Votre question

virus album photo MSN (comment l'enlever) (RÉSOLUE)

Tags :
  • Virus
  • Sécurité
Dernière réponse : dans Sécurité et virus
1 Mars 2008 18:27:15

Bonjour,

Il n'y a pas longtemps, j'ai ouvert le virus de l'album photo sur MSN. (L'espece de virus qui envoie une photo régulièrement à tout tes contacts). J'ai fait plusieurs forums et j'ai demander à des gens de m'aider mais sans succès. Une personne ma proposer votre forum alors je vien ici pour vous demander de m'aider à supprimer ce virus de mon ordinateur. Mon ordi est devenu completement lent depuis. Et j,Ia besoin de mon PC pour faire des travaux le plus rapidement possible.

J'aimerait avoir toutes les étapes, bien détaillés, une apres l'autre si possible. J'espère que vous serez en mesure de m'aider car je commence à perdre espoir.

Merci beaucoup ! ^^

Autres pages sur : virus album photo msn enlever resolue

1 Mars 2008 18:35:52

Voici le premier rapport que j'ai eu. Après çà, je ne sais plus quoi faire ^^

MSNFix 1.673

C:\Documents and Settings\Utilisateur\Bureau\MSNFix\MSNFix
Fix exécuté le 2008-02-29 - 18:42:44,48 By Utilisateur
mode normal

************************ Recherche les fichiers présents

... C:\WINDOWS\system32\real.txt
... C:\?.exe
... C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\services.exe
... C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\services.exe
... C:\Documents and Settings\Utilisateur\??????.exe
... C:\Documents and Settings\Utilisateur\????????.exe
... C:\WINDOWS\mrofinu*.exe
... C:\WINDOWS\mrofinu*.exe.tmp

************************ Recherche les dossiers présents

... C:\Temp\




************************ Suppression des fichiers

.. OK ... C:\WINDOWS\system32\real.txt
.. OK ... C:\?.exe
/!\ ... C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\services.exe
/!\ ... C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\services.exe
.. OK ... C:\Documents and Settings\Utilisateur\??????.exe
.. OK ... C:\Documents and Settings\Utilisateur\????????.exe
.. OK ... C:\WINDOWS\mrofinu*.exe
.. OK ... C:\WINDOWS\mrofinu*.exe.tmp


************************ Suppression des dossiers

/!\ ... C:\Temp\


************************ Nettoyage du registre



Les fichiers encore présents seront supprimés au prochain redémarrage


************************ Suppression des fichiers

/!\ ... C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\services.exe
/!\ ... C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\services.exe



************************ Fichiers suspects

/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention

[C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\Binaries1.zip] 4A0E612A439382018AE3F3ACC35B92DD
[C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\Binaries2.zip] B252B2EC53E62FB1F10C677022665AE2
[C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\Binaries3.zip] 80061E88323D4D5E1873F259461B6D19
[C:\famwssg.exe] 969F5D8B64172ED48E79EB5C534015A0
[C:\HijackThis.exe] C4CA7416A6DF6D95075F81D9E3B41AD1
[C:\nnpnvxjy.exe] 6D334EB74B11FC1967F6A0341085BC8C
[C:\qklxwxtc.exe] 2F0D9C37AE9F08C305E42BEA2A09A8FF

==> SVP merci d'envoyer le fichier C:\DOCUME~1\UTILIS~1\Bureau\Upload_Me.zip sur http://upload.changelog.fr



Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 2008-02-29_19341351.zip



------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------
a b 8 Sécurité
1 Mars 2008 18:38:09

Bonjour,

[#ff0000]CECI EST UNE ETAPE IMPORTANTE A REALISER ![/#f]
Upload l'archive Upload_Me.zip contenant les fichiers suspects afin de développer l'outil MSNFix.
AIDE : Upload des fichiers supects pour MSNFix
Contenus similaires
1 Mars 2008 18:46:45

C'est fait, puis-je avoir la suite?

merci ^^
2 Mars 2008 01:12:56

Désolé mais je suis partie travailler, je suis maintenant de retour et voici le rapport. Puis-je avoir la suite svp? ^^

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:11:21, on 2008-03-01
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\mgabg.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\WinReanimator\WinReanimator.exe
C:\WINDOWS\system32\braviax.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\services.exe
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\program files\quicktime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Flash Media] C:\DOCUME~1\UTILIS~1\LOCALS~1\Temp\services.exe
O4 - HKLM\..\Run: [WinReanimator] "C:\Program Files\WinReanimator\WinReanimator.exe" /hide
O4 - HKLM\..\Run: [braviax] braviax.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
O4 - HKCU\..\Run: [braviax] C:\WINDOWS\system32\braviax.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-win...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O20 - AppInit_DLLs: cru629.dat
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINDOWS\system32\mgabg.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

--
End of file - 8848 bytes
a b 8 Sécurité
2 Mars 2008 11:03:57

Re,

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

  • Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur combofix.exe afin de le lancer.
  • Tape sur la touche 1 (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
    2 Mars 2008 13:12:25

    Voilà, que dois-je faire ensuite?

    ComboFix 08-03-01.3 - Utilisateur 2008-03-02 7:00:44.1 - NTFSx86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1152 [GMT -5:00]
    Endroit: C:\Documents and Settings\Utilisateur\Bureau\ComboFix.exe
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\All Users\Bureau\WinReanimator.lnk
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinReanimator
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinReanimator\Uninstall.lnk
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\WinReanimator\WinReanimator.lnk
    C:\Program Files\WinReanimator
    C:\Program Files\WinReanimator\data\daily.cvd
    C:\Program Files\WinReanimator\htmlayout.dll
    C:\Program Files\WinReanimator\install.exe
    C:\Program Files\WinReanimator\Microsoft.VC80.CRT\Microsoft.VC80.CRT.manifest
    C:\Program Files\WinReanimator\Microsoft.VC80.CRT\msvcm80.dll
    C:\Program Files\WinReanimator\Microsoft.VC80.CRT\msvcp80.dll
    C:\Program Files\WinReanimator\Microsoft.VC80.CRT\msvcr80.dll
    C:\Program Files\WinReanimator\pthreadVC2.dll
    C:\Program Files\WinReanimator\un.ico
    C:\Program Files\WinReanimator\unzip32.dll
    C:\Program Files\WinReanimator\WinReanimator.cfg
    C:\Program Files\WinReanimator\WinReanimator.dll
    C:\Program Files\WinReanimator\WinReanimator.exe
    C:\WINDOWS\braviax.exe
    C:\WINDOWS\cru629.dat
    C:\WINDOWS\system32\braviax.exe
    C:\WINDOWS\system32\cru629.dat
    C:\WINDOWS\system32\users32.dat
    C:\WINDOWS\system32\winivstr.exe
    D:\Autorun.inf

    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

    .
    -------\LEGACY_MSUPDATE
    -------\nm


    ((((((((((((((((((((((((((((( Fichiers créés 2008-02-02 to 2008-03-02 ))))))))))))))))))))))))))))))))))))
    .

    2008-03-02 06:03 . 2008-03-02 06:03 9,296 --a------ C:\Documents and Settings\Utilisateur\xvewpv.exe
    2008-02-29 22:10 . 2008-03-02 06:56 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
    2008-02-29 22:10 . 2008-03-02 07:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-02-29 20:45 . 2008-02-29 20:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
    2008-02-29 20:36 . 2008-02-29 20:36 <REP> d-------- C:\Program Files\Yahoo!
    2008-02-29 20:36 . 2008-02-29 20:36 <REP> d-------- C:\Program Files\CCleaner
    2008-02-29 20:13 . 2008-02-29 20:18 3,274 --a------ C:\WINDOWS\system32\tmp.reg
    2008-02-29 20:12 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
    2008-02-29 20:12 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
    2008-02-29 20:12 . 2008-02-28 11:37 86,016 --a------ C:\WINDOWS\system32\VACFix.exe
    2008-02-29 20:12 . 2008-02-29 23:48 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
    2008-02-29 20:12 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
    2008-02-29 20:12 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
    2008-02-29 20:12 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
    2008-02-29 18:43 . 2008-02-29 18:43 244 --ah----- C:\sqmnoopt12.sqm
    2008-02-29 18:43 . 2008-02-29 18:43 232 --ah----- C:\sqmdata12.sqm
    2008-02-29 05:28 . 2008-03-02 06:57 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
    2008-02-29 05:17 . 2008-02-29 05:17 396,288 --a------ C:\HijackThis.exe
    2008-02-29 05:08 . 2008-02-29 05:08 <REP> d-------- C:\Program Files\Trend Micro
    2008-02-28 15:21 . 2008-02-29 04:35 92 --a------ C:\Documents and Settings\Utilisateur\delself.bat
    2008-02-28 15:14 . 2008-02-29 04:35 50,688 --a------ C:\qklxwxtc.exe
    2008-02-28 15:14 . 2008-02-29 04:35 3,584 --a------ C:\nnpnvxjy.exe
    2008-02-28 15:14 . 2008-02-29 04:35 2 --a------ C:\-462228298
    2008-02-28 15:03 . 2008-02-28 15:03 19,989 --a------ C:\Program Files\Fichiers communs\dykadaga.vbs
    2008-02-28 15:03 . 2008-02-28 15:03 19,710 --a------ C:\Documents and Settings\All Users\Application Data\iqyve.exe
    2008-02-28 15:03 . 2008-02-28 15:03 18,355 --a------ C:\Documents and Settings\All Users\Application Data\dofevojize.sys
    2008-02-28 15:03 . 2008-02-28 15:03 18,238 --a------ C:\Documents and Settings\Utilisateur\Application Data\ysohyvy.reg
    2008-02-28 15:03 . 2008-02-28 15:03 17,781 --a------ C:\Documents and Settings\Utilisateur\Application Data\vifo.com
    2008-02-28 15:03 . 2008-02-28 15:03 17,721 --a------ C:\WINDOWS\iqawosug.dl
    2008-02-28 15:03 . 2008-02-28 15:03 17,093 --a------ C:\WINDOWS\ekyc.pif
    2008-02-28 15:03 . 2008-02-28 15:03 16,503 --a------ C:\WINDOWS\vyto.sys
    2008-02-28 15:03 . 2008-02-28 15:03 16,295 --a------ C:\WINDOWS\kyxyg._dl
    2008-02-28 15:03 . 2008-02-28 15:03 14,899 --a------ C:\Documents and Settings\Utilisateur\Application Data\tohibamopi.com
    2008-02-28 15:03 . 2008-02-28 15:03 12,487 --a------ C:\WINDOWS\ulufyheqa.db
    2008-02-28 15:03 . 2008-02-28 15:03 11,994 --a------ C:\WINDOWS\ewyxega.scr
    2008-02-28 15:03 . 2008-02-28 15:03 11,969 --a------ C:\WINDOWS\wogeq.pif
    2008-02-28 15:03 . 2008-02-28 15:03 11,649 --a------ C:\Documents and Settings\Utilisateur\Application Data\qukuk.reg
    2008-02-28 15:03 . 2008-02-28 15:03 10,733 --a------ C:\WINDOWS\vakoro._sy
    2008-02-28 15:03 . 2008-02-28 15:03 10,229 --a------ C:\Documents and Settings\All Users\Application Data\unygykavoj.dll
    2008-02-28 13:55 . 2008-02-29 04:35 58,368 --a------ C:\famwssg.exe
    2008-02-28 13:55 . 2008-02-28 13:55 54,764 --a------ C:\WINDOWS\system\userinfo32.ggt
    2008-02-28 09:14 . 2008-02-28 09:14 244 --ah----- C:\sqmnoopt11.sqm
    2008-02-28 09:14 . 2008-02-28 09:14 232 --ah----- C:\sqmdata11.sqm
    2008-02-23 16:33 . 2008-02-23 16:33 <REP> d-------- C:\Program Files\Fichiers communs\Adobe Systems Shared
    2008-02-23 16:33 . 2008-02-23 16:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems
    2008-02-23 16:12 . 2008-02-23 16:13 <REP> d-------- C:\Program Files\DAEMON Tools Lite
    2008-02-23 16:12 . 2008-02-29 22:42 <REP> d-------- C:\Program Files\AdVantage
    2008-02-23 16:12 . 2008-02-23 16:12 <REP> d-------- C:\Documents and Settings\Utilisateur\Application Data\DAEMON Tools
    2008-02-23 16:07 . 2008-02-23 16:07 715,248 --a------ C:\WINDOWS\system32\drivers\sptd.sys
    2008-02-23 16:04 . 2008-02-28 20:25 <REP> d-------- C:\Program Files\Windows Live Safety Center
    2008-02-22 20:23 . 2008-02-22 20:23 <REP> d-------- C:\videodvdmaker
    2008-02-22 20:23 . 2008-02-22 20:23 <REP> d-------- C:\Documents and Settings\Utilisateur\Application Data\Video DVD Maker FREE
    2008-02-22 20:20 . 2008-02-22 20:20 <REP> d-------- C:\Program Files\Video DVD Maker
    2008-02-14 07:36 . 2008-02-14 07:36 244 --ah----- C:\sqmnoopt10.sqm
    2008-02-14 07:36 . 2008-02-14 07:36 232 --ah----- C:\sqmdata10.sqm
    2008-02-12 17:00 . 2008-02-12 17:00 <REP> d-------- C:\Program Files\iPod

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-03-01 03:48 --------- d-----w C:\Program Files\Dofus
    2008-02-29 20:00 --------- d-----w C:\Program Files\Norton Security Scan
    2008-02-28 20:03 16,413 ----a-w C:\Program Files\Fichiers communs\lowozog._sy
    2008-02-26 21:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\ZoomBrowser
    2008-02-26 21:08 --------- d-----w C:\Documents and Settings\Utilisateur\Application Data\ZoomBrowser EX
    2008-02-23 21:35 --------- d-----w C:\Program Files\Fichiers communs\Adobe
    2008-02-12 22:01 --------- d-----w C:\Program Files\iTunes
    2008-02-12 21:59 --------- d-----w C:\Program Files\QuickTime
    2008-01-26 10:48 --------- d-----w C:\Program Files\World of Warcraft
    2008-01-20 02:24 --------- d-----w C:\Program Files\Free iPod Video Converter
    2008-01-07 15:51 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-01-07 15:50 --------- d-----w C:\Program Files\Mindscape
    2008-01-03 15:37 --------- d-----w C:\Program Files\Canon
    2008-01-03 15:35 --------- d-----w C:\Program Files\Fichiers communs\Canon
    2008-01-02 04:59 --------- d-----w C:\Documents and Settings\Utilisateur\Application Data\Apple Computer
    2004-10-01 19:00 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
    2002-10-25 19:29 457,172 ----a-w C:\Program Files\Patch01.GS1
    2002-10-24 21:40 3,349,971 ----a-w C:\Program Files\dmcr.exe
    2002-10-18 18:07 180,224 ----a-w C:\Program Files\VOPL.EXE
    2002-10-17 22:13 356,419 ----a-w C:\Program Files\DipServer.dll
    2002-10-16 22:30 1,854 ----a-w C:\Program Files\sb.dat
    2002-10-16 22:08 245,827 ----a-w C:\Program Files\LF_Server.dll
    2002-10-16 22:07 294,983 ----a-w C:\Program Files\intExplorer.dll
    2002-10-16 20:18 307,259 ----a-w C:\Program Files\iChat.dll
    2002-10-15 23:33 698,138,183 ----a-w C:\Program Files\ALL.GSC
    2002-10-15 21:26 27 ----a-w C:\Program Files\mode.dat
    2002-10-15 21:26 20 ----a-w C:\Program Files\multi.opt
    2002-10-15 21:26 13 ----a-w C:\Program Files\MuliExOpt.dat
    2002-10-15 21:26 12 ----a-w C:\Program Files\comp.opt
    2002-10-15 21:26 1 ----a-w C:\Program Files\smiss.opt
    2002-10-15 21:25 768 ----a-w C:\Program Files\agew_1.pal
    2002-10-09 21:57 4,843,061 ----a-w C:\Program Files\Battle.m3d
    2002-09-26 15:20 73,728 ----a-w C:\Program Files\sendbug.exe
    2002-05-15 16:25 335,937 ----a-w C:\Program Files\gw_server.dll
    2002-05-13 20:54 3,951,061 ----a-w C:\Program Files\Singledemo.m3d
    2002-01-04 22:25 371,712 ----a-w C:\Program Files\httpc.exe
    2001-11-12 12:42 98,304 ----a-w C:\Program Files\Wintab32.dll
    2001-11-07 14:48 335,872 ----a-w C:\Program Files\cew.dll
    2000-09-12 04:09 291,840 ----a-w C:\Program Files\binkw32.dll
    1997-01-03 09:50 53,248 ----a-w C:\Program Files\unrar.dll
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 07:00 15360]
    "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55 5674352]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-14 05:30 68856]
    "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2007-12-15 05:02 482760]
    "braviax"="C:\WINDOWS\system32\braviax.exe" [ ]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Smapp"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" [2003-07-30 08:08 143360]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 05:06 79224]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-06-28 23:43 8466432]
    "nwiz"="nwiz.exe" [2007-06-28 23:43 1626112 C:\WINDOWS\system32\nwiz.exe]
    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-06-28 23:43 81920]
    "RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 19:24 32768]
    "InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2006-07-12 04:58 1397760]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06 40048]
    "QuickTime Task"="C:\program files\quicktime\qttask.exe" [2008-01-31 23:13 385024]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-04 14:18 267048]
    "braviax"="braviax.exe" []

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 07:00 15360]
    "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 11:55 5674352]

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001
    "UpdatesDisableNotify"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\MSN Messenger\\livecall.exe"=
    "C:\\Program Files\\Hasbro Interactive\\RollerCoaster Tycoon\\rct.exe"=
    "C:\\WINDOWS\\system32\\sessmgr.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=
    "C:\\DOCUME~1\\UTILIS~1\\LOCALS~1\\Temp\\services.exe"=

    R3 SNPP106;PC Camera (6029 CIF);C:\WINDOWS\system32\DRIVERS\snpp106.sys [2003-04-09 10:44]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
    \Shell\AutoRun\command - G:\LaunchU3.exe


    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}]
    rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\fpxpress.inf,PerUserstub
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-03-01 00:58:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-02-29 23:45:43 C:\WINDOWS\Tasks\Norton Security Scan.job"
    - C:\Program Files\Norton Security Scan\Nss.exe
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-02 07:06:02
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    ------------------------ Other Running Processes ------------------------
    .
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\mgabg.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\wscntfy.exe
    .
    **************************************************************************
    .
    Temps d'accomplissement: 2008-03-02 7:08:44 - machine was rebooted
    ComboFix-quarantined-files.txt 2008-03-02 12:08:39
    .
    2008-02-13 01:00:39 --- E O F ---
    2 Mars 2008 17:52:06

    eee t'es toujours la mec? lol jcrois que ça doit être le décalage horaire...
    a b 8 Sécurité
    2 Mars 2008 19:18:00

    Re,

    [#ff0000]Désactive tes protections résidentes (antivirus...) ![/#f]
    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    File::
    C:\Documents and Settings\Utilisateur\xvewpv.exe
    C:\qklxwxtc.exe
    C:\nnpnvxjy.exe
    C:\Program Files\Fichiers communs\dykadaga.vbs
    C:\Documents and Settings\All Users\Application Data\iqyve.exe
    C:\Documents and Settings\All Users\Application Data\dofevojize.sys
    C:\Documents and Settings\Utilisateur\Application Data\ysohyvy.reg
    C:\Documents and Settings\Utilisateur\Application Data\vifo.com
    C:\WINDOWS\iqawosug.dl
    C:\WINDOWS\ekyc.pif
    C:\WINDOWS\vyto.sys
    C:\WINDOWS\kyxyg._dl
    C:\Documents and Settings\Utilisateur\Application Data\tohibamopi.com
    C:\WINDOWS\ulufyheqa.db
    C:\WINDOWS\ewyxega.scr
    C:\WINDOWS\wogeq.pif
    C:\Documents and Settings\Utilisateur\Application Data\qukuk.reg
    C:\WINDOWS\vakoro._sy
    C:\Documents and Settings\All Users\Application Data\unygykavoj.dll
    C:\famwssg.exe
    C:\Program Files\Fichiers communs\lowozog._sy
    C:\WINDOWS\system32\braviax.exe

    Registry::
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "braviax"=-
    "SpybotSD TeaTimer"=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "braviax"=-


    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :


    Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
    [#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
    2 Mars 2008 20:58:40

    Voici celui de combofix!!!

    ComboFix 08-03-01.3 - Utilisateur 2008-03-02 14:52:59.2 - NTFSx86
    Endroit: C:\Documents and Settings\Utilisateur\Bureau\ComboFix.exe
    Command switches used :: C:\Documents and Settings\Utilisateur\Bureau\CFScript.txt
    * Création d'un nouveau point de restauration

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!

    FILE ::
    C:\Documents and Settings\All Users\Application Data\dofevojize.sys
    C:\Documents and Settings\All Users\Application Data\iqyve.exe
    C:\Documents and Settings\All Users\Application Data\unygykavoj.dll
    C:\Documents and Settings\Utilisateur\Application Data\qukuk.reg
    C:\Documents and Settings\Utilisateur\Application Data\tohibamopi.com
    C:\Documents and Settings\Utilisateur\Application Data\vifo.com
    C:\Documents and Settings\Utilisateur\Application Data\ysohyvy.reg
    C:\Documents and Settings\Utilisateur\xvewpv.exe
    C:\famwssg.exe
    C:\nnpnvxjy.exe
    C:\Program Files\Fichiers communs\dykadaga.vbs
    C:\Program Files\Fichiers communs\lowozog._sy
    C:\qklxwxtc.exe
    C:\WINDOWS\ekyc.pif
    C:\WINDOWS\ewyxega.scr
    C:\WINDOWS\iqawosug.dl
    C:\WINDOWS\kyxyg._dl
    C:\WINDOWS\system32\braviax.exe
    C:\WINDOWS\ulufyheqa.db
    C:\WINDOWS\vakoro._sy
    C:\WINDOWS\vyto.sys
    C:\WINDOWS\wogeq.pif
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\Documents and Settings\All Users\Application Data\dofevojize.sys
    C:\Documents and Settings\All Users\Application Data\iqyve.exe
    C:\Documents and Settings\All Users\Application Data\unygykavoj.dll
    C:\Documents and Settings\Utilisateur\Application Data\qukuk.reg
    C:\Documents and Settings\Utilisateur\Application Data\tohibamopi.com
    C:\Documents and Settings\Utilisateur\Application Data\vifo.com
    C:\Documents and Settings\Utilisateur\Application Data\ysohyvy.reg
    C:\Documents and Settings\Utilisateur\xvewpv.exe
    C:\famwssg.exe
    C:\nnpnvxjy.exe
    C:\Program Files\Fichiers communs\dykadaga.vbs
    C:\Program Files\Fichiers communs\lowozog._sy
    C:\qklxwxtc.exe
    C:\WINDOWS\ekyc.pif
    C:\WINDOWS\ewyxega.scr
    C:\WINDOWS\iqawosug.dl
    C:\WINDOWS\kyxyg._dl
    C:\WINDOWS\ulufyheqa.db
    C:\WINDOWS\vakoro._sy
    C:\WINDOWS\vyto.sys
    C:\WINDOWS\wogeq.pif

    .
    ((((((((((((((((((((((((((((( Fichiers créés 2008-02-02 to 2008-03-02 ))))))))))))))))))))))))))))))))))))
    .

    2008-02-29 22:10 . 2008-03-02 06:56 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
    2008-02-29 22:10 . 2008-03-02 07:06 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-02-29 20:45 . 2008-02-29 20:45 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
    2008-02-29 20:36 . 2008-02-29 20:36 <REP> d-------- C:\Program Files\Yahoo!
    2008-02-29 20:36 . 2008-02-29 20:36 <REP> d-------- C:\Program Files\CCleaner
    2008-02-29 20:13 . 2008-02-29 20:18 3,274 --a------ C:\WINDOWS\system32\tmp.reg
    2008-02-29 20:12 . 2007-09-05 23:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
    2008-02-29 20:12 . 2006-04-27 16:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
    2008-02-29 20:12 . 2008-02-28 11:37 86,016 --a------ C:\WINDOWS\system32\VACFix.exe
    2008-02-29 20:12 . 2008-02-29 23:48 82,432 --a------ C:\WINDOWS\system32\IEDFix.exe
    2008-02-29 20:12 . 2003-06-05 20:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
    2008-02-29 20:12 . 2004-07-31 17:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
    2008-02-29 20:12 . 2007-10-03 23:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
    2008-02-29 18:43 . 2008-02-29 18:43 244 --ah----- C:\sqmnoopt12.sqm
    2008-02-29 18:43 . 2008-02-29 18:43 232 --ah----- C:\sqmdata12.sqm
    2008-02-29 05:28 . 2008-03-02 06:57 <REP> d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
    2008-02-29 05:17 . 2008-02-29 05:17 396,288 --a------ C:\HijackThis.exe
    2008-02-29 05:08 . 2008-02-29 05:08 <REP> d-------- C:\Program Files\Trend Micro
    2008-02-28 15:21 . 2008-02-29 04:35 92 --a------ C:\Documents and Settings\Utilisateur\delself.bat
    2008-02-28 15:14 . 2008-02-29 04:35 2 --a------ C:\-462228298
    2008-02-28 13:55 . 2008-02-28 13:55 54,764 --a------ C:\WINDOWS\system\userinfo32.ggt
    2008-02-28 09:14 . 2008-02-28 09:14 244 --ah----- C:\sqmnoopt11.sqm
    2008-02-28 09:14 . 2008-02-28 09:14 232 --ah----- C:\sqmdata11.sqm
    2008-02-23 16:33 . 2008-02-23 16:33 <REP> d-------- C:\Program Files\Fichiers communs\Adobe Systems Shared
    2008-02-23 16:33 . 2008-02-23 16:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems
    2008-02-23 16:12 . 2008-02-23 16:13 <REP> d-------- C:\Program Files\DAEMON Tools Lite
    2008-02-23 16:12 . 2008-02-29 22:42 <REP> d-------- C:\Program Files\AdVantage
    2008-02-23 16:12 . 2008-02-23 16:12 <REP> d-------- C:\Documents and Settings\Utilisateur\Application Data\DAEMON Tools
    2008-02-23 16:07 . 2008-02-23 16:07 715,248 --a------ C:\WINDOWS\system32\drivers\sptd.sys
    2008-02-23 16:04 . 2008-02-28 20:25 <REP> d-------- C:\Program Files\Windows Live Safety Center
    2008-02-22 20:23 . 2008-02-22 20:23 <REP> d-------- C:\videodvdmaker
    2008-02-22 20:23 . 2008-02-22 20:23 <REP> d-------- C:\Documents and Settings\Utilisateur\Application Data\Video DVD Maker FREE
    2008-02-22 20:20 . 2008-02-22 20:20 <REP> d-------- C:\Program Files\Video DVD Maker
    2008-02-14 07:36 . 2008-02-14 07:36 244 --ah----- C:\sqmnoopt10.sqm
    2008-02-14 07:36 . 2008-02-14 07:36 232 --ah----- C:\sqmdata10.sqm
    2008-02-12 17:00 . 2008-02-12 17:00 <REP> d-------- C:\Program Files\iPod

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-03-01 03:48 --------- d-----w C:\Program Files\Dofus
    2008-02-29 20:00 --------- d-----w C:\Program Files\Norton Security Scan
    2008-02-26 21:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\ZoomBrowser
    2008-02-26 21:08 --------- d-----w C:\Documents and Settings\Utilisateur\Application Data\ZoomBrowser EX
    2008-02-23 21:35 --------- d-----w C:\Program Files\Fichiers communs\Adobe
    2008-02-12 22:01 --------- d-----w C:\Program Files\iTunes
    2008-02-12 21:59 --------- d-----w C:\Program Files\QuickTime
    2008-01-26 10:48 --------- d-----w C:\Program Files\World of Warcraft
    2008-01-20 02:24 --------- d-----w C:\Program Files\Free iPod Video Converter
    2008-01-07 15:51 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-01-07 15:50 --------- d-----w C:\Program Files\Mindscape
    2008-01-03 15:37 --------- d-----w C:\Program Files\Canon
    2008-01-03 15:35 --------- d-----w C:\Program Files\Fichiers communs\Canon
    2008-01-02 04:59 --------- d-----w C:\Documents and Settings\Utilisateur\Application Data\Apple Computer
    2007-12-27 09:58 21,840 ----atw C:\WINDOWS\system32\SIntfNT.dll
    2007-12-27 09:58 17,212 ----atw C:\WINDOWS\system32\SIntf32.dll
    2007-12-27 09:58 12,067 ----atw C:\WINDOWS\system32\SIntf16.dll
    2007-12-07 02:08 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
    2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
    2004-10-01 19:00 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
    2002-10-25 19:29 457,172 ----a-w C:\Program Files\Patch01.GS1
    2002-10-24 21:40 3,349,971 ----a-w C:\Program Files\dmcr.exe
    2002-10-18 18:07 180,224 ----a-w C:\Program Files\VOPL.EXE
    2002-10-17 22:13 356,419 ----a-w C:\Program Files\DipServer.dll
    2002-10-16 22:30 1,854 ----a-w C:\Program Files\sb.dat
    2002-10-16 22:08 245,827 ----a-w C:\Program Files\LF_Server.dll
    2002-10-16 22:07 294,983 ----a-w C:\Program Files\intExplorer.dll
    2002-10-16 20:18 307,259 ----a-w C:\Program Files\iChat.dll
    2002-10-15 23:33 698,138,183 ----a-w C:\Program Files\ALL.GSC
    2002-10-15 21:26 27 ----a-w C:\Program Files\mode.dat
    2002-10-15 21:26 20 ----a-w C:\Program Files\multi.opt
    2002-10-15 21:26 13 ----a-w C:\Program Files\MuliExOpt.dat
    2002-10-15 21:26 12 ----a-w C:\Program Files\comp.opt
    2002-10-15 21:26 1 ----a-w C:\Program Files\smiss.opt
    2002-10-15 21:25 768 ----a-w C:\Program Files\agew_1.pal
    2002-10-09 21:57 4,843,061 ----a-w C:\Program Files\Battle.m3d
    2002-09-26 15:20 73,728 ----a-w C:\Program Files\sendbug.exe
    2002-05-15 16:25 335,937 ----a-w C:\Program Files\gw_server.dll
    2002-05-13 20:54 3,951,061 ----a-w C:\Program Files\Singledemo.m3d
    2002-01-04 22:25 371,712 ----a-w C:\Program Files\httpc.exe
    2001-11-12 12:42 98,304 ----a-w C:\Program Files\Wintab32.dll
    2001-11-07 14:48 335,872 ----a-w C:\Program Files\cew.dll
    2000-09-12 04:09 291,840 ----a-w C:\Program Files\binkw32.dll
    1997-01-03 09:50 53,248 ----a-w C:\Program Files\unrar.dll
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 07:00 15360]
    "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55 5674352]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-14 05:30 68856]
    "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2007-12-15 05:02 482760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Smapp"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" [2003-07-30 08:08 143360]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-09-06 05:06 79224]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2007-06-28 23:43 8466432]
    "nwiz"="nwiz.exe" [2007-06-28 23:43 1626112 C:\WINDOWS\system32\nwiz.exe]
    "NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-06-28 23:43 81920]
    "RemoteControl"="C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe" [2004-11-02 19:24 32768]
    "InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2006-07-12 04:58 1397760]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50 155648]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11 132496]
    "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 02:06 40048]
    "QuickTime Task"="C:\program files\quicktime\qttask.exe" [2008-01-31 23:13 385024]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-04 14:18 267048]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 07:00 15360]
    "msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 11:55 5674352]

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusDisableNotify"=dword:00000001
    "UpdatesDisableNotify"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\MSN Messenger\\livecall.exe"=
    "C:\\Program Files\\Hasbro Interactive\\RollerCoaster Tycoon\\rct.exe"=
    "C:\\WINDOWS\\system32\\sessmgr.exe"=
    "C:\\Program Files\\iTunes\\iTunes.exe"=

    R3 SNPP106;PC Camera (6029 CIF);C:\WINDOWS\system32\DRIVERS\snpp106.sys [2003-04-09 10:44]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
    \Shell\AutoRun\command - G:\LaunchU3.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ffae84a6-e253-11dc-9c33-001321c731cb}]
    \Shell\AutoRun\command - G:\Setup.exe -auto


    [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{E4066320-E4AE-11CF-B1B0-00AA00BBAD66}]
    rundll32.exe advpack.dll,LaunchINFSection %SystemRoot%\INF\fpxpress.inf,PerUserstub
    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2008-03-01 00:58:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe
    "2008-02-29 23:45:43 C:\WINDOWS\Tasks\Norton Security Scan.job"
    - C:\Program Files\Norton Security Scan\Nss.exe
    .
    **************************************************************************

    catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-03-02 14:56:31
    Windows 5.1.2600 Service Pack 2 NTFS

    Balayage processus cachés ...

    Balayage caché autostart entries ...

    Balayage des fichiers cachés ...

    Scan terminé avec succès
    Les fichiers cachés: 0

    **************************************************************************
    .
    Temps d'accomplissement: 2008-03-02 14:57:29
    ComboFix-quarantined-files.txt 2008-03-02 19:57:14
    ComboFix2.txt 2008-03-02 12:08:44
    .
    2008-02-13 01:00:39 --- E O F ---
    2 Mars 2008 21:00:18

    Et voici le rapport HijackThis, Y a-t-il autres choses à faire?

    merci

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 14:59:17, on 2008-03-02
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\mgabg.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\program files\quicktime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-win...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINDOWS\system32\mgabg.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

    --
    End of file - 8100 bytes
    2 Mars 2008 21:16:24

    Un scan complet c'est comme je vien de faire avec les 2 affaires?
    a b 8 Sécurité
    2 Mars 2008 21:18:13

    Tu as regardé le tuto ? ;) 
    2 Mars 2008 23:25:51

    Voilà, que dois-je faire ensuite?

    AntiVir PersonalEdition Classic
    Report file date: 2 mars 2008 15:47

    Scanning for 1130387 virus strains and unwanted programs.

    Licensed to: Avira AntiVir PersonalEdition Classic
    Serial number: 0000149996-ADJIE-0001
    Platform: Windows XP
    Windows version: (Service Pack 2) [5.1.2600]
    Username: Utilisateur
    Computer name: PC-UTILISATEUR

    Version information:
    BUILD.DAT : 270 15603 Bytes 2007-09-19 13:32:00
    AVSCAN.EXE : 7.0.6.1 290856 Bytes 2007-08-23 19:16:29
    AVSCAN.DLL : 7.0.6.0 49192 Bytes 2007-08-16 18:23:51
    LUKE.DLL : 7.0.5.3 147496 Bytes 2007-08-14 21:32:47
    LUKERES.DLL : 7.0.6.1 10280 Bytes 2007-08-21 18:35:20
    ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 2007-07-18 20:27:15
    ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 2007-12-14 20:34:21
    ANTIVIR2.VDF : 7.0.2.181 1993728 Bytes 2008-02-24 20:34:21
    ANTIVIR3.VDF : 7.0.2.216 135168 Bytes 2008-03-02 20:34:21
    AVEWIN32.DLL : 7.6.0.73 3334656 Bytes 2008-03-02 20:34:22
    AVWINLL.DLL : 1.0.0.7 14376 Bytes 2007-02-26 16:36:26
    AVPREF.DLL : 7.0.2.2 25640 Bytes 2007-07-18 13:39:17
    AVREP.DLL : 7.0.0.1 155688 Bytes 2007-04-16 19:16:24
    AVPACK32.DLL : 7.6.0.3 360488 Bytes 2008-03-02 20:34:22
    AVREG.DLL : 7.0.1.6 30760 Bytes 2007-07-18 13:17:06
    AVARKT.DLL : 1.0.0.20 278568 Bytes 2007-08-28 18:26:33
    AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 2007-07-18 13:10:18
    NETNT.DLL : 7.0.0.0 7720 Bytes 2007-03-08 17:09:42
    RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 2007-08-07 18:38:13
    RCTEXT.DLL : 7.0.62.0 86056 Bytes 2007-08-21 18:50:37
    SQLITE3.DLL : 3.3.17.1 339968 Bytes 2007-07-23 15:37:21

    Configuration settings for the scan:
    Jobname..........................: Local Hard Disks
    Configuration file...............: c:\program files\avira\antivir personaledition classic\alldiscs.avp
    Logging..........................: low
    Primary action...................: interactive
    Secondary action.................: ignore
    Scan master boot sector..........: off
    Scan boot sector.................: on
    Boot sectors.....................: D:,
    Scan memory......................: on
    Process scan.....................: on
    Scan registry....................: on
    Search for rootkits..............: off
    Scan all files...................: Intelligent file selection
    Scan archives....................: on
    Recursion depth..................: 20
    Smart extensions.................: on
    Macro heuristic..................: on
    File heuristic...................: medium

    Start of the scan: 2 mars 2008 15:47

    The scan of running processes will be started
    Scan process 'avscan.exe' - '1' Module(s) have been scanned
    Scan process 'avcenter.exe' - '1' Module(s) have been scanned
    Scan process 'avgnt.exe' - '1' Module(s) have been scanned
    Scan process 'ctfmon.exe' - '1' Module(s) have been scanned
    Scan process 'explorer.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'svchost.exe' - '1' Module(s) have been scanned
    Scan process 'lsass.exe' - '1' Module(s) have been scanned
    Scan process 'services.exe' - '1' Module(s) have been scanned
    Scan process 'winlogon.exe' - '1' Module(s) have been scanned
    Scan process 'csrss.exe' - '1' Module(s) have been scanned
    Scan process 'smss.exe' - '1' Module(s) have been scanned
    13 processes with 13 modules were scanned

    Start scanning boot sectors:
    Boot sector 'C:\'
    [NOTE] No virus was found!
    Boot sector 'D:\'
    [NOTE] No virus was found!

    Starting to scan the registry.
    The registry was scanned ( '33' files ).


    Starting the file scan:

    Begin scan in 'C:\'
    C:\pagefile.sys
    [WARNING] The file could not be opened!
    C:\Documents and Settings\Utilisateur\Bureau\SmitfraudFix.exe
    [DETECTION] Contains detection pattern of the dropper DR/Tool.Reboot.F.51
    [INFO] The file was moved to '4834134a.qua'!
    C:\Documents and Settings\Utilisateur\Bureau\Upload_Me.zip
    [0] Archive type: ZIP
    --> DOCUME~1/UTILIS~1/Bureau/Upload_Me/d.exe
    [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Agent.alm Backdoor server programs
    --> DOCUME~1/UTILIS~1/Bureau/Upload_Me/famwssg.exe
    [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
    --> DOCUME~1/UTILIS~1/Bureau/Upload_Me/mhyqck.exe
    [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
    --> DOCUME~1/UTILIS~1/Bureau/Upload_Me/nnpnvxjy.exe
    [DETECTION] Is the Trojan horse TR/Crypt.FSPM.Gen
    --> DOCUME~1/UTILIS~1/Bureau/Upload_Me/pyqvmf.exe
    [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
    --> DOCUME~1/UTILIS~1/Bureau/Upload_Me/qklxwxtc.exe
    [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
    [INFO] The file was moved to '48371356.qua'!
    C:\Documents and Settings\Utilisateur\Bureau\DOCUME~1\UTILIS~1\Bureau\Upload_Me\famwssg.exe
    [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
    [INFO] The file was moved to '48381349.qua'!
    C:\Documents and Settings\Utilisateur\Bureau\DOCUME~1\UTILIS~1\Bureau\Upload_Me\nnpnvxjy.exe
    [DETECTION] Is the Trojan horse TR/Crypt.FSPM.Gen
    [INFO] The file was moved to '483b1356.qua'!
    C:\Documents and Settings\Utilisateur\Bureau\DOCUME~1\UTILIS~1\Bureau\Upload_Me\qklxwxtc.exe
    [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
    [INFO] The file was moved to '48371353.qua'!
    C:\Documents and Settings\Utilisateur\Bureau\MSNFix\MSNFix\2008-02-28_20370081.zip
    [0] Archive type: ZIP
    --> backup/d.exe
    [DETECTION] Contains a detection pattern of the (dangerous) backdoor program BDS/Agent.alm Backdoor server programs
    --> backup/mhyqck.exe
    [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
    --> backup/pyqvmf.exe
    [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
    [INFO] The file was moved to '47fb1319.qua'!
    C:\QooBox\Quarantine\C\famwssg.exe.vir
    [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
    [INFO] The file was moved to '48382075.qua'!
    C:\QooBox\Quarantine\C\nnpnvxjy.exe.vir
    [DETECTION] Is the Trojan horse TR/Crypt.FSPM.Gen
    [INFO] The file was moved to '483b2082.qua'!
    C:\QooBox\Quarantine\C\qklxwxtc.exe.vir
    [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
    [INFO] The file was moved to '4837207f.qua'!
    C:\QooBox\Quarantine\C\Documents and Settings\Utilisateur\xvewpv.exe.vir
    [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
    [INFO] The file was moved to '4830208a.qua'!
    C:\QooBox\Quarantine\C\Program Files\WinReanimator\install.exe.vir
    [DETECTION] Contains detection pattern of the Phish-File/Email PHISH/FraudTool.Reanimator.A
    [INFO] The file was moved to '483e2083.qua'!
    C:\QooBox\Quarantine\C\WINDOWS\braviax.exe.vir
    [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
    [INFO] The file was moved to '482c2088.qua'!
    C:\QooBox\Quarantine\C\WINDOWS\cru629.dat.vir
    [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
    [INFO] The file was moved to '48402088.qua'!
    C:\QooBox\Quarantine\C\WINDOWS\system32\braviax.exe.vir
    [DETECTION] Is the Trojan horse TR/Crypt.ULPM.Gen
    [INFO] The file was moved to '482c2089.qua'!
    C:\QooBox\Quarantine\C\WINDOWS\system32\cru629.dat.vir
    [DETECTION] Is the Trojan horse TR/Crypt.XPACK.Gen
    [INFO] The file was moved to '48402089.qua'!
    C:\QooBox\Quarantine\C\WINDOWS\system32\winivstr.exe.vir
    [DETECTION] Contains detection pattern of the Phish-File/Email PHISH/FraudTool.Reanimator.A
    [INFO] The file was moved to '48392080.qua'!
    C:\WINDOWS\system\userinfo32.ggt
    [DETECTION] Is the Trojan horse TR/Rootkit.Gen
    [INFO] The file was moved to '483022c1.qua'!
    C:\WINDOWS\system32\drivers\sptd.sys
    [WARNING] The file could not be opened!
    Begin scan in 'D:\' <Restore>


    End of the scan: 2 mars 2008 16:59
    Used time: 1:12:05 min

    The scan has been done completely.

    8375 Scanning directories
    288864 Files were scanned
    24 viruses and/or unwanted programs were found
    0 Files were classified as suspicious:
    0 files were deleted
    0 files were repaired
    17 files were moved to quarantine
    0 files were renamed
    2 Files cannot be scanned
    288840 Files not concerned
    1598 Archives were scanned
    2 Warnings
    0 Notes

    2 Mars 2008 23:32:25

    j'ai le même problème: img091307-www.photoshop.com!!! dois je faire les memes manip?!? aidez moi svp!!!
    2 Mars 2008 23:36:34

    créer toi un autre topic ou attend qu'il ait finit avec moi si possible ^^. dsl mais je veux me debarasser de ce virus au plus vite ^^
    2 Mars 2008 23:45:32

    je comprends désolée bon courage
    a b 8 Sécurité
    3 Mars 2008 13:53:43

    Effectivement, chacun son sujet.
    Reposte un rapport Hijackthis :) 
    3 Mars 2008 14:48:34

    Voilà, y a-t-il autres choses à faire? Je commence a voir du changement, mon ordi va à la même vitesse qu'avant et je ne recois plus gros message d'erreur^^. Y a-t-il une autre étapes?

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 08:47:16, on 2008-03-03
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16608)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\mgabg.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Canon\CAL\CALMAIN.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\DAEMON Tools Lite\daemon.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\internet explorer\iexplore.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Documents and Settings\Utilisateur\Bureau\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\program files\quicktime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\pchealth\helpctr\Binaries\MSCONFIG.EXE /auto
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe"
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/V5Cont...
    O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u3-win...
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/fl...
    O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINDOWS\system32\mgabg.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

    --
    End of file - 7895 bytes
    a b 8 Sécurité
    3 Mars 2008 15:05:10

    C'est ok pour moi. Tu as des questions ?
    3 Mars 2008 16:30:47

    Hum, est ce que j'ai des truc a réinstaller et des truc a supprimer qui sont maintenant inutiles? Si oui, lesquelles...

    Encore un gros merci pour ton aide. Tu fais de la bonne job, continue comme çà mec ^^.
    a b 8 Sécurité
    3 Mars 2008 17:10:27

    Rien à faire mis à part ça :) 

  • Télécharge ToolsCleaner sur ton Bureau.
  • Clique sur Recherche et laisse le scan se terminer.
  • Clique sur Suppression pour finaliser.
  • Clique sur Quitter, pour que le rapport puisse se créer.
  • Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\)

    Désactive puis réactive la restauration du système : Voir aide

    Ajoute maintenant [Résolu] au titre. Pour cela :
    * Clique, dans ton premier message, sur le bouton "Editer"
    * Rajoute la mention [Résolu] au titre
    * Clique ensuite sur "Valider votre message"

    Lis le dossier dossier sur la prévention et la protection pour ne plus avoir ce genre de problème en cliquant sur l'image ci-dessous :

    3 Mars 2008 18:44:48

    Un très gros merci de ton aide. T'es vraiment fort mec. A+. Si j'ai d'autre problemes, je peux revenir?


    -->- Recherche:

    C:\HijackThis.exe: trouvé !
    C:\Qoobox: trouvé !
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
    C:\Documents and Settings\Utilisateur\Bureau\HijackThis.lnk: trouvé !
    C:\Documents and Settings\Utilisateur\Bureau\Msnfix.zip: trouvé !
    C:\Documents and Settings\Utilisateur\Bureau\ComboFix.exe: trouvé !
    C:\Documents and Settings\Utilisateur\Bureau\HijackThis.exe: trouvé !
    C:\Documents and Settings\Utilisateur\Bureau\HJTInstall.exe: trouvé !
    C:\Documents and Settings\Utilisateur\Bureau\MsnFix: trouvé !
    C:\Documents and Settings\Utilisateur\Bureau\SmitFraudfix: trouvé !
    C:\Documents and Settings\Utilisateur\Bureau\MSNFix\MsnFix: trouvé !
    C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Microsoft\Messenger\mick14456@hotmail.com\Sharing Folders\aphrodite24ans@hotmail.com\MsnFix: trouvé !
    C:\Documents and Settings\Utilisateur\Recent\MSNFix.lnk: trouvé !
    C:\Program Files\Trend Micro\HijackThis: trouvé !
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
    C:\QooBox\Quarantine\C\Combofix: trouvé !

    ---------------------------------
    -->- Suppression:

    C:\HijackThis.exe: supprimé !
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
    C:\Documents and Settings\Utilisateur\Bureau\HijackThis.lnk: supprimé !
    C:\Documents and Settings\Utilisateur\Bureau\Msnfix.zip: supprimé !
    C:\Documents and Settings\Utilisateur\Bureau\ComboFix.exe: supprimé !
    C:\Documents and Settings\Utilisateur\Bureau\HijackThis.exe: supprimé !
    C:\Documents and Settings\Utilisateur\Bureau\HJTInstall.exe: supprimé !
    C:\Documents and Settings\Utilisateur\Recent\MSNFix.lnk: supprimé !
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
    C:\Qoobox: supprimé !
    C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
    C:\Documents and Settings\Utilisateur\Bureau\MsnFix: supprimé !
    C:\Documents and Settings\Utilisateur\Bureau\SmitFraudfix: supprimé !
    C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Microsoft\Messenger\mick14456@hotmail.com\Sharing Folders\aphrodite24ans@hotmail.com\MsnFix: supprimé !
    C:\Program Files\Trend Micro\HijackThis: supprimé !
    a b 8 Sécurité
    3 Mars 2008 19:04:16

    De rien ;) 
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS