Nogash

Voilà purgé, fini les problèmes. Merci et bonne année à toi aussi !

Je te remercie beaucoup pour ton aide, en effet mon pc respire bien mieux. Merci aussi pour les conseils. J'ai juste une dernière question : est-ce que je supprime les fichiers qui sont en quarantaine ? Je suppose que oui, mais je demande quand même. Merci encore. Cdt.

Voici le rapport de malwarebytes : Malwarebytes' Anti-Malware 1.43 Version de la base de données: 3470 Windows 6.0.6000 Internet Explorer 7.0.6000.16386 02/01/2010 00:13:16 mbam-log-2010-01-02 (00-13-16).txt Type de recherche: Examen complet (C:\|D:\|H:\|) Eléments examinés: 188352 Temps écoulé: 1 hour(s), 4 minute(s), 1 second(s) Processus mémoire infecté(s): 2 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 1 Valeur(s) du Registre infectée(s): 1 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 2 Fichier(s) infecté(s): 11 Processus mémoire infecté(s): C:\Program Files\Winsudate\gibusr.exe (Adware.édité) -> Unloaded process successfully. C:\Program Files\Winsudate\gibsvc.exe (Adware.édité) -> Unloaded process successfully. Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\winsvc (Adware.édité) -> Quarantined and deleted successfully. Valeur(s) du Registre infectée(s): HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\winusr (Adware.édité) -> Quarantined and deleted successfully. Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): C:\Program Files\Winsudate (Adware.édité) -> Quarantined and deleted successfully. C:\Users\Romain\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\malware Defense (Rogue.MalwareDefense) -> Quarantined and deleted successfully. Fichier(s) infecté(s): C:\Program Files\Winsudate\gibusr.exe (Adware.édité) -> Quarantined and deleted successfully. C:\Program Files\Winsudate\gibsvc.exe (Adware.édité) -> Quarantined and deleted successfully. C:\Program Files\Winsudate\gibcom.dll (Adware.édité) -> Quarantined and deleted successfully. C:\Program Files\Winsudate\gibidl.dll (Adware.édité) -> Quarantined and deleted successfully. C:\Program Files\Winsudate\gibupt.exe (Adware.édité) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\Malware Defense\mdefense.exe.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Program Files\Malware Defense\mdext.dll.vir (Trojan.TDSS) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Windows\System32\H8SRTprhijisgqn.dll.vir (Rootkit.TDSS) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Windows\System32\H8SRTxdmlwvxkuh.dll.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\Qoobox\Quarantine\C\Windows\System32\drivers\H8SRTsqkrmpbudt.sys.vir (Malware.Packer) -> Quarantined and deleted successfully. C:\Windows\System32\krl32mainweq.dll (Trojan.DNSChanger) -> Quarantined and deleted successfully.

J'ai redémarré, tout marche nickel, et je ne vois plus Malware Defense. Voici le rapport : ComboFix 09-12-31.A1 - Romain 01/01/2010 21:08:48.1.1 - x86 Microsoft® Windows Vista™ Édition Familiale Premium 6.0.6000.0.1252.33.1036.18.1014.261 [GMT 1:00] Lancé depuis: c:\users\Romain\Desktop\Nogash.exe SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-2152478756-3922319563-605102323-500 c:\program files\Malware Defense c:\program files\Malware Defense\help.ico c:\program files\Malware Defense\md.db c:\program files\Malware Defense\mdefense.exe c:\program files\Malware Defense\mdext.dll c:\windows\system32\drivers\H8SRTsqkrmpbudt.sys c:\windows\system32\H8SRTmpbusqojks.dat c:\windows\system32\H8SRTprhijisgqn.dll c:\windows\system32\H8SRTxdmlwvxkuh.dll c:\windows\system32\srcr.dat . ((((((((((((((((((((((((((((((((((((((( Pilotes/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Service_H8SRTd.sys -------\Legacy_H8SRTd.sys ((((((((((((((((((((((((((((( Fichiers créés du 2009-12-01 au 2010-01-01 )))))))))))))))))))))))))))))))))))) . 2010-01-01 20:16 . 2010-01-01 20:19 -------- d-----w- c:\users\Romain\AppData\Local\temp 2010-01-01 20:16 . 2010-01-01 20:16 -------- d-----w- c:\users\Default\AppData\Local\temp 2010-01-01 18:42 . 2010-01-01 18:42 -------- d-----w- c:\programdata\Malwarebytes 2010-01-01 18:42 . 2010-01-01 18:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-01-01 18:22 . 2010-01-01 18:24 -------- d-----w- C:\tdsskiller 2009-12-30 02:33 . 2009-12-30 02:33 -------- d-----w- C:\$AVG 2009-12-30 02:33 . 2009-12-30 11:53 -------- d-----w- c:\programdata\avg9 2009-12-30 02:33 . 2009-12-30 02:33 -------- d-----w- c:\program files\AVG 2009-12-30 01:56 . 2010-01-01 00:30 873 ----a-w- c:\windows\system32\krl32mainweq.dll 2009-12-25 14:16 . 2009-12-25 14:16 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\Xobni 2009-12-25 14:15 . 2009-12-25 14:15 -------- d-----w- c:\users\Romain\AppData\Local\Pando 2009-12-25 14:15 . 2009-12-25 14:15 -------- d-----w- c:\program files\Pando Networks 2009-12-14 21:32 . 2009-12-14 21:32 -------- d-----w- c:\program files\Winsudate 2009-12-06 12:51 . 2009-12-06 12:51 -------- d-----w- c:\program files\Microsoft . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-01 18:37 . 2009-10-18 01:00 -------- d-----w- c:\program files\Steam 2009-12-29 01:04 . 2009-04-29 02:10 690832 ----a-w- c:\windows\system32\perfh00C.dat 2009-12-29 01:04 . 2009-04-29 02:10 117572 ----a-w- c:\windows\system32\perfc00C.dat 2009-12-15 10:09 . 2009-10-31 12:51 -------- d-----w- c:\users\Romain\AppData\Roaming\uTorrent 2009-11-25 12:00 . 2009-11-25 12:00 -------- d-----w- c:\program files\CD_DartyBox 2009-11-25 12:00 . 2009-11-25 12:00 -------- d-----w- c:\program files\DartyBox_v3 2009-11-25 12:00 . 2009-04-30 19:37 -------- d-----w- c:\program files\Assistant Dartybox 2009-11-23 16:39 . 2006-11-02 12:37 -------- d-----w- c:\program files\Microsoft Games 2009-11-14 14:32 . 2009-05-04 17:58 -------- d-----w- c:\program files\Audacity 2009-11-14 14:07 . 2009-11-14 14:07 -------- d-----w- c:\programdata\Blizzard Entertainment 2009-11-07 15:38 . 2009-11-07 15:38 -------- d-----w- c:\program files\Red Kawa 2009-11-04 21:13 . 2009-11-04 21:13 -------- d-----w- c:\programdata\AVS4YOU 2009-11-04 21:13 . 2009-11-04 21:13 -------- d-----w- c:\users\Romain\AppData\Roaming\AVS4YOU 2009-11-04 21:08 . 2009-11-04 21:08 -------- d-----w- c:\program files\AVS4YOU 2009-11-04 21:08 . 2009-11-04 21:08 -------- d-----w- c:\program files\Common Files\AVSMedia 2009-11-03 21:06 . 2009-11-03 21:06 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Roaming\Ahead 2009-11-03 19:49 . 2009-11-03 19:49 98304 ----a-w- c:\windows\system32\CmdLineExt.dll 2009-11-03 19:49 . 2009-04-29 16:05 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-11-03 19:45 . 2009-11-03 19:45 -------- d-----w- c:\program files\KONAMI 2009-11-02 19:42 . 2009-10-02 23:59 195456 ------w- c:\windows\system32\MpSigStub.exe 2009-10-25 19:55 . 2009-08-15 20:15 92 ----a-w- c:\users\Romain\AppData\Local\mlkjihg.bat 2009-05-01 21:02 . 2009-05-01 21:02 1044480 ----a-w- c:\program files\mozilla firefox\plugins\libdivx.dll 2009-05-01 21:02 . 2009-05-01 21:02 200704 ----a-w- c:\program files\mozilla firefox\plugins\ssldivx.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Steam"="c:\program files\Steam\Steam.exe" [2009-12-17 1217808] "Assistant DartyBox"="c:\program files\DartyBox_v3\Sagem\AssistantDB\AssistantDB_Sagem.exe" [2009-04-09 4665856] "WinUsr"="c:\program files\Winsudate\gibusr.exe" [2009-12-14 88304] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2009-05-01 1006264] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-18 141848] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-18 166424] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-18 133656] "IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-04 186904] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-04-29 282624] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableLUA"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice] @="Service" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk] path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk backup=c:\windows\pss\Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk.CommonStartup backupExtension=.CommonStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2008-02-13 23:09 486856 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAAnotif] 2009-06-04 17:03 186904 ----a-w- c:\program files\Intel\Intel Matrix Storage Manager\IAAnotif.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\L'Assistant DartyBox] 2007-06-05 20:15 151552 ----a-w- c:\program files\Assistant Dartybox\upgrade_manager.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2006-01-12 13:40 155648 ----a-w- c:\program files\Common Files\Ahead\Lib\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-04-29 16:05 282624 ----a-w- c:\program files\QuickTime\qttask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SMSERIAL] 2006-10-09 18:43 729088 ----a-w- c:\program files\Motorola\SMSERIAL\sm56hlpr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2009-04-30 19:54 148888 ----a-w- c:\program files\Java\jre6\bin\jusched.exe R2 WinSvc;Gestionnaire de mise à jour Winsudate;c:\program files\Winsudate\gibsvc.exe [14/12/2009 22:32 70896] R3 SIS163u;SiS163 USB Wireless LAN Adapter Driver;c:\windows\System32\drivers\sis163u.sys [27/08/2009 20:22 218112] S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [01/09/2009 07:07 234864] S3 netr73;Belkin Wireless G Plus MIMO USB Network Adapter Driver for Vista;c:\windows\System32\drivers\netr73.sys [11/05/2007 15:40 329728] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?] S3 Service CANALPLAY;Service CANALPLAY;c:\program files\Lecteur CANALPLAY\CanalPlayService.exe [30/04/2009 20:39 370536] S4 sptd;sptd;c:\windows\System32\drivers\sptd.sys [10/05/2009 16:31 716272] . . ------- Examen supplémentaire ------- . uStart Page = hxxp://www.dartybox.com FF - ProfilePath - c:\users\Romain\AppData\Roaming\Mozilla\Firefox\Profiles\kdspn8e9.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.google.fr/ FF - prefs.js: keyword.URL - hxxp://www.wibeez.com/renseignement?search&q= FF - plugin: c:\program files\ma-config.com\nphardwaredetection.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll . - - - - ORPHELINS SUPPRIMES - - - - HKCU-Run-Malware Defense - c:\program files\Malware Defense\mdefense.exe MSConfigStartUp-PlayerKiosquePlus - c:\program files\Lecteur CANALPLAY\PlayerKiosquePlus.exe AddRemove-SiS163u - c:\windows\system32\unwlsdrv.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-01-01 21:20 Windows 6.0.6000 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- CLES DE REGISTRE BLOQUEES --------------------- [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:0000003d . ------------------------ Autres processus actifs ------------------------ . c:\program files\Lavasoft\Ad-Aware\aawservice.exe c:\windows\system32\igfxsrvc.exe c:\program files\Intel\Intel Matrix Storage Manager\Iaantmon.exe c:\windows\system32\pcaui.exe c:\windows\system32\conime.exe . ************************************************************************** . Heure de fin: 2010-01-01 21:24:29 - La machine a redémarré ComboFix-quarantined-files.txt 2010-01-01 20:24 Avant-CF: 7 114 031 104 octets libres Après-CF: 8 307 712 000 octets libres - - End Of File - - 30C1EF5BA1912B93AD498355F220C297

Me revoila. J'ai effectué le scan avec Combofix, seul souci je ne peux plus ouvrir firefox ou IE, un message s'affiche : "Tentative d'opération non autorisée sur une clé du Registre marquée pour suppression". Je suis sur un autre pc (j'ai la chance d'avoir 2 pc chez moi), j'ai 1 ou 2 idées pour remettre Firefox sur mon pc mais j'attends ta réponse avant de faire quoique ce soit. Aussi, je ne peux pas poster le résultalt du scan de combofix, je ne peux même pas ouvrir le fichier .txt, le même message d'erreur s'affiche.

Mon système est un 32 bits.

J'ai suivi tes instructions jusqu'à Malwarebytes, mais impossible d'installer ce dernier. Quand je lance mbam-setup, il ne se passe rien. Et quand je lance mbam-rules, l'assistant d'installation se lance, il procède à l'installation, je ferme, et rien. J'ai vérifié dans mes programmes, il y a bien un dossier malwarebytes mais il est vide. J'ai peut-être mal fait une manip', si c'est le cas dsl. En revanche j'ai le rapport de TDSSKiller, que voici : 19:24:09:571 2656 TDSSKiller 2.1.1 Dec 20 2009 02:40:02 19:24:09:571 2656 ================================================================================ 19:24:09:571 2656 SystemInfo: 19:24:09:571 2656 OS Version: 6.0.6000 ServicePack: 0.0 19:24:09:571 2656 Product type: Workstation 19:24:09:571 2656 ComputerName: PC-DE-ROMAIN 19:24:09:571 2656 UserName: Romain 19:24:09:571 2656 Windows directory: C:\Windows 19:24:09:571 2656 Processor architecture: Intel x86 19:24:09:571 2656 Number of processors: 1 19:24:09:571 2656 Page size: 0x1000 19:24:09:573 2656 Boot type: Normal boot 19:24:09:573 2656 ================================================================================ 19:24:09:578 2656 main: Driver KLMD successfully unloaded 19:24:10:078 2656 ForceUnloadDriver: NtUnloadDriver error 2 19:24:10:078 2656 ForceUnloadDriver: NtUnloadDriver error 2 19:24:10:078 2656 MyNtCreateFileW: NtCreateFile(\??\C:\Windows\system32\Drivers\KLMD.sys) returned status 0 19:24:10:081 2656 main: Driver KLMD successfully dropped 19:24:10:103 2656 main: Driver KLMD successfully loaded 19:24:10:103 2656 Scanning Registry ... 19:24:10:103 2656 ScanServices: Searching service UACd.sys 19:24:10:103 2656 ScanServices: Open/Create key error 2 19:24:10:103 2656 ScanServices: Searching service TDSSserv.sys 19:24:10:103 2656 ScanServices: Open/Create key error 2 19:24:10:106 2656 ScanServices: Searching service gaopdxserv.sys 19:24:10:106 2656 ScanServices: Open/Create key error 2 19:24:10:106 2656 ScanServices: Searching service gxvxcserv.sys 19:24:10:106 2656 ScanServices: Open/Create key error 2 19:24:10:106 2656 ScanServices: Searching service MSIVXserv.sys 19:24:10:106 2656 ScanServices: Open/Create key error 2 19:24:10:108 2656 UnhookRegistry: Kernel module file name: C:\Windows\system32\ntkrnlpa.exe, base addr: 81C00000 19:24:10:111 2656 UnhookRegistry: Kernel local addr: 12B0000 19:24:10:111 2656 UnhookRegistry: KeServiceDescriptorTable addr: 13E1B00 19:24:10:113 2656 UnhookRegistry: KiServiceTable addr: 13305CC 19:24:10:113 2656 UnhookRegistry: NtEnumerateKey service number (local): 85 19:24:10:113 2656 UnhookRegistry: NtEnumerateKey local addr: 13E7F06 19:24:10:118 2656 KLMD_OpenDevice: Trying to open KLMD device 19:24:10:118 2656 KLMD_GetSystemRoutineAddressA: Trying to get system routine address ZwEnumerateKey 19:24:10:118 2656 KLMD_GetSystemRoutineAddressW: Trying to get system routine address ZwEnumerateKey 19:24:10:118 2656 KLMD_ReadMem: Trying to ReadMemory 0x81C7E551[0x4] 19:24:10:118 2656 UnhookRegistry: NtEnumerateKey service number (kernel): 85 19:24:10:118 2656 KLMD_ReadMem: Trying to ReadMemory 0x81C807E0[0x4] 19:24:10:118 2656 UnhookRegistry: NtEnumerateKey real addr: 81D37F06 19:24:10:118 2656 UnhookRegistry: NtEnumerateKey calc addr: 81D37F06 19:24:10:118 2656 UnhookRegistry: No SDT hooks found on NtEnumerateKey 19:24:10:118 2656 KLMD_ReadMem: Trying to ReadMemory 0x81D37F06[0xA] 19:24:10:118 2656 UnhookRegistry: No splicing found on NtEnumerateKey 19:24:10:123 2656 Scanning Kernel memory ... 19:24:10:123 2656 KLMD_OpenDevice: Trying to open KLMD device 19:24:10:123 2656 KLMD_GetSystemObjectAddressByNameA: Trying to get system object address by name \Driver\Disk 19:24:10:123 2656 KLMD_GetSystemObjectAddressByNameW: Trying to get system object address by name \Driver\Disk 19:24:10:123 2656 DetectCureTDL3: \Driver\Disk PDRIVER_OBJECT: 86650310 19:24:10:123 2656 DetectCureTDL3: KLMD_GetDeviceObjectList returned 1 DevObjects 19:24:10:123 2656 DetectCureTDL3: 0 Curr stack PDEVICE_OBJECT: 86753520 19:24:10:123 2656 KLMD_GetLowerDeviceObject: Trying to get lower device object for 86753520 19:24:10:123 2656 DetectCureTDL3: 0 Curr stack PDEVICE_OBJECT: 849FE848 19:24:10:123 2656 KLMD_GetLowerDeviceObject: Trying to get lower device object for 849FE848 19:24:10:123 2656 DetectCureTDL3: 0 Curr stack PDEVICE_OBJECT: 849A1028 19:24:10:123 2656 KLMD_GetLowerDeviceObject: Trying to get lower device object for 849A1028 19:24:10:123 2656 KLMD_ReadMem: Trying to ReadMemory 0x849A1028[0x38] 19:24:10:123 2656 DetectCureTDL3: DRIVER_OBJECT addr: 84913030 19:24:10:123 2656 KLMD_ReadMem: Trying to ReadMemory 0x84913030[0xA8] 19:24:10:123 2656 KLMD_ReadMem: Trying to ReadMemory 0x849ED968[0x208] 19:24:10:123 2656 DetectCureTDL3: DRIVER_OBJECT name: \Driver\iaStor, Driver Name: iaStor 19:24:10:123 2656 DetectCureTDL3: IrpHandler (0) addr: 81B70360 19:24:10:123 2656 DetectCureTDL3: IrpHandler (1) addr: 81C1D1E8 19:24:10:123 2656 DetectCureTDL3: IrpHandler (2) addr: 81B70360 19:24:10:123 2656 DetectCureTDL3: IrpHandler (3) addr: 81C1D1E8 19:24:10:126 2656 DetectCureTDL3: IrpHandler (4) addr: 81C1D1E8 19:24:10:126 2656 DetectCureTDL3: IrpHandler (5) addr: 81C1D1E8 19:24:10:126 2656 DetectCureTDL3: IrpHandler (6) addr: 81C1D1E8 19:24:10:126 2656 DetectCureTDL3: IrpHandler (7) addr: 81C1D1E8 19:24:10:126 2656 DetectCureTDL3: IrpHandler ( addr: 81C1D1E8 19:24:10:126 2656 DetectCureTDL3: IrpHandler (9) addr: 81C1D1E8 19:24:10:126 2656 DetectCureTDL3: IrpHandler (10) addr: 81C1D1E8 19:24:10:126 2656 DetectCureTDL3: IrpHandler (11) addr: 81C1D1E8 19:24:10:126 2656 DetectCureTDL3: IrpHandler (12) addr: 81C1D1E8 19:24:10:126 2656 DetectCureTDL3: IrpHandler (13) addr: 81C1D1E8 19:24:10:126 2656 DetectCureTDL3: IrpHandler (14) addr: 81B70360 19:24:10:126 2656 DetectCureTDL3: IrpHandler (15) addr: 80413A7C 19:24:10:126 2656 DetectCureTDL3: IrpHandler (16) addr: 81C1D1E8 19:24:10:126 2656 DetectCureTDL3: IrpHandler (17) addr: 81C1D1E8 19:24:10:126 2656 DetectCureTDL3: IrpHandler (18) addr: 81C1D1E8 19:24:10:126 2656 DetectCureTDL3: IrpHandler (19) addr: 81C1D1E8 19:24:10:126 2656 DetectCureTDL3: IrpHandler (20) addr: 81C1D1E8 19:24:10:126 2656 DetectCureTDL3: IrpHandler (21) addr: 81C1D1E8 19:24:10:126 2656 DetectCureTDL3: IrpHandler (22) addr: 81B70360 19:24:10:126 2656 DetectCureTDL3: IrpHandler (23) addr: 81B70360 19:24:10:126 2656 DetectCureTDL3: IrpHandler (24) addr: 81C1D1E8 19:24:10:126 2656 DetectCureTDL3: IrpHandler (25) addr: 81C1D1E8 19:24:10:126 2656 DetectCureTDL3: IrpHandler (26) addr: 81C1D1E8 19:24:10:126 2656 KLMD_ReadMem: Trying to ReadMemory 0x0[0x400] 19:24:10:126 2656 KLMD_ReadMem: DeviceIoControl error 1 19:24:10:126 2656 TDL3_StartIoHookDetect: Unable to get StartIo handler code 19:24:10:126 2656 TDL3_FileDetect: Processing driver: iaStor 19:24:10:126 2656 TDL3_FileDetect: Parameters: C:\Windows\system32\drivers\iastor.sys, C:\Windows\system32\Drivers\iastor.tsk, SYSTEM\CurrentControlSet\Services\iaStor, system32\Drivers\iastor.tsk 19:24:10:126 2656 TDL3_FileDetect: Processing driver file: C:\Windows\system32\drivers\iastor.sys 19:24:10:126 2656 KLMD_CreateFileW: Trying to open file C:\Windows\system32\drivers\iastor.sys 19:24:10:188 2656 Completed Results: 19:24:10:188 2656 Infected objects in memory: 0 19:24:10:188 2656 Cured objects in memory: 0 19:24:10:188 2656 Infected objects on disk: 0 19:24:10:188 2656 Objects on disk cured on reboot: 0 19:24:10:191 2656 Objects on disk deleted on reboot: 0 19:24:10:191 2656 Registry nodes deleted on reboot: 0 19:24:10:191 2656 Merci de ton aide.

Bonjour à tous, Je vous explique mon problème. Il y a quelques jours, mon pc a été infecté par Malware Defense. Il s'installe sans que je l'autorise, et impossible de le supprimer (enfin vous devez connaitre). J'aimerais connaitre le moyen de l'enlever, si vous pouviez me filer un petit coup de main je vous en serait très reconnaissant. J'ai en effet quelques notions en informatique (la base) mais ce logiciel me dépasse totalement et il est très envahissant. En vous remerciant. J'en profite aussi pour vous souhaiter une bonne année 2010 ! =)