Win32:Vundo@dll encore un soucis avec lui

Coucou à toutes et à tous,

Voilà j'ai vu plusieurs sujet sur ce trojan mais sachant que sache problème à une solution différente je me permet de créer mon propre sujet.

Je vu ce qu'il fallait faire avec VundoFix, Combofix,
Malwarebyte's Anti-Malware et Hijackthis. Donc voici les résultats :

- VindoFix : ne détecte rien,

- Combofix :

ComboFix 08-05-20.5 - Egairam 2008-05-21 20:12:56.1 - NTFSx86
Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.1.1036.18.897 [GMT 2:00]
Endroit: C:\Users\Egairam\Desktop\ComboFix.exe
* Création d'un nouveau point de restauration
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\DRV\Tuner\Yuan\Resources\_desktop.ini
C:\Windows\system32\ACER.exe
C:\Windows\system32\iifcDSlk.dll
C:\Windows\system32\wvuspMfG.dll
C:\Windows\system32\x64
C:\Windows\system32\x64\csnp2uvc.dll
C:\Windows\system32\x64\rsnpvc64.dll
C:\Windows\system32\x64\sncduvc.sys
C:\Windows\system32\x64\snp2uvc.sys
C:\Windows\system32\x64\vsnpvc64.dll

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-21 to 2008-05-21 ))))))))))))))))))))))))))))))))))))
.

2008-05-21 14:07 . 2008-05-21 14:07 <REP> d-------- C:\VundoFix Backups
2008-05-21 06:33 . 2008-05-21 06:33 <REP> d-------- C:\Program Files\AbsoluteTransfer
2008-05-21 05:34 . 2008-05-21 01:46 176,128 --a------ C:\Windows\gnowmebk.dll
2008-05-21 05:33 . 2008-05-21 05:33 <REP> d-------- C:\Users\All Users\Adsl Software Limited
2008-05-21 05:33 . 2008-05-21 05:33 <REP> d-------- C:\ProgramData\Adsl Software Limited
2008-05-15 04:47 . 2008-05-15 04:47 <REP> d-------- C:\Program Files\Microsoft Silverlight
2008-05-13 19:36 . 2008-05-17 05:08 730 --a------ C:\Windows\CoD.INI
2008-05-07 23:11 . 2008-05-07 23:11 <REP> d-------- C:\Users\Egairam\AppData\Roaming\InstallShield
2008-05-07 06:22 . 2007-08-31 03:23 224,768 --a------ C:\Windows\System32\drivers\usbport.sys
2008-05-07 06:22 . 2007-08-31 03:24 193,536 --a------ C:\Windows\System32\drivers\usbhub.sys
2008-05-07 06:22 . 2007-08-31 03:23 73,216 --a------ C:\Windows\System32\drivers\usbccgp.sys
2008-05-07 06:22 . 2007-08-31 03:23 38,400 --a------ C:\Windows\System32\drivers\usbehci.sys
2008-05-07 06:22 . 2007-08-31 03:23 23,040 --a------ C:\Windows\System32\drivers\usbuhci.sys
2008-05-07 06:22 . 2007-08-31 04:12 8,704 --a------ C:\Windows\System32\hcrstco.dll
2008-05-07 06:22 . 2007-08-31 03:23 5,888 --a------ C:\Windows\System32\drivers\usbd.sys
2008-05-05 11:49 . 2008-03-08 04:14 148,992 --a------ C:\Windows\System32\drivers\ks.sys
2008-05-05 11:49 . 2007-12-16 13:42 83,968 --a------ C:\Windows\System32\dnsrslvr.dll
2008-05-05 11:49 . 2007-12-16 13:41 24,576 --a------ C:\Windows\System32\dnscacheugc.exe
2008-05-02 05:02 . 2008-05-02 05:02 <REP> d-------- C:\Program Files\Common Files\Skype
2008-05-02 05:02 . 2008-05-02 05:02 56 --ah----- C:\Windows\System32\ezsidmv.dat
2008-04-27 18:50 . 2008-04-27 18:50 <REP> d-------- C:\Users\All Users\Forge of Games
2008-04-27 18:50 . 2008-04-27 18:50 <REP> d-------- C:\ProgramData\Forge of Games

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-21 18:05 27,525 ----a-w C:\Users\Egairam\AppData\Roaming\nvModes.dat
2008-05-21 16:05 --------- d-----w C:\Users\Egairam\AppData\Roaming\OpenOffice.org2
2008-05-21 01:20 --------- d-----w C:\Program Files\Notepad++
2008-05-17 02:20 --------- d-----w C:\Users\Egairam\AppData\Roaming\FileZilla
2008-05-15 23:18 50,768 ----a-w C:\Windows\system32\drivers\aswMonFlt.sys
2008-05-12 04:36 --------- d-----w C:\Program Files\Launch Manager
2008-05-10 00:45 --------- d-----w C:\Program Files\FileZilla
2008-05-07 02:20 --------- d-----w C:\Users\Egairam\AppData\Roaming\Skype
2008-05-07 02:11 --------- d-----w C:\Users\Egairam\AppData\Roaming\skypePM
2008-05-05 11:59 --------- d-----w C:\Program Files\Slayers Online
2008-05-04 19:37 174 --sha-w C:\Program Files\desktop.ini
2008-05-04 19:31 --------- d-----w C:\Program Files\Windows Sidebar
2008-05-04 19:31 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-05-04 19:31 --------- d-----w C:\Program Files\Windows Mail
2008-05-04 19:31 --------- d-----w C:\Program Files\Windows Journal
2008-05-04 19:31 --------- d-----w C:\Program Files\Windows Defender
2008-05-04 19:31 --------- d-----w C:\Program Files\Windows Collaboration
2008-05-04 19:31 --------- d-----w C:\Program Files\Windows Calendar
2008-05-04 19:03 --------- d-----w C:\Program Files\Java
2008-05-04 18:54 --------- d-----w C:\Users\Egairam\AppData\Roaming\Notepad++
2008-05-04 18:54 --------- d-----w C:\ProgramData\FLEXnet
2008-05-04 18:54 --------- d-----w C:\Program Files\Skype
2008-05-04 18:54 --------- d-----w C:\Program Files\PhotoFiltre Studio
2008-04-26 02:37 351,782 ---ha-w C:\Windows\system32\drivers\vsconfig.xml
2008-04-16 01:19 --------- d-----w C:\Program Files\3DO
2008-04-15 14:09 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-15 14:09 --------- d-----w C:\Program Files\Canon
2008-04-15 13:49 --------- d--h--w C:\ProgramData\CanonBJ
2008-04-15 00:59 --------- d-----w C:\Program Files\MSN BackUp
2008-04-12 03:52 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-04-11 10:42 --------- d-----w C:\Program Files\Google
2008-04-10 01:52 --------- d-----w C:\Program Files\DivX
2008-04-09 23:08 --------- d-----w C:\Program Files\Championship Manager 00-01
2008-04-07 00:03 --------- d-----w C:\ProgramData\LightScribe
2008-04-06 23:45 --------- d-----w C:\Users\Egairam\AppData\Roaming\Nero
2008-04-06 23:44 --------- d-----w C:\Program Files\Common Files\Nero
2008-04-06 23:42 --------- d-----w C:\ProgramData\Nero
2008-04-06 23:42 --------- d-----w C:\Program Files\Nero
2008-04-06 22:50 --------- d-----w C:\Program Files\Common Files\Adobe
2008-04-06 22:48 --------- d-----w C:\Program Files\Common Files\Control Panels
2008-04-06 22:45 --------- d-----w C:\ProgramData\ALM
2008-04-06 22:38 --------- d-----w C:\Program Files\QuickTime
2008-04-06 22:28 --------- d-----w C:\Program Files\Bonjour
2008-04-06 22:23 --------- d-----w C:\Program Files\Common Files\Macrovision Shared
2008-04-06 00:50 --------- d-----w C:\Users\Egairam\AppData\Roaming\DivX
2008-04-05 15:40 --------- d-----w C:\Program Files\SuperCopier2
2008-04-05 12:51 685,816 ----a-w C:\Windows\system32\drivers\sptd.sys
2008-04-05 12:17 --------- d-----w C:\Program Files\Common Files\PX Storage Engine
2008-04-04 19:01 --------- d-----w C:\Users\Egairam\AppData\Roaming\PeerNetworking
2008-04-04 16:27 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-04-04 16:12 --------- d-----w C:\Program Files\MultipleIEs
2008-04-04 14:44 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-04-04 14:29 --------- d-----w C:\ProgramData\Messenger Plus!
2008-04-04 14:02 32 ----a-w C:\Users\All Users\ezsid.dat
2008-04-04 14:02 32 ----a-w C:\ProgramData\ezsid.dat
2008-04-04 14:00 --------- d-----w C:\ProgramData\Skype
2008-04-04 13:58 --------- d-----w C:\Program Files\OpenOffice.org 2.4
2008-04-04 13:57 --------- d-----w C:\Program Files\Common Files\Java
2008-04-04 13:54 --------- d-----w C:\Program Files\Acer GameZone
2008-04-04 13:31 70,144 ----a-w C:\Windows\system32\drivers\pacer.sys
2008-04-04 13:31 619,008 ----a-w C:\Windows\system32\drivers\dxgkrnl.sys
2008-04-04 13:31 61,952 ----a-w C:\Windows\system32\drivers\wanarp.sys
2008-04-04 13:31 48,640 ----a-w C:\Windows\system32\drivers\ndproxy.sys
2008-04-04 13:31 20,480 ----a-w C:\Windows\system32\drivers\ndistapi.sys
2008-04-04 13:30 41,984 ----a-w C:\Windows\system32\drivers\monitor.sys
2008-04-04 13:30 28,344 ----a-w C:\Windows\system32\drivers\battc.sys
2008-04-04 13:30 258,232 ----a-w C:\Windows\system32\drivers\acpi.sys
2008-04-04 13:30 20,920 ----a-w C:\Windows\system32\drivers\compbatt.sys
2008-04-04 13:30 2,923,520 ----a-w C:\Windows\explorer.exe
2008-04-04 13:30 14,208 ----a-w C:\Windows\system32\drivers\CmBatt.sys
2008-04-04 13:30 11,264 ----a-w C:\Windows\system32\drivers\wmiacpi.sys
2008-04-04 13:30 1,060,920 ----a-w C:\Windows\system32\drivers\ntfs.sys
2008-04-04 13:29 45,112 ----a-w C:\Windows\system32\drivers\pciidex.sys
2008-04-04 13:29 211,000 ----a-w C:\Windows\system32\drivers\volsnap.sys
2008-04-04 13:29 21,560 ----a-w C:\Windows\system32\drivers\atapi.sys
2008-04-04 13:29 154,624 ----a-w C:\Windows\system32\drivers\nwifi.sys
2008-04-04 13:29 15,928 ----a-w C:\Windows\system32\drivers\pciide.sys
2008-04-04 13:29 109,624 ----a-w C:\Windows\system32\drivers\ataport.sys
2008-04-04 13:29 --------- d-----w C:\Program Files\Microsoft CAPICOM 2.1.0.2
2008-04-04 13:28 --------- d-----w C:\ProgramData\CheckPoint
2008-04-04 13:28 --------- d-----w C:\Program Files\Zone Labs
2008-04-04 13:27 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-04-04 13:27 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-04-04 13:27 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-04-04 13:27 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-04-04 13:27 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-04-04 13:02 --------- d-----w C:\Program Files\Windows Live
2008-04-04 12:54 --------- d-----w C:\ProgramData\Microsoft Help
2008-04-04 12:54 --------- d-----w C:\Program Files\Microsoft Works
2008-04-04 12:49 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-04-04 12:48 --------- d-----w C:\ProgramData\Symantec
2008-04-04 11:40 --------- d-----w C:\Users\Egairam\AppData\Roaming\CyberLink
2008-04-04 11:40 --------- d-----w C:\ProgramData\CyberLink
2008-04-04 10:57 --------- d-----w C:\Users\Egairam\AppData\Roaming\Lavasoft
2008-04-04 10:56 --------- d-----w C:\Program Files\Lavasoft
2008-04-04 10:51 --------- d-----w C:\Program Files\Alwil Software
2008-04-04 10:42 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-04-04 10:36 --------- d-----w C:\ProgramData\WLInstaller
2008-04-04 10:24 --------- d---a-w C:\ProgramData\TEMP
2008-04-04 09:02 --------- d-----w C:\Program Files\CCleaner
.

------- Sigcheck -------

.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{18CB1A7B-94CD-4582-8022-ADA16851E44B}]
2008-03-27 15:02 247296 --a------ C:\Program Files\AbsoluteTransfer\AbsoluteTransfer.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acer Tour Reminder"="C:\Acer\AcerTour\Reminder.exe" [2007-05-22 15:49 151552]
"Speech Recognition"="C:\Windows\Speech\Common\sapisvr.exe" [2006-11-02 11:45 49664]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 14:36 201728]
"WinSpywareProtect (ver. 5.1)"="C:\ProgramData\Adsl Software Limited\WinSpywareProtect\WinSpywareProtect.exe" [2008-05-21 05:34 1338880]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-08-10 08:58 1006264]
"RtHDVCpl"="RtHDVCpl.exe" [2007-07-06 05:06 4669440 C:\Windows\RtHDVCpl.exe]
"eDataSecurity Loader"="C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe" [2007-04-25 16:33 457216]
"Acer Tour"="" []
"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2007-06-27 11:15 752136]
"PlayMovie"="C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe" [2007-05-24 14:38 206952]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2007-03-21 14:00 174872]
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2007-06-06 10:06 159744]
"eRecoveryService"="" []
"Acer Tour Reminder"="C:\Acer\AcerTour\Reminder.exe" [2007-05-22 15:49 151552]
"WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 21:48 57344]
"eAudio"="C:\Acer\Empowering Technology\eAudio\eAudio.exe" [2007-06-11 14:54 1286144]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-07-25 17:39 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-07-25 17:39 8470528]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-07-25 17:39 81920]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
start WampServer.lnk - C:\wamp\wampmanager.exe [2008-04-05 14:16:54 1152512]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableLUA"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=eNetHook.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.mkdmp3enc"= C:\PROGRA~1\ACERAR~1\DVWIZA~1\Kernel\Burner\MKDMP3Enc.ACM

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-4177590854-1652222344-507243108-1000]
"EnableNotificationsRef"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{1ACDC690-E812-4BF4-8277-CADB310BB196}"= C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Acer Arcade Deluxe.exe:Acer Arcade Deluxe
"{975C10A6-89E7-450F-8386-9F6BEC5992B5}"= C:\Program Files\Acer Arcade Deluxe\VideoMagician\VideoMagician.exe:VideoMagician
"{4B2A96AC-90BB-469D-96F2-1E462E2F2103}"= C:\Program Files\Acer Arcade Deluxe\HomeMedia\HomeMedia.exe:HomeMedia
"{CB0A5015-2744-4511-8C92-B47FF3948EAF}"= C:\Program Files\Acer Arcade Deluxe\DV Wizard\DV Wizard.exe:DV Wizard
"{85A50CEF-0C46-4E83-A4FF-4D0E8035A1E2}"= C:\Program Files\Acer Arcade Deluxe\DVDivine\DVDivine.exe:DVDivine
"{C0AA0EFC-460E-4999-9036-575AF39175A4}"= C:\Program Files\Acer Arcade Deluxe\Play Movie\PlayMovie.exe:Play Movie
"{A2AED596-F3B1-441F-BE33-48C8A1986032}"= C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe:Play Movie Resident Program
"{844FC9EE-73E8-406D-ABC5-950CD12FCB94}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{E5DE6E6D-ED0E-4FDA-ABD2-29B89B2D623C}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{289CBA6F-FB0E-419E-BBB5-D5F33EE13C61}"= UDP:C:\Program Files\Slayers Online\slayersonline.exe:Slayers Online
"{6A663D95-8BEA-4A89-9327-79355F390B49}"= TCP:C:\Program Files\Slayers Online\slayersonline.exe:Slayers Online
"TCP Query User{3A2D0FAA-5D43-4BF7-8FAF-FF9D982EA1AE}C:\\wamp\\bin\\apache\\apache2.2.6\\bin\\httpd.exe"= UDP:C:\wamp\bin\apache\apache2.2.6\bin\httpd.exe:Apache HTTP Server
"UDP Query User{03DCB7B4-87F2-4069-A444-373EA61CE12C}C:\\wamp\\bin\\apache\\apache2.2.6\\bin\\httpd.exe"= TCP:C:\wamp\bin\apache\apache2.2.6\bin\httpd.exe:Apache HTTP Server
"{01D746E5-FC60-4A09-AE83-2E19ADC573ED}"= UDP:3703:Adobe Version Cue CS3 Server
"{5D456F03-7E27-498D-B9FF-6B132A1EC0E5}"= UDP:3704:Adobe Version Cue CS3 Server
"{DEBB6ED0-762A-4CA8-AB08-B90C66243DA6}"= UDP:50900:Adobe Version Cue CS3 Server
"{8775057A-CE0D-4FA6-8471-6B07D48B819E}"= UDP:50901:Adobe Version Cue CS3 Server
"{C72C0698-8BA6-41BB-B227-549982BD608C}"= UDP:C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server
"{1774E5D5-2382-4CAB-AB09-CE07CEDB517E}"= TCP:C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:Adobe Version Cue CS3 Server
"{229EAF4F-4B2D-49F4-8AA4-77DC9E1DE1AC}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{FFC227C0-66F6-4D0C-927C-0E34F17B41F0}C:\\program files\\skype\\phone\\skype.exe"= Disabled:UDP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"UDP Query User{39E15C71-3394-424B-96FA-3B38914358E3}C:\\program files\\skype\\phone\\skype.exe"= Disabled:TCP:C:\program files\skype\phone\skype.exe:Skype. Take a deep breath
"{6D0A44D9-384C-4F0B-A651-B942BBFBA81F}"= C:\Program Files\Skype\Phone\Skype.exe:Skype
"{0405D21E-1D9F-475F-9DDC-F72D0DC12A82}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Acer\\Empowering Technology\\eDataSecurity\\eDSfsu.exe"= C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu
"C:\\Acer\\Empowering Technology\\eDataSecurity\\encryption.exe"= C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption
"C:\\Acer\\Empowering Technology\\eDataSecurity\\decryption.exe"= C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption

R0 PSDFilter;PSDFilter;C:\Windows\system32\DRIVERS\psdfilter.sys [2007-04-25 16:34]
R0 PSDNServ;PSDNSERVER;C:\Windows\system32\drivers\PSDNServ.sys [2007-04-25 16:34]
R0 psdvdisk;psdvdisk;C:\Windows\system32\drivers\psdvdisk.sys [2007-04-25 16:34]
R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-05-16 01:20]
R2 {49DE1C67-83F8-4102-99E0-C16DCC7EEC796};{49DE1C67-83F8-4102-99E0-C16DCC7EEC796};C:\Program Files\Acer Arcade Deluxe\Play Movie\[u]0[/u]00.fcl [2006-11-02 17:51]
R2 ALaunchService;ALaunch Service;C:\Acer\ALaunch\ALaunchSvc.exe [2007-01-26 14:24]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-05-16 01:16]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-05-16 01:18]
R2 eDataSecurity Service;eDSService.exe;"C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe" [2007-04-25 16:34]
R2 eNet Service;eNet Service;C:\Acer\Empowering Technology\eNet\eNet Service.exe [2007-05-22 15:00]
R2 eSettingsService;eSettings Service;C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe [2007-05-10 14:05]
R2 MobilityService;MobilityService;C:\Acer\Mobility Center\MobilityService.exe [2006-11-24 12:57]
R2 WMIService;ePower Service;C:\Acer\Empowering Technology\ePower\ePowerSvc.exe [2007-09-14 14:32]
R2 XAudio;XAudio;C:\Windows\system32\DRIVERS\xaudio.sys [2007-01-30 07:23]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\b57nd60x.sys [2007-06-05 10:57]
R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys [2007-03-07 10:26]
R3 wampapache;wampapache;"c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe" -k runservice []
R3 wampmysqld;wampmysqld;c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe wampmysqld []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b3bca86a-a1c9-11dc-b9b9-806e6f6e6963}]
\shell\AutoRun\command - E:\setup\rsrc\Autorun.exe
\shell\dinstall\command - E:\Directx\dxsetup.exe

.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-21 20:22:13
Windows 6.0.6000 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Windows\System32\audiodg.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Apoint2K\ApntEx.exe
C:\Users\Egairam\AppData\Local\Temp\RtkBtMnt.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
C:\Windows\System32\drivers\XAudio.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Windows\System32\wbem\unsecapp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\System32\VSSVC.exe
C:\Windows\System32\conime.exe
C:\Windows\System32\dllhost.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-05-21 20:29:23 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-21 18:29:07

Pre-Run: 54,932,148,224 octets libres
Post-Run: 54,701,203,456 octets libres

302 --- E O F --- 2008-05-21 04:10:35

- Malwarebyte's Anti-Malware :

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\absolutetransfer.absolutetransfer (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18cb1a7b-94cd-4582-8022-ada16851e44b} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\absolutetransfer.absolutetransfer.1 (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{8b8df25f-2c47-4473-8e1c-7f54ac7ef481} (Trojan.BHO) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Adsl Software Limited (Rogue.MalWarrior) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\WinSpywareProtect (ver. 5.1) (Rogue.MalWarrior) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\ProgramData\Adsl Software Limited (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\ProgramData\Adsl Software Limited\WinSpywareProtect (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\ProgramData\Adsl Software Limited\WinSpywareProtect\BASE (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\ProgramData\Adsl Software Limited\WinSpywareProtect\DELETED (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\ProgramData\Adsl Software Limited\WinSpywareProtect\LOG (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\ProgramData\Adsl Software Limited\WinSpywareProtect\SAVED (Rogue.MalWarrior) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Program Files\AbsoluteTransfer\AbsoluteTransfer.dll (Trojan.BHO) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Windows\System32\iifcDSlk.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Windows\System32\wvuspMfG.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\ProgramData\Adsl Software Limited\WinSpywareProtect\WinSpywareProtect.exe (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\ProgramData\Adsl Software Limited\WinSpywareProtect\LOG\20080521063337059.log (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\ProgramData\Adsl Software Limited\WinSpywareProtect\LOG\20080521202313541.log (Rogue.MalWarrior) -> Quarantined and deleted successfully.
C:\Windows\gnowmebk.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.

- Hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:19:27, on 21/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSLoader.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Acer\Empowering Technology\eAudio\eAudio.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\wamp\wampmanager.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Users\Egairam\AppData\Local\Temp\RtkBtMnt.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Egairam\Desktop\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/ig
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AbsoluteTransfer module - {18CB1A7B-94CD-4582-8022-ADA16851E44B} - C:\Program Files\AbsoluteTransfer\AbsoluteTransfer.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.914.9778\swg.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Deluxe\Play Movie\PMVService.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKCU\..\Run: [Speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [WinSpywareProtect (ver. 5.1)] "C:\ProgramData\Adsl Software Limited\WinSpywareProtect\WinSpywareProtect.exe" /autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: start WampServer.lnk = C:\wamp\wampmanager.exe
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: eNetHook.dll
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: ALaunch Service (ALaunchService) - Unknown owner - C:\Acer\ALaunch\ALaunchSvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe
O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 10619 bytes

Vous serait il possible de m'aider je vous prie.

bonjour

tu as fait l'essentiel
Supprimer
COMBOFIX
et QooBox qui est à C:\
======
Télécharger sur le bureau

OTMoveIt2.exe
---------------
relancer hijack
"Do A System Scan Only"

cocher ces lignes et clic ensuite sur FIX CHECKED

O2 - BHO: AbsoluteTransfer module - {18CB1A7B-94CD-4582-8022-ADA16851E44B} - C:\Program Files\AbsoluteTransfer\AbsoluteTransfer.dll
O4 - HKCU\..\Run: [WinSpywareProtect (ver. 5.1)] "C:\ProgramData\Adsl Software Limited\WinSpywareProtect\WinSpywareProtect.exe" /autorun


-------------
= Copier ce texte qui est en gras

C:\Program Files\AbsoluteTransfer\AbsoluteTransfer.dll
C:\ProgramData\Adsl Software Limited\WinSpywareProtect\WinSpywareProtect.exe
C:\ProgramData\Adsl Software Limited\WinSpywareProtect
C:\ProgramData\Adsl Software Limited


= Double-clic sur OTMoveIt
= Dans le cadre de Gauche ==> clic-droit ==> coller
= Clic MoveIt!
= si redémarrage demandé==> Clic : YES
= Un rapport dans ==> C:\_OTMoveIt\MovedFiles\date du jour_heure à copier puis à coller dans la réponse
=======================================================
supprimer

AbsoluteTransfer par ajout/suppression de programme, si présent
puis dans C:\program files


dit si tu as encore des problèmes

Bonjour,

Merci de ta réponse.

Est ce normal que je n'ai aucune de ces deux lignes dans hijack ?

Dois faire la manip suivante, sachant que je ne trouve que la première ligne dans c:\ ?

vérifie de ne plus avoir

AbsoluteTransfer

Merci beaucoup de ton aide si rapide et précieuse.

Je recommanderai ce forum à tout mes contacts.

aller au 1er message et ainsi Mettre Pointeur RESOLU

bonne journée