332.dll
    .

    ((((((((((((((((((((((((((((( snapshot@2008-03-18_21.36.13.29 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2008-03-19 16:01:14 45,056 ----a-w C:\WINDOWS\BDOSCAN8\avxdisk.dll
    + 2008-03-19 16:01:14 10,240 ----a-w C:\WINDOWS\BDOSCAN8\avxs.dll
    + 2008-03-19 16:01:14 27,136 ----a-w C:\WINDOWS\BDOSCAN8\avxt.dll
    + 2008-03-19 16:01:16 181,760 ----a-w C:\WINDOWS\BDOSCAN8\bdcore.dll
    + 2006-05-25 00:21:00 118,784 ----a-w C:\WINDOWS\BDOSCAN8\bdupd.dll
    + 2006-05-25 00:21:14 53,248 ----a-w C:\WINDOWS\BDOSCAN8\ipsupd.dll
    + 2008-03-19 16:01:16 142,848 ----a-w C:\WINDOWS\BDOSCAN8\libfn.dll
    + 2008-03-19 16:01:14 86,016 ----a-w C:\WINDOWS\BDOSCAN8\librtvr.dll
    + 2006-05-25 00:22:06 53,248 ----a-w C:\WINDOWS\bdoscandel.exe
    + 2006-05-25 00:21:00 118,784 ----a-w C:\WINDOWS\Downloaded Program Files\bdupd.dll
    + 2006-05-25 00:21:14 53,248 ----a-w C:\WINDOWS\Downloaded Program Files\ipsupd.dll
    + 2008-03-19 08:47:28 61,440 ----a-r C:\WINDOWS\Installer\{F4F09997-F426-4019-B29B-6F1FE74852AC}\helpicon.exe
    + 2008-03-19 08:47:27 32,768 ----a-r C:\WINDOWS\Installer\{F4F09997-F426-4019-B29B-6F1FE74852AC}\maintenance_icon.exe
    + 2008-03-19 08:47:27 22,486 ----a-r C:\WINDOWS\Installer\{F4F09997-F426-4019-B29B-6F1FE74852AC}\register_icon.exe
    + 2008-03-19 08:47:27 57,344 ----a-r C:\WINDOWS\Installer\{F4F09997-F426-4019-B29B-6F1FE74852AC}\texticon.exe
    + 2001-12-14 11:34:46 164,864 ----a-w C:\WINDOWS\LastGood\patchw32.dll
    - 2001-12-14 11:34:46 164,864 ----a-w C:\WINDOWS\patchw32.dll
    + 2001-12-14 12:34:46 164,864 ----a-w C:\WINDOWS\patchw32.dll
    + 2008-01-07 16:41:34 196,368 ----a-w C:\WINDOWS\system32\drivers\bdfsfltr.sys
    + 2007-01-31 12:50:32 913,408 ----a-w C:\WINDOWS\system32\xreglib.dll
    - 2006-12-01 21:54:32 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll
    + 2006-12-01 20:54:32 479,232 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll
    - 2006-12-01 21:54:34 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
    + 2006-12-01 20:54:34 548,864 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
    - 2006-12-01 21:54:32 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
    + 2006-12-01 20:54:32 626,688 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
    - 2006-12-01 23:25:52 1,101,824 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
    + 2006-12-01 22:25:52 1,101,824 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
    - 2006-12-01 23:25:56 1,093,120 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
    + 2006-12-01 22:25:56 1,093,120 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
    - 2006-12-01 23:25:58 69,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
    + 2006-12-01 22:25:58 69,632 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
    - 2006-12-01 23:26:00 57,856 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
    + 2006-12-01 22:26:00 57,856 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
    - 2006-12-01 23:08:00 40,960 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
    + 2006-12-01 22:08:00 40,960 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
    - 2006-12-01 23:08:00 45,056 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
    + 2006-12-01 22:08:00 45,056 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
    - 2006-12-01 23:08:00 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
    + 2006-12-01 22:08:00 65,536 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
    - 2006-12-01 23:08:00 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
    + 2006-12-01 22:08:00 57,344 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
    - 2006-12-01 23:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
    + 2006-12-01 22:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
    - 2006-12-01 23:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
    + 2006-12-01 22:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
    - 2006-12-01 23:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
    + 2006-12-01 22:08:00 61,440 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
    - 2006-12-01 23:08:00 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
    + 2006-12-01 22:08:00 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
    - 2006-12-01 23:08:00 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
    + 2006-12-01 22:08:00 49,152 ----a-w C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
    .
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6902F36D-E8DE-4F58-9A64-5B68B888130D}]
    C:\DOCUME~1\teber\LOCALS~1\Temp\~DP13.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DE48606D-0903-200A-B678-4BD04AA89B8F}]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MessengerPlus3"="C:\Program Files\MSN\MsgPlus.exe" [2006-04-16 20:42 190024]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:09 15360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-08-11 14:43 7630848]
    "Microsoft Works Update Detection"="C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe" [2001-10-05 15:51 28738]
    "EM_EXEC"="C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE" [2002-07-01 08:50 28672]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-06-11 18:31 180269]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12 49152]
    "nwiz"="nwiz.exe" [2006-08-11 14:43 1519616 C:\WINDOWS\system32\nwiz.exe]
    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-08-11 14:43 86016]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2004-02-09 14:01 77824]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
    "nod32kui"="C:\Program Files\Eset\nod32kui.exe" [2007-10-26 09:10 949376]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [ ]
    "Spyware Doctor"="" []

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide du logiciel HP Image Zone.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide du logiciel HP Image Zone.lnk
    backup=C:\WINDOWS\pss\Démarrage rapide du logiciel HP Image Zone.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
    backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Hulk Maximyzer.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Hulk Maximyzer.lnk
    backup=C:\WINDOWS\pss\Hulk Maximyzer.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Privoxy.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Privoxy.lnk
    backup=C:\WINDOWS\pss\Privoxy.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^teber^Menu Démarrer^Programmes^Démarrage^HDDlife.lnk]
    path=C:\Documents and Settings\teber\Menu Démarrer\Programmes\Démarrage\HDDlife.lnk
    backup=C:\WINDOWS\pss\HDDlife.lnkStartup

    [HKLM\~\startupfolder\C:^Documents and Settings^teber^Menu Démarrer^Programmes^Démarrage^Intégrateur PROjectMT 98.lnk]
    path=C:\Documents and Settings\teber\Menu Démarrer\Programmes\Démarrage\Intégrateur PROjectMT 98.lnk
    backup=C:\WINDOWS\pss\Intégrateur PROjectMT 98.lnkStartup

    [HKLM\~\startupfolder\C:^Documents and Settings^teber^Menu Démarrer^Programmes^Démarrage^Programme Garnier Nutritionist.lnk]
    path=C:\Documents and Settings\teber\Menu Démarrer\Programmes\Démarrage\Programme Garnier Nutritionist.lnk
    backup=C:\WINDOWS\pss\Programme Garnier Nutritionist.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDAgent]
    H:\logiciel\bitdefender\bdagent.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
    --a------ 2005-09-03 14:18 94208 C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitDefender Antiphishing Helper]
    --a------ 2007-10-09 15:46 61440 H:\logiciel\bitdefender\IEShow.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer]
    --a------ 2001-11-15 11:08 1216512 C:\WINDOWS\mixer.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
    --a------ 2006-11-12 11:48 157592 C:\Program Files\DAEMON Tools\daemon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    --a------ 2001-07-09 10:50 155648 C:\WINDOWS\system32\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    --a------ 2004-02-09 14:01 77824 C:\Program Files\QuickTime\qttask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
    --a------ 2006-01-30 11:30 19486248 H:\logiciel\skype\Phone\Skype.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    --a------ 2006-11-09 15:07 49263 C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
    -ra------ 2006-06-06 09:07 40960 C:\Program Files\Macrogaming\SweetIM\SweetIM.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia]
    --a------ 2006-07-07 20:58 8915456 H:\logiciel\T O R\Vidalia\vidalia.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
    --a------ 2005-11-15 20:31 33792 C:\Program Files\Winamp\winampa.exe

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=
    "C:\\soulseek\\slsk.exe"=
    "C:\\KAZAA\\Kazaa Lite K++\\KazaaLite.kpp"=
    "C:\\AIM\\aim.exe"=
    "C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
    "H:\\Freeplayer\\vlc\\vlc.exe"=
    "C:\\WINDOWS\\system32\\rundll32.exe"=
    "C:\\WINDOWS\\system32\\dpvsetup.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
    "H:\\logiciel\\vlc freebox tv\\VLC\\vlc.exe"=
    "C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
    "C:\\visionneuse\\Avant Browser\\avant.exe"=
    "H:\\logiciel\\emule 0.47c xtreme 5.4\\emule.exe"=
    "H:\\logiciel\\emule 0.47c beba v1.2\\emule.exe"=
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\MSN Messenger\\livecall.exe"=
    "H:\\logiciel\\skype\\Phone\\Skype.exe"=
    "H:\\logiciel\\emule 0.48a\\eMule.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
    "4669:TCP"= 4669:TCP:emule tcp
    "5555:UDP"= 5555:UDP:emule udp
    "6346:TCP"= 6346:TCP:shareaza

    R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-03-19 10:49]
    S2 Fswsclds;F-Secure Windows Security Center Legacy Detection Service;C:\Program Files\F-Secure Internet Security\fswsclds.exe []
    S2 nvcap;nVidia WDM Video Capture (universal);C:\WINDOWS\system32\DRIVERS\nvcap.sys [2002-01-29 23:42]
    S2 NVXBAR;nVidia WDM A/V Crossbar;C:\WINDOWS\system32\DRIVERS\NVxbar.sys [2002-01-29 23:42]
    S3 adiusbae;USB ADSL LAN Adapter;C:\WINDOWS\system32\DRIVERS\adiusbae.sys []
    S3 CH341SER;CH341SER;C:\WINDOWS\system32\Drivers\CH341SER.SYS [2006-06-05 00:00]
    S3 fbxusb;FreeBox USB Network Adapter;C:\WINDOWS\system32\DRIVERS\fbxusb.sys [2003-12-31 11:35]
    S3 ham50;V9X HAM 1394V;C:\WINDOWS\system32\DRIVERS\CTXH51.sys [2001-08-04 16:50]
    S3 ids0004C;ids0004C;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0004C.sys []
    S3 ids0005c;ids0005c;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0005c.sys []
    S3 MBAMCatchMe;MBAMCatchMe;H:\logiciel\malware\Malwarebytes' Anti-Malware\catchme.sys [2008-03-09 17:29]
    S3 musbehco;musbehco;C:\DOCUME~1\teber\LOCALS~1\Temp\musbehco.sys []
    S3 nvcfsr;nvcfsr;C:\NORMAN VIRUS CONTROL\nvc\BIN\nvcfsr.sys []
    S3 nvcoafl51;nvcoafl51;C:\NORMAN VIRUS CONTROL\nvc\BIN\nvcoafl51.sys []
    S3 USBModem000;LGE Mobile USB Modem TC;C:\WINDOWS\system32\DRIVERS\usbser.sys [2004-08-04 07:08]
    S3 V0090VID;Creative WebCam Vista Plus;C:\WINDOWS\system32\DRIVERS\V0090Vid.sys [2004-09-06 02:00]
    S3 viafilter;VIA USB Filter;C:\WINDOWS\system32\Drivers\viausb.sys [2001-08-21 05:11]
    S3 Wdm1;USB Bridge Cable Driver;C:\WINDOWS\system32\Drivers\usbbc.sys [2001-12-13 14:35]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bdx REG_MULTI_SZ scan

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d116a174-8775-11db-9aae-0010dc21fba9}]
    \Shell\AutoRun\command - I:\autorun.exe


    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{32D08D3D-0C7E-2D2B-6A6E-85C8A618B1A7}]
    C:\WINDOWS\System32\Dractx.exe 2
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-03-16 22:12:21 C:\WINDOWS\Tasks\At1.job"
    - C:\Documents
    "2008-03-16 22:12:23 C:\WINDOWS\Tasks\At2.job"
    - C:\Documents
    "2008-03-16 22:12:27 C:\WINDOWS\Tasks\At3.job"
    - C:\Documents
    "2008-03-14 16:15:00 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
    - H:\fichier compresser\SystemOptimizer.exe
    "2008-03-18 21:54:33 C:\WINDOWS\Tasks\{F897AA24-BDC3-11D1-B85B-00C04FB93981}_BERTRAND_teber.job"
    - C:\WINDOWS\system32\mobsync.exeC /Schedule=
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-19 20:14:20
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    **************************************************************************

    [HKEY_LOCAL_MACHINE\system\ControlSet003\Services\bdfsfltr]
    "ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\

    [HKEY_LOCAL_MACHINE\system\ControlSet003\Services\bdfsfltr]
    "ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
    .
    Temps d'accomplissement: 2008-03-19 20:15:58
    ComboFix-quarantined-files.txt 2008-03-19 19:15:03
    ComboFix2.txt 2008-03-18 20:37:24
    .
    2008-03-12 20:11:30 --- E O F ---
    a b 8 Sécurité
    19 Mars 2008 20:42:31

    Re,

    [#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    File::
    C:\Documents and Settings\teber\Application Data\wunauclt.exe
    C:\Documents and Settings\teber\Application Data\toolbar.dll
    C:\Documents and Settings\teber\Application Data\space1.exe
    C:\Documents and Settings\teber\Application Data\dr.exe
    C:\WINDOWS\system32\khfccbx.dll.vir

    Registry::
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6902F36D-E8DE-4F58-9A64-5B68B888130D}]
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{DE48606D-0903-200A-B678-4BD04AA89B8F}]


    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


    Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
    [#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
    19 Mars 2008 21:32:42

    ComboFix 08-03-17.1 - teber 2008-03-19 21:24:40.4 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.487 [GMT 1:00]
    Endroit: C:\Documents and Settings\teber\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\teber\Mes documents\CFScript.txt
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

    FILE ::
    C:\Documents and Settings\teber\Application Data\dr.exe
    C:\Documents and Settings\teber\Application Data\space1.exe
    C:\Documents and Settings\teber\Application Data\toolbar.dll
    C:\Documents and Settings\teber\Application Data\wunauclt.exe
    C:\WINDOWS\system32\khfccbx.dll.vir
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\teber\Application Data\dr.exe
    C:\Documents and Settings\teber\Application Data\space1.exe
    C:\Documents and Settings\teber\Application Data\toolbar.dll
    C:\Documents and Settings\teber\Application Data\wunauclt.exe
    C:\WINDOWS\system32\khfccbx.dll.vir

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-02-19 to 2008-03-19 ))))))))))))))))))))))))))))))))))))
    .

    2008-03-19 20:52 . 2008-03-19 20:52 <REP> d-------- C:\Program Files\Avira
    2008-03-19 20:52 . 2008-03-19 20:52 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
    2008-03-19 17:01 . 2008-03-19 17:45 <REP> d-------- C:\WINDOWS\BDOSCAN8
    2008-03-19 09:55 . 2008-03-19 15:47 121 --a------ C:\WINDOWS\bdagent.INI
    2008-03-19 09:47 . 2008-03-19 09:47 <REP> d-------- C:\Documents and Settings\teber\Application Data\BitDefender
    2008-03-19 09:45 . 2008-03-19 09:45 <REP> d-------- C:\Program Files\BitDefender
    2008-03-19 09:45 . 2008-03-19 09:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
    2008-03-19 09:43 . 2008-03-19 09:45 <REP> d-------- C:\Program Files\Fichiers communs\BitDefender
    2008-03-18 23:12 . 2008-03-18 23:12 <REP> d-------- C:\Documents and Settings\teber\Application Data\Malwarebytes
    2008-03-18 23:12 . 2008-03-18 23:12 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-03-18 09:31 . 2008-03-18 09:31 24,576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe
    2008-03-18 08:30 . 2008-03-18 09:31 <REP> d-------- C:\VundoFix Backups
    2008-03-16 23:17 . 2008-03-16 23:17 63 --a------ C:\WINDOWS\system32\44340255
    2008-03-16 22:50 . 2008-03-16 22:50 <REP> d--hs---- C:\WINDOWS\ftpcache
    2008-03-11 09:21 . 2008-03-11 09:21 234 --a------ C:\WINDOWS\PrnHlpLogConfig.ini
    2008-03-05 08:58 . 2008-03-05 08:58 <REP> d-------- C:\WINDOWS\system32\AGEIA
    2008-03-05 08:58 . 2008-03-05 08:59 <REP> d-------- C:\Program Files\AGEIA Technologies
    2008-03-05 08:57 . 2008-03-05 08:57 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
    2008-03-05 08:55 . 2007-03-12 16:42 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-03-19 20:20 --------- d-----w C:\Program Files\ESET
    2008-03-19 15:59 69,689 ----a-w C:\WINDOWS\UNZIP.DLL
    2008-03-19 15:59 507,904 ----a-w C:\WINDOWS\TMUPDATE.DLL
    2008-03-19 15:59 286,720 ----a-w C:\WINDOWS\PATCH.EXE
    2008-03-19 09:49 85,520 ----a-w C:\WINDOWS\system32\drivers\bdfndisf.sys
    2008-03-19 07:57 --------- d-----w C:\Documents and Settings\teber\Application Data\Vidalia
    2008-03-18 09:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-03-16 09:06 --------- d-----w C:\Program Files\Everest Poker
    2008-03-16 08:02 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-03-13 19:28 --------- d-----w C:\Program Files\MSN Messenger
    2008-03-10 19:45 --------- d-----w C:\Documents and Settings\teber\Application Data\Tor
    2008-02-07 17:56 --------- d-----w C:\Program Files\CODECS
    2008-01-28 18:02 1,409 ----a-w C:\WINDOWS\Fonts\sncf09.fot
    2007-03-18 18:21 87,608 ----a-w C:\Documents and Settings\teber\Application Data\ezpinst.exe
    2007-03-18 18:21 47,360 ----a-w C:\Documents and Settings\teber\Application Data\pcouffin.sys
    2006-09-26 20:10 124,664 ----a-w C:\Documents and Settings\teber\Application Data\GDIPFONTCACHEV1.DAT
    2004-08-19 23:09 65,024 --sha-w C:\WINDOWS\system32\asycfilt.dll
    2006-08-25 15:51 617,472 --sha-w C:\WINDOWS\system32\comctl32.dll
    2004-08-19 23:09 1,028,096 --sha-w C:\WINDOWS\system32\mfc42.dll
    2001-08-28 12:00 57,344 --sha-w C:\WINDOWS\system32\mfc42loc.dll
    2004-08-19 23:09 413,696 --sha-w C:\WINDOWS\system32\msvcp60.dll
    2004-08-19 23:09 343,040 --sha-w C:\WINDOWS\system32\msvcrt.dll
    2001-08-28 12:00 253,952 --sha-w C:\WINDOWS\system32\msvcrt20.dll
    2007-12-04 18:41 550,912 --sha-w C:\WINDOWS\system32\oleaut32.dll
    2004-08-19 23:09 83,456 --sha-w C:\WINDOWS\system32\olepro32.dll
    2004-08-19 23:09 30,749 --sha-w C:\WINDOWS\system32\vbajet32.dll
    1999-01-28 10:40 368,912 --sha-w C:\WINDOWS\system32\Vbar332.dll
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "MessengerPlus3"="C:\Program Files\MSN\MsgPlus.exe" [2006-04-16 20:42 190024]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:09 15360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-08-11 14:43 7630848]
    "Microsoft Works Update Detection"="C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe" [2001-10-05 15:51 28738]
    "EM_EXEC"="C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE" [2002-07-01 08:50 28672]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-06-11 18:31 180269]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12 49152]
    "nwiz"="nwiz.exe" [2006-08-11 14:43 1519616 C:\WINDOWS\system32\nwiz.exe]
    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-08-11 14:43 86016]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2004-02-09 14:01 77824]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
    "avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2007-08-31 12:25 249896]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "ALUAlert"="C:\Program Files\Symantec\LiveUpdate\ALUNotify.exe" [ ]
    "Spyware Doctor"="" []

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Démarrage rapide du logiciel HP Image Zone.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Démarrage rapide du logiciel HP Image Zone.lnk
    backup=C:\WINDOWS\pss\Démarrage rapide du logiciel HP Image Zone.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^HP Digital Imaging Monitor.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk
    backup=C:\WINDOWS\pss\HP Digital Imaging Monitor.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Hulk Maximyzer.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Hulk Maximyzer.lnk
    backup=C:\WINDOWS\pss\Hulk Maximyzer.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Privoxy.lnk]
    path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Privoxy.lnk
    backup=C:\WINDOWS\pss\Privoxy.lnkCommon Startup

    [HKLM\~\startupfolder\C:^Documents and Settings^teber^Menu Démarrer^Programmes^Démarrage^HDDlife.lnk]
    path=C:\Documents and Settings\teber\Menu Démarrer\Programmes\Démarrage\HDDlife.lnk
    backup=C:\WINDOWS\pss\HDDlife.lnkStartup

    [HKLM\~\startupfolder\C:^Documents and Settings^teber^Menu Démarrer^Programmes^Démarrage^Intégrateur PROjectMT 98.lnk]
    path=C:\Documents and Settings\teber\Menu Démarrer\Programmes\Démarrage\Intégrateur PROjectMT 98.lnk
    backup=C:\WINDOWS\pss\Intégrateur PROjectMT 98.lnkStartup

    [HKLM\~\startupfolder\C:^Documents and Settings^teber^Menu Démarrer^Programmes^Démarrage^Programme Garnier Nutritionist.lnk]
    path=C:\Documents and Settings\teber\Menu Démarrer\Programmes\Démarrage\Programme Garnier Nutritionist.lnk
    backup=C:\WINDOWS\pss\Programme Garnier Nutritionist.lnkStartup

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BDAgent]
    H:\logiciel\bitdefender\bdagent.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
    --a------ 2005-09-03 14:18 94208 C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitDefender Antiphishing Helper]
    H:\logiciel\bitdefender\IEShow.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\C-Media Mixer]
    --a------ 2001-11-15 11:08 1216512 C:\WINDOWS\mixer.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools]
    --a------ 2006-11-12 11:48 157592 C:\Program Files\DAEMON Tools\daemon.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    --a------ 2001-07-09 10:50 155648 C:\WINDOWS\system32\NeroCheck.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    --a------ 2004-02-09 14:01 77824 C:\Program Files\QuickTime\qttask.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
    --a------ 2006-01-30 11:30 19486248 H:\logiciel\skype\Phone\Skype.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    --a------ 2006-11-09 15:07 49263 C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SweetIM]
    -ra------ 2006-06-06 09:07 40960 C:\Program Files\Macrogaming\SweetIM\SweetIM.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vidalia]
    --a------ 2006-07-07 20:58 8915456 H:\logiciel\T O R\Vidalia\vidalia.exe

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
    --a------ 2005-11-15 20:31 33792 C:\Program Files\Winamp\winampa.exe

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=
    "C:\\soulseek\\slsk.exe"=
    "C:\\KAZAA\\Kazaa Lite K++\\KazaaLite.kpp"=
    "C:\\AIM\\aim.exe"=
    "C:\\Program Files\\Real\\RealPlayer\\realplay.exe"=
    "H:\\Freeplayer\\vlc\\vlc.exe"=
    "C:\\WINDOWS\\system32\\rundll32.exe"=
    "C:\\WINDOWS\\system32\\dpvsetup.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
    "H:\\logiciel\\vlc freebox tv\\VLC\\vlc.exe"=
    "C:\\Program Files\\HP\\HP Software Update\\HPWUCli.exe"=
    "C:\\visionneuse\\Avant Browser\\avant.exe"=
    "H:\\logiciel\\emule 0.47c xtreme 5.4\\emule.exe"=
    "H:\\logiciel\\emule 0.47c beba v1.2\\emule.exe"=
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\MSN Messenger\\livecall.exe"=
    "H:\\logiciel\\skype\\Phone\\Skype.exe"=
    "H:\\logiciel\\emule 0.48a\\eMule.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
    "4669:TCP"= 4669:TCP:emule tcp
    "5555:UDP"= 5555:UDP:emule udp
    "6346:TCP"= 6346:TCP:shareaza

    R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;C:\WINDOWS\system32\DRIVERS\bdfndisf.sys [2008-03-19 10:49]
    R3 ham50;V9X HAM 1394V;C:\WINDOWS\system32\DRIVERS\CTXH51.sys [2001-08-04 16:50]
    S2 Fswsclds;F-Secure Windows Security Center Legacy Detection Service;C:\Program Files\F-Secure Internet Security\fswsclds.exe []
    S2 nvcap;nVidia WDM Video Capture (universal);C:\WINDOWS\system32\DRIVERS\nvcap.sys [2002-01-29 23:42]
    S2 NVXBAR;nVidia WDM A/V Crossbar;C:\WINDOWS\system32\DRIVERS\NVxbar.sys [2002-01-29 23:42]
    S3 adiusbae;USB ADSL LAN Adapter;C:\WINDOWS\system32\DRIVERS\adiusbae.sys []
    S3 CH341SER;CH341SER;C:\WINDOWS\system32\Drivers\CH341SER.SYS [2006-06-05 00:00]
    S3 fbxusb;FreeBox USB Network Adapter;C:\WINDOWS\system32\DRIVERS\fbxusb.sys [2003-12-31 11:35]
    S3 ids0004C;ids0004C;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0004C.sys []
    S3 ids0005c;ids0005c;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0005c.sys []
    S3 MBAMCatchMe;MBAMCatchMe;H:\logiciel\malware\Malwarebytes' Anti-Malware\catchme.sys [2008-03-09 17:29]
    S3 musbehco;musbehco;C:\DOCUME~1\teber\LOCALS~1\Temp\musbehco.sys []
    S3 nvcfsr;nvcfsr;C:\NORMAN VIRUS CONTROL\nvc\BIN\nvcfsr.sys []
    S3 nvcoafl51;nvcoafl51;C:\NORMAN VIRUS CONTROL\nvc\BIN\nvcoafl51.sys []
    S3 USBModem000;LGE Mobile USB Modem TC;C:\WINDOWS\system32\DRIVERS\usbser.sys [2004-08-04 07:08]
    S3 V0090VID;Creative WebCam Vista Plus;C:\WINDOWS\system32\DRIVERS\V0090Vid.sys [2004-09-06 02:00]
    S3 viafilter;VIA USB Filter;C:\WINDOWS\system32\Drivers\viausb.sys [2001-08-21 05:11]
    S3 Wdm1;USB Bridge Cable Driver;C:\WINDOWS\system32\Drivers\usbbc.sys [2001-12-13 14:35]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    bdx REG_MULTI_SZ scan

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d116a174-8775-11db-9aae-0010dc21fba9}]
    \Shell\AutoRun\command - I:\autorun.exe

    *Newly Created Service* - AVGNTFLT
    *Newly Created Service* - SSMDRV

    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{32D08D3D-0C7E-2D2B-6A6E-85C8A618B1A7}]
    C:\WINDOWS\System32\Dractx.exe 2
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-03-16 22:12:21 C:\WINDOWS\Tasks\At1.job"
    - C:\Documents
    "2008-03-16 22:12:23 C:\WINDOWS\Tasks\At2.job"
    - C:\Documents
    "2008-03-16 22:12:27 C:\WINDOWS\Tasks\At3.job"
    - C:\Documents
    "2008-03-14 16:15:00 C:\WINDOWS\Tasks\Maintenance en 1 clic.job"
    - H:\fichier compresser\SystemOptimizer.exe
    "2008-03-18 21:54:33 C:\WINDOWS\Tasks\{F897AA24-BDC3-11D1-B85B-00C04FB93981}_BERTRAND_teber.job"
    - C:\WINDOWS\system32\mobsync.exeC /Schedule=
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-19 21:29:11
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    **************************************************************************

    [HKEY_LOCAL_MACHINE\system\ControlSet003\Services\bdfsfltr]
    "ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\

    [HKEY_LOCAL_MACHINE\system\ControlSet003\Services\bdfsfltr]
    "ImagePath"=hex:73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,44,00,52,\
    .
    Temps d'accomplissement: 2008-03-19 21:30:50
    ComboFix-quarantined-files.txt 2008-03-19 20:29:58
    ComboFix2.txt 2008-03-19 19:15:58
    ComboFix3.txt 2008-03-18 20:37:24
    .
    2008-03-12 20:11:30 --- E O F ---
    19 Mars 2008 21:33:24

    Logfile of HijackThis v1.99.1
    Scan saved at 21:33:07, on 19/03/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\HPZipm12.exe
    H:\logiciel\spyware doctor\Spyware Doctor\sdhelp.exe
    C:\WINDOWS\System32\snmp.exe
    H:\fichier compresser\changeur fond d'ecran\Data\CFE TrayIcon.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\explorer.exe
    C:\visionneuse\Avant Browser\avant.exe
    H:\logiciel\hijack this\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - H:\logiciel\SPYWAR~1\SPYWAR~1\tools\iesdsg.dll
    O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - blank (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - H:\logiciel\SPYWAR~1\SPYWAR~1\tools\iesdpb.dll
    O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
    O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O3 - Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - (no file)
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MSN\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Startup: CFE TrayIcon.lnk = H:\fichier compresser\changeur fond d'ecran\Data\CFE TrayIcon.exe
    O4 - Startup: CFE.lnk = H:\fichier compresser\changeur fond d'ecran\Data\CFE.exe
    O8 - Extra context menu item: Bloquer ce serveur... - C:\visionneuse\Avant Browser\AddAllToADBlackList.htm
    O8 - Extra context menu item: Bloquer cette publicité... - C:\visionneuse\Avant Browser\AddToADBlackList.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Ouvrir tous les liens de la page... - C:\visionneuse\Avant Browser\OpenAllLinks.htm
    O8 - Extra context menu item: Personnaliser - c:\reverso\promtie4\options.htm
    O8 - Extra context menu item: Rechercher sur Internet - c:\reverso\promtie4\search.htm
    O8 - Extra context menu item: Rechercher sur le Web... - C:\visionneuse\Avant Browser\Search.htm
    O8 - Extra context menu item: Surligner - C:\visionneuse\Avant Browser\Highlight.htm
    O8 - Extra context menu item: Traduire - c:\reverso\promtie4\translat.htm
    O8 - Extra context menu item: Traduire dans WebView - c:\reverso\promtie4\webview.htm
    O8 - Extra context menu item: Traduire la page - c:\reverso\promtie4\page.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - H:\logiciel\SPYWAR~1\SPYWAR~1\tools\iesdpb.dll
    O9 - Extra button: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe (file missing)
    O9 - Extra 'Tools' menuitem: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe (file missing)
    O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - c:\reverso\promtie4\promtie5.htm
    O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - c:\reverso\promtie4\promtie5.htm
    O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - c:\reverso\promtie4\options.htm
    O9 - Extra 'Tools' menuitem: Personnalisez traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - c:\reverso\promtie4\options.htm
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\AIM\aim.exe
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
    O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150/2575a1141fef8049c006/netzip/RdxIE6...
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall....
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-fe252e6120df2123.spaces.live.com/PhotoUpload...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267....
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Autodata Limited License Service - Unknown owner - C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - Unknown owner - C:\Program Files\F-Secure Internet Security\fswsclds.exe (file missing)
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe" /service (file missing)
    O23 - Service: NTSVCMGR - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe (file missing)
    O23 - Service: Norman Virus Control on-access component (nvcoas) - Unknown owner - (no file)
    O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Unknown owner - (no file)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
    O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - H:\logiciel\spyware doctor\Spyware Doctor\sdhelp.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - H:\logiciel\bitdefender\vsserv.exe" /service (file missing)
    O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe" /service (file missing)

    a b 8 Sécurité
    20 Mars 2008 16:14:32

    Re,

    Fix les lignes dans le cadre ci-dessous avec Hijackthis : AIDE EN IMAGES

    R3 - URLSearchHook: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
    O3 - Toolbar: (no name) - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - (no file)
    O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O3 - Toolbar: (no name) - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - (no file)
    O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
    O23 - Service: NTSVCMGR - Unknown owner - c:\windows\system32\dllcache\win32\winlogon.exe (file missing)
    O23 - Service: Norman Virus Control on-access component (nvcoas) - Unknown owner - (no file)
    O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Unknown owner - (no file)


    &

    Télécharge MalwareBytes' Anti-Malwares < ici

    Double clique sur mbam-setup.exe pour lancer l'installation
    Autorise le téléchargement des mises à jour !

    Redémarre en mode sans echec ( > Mode Sans Echec < )

    Double clique sur le raccourci Malwarebytes présent sur ton bureau
    Coche Exécuter un examen complet , puis clique sur [Rechercher]
    A la fin du scan , clique sur [Afficher les resultats]
    Si objets infectés sont trouvés , clique sur [Supprimer la sélection]

    Poste le rapport ( il se trouve aussi dans l'onglet Rapports/Logs )
    20 Mars 2008 20:47:39

    Malwarebytes' Anti-Malware 1.08
    Version de la base de données: 501

    Type de recherche: Examen complet (C:\|)
    Eléments examinés: 108421
    Temps écoulé: 32 minute(s), 34 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 3
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 1
    Fichier(s) infecté(s): 0

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\Casino (Adware.Casino) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    (Aucun élément nuisible détecté)
    a b 8 Sécurité
    20 Mars 2008 20:58:36

    Reposte un rapport Hijackthis.
    20 Mars 2008 21:00:51

    Logfile of HijackThis v1.99.1
    Scan saved at 21:00:37, on 20/03/2008
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\HPZipm12.exe
    H:\logiciel\spyware doctor\Spyware Doctor\sdhelp.exe
    C:\WINDOWS\System32\snmp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe
    C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
    C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    H:\fichier compresser\changeur fond d'ecran\Data\CFE TrayIcon.exe
    C:\WINDOWS\System32\alg.exe
    C:\visionneuse\Avant Browser\avant.exe
    H:\logiciel\ciboxtools\CiBoxTools.exe
    H:\logiciel\hijack this\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - H:\logiciel\SPYWAR~1\SPYWAR~1\tools\iesdsg.dll
    O2 - BHO: EoBho Class - {64F56FC1-1272-44CD-BA6E-39723696E350} - blank (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - H:\logiciel\SPYWAR~1\SPYWAR~1\tools\iesdpb.dll
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MSN\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - Startup: CFE TrayIcon.lnk = H:\fichier compresser\changeur fond d'ecran\Data\CFE TrayIcon.exe
    O4 - Startup: CFE.lnk = H:\fichier compresser\changeur fond d'ecran\Data\CFE.exe
    O8 - Extra context menu item: Bloquer ce serveur... - C:\visionneuse\Avant Browser\AddAllToADBlackList.htm
    O8 - Extra context menu item: Bloquer cette publicité... - C:\visionneuse\Avant Browser\AddToADBlackList.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Ouvrir tous les liens de la page... - C:\visionneuse\Avant Browser\OpenAllLinks.htm
    O8 - Extra context menu item: Personnaliser - c:\reverso\promtie4\options.htm
    O8 - Extra context menu item: Rechercher sur Internet - c:\reverso\promtie4\search.htm
    O8 - Extra context menu item: Rechercher sur le Web... - C:\visionneuse\Avant Browser\Search.htm
    O8 - Extra context menu item: Surligner - C:\visionneuse\Avant Browser\Highlight.htm
    O8 - Extra context menu item: Traduire - c:\reverso\promtie4\translat.htm
    O8 - Extra context menu item: Traduire dans WebView - c:\reverso\promtie4\webview.htm
    O8 - Extra context menu item: Traduire la page - c:\reverso\promtie4\page.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - H:\logiciel\SPYWAR~1\SPYWAR~1\tools\iesdpb.dll
    O9 - Extra button: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe (file missing)
    O9 - Extra 'Tools' menuitem: Europa Casino - {4C826F10-D34B-4ba8-B609-1FB8C6482A05} - C:\Casino\Europa Casino\casino.exe (file missing)
    O9 - Extra button: Traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - c:\reverso\promtie4\promtie5.htm
    O9 - Extra 'Tools' menuitem: Traduire - {7A2EFD41-E6B3-11D2-89E3-00E0292EE574} - c:\reverso\promtie4\promtie5.htm
    O9 - Extra button: (no name) - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - c:\reverso\promtie4\options.htm
    O9 - Extra 'Tools' menuitem: Personnalisez traduction - {7A2EFD41-E6B3-11D2-89E3-00E0292EE575} - c:\reverso\promtie4\options.htm
    O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\AIM\aim.exe
    O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
    O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
    O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} - http://207.188.7.150/2575a1141fef8049c006/netzip/RdxIE6...
    O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
    O16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} - http://a1540.g.akamai.net/7/1540/52/20040105/qtinstall....
    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2005111401/housecall...
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-fe252e6120df2123.spaces.live.com/PhotoUpload...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267....
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Autodata Limited License Service - Unknown owner - C:\Program Files\Fichiers communs\Autodata Limited Shared\Service\ADCDLicSvc.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - Unknown owner - C:\Program Files\F-Secure Internet Security\fswsclds.exe (file missing)
    O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe" /service (file missing)
    O23 - Service: Norman Virus Control on-access component (nvcoas) - Unknown owner - (no file)
    O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Unknown owner - (no file)
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
    O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - H:\logiciel\spyware doctor\Spyware Doctor\sdhelp.exe
    O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - H:\logiciel\bitdefender\vsserv.exe" /service (file missing)
    O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Fichiers communs\BitDefender\BitDefender Communicator\xcommsvr.exe" /service (file missing)

    a b 8 Sécurité
    20 Mars 2008 21:07:32

    Tu as encore des soucis ?
    20 Mars 2008 21:13:09

    le pc a l'air de bien tourner donc je pense que le virus n'est plus la

    je te remercie beaucoup pour tes conseils
    je garde tous les logiciels que tu ma dit d'utilisé au cas ou j'aurais un autre virus. j'ai mis un autre antivirus sur le pc.

    encore un grand merci pour ton aide

    magma57
    a b 8 Sécurité
    20 Mars 2008 22:10:32

    On termine ;) 

  • Télécharge ToolsCleaner sur ton Bureau.
  • Clique sur Recherche et laisse le scan se terminer.
  • Clique sur Suppression pour finaliser.
  • Clique sur Quitter, pour que le rapport puisse se créer.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\)

    Désactive puis réactive la restauration du système : Voir aide

    Ajoute maintenant [Résolu] au titre. Pour cela :
    * Clique, dans ton premier message, sur le bouton "Editer"
    * Rajoute la mention [Résolu] au titre
    * Clique ensuite sur "Valider votre message"

    Lis le dossier dossier sur la prévention et la protection pour ne plus avoir ce genre de problème en cliquant sur l'image ci-dessous :

    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS