Virus Shutdown

Bonjour,

Ton pc reboot ou s'éteint intempestivement ?

re bonjour,

mon pc redémarre une fois arrivée sur le bureau.
mais depuis quelque temps, mon pc ne reboot plus réellement, a la place il m'affiche un écran bleu similaire a celui-ci :

http://img379.imageshack.us/img379/6585/wimg0002xe5.gif

mais dans le mien on parle de mémoire disk ou de carte video à vérifier.
d'après un ami, il s'agirait d'un virus shutdown.
j'ai essayé avec hijackthis mais il y a un fichier dont je n'arrive pas à me débarrasser, loger dans windows/système.
j'ai beau le fixer et le supprimer, rien n'y fait lorsque je redémarre, il revient toujours

On va faire une vérif.

Télécharge Gmer.
Dézippe le dans un dossier ou sur ton bureau.

Déconnecte toi d'Internet puis et ferme tous les programmes.
Double-clique sur Gmer.exe.

IMPORTANT: Si une alerte de ton antivirus apparaît pour le fichier gmer.sys ou gmer.exe, laisse le s'executer.

Clique sur l'onglet rootkit.
A droite, coche Files et Services.
Clique maintenant sur Scan.

Lorsque le scan est terminé, clique sur Copy.

Ouvre le Bloc-notes puis clique sur le Menu Edition / Coller.
Le rapport doit alors apparaître.
Enregistre le fichier sur ton bureau et copie/colle le contenu ici.

désolé mais où je dois le coller ensuite s'il vous plaît?  

le scan ne ma rien trouvé
inquiétant non?  

Je te tiens au courant.

Re,

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

&

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) ![/#f]

Télécharge ComboFix ([#ff0000]sUBs[/#f]) sur ton Bureau.

Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.

Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.

AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer

Voici le rapport pour Combofix :

ComboFix 08-08-19.06 - Benjamin 2008-08-21 22:33:32.2 - NTFSx86 NETWORK
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.1629 [GMT 2:00]
Endroit: C:\Documents and Settings\Benjamin\Bureau\ComboFix.exe

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\Documents and Settings\Benjamin\Application Data\macromedia\Flash Player\#SharedObjects\NQAXS8AJ\interclick.com
C:\Documents and Settings\Benjamin\Application Data\macromedia\Flash Player\#SharedObjects\NQAXS8AJ\interclick.com\ud.sol
C:\Documents and Settings\Benjamin\Application Data\macromedia\Flash Player\#SharedObjects\NQAXS8AJ\static.youku.com
C:\Documents and Settings\Benjamin\Application Data\macromedia\Flash Player\#SharedObjects\NQAXS8AJ\static.youku.com\v1.0.0270\v\swf\qplayer.swf\qplayer.sol
C:\Documents and Settings\Benjamin\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com
C:\Documents and Settings\Benjamin\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com\settings.sol
C:\Documents and Settings\Benjamin\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#static.youku.com
C:\Documents and Settings\Benjamin\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#static.youku.com\settings.sol
C:\Documents and Settings\Benjamin\Application Data\ShoppingReport
C:\Documents and Settings\Benjamin\Application Data\ShoppingReport\cs\Config.xml
C:\Documents and Settings\Benjamin\Application Data\ShoppingReport\cs\db\Aliases.dbs
C:\Documents and Settings\Benjamin\Application Data\ShoppingReport\cs\db\Sites.dbs
C:\Documents and Settings\Benjamin\Application Data\ShoppingReport\cs\dwld\WhiteList.xip
C:\Documents and Settings\Benjamin\Application Data\ShoppingReport\cs\report\aggr_storage.xml
C:\Documents and Settings\Benjamin\Application Data\ShoppingReport\cs\report\send_storage.xml
C:\Documents and Settings\Benjamin\Application Data\ShoppingReport\cs\res2\WhiteList.dbs
C:\Documents and Settings\Benjamin\Cookies\benjamin@edt02[1].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@mediatraffic[1].txt
C:\Documents and Settings\Benjamin\Cookies\benjamin@tsw0[2].txt
C:\Documents and Settings\Benjamin\Local Settings\Application Data\bvjhthbwkh.dat
C:\Documents and Settings\Benjamin\Local Settings\Application Data\bvjhthbwkh_nav.dat
C:\Documents and Settings\Benjamin\Local Settings\Application Data\bvjhthbwkh_navps.dat
C:\Documents and Settings\Benjamin\Local Settings\Application Data\okkhulb.dat
C:\Documents and Settings\Benjamin\Local Settings\Application Data\okkhulb_nav.dat
C:\Documents and Settings\Benjamin\Local Settings\Application Data\okkhulb_navps.dat
C:\Documents and Settings\Benjamin\Local Settings\Application Data\weyiwkk.dat
C:\Documents and Settings\Benjamin\Local Settings\Application Data\weyiwkk.exe
C:\Documents and Settings\Benjamin\Local Settings\Application Data\weyiwkk_nav.dat
C:\Documents and Settings\Benjamin\Local Settings\Application Data\weyiwkk_navps.dat
C:\Program Files\FBrowserAdvisor
C:\Program Files\FBrowsingAdvisor
C:\Program Files\FBrowsingAdvisor\IXPCOMEvents.xpt
C:\Program Files\FBrowsingAdvisor\Logo.png
C:\Program Files\FBrowsingAdvisor\main.db
C:\Program Files\FBrowsingAdvisor\unins000.dat
C:\Program Files\FBrowsingAdvisor\unins000.exe
C:\Program Files\FBrowsingAdvisor\XPCOMEvents.dll
C:\Program Files\ShoppingReport
C:\Program Files\ShoppingReport\Uninst.exe
C:\WINDOWS\cookies.ini
C:\WINDOWS\edlb.exe
C:\WINDOWS\system32\artvxlep.dll
C:\WINDOWS\system32\ayvqkt.dll
C:\WINDOWS\system32\bgvvki.dll
C:\WINDOWS\system32\bndgsatg.ini
C:\WINDOWS\system32\burmxlqp.ini
C:\WINDOWS\system32\ccfgn.dll
C:\WINDOWS\system32\cmatrn.dll
C:\WINDOWS\system32\dmwpsb.dll
C:\WINDOWS\system32\ediima.dll
C:\WINDOWS\system32\ezcovm.dll
C:\WINDOWS\system32\gnkwnnbv.ini
C:\WINDOWS\system32\gtasgdnb.dll
C:\WINDOWS\system32\hiotpolt.dll
C:\WINDOWS\system32\hiubhkti.dll
C:\WINDOWS\system32\hsqqed.dll
C:\WINDOWS\system32\iaiptwsn.dll
C:\WINDOWS\system32\jdckdruy.dll
C:\WINDOWS\system32\jetyyyhp.dll
C:\WINDOWS\system32\kgicbdju.ini
C:\WINDOWS\system32\krkcmloa.dll
C:\WINDOWS\system32\ljJAPiFu.dll
C:\WINDOWS\system32\lwwehowy.dll
C:\WINDOWS\system32\mdrttk.dll
C:\WINDOWS\system32\mnkrloac.ini
C:\WINDOWS\system32\nsnvidix.dll
C:\WINDOWS\system32\oahdrhfk.dll
C:\WINDOWS\system32\otckqf.dll
C:\WINDOWS\system32\oxabxu.dll
C:\WINDOWS\system32\pqlxmrub.dll
C:\WINDOWS\system32\qcgpwupj.dll
C:\WINDOWS\system32\qqnwycat.dll
C:\WINDOWS\system32\rrlkhajw.dll
C:\WINDOWS\system32\szxlna.dll
C:\WINDOWS\system32\tfcdctuw.dll
C:\WINDOWS\system32\tinlds.dll
C:\WINDOWS\system32\uFiPAJjl.ini
C:\WINDOWS\system32\uFiPAJjl.ini2
C:\WINDOWS\system32\uiehndxo.dll
C:\WINDOWS\system32\ujdbcigk.dll
C:\WINDOWS\system32\urqPgFvW.dll
C:\WINDOWS\system32\vjwosecl.dll
C:\WINDOWS\system32\wutbhf.dll
C:\WINDOWS\system32\xlcqwdin.dll
C:\WINDOWS\system32\xxyyvWQi.dll
C:\WINDOWS\system32\yeeqdy.dll
C:\WINDOWS\wnlmdakqlag.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_GENERIC_HOST_PROCESS_FOR_WIN-32_SERVICE
-------\Service_Generic Host Process for Win-32 Service


((((((((((((((((((((((((((((( Fichiers créés 2008-07-21 to 2008-08-21 ))))))))))))))))))))))))))))))))))))
.

2008-08-21 20:37 . 2008-08-21 21:05 250 --a------ C:\WINDOWS\gmer.ini
2008-08-21 15:19 . 2008-08-21 15:19 <REP> d-------- C:\Program Files\Avira
2008-08-21 15:19 . 2008-08-21 22:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Avira
2008-08-18 16:06 . 2008-08-18 16:31 102,664 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
2008-08-18 16:03 . 2008-08-18 16:36 <REP> d-------- C:\Documents and Settings\Benjamin\.housecall6.6
2008-08-18 12:25 . 2008-08-19 15:55 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-08-18 12:25 . 2008-08-18 12:25 1,409 --a------ C:\WINDOWS\QTFont.for
2008-08-14 15:03 . 2008-08-14 15:03 323,328 --a------ C:\WINDOWS\system32\nnnmlIaW.dll.vir
2008-08-13 12:21 . 2008-08-13 12:21 <REP> d-------- C:\Program Files\Last.fm
2008-08-13 12:21 . 2008-08-13 12:21 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Last.fm
2008-08-13 07:43 . 2008-08-13 07:43 99,200 --a------ C:\WINDOWS\system32\epomqhoj.dll.vir
2008-08-12 07:38 . 2008-08-12 07:38 323,328 --a------ C:\WINDOWS\system32\mlJbYSJC.dll.vir
2008-08-11 16:01 . 2008-08-11 16:01 98,688 --a------ C:\WINDOWS\system32\rmutfkau.dll.vir
2008-08-10 09:57 . 2008-08-10 09:57 323,328 --a------ C:\WINDOWS\system32\ljJYRJdE.dll.vir
2008-08-10 09:46 . 2008-08-10 09:23 192,512 --a------ C:\WINDOWS\bgrqfetx.dll.vir
2008-08-10 09:46 . 2008-08-10 09:23 86,016 --a------ C:\WINDOWS\lnvegaow.exe.vir
2008-08-10 09:37 . 2008-08-10 09:40 <REP> d-------- C:\Documents and Settings\Benjamin\Application Data\Juce VST Host
2008-08-10 09:34 . 2008-08-10 09:39 <REP> d-------- C:\Program Files\VstPlugins
2008-08-10 09:34 . 2002-07-08 00:14 1,294,336 --a------ C:\WINDOWS\system32\vorbis.acm
2008-08-10 09:34 . 2006-06-20 10:56 225,280 --a------ C:\WINDOWS\system32\rewire.dll
2008-08-10 09:33 . 2008-08-10 09:33 <REP> d-------- C:\Program Files\Outsim
2008-08-10 09:32 . 2008-08-10 09:56 <REP> d-------- C:\Program Files\Image-Line
2008-08-09 12:17 . 2008-08-14 18:44 <REP> d-------- C:\Program Files\IMVU
2008-08-09 12:17 . 2008-08-15 12:52 <REP> d-------- C:\Documents and Settings\Benjamin\Application Data\IMVU
2008-08-06 00:33 . 2008-08-19 15:55 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2008-08-04 08:13 . 2008-08-04 08:13 <REP> d-------- C:\Documents and Settings\Benjamin\Application Data\Simply Super Software
2008-08-04 00:44 . 2008-08-04 00:44 <REP> d-------- C:\Program Files\AVG
2008-08-04 00:44 . 2008-08-04 00:44 <REP> d-------- C:\Documents and Settings\Benjamin\Application Data\AVGTOOLBAR
2008-08-03 21:41 . 2008-08-03 21:41 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\DAEMON Tools
2008-08-03 21:37 . 2008-08-03 21:37 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Media Player Classic
2008-08-03 20:39 . 2008-08-14 10:58 <REP> d-------- C:\Program Files\Trojan Remover
2008-08-03 20:39 . 2008-08-03 20:39 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Simply Super Software
2008-08-03 20:39 . 2008-08-03 20:39 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\Simply Super Software
2008-08-03 20:39 . 2006-05-25 15:52 162,304 --a------ C:\WINDOWS\system32\ztvunrar36.dll
2008-08-03 20:39 . 2003-02-02 20:06 153,088 --a------ C:\WINDOWS\system32\UNRAR3.dll
2008-08-03 20:39 . 2005-08-26 01:50 77,312 --a------ C:\WINDOWS\system32\ztvunace26.dll
2008-08-03 20:39 . 2002-03-06 01:00 75,264 --a------ C:\WINDOWS\system32\unacev2.dll
2008-08-03 20:39 . 2006-06-19 13:01 69,632 --a------ C:\WINDOWS\system32\ztvcabinet.dll
2008-08-03 19:34 . 2008-08-03 19:34 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
2008-08-03 19:34 . 2008-08-03 19:34 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-08-03 19:34 . 2008-08-03 21:31 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents
2008-08-03 19:34 . 2008-08-03 19:34 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-08-03 19:34 . 2008-08-03 19:34 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris
2008-08-03 19:34 . 2008-08-03 21:50 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-08-03 19:06 . 2008-08-03 19:07 <REP> d-------- C:\Documents and Settings\Administrateur\Application Data\MSN6
2008-08-03 19:00 . 2008-08-03 19:12 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-08-03 19:00 . 2008-08-03 19:12 <REP> d-------- C:\Documents and Settings\Administrateur
2008-08-03 19:00 . 2004-08-19 15:56 54,400 --a------ C:\WINDOWS\system32\drivers\i8042prt.sys

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-21 20:22 --------- d-----w C:\Program Files\Steam
2008-08-21 13:07 --------- d-----w C:\Documents and Settings\Benjamin\Application Data\uTorrent
2008-08-20 18:50 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-08-19 18:07 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-19 18:07 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-08-13 10:21 --------- d-----w C:\Program Files\iTunes
2008-08-06 23:22 --------- d-----w C:\Documents and Settings\Benjamin\Application Data\LimeWire
2008-08-05 22:38 --------- d-----w C:\Documents and Settings\Benjamin\Application Data\Xfire
2008-08-04 06:16 --------- d-----w C:\Documents and Settings\Benjamin\Application Data\Hamachi
2008-08-03 17:44 --------- d-----w C:\Program Files\Google
2008-08-03 17:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2008-08-03 17:25 --------- d-----w C:\Program Files\Xfire
2008-08-03 17:25 --------- d-----w C:\Program Files\Warcraft III
2008-08-03 17:22 --------- d-----w C:\Program Files\LucasArts
2008-07-10 00:40 24,944 ----a-w C:\WINDOWS\system32\drivers\GVTDrv.sys
2008-07-09 20:59 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll
2008-07-09 18:21 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-07-08 01:10 --------- d-----w C:\Program Files\Red Storm Entertainment
2008-07-02 21:45 --------- d-----w C:\Program Files\Playboy - The Mansion
2008-06-26 20:10 42,320 ----a-w C:\WINDOWS\system32\xfcodec.dll
2008-06-26 17:40 --------- d-----w C:\Program Files\Safari
2008-06-24 11:45 --------- d-----w C:\Program Files\Project64 1.6
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-09 22:19 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2008-03-25 23:15 22,328 ----a-w C:\Documents and Settings\Benjamin\Application Data\PnkBstrK.sys
2008-01-18 16:52 473 ----a-w C:\Documents and Settings\Benjamin\qhjvdt.exe
2008-01-18 15:21 317 ----a-w C:\Documents and Settings\Benjamin\mbprjn.exe
2008-01-17 15:18 317 ----a-w C:\Documents and Settings\Benjamin\djcugr.exe
2008-01-17 15:11 317 ----a-w C:\Documents and Settings\Benjamin\lrxasu.exe
2008-01-17 14:38 4,427 ----a-w C:\Documents and Settings\Benjamin\sotanc.exe
2008-01-17 10:44 317 ----a-w C:\Documents and Settings\Benjamin\tzuxys.exe
2008-01-17 10:42 8,192 ----a-w C:\Documents and Settings\Benjamin\oprgsy.exe
2008-01-17 06:46 317 ----a-w C:\Documents and Settings\Benjamin\aqoswa.exe
2008-01-16 07:19 8,192 ----a-w C:\Documents and Settings\Benjamin\ujjbxu.exe
2008-01-16 07:06 317 ----a-w C:\Documents and Settings\Benjamin\dqyxis.exe
2008-01-15 22:17 317 ----a-w C:\Documents and Settings\Benjamin\yyituv.exe
2008-01-15 22:11 317 ----a-w C:\Documents and Settings\Benjamin\dmlmzt.exe
2008-01-15 21:30 317 ----a-w C:\Documents and Settings\Benjamin\qxasdj.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-19 17:09 15360]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 12:34 5724184]
"Steam"="c:\program files\steam\steam.exe" [2008-03-28 06:52 1271032]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2008-02-01 22:32 8699904]
"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\daemon.exe" [2008-04-01 11:39 486856]
"AdobeUpdater"="C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe" [2007-03-01 10:37 2321600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2008-05-16 14:01 13529088]
"JMB36X IDE Setup"="C:\WINDOWS\RaidTool\xInsIDE.exe" [2007-03-20 08:36 36864]
"36X Raid Configurer"="C:\WINDOWS\System32\xRaidSetup.exe" [2007-08-29 10:55 1966080]
"EasyTuneVPro"="C:\Program Files\Gigabyte\ET5Pro\ETcall.exe" [2007-07-26 16:05 20480]
"PSPVideo9"="C:\Program Files\pspvideo9\pspVideo9.exe" [2005-10-30 02:56 606208]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 04:42 144784]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" [2004-08-03 23:32 208952]
"MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-03 23:31 59392]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 23:32 455168]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE" [2004-08-03 23:32 455168]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-10-25 16:33 563984]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-10-25 16:37 2178832]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2007-12-05 01:41 81920]
"TrojanScanner"="C:\Program Files\Trojan Remover\Trjscan.exe" [2008-07-30 15:00 909904]
"nwiz"="nwiz.exe" [2007-12-05 01:41 1626112 C:\WINDOWS\system32\nwiz.exe]
"RTHDCPL"="RTHDCPL.EXE" [2008-05-07 15:39 16862208 C:\WINDOWS\RTHDCPL.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-19 17:09 15360]
"MySpaceIM"="C:\Program Files\MySpace\IM\MySpaceIM.exe" [2008-02-01 22:32 8699904]

C:\Documents and Settings\Benjamin\Menu D‚marrer\Programmes\D‚marrage\
hamachi.lnk - C:\Program Files\Hamachi\hamachi.exe [2008-01-06 02:53:37 624416]
IMVU.lnk - C:\Program Files\IMVU\IMVUClient.exe [2008-08-08 03:36:50 49408]
Xfire.lnk - C:\Program Files\Xfire\xfire.exe [2008-06-26 22:10:40 3031376]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-01-13 18:29:31 125624]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.XFR1"= xfcodec.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Quake III Arena\\quake3.exe"=
"C:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"C:\\Program Files\\Steam\\steamapps\\kazuo13\\counter-strike\\hl.exe"=
"C:\\Program Files\\Steam\\steamapps\\kazuo13\\condition zero\\hl.exe"=
"C:\\WINDOWS\\system32\\PnkBstrA.exe"=
"C:\\WINDOWS\\system32\\PnkBstrB.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\WINDOWS\\system32\\dplaysvr.exe"=
"C:\\WINDOWS\\system32\\dpnsvr.exe"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\America's Army\\System\\ArmyOps.exe"=
"C:\\Program Files\\Xfire\\xfire.exe"=
"C:\\Program Files\\LucasArts\\Star Wars JK II Jedi Outcast\\GameData\\jk2mp.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Steam\\steamapps\\kazuo13\\team fortress 2\\hl2.exe"=
"C:\\Program Files\\LucasArts\\Star Wars Jedi Knight Jedi Academy\\GameData\\jamp.exe"=
"C:\\Program Files\\Steam\\steamapps\\kazuo13\\condition zero deleted scenes\\hl.exe"=
"C:\\Program Files\\Fazsoftware\\Dukester X\\2.0\\DukesterX.exe"=
"C:\\Documents and Settings\\Benjamin\\Bureau\\DUKE3D\\duke3d_w32_bin\\bin\\duke3d_w32.exe"=
"C:\\Program Files\\Warcraft III\\Warcraft III.exe"=
"C:\\Program Files\\MySpace\\IM\\MySpaceIM.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=

S3 fbxusb;Carte réseau virtuelle FreeBox USB;C:\WINDOWS\system32\DRIVERS\fbxusb32.sys [2004-10-20 15:23]
S3 GVTDrv;GVTDrv;C:\WINDOWS\system32\Drivers\GVTDrv.sys [2008-07-10 02:40]
S3 MarkFun_NT;MarkFun_NT;C:\Program Files\Gigabyte\ET5Pro\markfun.w32 [2007-08-21 12:49]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\ncd.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a684b750-c8df-11dc-95c0-001a4d5c9ae1}]
\Shell\AutoRun\command - E:\start.exe
\Shell\iledefrance\command - E:\start.exe
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'

2008-07-03 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:57]
.
- - - - ORPHANS REMOVED - - - -

HKLM-Run-avast! - C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Benjamin\Application Data\Mozilla\Firefox\Profiles\k21sepft.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://fr.start2.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:fr fficial
FF -: plugin - C:\Documents and Settings\Benjamin\Application Data\Mozilla\Firefox\Profiles\k21sepft.default\extensions\flashplugin@idm\platform\WINNT\plugins\npidmdcp.dll
FF -: plugin - C:\Program Files\Google\Google Updater\2.2.1111.1511\npCIDetect11.dll
FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npGoogleGadgetPluginFirefoxWin.dll
FF -: plugin - C:\Program Files\Real\RhapsodyPlayerEngine\nprhapengine.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-21 22:37:02
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...


**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MarkFun_NT]
"ImagePath"="\??\C:\Program Files\Gigabyte\ET5Pro\markfun.w32"
.
Temps d'accomplissement: 2008-08-21 22:44:28
ComboFix-quarantined-files.txt 2008-08-21 20:43:26

Pre-Run: 1,983,631,360 octets libres
Post-Run: 1,980,497,920 octets libres

308 --- E O F --- 2008-07-09 17:47:55



Voici celui de Hijackthis :

http://www.hijackthis.de/#anl

oops le lien est invalide ...

Tu as regardé l'aide pour Hijackthis ?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:12, on 2008-08-22
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avscan.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [EasyTuneVPro] C:\Program Files\Gigabyte\ET5Pro\ETcall.exe
O4 - HKLM\..\Run: [PSPVideo9] C:\Program Files\pspvideo9\pspVideo9.exe -t
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Benjamin\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PsExec (PSEXESVC) - Unknown owner - C:\WINDOWS\PSEXESVC.EXE (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe

--
End of file - 8288 bytes




[Voilà, désolé mais hier ça ne marchais pas

Re,

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".

Afin de lancer la recherche, clic sur"Rechercher".

Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

AIDE : Tuto en images sur MBAM

Voici le rapport suite au Scan :


Malwarebytes' Anti-Malware 1.25
Version de la base de données: 1076
Windows 5.1.2600 Service Pack 2

15:20:28 2008-08-22
mbam-log-08-22-2008 (15-20-18).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 198102
Temps écoulé: 40 minute(s), 9 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 20
Valeur(s) du Registre infectée(s): 2
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 42

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\browsingenhancer.browserwatcher (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\browsingenhancer.browserwatcher.1 (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\browsingenhancer.pornpro_bho (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\browsingenhancer.pornpro_bho.1 (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\browsingenhancer.precachebrowserhost (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\browsingenhancer.precachebrowserhost.1 (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{125e9d24-2428-38d2-8e23-804e3275209c} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{3f2579e9-ec37-3112-9bde-d2db14e95c32} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{e12688ce-9384-28e3-a041-4e1a9ce14506} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{96fdc0f6-929e-e96c-597f-386cd3c7d7aa} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{b056fd59-0c72-3878-da81-4c5239908200} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{98d555cc-a569-43fb-2f43-3a98ccda4b50} (Adware.BHO) -> No action taken.
HKEY_CLASSES_ROOT\AppID\{40b2127e-cc18-37d0-43ca-afa158c64001} (Adware.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\browsingenhancer (Adware.PlayMP3Z-biz) -> No action taken.
HKEY_CLASSES_ROOT\AppID\BrowsingEnhancer.DLL (Adware.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\BrowsingEnhancer (Adware.Agent) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\OneMoreKey (Rogue.Installer) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\fbrowsingadvisor_is1 (Trojan.FBrowsingAdvisor) -> No action taken.
HKEY_CLASSES_ROOT\bgrqfetx.bolb (Trojan.FakeAlert) -> No action taken.

Valeur(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\host-domain-lookup.com (Malware.Trace) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow\www.host-domain-lookup.com (Malware.Trace) -> No action taken.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Program Files\BrowsingEnhancer (Adware.PlayMP3Z-biz) -> No action taken.

Fichier(s) infecté(s):
C:\Program Files\Mozilla Firefox\regxpcom.exe (Trojan.FBrowsingAdvisor) -> No action taken.
C:\QooBox\Quarantine\C\Program Files\FBrowsingAdvisor\XPCOMEvents.dll.vir (Trojan.FBrowsingAdvisor) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\edlb.exe.vir (Trojan.FakeAlert) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\artvxlep.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\ayvqkt.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\bgvvki.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\cmatrn.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\dmwpsb.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\ediima.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\ezcovm.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\gtasgdnb.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\hiotpolt.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\hiubhkti.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\hsqqed.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\iaiptwsn.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\jdckdruy.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\jetyyyhp.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\krkcmloa.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\ljJAPiFu.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\lwwehowy.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\mdrttk.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\oahdrhfk.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\otckqf.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\qcgpwupj.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\qqnwycat.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\szxlna.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\tfcdctuw.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\tinlds.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\uiehndxo.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\urqPgFvW.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\vjwosecl.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\xlcqwdin.dll.vir (Trojan.Vundo) -> No action taken.
C:\QooBox\Quarantine\C\WINDOWS\system32\yeeqdy.dll.vir (Trojan.Vundo) -> No action taken.
C:\WINDOWS\lnvegaow.exe.vir (Trojan.Vapsup) -> No action taken.
C:\WINDOWS\system32\epomqhoj.dll.vir (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\ljJYRJdE.dll.vir (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\mlJbYSJC.dll.vir (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\nnnmlIaW.dll.vir (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\rmutfkau.dll.vir (Trojan.Vundo) -> No action taken.
C:\Program Files\BrowsingEnhancer\BrowsingEnhancer.dat (Adware.PlayMP3Z-biz) -> No action taken.
C:\Program Files\BrowsingEnhancer\pcre3.dll (Adware.PlayMP3Z-biz) -> No action taken.
C:\Program Files\BrowsingEnhancer\uninstall.exe (Adware.PlayMP3Z-biz) -> No action taken.

Tu as bien supprimé les infections ?

j'ai bien suivi la procédure... je refais un scan pour voir ce qu'il en ai

aucun élément nuisible détecté...

toujours le même problème une fois que j'essai de relancer mon pc normalement
j'aimerai savoir à quoi correspond les 2 codes suivants dans mon message d'erreur dont j'avais parlé précédemment :

Information techniques :

*** 0x0000008E (0xC0000005, 0BFB11ED5, 0xB5C4C7CC, 0x00000000)

*** nv4_disp.dll - Adress BFB11ED5 base at BF9D5000, DateStamp 47567aa4

Ça ressemble plus à un problème Hardware.
Reposte un rapport Hijackthis.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:16, on 2008-08-22
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: (no name) - {A057A204-BACC-4D26-9990-79A187E2698E} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\System32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [EasyTuneVPro] C:\Program Files\Gigabyte\ET5Pro\ETcall.exe
O4 - HKLM\..\Run: [PSPVideo9] C:\Program Files\pspvideo9\pspVideo9.exe -t
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Fichiers communs\Adobe\Updater5\AdobeUpdater.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe
O4 - Startup: IMVU.lnk = C:\Program Files\IMVU\IMVUClient.exe
O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\xfire.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Benjamin\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
O23 - Service: Avira AntiVir Personal – Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal – Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PsExec (PSEXESVC) - Unknown owner - C:\WINDOWS\PSEXESVC.EXE (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe

--
End of file - 8089 bytes

Tu devrais voir dans Hardware pour tes problèmes de BSoD.

ok
merci pour ton aide Angeldark  

Bonne chance.

pour netraliser le virus allez dans executer et taper shutdown -a