POP UP malgré BITDEFENDER + AD ADWARE etc

Bonjour
J'ai instalé le programme en question et ai fait l'analyse
Voici le rapport :
Malwarebytes' Anti-Malware 1.36
Version de la base de données: 2029
Windows 5.1.2600 Service Pack 3

23/04/2009 03:47:27
mbam-log-2009-04-23 (03-47-11).txt

Type de recherche: Examen rapide
Eléments examinés: 79884
Temps écoulé: 10 minute(s), 34 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\regedit.exe (Security.Hijack) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)


merci à vous

Bonsoir
J'ai de nouveau bitdefender en anti virus et ai suivi le mode operatoire de leur service technique
Actuellement ca fait une analyse
Les pubs s'ouvrent toujours
Ce qui est marrant c'est que la pub reste ouverte un peu plus d'1 min puis se referme pour en ouvrir une nouvelle
J'ai egalement lancé RSIT dont voici le rapport :
Logfile of random's system information tool 1.06 (written by random/random)
Run by christophe at 2009-04-23 21:30:04
Microsoft Windows XP Professionnel Service Pack 3
System drive C: has 47 GB (31%) free of 152 GB
Total RAM: 1534 MB (61% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:30:20, on 23/04/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 SP3 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\printcfg.exe
C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe
C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\BitDefender\BitDefender 2009\seccenter.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\e-Carte Bleue La Banque Postale\ecbl-lbp.exe
C:\Program Files\Philips\Philips SPC210NC Webcam\TrayMin210.exe
C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
C:\Program Files\BitDefender\BitDefender 2009\uiscan.exe
C:\Program Files\DAP\DAP.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\christophe\Mes documents\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\christophe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.unibet.fr/pari-sportif-poker
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: SrchHook Class - {F4F10C1D-87C7-404A-B4B3-000000000000} - C:\PROGRA~1\DAP\SBSearch.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-493E6BD0E955} - C:\Program Files\Windows Desktop Search\dsWebAllow.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4f90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2009\IEToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE Philips SPC210NC Webcam
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Printer Configuration Manager] C:\WINDOWS\system32\printcfg.exe
O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe
O4 - HKLM\..\Run: [Google Quick Search Box] "C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe" /autorun
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\BitDefender\BitDefender 2009\bdagent.exe"
O4 - HKLM\..\Run: [BitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2009\IEShow.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-18 Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (User 'SYSTEM')
O4 - .DEFAULT Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE (User 'Default user')
O4 - Startup: Lancement rapide de Microsoft Office OneNote 2003.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: e-Carte Bleue La Banque Postale.lnk = C:\Program Files\e-Carte Bleue La Banque Postale\ecbl-lbp.exe
O4 - Global Startup: TrayMin210.exe.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - http://ipgweb.cce.hp.com/rdqemea/downloads/sysinfo.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} (CamfrogWEB Advanced Unicode Control) - https://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{5330F0AD-8A70-470F-9AF7-8EE409266DD9}: NameServer = 192.168.1.1
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O23 - Service: BitDefender Arrakis Server (Arrakis3) - Unknown owner - C:\Program Files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - BitDefender SRL - C:\Program Files\Fichiers communs\BitDefender\BitDefender Update Service\livesrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S. R. L. - C:\Program Files\BitDefender\BitDefender 2009\vsserv.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

Bonjour
J'avais donc fait une analyse approfondie avec bitdefender qui est donc de nouveau installé
Lors de cette analyse il a trouvé quelques merdes
J'ai l'impression que depuis cette analyse approfondies je n'ai plus de pubs qui s'ouvrent
Par contre j'ai toujours une tentatvive avec ce trojan qui est bloqué par mon anti virus

Par contre J'ai installé combofix et fait l'analyse
Voci le rapport :

ComboFix 09-04-25.01 - christophe 24/04/2009 19:09.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1534.709 [GMT 2:00]
Lancé depuis: c:\documents and settings\christophe\Mes documents\ComboFix.exe
AV: Antivirus BitDefender *On-access scanning disabled* (Updated)
FW: Pare-feu BitDefender *disabled*
* Un nouveau point de restauration a été créé
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\christophe\Application Data\Microsoft\SystemCertificates\Request
c:\windows\IE4 Error Log.txt

.
((((((((((((((((((((((((((((( Fichiers créés du 2009-05-24 au 2009-4-24 ))))))))))))))))))))))))))))))))))))
.

2009-04-23 19:15 . 2009-04-23 19:15 -------- d-----w c:\documents and settings\christophe\Application Data\BitDefender
2009-04-23 12:35 . 2009-04-23 12:35 -------- d-----w c:\documents and settings\All Users\Application Data\BitDefender
2009-04-23 01:34 . 2009-04-23 01:34 -------- d-----w c:\documents and settings\christophe\Application Data\Malwarebytes
2009-04-23 01:34 . 2009-04-23 01:34 -------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2009-04-22 18:01 . 2009-04-23 09:20 -------- d-----w c:\windows\BDOSCAN8
2009-04-21 19:58 . 2009-04-21 19:58 -------- d-----w c:\documents and settings\christophe\Local Settings\Application Data\Runscanner.net
2009-04-19 19:53 . 2009-04-19 19:54 -------- d-----w C:\rsit
2009-04-19 18:32 . 2009-04-19 18:32 -------- d-----w c:\windows\system32\Kaspersky Lab
2009-04-18 14:40 . 2009-04-22 08:37 -------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft
2009-04-17 20:11 . 2007-03-12 14:42 3495784 ----a-w c:\windows\system32\d3dx9_33.dll
2009-04-17 18:59 . 2009-04-17 18:59 -------- d--h--r c:\documents and settings\christophe\Application Data\SecuROM
2009-04-17 18:59 . 2009-04-17 18:59 107888 ----a-w c:\windows\system32\CmdLineExt.dll
2009-04-17 18:58 . 2005-05-26 13:34 2297552 ----a-w c:\windows\system32\d3dx9_26.dll
2009-04-17 18:26 . 2009-04-17 18:25 19407 ----a-w c:\windows\system32\printcfg.exe
2009-04-16 22:29 . 2009-04-16 22:29 -------- d-----w c:\documents and settings\christophe\Application Data\DAEMON Tools Pro
2009-04-16 22:29 . 2009-04-16 22:29 -------- d-----w c:\documents and settings\christophe\Application Data\DAEMON Tools
2009-04-16 22:28 . 2009-04-16 22:28 -------- d-----w c:\documents and settings\All Users\Application Data\FarStone
2009-04-16 22:28 . 2009-04-16 22:28 -------- d-----w c:\documents and settings\Administrateur\Application Data\FarStone
2009-04-16 22:26 . 2009-04-16 22:26 -------- d-----w c:\documents and settings\All Users\Application Data\DAEMON Tools Lite
2009-04-16 22:06 . 2009-04-16 22:06 118 ----a-w c:\windows\system32\MRT.INI
2009-04-16 22:01 . 2009-04-16 22:01 -------- d-----w c:\documents and settings\christophe\Application Data\FarStone
2009-04-16 21:56 . 2009-04-16 22:52 -------- d-----w c:\documents and settings\christophe\Application Data\DAEMON Tools Lite
2009-04-16 20:43 . 2009-04-16 21:56 717296 ----a-w c:\windows\system32\drivers\sptd.sys
2009-04-16 09:15 . 2006-11-08 13:51 143360 ----a-w c:\windows\system32\ImageDrive.cpl
2009-04-16 08:32 . 2009-04-16 08:32 -------- d-----w c:\documents and settings\christophe\Application Data\Babylon
2009-04-16 08:32 . 2009-04-16 08:32 -------- d-----w c:\documents and settings\All Users\Application Data\Babylon
2009-04-16 01:50 . 2009-02-06 10:10 227840 -c----w c:\windows\system32\dllcache\wmiprvse.exe
2009-04-16 01:50 . 2009-03-06 14:20 286720 -c----w c:\windows\system32\dllcache\pdh.dll
2009-04-16 01:50 . 2009-02-09 11:23 111104 -c----w c:\windows\system32\dllcache\services.exe
2009-04-16 01:50 . 2009-02-09 10:53 401408 -c----w c:\windows\system32\dllcache\rpcss.dll
2009-04-16 01:50 . 2009-02-09 10:53 473600 -c----w c:\windows\system32\dllcache\fastprox.dll
2009-04-16 01:50 . 2009-02-09 10:53 685568 -c----w c:\windows\system32\dllcache\advapi32.dll
2009-04-16 01:50 . 2009-02-06 10:39 35328 -c----w c:\windows\system32\dllcache\sc.exe
2009-04-16 01:50 . 2009-02-09 10:53 735744 -c----w c:\windows\system32\dllcache\lsasrv.dll
2009-04-16 01:50 . 2009-02-09 10:53 739840 -c----w c:\windows\system32\dllcache\ntdll.dll
2009-04-16 01:50 . 2009-02-09 10:53 453120 -c----w c:\windows\system32\dllcache\wmiprvsd.dll
2009-04-16 01:49 . 2008-12-16 12:31 354304 -c----w c:\windows\system32\dllcache\winhttp.dll
2009-04-16 01:49 . 2009-03-27 06:54 1203922 -c----w c:\windows\system32\dllcache\sysmain.sdb
2009-04-16 01:49 . 2008-04-21 21:15 219136 -c----w c:\windows\system32\dllcache\wordpad.exe
2009-04-11 06:23 . 2009-01-09 19:19 1089883 -c----w c:\windows\system32\dllcache\ntprint.cat
2009-04-10 20:02 . 2009-04-10 20:02 16 ----a-w C:\asdict.dat
2009-04-10 12:35 . 2009-04-10 12:35 -------- d-----w C:\f6952ab2d63194a2486628f925fed2
2009-04-10 10:30 . 2009-04-10 10:30 -------- d-----w c:\windows\l2schemas
2009-04-10 10:30 . 2009-04-10 10:30 -------- d-----w c:\windows\system32\fr
2009-04-10 10:30 . 2009-04-10 10:30 -------- d-----w c:\windows\system32\bits
2009-04-10 10:26 . 2009-04-10 10:30 -------- d-----w c:\windows\ServicePackFiles
2009-04-10 10:02 . 2008-12-20 22:46 52224 -c----w c:\windows\system32\dllcache\msfeedsbs.dll
2009-04-10 10:02 . 2008-12-20 22:46 459264 -c----w c:\windows\system32\dllcache\msfeeds.dll
2009-04-10 10:02 . 2008-12-20 22:46 6066688 -c----w c:\windows\system32\dllcache\ieframe.dll
2009-04-10 10:02 . 2008-12-20 22:46 267776 -c----w c:\windows\system32\dllcache\iertutil.dll
2009-04-10 10:02 . 2008-12-20 22:46 383488 -c----w c:\windows\system32\dllcache\ieapfltr.dll
2009-04-10 10:02 . 2008-12-20 22:46 63488 -c----w c:\windows\system32\dllcache\icardie.dll
2009-04-10 10:02 . 2008-12-19 09:10 13824 -c----w c:\windows\system32\dllcache\ieudinit.exe
2009-04-10 10:02 . 2007-04-17 09:32 2455488 -c----w c:\windows\system32\dllcache\ieapfltr.dat
2009-04-10 10:02 . 2007-03-08 05:10 1048576 -c----w c:\windows\system32\dllcache\ieframe.dll.mui
2009-04-10 09:21 . 2008-04-14 02:34 20992 ------w c:\windows\system32\spupdwxp.exe
2009-04-10 09:20 . 2008-04-14 02:33 155136 ------w c:\windows\system32\mssha.dll
2009-04-10 09:20 . 2008-04-14 02:03 81920 ------w c:\windows\system32\msshavmsg.dll
2009-04-10 09:20 . 2008-04-14 02:34 33792 ------w c:\windows\system32\mmcperf.exe
2009-04-10 09:20 . 2008-04-14 02:33 397312 ------w c:\windows\system32\mmcex.dll
2009-04-10 09:20 . 2008-04-14 02:33 106496 ------w c:\windows\system32\mmcfxcommon.dll
2009-04-10 09:20 . 2008-04-14 02:33 184320 ------w c:\windows\system32\microsoft.managementconsole.dll
2009-04-10 09:20 . 2008-04-14 02:33 86016 ------w c:\windows\system32\mdmxsdk.dll
2009-04-10 09:20 . 2004-08-03 20:41 11868 ------w c:\windows\system32\drivers\mdmxsdk.sys
2009-04-10 09:20 . 2008-04-14 02:33 37376 ------w c:\windows\system32\l2gpstore.dll
2009-04-10 09:20 . 2008-04-14 02:33 61440 ------w c:\windows\system32\kmsvc.dll
2009-04-10 09:18 . 2008-04-14 02:33 49152 ------w c:\windows\system32\dhcpqec.dll
2009-04-10 09:18 . 2004-07-17 20:55 129045 ------w c:\windows\system32\drivers\cxthsfs2.cty
2009-04-10 09:18 . 2008-04-14 02:33 12800 ------w c:\windows\system32\credssp.dll
2009-04-10 09:18 . 2008-04-14 02:33 15423 ------w c:\windows\system32\drivers\ch7xxnt5.dll
2009-04-10 09:16 . 2008-04-14 02:33 3775 ------w c:\windows\system32\drivers\adv11nt5.dll
2009-04-10 09:16 . 2008-04-14 02:33 3711 ------w c:\windows\system32\drivers\adv09nt5.dll
2009-04-10 09:16 . 2008-04-14 02:33 3135 ------w c:\windows\system32\drivers\adv08nt5.dll
2009-04-10 09:16 . 2008-04-14 02:33 4255 ------w c:\windows\system32\drivers\adv01nt5.dll
2009-04-10 09:16 . 2008-04-14 02:33 3967 ------w c:\windows\system32\drivers\adv02nt5.dll
2009-04-10 09:16 . 2008-04-14 02:33 3647 ------w c:\windows\system32\drivers\adv07nt5.dll
2009-04-10 09:16 . 2008-04-14 02:33 3615 ------w c:\windows\system32\drivers\adv05nt5.dll
2009-04-10 09:16 . 2008-04-14 02:33 136192 ------w c:\windows\system32\aaclient.dll
2009-04-10 08:37 . 2008-10-24 11:21 455296 -c----w c:\windows\system32\dllcache\mrxsmb.sys
2009-04-10 08:36 . 2008-10-03 10:03 247326 -c----w c:\windows\system32\dllcache\strmdll.dll
2009-04-10 08:36 . 2008-09-04 17:16 1106944 -c----w c:\windows\system32\dllcache\msxml3.dll
2009-04-09 18:10 . 2009-04-10 09:58 1034996 ----a-w c:\windows\setupapi.log.2.old
2009-04-09 18:02 . 2007-08-13 16:54 33792 -c--a-w c:\windows\system32\dllcache\custsat.dll
2009-04-09 17:50 . 2009-02-10 17:06 2068096 -c----w c:\windows\system32\dllcache\ntkrnlpa.exe
2009-04-09 17:50 . 2009-02-09 11:23 2147328 -c----w c:\windows\system32\dllcache\ntkrnlmp.exe
2009-04-09 17:50 . 2009-02-09 11:24 2191104 -c----w c:\windows\system32\dllcache\ntoskrnl.exe
2009-04-09 17:50 . 2009-02-09 11:23 2025984 -c----w c:\windows\system32\dllcache\ntkrpamp.exe
2009-04-09 17:50 . 2009-02-09 14:05 1846912 -c----w c:\windows\system32\dllcache\win32k.sys
2009-04-09 17:50 . 2008-05-01 14:36 331776 -c----w c:\windows\system32\dllcache\msadce.dll
2009-04-09 17:49 . 2008-07-07 20:28 253952 -c----w c:\windows\system32\dllcache\es.dll
2009-04-09 17:49 . 2008-06-24 16:44 74240 -c----w c:\windows\system32\dllcache\mscms.dll
2009-04-09 17:49 . 2008-04-11 19:05 691712 -c----w c:\windows\system32\dllcache\inetcomm.dll
2009-04-09 17:49 . 2008-08-14 10:04 138496 -c----w c:\windows\system32\dllcache\afd.sys
2009-04-09 17:49 . 2008-06-20 17:47 247808 -c----w c:\windows\system32\dllcache\mswsock.dll
2009-04-09 17:49 . 2008-06-20 17:47 147968 -c----w c:\windows\system32\dllcache\dnsapi.dll
2009-04-09 17:49 . 2008-06-20 11:51 361600 -c----w c:\windows\system32\dllcache\tcpip.sys
2009-04-09 17:49 . 2008-06-20 11:08 225856 -c----w c:\windows\system32\dllcache\tcpip6.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-23 21:11 . 2009-04-19 17:57 -------- d-----w c:\program files\Navilog1
2009-04-23 21:09 . 2009-04-19 21:17 -------- d-----w c:\program files\Ad-remover
2009-04-23 21:09 . 2009-04-23 01:34 -------- d-----w c:\program files\Malwarebytes' Anti-Malware
2009-04-23 21:00 . 2008-01-03 18:14 -------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-04-23 20:14 . 2007-05-15 22:42 -------- d-----w c:\documents and settings\christophe\Application Data\CamfrogWEB
2009-04-23 19:59 . 2007-04-25 15:19 81984 ----a-w c:\windows\system32\bdod.bin
2009-04-23 19:12 . 2009-04-10 18:24 -------- d-----w c:\program files\Fichiers communs\BitDefender
2009-04-22 17:48 . 2009-04-22 17:46 392 ------w C:\Win32.Worm.Downladup.Gen.log
2009-04-22 09:27 . 2009-04-22 08:55 3403 ----a-w C:\Ad-Report-Clean-22.04.2009.log
2009-04-22 08:37 . 2009-04-18 14:40 -------- d-----w c:\program files\Lavasoft
2009-04-21 19:54 . 2009-04-19 19:53 -------- d-----w c:\program files\trend micro
2009-04-21 19:48 . 2009-04-18 19:41 2012 ----a-w C:\aaw7boot.log
2009-04-19 23:37 . 2009-04-19 23:13 3148 ----a-w C:\Ad-Report-Scan-20.04.2009.log
2009-04-19 21:19 . 2009-04-19 21:19 583 ----a-w C:\Ad-Report-Scan-19.04.2009.log
2009-04-19 18:40 . 2009-04-19 18:00 3015 ----a-w C:\fixnavi.txt
2009-04-17 21:10 . 2007-04-25 15:18 -------- d-----w c:\program files\Google
2009-04-17 19:18 . 2008-01-30 19:42 -------- d-----w c:\program files\Emule
2009-04-17 18:56 . 2006-09-18 11:50 -------- d--h--w c:\program files\InstallShield Installation Information
2009-04-16 23:11 . 2006-09-15 12:24 84964 ----a-w c:\windows\system32\perfc00C.dat
2009-04-16 23:11 . 2006-09-15 12:24 510980 ----a-w c:\windows\system32\perfh00C.dat
2009-04-16 21:04 . 2009-02-20 00:02 -------- d-----w c:\program files\Micro Application
2009-04-10 18:37 . 2007-04-25 15:56 -------- d-----w c:\program files\MSN Messenger
2009-04-10 18:25 . 2009-03-19 12:43 -------- d-----w c:\program files\BitDefender
2009-04-10 12:45 . 2006-09-18 12:02 33424 ----a-w c:\documents and settings\Administrateur\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-04-10 10:34 . 2006-09-15 12:39 87483 ----a-w c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-04-10 10:22 . 2006-09-15 12:24 252240 --sha-r C:\ntldr
2009-04-10 09:08 . 2006-09-22 12:17 -------- d-----w c:\program files\Windows Desktop Search
2009-04-10 08:46 . 2009-04-10 08:46 -------- d-----w c:\program files\Windows Media Connect 2
2009-04-09 18:07 . 2009-04-09 18:07 -------- d-----w c:\program files\MSXML 4.0
2009-03-28 14:15 . 2006-09-15 13:23 -------- d-----w c:\program files\Java
2009-03-09 04:19 . 2009-02-19 20:07 410984 ----a-w c:\windows\system32\deploytk.dll
2009-03-06 14:20 . 2006-09-15 12:24 286720 ----a-w c:\windows\system32\pdh.dll
2009-02-09 14:05 . 2006-09-15 12:24 1846912 ----a-w c:\windows\system32\win32k.sys
2009-02-09 11:23 . 2004-08-04 00:48 2025984 ----a-w c:\windows\system32\ntkrnlpa.exe
2009-02-09 11:23 . 2006-09-15 12:24 2147328 ----a-w c:\windows\system32\ntoskrnl.exe
2009-02-09 11:23 . 2006-09-15 12:24 111104 ----a-w c:\windows\system32\services.exe
2009-02-09 10:53 . 2006-09-15 12:23 735744 ----a-w c:\windows\system32\lsasrv.dll
2009-02-09 10:53 . 2006-09-15 12:24 401408 ----a-w c:\windows\system32\rpcss.dll
2009-02-09 10:53 . 2006-09-15 12:24 739840 ----a-w c:\windows\system32\ntdll.dll
2009-02-09 10:53 . 2006-09-15 12:23 685568 ----a-w c:\windows\system32\advapi32.dll
2009-02-06 10:39 . 2006-09-15 12:24 35328 ----a-w c:\windows\system32\sc.exe
2009-02-03 19:58 . 2006-09-15 12:24 56832 ----a-w c:\windows\system32\secur32.dll
2008-10-30 12:14 . 2007-04-25 19:38 2510 ----a-w c:\documents and settings\christophe\Application Data\wklnhst.dat
2007-04-25 10:36 . 2007-04-25 09:20 133 ----a-w c:\documents and settings\christophe\Local Settings\Application Data\fusioncache.dat
2006-09-22 13:07 . 2007-04-25 09:20 19744 ----a-w c:\documents and settings\christophe\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2006-09-15 12:49 . 2006-09-15 12:49 137 ----a-w c:\documents and settings\Administrateur\Local Settings\Application Data\fusioncache.dat
.

((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

c:\documents and settings\christophe\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide de Microsoft Office OneNote 2003.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2005-3-17 59080]

c:\documents and settings\christophe\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide de Microsoft Office OneNote 2003.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2005-3-17 59080]

c:\documents and settings\christophe\Menu D‚marrer\Programmes\D‚marrage\
Lancement rapide de Microsoft Office OneNote 2003.lnk - c:\program files\Microsoft Office\OFFICE11\ONENOTEM.EXE [2005-3-17 59080]

c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
e-Carte Bleue La Banque Postale.lnk - c:\program files\e-Carte Bleue La Banque Postale\ecbl-lbp.exe [2008-6-20 278528]
TrayMin210.exe.lnk - c:\program files\Philips\Philips SPC210NC Webcam\TrayMin210.exe [2008-9-27 278528]
Windows Desktop Search.lnk - c:\program files\Windows Desktop Search\WindowsSearch.exe [2006-3-26 262944]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2006-11-21 233472]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\regedit.exe]
"Debugger"=0

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\image file execution options\taskmgr.exe]
"Debugger"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\[u]0/uOODBS

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Documents and Settings\\christophe\\Bureau\\bill\\utorrent.exe"=
"c:\\Program Files\\emule\\eMule.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009

R3 Arrakis3;BitDefender Arrakis Server;c:\program files\Fichiers communs\BitDefender\BitDefender Arrakis Server\bin\Arrakis3.exe [2009-01-20 172032]
S2 BDVEDISK;BDVEDISK;c:\program files\BitDefender\BitDefender 2009\BDVEDISK.sys [2008-10-06 82696]
S3 bdfm;bdfm;c:\windows\system32\drivers\bdfm.sys [2008-09-18 111112]
S3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\bdfndisf.sys [2009-02-12 104328]
S3 X10Hid;X10 Hid Device;c:\windows\system32\Drivers\x10hid.sys [2005-11-28 7040]


--- Autres Services/Pilotes en mémoire ---

*NewlyCreated* - A605B11D
*Deregistered* - a605b11d

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bdx REG_MULTI_SZ scan
.
Contenu du dossier 'Tâches planifiées'
.
.
------- Examen supplémentaire -------
.
uStart Page = https://www.unibet.fr/pari-sportif-poker
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: &Clean Traces - c:\program files\DAP\Privacy Package\dapcleanerie.htm
IE: &Download with &DAP - c:\program files\DAP\dapextie.htm
IE: Download &all with DAP - c:\program files\DAP\dapextie2.htm
TCP: {5330F0AD-8A70-470F-9AF7-8EE409266DD9} = 192.168.1.1
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - c:\program files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
Name-Space Handler: ftp\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
Name-Space Handler: http\ZDA - {5BFA1DAF-5EDC-11D2-959E-00C00C02DA5E} - c:\progra~1\DAP\dapie.dll
DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} - hxxp://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
DPF: {DFB5BCF1-06AE-4ABB-BFA8-1E228F41C50A} - hxxp://www.bobtv.fr/download/cfweb_www.bobtv.fr-download_instmodule.exe
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-24 19:11
Windows 5.1.2600 Service Pack 3 NTFS

Recherche de processus cachés ...

Recherche d'éléments en démarrage automatique cachés ...

Recherche de fichiers cachés ...

Scan terminé avec succès
Fichiers cachés: 0

**************************************************************************
.
--------------------- CLES DE REGISTRE BLOQUEES ---------------------

[HKEY_USERS\S-1-5-21-2895878130-1394386216-475255821-1005\Software\Microsoft\SystemCertificates\AddressBook*]
@Allowed: (Read) (RestrictedCode)
@Allowed: (Read) (RestrictedCode)

[HKEY_USERS\S-1-5-21-2895878130-1394386216-475255821-1005\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:1f,f1,d9,3c,b9,b2,ac,10,66,2a,95,48,82,28,2b,89,90,d5,f1,a7,18,59,cc,
52,d0,95,96,47,36,74,26,f7,c0,85,c6,8e,73,34,b8,a3,93,32,82,26,7c,44,4c,1b,\
"??"=hex:28,8d,e5,36,65,e3,f4,14,ee,22,ee,3f,5b,4d,5a,79

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG08.00.00.01WORKSTATION"="0A1947469168599FD4D56AAED856FAB35C5FB92C0F2FC8D39E6BF843DC76493EF4ADC6E759E99CE7E5E7E4406701115E005286A395B833F3484B387C19ACFD48BC5FC9E652859491DF1D59B262380C3ED239E3A5558F45E98E04E11554095918992980D0EE7F9148D94EE2D96FADF5D7706AF1E8C47462AB2C8641CCF377353807BA008A269208CFB105FCDDB5077BBFB3EC39FCDB1790C41EF986B364D991C9C275C0C8F469117A06828A3A625FEFA0C07DA2411A23FA542736C43092831381D0701E97DAA669B33C39CF3DA6C3C839F90D7CE9002F718E4D4AF27CF1BA81A777F5D9D4DA5EF278FCD1760D37B5205A09BF7A80FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74C8EDD5E5BE2F6E667A6171C11EC38DE3DA6A0AC4980AC7933FEBC9E127BECC74C5907131A84F92D947B43B8DC55249D1CD66ED15950A790C55DAA846B6B62A604388DF6004DB1C7881A145B6C2AE171512A768DA230559A7DF641B5AF0895A9F57F438A8FE41EEE68C8C79A4D1E04C08D8326A0ED656F1743C41B76377C57BFF34AF609BE0A9BA3CDD21B6648F3E916CF80C55879D3ED371CD62C0B566CDC6727B968CD95C1BF4DA988BBD53E31225F6D438FA29AA08012E3BFDBDCF53F90801071CD5931D4D032BE414AA39F9C716F0E70B191363588A4461506F41220914D01974F52C44FCA0127535DABF2C451FD31B251DD49C0994D46717C063B7C33792159890114805ECBCB1BFEF1D2FBEDA225B7836162B5FECF39F481E1168A7B0FEAE48E51F77D6D086F7AAC9BECD428DD0F30D31B25C8B5D3C7C14D82D8BEA3002D6FE2D45E9E8F0E2355D9F005AB9290E8D2412EC874EFE3727D0C82D2549B9F89307FC0497E129CCE946CE1EF99F703FED7BFE097F811EF8854DEA0E14D85A6F762D06DCCFD72D3B0263C001804D3DDF07EB59EF155B54BB074D8C27B6937324345395813C16539D5781A017C0D57B035077E76CAD229ADE48F82F02731BC418A1D0DA1D8325237A40246BEAE1F66ED93B8671B2A79ED33725CD75581F0D3B8BE32160FEF7AD39AD2B9F7B6D5E6996BA85B36E3AA17B8D8FB96C741BBB6EE6129CE0F883D8BBA15EC1E580B2B563E6366BD9FCA7ABF738376FCB6289855B368E2C32B9CB998093BD12F05027DA1D3739032506E5FC8BCFBABD0FDA271637E5C5BE3107AF21BF70737F09005AF430F20BF0D66142E4B64EA3A5A68EA323E5DB35587D3788A4EF1D5A26B02A2377658CF61A8749FD327F0E1136337615A831145678A068DB53218E8F12ED18C1EBD4DCAB5E1039ECEFC9B53FBB91C0B0016924D7BCB28D8BD8CBBE5D3466E1804DE3D40529B0CBE323452161032418FC99E8A6DD12F2C9A7E6365564CCB3B4099E02D439FB97ED125F5B567BA2142B9F4"
.
--------------------- DLLs chargées dans les processus actifs ---------------------

- - - - - - - > 'winlogon.exe'(1428)
c:\windows\SYSTEM32\Ati2evxx.dll
.
Heure de fin: 2009-04-24 19:14
ComboFix-quarantined-files.txt 2009-04-24 17:14

Avant-CF: 48 895 860 736 octets libres
Après-CF: 49 076 441 088 octets libres

WindowsXP-KB310994-SP2-Pro-BootDisk-FRA.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windows XP Media Center Edition" /noexecute=optin /fastdetect

262 --- E O F --- 2009-04-16 22:06


Merci à vous

Voila j'ai trouvé le fichier et j'ai envoyé lanalyse
Voici le rapport :

Antivirus Version Dernière mise à jour Résultat
a-squared 4.0.0.101 2009.04.25 -
AhnLab-V3 5.0.0.2 2009.04.24 -
AntiVir 7.9.0.156 2009.04.24 -
Antiy-AVL 2.0.3.1 2009.04.24 -
Authentium 5.1.2.4 2009.04.24 -
Avast 4.8.1335.0 2009.04.25 -
AVG 8.5.0.287 2009.04.24 -
BitDefender 7.2 2009.04.25 -
CAT-QuickHeal 10.00 2009.04.23 -
ClamAV 0.94.1 2009.04.25 -
Comodo 1133 2009.04.24 -
DrWeb 4.44.0.09170 2009.04.24 -
eSafe 7.0.17.0 2009.04.23 -
eTrust-Vet 31.6.6475 2009.04.24 -
F-Prot 4.4.4.56 2009.04.24 -
F-Secure 8.0.14470.0 2009.04.24 -
Fortinet 3.117.0.0 2009.04.25 -
GData 19 2009.04.25 -
Ikarus T3.1.1.49.0 2009.04.25 -
K7AntiVirus 7.10.714 2009.04.23 -
Kaspersky 7.0.0.125 2009.04.24 -
McAfee 5595 2009.04.24 -
McAfee+Artemis 5595 2009.04.24 -
McAfee-GW-Edition 6.7.6 2009.04.24 -
Microsoft 1.4602 2009.04.25 -
NOD32 4035 2009.04.25 -
Norman 6.00.06 2009.04.24 W32/Malware.GIMS
nProtect 2009.1.8.0 2009.04.25 -
Panda 10.0.0.14 2009.04.24 -
PCTools 4.4.2.0 2009.04.24 -
Prevx1 3.0 2009.04.25 Medium Risk Prevx Safeguard
Rising 21.26.44.00 2009.04.24 -
Sophos 4.41.0 2009.04.24 -
Sunbelt 3.2.1858.2 2009.04.24 -
Symantec 1.4.4.12 2009.04.25 -
TheHacker 6.3.4.1.314 2009.04.25 Trojan/Downloader.Murlo.apx
TrendMicro 8.700.0.1004 2009.04.24 -
VBA32 3.12.10.3 2009.04.24 -
ViRobot 2009.4.24.1708 2009.04.24 -
VirusBuster 4.6.5.0 2009.04.24 -
Information additionnelle
File size: 19407 bytes
MD5...: 0af752424acfc8351acdcbb28224536f
SHA1..: 03e3a420c648ec94a767a192c85dda94091d8ae3
SHA256: 15eb69e6832ca1a2e6f6da2cb05ff80eaf962aee16aed089e01e009f7d0aedaa
SHA512: c06cca01dff2bad47379557a34de4c91aeb4dce7a33196a3e27877b543718038
707fee5c1c1e1e3e16d538b475bdc661b2870a40ec67e7de81e097431929d2dc
ssdeep: 192:LdxIwxNNxE4rq8L7J5EIsLyQR6Q0jk7y/ftcabnAnATIoSo+J9NgKEnVI:0q
C4PEIsFR6Qek7y/1ca4AMoeZyVI

PEiD..: -
TrID..: File type identification
Win32 Executable Generic (42.3%)
Win32 Dynamic Link Library (generic) (37.6%)
Generic Win/DOS Executable (9.9%)
DOS Executable Generic (9.9%)
VXD Driver (0.1%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1000
timedatestamp.....: 0x49e49d08 (Tue Apr 14 14:26:16 2009)
machinetype.......: 0x14c (I386)

( 3 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x125a 0x1400 7.08 6e62dc5a63ca3360bd90eed9cc144913
.data 0x3000 0x2858 0x2a00 2.87 3fe31dd11d6720e04604f2067bbb9e1a
.rsrc 0x6000 0x120 0x200 1.88 51087dc0945ae30cfa85fa406eafe189

( 3 imports )
> kernel32.dll: CreateMutexA, GetLastError, GetModuleHandleA, LoadLibraryA, GetProcAddress, Sleep, FreeLibrary, ExitProcess, RtlZeroMemory, TerminateThread, TerminateProcess, GetSystemDirectoryA, CreateFileA, CloseHandle, GlobalAlloc, GlobalLock, GlobalHandle, GlobalUnlock, GlobalFree, WriteFile, FlushFileBuffers
> user32.dll: DialogBoxParamA, LoadIconA, SendMessageA, SetDlgItemTextA, EndDialog, GetClassNameA, GetWindowThreadProcessId, EnumWindows
> comctl32.dll: InitCommonControls

( 0 exports )

PDFiD.: -
RDS...: NSRL Reference Data Set


merci à vous

Bonjour
Et voila ca recommence les pubs
J'en ai marre
Merci à vous

bonjour
La case etait deja decochee
j'ai trouvé le fichier en question puis je l'ai renommé
mais ca continue toujours
je n'y comprends rien
peut etre en rapport avec bitdefender ?