Je ne sais plus quoi faire !!

Bonjour à tous,

Cela fait maintenant une semaine que mon pc est contaminé par les downloaders Agent bq et ap3 ...
Au début je faisais un peu n'importe quoi, puis en consultant entre autres ce forum et les divers liens qu'il propose, j'ai l'impression d'avoir fait de gros progrés ...
Malheureusement après scans et re-scans, le problème reste le même ...
Spybot, A²Square, Spyware-adware Remover, the Cleaner scan, etc ... j'ai l'impression d'avoir tout essayé !!
Et bien le résultat reste exactement le même lors de ma connexion à internet ; alarme AVP, page "about:blank", ...

Je vous fourni les résultats hijack, où j'ai passé de long moment à les interpréter ( grace au tutorial ) pour effacer les codes apparemment nuisibles ...mais ils reviennent toujours ...

Running Processes:
-----------------

#1: [smss.exe]
File Path: C:\WINDOWS\System32\smss.exe
ProcessID: 444
Priority: Normal
File Size: 44 KB
Version: 5.1.2600.1106
File Version: 5.1.2600.1106 (xpsp1.020828-1920)
Product Version: 5.1.2600.1106
Copyright: © Microsoft Corporation. All rights reserved.
Company Name: Microsoft Corporation
File Description: Windows NT Session Manager
Internal Name: smss.exe
Original Filename: smss.exe
Product Name: Microsoft® Windows® Operating System
Created on: 07/10/2003 01:00:00
Last accessed: 21/12/2004 15:56:25
Last modified: 07/10/2003 01:00:00

#2: [winlogon.exe]
File Path: C:\WINDOWS\system32\winlogon.exe
ProcessID: 704
Priority: High
File Size: 508 KB
Version: 5.1.2600.1106
File Version: 5.1.2600.1106 (xpsp1.020828-1920)
Product Version: 5.1.2600.1106
Copyright: © Microsoft Corporation. Tous droits réservés.
Company Name: Microsoft Corporation
File Description: Application d'ouverture de session Windows NT
Internal Name: winlogon
Original Filename: WINLOGON.EXE
Product Name: Système d'exploitation Microsoft® Windows®
Created on: 07/10/2003 01:00:00
Last accessed: 21/12/2004 16:08:33
Last modified: 07/10/2003 01:00:00

#3: [services.exe]
File Path: C:\WINDOWS\system32\services.exe
ProcessID: 748
Priority: Normal
File Size: 99 KB
Version: 5.1.2600.0
File Version: 5.1.2600.0 (xpclient.010817-1148)
Product Version: 5.1.2600.0
Copyright: © Microsoft Corporation. Tous droits réservés.
Company Name: Microsoft Corporation
File Description: Applications Services et Contrôleur
Internal Name: services.exe
Original Filename: services.exe
Product Name: Système d'exploitation Microsoft® Windows®
Created on: 07/10/2003 01:00:00
Last accessed: 21/12/2004 16:00:27
Last modified: 07/10/2003 01:00:00

#4: [lsass.exe]
File Path: C:\WINDOWS\system32\lsass.exe
ProcessID: 760
Priority: Normal
File Size: 11 KB
Version: 5.1.2600.1106
File Version: 5.1.2600.1106 (xpsp1.020828-1920)
Product Version: 5.1.2600.1106
Copyright: © Microsoft Corporation. All rights reserved.
Company Name: Microsoft Corporation
File Description: LSA Shell (Export Version)
Internal Name: lsass.exe
Original Filename: lsass.exe
Product Name: Microsoft® Windows® Operating System
Created on: 07/10/2003 01:00:00
Last accessed: 21/12/2004 16:00:27
Last modified: 07/10/2003 01:00:00

#5: [svchost.exe]
File Path: C:\WINDOWS\system32\svchost.exe
ProcessID: 932
Priority: Normal
File Size: 12 KB
Version: 5.1.2600.0
File Version: 5.1.2600.0 (xpclient.010817-1148)
Product Version: 5.1.2600.0
Copyright: © Microsoft Corporation. All rights reserved.
Company Name: Microsoft Corporation
File Description: Generic Host Process for Win32 Services
Internal Name: svchost.exe
Original Filename: svchost.exe
Product Name: Microsoft® Windows® Operating System
Created on: 07/10/2003 01:00:00
Last accessed: 21/12/2004 16:00:27
Last modified: 07/10/2003 01:00:00

#6: [svchost.exe]
File Path: C:\WINDOWS\System32\svchost.exe
ProcessID: 1012
Priority: Normal
File Size: 12 KB
Version: 5.1.2600.0
File Version: 5.1.2600.0 (xpclient.010817-1148)
Product Version: 5.1.2600.0
Copyright: © Microsoft Corporation. All rights reserved.
Company Name: Microsoft Corporation
File Description: Generic Host Process for Win32 Services
Internal Name: svchost.exe
Original Filename: svchost.exe
Product Name: Microsoft® Windows® Operating System
Created on: 07/10/2003 01:00:00
Last accessed: 21/12/2004 16:08:53
Last modified: 07/10/2003 01:00:00

#7: [spoolsv.exe]
File Path: C:\WINDOWS\system32\spoolsv.exe
ProcessID: 1480
Priority: Normal
File Size: 50 KB
Version: 5.1.2600.0
File Version: 5.1.2600.0 (XPClient.010817-1148)
Product Version: 5.1.2600.0
Copyright: © Microsoft Corporation. All rights reserved.
Company Name: Microsoft Corporation
File Description: Spooler SubSystem App
Internal Name: spoolsv.exe
Original Filename: spoolsv.exe
Product Name: Microsoft® Windows® Operating System
Created on: 07/10/2003 01:00:00
Last accessed: 21/12/2004 16:00:27
Last modified: 07/10/2003 01:00:00

#8: [Explorer.EXE]
File Path: C:\WINDOWS\Explorer.EXE
ProcessID: 1528
Priority: Normal
File Size: 984 KB
Version: 6.0.2800.1106
File Version: 6.00.2800.1106 (xpsp1.020828-1920)
Product Version: 6.00.2800.1106
Copyright: © Microsoft Corporation. Tous droits réservés.
Company Name: Microsoft Corporation
File Description: Explorateur Windows
Internal Name: explorer
Original Filename: EXPLORER.EXE
Product Name: Système d'exploitation Microsoft® Windows®
Created on: 07/10/2003 01:00:00
Last accessed: 21/12/2004 15:56:55
Last modified: 07/10/2003 01:00:00

#9: [AVGUARD.EXE]
File Path: C:\Program Files\AVPersonal\AVGUARD.EXE
ProcessID: 1604
Priority: Normal
File Size: 236 KB
Version: 6.29.0.3
File Version: 6.29.00.03
Product Version: 6.29.00.03
Copyright: Copyright © 1998 - 2004 by H+BEDV Datentechnik GmbH. All Rights Reserved.
Company Name: H+BEDV Datentechnik GmbH
File Description: Antivirus Service for Windows XP/2000/NT
Internal Name: NTGuard
Original Filename: Guard.exe
Product Name: Windows XP/2000/XP Guard Service
Created on: 07/12/2004 14:26:50
Last accessed: 21/12/2004 16:00:27
Last modified: 07/12/2004 14:26:50

#10: [AVWUPSRV.EXE]
File Path: C:\Program Files\AVPersonal\AVWUPSRV.EXE
ProcessID: 1616
Priority: Normal
File Size: 36 KB
Version: 6.29.0.0
File Version: 6.29.00.00
Product Version: 6.29.00.00
Copyright: Copyright © 1998 - 2004 by H+BEDV Datentechnik GmbH
Company Name: H+BEDV Datentechnik GmbH, Germany
File Description: AntiVir Software Update Service for Windows
Internal Name: AntiVir Update Service
Original Filename: AVWUpSrv.exe
Product Name: AntiVir Update Service for Windows XP, 2000, NT
Created on: 07/12/2004 14:26:50
Last accessed: 21/12/2004 15:51:34
Last modified: 07/12/2004 14:26:50

#11: [DKService.exe]
File Path: C:\Program Files\Executive Software\DiskeeperLite\DKService.exe
ProcessID: 1636
Priority: Normal
File Size: 172 KB
Version: 7.0.418.0
File Version: 7.0.418.0
Product Version: 7.0.418.0
Copyright: © 1995-2002 Executive Software Int'l, Inc.
Company Name: Executive Software International, Inc.
File Description: DKSERVICE.EXE
Internal Name: DKSERVICE
Original Filename: DKSERVICE
Product Name: Diskeeper (TM) Disk Defragmenter
Created on: 16/10/2002 20:56:00
Last accessed: 21/12/2004 16:00:27
Last modified: 16/10/2002 20:56:00

#12: [SAgent2.exe]
File Path: C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
ProcessID: 1692
Priority: Normal
File Size: 112 KB
Version: 1.2.0.0
File Version: 1, 2, 0, 0
Product Version: 1, 0, 0, 0
Copyright: Copyright (C) SEIKO EPSON CORP. 2000
Company Name: SEIKO EPSON CORPORATION
File Description: EPSON Printer Status Agent
Internal Name: SAgent2
Original Filename: SAgent2.exe
Product Name: EPSON Bidirectional Printer
Created on: 15/09/2004 11:17:59
Last accessed: 21/12/2004 16:00:27
Last modified: 17/11/2000 00:02:00

#13: [svchost.exe]
File Path: C:\WINDOWS\System32\svchost.exe
ProcessID: 1860
Priority: Normal
File Size: 12 KB
Version: 5.1.2600.0
File Version: 5.1.2600.0 (xpclient.010817-1148)
Product Version: 5.1.2600.0
Copyright: © Microsoft Corporation. All rights reserved.
Company Name: Microsoft Corporation
File Description: Generic Host Process for Win32 Services
Internal Name: svchost.exe
Original Filename: svchost.exe
Product Name: Microsoft® Windows® Operating System
Created on: 07/10/2003 01:00:00
Last accessed: 21/12/2004 16:08:53
Last modified: 07/10/2003 01:00:00

#14: [WinCtlAd.exe]
File Path: C:\Program Files\Windows ControlAd\WinCtlAd.exe
ProcessID: 360
Priority: Normal
File Size: 27 KB
Created on: 15/12/2004 02:04:01
Last accessed: 21/12/2004 16:03:49
Last modified: 15/12/2004 02:04:01

#15: [AVGNT.EXE]
File Path: C:\Program Files\AVPersonal\AVGNT.EXE
ProcessID: 724
Priority: Normal
File Size: 124 KB
Version: 6.28.0.2
File Version: 6.28.00.02
Product Version: 6.28.00.02
Copyright: Copyright © 1998 - 2004 by H+BEDV Datentechnik GmbH, Germany
Company Name: H+BEDV Datentechnik GmbH
File Description: AntiVir Guard/XP Control Program
Internal Name: AVGNT
Original Filename: AVGNT.EXE
Product Name: AntiVir Guard Control Program
Created on: 15/11/2004 12:58:40
Last accessed: 21/12/2004 15:51:34
Last modified: 15/11/2004 12:58:40

#16: [WinCtlAdAlt.exe]
File Path: C:\Program Files\Windows ControlAd\WinCtlAdAlt.exe
ProcessID: 1004
Priority: Normal
File Size: 21 KB
Created on: 15/12/2004 02:03:59
Last accessed: 21/12/2004 16:03:49
Last modified: 15/12/2004 02:03:59

#17: [BackWeb-8876480.exe]
File Path: C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
ProcessID: 1064
Priority: Normal
File Size: 20 KB
Version: 1.46.60.0
File Version: 1.46.60
Product Version: 1.46.40
Copyright: Copyright (C) Logitech 2000-2004. All rights reserved
Company Name: Logitech
File Description: Logitech Desktop Messenger
Internal Name: Logitech BackWeb Runner
Original Filename: backweb-8876480.exe
Product Name: Logitech Desktop Messenger
Created on: 09/07/2004 09:56:36
Last accessed: 21/12/2004 15:51:34
Last modified: 09/07/2004 09:51:22

#18: [rambxpfr.exe]
File Path: C:\Program Files\RamBoost XP\rambxpfr.exe
ProcessID: 1116
Priority: Idle
File Size: 1376 KB
Version: 4.0.6.277
File Version: 4.0.6.277
Product Version: 4.0.6
Copyright: copyright (c) 2003-2004 Gildas LE BOURNAULT
Company Name: Gildas LE BOURNAULT
File Description:
Internal Name:
Original Filename: rambxpfr.exe
Product Name: Ramboost XP
Created on: 04/12/2003 23:59:19
Last accessed: 21/12/2004 16:03:49
Last modified: 04/12/2003 23:59:19

#19: [devldr32.exe]
File Path: C:\WINDOWS\System32\devldr32.exe
ProcessID: 2520
Priority: Normal
File Size: 23 KB
Version: 1.0.0.17
File Version: 1, 0, 0, 17
Product Version: 1, 0, 0, 17
Copyright: Copyright (C) Creative Technology Ltd. 1998-2001
Company Name: Creative Technology Ltd.
File Description: DevLdr32
Internal Name: DevLdr
Original Filename: DevLdr32.exe
Product Name: Creative Ring3 NT Inteface
Created on: 08/05/2004 18:47:44
Last accessed: 21/12/2004 15:56:17
Last modified: 23/08/2001 17:47:34

#20: [iexplore.exe]
File Path: C:\Program Files\Internet Explorer\iexplore.exe
ProcessID: 2184
Priority: Normal
File Size: 89 KB
Version: 6.0.2800.1106
File Version: 6.00.2800.1106 (xpsp1.020828-1920)
Product Version: 6.00.2800.1106
Copyright: © Microsoft Corporation. Tous droits réservés.
Company Name: Microsoft Corporation
File Description: Internet Explorer
Internal Name: iexplore
Original Filename: IEXPLORE.EXE
Product Name: Système d'exploitation Microsoft® Windows®
Created on: 08/05/2004 17:55:27
Last accessed: 21/12/2004 16:04:28
Last modified: 07/10/2003 01:00:00

#21: [HiJack.exe]
File Path: C:\Program Files\BulletProofSoft.com\SpywareRemover\HS\HiJack.exe
ProcessID: 2388
Priority: Normal
File Size: 392 KB
Version: 2.0.0.0
File Version: 2, 0, 0, 0
Product Version: 2, 0, 0, 0
Copyright: Copyright (C) 2003
Company Name:
File Description: HiJack MFC Application
Internal Name: System Hijack Scanner
Original Filename: HiJack.EXE
Product Name: System Hijack Scanner
Created on: 26/04/2004 20:34:14
Last accessed: 21/12/2004 16:06:40
Last modified: 26/04/2004 20:34:14



System Hijack Scanner Entries:
---------------

R0 - HKCU\Software\Microsoft\Internet Explorer\Main, Start Page=about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Main, Start Page=about:blank
R0 - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search, SearchAssistant=res://C:\WINDOWS\vlesp.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main, Default_page_url=about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main, Default_search_url=res://C:\WINDOWS\vlesp.dll/sp.html#28129
R1 - HKCU\Software\Microsoft\Internet Explorer\Main, search bar=res://C:\WINDOWS\vlesp.dll/sp.html#28129
R1 - HKLM\Software\Microsoft\Internet Explorer\Main, search bar=res://C:\WINDOWS\vlesp.dll/sp.html#28129
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings, proxyOverride=localhost
R1 - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search, SearchAssistant=res://C:\WINDOWS\vlesp.dll/sp.html#28129
R3 - URLSearchHook: (no name) - {3486D353-DD52-CE8D-13DF-21EF33F536A7} - C:\WINDOWS\appyn32.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3486D353-DD52-CE8D-13DF-21EF33F536A7} - C:\WINDOWS\appyn32.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - ToolBar: 0 - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\fr\msntb.dll
O3 - ToolBar: (no name) - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - ToolBar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Zone Labs Client] "D:\Program Files\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [Windows ControlAd] C:\Program Files\Windows ControlAd\WinCtlAd.exe
O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [tcactive] C:\Program Files\The Cleaner\tca.exe
O4 - HKLM\..\Run: [tcmonitor] C:\Program Files\The Cleaner\tcm.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [RamBoostXp] C:\Program Files\RamBoost XP\rambxpfr.exe
O4 - Start Up: C:\Documents and Settings\Julien\Menu Démarrer\Programmes\Démarrage\desktop.ini
O4 - User Start Up: C:\Documents and Settings\Julien\Menu Démarrer\Programmes\Démarrage\desktop.ini
O4 - Global Start Up: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop.ini
O4 - Global Start Up: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
O4 - Global Start Up: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
O4 - Global User Start Up: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\desktop.ini
O4 - Global User Start Up: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Logitech Desktop Messenger.lnk
O4 - Global User Start Up: C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Microsoft Office.lnk
O8 - Extra Context Menu Items: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra Context Menu Items: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra Context Menu Items: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra Context Menu Items: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra Context Menu Items: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O18 - Protocol: about - {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\System32\mshtml.dll


Merci pour vos futures propositions !!!