[Virus] Infections par de multiple pub

Résolu
legras Messages postés 21 Statut Membre -  
legras Messages postés 21 Statut Membre -
[PS] : Je suis une buse dans l'informatique profonde (modif ficher et autre)
Bonjour à tous, depuis quelque semaine mon ordi me donne envie de le faire faire un vol planer par la fenêtre, il plante régulièrement des pub intempestive apparaissent fréquemment et il est de plus en plus lents. Bon la faute me reviens aussi peut être dans le fais que je n'avais pas d'antivirus durant quelque mois, et tout m'est tombé dessus d'un coup.

Souvent quand je suis sur le net, j'ai ce message d'erreur qui apparait et quand je met "Ok" ma barre de lancement (barre bleu au bas de l'écran) disparaît en bref quand je ferme toute mes fenêtre je me retrouve avec mon image de fond avec le curseur de la souris et tout ce que je peux faire c'est [CTRL]+[Alt]+[Del] :

http://img163.imageshack.us/img163/9529/erreurre0.png

J'ai notamment des pub en tout qui viennent me pourrir mon surf (Systemdoctor, WinAntiVirusPRO, et une grande page bleu avec comme titre :Error Detected), j'ai lancé Ad-Awards, Spyboot, CCleaner, mais j'ai l'impression que de plus en plus de pub m'envahisse, voici déjà mon rapport brute Hijack This :

Logfile of HijackThis v1.99.1
Scan saved at 19:15:29, on 20.12.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\DAP\DAP.EXE
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\Profiler\lwemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtWLan.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE
C:\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=https://mail.google.com/mail/&ss=1&scc=1&ltmpl=default&ltmplcache=2&emr=1&osid=1
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?pc=mssh&form=msshhp&ocid=onepro&homepage=http%3a%2f%2fwww.microsoft.com%2fisapi%2fredir.dll%3fprd%3d{SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {61C40C3D-BDD2-B627-D189-C569348CDBE4} - (no file)
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll
O3 - Toolbar: Steganos Internet Anonyme - {00000000-5736-4205-0008-2fe89c996183} - c:\program files\steganos internet anonym 7\sia7iep.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\system32\quxfwhbc.dll",setvm
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: .protected
O4 - Global Startup: .protected
O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart16.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: WG111v2 Smart Wizard Wireless Setting.lnk = ?
O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - https://www.afternic.com/domains/drivecleaner.com
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A91DEB0D-AD0D-453E-9AC8-60178EC24212} (VPlayer Control) - http://video.vividas.com/CDN1/4325_Pepsi/web/player/vivid_ocx.jpeg
O17 - HKLM\System\CCS\Services\Tcpip\..\{B7F9CDB8-BF58-4289-8669-EEA83434ED2E}: NameServer = 192.168.0.1
O18 - Protocol: bw+0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: incestuously - {03413bf7-e34c-445b-bfc0-a2b127255871} - (no file)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

Merci de votre aide prochaine et providentielle.
Configuration: Windows XP
Internet Explorer 6.0

30 réponses

  • 1
  • 2
  1. Utilisateur anonyme
     
    Bonjour

    Poste aussi ces rapports.

    $ Télécharge SmitfraudFix de S!Ri:
    http://siri.urz.free.fr/Fix/SmitfraudFix.php
    Tu le dézippes sur le Bureau.
    Tu ouvres SmitfraudFix, tu double cliques sur SmitfraudFix.cmd et tu choisis l’option 1
    Postes le rapport.

    $ Télécharge Blacklight (de F-Secure) et sauvegarde le sur ton Bureau.
    https://www.f-secure.com/en
    Clique sur "I ACCEPT" au bas de la page. Sauvegarde le sur ton Bureau.

    Double-clique blbeta.exe et accepte la licence; clique Scan puis Next

    Tu verras une liste de fichiers détectés apparaître. Tu verras également un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres)

    Copie et colle le contenu de ce rapport dans ta prochaine réponse.
    0
  2. legras Messages postés 21 Statut Membre
     
    Alors voila le rapport de Smitfraud :

    SmitFraudFix v2.131

    Rapport fait à 19:20:57.03, 20.12.2006
    Executé à partir de C:\Documents and Settings\Wxp\Bureau\SmitfraudFix
    OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
    Le type du système de fichiers est NTFS
    Fix executé en mode normal

    »»»»»»»»»»»»»»»»»»»»»»»» C:\

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

    C:\WINDOWS\.protected PRESENT !

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

    C:\WINDOWS\system32\impgsje.dll PRESENT !
    C:\WINDOWS\system32\ot.ico PRESENT !
    C:\WINDOWS\system32\components\flx?.dll PRESENT !
    C:\WINDOWS\system32\components\flx??.dll PRESENT !
    C:\WINDOWS\system32\components\flx???.dll PRESENT !

    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Wxp

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Wxp\Application Data

    »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

    C:\DOCUME~1\Wxp\MENUDM~1\PROGRA~1\DMARRA~1\.protected PRESENT !
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\Online Security Guide.url PRESENT !
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\Security Troubleshooting.url PRESENT !
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\DMARRA~1\.protected PRESENT !

    »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Wxp\Favoris

    »»»»»»»»»»»»»»»»»»»»»»»» Bureau

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

    C:\Program Files\SpyQuake2.com\ PRESENT !

    »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

    »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
    "Source"="C:\\Documents and Settings\\Wxp\\Mes documents\\Mes images\\avatar48290_5.gif"
    "SubscribedURL"="C:\\Documents and Settings\\Wxp\\Mes documents\\Mes images\\avatar48290_5.gif"
    "FriendlyName"=""

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\1]
    "Source"="g:\\Fond d'‚crant\\index.htm"
    "SubscribedURL"="g:\\Fond d'‚crant\\index.htm"
    "FriendlyName"="Rumble Roses"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\2]
    "Source"="C:\\WINDOWS\\SideBar\\sidebar\\index.html"
    "SubscribedURL"="C:\\WINDOWS\\SideBar\\sidebar\\index.html"
    "FriendlyName"="Longhorn SideBar"

    »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    "incestuously"="{03413bf7-e34c-445b-bfc0-a2b127255871}"

    »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLs"=""

    »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "System"=""

    »»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32

    »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

    »»»»»»»»»»»»»»»»»»»»»»»» Fin

    Et Blacklist

    12/20/06 19:22:16 [Info]: BlackLight Engine 1.0.47 initialized
    12/20/06 19:22:16 [Info]: OS: 5.1 build 2600 (Service Pack 2)
    12/20/06 19:22:16 [Note]: 7019 4
    12/20/06 19:22:16 [Note]: 7005 0
    12/20/06 19:22:54 [Note]: 7006 0
    12/20/06 19:22:54 [Note]: 7011 3312
    12/20/06 19:22:54 [Note]: 7026 0
    12/20/06 19:22:54 [Note]: 7026 0
    12/20/06 19:23:02 [Note]: FSRAW library version 1.7.1020
    12/20/06 19:27:27 [Note]: 4020 29 65536
    12/20/06 19:27:27 [Note]: 4018 29 65536
    12/20/06 19:27:27 [Note]: 4013 21461
    12/20/06 19:27:27 [Note]: 4020 29 65536
    12/20/06 19:27:27 [Note]: 4018 29 65536
    12/20/06 19:27:27 [Note]: 4020 29 65536
    12/20/06 19:27:27 [Note]: 4018 29 65536
    12/20/06 19:27:27 [Note]: 4013 21461
    12/20/06 19:27:27 [Note]: 4020 29 65536
    12/20/06 19:27:27 [Note]: 4018 29 65536
    12/20/06 19:28:24 [Note]: 2000 1012
    12/20/06 19:54:01 [Note]: 7007 0

    Voila, euh je vous laisse lire tous cela car pour moi c'est du chinois :D .
    0
  3. Utilisateur anonyme
     
    juste tite question pour chercheur bis

    O18 c'est bien la ligne ou l'on trouve des Pirates de protocole et de protocoles additionnels?

    question serieus aps un de ses test stupide mais juste un trous de memoire
    0
    1. Utilisateur anonyme
       
      Oui, on peut trouver des pirates.

      Mais comme ici, il y a aussi des lignes légitimes, parfois inutiles

      En cas de doute
      http://www.castlecops.com/O18.html
      0
      1. Utilisateur anonyme > Utilisateur anonyme
         
        mercie beaucoup pour le lien il me sera tres untile
        0
  4. Utilisateur anonyme
     
    Re

    * Télécharge
    AVG Anti-Spyware
    https://www.avg.com/en-ww/free-antivirus-download
    Tu l'installes.
    Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente

    CCleaner.
    http://www.filehippo.com/download_ccleaner.html
    Installe le dans un répertoire dédié.

    * Redémarre en mode sans échec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
    Démarres l'ordinateur.
    Une fois le chargement du BIOS terminé, il y a un écran noir. Appuyes sur la touche F8 ou F5 jusqu'à l'affichage du menu des options avancées de Windows.
    En utilisant les touches du curseur, sélectionnes le mode sans échec approprié et appuyes sur Entrée.

    * Relances SmitfraudFix et choisis cette fois l’option 2 et réponds oui à tout.

    * Lance le nettoyage avec CCleaner.

    * Lance AVG Anti-Spyware
    Clique sur le bouton Analyse (de la barre d'outils)
    Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantine.
    Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
    A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas.
    Clique sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.

    * Redémarres normalement et communiques le deuxième rapport de SmitfraudFix, celui d'AVG Anti-Spyware avec un nouveau rapport Hijackthis.
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. legras Messages postés 21 Statut Membre
     
    Ok merci Chercheur, je vais voir si j'ai le temps de faire cela demain soir. Mais j'ai déjà essayé de démarer en mode sans échec, mais l'ordi se bloque juste après la sélection, l'écrant est tout noir il y a juste un curseur qui clignote en haut à gauche, je ne pense pas que ce soit normale.

    Mais je vous en dis plus vendredi soir maximum.
    0
    1. Lyonnais92 Messages postés 25708 Statut Contributeur sécurité 1 537
       
      Bonsoir,

      Non, c'est normal.

      Le démarrage peut prendre pas mal de temps.

      Va prendre un café tranquille.

      Bon, au bout de 30 mn, il y a du souci à se faire.

      Bonne suite.
      0
  7. Utilisateur anonyme
     
    Re

    Si le mode sans échec ne fonctionne pas, fais la manip en mode normal.
    Dans ce cas, il y auras peut être un redémarrage après SmitfraudFix.
    0
  8. legras Messages postés 21 Statut Membre
     
    Alors voila c'est enfin fais, en effet le mode sans échec met 5min pour se lancer, mais au moment ou il me demande si je veux continuer en sans échec ou revenir en normale il ne m'affiche juste l'écrant avec "mode sans échec" écrit dans les coins et c'est tout. Bon bref je me suis mis en mode normal et fais ce que tu m'asdis alors voila les rapports (a oui je n'ai pas redémarré après le SmitfraudFix) :

    Rapport de Smit :

    SmitFraudFix v2.131

    Rapport fait à 17:34:44.50, 22.12.2006
    Executé à partir de C:\Documents and Settings\Wxp\Bureau\SmitfraudFix
    OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
    Le type du système de fichiers est NTFS
    Fix executé en mode normal

    »»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    "incestuously"="{03413bf7-e34c-445b-bfc0-a2b127255871}"

    »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus

    »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

    GenericRenosFix by S!Ri

    »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

    C:\WINDOWS\.protected supprimé
    C:\WINDOWS\system32\impgsje.dll supprimé
    C:\WINDOWS\system32\ot.ico supprimé
    C:\WINDOWS\system32\components\flx?.dll supprimé
    C:\DOCUME~1\Wxp\MENUDM~1\PROGRA~1\DMARRA~1\.protected supprimé
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\Online Security Guide.url supprimé
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\Security Troubleshooting.url supprimé
    C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1\DMARRA~1\.protected supprimé
    C:\Program Files\SpyQuake2.com\ supprimé

    »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires

    »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "System"=""

    »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

    Nettoyage terminé.

    »»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
    !!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    »»»»»»»»»»»»»»»»»»»»»»»» Fin

    Rapport d'AVG :

    ---------------------------------------------------------
    AVG Anti-Spyware - Rapport d'analyse
    ---------------------------------------------------------

    + Créé à: 18:18:27 22.12.2006

    + Résultat de l'analyse:

    HKU\S-1-5-21-823518204-2147279641-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{39F25B12-74FF-4079-A51F-1D70F5B08B84} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
    C:\Program Files\Fichiers communs\{84B2DB13-0C7E-1036-0924-040307090029}\system.dll -> Adware.Softomate : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP702\A0190016.dll -> Adware.Softomate : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP702\A0190018.exe -> Adware.Softomate : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP710\A0191384.exe -> Adware.Softomate : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP722\A0192639.exe -> Adware.Softomate : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP710\A0191352.dll -> Adware.Virtumonde : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP710\A0191353.dll -> Adware.Virtumonde : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP710\A0191354.dll -> Adware.Virtumonde : Nettoyé et sauvegardé (mise en quarantaine).
    C:\WINDOWS\system32\fccbyvw.dll -> Adware.Virtumonde : Nettoyé et sauvegardé (mise en quarantaine).
    C:\WINDOWS\system32\hggdccy.dll -> Adware.Virtumonde : Nettoyé et sauvegardé (mise en quarantaine).
    C:\WINDOWS\system32\rqrrrpq.dll -> Adware.Virtumonde : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP703\A0190022.exe -> Downloader.Purit.co : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP688\A0185222.exe -> Downloader.Zlob.aes : Nettoyé et sauvegardé (mise en quarantaine).
    C:\WINDOWS\system32\isnotify.0xe -> Downloader.Zlob.aew : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP684\A0178279.exe -> Dropper.DollarR.b : Nettoyé et sauvegardé (mise en quarantaine).
    C:\WINDOWS\Downloaded Program Files\CONFLICT.1\USDR6V_0001_D18M3107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : Nettoyé et sauvegardé (mise en quarantaine).
    C:\WINDOWS\Downloaded Program Files\USDR6V_0001_D18M3107NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.l : Nettoyé et sauvegardé (mise en quarantaine).
    C:\WINDOWS\Downloaded Program Files\CONFLICT.1\UDC6V_0001_D19M0709NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Nettoyé et sauvegardé (mise en quarantaine).
    C:\WINDOWS\Downloaded Program Files\CONFLICT.2\UDC6V_0001_D19M0709NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Nettoyé et sauvegardé (mise en quarantaine).
    C:\WINDOWS\Downloaded Program Files\CONFLICT.3\UDC6V_0001_D19M0709NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Nettoyé et sauvegardé (mise en quarantaine).
    C:\WINDOWS\Downloaded Program Files\CONFLICT.4\UDC6V_0001_D19M0709NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Nettoyé et sauvegardé (mise en quarantaine).
    C:\WINDOWS\Downloaded Program Files\CONFLICT.5\UDC6V_0001_D19M0709NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Nettoyé et sauvegardé (mise en quarantaine).
    C:\WINDOWS\Downloaded Program Files\CONFLICT.6\UDC6V_0001_D19M0709NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Nettoyé et sauvegardé (mise en quarantaine).
    C:\WINDOWS\Downloaded Program Files\UDC6V_0001_D19M0709NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Nettoyé et sauvegardé (mise en quarantaine).
    C:\WINDOWS\system32\drvtoh.dll -> Not-A-Virus.Hoax.Win32.Renos.fw : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP659\A0165512.exe -> Proxy.Horst.jq : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP660\A0166152.exe -> Proxy.Horst.jq : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP660\A0166501.exe -> Proxy.Horst.jq : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP671\A0172893.exe -> Proxy.Horst.kq : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP671\A0172907.exe -> Proxy.Horst.kq : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP671\A0172931.exe -> Proxy.Horst.kq : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP672\A0172936.exe -> Proxy.Horst.kq : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP672\A0172963.exe -> Proxy.Horst.kq : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP672\A0172987.exe -> Proxy.Horst.kq : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP676\A0173191.exe -> Proxy.Horst.kq : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP676\A0173216.exe -> Proxy.Horst.kq : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP677\A0173220.exe -> Proxy.Horst.kq : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP677\A0173235.exe -> Proxy.Horst.kq : Nettoyé et sauvegardé (mise en quarantaine).
    C:\Program Files\VSAdd-in\VSAdd-in.dll -> Trojan.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP722\A0192640.dll -> Trojan.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP722\A0192652.dll -> Trojan.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP722\A0192684.dll -> Trojan.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP723\A0192715.dll -> Trojan.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP728\A0193250.dll -> Trojan.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP728\A0193276.dll -> Trojan.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP729\A0194276.dll -> Trojan.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP729\A0194376.dll -> Trojan.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP729\A0194484.dll -> Trojan.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP730\A0194490.dll -> Trojan.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP730\A0194513.dll -> Trojan.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP731\A0194567.dll -> Trojan.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP732\A0197484.dll -> Trojan.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP732\A0198484.dll -> Trojan.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP736\A0198746.dll -> Trojan.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP736\A0198907.dll -> Trojan.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP736\A0198931.dll -> Trojan.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP736\A0200566.dll -> Trojan.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP736\A0200605.dll -> Trojan.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP737\A0200704.dll -> Trojan.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP737\A0200729.dll -> Trojan.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP738\A0200821.dll -> Trojan.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP738\A0201729.dll -> Trojan.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP739\A0201844.dll -> Trojan.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP739\A0201864.dll -> Trojan.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP739\A0203961.dll -> Trojan.Agent.acl : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP651\A0160069.exe -> Trojan.Agent.xu : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP652\A0160107.exe -> Trojan.Agent.xu : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP659\A0162540.exe -> Trojan.Agent.xu : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP659\A0164498.exe -> Trojan.Agent.xu : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP702\A0190019.dll -> Trojan.LuckyBar888.a : Nettoyé et sauvegardé (mise en quarantaine).
    C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP710\A0191385.dll -> Trojan.LuckyBar888.a : Nettoyé et sauvegardé (mise en quarantaine).
    C:\WINDOWS\system32\wtssvit.exe -> Trojan.Small : Nettoyé et sauvegardé (mise en quarantaine).

    Fin du rapport

    Et enfin celui de Hijackthis :

    Logfile of HijackThis v1.99.1
    Scan saved at 18:23:51, on 22.12.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\SYSTEM32\Ati2evxx.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\UAService7.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\PROGRA~1\DAP\DAP.EXE
    C:\Program Files\Messenger Plus! 3\MsgPlus.exe
    C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Logitech\Profiler\lwemon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtWLan.exe
    C:\WINDOWS\system32\svchost.exe
    C:\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {61C40C3D-BDD2-B627-D189-C569348CDBE4} - (no file)
    O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll
    O3 - Toolbar: Steganos Internet Anonyme - {00000000-5736-4205-0008-2fe89c996183} - c:\program files\steganos internet anonym 7\sia7iep.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\system32\qvlaojwx.dll",setvm
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart16.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: WG111v2 Smart Wizard Wireless Setting.lnk = ?
    O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
    O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - https://www.afternic.com/domains/drivecleaner.com
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {A91DEB0D-AD0D-453E-9AC8-60178EC24212} (VPlayer Control) - http://video.vividas.com/CDN1/4325_Pepsi/web/player/vivid_ocx.jpeg
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B7F9CDB8-BF58-4289-8669-EEA83434ED2E}: NameServer = 192.168.0.1
    O18 - Protocol: bw+0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe

    Dans l'attente de votre futur réponse je vous remercie déjà, du temps que vous aller accorder à mon problème.
    0
  9. Utilisateur anonyme
     
    Re

    Le rapport d'AVG montre une infection Vundo.

    Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
    http://www.atribune.org/ccount/click.php?id=4

    * Double-clique VundoFix.exe afin de le lancer.
    * Lorsque l'outil se lance à nouveau, clique sur le bouton Scan for Vundo
    * Clique sur le bouton Scan for Vundo.
    * Lorsque le scan est complété, clique sur le bouton Remove Vundo
    * Une invite te demandera si tu veux supprimer les fichiers, clique YES
    * Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
    * Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown"); clique OK
    * Démarre ton PC à nouveau.
    * Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse.

    Note Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".
    0
  10. legras Messages postés 21 Statut Membre
     
    Le rapport de VundoFix :

    VundoFix V6.2.13

    Checking Java version...

    Java version is 1.5.0.6

    Java version is 1.5.0.9

    Scan started at 19:46:52 22.12.2006

    Listing files found while scanning....

    C:\WINDOWS\system32\cgevzkd.dll
    C:\WINDOWS\system32\lctsupj.dll
    C:\WINDOWS\system32\qrbddqi.dll
    C:\WINDOWS\system32\ufkxftn.dll
    C:\WINDOWS\system32\urwzhx.dll
    C:\WINDOWS\system32\vtsqq.dll
    C:\WINDOWS\system32\qqstv.ini
    C:\WINDOWS\system32\qqstv.bak1
    C:\WINDOWS\system32\qqstv.bak2
    C:\WINDOWS\system32\qqstv.ini2
    C:\WINDOWS\system32\qqstv.tmp
    C:\WINDOWS\system32\xzzlbgi.dll
    C:\WINDOWS\system32\yzivngl.dll
    C:\WINDOWS\system32\vtsqq.dll
    C:\WINDOWS\system32\qqstv.ini
    C:\WINDOWS\system32\qqstv.bak1
    C:\WINDOWS\system32\qqstv.bak2
    C:\WINDOWS\system32\qqstv.ini2
    C:\WINDOWS\system32\qqstv.tmp
    C:\WINDOWS\system32\qqstv.ini
    C:\WINDOWS\system32\qqstv.bak1
    C:\WINDOWS\system32\qqstv.bak2
    C:\WINDOWS\system32\qqstv.ini2
    C:\WINDOWS\system32\qqstv.tmp

    Beginning removal...

    Attempting to delete C:\WINDOWS\system32\cgevzkd.dll
    C:\WINDOWS\system32\cgevzkd.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\lctsupj.dll
    C:\WINDOWS\system32\lctsupj.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\qrbddqi.dll
    C:\WINDOWS\system32\qrbddqi.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\ufkxftn.dll
    C:\WINDOWS\system32\ufkxftn.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\urwzhx.dll
    C:\WINDOWS\system32\urwzhx.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\vtsqq.dll
    C:\WINDOWS\system32\vtsqq.dll Could not be deleted.

    Attempting to delete C:\WINDOWS\system32\qqstv.ini
    C:\WINDOWS\system32\qqstv.ini Has been deleted!

    Attempting to delete C:\WINDOWS\system32\qqstv.bak1
    C:\WINDOWS\system32\qqstv.bak1 Has been deleted!

    Attempting to delete C:\WINDOWS\system32\qqstv.bak2
    C:\WINDOWS\system32\qqstv.bak2 Has been deleted!

    Attempting to delete C:\WINDOWS\system32\qqstv.ini2
    C:\WINDOWS\system32\qqstv.ini2 Has been deleted!

    Attempting to delete C:\WINDOWS\system32\qqstv.tmp
    C:\WINDOWS\system32\qqstv.tmp Has been deleted!

    Attempting to delete C:\WINDOWS\system32\xzzlbgi.dll
    C:\WINDOWS\system32\xzzlbgi.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\yzivngl.dll
    C:\WINDOWS\system32\yzivngl.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\vtsqq.dll
    C:\WINDOWS\system32\vtsqq.dll Could not be deleted.

    Performing Repairs to the registry.
    Done!

    Beginning removal...

    Attempting to delete C:\WINDOWS\system32\vtsqq.dll
    C:\WINDOWS\system32\vtsqq.dll Has been deleted!

    Performing Repairs to the registry.
    Done!

    Et celui de Hijack :

    Logfile of HijackThis v1.99.1
    Scan saved at 20:15:35, on 22.12.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\SYSTEM32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\system32\UAService7.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\PROGRA~1\DAP\DAP.EXE
    C:\Program Files\Messenger Plus! 3\MsgPlus.exe
    C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Logitech\Profiler\lwemon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtWLan.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
    C:\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=https://mail.google.com/mail/&ss=1&scc=1&ltmpl=default&ltmplcache=2&emr=1&osid=1
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {61C40C3D-BDD2-B627-D189-C569348CDBE4} - (no file)
    O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\PROGRA~1\DAP\dapbho.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {0964344D-C233-DAF1-2ADC-08C2A8D60810} - C:\WINDOWS\system32\hptukyk.dll
    O2 - BHO: (no name) - {2527DC3F-C7A0-CF37-33EA-0525C1600A34} - C:\WINDOWS\system32\quqrbkl.dll
    O2 - BHO: (no name) - {36068946-CD51-1AC7-C4AD-044557583146} - C:\WINDOWS\system32\lctsupj.dll (file missing)
    O2 - BHO: (no name) - {3FD6B99C-A275-46ea-8FD1-3D63986E51E4} - C:\WINDOWS\system32\hpvekfro.dll
    O2 - BHO: (no name) - {42E53C82-E11D-E01B-A428-084851DB6947} - C:\WINDOWS\system32\yzivngl.dll (file missing)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
    O2 - BHO: (no name) - {61E91E9C-BF33-6A6A-7BFC-00B25F19A7AE} - C:\WINDOWS\system32\urwzhx.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: (no name) - {D60B6578-737A-4422-99B4-0ABEDEBA0C17} - C:\WINDOWS\system32\vtsqq.dll (file missing)
    O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll
    O3 - Toolbar: Steganos Internet Anonyme - {00000000-5736-4205-0008-2fe89c996183} - c:\program files\steganos internet anonym 7\sia7iep.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\system32\qvlaojwx.dll",setvm
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart16.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: WG111v2 Smart Wizard Wireless Setting.lnk = ?
    O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
    O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - https://www.afternic.com/domains/drivecleaner.com
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {A91DEB0D-AD0D-453E-9AC8-60178EC24212} (VPlayer Control) - http://video.vividas.com/CDN1/4325_Pepsi/web/player/vivid_ocx.jpeg
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B7F9CDB8-BF58-4289-8669-EEA83434ED2E}: NameServer = 192.168.0.1
    O18 - Protocol: bw+0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: wingdm32 - wingdm32.dll (file missing)
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
    0
  11. Utilisateur anonyme
     
    Re

    Un grand ménage viens d'être fait.

    On continue

    $$ [*]Double-clique VundoFix.exe afin de le lancer.
    [*]Fais un clic droit dans la fenêtre blanche et clique "Add more files?"
    [*]Dans la nouvelle fenêtre qui apparait, Copie/colle le chemin du fichier suivant dans la première case (au haut):

    C:\WINDOWS\system32\qvlaojwx.dll

    [*]Clique sur le bouton "Add File(s)"
    [*]Clique sur le bouton "Close Window".
    [*]Clique à nouveau sur "Remove Vundo"
    [*]Une invite te demandera si tu veux supprimer les fichiers, clique YES
    [*]Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
    [*]Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown"); clique OK
    [*]Démarre ton PC à nouveau.

    $$ Télécharge DiagHelp.zip (de Malekal_Morte) sur ton bureau
    http://www.malekal.com/download/DiagHelp.zip
    - Fais un clic droit sur le fichier et extraire tout
    - Un nouveau dossier chercher va être créé DiagHelp
    - Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)
    - Une fenêtre va s'ouvrir, choisis l'option 1
    - L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande
    - A la fin de l'analyse, il te sera redemandé de redémarrer l'ordinateur... Une fois l'ordinateur redémarré le rapport va apparaître sur le bloc-note.. Ce dernier se trouve sur C:\resultat.txt

    - Copie/colle le contenu du bloc-note avec le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse.
    0
  12. legras Messages postés 21 Statut Membre
     
    Alors c'est fais, mais maintenant quand je redémare mon ordi il me dis que le *.dll pour le fichier qvlaojwx.dll est introuvable. Et petite question c'est quoi un Vundo ?

    Voici le rapport Diaghelp :

    C:\WINDOWS\System32\wpa.dbl -->23.12.2006 11:03:15
    C:\WINDOWS\System32\perfh00C.dat -->23.12.2006 10:56:18
    C:\WINDOWS\System32\perfh009.dat -->23.12.2006 10:56:18
    C:\WINDOWS\System32\perfc00C.dat -->23.12.2006 10:56:18
    C:\WINDOWS\System32\perfc009.dat -->23.12.2006 10:56:18
    C:\WINDOWS\System32\PerfStringBackup.INI -->23.12.2006 10:56:17
    C:\WINDOWS\System32\xwjoalvq.ini -->23.12.2006 10:45:05
    C:\WINDOWS\System32\odtpfici.dll -->22.12.2006 19:44:58
    C:\WINDOWS\System32\oprsgstw.exe -->22.12.2006 19:44:54
    C:\WINDOWS\System32\astpbqig.exe -->22.12.2006 19:20:47
    C:\WINDOWS\System32\wbqmyces.dll -->22.12.2006 19:20:41
    C:\WINDOWS\System32\ynktjcxl.exe -->22.12.2006 18:22:33
    C:\WINDOWS\System32\axgvpryj.dll -->22.12.2006 18:22:27
    C:\WINDOWS\System32\njimnfjf.dll -->22.12.2006 17:37:06
    C:\WINDOWS\System32\cdjwyfix.exe -->22.12.2006 17:37:03
    C:\WINDOWS\System32\tmp.txt -->22.12.2006 17:34:49
    C:\WINDOWS\System32\tmp.reg -->22.12.2006 17:34:49
    C:\WINDOWS\System32\dowllovy.exe -->22.12.2006 17:33:55
    C:\WINDOWS\System32\cpdymfnb.dll -->22.12.2006 17:33:49
    C:\WINDOWS\System32\cbhwfxuq.ini -->22.12.2006 17:33:08
    C:\WINDOWS\System32\muaktpvk.dll -->22.12.2006 17:02:57
    C:\WINDOWS\System32\cgfvpsjm.exe -->22.12.2006 17:02:52
    C:\WINDOWS\System32\stuctgge.exe -->21.12.2006 19:03:25
    C:\WINDOWS\System32\efvnvkme.dll -->21.12.2006 19:03:21
    C:\WINDOWS\System32\cvfginer.dll -->20.12.2006 22:39:03

    C:\WINDOWS\WindowsUpdate.log -->23.12.2006 11:03:06
    C:\WINDOWS\bootstat.dat -->23.12.2006 11:03:00
    C:\WINDOWS\SchedLgU.Txt -->23.12.2006 01:24:06
    C:\WINDOWS\cdPlayer.ini -->26.11.2006 14:29:21
    C:\WINDOWS\Thumbs.db -->19.11.2006 16:47:33
    C:\WINDOWS\SWPRODPB.INI -->06.11.2006 23:17:10
    C:\WINDOWS\system.ini -->06.11.2006 22:46:44
    C:\WINDOWS\cserve.ini -->01.11.2006 21:44:14
    C:\WINDOWS\WMSysPr9.prx -->04.10.2006 19:46:53
    C:\WINDOWS\mngui.INI -->28.09.2006 10:43:09
    C:\WINDOWS\pavsig.txt -->08.09.2006 19:57:38
    C:\WINDOWS\BricoPackFoldersDelete.cmd -->12.08.2006 16:08:45
    C:\WINDOWS\BricoPackUninst.txt -->12.08.2006 16:08:44
    C:\WINDOWS\BricoPackUninst.cmd -->12.08.2006 16:08:44
    C:\WINDOWS\BricoPack Wallpaper.bmp -->12.08.2006 16:08:35

    C:\WINDOWS\ALCFDRTM.EXE |03/01/2002 17:07:42
    C:\WINDOWS\alcrmv.exe |28/10/2004 16:12:26
    C:\WINDOWS\alcupd.exe |28/10/2004 16:12:26
    C:\WINDOWS\bwUnin-6.1.4.68-8876480L.exe |02/07/2005 17:43:37
    C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe |17/07/2005 18:21:58
    C:\WINDOWS\bwUnin-7.2.0.157-8876480SL.exe |02/04/2006 17:45:49
    C:\WINDOWS\GPInstall.exe |09/02/2005 17:57:37
    C:\WINDOWS\IsUn040c.exe |28/10/2004 15:57:55
    C:\WINDOWS\IsUninst.exe |28/10/2004 15:45:05
    C:\WINDOWS\iun6002.exe |20/07/2005 20:25:04
    C:\WINDOWS\ScUnin.exe |24/09/2005 13:02:20
    C:\WINDOWS\Setup1.exe |18/12/2004 13:14:19
    C:\WINDOWS\slrundll.exe |28/10/2004 15:27:29
    C:\WINDOWS\SOUNDMAN.EXE |28/10/2004 16:12:34
    C:\WINDOWS\twunk_16.exe |24/04/2003 13:00:00
    C:\WINDOWS\twunk_32.exe |24/04/2003 13:00:00
    C:\WINDOWS\una2setup.exe |06/12/2004 20:06:03
    C:\WINDOWS\unADesktop.exe |14/01/2005 15:43:51
    C:\WINDOWS\unin040c.exe |16/02/2005 17:56:29
    C:\WINDOWS\uninst.exe |18/08/2005 16:50:31
    C:\WINDOWS\USBK700iphmgunin.exe |04/01/2002 19:44:54
    C:\WINDOWS\twain.dll |24/04/2003 13:00:00
    C:\WINDOWS\twain_32.dll |24/04/2003 13:00:00
    C:\WINDOWS\system32\AcSignOpt.exe |05/03/2005 13:18:15
    C:\WINDOWS\system32\agfherdb.exe |12/11/2006 15:22:35
    C:\WINDOWS\system32\amwskrut.exe |02/12/2006 10:10:42
    C:\WINDOWS\system32\aolelmeq.exe |09/11/2006 22:22:04
    C:\WINDOWS\system32\append.exe |24/04/2003 13:00:00
    C:\WINDOWS\system32\aqusnwid.exe |06/11/2006 20:39:32
    C:\WINDOWS\system32\astpbqig.exe |22/12/2006 19:20:44
    C:\WINDOWS\system32\asuninst.exe |23/01/2006 20:11:05
    C:\WINDOWS\system32\aswBoot.exe |02/11/2006 22:11:06
    C:\WINDOWS\system32\ati2evxx.exe |29/09/2004 07:16:44
    C:\WINDOWS\system32\Ati2mdxx.exe |29/09/2004 07:18:28
    C:\WINDOWS\system32\ati2sgag.exe |28/10/2004 16:20:39
    C:\WINDOWS\system32\audimhij.exe |12/11/2006 20:54:38
    C:\WINDOWS\system32\aupgnxlj.exe |10/11/2006 20:51:01
    C:\WINDOWS\system32\bbjudflx.exe |18/11/2006 23:08:54
    C:\WINDOWS\system32\bddoirhx.exe |08/11/2006 17:47:18
    C:\WINDOWS\system32\bifvcaqc.exe |23/11/2006 22:57:34
    C:\WINDOWS\system32\bldhynhq.exe |05/12/2006 17:35:24
    C:\WINDOWS\system32\bnyvvhbm.exe |07/12/2006 22:10:45
    C:\WINDOWS\system32\cdjwyfix.exe |22/12/2006 17:37:02
    C:\WINDOWS\system32\cfvbcrlo.exe |17/12/2006 13:25:22
    C:\WINDOWS\system32\cgfvpsjm.exe |22/12/2006 17:02:51
    C:\WINDOWS\system32\cgtyqlrr.exe |18/11/2006 22:50:05
    C:\WINDOWS\system32\cjgiktsa.exe |23/11/2006 22:57:43
    C:\WINDOWS\system32\ckxhgpdf.exe |18/11/2006 23:02:29
    C:\WINDOWS\system32\crdwqqep.exe |12/11/2006 16:53:27
    C:\WINDOWS\system32\ddvvohgd.exe |09/11/2006 22:21:49
    C:\WINDOWS\system32\debug.exe |24/04/2003 13:00:00
    C:\WINDOWS\system32\difwtfvm.exe |11/11/2006 12:49:52
    C:\WINDOWS\system32\dikmwqyc.exe |11/11/2006 10:54:21
    C:\WINDOWS\system32\dmgr2.exe |25/03/2005 20:32:41
    C:\WINDOWS\system32\dosx.exe |24/04/2003 13:00:00
    C:\WINDOWS\system32\dowllovy.exe |22/12/2006 17:33:54
    C:\WINDOWS\system32\dqacyhwy.exe |11/11/2006 09:40:54
    C:\WINDOWS\system32\dqxktplr.exe |18/12/2006 19:14:24
    C:\WINDOWS\system32\dtsijbas.exe |18/12/2006 18:58:30
    C:\WINDOWS\system32\duajsngx.exe |01/12/2006 19:03:55
    C:\WINDOWS\system32\dunxmasq.exe |26/11/2006 12:12:15
    C:\WINDOWS\system32\duoollxq.exe |23/11/2006 23:11:12
    C:\WINDOWS\system32\dvdplay.exe |23/08/2001 18:47:34
    C:\WINDOWS\system32\dwarqyok.exe |04/12/2006 18:08:52
    C:\WINDOWS\system32\ealavluy.exe |20/12/2006 18:15:00
    C:\WINDOWS\system32\edeeccww.exe |12/11/2006 20:47:27
    C:\WINDOWS\system32\edlin.exe |24/04/2003 13:00:00
    C:\WINDOWS\system32\elsdjceh.exe |11/11/2006 09:40:23
    C:\WINDOWS\system32\eoffqsqk.exe |22/11/2006 20:45:25
    C:\WINDOWS\system32\exe2bin.exe |24/04/2003 13:00:00
    C:\WINDOWS\system32\exrkvkgu.exe |11/12/2006 18:15:41
    C:\WINDOWS\system32\fastopen.exe |24/04/2003 13:00:00
    C:\WINDOWS\system32\fopwmgdy.exe |03/11/2006 18:22:53
    C:\WINDOWS\system32\fskmtsbm.exe |08/12/2006 17:59:51
    C:\WINDOWS\system32\ftboxnxl.exe |16/11/2006 17:48:03
    C:\WINDOWS\system32\fvsidooy.exe |05/11/2006 18:30:43
    C:\WINDOWS\system32\gardhtfc.exe |20/11/2006 06:21:56
    C:\WINDOWS\system32\gktfxipw.exe |10/12/2006 13:54:39
    C:\WINDOWS\system32\gncopicl.exe |28/11/2006 17:42:14
    C:\WINDOWS\system32\gobrxtwv.exe |21/11/2006 17:41:10
    C:\WINDOWS\system32\guxarogi.exe |17/12/2006 18:04:27
    C:\WINDOWS\system32\gvopwqdu.exe |25/11/2006 20:39:11
    C:\WINDOWS\system32\gyjqeywt.exe |15/12/2006 19:15:29
    C:\WINDOWS\system32\hgcddihu.exe |19/11/2006 23:21:40
    C:\WINDOWS\system32\hjqqbfii.exe |12/11/2006 15:22:21
    C:\WINDOWS\system32\hsrjerlt.exe |27/11/2006 20:35:08
    C:\WINDOWS\system32\hxdfpeav.exe |25/11/2006 20:29:13
    C:\WINDOWS\system32\ikicnabt.exe |17/11/2006 18:52:57
    C:\WINDOWS\system32\imonihvr.exe |08/12/2006 22:51:10
    C:\WINDOWS\system32\itdgccxx.exe |12/12/2006 17:39:48
    C:\WINDOWS\system32\iuviiqct.exe |23/11/2006 22:05:02
    C:\WINDOWS\system32\java.exe |13/11/2006 18:41:29
    C:\WINDOWS\system32\javaw.exe |13/11/2006 18:41:29
    C:\WINDOWS\system32\javaws.exe |13/11/2006 18:41:29
    C:\WINDOWS\system32\jkrmhoip.exe |26/11/2006 23:14:15
    C:\WINDOWS\system32\katadsql.exe |16/12/2006 11:44:36
    C:\WINDOWS\system32\krplutvf.exe |25/11/2006 15:36:46
    C:\WINDOWS\system32\ksmnegtd.exe |18/12/2006 19:48:40
    C:\WINDOWS\system32\kunweeey.exe |29/11/2006 18:46:32
    C:\WINDOWS\system32\kvrmyshi.exe |06/11/2006 21:22:31
    C:\WINDOWS\system32\ldguntat.exe |26/11/2006 18:37:33
    C:\WINDOWS\system32\lvvoqgqi.exe |05/11/2006 18:27:03
    C:\WINDOWS\system32\mcldsfkv.exe |12/11/2006 20:54:29
    C:\WINDOWS\system32\mem.exe |24/04/2003 13:00:00
    C:\WINDOWS\system32\mgxpvprt.exe |25/11/2006 15:19:23
    C:\WINDOWS\system32\mjwgqnkh.exe |09/12/2006 12:16:41
    C:\WINDOWS\system32\mscdexnt.exe |24/04/2003 13:00:00
    C:\WINDOWS\system32\musqllhf.exe |10/11/2006 17:09:51
    C:\WINDOWS\system32\mvtnxnrp.exe |30/11/2006 17:31:55
    C:\WINDOWS\system32\mydcfiom.exe |26/11/2006 13:05:17
    C:\WINDOWS\system32\mykecmyy.exe |13/12/2006 17:45:01
    C:\WINDOWS\system32\ndjhporp.exe |09/12/2006 16:53:53
    C:\WINDOWS\system32\NeroCheck.exe |09/07/2001 11:50:42
    C:\WINDOWS\system32\nfqwphvg.exe |10/11/2006 20:50:53
    C:\WINDOWS\system32\nhsraulq.exe |20/12/2006 18:34:52
    C:\WINDOWS\system32\nloyoorh.exe |12/11/2006 16:53:15
    C:\WINDOWS\system32\nlsfunc.exe |24/04/2003 13:00:00
    C:\WINDOWS\system32\nnddeawh.exe |13/11/2006 18:29:05
    C:\WINDOWS\system32\ntfwbkns.exe |17/12/2006 14:29:09
    C:\WINDOWS\system32\nwkrfcck.exe |17/12/2006 13:03:34
    C:\WINDOWS\system32\odabjrlj.exe |17/12/2006 14:24:21
    C:\WINDOWS\system32\ogpsrlax.exe |24/11/2006 18:35:45
    C:\WINDOWS\system32\ohnjbmtx.exe |11/12/2006 19:55:04
    C:\WINDOWS\system32\ohpkqvys.exe |04/11/2006 18:23:01
    C:\WINDOWS\system32\oprsgstw.exe |22/12/2006 19:44:52
    C:\WINDOWS\system32\otfoegrk.exe |11/12/2006 21:56:35
    C:\WINDOWS\system32\owyllmmu.exe |19/12/2006 17:39:53
    C:\WINDOWS\system32\pfodbooc.exe |13/11/2006 23:38:04
    C:\WINDOWS\system32\pgshdnsa.exe |24/11/2006 18:09:29
    C:\WINDOWS\system32\phlkcrom.exe |18/11/2006 12:11:46
    C:\WINDOWS\system32\pmqbsdfq.exe |26/11/2006 13:34:25
    C:\WINDOWS\system32\qktboyra.exe |12/11/2006 10:51:45
    C:\WINDOWS\system32\qnstnlpd.exe |16/12/2006 16:56:20
    C:\WINDOWS\system32\qobxyqqr.exe |05/11/2006 21:27:39
    C:\WINDOWS\system32\quwjqcea.exe |25/11/2006 15:19:49
    C:\WINDOWS\system32\rbneyqpm.exe |18/12/2006 19:43:58
    C:\WINDOWS\system32\redir.exe |24/04/2003 13:00:00
    C:\WINDOWS\system32\reico.exe |18/02/2005 18:17:11
    C:\WINDOWS\system32\rriktdeh.exe |18/12/2006 19:10:08
    C:\WINDOWS\system32\RTLCPL.EXE |28/10/2004 16:12:35
    C:\WINDOWS\system32\setver.exe |24/04/2003 13:00:00
    C:\WINDOWS\system32\sgbpxmer.exe |07/11/2006 17:41:06
    C:\WINDOWS\system32\share.exe |24/04/2003 13:00:00
    C:\WINDOWS\system32\slrundll.exe |28/10/2004 15:27:30
    C:\WINDOWS\system32\slserv.exe |28/10/2004 15:27:30
    C:\WINDOWS\system32\SpoonUninstall.exe |17/04/2005 13:31:15
    C:\WINDOWS\system32\sqogavnb.exe |05/11/2006 21:27:51
    C:\WINDOWS\system32\stuctgge.exe |21/12/2006 19:03:24
    C:\WINDOWS\system32\stxubqlj.exe |26/11/2006 11:40:49
    C:\WINDOWS\system32\sufgwnyi.exe |14/11/2006 17:30:33
    C:\WINDOWS\system32\svyywssj.exe |30/11/2006 22:44:10
    C:\WINDOWS\system32\tdbxowgv.exe |11/12/2006 19:48:44
    C:\WINDOWS\system32\tduxgeqv.exe |08/11/2006 19:29:10
    C:\WINDOWS\system32\tioxqmer.exe |08/11/2006 21:09:16
    C:\WINDOWS\system32\tnhgecfn.exe |15/11/2006 22:54:24
    C:\WINDOWS\system32\tqdncpme.exe |12/11/2006 21:44:10
    C:\WINDOWS\system32\txhihndo.exe |06/11/2006 22:10:43
    C:\WINDOWS\system32\UAService7.exe |27/03/2005 14:54:25
    C:\WINDOWS\system32\ubhieikw.exe |15/11/2006 17:36:05
    C:\WINDOWS\system32\uglxpxxn.exe |27/11/2006 18:09:37
    C:\WINDOWS\system32\Uharc.exe |18/02/2005 18:16:23
    C:\WINDOWS\system32\ujopqkeq.exe |27/11/2006 20:43:06
    C:\WINDOWS\system32\unutsgdr.exe |06/11/2006 21:22:44
    C:\WINDOWS\system32\usrmlnka.exe |23/08/2001 18:47:48
    C:\WINDOWS\system32\usrprbda.exe |23/08/2001 18:47:48
    C:\WINDOWS\system32\usrshuta.exe |23/08/2001 18:47:48
    C:\WINDOWS\system32\vanlhmqa.exe |12/11/2006 17:03:43
    C:\WINDOWS\system32\veeqhdea.exe |01/11/2006 19:14:33
    C:\WINDOWS\system32\vfnvmtsv.exe |06/12/2006 19:16:38
    C:\WINDOWS\system32\vjbmfnse.exe |25/11/2006 15:27:52
    C:\WINDOWS\system32\vltjjnrm.exe |19/11/2006 18:17:10
    C:\WINDOWS\system32\vsekpwgr.exe |12/11/2006 17:03:30
    C:\WINDOWS\system32\vvnidnif.exe |29/11/2006 17:39:21
    C:\WINDOWS\system32\vynxttnq.exe |22/11/2006 17:37:05
    C:\WINDOWS\system32\waodljik.exe |16/11/2006 17:47:37
    C:\WINDOWS\system32\wbxcojle.exe |20/12/2006 22:38:57
    C:\WINDOWS\system32\whudvlfi.exe |05/11/2006 14:39:20
    C:\WINDOWS\system32\wticjrpl.exe |19/11/2006 10:11:11
    C:\WINDOWS\system32\xcbphrhg.exe |05/11/2006 18:30:34
    C:\WINDOWS\system32\xcrnlyax.exe |17/12/2006 18:22:58
    C:\WINDOWS\system32\xlltauir.exe |25/11/2006 19:08:10
    C:\WINDOWS\system32\xonmwfdy.exe |05/11/2006 19:08:46
    C:\WINDOWS\system32\xpeisose.exe |30/11/2006 18:07:37
    C:\WINDOWS\system32\xsvgmppc.exe |19/12/2006 21:07:58
    C:\WINDOWS\system32\xwlplaqj.exe |11/11/2006 10:53:52
    C:\WINDOWS\system32\ybthtjqe.exe |12/12/2006 22:53:02
    C:\WINDOWS\system32\ybulhxpc.exe |23/11/2006 17:40:01
    C:\WINDOWS\system32\yifydmhf.exe |05/11/2006 21:15:40
    C:\WINDOWS\system32\ylafajue.exe |09/11/2006 17:38:38
    C:\WINDOWS\system32\ylorutgu.exe |19/11/2006 15:30:27
    C:\WINDOWS\system32\yltenhbs.exe |15/12/2006 18:30:22
    C:\WINDOWS\system32\ynktjcxl.exe |22/12/2006 18:22:32
    C:\WINDOWS\system32\ytqesnjf.exe |25/11/2006 21:41:43
    C:\WINDOWS\system32\yyqrwrsj.exe |17/12/2006 13:39:29
    C:\WINDOWS\system32\a3d.dll |28/10/2004 16:12:34
    C:\WINDOWS\system32\AcSignExt.dll |05/03/2005 13:18:09
    C:\WINDOWS\system32\AcSignExtRes.dll |07/03/2005 19:00:01
    C:\WINDOWS\system32\AcSignIcon.dll |05/03/2005 13:18:12
    C:\WINDOWS\system32\amstream.dll |24/04/2003 13:00:00
    C:\WINDOWS\system32\ati2cqag.dll |28/10/2004 15:27:32
    C:\WINDOWS\system32\ati2dvaa.dll |28/10/2004 15:27:32
    C:\WINDOWS\system32\ati2dvag.dll |28/10/2004 15:27:31
    C:\WINDOWS\system32\ati2edxx.dll |29/09/2004 07:18:20
    C:\WINDOWS\system32\ati2evxx.dll |29/09/2004 07:18:08
    C:\WINDOWS\system32\ati3d1ag.dll |28/10/2004 15:27:31
    C:\WINDOWS\system32\ati3d2ag.dll |13/11/2003 21:10:54
    C:\WINDOWS\system32\ati3duag.dll |28/10/2004 15:27:31
    C:\WINDOWS\system32\ATIDDC.DLL |29/09/2004 07:16:22
    C:\WINDOWS\system32\ATIDEMGR.dll |29/09/2004 09:32:34
    C:\WINDOWS\system32\atiiiexx.dll |29/09/2004 09:58:44
    C:\WINDOWS\system32\atikvmag.dll |21/02/2006 19:11:02
    C:\WINDOWS\system32\atioglx1.dll |21/02/2006 19:27:14
    C:\WINDOWS\system32\atioglxx.dll |29/09/2004 07:44:00
    C:\WINDOWS\system32\atipdlxx.dll |29/09/2004 07:18:50
    C:\WINDOWS\system32\atitvo32.dll |29/09/2004 06:36:20
    C:\WINDOWS\system32\ativcoxx.dll |09/11/2001 10:01:04
    C:\WINDOWS\system32\ativtmxx.dll |28/10/2004 15:27:31
    C:\WINDOWS\system32\ativvaxx.dll |28/10/2004 15:27:31
    C:\WINDOWS\system32\atmfd.dll |24/04/2003 13:00:00
    C:\WINDOWS\system32\atmlib.dll |24/04/2003 13:00:00
    C:\WINDOWS\system32\Audio3D.dll |28/10/2004 16:12:34
    C:\WINDOWS\system32\axgvpryj.dll |22/12/2006 18:22:25
    C:\WINDOWS\system32\clrvidcc.dll |02/01/2005 21:33:57
    C:\WINDOWS\system32\clrviddc.dll |11/08/1998 15:18:52
    C:\WINDOWS\system32\CmdLineExt.dll |27/03/2005 14:54:25
    C:\WINDOWS\system32\CNCS232.DLL |20/11/2003 14:09:09
    C:\WINDOWS\system32\cncs32.dll |27/12/2005 18:15:46
    C:\WINDOWS\system32\compatui.dll |24/04/2003 13:00:00
    C:\WINDOWS\system32\comypanr.dll |17/12/2006 18:48:34
    C:\WINDOWS\system32\cpdymfnb.dll |22/12/2006 17:33:47
    C:\WINDOWS\system32\cvfginer.dll |20/12/2006 22:39:02
    C:\WINDOWS\system32\cvybqyrm.dll |02/12/2006 15:27:15
    C:\WINDOWS\system32\decdnet.dll |11/08/1998 15:18:44
    C:\WINDOWS\system32\dgrpsetu.dll |01/01/2002 00:07:13
    C:\WINDOWS\system32\dgsetup.dll |01/01/2002 00:07:13
    C:\WINDOWS\system32\dhywgghv.dll |27/11/2006 20:35:17
    C:\WINDOWS\system32\DivX.dll |26/10/2004 23:38:23
    C:\WINDOWS\system32\divxdec_0407.dll |26/10/2004 23:38:18
    C:\WINDOWS\system32\divxdec_040c.dll |26/10/2004 23:38:18
    C:\WINDOWS\system32\divxdec_0411.dll |26/10/2004 23:38:18
    C:\WINDOWS\system32\divx_xx07.dll |26/10/2004 23:38:17
    C:\WINDOWS\system32\divx_xx0c.dll |26/10/2004 23:38:18
    C:\WINDOWS\system32\divx_xx11.dll |26/10/2004 23:38:18
    C:\WINDOWS\system32\dmgrax2.dll |25/03/2005 20:32:31
    C:\WINDOWS\system32\dpu10.dll |26/10/2004 23:39:03
    C:\WINDOWS\system32\dpuGUI10.dll |26/10/2004 23:39:03
    C:\WINDOWS\system32\dpus10.dll |26/10/2004 23:39:03
    C:\WINDOWS\system32\dpv10.dll |26/10/2004 23:39:04
    C:\WINDOWS\system32\efvnvkme.dll |21/12/2006 19:03:21
    C:\WINDOWS\system32\elxjyalh.dll |16/11/2006 17:48:12
    C:\WINDOWS\system32\encdec.dll |24/04/2003 13:00:00
    C:\WINDOWS\system32\encdnet.dll |02/01/2005 21:33:57
    C:\WINDOWS\system32\EnumDev111.dll |23/10/2006 19:29:44
    C:\WINDOWS\system32\EqnClass.Dll |01/01/2002 00:07:12
    C:\WINDOWS\system32\fxdcbwjf.dll |19/11/2006 10:11:23
    C:\WINDOWS\system32\GEARAspi.dll |19/09/2006 15:43:58
    C:\WINDOWS\system32\gtmbnrcp.dll |20/12/2006 18:34:42
    C:\WINDOWS\system32\hptukyk.dll |16/11/2006 17:57:26
    C:\WINDOWS\system32\hpvekfro.dll |15/12/2006 19:15:40
    C:\WINDOWS\system32\hsfcisp2.dll |28/10/2004 15:27:31
    C:\WINDOWS\system32\hticons.dll |28/10/2004 15:48:03
    C:\WINDOWS\system32\hypertrm.dll |28/10/2004 15:48:03
    C:\WINDOWS\system32\iawlppsf.dll |18/12/2006 19:15:34
    C:\WINDOWS\system32\iccvid.dll |24/04/2003 13:00:00
    C:\WINDOWS\system32\ieencode.dll |28/10/2004 15:27:31
    C:\WINDOWS\system32\iehncmpu.dll |15/12/2006 18:30:07
    C:\WINDOWS\system32\imagr5.dll |21/09/2000 17:02:28
    C:\WINDOWS\system32\imagx5.dll |27/09/2000 16:15:06
    C:\WINDOWS\system32\ImagXpr5.dll |21/09/2000 12:53:00
    C:\WINDOWS\system32\inetda.dll |02/08/2001 04:11:25
    C:\WINDOWS\system32\IpLib.dll |23/10/2006 19:29:44
    C:\WINDOWS\system32\ir32_32.dll |24/04/2003 13:00:00
    C:\WINDOWS\system32\ir41_qc.dll |28/10/2004 15:27:31
    C:\WINDOWS\system32\ir41_qcx.dll |28/10/2004 15:27:31
    C:\WINDOWS\system32\ir50_32.dll |28/10/2004 15:27:31
    C:\WINDOWS\system32\ir50_qc.dll |28/10/2004 15:27:31
    C:\WINDOWS\system32\ir50_qcx.dll |28/10/2004 15:27:31
    C:\WINDOWS\system32\isrdbg32.dll |28/10/2004 15:48:58
    C:\WINDOWS\system32\jgaw400.dll |24/04/2003 13:00:00
    C:\WINDOWS\system32\jgdw400.dll |24/04/2003 13:00:00
    C:\WINDOWS\system32\jgmd400.dll |24/04/2003 13:00:00
    C:\WINDOWS\system32\jgpl400.dll |24/04/2003 13:00:00
    C:\WINDOWS\system32\jgsd400.dll |24/04/2003 13:00:00
    C:\WINDOWS\system32\jgsh400.dll |24/04/2003 13:00:00
    C:\WINDOWS\system32\jhhlvqts.dll |18/12/2006 19:49:12
    C:\WINDOWS\system32\jrharjaq.dll |20/12/2006 18:14:51
    C:\WINDOWS\system32\KMVIDC32.DLL |30/11/2004 18:40:54
    C:\WINDOWS\system32\kyfahway.dll |26/11/2006 11:40:41
    C:\WINDOWS\system32\lvaoqfey.dll |27/11/2006 20:43:09
    C:\WINDOWS\system32\mdmxsdk.dll |28/10/2004 15:27:31
    C:\WINDOWS\system32\mdwmdmsp.dll |23/08/2001 18:47:06
    C:\WINDOWS\system32\mrvdlg.dll |28/10/2004 16:17:56
    C:\WINDOWS\system32\msdmo.dll |24/04/2003 13:00:00
    C:\WINDOWS\system32\msencode.dll |24/04/2003 13:00:00
    C:\WINDOWS\system32\msttxl16.dll |24/02/1998 23:21:00
    C:\WINDOWS\system32\MSWAY.dll |26/12/2005 11:09:15
    C:\WINDOWS\system32\msxwnet32.dll |16/05/2001 11:52:26
    C:\WINDOWS\system32\mtxparhd.dll |28/10/2004 15:27:30
    C:\WINDOWS\system32\muaktpvk.dll |22/12/2006 17:02:55
    C:\WINDOWS\system32\nbexprft.dll |18/12/2006 19:44:01
    C:\WINDOWS\system32\njimnfjf.dll |22/12/2006 17:37:05
    C:\WINDOWS\system32\nv4_disp.dll |28/10/2004 15:27:30
    C:\WINDOWS\system32\odgjcuus.dll |26/11/2006 13:28:32
    C:\WINDOWS\system32\odtpfici.dll |22/12/2006 19:44:55
    C:\WINDOWS\system32\Oemdspif.dll |29/09/2004 07:18:36
    C:\WINDOWS\system32\oigkpais.dll |23/11/2006 17:39:55
    C:\WINDOWS\system32\orebdeyb.dll |13/12/2006 21:46:36
    C:\WINDOWS\system32\paqsp.dll |23/08/2001 18:47:16
    C:\WINDOWS\system32\pdfcmnnt.dll |26/03/2006 10:49:45
    C:\WINDOWS\system32\picn20.dll |21/09/2000 07:47:10
    C:\WINDOWS\system32\pnc32301.dll |02/01/2005 21:33:58
    C:\WINDOWS\system32\pnc32401.dll |02/01/2005 21:33:58
    C:\WINDOWS\system32\pncrt.dll |11/08/1998 15:18:44
    C:\WINDOWS\system32\pndx5016.dll |26/11/2004 21:09:27
    C:\WINDOWS\system32\pndx5032.dll |26/11/2004 21:09:27
    C:\WINDOWS\system32\pnen3230.dll |02/01/2005 21:33:58
    C:\WINDOWS\system32\pneng101.dll |02/01/2005 21:33:58
    C:\WINDOWS\system32\PSIKey.dll |26/10/2004 23:38:24
    C:\WINDOWS\system32\ptipbmf.dll |28/10/2004 16:18:41
    C:\WINDOWS\system32\qedwipes.dll |24/04/2003 13:00:00
    C:\WINDOWS\system32\qt-mt331.dll |26/10/2004 23:39:05
    C:\WINDOWS\system32\quqrbkl.dll |19/11/2006 10:13:15
    C:\WINDOWS\system32\quxfwhbc.dll |18/12/2006 19:18:34
    C:\WINDOWS\system32\RA3214_4.dll |11/08/1998 15:18:44
    C:\WINDOWS\system32\ra3228_8.dll |11/08/1998 15:18:44
    C:\WINDOWS\system32\ra32clv1.dll |11/08/1998 15:18:44
    C:\WINDOWS\system32\ra32dnet.dll |11/08/1998 15:18:44
    C:\WINDOWS\system32\ra32rv10.dll |11/08/1998 15:18:44
    C:\WINDOWS\system32\ra32sipr.dll |11/08/1998 15:18:44
    C:\WINDOWS\system32\rarv1032.dll |11/08/1998 15:18:44
    C:\WINDOWS\system32\rarv10en.dll |02/01/2005 21:33:58
    C:\WINDOWS\system32\rdnoxssp.dll |19/12/2006 17:44:15
    C:\WINDOWS\system32\RGSS100J.dll |11/06/2005 15:48:26
    C:\WINDOWS\system32\rmevents.dll |02/01/2005 21:33:58
    C:\WINDOWS\system32\rmmerge2.dll |02/01/2005 21:33:58
    C:\WINDOWS\system32\rmoc3260.dll |26/11/2004 21:09:32
    C:\WINDOWS\system32\rnqlfsvi.dll |18/11/2006 22:50:11
    C:\WINDOWS\system32\Roboex32.dll |30/01/2005 14:44:37
    C:\WINDOWS\system32\RTLCPAPI.dll |28/10/2004 16:12:34
    C:\WINDOWS\system32\rvoqxscq.dll |19/12/2006 21:08:22
    C:\WINDOWS\system32\s3gnb.dll |28/10/2004 15:27:30
    C:\WINDOWS\system32\sbe.dll |24/04/2003 13:00:00
    C:\WINDOWS\system32\SIntf16.dll |10/12/2004 17:11:20
    C:\WINDOWS\system32\SIntf32.dll |10/12/2004 17:11:20
    C:\WINDOWS\system32\SIntfNT.dll |10/12/2004 17:11:20
    C:\WINDOWS\system32\slbcsp.dll |24/04/2003 13:00:00
    C:\WINDOWS\system32\slbiop.dll |24/04/2003 13:00:00
    C:\WINDOWS\system32\slbrccsp.dll |24/04/2003 13:00:00
    C:\WINDOWS\system32\slcoinst.dll |28/10/2004 15:27:30
    C:\WINDOWS\system32\slextspk.dll |28/10/2004 15:27:30
    C:\WINDOWS\system32\slgen.dll |28/10/2004 15:27:30
    C:\WINDOWS\system32\spnike.dll |23/08/2001 18:47:18
    C:\WINDOWS\system32\sprio600.dll |23/08/2001 18:47:18
    C:\WINDOWS\system32\sprio800.dll |23/08/2001 18:47:18
    C:\WINDOWS\system32\spxcoins.dll |01/01/2002 00:07:12
    C:\WINDOWS\system32\swxpckm.dll |19/11/2006 10:13:15
    C:\WINDOWS\system32\tsd32.dll |24/04/2003 13:00:00
    C:\WINDOWS\system32\TwnLib20.dll |26/06/2000 10:45:30
    C:\WINDOWS\system32\uetvjhau.dll |06/12/2006 21:47:35
    C:\WINDOWS\system32\unrar.dll |06/12/2004 20:06:06
    C:\WINDOWS\system32\unzip32.dll |05/12/2004 22:08:08
    C:\WINDOWS\system32\usrcntra.dll |23/08/2001 18:47:20
    C:\WINDOWS\system32\usrcoina.dll |23/08/2001 18:47:20
    C:\WINDOWS\system32\usrdpa.dll |23/08/2001 18:47:20
    C:\WINDOWS\system32\usrdtea.dll |23/08/2001 18:47:20
    C:\WINDOWS\system32\usrfaxa.dll |23/08/2001 18:47:20
    C:\WINDOWS\system32\usrlbva.dll |23/08/2001 18:47:20
    C:\WINDOWS\system32\usrrtosa.dll |23/08/2001 18:47:20
    C:\WINDOWS\system32\usrsdpia.dll |23/08/2001 18:47:20
    C:\WINDOWS\system32\usrsvpia.dll |23/08/2001 18:47:20
    C:\WINDOWS\system32\usrv42a.dll |23/08/2001 18:47:20
    C:\WINDOWS\system32\usrv80a.dll |23/08/2001 18:47:20
    C:\WINDOWS\system32\usrvoica.dll |23/08/2001 18:47:20
    C:\WINDOWS\system32\usrvpa.dll |23/08/2001 18:47:20
    C:\WINDOWS\system32\vboxb410.dll |13/06/2001 03:52:44
    C:\WINDOWS\system32\vboxp410.dll |13/06/2001 03:52:45
    C:\WINDOWS\system32\vboxt410.dll |13/06/2001 03:52:45
    C:\WINDOWS\system32\vrjsqmcb.dll |27/11/2006 20:40:07
    C:\WINDOWS\system32\vturs.dll |05/12/2006 17:40:17
    C:\WINDOWS\system32\wbhelp2.dll |02/11/2004 22:03:21
    C:\WINDOWS\system32\wbqmyces.dll |22/12/2006 19:20:40
    C:\WINDOWS\system32\WG1v2Lib.dll |23/10/2006 19:29:44
    C:\WINDOWS\system32\wh2robo.dll |30/01/2005 14:44:37
    C:\WINDOWS\system32\win87em.dll |24/04/2003 13:00:00
    C:\WINDOWS\system32\WmJoyFrc.dll |21/08/2006 14:02:54
    C:\WINDOWS\system32\xmlparse.dll |08/12/2004 13:09:09
    C:\WINDOWS\system32\xmltok.dll |08/12/2004 13:09:09
    C:\WINDOWS\system32\ysglannk.dll |18/11/2006 23:15:34
    C:\WINDOWS\system32\ZPORT4AS.dll |23/01/2006 20:11:05

    Le volume dans le lecteur C s'appelle Wxp
    Le numéro de série du volume est 84B2-DB13

    Répertoire de C:\WINDOWS\system32

    19.08.2004 15:09 6'144 csrss.exe
    1 fichier(s) 6'144 octets
    0 Rép(s) 32'448'032'768 octets libres
    Le volume dans le lecteur C s'appelle Wxp
    Le numéro de série du volume est 84B2-DB13

    Répertoire de C:\WINDOWS\system32

    25.03.2005 20:32 860'160 dmgr2.exe
    1 fichier(s) 860'160 octets
    0 Rép(s) 32'448'032'768 octets libres

    Contenu de Downloaded Program Files
    Le volume dans le lecteur C s'appelle Wxp
    Le numéro de série du volume est 84B2-DB13

    Répertoire de C:\WINDOWS\Downloaded Program Files

    11.12.2006 19:07 <REP> .
    11.12.2006 19:07 <REP> ..
    11.04.2006 16:10 135'168 asinst.dll
    03.04.2006 10:00 537 asinst.inf
    17.05.2006 13:32 231'072 avsniff.dll
    17.05.2006 13:29 878 avsniff.inf
    17.05.2006 13:32 198'304 avsniffdlgs.dll
    17.05.2006 13:26 537'704 AXXPEE.dll
    09.12.2005 17:08 749 cab.inf
    17.05.2006 13:29 241 CabSA.inf
    06.09.2006 00:00 2'504 catalog.dat
    18.11.2006 12:20 <REP> CONFLICT.1
    22.12.2006 18:18 <REP> CONFLICT.2
    22.12.2006 18:18 <REP> CONFLICT.3
    22.12.2006 18:18 <REP> CONFLICT.4
    22.12.2006 18:18 <REP> CONFLICT.5
    22.12.2006 18:18 <REP> CONFLICT.6
    28.10.2004 15:49 65 desktop.ini
    06.09.2006 00:00 6'899 ecbootil.vxd
    17.05.2006 13:26 42'112 ecmldr32.dll
    06.09.2006 00:00 272'040 ecmsvr32.dll
    08.09.2004 22:38 1'271 erma.inf
    14.02.2003 09:32 283'296 IDrop.ocx
    14.02.2003 09:34 114'848 IDropENU.dll
    13.03.2003 09:58 114'600 IDropFRA.dll
    10.11.2005 13:05 876 jinstall-1_5_0_06.inf
    29.11.2006 14:00 367 LegitCheckControl.inf
    17.05.2006 13:28 6'850 navapi.vxd
    17.05.2006 13:28 201'896 navapi32.dll
    06.09.2006 00:00 124'584 naveng32.dll
    06.09.2006 00:00 882'344 navex32a.dll
    09.12.2005 17:08 241'664 ocx_play.ocx
    09.12.2005 14:47 24'576 playershim.dll
    09.10.2003 10:32 144 QTPlugin.inf
    17.05.2006 13:32 161'480 rufsi.dll
    06.09.2006 00:00 97'552 scrauth.dat
    22.06.2006 10:41 5'032 swflash.inf
    06.09.2006 00:00 14 symaveng.cat
    06.09.2006 00:00 901 symaveng.inf
    06.09.2006 00:00 48'797 tcdefs.dat
    06.09.2006 00:00 966'264 tcscan7.dat
    06.09.2006 00:00 315'136 tcscan8.dat
    06.09.2006 00:00 659'400 tcscan9.dat
    06.09.2006 00:00 453 tinf.dat
    06.09.2006 00:00 148 tinfidx.dat
    06.09.2006 00:00 1'957 tinfl.dat
    06.09.2006 00:00 58'587 tscan1.dat
    06.09.2006 00:00 3'027 tscan1hd.dat
    06.09.2006 00:00 5'116 v.grd
    06.09.2006 00:00 2'261 v.sig
    06.09.2006 00:00 106'244 virscan.inf
    06.09.2006 00:00 966'811 virscan1.dat
    06.09.2006 00:00 569'712 virscan2.dat
    06.09.2006 00:00 146'612 virscan3.dat
    06.09.2006 00:00 320'186 virscan4.dat
    06.09.2006 00:00 2'700'020 virscan5.dat
    06.09.2006 00:00 389'301 virscan6.dat
    06.09.2006 00:00 4'468'258 virscan7.dat
    06.09.2006 00:00 1'593'724 virscan8.dat
    06.09.2006 00:00 3'622'432 virscan9.dat
    06.09.2006 00:00 32 virscant.dat
    08.09.2006 21:30 2'072 vscanmsx.dat
    06.09.2006 00:00 224 zdone.dat
    55 fichier(s) 20'637'342 octets

    Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.1

    18.11.2006 12:20 <REP> .
    18.11.2006 12:20 <REP> ..
    0 fichier(s) 0 octets

    Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.2

    22.12.2006 18:18 <REP> .
    22.12.2006 18:18 <REP> ..
    0 fichier(s) 0 octets

    Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.3

    22.12.2006 18:18 <REP> .
    22.12.2006 18:18 <REP> ..
    0 fichier(s) 0 octets

    Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.4

    22.12.2006 18:18 <REP> .
    22.12.2006 18:18 <REP> ..
    0 fichier(s) 0 octets

    Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.5

    22.12.2006 18:18 <REP> .
    22.12.2006 18:18 <REP> ..
    07.09.2006 12:15 227 UDC6V_0001_D19M0709NetInstaller.inf
    1 fichier(s) 227 octets

    Répertoire de C:\WINDOWS\Downloaded Program Files\CONFLICT.6

    22.12.2006 18:18 <REP> .
    22.12.2006 18:18 <REP> ..
    0 fichier(s) 0 octets

    Total des fichiers listés :
    56 fichier(s) 20'637'569 octets
    20 Rép(s) 32'448'028'672 octets libres

    Recherche de rootkit! (Merci S!Ri)

    Recherche d'infections connues

    Liste des programmes installes

    Ad-Aware SE Personal
    Adobe Flash Player 9 ActiveX
    Adobe Photoshop 6.0
    Adobe Reader 7.0.8 - Français
    Adobe SVG Viewer
    adsl TV
    Apple Software Update
    Archiveur WinRAR
    AsusUpdate
    ATI - Utilitaire de désinstallation du logiciel
    ATI Control Panel
    ATI Display Driver
    Audacity 1.2.4
    AutoCAD 2006 - Français
    Autodesk DWF Viewer
    AutoUpdate
    avast! Antivirus
    AVG Anti-Spyware 7.5
    BitTorrent 4.0.1
    CCleaner (remove only)
    Command & Conquer Red Alert 2
    DirectX for Managed Code Update (December 2004)
    DivX Player
    DivX Pro Trial
    Download Accelerator Plus
    EA SPORTS online 2006
    Easy TM 2.4
    eMule
    FileZilla (remove only)
    Freelancer
    GeTax2005
    Google Earth
    Google Toolbar for Internet Explorer
    Highway Pursuit v1.1
    HijackThis 1.99.1
    IGNMap 0.8.1
    iTunes
    J2SE Runtime Environment 5.0 Update 6
    J2SE Runtime Environment 5.0 Update 9
    K700i USB-Handset Manager
    Language pack for Ad-Aware SE
    Lecteur Windows Media 10
    Logitech Desktop Messenger
    Logitech Gaming Software
    Logitech SetPoint
    LX Systems Download Manager
    Macromedia Shockwave Player
    MediaLife
    MediaTickets by OIN
    Messenger Plus! 3 & Sponsor
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 French Language Pack
    Microsoft .NET Framework 1.1 Hotfix (KB886903)
    Microsoft .NET Framework 2.0
    Microsoft .NET Framework 2.0
    Microsoft .NET Framework 2.0 Language Pack - FRA
    Microsoft Game Studios Common Redistributables Pack 1
    Microsoft Internationalized Domain Names Mitigation APIs
    Microsoft National Language Support Downlevel APIs
    Microsoft Office Access MUI (French) 2007 (Beta)
    Microsoft Office Excel MUI (French) 2007 (Beta)
    Microsoft Office InfoPath MUI (French) 2007 (Beta)
    Microsoft Office Outlook MUI (French) 2007 (Beta)
    Microsoft Office PowerPoint MUI (French) 2007 (Beta)
    Microsoft Office Professional 2007 (Beta)
    Microsoft Office Professional Plus 2007 (Beta)
    Microsoft Office Proof (Arabic) 2007 (Beta)
    Microsoft Office Proof (Dutch) 2007 (Beta)
    Microsoft Office Proof (English) 2007 (Beta)
    Microsoft Office Proof (French) 2007 (Beta)
    Microsoft Office Proof (German) 2007 (Beta)
    Microsoft Office Proof (Spanish) 2007 (Beta)
    Microsoft Office Publisher MUI (French) 2007 (Beta)
    Microsoft Office Shared MUI (French) 2007 (Beta)
    Microsoft Office Word MUI (French) 2007 (Beta)
    Microsoft XML Parser
    Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA
    MSXML 4.0 SP2 (KB927978)
    MSXML4 Parser
    Nero - Burning Rom
    NHL06
    Package de base Microsoft de service de chiffrement pour cartes à puce
    Panda ActiveScan
    PDFCreator
    Plasma Pong v1.2
    PowerDVD
    QuickTime
    RealPlayer
    Realtek AC'97 Audio
    Rise Of Legends
    Rise Of Legends
    Rise of Nations
    Security Update for Microsoft .NET Framework 2.0 (KB917283)
    Security Update pour Microsoft .NET Framework 2.0 (KB922770)
    Sony Ericsson Capability Manager
    Sony Ericsson Mobile Phone Monitor
    Spybot - Search & Destroy 1.4
    Starcraft
    Steganos Internet Anonym 7.1.6
    TrackMania Nations ESWC 0.1.7.5
    Watchtower Library 2005 - Édition française
    WebFldrs XP
    WG111v2 Configuration Utility
    Windows Defender
    Windows Defender Signatures
    Windows Genuine Advantage Notifications (KB905474)
    Windows Live Messenger
    Windows Live Sign-in Assistant
    Windows Media Connect
    Windows Media Format Runtime
    Windows XP Service Pack 2

    Le volume dans le lecteur C s'appelle Wxp
    Le numéro de série du volume est 84B2-DB13

    Répertoire de C:\Program Files

    22.12.2006 17:34 <REP> .
    22.12.2006 17:34 <REP> ..
    11.09.2005 12:49 <REP> A4DeskMag2
    24.11.2005 18:37 <REP> Admiresoft
    26.03.2006 11:33 <REP> Adobe
    13.11.2006 18:27 <REP> adslTV
    17.11.2005 22:30 <REP> Adverts
    01.01.2002 14:00 <REP> Ahead
    06.02.2006 21:55 <REP> Alwil Software
    07.06.2005 21:58 <REP> America's Army
    05.11.2006 13:44 <REP> AnswerWorks 4.0
    06.11.2006 21:17 <REP> Apple Software Update
    25.03.2005 19:06 <REP> Ashampoo
    28.10.2004 15:45 <REP> ASUS
    28.10.2004 16:20 <REP> ATI Technologies
    02.08.2006 19:03 <REP> Audacity
    05.11.2006 13:49 <REP> AutoCAD 2006
    04.11.2006 21:25 <REP> Autodesk
    24.11.2005 18:36 <REP> AV MP3 Player-Morpher
    28.10.2004 16:12 <REP> AvRack
    19.04.2005 17:36 <REP> BitTorrent
    27.03.2005 20:03 <REP> BoontyGames
    18.11.2006 23:03 <REP> CCleaner
    12.01.2006 18:02 <REP> Clash N Slash
    14.01.2006 15:33 <REP> Common Files
    07.02.2006 21:16 <REP> Comodo
    28.10.2004 15:48 <REP> ComPlus Applications
    29.10.2006 15:16 <REP> Corel(R) Painter(TM) IX.5 TBYB FR
    21.03.2005 19:10 <REP> Creative
    01.01.2002 13:57 <REP> CyberLink
    08.09.2006 20:18 <REP> DAP
    22.11.2004 21:21 <REP> directx
    20.11.2004 10:31 <REP> DivX
    17.04.2006 13:28 <REP> DOSBox-0.65
    15.04.2006 11:42 <REP> D-Tools
    18.11.2006 12:12 <REP> Easy TM
    02.01.2002 16:26 <REP> eMule
    21.06.2005 17:15 <REP> eoRezo
    19.11.2006 13:26 <REP> Fichiers communs
    03.04.2006 18:42 <REP> FileZilla
    27.06.2005 21:22 <REP> FlashFXP
    02.11.2006 22:05 <REP> F-Secure
    11.03.2005 17:33 <REP> Game_Maker6
    26.03.2006 11:34 <REP> GeTax2005
    31.10.2006 21:26 <REP> Google
    22.12.2006 17:10 <REP> Grisoft
    30.04.2005 19:00 <REP> GSC Game World
    12.09.2005 20:08 <REP> IDM Computer Solutions
    18.12.2006 22:13 <REP> IGN
    24.09.2006 12:39 <REP> IKEA HomePlanner
    17.04.2005 13:31 <REP> Illustrate
    28.10.2004 16:03 <REP> Intel
    11.01.2006 18:47 <REP> InterActual
    17.12.2006 18:21 <REP> Internet Explorer
    06.11.2006 21:21 <REP> iPod
    06.11.2006 21:22 <REP> iTunes
    13.11.2006 18:41 <REP> Java
    08.12.2004 12:57 <REP> K700i USB-Handset Manager
    04.11.2006 16:24 <REP> Lavasoft
    27.12.2005 12:02 <REP> Lecteur CANALPLAY
    17.06.2006 13:00 <REP> LimeWire
    21.08.2006 14:02 <REP> Logitech
    15.05.2005 16:17 <REP> LucasFan Games
    25.03.2005 20:32 <REP> LX Download Manager
    23.01.2006 20:24 <REP> Messenger
    24.09.2006 12:33 <REP> Messenger Plus! 3
    28.10.2004 15:50 <REP> microsoft frontpage
    23.05.2006 16:36 <REP> Microsoft Games
    05.11.2006 13:44 <REP> Microsoft Office
    02.07.2006 20:05 <REP> Microsoft Visual Studio
    02.07.2006 20:04 <REP> Microsoft Works
    02.07.2006 20:04 <REP> Microsoft.NET
    16.12.2006 16:54 <REP> Movie Maker
    09.01.2006 17:35 <REP> Mozilla Firefox
    02.07.2006 20:05 <REP> MSBuild
    28.10.2004 15:48 <REP> MSN
    28.10.2004 15:48 <REP> MSN Gaming Zone
    02.11.2006 22:24 <REP> MSN Messenger
    17.11.2006 19:02 <REP> MSXML 4.0
    12.09.2005 17:19 <REP> MUSICMATCH
    19.04.2005 20:10 <REP> NASA
    23.10.2006 19:29 <REP> NETGEAR
    28.10.2004 15:26 <REP> NetMeeting
    07.09.2006 14:40 <REP> Notepad++
    04.01.2002 18:33 <REP> OfficeUpdate11
    11.12.2006 19:03 <REP> Opera
    16.12.2006 16:54 <REP> Outlook Express
    26.03.2006 10:50 <REP> PDFCreator
    16.05.2005 17:39 <REP> PeerGuardian pr14
    09.03.2005 18:13 <REP> Plustech Inc
    27.03.2005 13:48 <REP> PopCap Games
    06.11.2006 21:20 <REP> QuickTime
    26.11.2004 21:09 <REP> Real
    28.10.2004 16:12 <REP> Realtek Sound Manager
    21.08.2006 14:07 <REP> ReflexiveArcade
    18.02.2005 18:07 <REP> ScreenSaver
    23.01.2006 20:26 <REP> Secure Surfing Engine
    28.10.2004 15:48 <REP> Services en ligne
    28.09.2006 10:59 <REP> Sony Ericsson
    01.05.2006 16:03 <REP> Spybot - Search & Destroy
    04.11.2006 20:08 <REP> Spybot - Search & Destroy2
    23.01.2006 20:26 <REP> Steganos Internet Anonym 7
    27.12.2005 12:03 <REP> StreetFighter Flash
    17.06.2006 12:53 <REP> TheTurtle
    07.02.2006 18:22 <REP> Trustix
    31.07.2005 12:04 <REP> Ubi Soft
    08.12.2004 13:09 <REP> Ubisoft
    01.06.2005 22:14 <REP> Ulead Systems
    17.06.2006 12:59 <REP> Visicom Media
    17.06.2005 19:32 <REP> VoipBuster.com
    22.12.2006 18:22 <REP> VSAdd-in
    15.04.2006 12:11 <REP> VVSN
    20.02.2006 19:44 <REP> Watchtower
    09.03.2006 22:47 <REP> Webteh
    18.11.2006 22:51 <REP> Windows Defender
    05.11.2004 17:41 <REP> Windows Media Components
    04.09.2006 19:43 <REP> Windows Media Connect 2
    16.12.2006 16:54 <REP> Windows Media Player
    28.10.2004 15:26 <REP> Windows NT
    27.08.2005 19:55 <REP> WinHex
    23.01.2006 20:26 <REP> WinRAR
    28.10.2004 15:50 <REP> xerox
    19.11.2006 13:26 <REP> ?ssembly
    04.11.2006 12:26 <REP> ??stem
    0 fichier(s) 0 octets
    124 Rép(s) 32'447'733'760 octets libres
    Le volume dans le lecteur C s'appelle Wxp
    Le numéro de série du volume est 84B2-DB13

    Répertoire de C:\Program Files\fichiers communs

    19.11.2006 13:26 <REP> .
    19.11.2006 13:26 <REP> ..
    26.03.2006 11:33 <REP> Adobe
    05.11.2006 13:50 <REP> Autodesk Shared
    05.08.2006 10:52 <REP> AVSMedia
    05.11.2006 13:44 <REP> DESIGNER
    21.11.2004 15:01 <REP> InstallShield
    05.09.2006 20:30 <REP> Java
    21.08.2006 14:02 <REP> Logitech
    03.11.2004 19:17 <REP> Macrovision Shared
    05.11.2006 13:44 <REP> Microsoft Shared
    28.10.2004 15:48 <REP> MSSoap
    01.01.2002 00:07 <REP> ODBC
    24.09.2006 12:54 <REP> Panda Software
    26.11.2004 21:09 <REP> Real
    28.10.2004 15:48 <REP> Services
    01.01.2002 00:07 <REP> SpeechEngines
    20.06.2006 20:39 <REP> Synacast
    16.12.2006 14:55 <REP> System
    28.09.2006 10:59 <REP> Teleca Shared
    26.11.2004 21:09 <REP> xing shared
    22.12.2006 18:18 <REP> {84B2DB13-0C7E-1036-0924-040307090029}
    0 fichier(s) 0 octets
    22 Rép(s) 32'447'741'952 octets libres
    Le volume dans le lecteur C s'appelle Wxp
    Le numéro de série du volume est 84B2-DB13

    Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders

    02.07.2006 20:05 <REP> .
    02.07.2006 20:05 <REP> ..
    04.01.2002 18:27 <REP> 1033
    02.07.2006 19:59 <REP> 1036
    25.04.2006 20:33 967'952 MSONSEXT.DLL
    02.05.2006 18:37 40'208 MSOSV.DLL
    03.06.1999 13:09 122'937 MSOWS409.DLL
    07.03.2001 08:00 127'033 MSOWS40c.DLL
    11.07.2003 02:25 80'448 PKMWS.DLL
    5 fichier(s) 1'338'578 octets
    4 Rép(s) 32'447'741'952 octets libres
    Le volume dans le lecteur C s'appelle Wxp
    Le numéro de série du volume est 84B2-DB13

    Répertoire de C:\Program Files\common files

    14.01.2006 15:33 <REP> .
    14.01.2006 15:33 <REP> ..
    21.08.2006 17:33 <REP> EasyInfo
    20.02.2005 12:17 <REP> Stardock
    0 fichier(s) 0 octets
    4 Rép(s) 32'447'741'952 octets libres
    Le volume dans le lecteur C s'appelle Wxp
    Le numéro de série du volume est 84B2-DB13

    Répertoire de C:\

    11.11.2001 00:00 68'096 diff.exe
    27.08.2006 14:10 103'424 grep.exe
    31.10.2005 16:56 700'416 StubInstaller.exe
    24.05.2001 11:59 162'304 UNWISE.EXE
    4 fichier(s) 1'034'240 octets
    0 Rép(s) 32'447'737'856 octets libres
    c:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.0.2.16\iTunesSetupAdmin.exe
    c:\Documents and Settings\Wxp\.limewire\.NetworkShare\LimeWireWin4.10.5.exe
    c:\Documents and Settings\Wxp\.limewire\.NetworkShare\Incomplete\T-2840440-LimeWireWin4.10.9.exe
    c:\Documents and Settings\Wxp\Bureau\avgas-setup-7.5.0.50.exe
    c:\Documents and Settings\Wxp\Bureau\blbeta.exe
    c:\Documents and Settings\Wxp\Bureau\SmitfraudFix.exe
    c:\Documents and Settings\Wxp\Bureau\VundoFix.exe
    c:\Documents and Settings\Wxp\Bureau\DiagHelp\DiagHelp\diff.exe
    c:\Documents and Settings\Wxp\Bureau\DiagHelp\DiagHelp\FilesInfoCmd.exe
    c:\Documents and Settings\Wxp\Bureau\DiagHelp\DiagHelp\Fport.exe
    c:\Documents and Settings\Wxp\Bureau\DiagHelp\DiagHelp\grep.exe
    c:\Documents and Settings\Wxp\Bureau\DiagHelp\DiagHelp\LFiles.exe
    c:\Documents and Settings\Wxp\Bureau\DiagHelp\DiagHelp\LISTDLLS.exe
    c:\Documents and Settings\Wxp\Bureau\DiagHelp\DiagHelp\pslist.exe
    c:\Documents and Settings\Wxp\Bureau\DiagHelp\DiagHelp\streams.exe
    c:\Documents and Settings\Wxp\Bureau\DiagHelp\DiagHelp\swreg.exe
    c:\Documents and Settings\Wxp\Bureau\newbie\crackme1.exe
    c:\Documents and Settings\Wxp\Bureau\newbie\stega11.exe
    c:\Documents and Settings\Wxp\Bureau\newbie\stega22.exe
    c:\Documents and Settings\Wxp\Bureau\newbie\stega4.exe
    c:\Documents and Settings\Wxp\Bureau\newbie\HexDecCharEditor\HexDecCharEditor.exe
    c:\Documents and Settings\Wxp\Bureau\newbie\Nouveau dossier\ocamlq-public[1].exe
    c:\Documents and Settings\Wxp\Bureau\SmitfraudFix\dumphive.exe
    c:\Documents and Settings\Wxp\Bureau\SmitfraudFix\GenericRenosFix.exe
    c:\Documents and Settings\Wxp\Bureau\SmitfraudFix\Process.exe
    c:\Documents and Settings\Wxp\Bureau\SmitfraudFix\Reboot.exe
    c:\Documents and Settings\Wxp\Bureau\SmitfraudFix\restart.exe
    c:\Documents and Settings\Wxp\Bureau\SmitfraudFix\SmiUpdate.exe
    c:\Documents and Settings\Wxp\Bureau\SmitfraudFix\SrchSTS.exe
    c:\Documents and Settings\Wxp\Bureau\SmitfraudFix\swreg.exe
    c:\Documents and Settings\Wxp\Bureau\SmitfraudFix\swsc.exe
    c:\Documents and Settings\Wxp\Bureau\SmitfraudFix\swxcacls.exe
    c:\Documents and Settings\Wxp\Bureau\SmitfraudFix\unzip.exe
    c:\Documents and Settings\Wxp\Bureau\Steganos Updates\sia7int.exe
    c:\Documents and Settings\Wxp\Local Settings\Temp\AutoRun.exe
    c:\Documents and Settings\Wxp\Mes documents\Ma musique\Adoprixtixics\4dsportdriving\LOAD.EXE
    c:\Documents and Settings\Wxp\Mes documents\Ma musique\Adoprixtixics\4dsportdriving\SETUP.EXE
    c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll
    c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll
    c:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
    c:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Default\MpEngine.dll
    c:\Documents and Settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\{05D79D39-D5A6-4866-9582-579B32CEA05A}\mpengine.dll
    c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
    c:\Documents and Settings\Wxp\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll

    Et celui d'HijackThis :

    Logfile of HijackThis v1.99.1
    Scan saved at 11:16:30, on 23.12.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\system32\UAService7.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\SYSTEM32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\PROGRA~1\DAP\DAP.EXE
    C:\Program Files\Messenger Plus! 3\MsgPlus.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Logitech\Profiler\lwemon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
    C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtWLan.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
    C:\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=https://mail.google.com/mail/&ss=1&scc=1&ltmpl=default&ltmplcache=2&emr=1&osid=1
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: (no name) - {61C40C3D-BDD2-B627-D189-C569348CDBE4} - (no file)
    O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\PROGRA~1\DAP\dapbho.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {0964344D-C233-DAF1-2ADC-08C2A8D60810} - C:\WINDOWS\system32\hptukyk.dll
    O2 - BHO: (no name) - {2527DC3F-C7A0-CF37-33EA-0525C1600A34} - C:\WINDOWS\system32\quqrbkl.dll
    O2 - BHO: (no name) - {36068946-CD51-1AC7-C4AD-044557583146} - C:\WINDOWS\system32\lctsupj.dll (file missing)
    O2 - BHO: (no name) - {3FD6B99C-A275-46ea-8FD1-3D63986E51E4} - C:\WINDOWS\system32\hpvekfro.dll
    O2 - BHO: (no name) - {42E53C82-E11D-E01B-A428-084851DB6947} - C:\WINDOWS\system32\yzivngl.dll (file missing)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
    O2 - BHO: (no name) - {61E91E9C-BF33-6A6A-7BFC-00B25F19A7AE} - C:\WINDOWS\system32\urwzhx.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: (no name) - {D60B6578-737A-4422-99B4-0ABEDEBA0C17} - C:\WINDOWS\system32\vtsqq.dll (file missing)
    O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll
    O3 - Toolbar: Steganos Internet Anonyme - {00000000-5736-4205-0008-2fe89c996183} - c:\program files\steganos internet anonym 7\sia7iep.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\system32\qvlaojwx.dll",setvm
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart16.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: WG111v2 Smart Wizard Wireless Setting.lnk = ?
    O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
    O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - https://www.afternic.com/domains/drivecleaner.com
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O16 - DPF: {A91DEB0D-AD0D-453E-9AC8-60178EC24212} (VPlayer Control) - http://video.vividas.com/CDN1/4325_Pepsi/web/player/vivid_ocx.jpeg
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B7F9CDB8-BF58-4289-8669-EEA83434ED2E}: NameServer = 192.168.0.1
    O18 - Protocol: bw+0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program
    0
  13. Utilisateur anonyme
     
    Bonjour

    Voilà à quoi ressemble Vundo
    http://www.secuser.com/alertes/2005/vundo-virtumonde.htm

    Ces rapports montrent de très nombreuses infections.

    Une partie de la procédure se déroulera sans avoir accès à internet, prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant cette désinfection.
    Les manipulations sont à faire sans interruption et dans l'ordre.
    Si tu ne comprends pas quelque chose, demande des explications avant de commencer


    1 Télécharge eScan Antivirus Toolkit
    http://www.spywareinfo.dk/download/mwav.exe
    Sauvegarde-le sur ton Bureau.
    Avant de lancer le programme, il faut le mettre à jour tel qu'indiqué ci-après

    Voici comment mettre l'outil à jour :

    1.) Double-clique le fichier mwav.exe qui se trouve sur le Bureau; dézippe les fichiers dans le nouveau dossier suggéré (Kaspersky) situé à la racine du lecteur C:\ (C:\Kaspersky.). Le programme va se lancer, et tu dois le quitter (clique sur "Exit" puis "Exit").

    2.) Double-clique sur le Poste de travail, puis double-clique sur le lecteur principal (habituellement C:\), double-clique sur le dossier Kaspersky; ensuite, double-clique sur le fichier kavupd.exe. Tu verras maintenant une fenêtre DOS apparaître, et la mise à jour se complètera en quelques minutes.

    3.) Lorsque la mise à jour sera complétée, tu verras "Press any key to continue"; tape sur une clé pour continuer.

    Ne pas lancer le scan tout de suite !

    2 Télécharge ceci
    http://www.outerinfo.com/OiUninstaller.exe
    Sauvegarde le sur le Bureau.
    Regarde si tu as ces programmes dans Ajout/suppression de programmes. Désinstalle les si présent.

    Oin
    Purityscan by Oin
    Snowballwars by Oin
    Yazzle by Oin
    ou d'autres similaires avec Oin ou Outerinfo dedans
    Cowabanga
    MediaTickets
    Tizzletalk
    Zolero

    Lance OiUninstaller.exe
    Entre le code qui apparait.
    Clique sur Uninstall.
    Clique sur OK ensuite.

    3 Redémarre en mode sans échec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
    Démarre l'ordinateur.
    Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 ou F5 jusqu'à l'affichage du menu des options avancées de Windows.
    En utilisant les touches du curseur, sélectionne le mode sans échec approprié et appuye sur Entrée.

    4 Relance un scan HijackThis et coche les lignes ci-dessous :

    R3 - URLSearchHook: (no name) - {61C40C3D-BDD2-B627-D189-C569348CDBE4} - (no file)
    O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - C:\PROGRA~1\DAP\dapbho.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {0964344D-C233-DAF1-2ADC-08C2A8D60810} - C:\WINDOWS\system32\hptukyk.dll
    O2 - BHO: (no name) - {2527DC3F-C7A0-CF37-33EA-0525C1600A34} - C:\WINDOWS\system32\quqrbkl.dll
    O2 - BHO: (no name) - {36068946-CD51-1AC7-C4AD-044557583146} - C:\WINDOWS\system32\lctsupj.dll (file missing)
    O2 - BHO: (no name) - {3FD6B99C-A275-46ea-8FD1-3D63986E51E4} - C:\WINDOWS\system32\hpvekfro.dll
    O2 - BHO: (no name) - {42E53C82-E11D-E01B-A428-084851DB6947} - C:\WINDOWS\system32\yzivngl.dll (file missing)
    O2 - BHO: (no name) - {61E91E9C-BF33-6A6A-7BFC-00B25F19A7AE} - C:\WINDOWS\system32\urwzhx.dll (file missing)
    O2 - BHO: (no name) - {D60B6578-737A-4422-99B4-0ABEDEBA0C17} - C:\WINDOWS\system32\vtsqq.dll (file missing)
    O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - C:\Program Files\DAP\DAPIEBar.dll
    O4 - HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\system32\qvlaojwx.dll",setvm
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O8 - Extra context menu item: &Download with &DAP - C:\PROGRA~1\DAP\dapextie.htm
    O8 - Extra context menu item: Download &all with DAP - C:\PROGRA~1\DAP\dapextie2.htm
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:\PROGRA~1\DAP\DAP.EXE
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - https://www.afternic.com/domains/drivecleaner.com
    O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
    O16 - DPF: {A91DEB0D-AD0D-453E-9AC8-60178EC24212} (VPlayer Control) - http://video.vividas.com/CDN1/4325_Pepsi/web/player/vivid_ocx.jpeg
    O18 - Protocol: bw+0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

    Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »

    5 Désinstalle ces applications (si tu les trouves) dans Ajout-Suppression de programmes :

    VSAdd-in
    VVSN
    ?ssembly
    ??stem

    6 Supprime les fichiers/dossiers incriminés (s'ils existent encore) :

    C:\Program Files\VSAdd-in
    C:\Program Files\VVSN
    C:\Program Files\?ssembly
    C:\Program Files\??stem

    7 Lance le nettoyage avec CCleaner

    8 Lance eScan
    1.) Pour lancer "eScan Antivirus Toolkit", trouve le fichier mwavscan.com situé dans le dossier C:\Kaspersky

    2.) Double-clique sur mwavscan.com; l'interface d'eScan va apparaître à l'écran.

    3.) Il est très important de bien cocher ces boîtes sous Scan Option
    Memory, Registry, Startup Folders, System Folders, Services.

    4.) Coche la boîte Drive, ce qui donne accès à une nouvelle boîte Drive (bouton rond) juste dessous; coche ce bouton "Drive" (très important..), et tu verras une nouvelle boîte de navigation apparaître à la droite. Clique sur la petite flèche de cette boîte and choisi la lettre de ton disque dur, habituellement C:\.

    5.) Juste au-dessous, assure-toi que Scan All Files est coché, et non Program Files.

    6.) Clique sur Scan Clean et laisse le tool vérifier tout le disque dur (ça peut être long..). Lorsque terminé, tu verras Scan Completed. Ne pas quitter tout de suite !

    7.) Ouvre un nouveau fichier Bloc notes (clique sur "Démarrer" >> "Programmes" >>"Accessoires" >> "Bloc notes"), puis copie/colle tout le contenu de la fenêtre Virus Log Information (la deuxième, au bas) dans le fichier texte, et sauvegarde le. eScan génère également un rapport complet dans le dossier C:\Kaspersky (nommé mwav.log), mais il est trop lourd pour poster sur le forum.

    Ferme le programme.

    9 Redémarre normalement

    10 Télécharge DrWeb
    ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

    La version est automatiquement à jour.
    Installe le.
    Lance le.
    Une analyse des processus se lance.
    Ensuite, choisis le lecteur à scanner et lance l'analyse.
    Sauvegarde le rapport.

    Poste ces trois rapports :
    - un nouveau log HijackThis.
    - celui d'escan
    - celui de DrWeb

    Attention, il faudra peut être les poster en deux messages si c'est trop long (ton dernier HijackThis était tronqué).
    0
  14. legras Messages postés 21 Statut Membre
     
    Alors j'ai télécharger le premier fichier Escan mais quand je veux prendre le second :

    http://www.outerinfo.com/OiUninstaller.exe

    il me met que c'est interdis pour ma sécurité. Et aussi mon mode sans-échec ne fonctionne pas, il plante après avoir chargé et me laisse avec "mode sans échec dans les coins".

    Donc je ne sais pas si c'est parceque je ne suis pas assez patien (il lui faut déjà 5min) pour se lancer, ou si mon ordi bug pour le mode sans échec.
    0
  15. Utilisateur anonyme
     
    Qui te met que c'est interdit ?

    Si c'est ton antivirus, désactive le temporairement le temps du téléchargement.
    0
  16. legras Messages postés 21 Statut Membre
     
    J'ai cette fenêtre qui apparais même je stop avast :

    http://img293.imageshack.us/img293/3884/messagederreur2ii5.jpg

    Et pour le coups du mode sans échec, c'est normale ou y faut faire quelque chose d'autre ?
    0
  17. Utilisateur anonyme
     
    Bonjour

    Pour pouvoir télécharger ce fichier, il faut configurer le niveau de sécurité IE sur Moyen.

    Si tu n'y arrives toujours pas, dans l'étape 1 tu fais uniquement la désinstallation des programmes trouvés.
    Et tu continues la manip.
    0
  18. legras Messages postés 21 Statut Membre
     
    Bon alors je vais poster sur 3 réponse 1 rapport par réponse :

    Rapport d'Hijack :

    Logfile of HijackThis v1.99.1
    Scan saved at 16:18:45, on 26.12.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\system32\UAService7.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\SYSTEM32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Messenger Plus! 3\MsgPlus.exe
    C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Logitech\Profiler\lwemon.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtlWake.exe
    C:\Program Files\NETGEAR\WG111v2 Configuration Utility\RtWLan.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://accounts.google.com/ServiceLogin?service=mail&passive=true&rm=false&continue=https://mail.google.com/mail/&ss=1&scc=1&ltmpl=default&ltmplcache=2&emr=1&osid=1
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~2\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: (no name) - {D60B6578-737A-4422-99B4-0ABEDEBA0C17} - (no file)
    O3 - Toolbar: Steganos Internet Anonyme - {00000000-5736-4205-0008-2fe89c996183} - c:\program files\steganos internet anonym 7\sia7iep.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Global Startup: Accélérateur de démarrage AutoCAD.lnk = C:\Program Files\Fichiers communs\Autodesk Shared\acstart16.exe
    O4 - Global Startup: WG111v2 Smart Wizard Wireless Setting.lnk = ?
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{B7F9CDB8-BF58-4289-8669-EEA83434ED2E}: NameServer = 192.168.0.1
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: offline-8876480 - {C67A9ECA-D2AF-4C2D-9CC8-E1B4AD2511C3} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O20 - Winlogon Notify: wingdm32 - wingdm32.dll (file missing)
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
    0
  19. legras Messages postés 21 Statut Membre
     
    Rapport d'eScan :

    File C:\WINDOWS\system32\agfherdb.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\aolelmeq.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\aqusnwid.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\audimhij.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\aupgnxlj.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\bbjudflx.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\bddoirhx.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\bifvcaqc.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\cgtyqlrr.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\cjgiktsa.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\ckxhgpdf.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\comypanr.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\WINDOWS\system32\crdwqqep.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\cvybqyrm.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\WINDOWS\system32\ddvvohgd.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\difwtfvm.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\dikmwqyc.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\dqacyhwy.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\dunxmasq.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\duoollxq.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\edeeccww.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\elsdjceh.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\elxjyalh.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\WINDOWS\system32\eoffqsqk.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\fopwmgdy.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\ftboxnxl.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\fvsidooy.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\fxdcbwjf.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\WINDOWS\system32\gardhtfc.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\gobrxtwv.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\gvopwqdu.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\hgcddihu.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\hjqqbfii.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\hxdfpeav.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\iawlppsf.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\WINDOWS\system32\ikicnabt.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\iuviiqct.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\jhhlvqts.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\WINDOWS\system32\jkrmhoip.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\krplutvf.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\kvrmyshi.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\kyfahway.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\WINDOWS\system32\ldguntat.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\lvaoqfey.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\WINDOWS\system32\lvvoqgqi.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\mcldsfkv.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\mgxpvprt.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\musqllhf.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\mydcfiom.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\nbexprft.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\WINDOWS\system32\nfqwphvg.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\nloyoorh.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\nnddeawh.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\odgjcuus.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\WINDOWS\system32\ogpsrlax.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\ohpkqvys.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\oigkpais.dll infected by "Trojan.Win32.BHO.o" Virus. Action Taken: File Deleted.
    File C:\WINDOWS\system32\orebdeyb.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\WINDOWS\system32\pfodbooc.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\pgshdnsa.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\phlkcrom.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\pmqbsdfq.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\qktboyra.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\qobxyqqr.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\quwjqcea.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\rdnoxssp.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\WINDOWS\system32\rnqlfsvi.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\WINDOWS\system32\sgbpxmer.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\sqogavnb.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\stxubqlj.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\sufgwnyi.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\tduxgeqv.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\tioxqmer.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\tnhgecfn.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\tqdncpme.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\txhihndo.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\ubhieikw.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\uetvjhau.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\WINDOWS\system32\unutsgdr.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\vanlhmqa.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\veeqhdea.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\vjbmfnse.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\vltjjnrm.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\vrjsqmcb.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\WINDOWS\system32\vsekpwgr.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\vynxttnq.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\waodljik.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\whudvlfi.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\wticjrpl.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\xcbphrhg.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\xlltauir.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\xonmwfdy.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\xwlplaqj.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\ybulhxpc.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\yifydmhf.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\ylafajue.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\ylorutgu.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\ysglannk.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\WINDOWS\system32\ytqesnjf.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\Documents and Settings\Wxp\Bureau\SmitfraudFix\Reboot.exe tagged as not-a-virus:RiskTool.Win32.Reboot.f. No Action Taken.
    File C:\Documents and Settings\Wxp\Bureau\SmitfraudFix.exe tagged as not-a-virus:RiskTool.Win32.Reboot.f. No Action Taken.
    File C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP684\A0179308.exe infected by "Trojan-Proxy.Win32.Horst.av" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP703\A0190034.exe tagged as not-a-virus:RiskTool.Win32.Reboot.f. No Action Taken.
    File C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP739\A0203977.dll tagged as not-a-virus:AdWare.Win32.Softomate.u. No Action Taken.
    File C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP739\A0203978.dll tagged as not-a-virus:AdWare.Win32.Virtumonde.ev. No Action Taken.
    File C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP739\A0203979.dll tagged as not-a-virus:AdWare.Win32.Virtumonde.ev. No Action Taken.
    File C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP739\A0203981.dll infected by "not-virus:Hoax.Win32.Renos.fw" Virus. Action Taken: File Renamed.
    File C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP739\A0204022.dll tagged as not-a-virus:AdWare.Win32.Virtumonde.fj. No Action Taken.
    File C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP742\A0204289.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP742\A0204290.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP742\A0204291.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP742\A0204292.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP742\A0204293.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP742\A0204294.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP742\A0204295.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP742\A0204296.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP742\A0204297.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP742\A0204298.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP742\A0204299.dll infected by "Trojan.Win32.BHO.o" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP742\A0204300.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP742\A0204301.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP742\A0204302.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP742\A0204303.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP742\A0204304.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP742\A0204305.dll infected by "Trojan-Spy.Win32.VBStat.h" Virus. Action Taken: File Deleted.
    File C:\VundoFix Backups\vtsqq.dll.bad tagged as not-a-virus:AdWare.Win32.Virtumonde.fj. No Action Taken.
    File C:\WINDOWS\system32\agfherdb.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\aolelmeq.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\aqusnwid.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\audimhij.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\aupgnxlj.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\bbjudflx.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\bddoirhx.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\bifvcaqc.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\cgtyqlrr.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\cjgiktsa.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\ckxhgpdf.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\crdwqqep.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\ddvvohgd.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\difwtfvm.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\dikmwqyc.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\dqacyhwy.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\dunxmasq.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\duoollxq.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\edeeccww.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\elsdjceh.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\eoffqsqk.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\fopwmgdy.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\ftboxnxl.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\fvsidooy.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\gardhtfc.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\gobrxtwv.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\gvopwqdu.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\hgcddihu.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\hjqqbfii.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\hxdfpeav.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\ikicnabt.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\iuviiqct.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\jkrmhoip.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\krplutvf.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\kvrmyshi.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\ldguntat.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\lvvoqgqi.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\mcldsfkv.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\mgxpvprt.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\musqllhf.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\mydcfiom.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\nfqwphvg.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\nloyoorh.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\nnddeawh.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\ogpsrlax.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\ohpkqvys.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\pfodbooc.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\pgshdnsa.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\phlkcrom.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\pmqbsdfq.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\qktboyra.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\qobxyqqr.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\quwjqcea.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\sgbpxmer.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\sqogavnb.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\stxubqlj.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\sufgwnyi.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\tduxgeqv.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\tioxqmer.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\tnhgecfn.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\tqdncpme.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\txhihndo.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\ubhieikw.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\unutsgdr.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\vanlhmqa.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\veeqhdea.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\vjbmfnse.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\vltjjnrm.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\vsekpwgr.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\vynxttnq.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\waodljik.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\whudvlfi.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\wticjrpl.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\xcbphrhg.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\xlltauir.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\xonmwfdy.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\xwlplaqj.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\ybulhxpc.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\yifydmhf.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\ylafajue.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\ylorutgu.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    File C:\WINDOWS\system32\ytqesnjf.exe tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken.
    0
  20. legras Messages postés 21 Statut Membre
     
    Et enfin celui du DrWeb :

    Fport.exeC:\Documents and Settings\Wxp\Bureau\DiagHelp\DiagHelpProgram.FPort.20
    pslist.exeC:\Documents and Settings\Wxp\Bureau\DiagHelp\DiagHelpProgram.PsList.126
    Process.exeC:\Documents and Settings\Wxp\Bureau\SmitfraudFixTool.Prockill
    restart.exeC:\Documents and Settings\Wxp\Bureau\SmitfraudFixTool.ShutDown.11
    backup-20061226-111705-126.dllC:\HijackThis\backupsTrojan.DownLoader.based
    backup-20061226-111705-436.dllC:\HijackThis\backupsTrojan.DownLoader.based
    A0190033.exeC:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP703Tool.Prockill
    A0190035.exeC:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP703Tool.ShutDown.11
    A0203977.dllC:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP739Adware.Softomate
    A0203978.dllC:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP739Trojan.Virtumod
    A0203979.dllC:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP739Trojan.Virtumod
    A0203980.dllC:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP739Trojan.Virtumod
    A0204009.dllC:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP739Trojan.DownLoader.based
    A0204022.dllC:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP739Trojan.Virtumod
    A0204119.dllC:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP740Trojan.Juan
    A0204120.dllC:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP740Adware.TopSearch
    A0204121.dllC:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP740Trojan.Juan
    A0204282.dllC:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP742Trojan.DownLoader.based
    A0204283.dllC:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP742Trojan.DownLoader.based
    A0204325.dllC:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP742Trojan.DownLoader.based
    A0204326.dllC:\System Volume Information\_restore{4238CCEF-BE7E-48F1-8B9D-42C70192F096}\RP742Trojan.DownLoader.based
    urwzhx.dll.badC:\VundoFix BackupsTrojan.DownLoader.based
    vtsqq.dll.badC:\VundoFix BackupsTrojan.Virtumod
    agfherdb.exeC:\WINDOWS\system32Adware.SearchColours
    amwskrut.exeC:\WINDOWS\system32Adware.TopSearch
    aolelmeq.exeC:\WINDOWS\system32Adware.SearchColours
    aqusnwid.exeC:\WINDOWS\system32Adware.SearchColours
    astpbqig.exeC:\WINDOWS\system32Adware.TopSearch
    audimhij.exeC:\WINDOWS\system32Adware.SearchColours
    aupgnxlj.exeC:\WINDOWS\system32Adware.SearchColours
    bbjudflx.exeC:\WINDOWS\system32Adware.SearchColours
    bddoirhx.exeC:\WINDOWS\system32Adware.SearchColours
    bifvcaqc.exeC:\WINDOWS\system32Adware.SearchColours
    bldhynhq.exeC:\WINDOWS\system32Adware.TopSearch
    bnyvvhbm.exeC:\WINDOWS\system32Adware.TopSearch
    cdjwyfix.exeC:\WINDOWS\system32Adware.TopSearch
    cfvbcrlo.exeC:\WINDOWS\system32Adware.TopSearch
    cgfvpsjm.exeC:\WINDOWS\system32Adware.TopSearch
    cgtyqlrr.exeC:\WINDOWS\system32Adware.SearchColours
    cjgiktsa.exeC:\WINDOWS\system32Adware.SearchColours
    ckxhgpdf.exeC:\WINDOWS\system32Adware.SearchColours
    crdwqqep.exeC:\WINDOWS\system32Adware.SearchColours
    ddvvohgd.exeC:\WINDOWS\system32Adware.SearchColours
    dhywgghv.dllC:\WINDOWS\system32Trojan.Juan
    difwtfvm.exeC:\WINDOWS\system32Adware.SearchColours
    dikmwqyc.exeC:\WINDOWS\system32Adware.SearchColours
    dowllovy.exeC:\WINDOWS\system32Adware.TopSearch
    dqacyhwy.exeC:\WINDOWS\system32Adware.SearchColours
    dqxktplr.exeC:\WINDOWS\system32Adware.TopSearch
    dtsijbas.exeC:\WINDOWS\system32Adware.TopSearch
    duajsngx.exeC:\WINDOWS\system32Adware.TopSearch
    dunxmasq.exeC:\WINDOWS\system32Adware.SearchColours
    duoollxq.exeC:\WINDOWS\system32Adware.SearchColours
    dwarqyok.exeC:\WINDOWS\system32Adware.TopSearch
    ealavluy.exeC:\WINDOWS\system32Adware.TopSearch
    edeeccww.exeC:\WINDOWS\system32Adware.SearchColours
    elsdjceh.exeC:\WINDOWS\system32Adware.SearchColours
    eoffqsqk.exeC:\WINDOWS\system32Adware.SearchColours
    exrkvkgu.exeC:\WINDOWS\system32Adware.TopSearch
    fopwmgdy.exeC:\WINDOWS\system32Adware.SearchColours
    fskmtsbm.exeC:\WINDOWS\system32Adware.TopSearch
    ftboxnxl.exeC:\WINDOWS\system32Adware.SearchColours
    fvsidooy.exeC:\WINDOWS\system32Adware.SearchColours
    gardhtfc.exeC:\WINDOWS\system32Adware.SearchColours
    gktfxipw.exeC:\WINDOWS\system32Adware.TopSearch
    gncopicl.exeC:\WINDOWS\system32Adware.TopSearch
    gobrxtwv.exeC:\WINDOWS\system32Adware.SearchColours
    guxarogi.exeC:\WINDOWS\system32Adware.TopSearch
    gvopwqdu.exeC:\WINDOWS\system32Adware.SearchColours
    gyjqeywt.exeC:\WINDOWS\system32Adware.TopSearch
    hgcddihu.exeC:\WINDOWS\system32Adware.SearchColours
    hjqqbfii.exeC:\WINDOWS\system32Adware.SearchColours
    hsrjerlt.exeC:\WINDOWS\system32Adware.TopSearch
    hxdfpeav.exeC:\WINDOWS\system32Adware.SearchColours
    ikicnabt.exeC:\WINDOWS\system32Adware.SearchColours
    imonihvr.exeC:\WINDOWS\system32Adware.TopSearch
    itdgccxx.exeC:\WINDOWS\system32Adware.TopSearch
    iuviiqct.exeC:\WINDOWS\system32Adware.SearchColours
    jkrmhoip.exeC:\WINDOWS\system32Adware.SearchColours
    katadsql.exeC:\WINDOWS\system32Adware.TopSearch
    krplutvf.exeC:\WINDOWS\system32Adware.SearchColours
    ksmnegtd.exeC:\WINDOWS\system32Adware.TopSearch
    kunweeey.exeC:\WINDOWS\system32Adware.TopSearch
    kvrmyshi.exeC:\WINDOWS\system32Adware.SearchColours
    ldguntat.exeC:\WINDOWS\system32Adware.SearchColours
    lvvoqgqi.exeC:\WINDOWS\system32Adware.SearchColours
    mcldsfkv.exeC:\WINDOWS\system32Adware.SearchColours
    mgxpvprt.exeC:\WINDOWS\system32Adware.SearchColours
    mjwgqnkh.exeC:\WINDOWS\system32Adware.TopSearch
    musqllhf.exeC:\WINDOWS\system32Adware.SearchColours
    mvtnxnrp.exeC:\WINDOWS\system32Adware.TopSearch
    mydcfiom.exeC:\WINDOWS\system32Adware.SearchColours
    mykecmyy.exeC:\WINDOWS\system32Adware.TopSearch
    ndjhporp.exeC:\WINDOWS\system32Adware.TopSearch
    nfqwphvg.exeC:\WINDOWS\system32Adware.SearchColours
    nhsraulq.exeC:\WINDOWS\system32Adware.TopSearch
    nloyoorh.exeC:\WINDOWS\system32Adware.SearchColours
    nnddeawh.exeC:\WINDOWS\system32Adware.SearchColours
    ntfwbkns.exeC:\WINDOWS\system32Adware.TopSearch
    nwkrfcck.exeC:\WINDOWS\system32Adware.TopSearch
    odabjrlj.exeC:\WINDOWS\system32Adware.TopSearch
    ogpsrlax.exeC:\WINDOWS\system32Adware.SearchColours
    ohnjbmtx.exeC:\WINDOWS\system32Adware.TopSearch
    ohpkqvys.exeC:\WINDOWS\system32Adware.SearchColours
    oprsgstw.exeC:\WINDOWS\system32Adware.TopSearch
    otfoegrk.exeC:\WINDOWS\system32Adware.TopSearch
    owyllmmu.exeC:\WINDOWS\system32Adware.TopSearch
    pfodbooc.exeC:\WINDOWS\system32Adware.SearchColours
    pgshdnsa.exeC:\WINDOWS\system32Adware.SearchColours
    phlkcrom.exeC:\WINDOWS\system32Adware.SearchColours
    pmqbsdfq.exeC:\WINDOWS\system32Adware.SearchColours
    qktboyra.exeC:\WINDOWS\system32Adware.SearchColours
    qnstnlpd.exeC:\WINDOWS\system32Adware.TopSearch
    qobxyqqr.exeC:\WINDOWS\system32Adware.SearchColours
    quwjqcea.exeC:\WINDOWS\system32Adware.SearchColours
    rbneyqpm.exeC:\WINDOWS\system32Adware.TopSearch
    rriktdeh.exeC:\WINDOWS\system32Adware.TopSearch
    sgbpxmer.exeC:\WINDOWS\system32Adware.SearchColours
    sqogavnb.exeC:\WINDOWS\system32Adware.SearchColours
    stuctgge.exeC:\WINDOWS\system32Adware.TopSearch
    stxubqlj.exeC:\WINDOWS\system32Adware.SearchColours
    sufgwnyi.exeC:\WINDOWS\system32Adware.SearchColours
    svyywssj.exeC:\WINDOWS\system32Adware.TopSearch
    tdbxowgv.exeC:\WINDOWS\system32Adware.TopSearch
    tduxgeqv.exeC:\WINDOWS\system32Adware.SearchColours
    tioxqmer.exeC:\WINDOWS\system32Adware.SearchColours
    tnhgecfn.exeC:\WINDOWS\system32Adware.SearchColours
    tqdncpme.exeC:\WINDOWS\system32Adware.SearchColours
    txhihndo.exeC:\WINDOWS\system32Adware.SearchColours
    ubhieikw.exeC:\WINDOWS\system32Adware.SearchColours
    uglxpxxn.exeC:\WINDOWS\system32Adware.TopSearch
    ujopqkeq.exeC:\WINDOWS\system32Adware.TopSearch
    unutsgdr.exeC:\WINDOWS\system32Adware.SearchColours
    vanlhmqa.exeC:\WINDOWS\system32Adware.SearchColours
    veeqhdea.exeC:\WINDOWS\system32Adware.SearchColours
    vfnvmtsv.exeC:\WINDOWS\system32Adware.TopSearch
    vjbmfnse.exeC:\WINDOWS\system32Adware.SearchColours
    vltjjnrm.exeC:\WINDOWS\system32Adware.SearchColours
    vsekpwgr.exeC:\WINDOWS\system32Adware.SearchColours
    vvnidnif.exeC:\WINDOWS\system32Adware.TopSearch
    vynxttnq.exeC:\WINDOWS\system32Adware.SearchColours
    waodljik.exeC:\WINDOWS\system32Adware.SearchColours
    wbxcojle.exeC:\WINDOWS\system32Adware.TopSearch
    whudvlfi.exeC:\WINDOWS\system32Adware.SearchColours
    wticjrpl.exeC:\WINDOWS\system32Adware.SearchColours
    xcbphrhg.exeC:\WINDOWS\system32Adware.SearchColours
    xcrnlyax.exeC:\WINDOWS\system32Adware.TopSearch
    xlltauir.exeC:\WINDOWS\system32Adware.SearchColours
    xonmwfdy.exeC:\WINDOWS\system32Adware.SearchColours
    xpeisose.exeC:\WINDOWS\system32Adware.TopSearch
    xsvgmppc.exeC:\WINDOWS\system32Adware.TopSearch
    xwlplaqj.exeC:\WINDOWS\system32Adware.SearchColours
    ybthtjqe.exeC:\WINDOWS\system32Adware.TopSearch
    ybulhxpc.exeC:\WINDOWS\system32Adware.SearchColours
    yifydmhf.exeC:\WINDOWS\system32Adware.SearchColours
    ylafajue.exeC:\WINDOWS\system32Adware.SearchColours
    ylorutgu.exeC:\WINDOWS\system32Adware.SearchColours
    yltenhbs.exeC:\WINDOWS\system32Adware.TopSearch
    ynktjcxl.exeC:\WINDOWS\system32Adware.TopSearch
    ytqesnjf.exeC:\WINDOWS\system32Adware.SearchColours
    yyqrwrsj.exeC:\WINDOWS\system32Adware.TopSearch
    0
  21. Utilisateur anonyme
     
    Bonjour

    Du ménage vient d'être fait. HijackThis est propre.

    Mais pour le scan d'eScan, tu n'as pas supprimer les fichiers, c'est marqué No Action Taken..

    Tu vas refaire ceci en mode normal

    8 Lance eScan 
    1.) Pour lancer "eScan Antivirus Toolkit", trouve le fichier mwavscan.com situé dans le dossier C:\Kaspersky 
    
    2.) Double-clique sur mwavscan.com; l'interface d'eScan va apparaître à l'écran. 
    
    3.) Il est très important de bien cocher ces boîtes sous Scan Option 
    Memory, Registry, Startup Folders, System Folders, Services. 
    
    4.) Coche la boîte Drive, ce qui donne accès à une nouvelle boîte Drive (bouton rond) juste dessous; coche ce bouton "Drive" (très important..), et tu verras une nouvelle boîte de navigation apparaître à la droite. Clique sur la petite flèche de cette boîte and choisi la lettre de ton disque dur, habituellement C:\. 
    
    5.) Juste au-dessous, assure-toi que Scan All Files est coché, et non Program Files. 
    
    6.) Clique sur Scan Clean et laisse le tool vérifier tout le disque dur (ça peut être long..). Lorsque terminé, tu verras Scan Completed. Ne pas quitter tout de suite ! 
    
    7.) Ouvre un nouveau fichier Bloc notes (clique sur "Démarrer" >> "Programmes" >>"Accessoires" >> "Bloc notes"), puis copie/colle tout le contenu de la fenêtre Virus Log Information (la deuxième, au bas) dans le fichier texte, et sauvegarde le. eScan génère également un rapport complet dans le dossier C:\Kaspersky (nommé mwav.log), mais il est trop lourd pour poster sur le forum. 


    Poste le rapport avec un nouveau DiagHelp. Poste le en deux messages, ce sera trop long.
    0
  • 1
  • 2