popups incessant apres infection de virus

Question

Bonjour a tous!
voila j'ai un ptit probleme
aujourd'hui mon antivirus a été desactivée et le gestionnaire des taches ainsi que la base des registres suite a une attaque de plusieurs virus
j'au executer un tuto pour deinfecter mon PC a cette adresse
https://forum.zebulon.fr/topic/83986-pr%C3%A9-nettoyage-dun-pc-infect%C3%A9/
jusque la tout va bien j'ai tester plusieurs anti-virus et en tout j'ai trouver 28 virus (c'est enorme quand meme)
tout est desinfecté le gestionnaire marche a merveille et le registre aussi
le seul probleme c'est qu'il y a ce probleme de popup d'antivirus(qui sont infectés de virus eux-meme j'en suis sur)que je n'arrive pas a resoudre
ils apparaissent meme quand je ne surf pas sur le net et c'est assez genant parce que IE s'ouvre et ralentit mon PC...
Y a t-il une solution pour regler ca?
Merci d'avance a ceux qui m'aideront

Utilisateur anonyme · Answer

Salut,

Télécharge HijackThis : 
---> fichiers/hijackthis.zip

Installe le dans son propre dossier :
- clic droit sur le bureau, tu choisis "nouveau dossier" puis installe-le à l'intérieur.
Fais un clic droit sur Hijackthis, choisis "renommer" puis marque ceci : abcde.exe 
Double-clic sur HijackThis. Clic sur "I Accept" puis clic sur "do a system scan and save logfile" 
Puis copie et colle ici le rapport qu'il va te générer.

Démo pour HijackThis si besoin  :
http://pageperso.aol.fr/balltrap34/demohijack.htm

Erreur fatal · Answer

alors mon antivirus l'avait bloquer mais j'ai desactiver jsute le temps 
voila le rapport

Logfile of HijackThis v1.99.1
Scan saved at 22:25:36, on 18/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
C:\Program Files\Messenger\msmsgs.exe
D:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32	askmgr.exe
C:\Documents and Settings\Ilyes\Bureau\Nouveau dossier\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] -"C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] -"C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] -"C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] -rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [zzz_ImInstaller_] -C:\Program Files\IncrediMail\bin\IncrediMail_Install.exe -startup -product 
O4 - HKLM\..\Run: [LClock] -C:\Program Files\LClock\LClock.exe
O4 - HKLM\..\Run: [VisualTooltip] -
O4 - HKLM\..\Run: [VIPv3_Auto_Update] -
O4 - HKLM\..\Run: [Vistadrv] -
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] -"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Clavier+] -C:\DOCUME~1\Ilyes\LOCALS~1\Temp\Rar$EX01.288\Clavier.exe
O4 - Startup: Styler.lnk = ?
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - http://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Google Updater Service (gusvc) - Unknown owner - -"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: Service Framework McAfee (McAfeeFramework) - Unknown owner - -C:\Program Files\Network Associates\Common Framework\FrameworkService.exe (file missing)
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Microsoft Office Diagnostics Service (odserv) - Unknown owner - -"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE (file missing)
O23 - Service: Office Source Engine (ose) - Unknown owner - -"C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (file missing)
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Service Messenger Sharing Folders USN Journal Reader (usnjsvc) - Unknown owner - -"C:\Program Files\MSN Messenger\usnsvc.exe (file missing)
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - -"C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing)

je comprend pas trop...

Utilisateur anonyme · Answer

Tu n'as pas renommé hijackthis comme demandé ..

Utilisateur anonyme · Answer

Merci, on y voit plus clair.

Télécharge VundoFix
---> http://www.atribune.org/ccount/click.php?id=4

Redémarre ton PC. Dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaître choisis "mode sans echec" attends un peu.. 

double clic dessus choisis "start for vundo" 
attends quelques minutes, quand le scan est terminé clic sur "remove vundo"
un message te demandera si tu veux supprimes les fichiers sur "yes"
Quand il a terminé, clic sur "yes" ton ordinateur devrait redemarrer sinon, fais le par toit même
Une fois qu'il a redemarré colle le rapport C:\vundofix.txt et un nouveau rapport hijackthis stp

Erreur fatal · Answer

voila ce que ca donne

Logfile of HijackThis v1.99.1
Scan saved at 11:11:09, on 19/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Styler\Styler.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Ilyes\Bureau\Nouveau dossier\abcde.exe.exe
C:\WINDOWS\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: (no name) - {3E71DC86-4A5C-4C71-A185-EBE9AC2EB607} - C:\WINDOWS\system32\gebywuu.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {56F1D444-11BF-4879-A12B-79CF0177F038} - (no file)
O2 - BHO: (no name) - {5CBE2611-C31B-401F-89BC-4CBB25E853D7} - (no file)
O2 - BHO: (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - C:\WINDOWS\system32\vawhtuhk.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {C2F8BBC8-EBD1-46FF-AFE6-41B8697F1513} - C:\WINDOWS\system32\vatwjxso.dll
O2 - BHO: (no name) - {CC7E636D-39AA-49b6-B511-65413DA137A1} - (no file)
O2 - BHO: (no name) - {D6D28C99-9983-4A76-B611-8C68BF561BEC} - C:\WINDOWS\system32\mlllm.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] -"C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] -"C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] -"C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] -rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [zzz_ImInstaller_] -C:\Program Files\IncrediMail\bin\IncrediMail_Install.exe -startup -product 
O4 - HKLM\..\Run: [LClock] -C:\Program Files\LClock\LClock.exe
O4 - HKLM\..\Run: [VisualTooltip] -
O4 - HKLM\..\Run: [VIPv3_Auto_Update] -
O4 - HKLM\..\Run: [Vistadrv] -
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] -"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Clavier+] -C:\DOCUME~1\Ilyes\LOCALS~1\Temp\Rar$EX01.288\Clavier.exe
O4 - Startup: Styler.lnk = ?
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - http://a516.g.akamai.net/f/516/25175/7d/runaware.download.akamai.com/25175/citrix/wficat-no-eula.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: gebywuu - C:\WINDOWS\SYSTEM32\gebywuu.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Google Updater Service (gusvc) - Unknown owner - -"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: Service Framework McAfee (McAfeeFramework) - Unknown owner - -C:\Program Files\Network Associates\Common Framework\FrameworkService.exe (file missing)
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Microsoft Office Diagnostics Service (odserv) - Unknown owner - -"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE (file missing)
O23 - Service: Office Source Engine (ose) - Unknown owner - -"C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (file missing)
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Service Messenger Sharing Folders USN Journal Reader (usnjsvc) - Unknown owner - -"C:\Program Files\MSN Messenger\usnsvc.exe (file missing)
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - -"C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing)

Erreur fatal · Answer

et voila le rapport vundo 


VundoFix V6.3.19

Checking Java version...

Java version is 1.5.0.11

Scan started at 10:47:34 19/04/2007

Listing files found while scanning....

C:\WINDOWS\system32\ftsitntu.dll
C:\WINDOWS\system32\mlllm.dll
C:\WINDOWS\system32\mlllm.ini
C:\WINDOWS\system32\mlllm.ini2
C:\WINDOWS\system32\mlllm.tmp
C:\WINDOWS\system32\utcfrool.dll

Beginning removal...

 Attempting to delete C:\WINDOWS\system32\ftsitntu.dll
C:\WINDOWS\system32\ftsitntu.dll Has been deleted!

 Attempting to delete C:\WINDOWS\system32\mlllm.dll
C:\WINDOWS\system32\mlllm.dll Could not be deleted.

 Attempting to delete C:\WINDOWS\system32\mlllm.ini
C:\WINDOWS\system32\mlllm.ini Has been deleted!

 Attempting to delete C:\WINDOWS\system32\mlllm.ini2
C:\WINDOWS\system32\mlllm.ini2 Has been deleted!

 Attempting to delete C:\WINDOWS\system32\mlllm.tmp
C:\WINDOWS\system32\mlllm.tmp Has been deleted!

 Attempting to delete C:\WINDOWS\system32\utcfrool.dll
C:\WINDOWS\system32\utcfrool.dll Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

 Attempting to delete C:\WINDOWS\system32\mlllm.dll
C:\WINDOWS\system32\mlllm.dll Has been deleted!

 Attempting to delete C:\WINDOWS\system32\mlllm.ini
C:\WINDOWS\system32\mlllm.ini Has been deleted!

 Attempting to delete C:\WINDOWS\system32\mlllm.ini2
C:\WINDOWS\system32\mlllm.ini2 Has been deleted!

Performing Repairs to the registry.
Done!

Erreur fatal · Answer

petit up pour remonter le fil qui est tout tout en bas :'(

Erreur fatal · Answer

bon comme je voit que ce sujet est allé tout en bas encore une fois je le remonte
s'il vous plait j'ai vraiment besoin d'eradiquer cet vermine

Utilisateur anonyme · Answer

Salut

Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"

R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) 
O2 - BHO: (no name) - {3E71DC86-4A5C-4C71-A185-EBE9AC2EB607} - C:\WINDOWS\system32\gebywuu.dll 
O2 - BHO: (no name) - {56F1D444-11BF-4879-A12B-79CF0177F038} - (no file) 
O2 - BHO: (no name) - {5CBE2611-C31B-401F-89BC-4CBB25E853D7} - (no file) 
O2 - BHO: (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - C:\WINDOWS\system32\vawhtuhk.dll (file missing) 
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) 
O2 - BHO: (no name) - {C2F8BBC8-EBD1-46FF-AFE6-41B8697F1513} - C:\WINDOWS\system32\vatwjxso.dll 
O2 - BHO: (no name) - {CC7E636D-39AA-49b6-B511-65413DA137A1} - (no file) 
O2 - BHO: (no name) - {D6D28C99-9983-4A76-B611-8C68BF561BEC} - C:\WINDOWS\system32\mlllm.dll (file missing) 
O4 - HKLM\..\Run: [SunJavaUpdateSched] -"C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Clavier+] -C:\DOCUME~1\Ilyes\LOCALS~1\Temp\Rar$EX01.288\Clavier.exe
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} - http://a516.g.akamai.net/ 
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab 
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab 
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O20 - Winlogon Notify: gebywuu - C:\WINDOWS\SYSTEM32\gebywuu.dll


¤ Clic sur démarrer, rechercher, tous les fichiers et dossiers, cherche et supprime :

- gebywuu.dll 
- vatwjxso.dll 


**Si un fichier/dossier persiste lors de la suppression fait ceci:
- Redémarre ton PC. Dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaître choisis "mode sans echec" attends un peu.. 
Puis va supprimer les fichiers/dossiers, vide ta corbeille et redémarre ton PC normalement.



¤ ¤ Fais ce nettoyage:  à faire réguliérement 

*Télécharge et installe CCleaner (n'installe pas la barre d'outil Yahoo)
---> http://www.infos-du-net.com/telecharger/CCleaner,0301-1039.html

- Dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis clic en bas sur "chercher des erreurs" une fois terminé, clic sur "reparer les erreurs" et tu auras un message pour sauvegarder ta base de registre tu clic "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites, tu pourras les supprimer si ton ordinateur n'a plus de problémes.

- Relance Ccleaner, vas dans l'onglet "nettoyeur" présent sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"
 
Si tu as besoin d'aide avec Ccleaner, regarde ce tutoriel :
https://kerio.probb.fr/t242-tuto-ccleaner-v-2



¤ Télécharge et installe AVG anti-spyware : mets le à jour
Tu fais un scan complet de ton système, dès qu'il a fini.
Si il te trouve des espions,supprime les. Enregistre le rapport et colle le ici stp 

AVG anti-spyware : reste gratuit après la période d'essai en français
---->http://www.infos-du-net.com/telecharger/Anti-Spyware-AVG,0301-7063.html

Si tu as besoin d'aide avec Ewido(devenu AVG-antispyware) regarde ce tutoriel:
--> http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html

Erreur fatal · Answer

Voila desolé d'avoir mit le temps a repondre

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

 + Créé à:	22:32:15 21/04/2007

 + Résultat de l'analyse:	



C:\WINDOWS\Downloaded Program Files\ClientAX.dll -> Adware.180Solution : Nettoyé.
HKLM\SOFTWARE\Classes\ClientAX.ClientInstaller -> Adware.180Solutions : Nettoyé.
HKLM\SOFTWARE\Classes\ClientAX.ClientInstaller.1 -> Adware.180Solutions : Nettoyé.
HKLM\SOFTWARE\Classes\ClientAX.ClientInstaller\CLSID -> Adware.180Solutions : Nettoyé.
HKLM\SOFTWARE\Classes\ClientAX.ClientInstaller\CurVer -> Adware.180Solutions : Nettoyé.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{56F1D444-11BF-4879-A12B-79CF0177F038} -> Adware.180Solutions : Nettoyé.
HKU\S-1-5-21-1935655697-764733703-1202660629-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{56F1D444-11BF-4879-A12B-79CF0177F038} -> Adware.180Solutions : Nettoyé.
C:\WINDOWS\SecureWin33.exe -> Adware.Agent : Nettoyé.
HKLM\SOFTWARE\Classes\ClientAX.RequiredComponent -> Adware.Zango : Nettoyé.
HKLM\SOFTWARE\Classes\ClientAX.RequiredComponent.1 -> Adware.Zango : Nettoyé.
HKLM\SOFTWARE\Classes\ClientAX.RequiredComponent\CLSID -> Adware.Zango : Nettoyé.
HKLM\SOFTWARE\Classes\ClientAX.RequiredComponent\CurVer -> Adware.Zango : Nettoyé.
C:\Documents and Settings\Ilyes\Local Settings\Temporary Internet Files\Content.IE5\97260DXF\installdrivecleanerstart_fr[1].cab/UDC6V_0001_D19M0709NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Nettoyé.
C:\lpqjm.exe -> Proxy.Dlena.ce : Nettoyé.
:mozilla.24:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.122:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.123:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.124:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.156:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.157:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.158:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.159:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.241:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Ilyes\Cookies\ilyes@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Ilyes\Cookies\ilyes@atdmt[3].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.160:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Ilyes\Cookies\ilyes@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.283:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.284:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.285:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
C:\Documents and Settings\Ilyes\Cookies\ilyes@casalemedia[1].txt -> TrackingCookie.Casalemedia : Nettoyé.
C:\Documents and Settings\Ilyes\Cookies\ilyes@casalemedia[3].txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.196:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.197:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.198:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.10:C:\Documents and Settings\Laîd\Application Data\Mozilla\Firefox\Profiles\3kbedy74.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.11:C:\Documents and Settings\Laîd\Application Data\Mozilla\Firefox\Profiles\3kbedy74.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.15:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.16:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.17:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.18:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.8:C:\Documents and Settings\Laîd\Application Data\Mozilla\Firefox\Profiles\3kbedy74.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.9:C:\Documents and Settings\Laîd\Application Data\Mozilla\Firefox\Profiles\3kbedy74.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
C:\Documents and Settings\Ilyes\Cookies\ilyes@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.15:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-7.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.16:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-8.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.16:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-9.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.43:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Ilyes\Cookies\ilyes@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Ilyes\Cookies\ilyes@www.epilot[1].txt -> TrackingCookie.Epilot : Nettoyé.
C:\Documents and Settings\Ilyes\Cookies\ilyes@www.epilot[2].txt -> TrackingCookie.Epilot : Nettoyé.
:mozilla.291:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.15:C:\Documents and Settings\Laîd\Application Data\Mozilla\Firefox\Profiles\3kbedy74.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.182:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.183:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.184:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.185:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.186:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.187:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.188:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.352:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Goldenpalace : Nettoyé.
:mozilla.353:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Goldenpalace : Nettoyé.
:mozilla.354:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Goldenpalace : Nettoyé.
:mozilla.11:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-7.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.12:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-8.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.12:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-9.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.247:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.51:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.52:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.53:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.23:C:\Documents and Settings\Laîd\Application Data\Mozilla\Firefox\Profiles\3kbedy74.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.24:C:\Documents and Settings\Laîd\Application Data\Mozilla\Firefox\Profiles\3kbedy74.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.162:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.7:C:\Documents and Settings\Laîd\Application Data\Mozilla\Firefox\Profiles\3kbedy74.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Ilyes\Cookies\ilyes@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.49:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.10:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-16.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.14:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-17.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.14:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-18.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.20:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-19.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.20:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-20.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.20:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-21.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.20:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-22.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.20:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-23.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.20:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-24.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.20:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-25.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.20:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-26.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.23:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-27.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.23:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-28.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.23:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-29.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.23:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-30.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.23:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-31.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.23:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-32.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.23:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-33.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.23:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-34.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.23:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-35.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.23:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-36.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.23:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-37.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.23:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-38.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.23:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-39.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.30:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.31:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.32:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.33:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.34:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.179:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Paypal : Nettoyé.
:mozilla.373:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.374:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.375:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.376:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.377:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
C:\Documents and Settings\Ilyes\Cookies\ilyes@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.371:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Ru4 : Nettoyé.
:mozilla.372:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Ru4 : Nettoyé.
:mozilla.148:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.149:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.150:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.151:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.152:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.153:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.12:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-7.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.13:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-7.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.13:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-8.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.13:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-9.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.14:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-7.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.14:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-8.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.14:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-9.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.15:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-8.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.15:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-9.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.40:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.41:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.42:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.161:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Toplist : Nettoyé.
:mozilla.35:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.36:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Ilyes\Cookies\ilyes@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.37:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.16:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-7.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.17:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-7.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.17:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-8.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.17:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-9.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.18:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-8.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.18:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies-9.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.44:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.45:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.46:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.47:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.336:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.316:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.190:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.191:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.192:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.193:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.349:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.350:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.351:C:\Documents and Settings\Ilyes\Application Data\Mozilla\Firefox\Profiles\sw65c1vs.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.


Fin du rapport

Utilisateur anonyme · Answer

Salut

Pas grave ! Peux tu refaire un nettoyage avec CCleaner et remettre un rapport hijackthis en prècisant les problèmes que tu rencontres encore stp

Utilisateur anonyme · Answer

Fais ceci :

Télécharge ComboScan sur ton Bureau. 
---> http://www.techsupportforum.com/sectools/Deckard/comboscan.exe

Ferme toutes les applications en cours ; antivirus, pare-feu, etc ..
Double-clic sur comboscan.exe  A la fenêtre qui s'affiche, clic sur OK. 
Soit patient ..
Le rapport Comboscan.txt s'affichera, copie et colle le contenu de ce fichier ici.

Erreur fatal · Answer

voila le rapport

ComboScan v20070306.20 run by Ilyes on 2007-04-22 at 16:29:48
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created ComboScan Restore Point.

-- Last 5 Restore Point(s) --
10: 2007-04-22 14:31:08 UTC - RP111 - ComboScan Restore Point
9: 2007-04-22 12:14:02 UTC - RP110 - Supprimé McAfee VirusScan Enterprise
8: 2007-04-22 07:35:49 UTC - RP109 - Software Distribution Service 2.0
7: 2007-04-21 13:03:19 UTC - RP108 - Le Internet Explorer 7 pour Internet Explorer 7 a été installé.
6: 2007-04-21 09:41:22 UTC - RP107 - Software Distribution Service 2.0

-- First Restore Point --
1: 2007-04-18 14:54:54 UTC - RP102 - Verwijderd: Microsoft Office Proof (Dutch) 2007

Performed disk cleanup.

-- HijackThis (run as Ilyes.exe) -----------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 16:31:50, on 22/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\WINDOWS\system32\wuauclt.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\Ilyes\Bureau\comboscan.exe
C:\DOCUME~1\Ilyes\Bureau\NOUVEA~1\Ilyes.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {1557B435-8242-4686-9AA3-9265BF7525A4} - C:\WINDOWS\system32\wlkeuyxu.dll
O2 - BHO: (no name) - {302310EB-78F3-441A-9378-74AD20F74999} - C:\WINDOWS\system32\ssqon.dll
O2 - BHO: (no name) - {3E71DC86-4A5C-4C71-A185-EBE9AC2EB607} - C:\WINDOWS\system32\gebywuu.dll
O2 - BHO: (no name) - {5CBE2611-C31B-401F-89BC-4CBB25E853D7} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {C2F8BBC8-EBD1-46FF-AFE6-41B8697F1513} - C:\WINDOWS\system32\mdclatsx.dll
O2 - BHO: (no name) - {CC7E636D-39AA-49b6-B511-65413DA137A1} - (no file)
O2 - BHO: (no name) - {D6D28C99-9983-4A76-B611-8C68BF561BEC} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] -rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [zzz_ImInstaller_] -C:\Program Files\IncrediMail\bin\IncrediMail_Install.exe -startup -product
O4 - HKLM\..\Run: [LClock] -C:\Program Files\LClock\LClock.exe
O4 - HKLM\..\Run: [VisualTooltip] -
O4 - HKLM\..\Run: [VIPv3_Auto_Update] -
O4 - HKLM\..\Run: [Vistadrv] -
O4 - HKLM\..\Run: [PrintDrive] rundll32.exe "C:\WINDOWS\system32\jgwemqys.dll",setvm
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "D:\PROGRA~1\Stardock\WINCUS~1\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] -"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [RocketDock] "D:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - Startup: Y'z Toolbar.lnk = ?
O4 - Startup: Windows Live Messenger.lnk = C:\Program Files\MSN Messenger\msnmsgr.exe
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [INTERNATIONAL] International*
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: gebywuu - C:\WINDOWS\SYSTEM32\gebywuu.dll
O20 - Winlogon Notify: ssqon - C:\WINDOWS\system32\ssqon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Unknown owner - -"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (file missing)
O23 - Service: Network Associates McShield (McShield) - Unknown owner - C:\Program Files\Network Associates\VirusScan\Mcshield.exe (file missing)
O23 - Service: Network Associates Task Manager (McTaskManager) - Unknown owner - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe (file missing)
O23 - Service: Microsoft Office Diagnostics Service (odserv) - Unknown owner - -"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE (file missing)
O23 - Service: Office Source Engine (ose) - Unknown owner - -"C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE (file missing)
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Service Messenger Sharing Folders USN Journal Reader (usnjsvc) - Unknown owner - -"C:\Program Files\MSN Messenger\usnsvc.exe (file missing)
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - -"C:\Program Files\Windows Media Player\WMPNetwk.exe (file missing)

-- File Associations -----------------------------------------------------------

.bat - batfile - "%1" %*
.chm - chm.file - "C:\WINDOWS\hh.exe" %1
.cmd - cmdfile - "%1" %*
.com - comfile - "%1" %*
.exe - exefile - "%1" %*
.hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - {00021401-0000-0000-C000-000000000046}
.pif - piffile - "%1" %*
.reg - regfile - regedit.exe "%1"
.scr - scrfile - "%1" /S
.txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %*

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

1R Aavmker4 (avast! Asynchronous Virus Monitor) - C:\WINDOWS\system32\drivers\aavmker4.sys
2R aswMon2 (avast! Standard Shield Support) - C:\WINDOWS\system32\drivers\aswmon2.sys
3R aswRdr - C:\WINDOWS\system32\drivers\aswRdr.sys
1R aswTdi (avast! Network Shield Support) - C:\WINDOWS\system32\drivers\aswTdi.sys
0S BootScreen - C:\WINDOWS\\SystemRoot\System32\drivers\vidstub.sys (not found)
3S BthEnum (Pilote de bloc de demande Bluetooth) - C:\WINDOWS\system32\drivers\BthEnum.sys
3S BthPan (Périphérique Bluetooth (réseau personnel)) - C:\WINDOWS\system32\drivers\bthpan.sys
3S BTHPORT (Pilote de port Bluetooth) - C:\WINDOWS\system32\drivers\bthport.sys
3S BTHUSB (Pilote USB radio Bluetooth) - C:\WINDOWS\system32\drivers\BTHUSB.SYS
1R core - C:\WINDOWS\system32\drivers\core.sys
3R ctlsb16 (Pilote Creative SB16/AWE32/AWE64 (WDM)) - C:\WINDOWS\system32\drivers\ctlsb16.sys
3R HidUsb (Pilote de classe HID Microsoft) - C:\WINDOWS\system32\drivers\hidusb.sys
1S kbdhid (Pilote HID de clavier) - C:\WINDOWS\system32\drivers\kbdhid.sys
3R mouhid (Pilote HID de souris) - C:\WINDOWS\system32\drivers\mouhid.sys
3R NaiAvFilter1 - C:\WINDOWS\system32\drivers\naiavf5x.sys (not found)
1R NaiAvTdi1 - C:\WINDOWS\system32\drivers\mvstdi5x.sys (not found)
3R nv - C:\WINDOWS\system32\drivers\nv4_mini.sys
3S RFCOMM (Périphérique Bluetooth (TDI protocole RFCOMM)) - C:\WINDOWS\system32\drivers\rfcomm.sys
3R rtl8139 (Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C)) - C:\WINDOWS\system32\drivers\RTL8139.sys
0R sptd - C:\WINDOWS\system32\drivers\sptd.sys
3S USBSTOR (Pilote de stockage de masse USB) - C:\WINDOWS\system32\drivers\USBSTOR.SYS
0R viaagp (Filtre de bus AGP VIA) - C:\WINDOWS\system32\drivers\VIAAGP.SYS
3R EntDrv51 - C:\WINDOWS\system32\drivers\EntDrv51.sys (not found)

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

3S aspnet_state (ASP.NET State Service) - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
2R aswUpdSv (avast! iAVS4 Control Service) - "D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"
2R avast! Antivirus - "D:\Program Files\Alwil Software\Avast4\ashServ.exe"
3R avast! Mail Scanner - "D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service
3R avast! Web Scanner - "D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service
2R BthServ (Bluetooth Support Service) - C:\WINDOWS\system32\svchost.exe -k bthsvcs
2R clr_optimization_v2.0.50727_32 (.NET Runtime Optimization Service v2.0.50727_X86) - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
3S FontCache3.0.0.0 (Windows Presentation Foundation Font Cache 3.0.0.0) - C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
3S gusvc (Google Updater Service) - -"C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
3S idsvc (Windows CardSpace) - "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
2S McShield (Network Associates McShield) - "C:\Program Files\Network Associates\VirusScan\Mcshield.exe"
2S McTaskManager (Network Associates Task Manager) - "C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe"
4S NetTcpPortSharing (Net.Tcp Port Sharing Service) - "C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"
3S odserv (Microsoft Office Diagnostics Service) - -"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE12\ODSERV.EXE"
3S ose (Office Source Engine) - -"C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE"
2R StarWindService (StarWind iSCSI Service) - D:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
3S usnjsvc (Service Messenger Sharing Folders USN Journal Reader) - -"C:\Program Files\MSN Messenger\usnsvc.exe"

-- Files created between 2007-03-22 and 2007-04-22 -----------------------------

2007-04-22 13:07:45 76412 --a------ C:\WINDOWS\system32\vbhsicqv.dll
2007-04-22 12:56:06 0 d--hs---- C:\FOUND.003
2007-04-22 11:31:13 23416 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-04-22 11:31:12 43176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-04-22 11:31:10 26888 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-04-22 11:30:37 94552 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-04-22 11:30:37 85952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-04-22 11:30:08 90112 --a------ C:\WINDOWS\system32\AVASTSS.scr
2007-04-22 11:30:08 733824 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-04-22 10:30:40 0 d--hs---- C:\FOUND.002
2007-04-22 09:46:06 0 d-------- C:\Documents and Settings\Ilyes\Application Data\MailFrontier<MAILFR~1>
2007-04-22 09:38:15 0 d-------- C:\quarantine<QUARAN~1>
2007-04-21 22:26:21 6432 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2007-04-21 22:26:21 270336 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-04-21 21:52:34 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-04-21 21:51:12 11264 --a------ C:\WINDOWS\system32\SpOrder.dll
2007-04-21 21:46:59 0 d-------- C:\WINDOWS\Internet Logs<INTERN~1>
2007-04-20 12:44:29 125460 --a------ C:\WINDOWS\system32\mdclatsx.dll
2007-04-20 12:16:45 125460 --a------ C:\WINDOWS\system32\itolhtjm.dll
2007-04-20 11:56:34 0 d--hs---- C:\FOUND.001
2007-04-20 11:36:45 125460 --a------ C:\WINDOWS\system32\fdsmjwew.dll
2007-04-20 11:36:39 525596 ---hs---- C:\WINDOWS\system32\noqss.bak2<NOQSS~3.BAK>
2007-04-20 11:23:40 0 d--hs---- C:\FOUND.000
2007-04-19 17:23:56 348160 --a------ C:\WINDOWS\system32\MSVCR71.dll
2007-04-19 17:23:56 499712 --a------ C:\WINDOWS\system32\MSVCP71.dll
2007-04-19 17:23:56 1060864 --a------ C:\WINDOWS\system32\MFC71.dll
2007-04-19 16:59:09 598032 ---hs---- C:\WINDOWS\system32\noqss.ini2<NOQSS~1.INI>
2007-04-19 11:41:37 0 d-------- C:\WINDOWS\Packs
2007-04-19 11:16:47 123972 --a------ C:\WINDOWS\system32\jgwemqys.dll
2007-04-19 11:16:31 49204 --a------ C:\WINDOWS\system32\wlkeuyxu.dll
2007-04-19 11:16:28 524848 ---hs---- C:\WINDOWS\system32\noqss.bak1<NOQSS~2.BAK>
2007-04-19 11:16:12 281172 ---hs---- C:\WINDOWS\system32\ssqon.dll
2007-04-19 10:47:33 0 d-------- C:\VundoFix Backups<VUNDOF~1>
2007-04-18 22:53:14 187392 --a------ C:\WINDOWS\system32\JPGUtils.dll
2007-04-18 22:53:07 0 d-------- C:\Program Files\WinCustomize<WINCUS~1>
2007-04-18 17:08:42 0 d-------- C:\Documents and Settings\Administrateur\Contacts
2007-04-18 17:03:10 0 d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau<VOISIN~2>
2007-04-18 17:03:10 0 d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression<VOISIN~1>
2007-04-18 17:03:10 0 d-------- C:\Documents and Settings\Administrateur\Mes documents<MESDOC~1>
2007-04-18 17:03:10 0 d-------- C:\Documents and Settings\Administrateur\Favoris
2007-04-18 17:03:10 0 d-------- C:\Documents and Settings\Administrateur\Bureau
2007-04-18 17:03:09 0 d--h----- C:\Documents and Settings\Administrateur\Modèles
2007-04-18 17:03:09 0 dr------- C:\Documents and Settings\Administrateur\Menu Démarrer<MENUDÉ~1>
2007-04-18 17:03:07 524288 --ah----- C:\Documents and Settings\Administrateur\NTUSER.DAT
2007-04-18 17:02:24 0 d-------- C:\WINDOWS\CSC
2007-04-18 16:23:31 0 d-------- C:\WINDOWS\system32\XPSViewer<XPSVIE~1>
2007-04-18 16:22:58 0 d-------- C:\WINDOWS\system32\en-us
2007-04-18 16:16:47 0 d-------- C:\Program Files\Yahoo!
2007-04-18 16:11:21 0 d-------- C:\Program Files\Reference Assemblies<REFERE~1>
2007-04-18 16:07:19 14048 -----n--- C:\WINDOWS\system32\spmsg2.dll
2007-04-18 13:37:32 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy<SPYBOT~1>
2007-04-18 10:50:56 26714 -----n--- C:\WINDOWS\system32\gebywuu.dll
2007-04-18 10:45:44 72320 --a------ C:\WINDOWS\system32\drivers\core.sys
2007-04-18 10:45:02 0 d-------- C:\WINDOWS\Web Download<WEBDOW~1>
2007-04-17 21:56:13 0 d-------- C:\Documents and Settings\Ilyes\Application Data\WinRAR
2007-04-17 21:00:04 0 d-------- C:\Program Files\Alcohol Toolbar<ALCOHO~1>
2007-04-17 18:21:11 344064 --a------ C:\WINDOWS\system32\msvcr70.dll
2007-04-17 18:21:11 487424 --a------ C:\WINDOWS\system32\msvcp70.dll
2007-04-14 19:44:39 0 d-------- C:\Program Files\Fichiers communs\InstallShield<INSTAL~1>
2007-04-14 19:41:07 0 d-------- C:\programme<PROGRA~2>
2007-04-14 18:57:20 0 d-------- C:\Documents and Settings\Ilyes\Application Data\Nvu
2007-04-14 14:43:27 0 d--hs---- C:\WINDOWS\ftpcache
2007-04-14 14:42:59 0 d-------- C:\Documents and Settings\Ilyes\Application Data\Blumentals<BLUMEN~1>
2007-04-14 14:15:09 0 d-------- C:\Program Files\FileZilla<FILEZI~1>
2007-04-14 13:56:30 302592 --a------ C:\WINDOWS\unin040c.exe
2007-04-14 13:56:20 0 d-------- C:\Documents and Settings\Ilyes\WINDOWS
2007-04-14 09:48:17 0 d-------- C:\Documents and Settings\All Users\Application Data\Azureus
2007-04-14 09:47:22 0 d-------- C:\Program Files\Azureus
2007-04-12 20:05:38 0 d-------- C:\Program Files\MSN Messenger<MSNMES~1>
2007-04-12 17:57:43 0 d-------- C:\Program Files\WLMServers<WLMSER~1>
2007-04-12 17:55:43 0 d-------- C:\Program Files\MSNServersX<MSNSER~1>
2007-04-12 12:14:45 0 d-------- C:\Program Files\Microsoft Works<MICROS~4>
2007-04-12 12:13:13 0 d-------- C:\Program Files\Fichiers communs\DESIGNER
2007-04-12 12:10:11 0 d-------- C:\Program Files\Microsoft.NET<MICROS~1.NET>
2007-04-12 12:02:30 0 d-------- C:\WINDOWS\SHELLNEW
2007-04-10 19:36:22 0 d-------- C:\Program Files\Windows Vista 5270<WINDOW~4>
2007-04-10 18:28:05 0 d-------- C:\Documents and Settings\Laîd\Application Data\Azureus
2007-04-10 09:59:48 4718592 --a------ C:\Documents and Settings\Ilyes\ntuser.dat
2007-04-09 12:07:01 0 d-------- C:\Program Files\Fichiers communs\Stardock
2007-04-09 12:06:55 163712 --a------ C:\WINDOWS\system32\drivers\vidstub.sys
2007-04-09 11:36:03 193090 --a------ C:\WINDOWS\system32\uninstall_Vista ScreenSaver.exe<UNINST~1.EXE>
2007-04-09 11:35:56 0 d-------- C:\WINDOWS\system32\data
2007-04-09 11:26:40 9216 --a------ C:\MsnHandWriting.dll<MSNHAN~1.DLL>
2007-04-08 16:20:45 0 d-------- C:\Program Files\Microsoft Games<MICROS~2>
2007-04-03 15:59:03 2560 --a------ C:\WINDOWS\_MSRSTRT.EXE
2007-04-03 14:45:51 0 d-------- C:\Program Files\Stardock
2007-04-02 12:10:18 0 d--h----- C:\WINDOWS\system32\GroupPolicy<GROUPP~1>
2007-04-01 09:46:32 262144 --a------ C:\Documents and Settings\All Users\ntuser.dat
2007-03-31 13:16:57 0 d-------- C:\Documents and Settings\Ilyes\Application Data\Azureus
2007-03-23 18:30:39 0 d-------- C:\Documents and Settings\Ilyes\Application Data\Help

-- Find3M Report ---------------------------------------------------------------

2007-04-22 12:03:04 12 --a------ C:\WINDOWS\bthservsdp.dat<BTHSER~1.DAT>
2007-04-18 16:18:56 582994 --a------ C:\WINDOWS\system32\perfh00C.dat
2007-04-18 16:18:56 98018 --a------ C:\WINDOWS\system32\perfc00C.dat
2007-04-14 19:46:16 0 d-------- C:\Program Files\Macromedia<MACROM~1>
2007-04-14 19:46:16 0 d-------- C:\Program Files\Fichiers communs\Macromedia<MACROM~1>
2007-04-08 15:56:04 34 --a------ C:\Documents and Settings\Ilyes\Application Data\avetoasts.ini<AVETOA~1.INI>
2007-04-02 12:33:30 5664 --a------ C:\WINDOWS\mozver.dat
2007-03-20 08:57:10 0 d-------- C:\Program Files\SLD Codec Pack<SLDCOD~1>
2007-03-18 17:41:50 0 d-------- C:\Program Files\Styler
2007-03-18 16:40:02 0 d-------- C:\Program Files\UxTheme Multipatcher Fr<UXTHEM~1>
2007-03-17 15:44:48 431616 --a------ C:\WINDOWS\system32\winsrv.dll
2007-03-17 14:12:24 0 d-------- C:\Documents and Settings\Ilyes\Application Data\Talkback
2007-03-17 09:32:26 0 d-------- C:\Documents and Settings\Ilyes\Application Data\Styler
2007-03-17 09:21:34 0 d-------- C:\Program Files\VisualTooltip<VISUAL~1>
2007-03-17 09:21:34 0 d-------- C:\Documents and Settings\Ilyes\Application Data\Stardock
2007-03-16 22:06:22 0 d-------- C:\Documents and Settings\Ilyes\Application Data\ICAClient<ICACLI~1>
2007-03-08 17:37:50 578560 --a------ C:\WINDOWS\system32\user32.dll
2007-03-08 17:37:50 40960 --a------ C:\WINDOWS\system32\mf3216.dll
2007-03-08 17:37:50 281600 --a------ C:\WINDOWS\system32\gdi32.dll
2007-03-08 17:33:58 1843712 --a------ C:\WINDOWS\system32\win32k.sys
2007-03-05 13:46:16 0 d-------- C:\Program Files\PhotoFiltre<PHOTOF~2>
2007-03-05 13:29:54 884 --a------ C:\WINDOWS\shlfolder.sys<SHLFOL~1.SYS>
2007-03-04 18:09:14 0 d-------- C:\Documents and Settings\Ilyes\Application Data\Sun
2007-03-04 16:45:42 0 d-------- C:\Documents and Settings\Ilyes\Application Data\Leadertech<LEADER~1>
2007-03-04 16:27:54 0 d-------- C:\Documents and Settings\Ilyes\Application Data\AdobeUM
2007-03-04 16:25:22 0 d-------- C:\Documents and Settings\Ilyes\Application Data\Adobe
2007-03-03 12:36:32 0 d-------- C:\Program Files\Java
2007-03-03 12:36:08 0 d-------- C:\Program Files\Fichiers communs\Java
2007-03-03 11:57:06 0 --a------ C:\WINDOWS\nsreg.dat
2007-03-03 11:50:20 0 d-------- C:\Documents and Settings\Ilyes\Application Data\Mozilla
2007-03-03 11:49:46 0 d-------- C:\Program Files\Mozilla Firefox<MOZILL~1>
2007-03-02 22:08:08 41 ---h----- C:\WINDOWS\dsez2752.dat
2007-03-01 17:35:06 0 d-------- C:\Program Files\Logon Loader<LOGONL~1>
2007-03-01 13:30:44 0 d-------- C:\Documents and Settings\Ilyes\Application Data\Screenshot Sender<SCREEN~1>
2007-02-26 19:52:04 0 d-------- C:\Documents and Settings\Ilyes\Application Data\Google
2007-02-25 21:19:46 0 d-------- C:\Documents and Settings\Ilyes\Application Data\fltk.org
2007-02-25 18:29:04 0 d-------- C:\Program Files\Fichiers communs\Cisco Systems<CISCOS~1>
2007-02-25 17:54:44 0 d-------- C:\Documents and Settings\Ilyes\Application Data\Macromedia<MACROM~1>
2007-02-25 17:51:50 0 d-------- C:\Program Files\Google
2007-02-25 17:42:16 20480 --a------ C:\WINDOWS\system32\normaliz.dll
2007-02-25 16:55:52 0 d-------- C:\Documents and Settings\Ilyes\Application Data\Identities<IDENTI~1>
2007-02-25 16:40:04 0 d-------- C:\Program Files\microsoft frontpage<MICROS~1>
2007-02-25 16:38:52 0 -rahs---- C:\MSDOS.SYS
2007-02-25 16:38:52 0 -rahs---- C:\IO.SYS
2007-02-25 16:38:52 0 --a------ C:\CONFIG.SYS
2007-02-25 16:38:52 0 --a------ C:\AUTOEXEC.BAT
2007-02-25 16:35:38 0 d--h----- C:\Program Files\WindowsUpdate<WINDOW~3>
2007-02-25 16:35:30 0 d-------- C:\Program Files\Services en ligne<SERVIC~1>
2007-02-25 16:34:12 0 d-------- C:\Program Files\Fichiers communs\Services
2007-02-25 16:34:08 0 d-------- C:\Program Files\Fichiers communs\MSSoap
2007-02-25 16:33:50 0 d-------- C:\Program Files\Movie Maker<MOVIEM~1>
2007-02-25 16:33:06 0 d-------- C:\Program Files\Fichiers communs\System
2007-02-25 16:31:44 21892 --a------ C:\WINDOWS\system32\emptyregdb.dat<EMPTYR~1.DAT>
2007-02-25 16:30:32 0 d-------- C:\Program Files\MSN Gaming Zone<MSNGAM~1>
2007-02-25 16:29:42 0 d-------- C:\Program Files\Windows NT<WINDOW~1>
2007-02-25 16:19:30 0 d-------- C:\Program Files\Fichiers communs\ODBC
2007-02-25 16:19:24 0 d-------- C:\Program Files\Fichiers communs\SpeechEngines<SPEECH~1>
2007-02-25 16:19:24 0 d-------- C:\Program Files\Fichiers communs\Microsoft Shared<MICROS~1>
2007-02-25 16:19:22 0 d-------- C:\Program Files\Fichiers communs<FICHIE~1>
2007-02-25 16:18:42 62 --ahs---- C:\Documents and Settings\Ilyes\Application Data\desktop.ini
2007-02-25 16:18:08 0 d---s---- C:\Documents and Settings\Ilyes\Application Data\Microsoft<MICROS~1>
2007-02-25 14:02:16 1647616 --a------ C:\WINDOWS\system32\shellstyle.dll<SHELLS~1.DLL>
2007-02-05 22:19:06 185344 --a------ C:\WINDOWS\system32\upnphost.dll
2007-01-29 09:58:06 60416 -----n--- C:\WINDOWS\system32\tzchange.exe

-- Registry Dump ---------------------------------------------------------------

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"MsnMsgr"="-\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"RocketDock"="\"D:\\Program Files\\RocketDock\\RocketDock.exe\""
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"BluetoothAuthenticationAgent"="-rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent"
"zzz_ImInstaller_"="-C:\\Program Files\\IncrediMail\\bin\\IncrediMail_Install.exe -startup -product "
"LClock"="-C:\\Program Files\\LClock\\LClock.exe"
"VisualTooltip"="-"
"VIPv3_Auto_Update"="-"
"Vistadrv"="-"
"PrintDrive"="rundll32.exe \"C:\\WINDOWS\\system32\\jgwemqys.dll\",setvm"
"BootSkin Startup Jobs"="\"D:\\PROGRA~1\\Stardock\\WINCUS~1\\BootSkin\\BootSkin.exe\" /StartupJobs"
"avast!"="D:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{3E71DC86-4A5C-4C71-A185-EBE9AC2EB607}"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRun"=dword:00000000

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\gebywuu
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqon

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0
bthsvcs REG_MULTI_SZ BthServ\0\0

-- End of ComboScan: finished at 2007-04-22 at 16:34:10 ------------------------

Utilisateur anonyme · Answer

Salut

¤ Clic sur démarrer, rechercher, cherche et supprime :

- vbhsicqv.dll 
- itolhtjm.dll 
- fdsmjwew.dll 
- jgwemqys.dll 
- wlkeuyxu.dll 
- ssqon.dll
- noqss.bak1
- noqss.bak2
- noqss.ini2


¤ Clic sur démarrer, poste de travail, C:, et supprime ces dossiers :

- C:\VundoFix Backup
- C:\FOUND.000
- C:\FOUND.001
- C:\FOUND.003
- C:\FOUND.002

**Si un fichier/dossier persiste lors de la suppression fait ceci:
- Redémarre ton PC. Dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaître choisis "mode sans echec" attends un peu.. 
Puis va supprimer les fichiers/dossiers, vide ta corbeille et redémarre ton PC normalement.



¤ Rends toi sur se site 
http://www.virustotal.com/en/virustotalx.html 


En haut à droite clic sur "choisir" 
Tu vas dans C:, windows, system32, drivers  tu cherches le processus ci-dessous et tu clic sur "ouvrir" 

C:\WINDOWS\system32\drivers\fidbox2.dat 

dès que c'est fait, clic sur "send" 
Tu attends un peu qu'il analyse ton fichier ça peut duré plusieurs minutes et colle le rapport ici une fois qu'il a terminé stp

Fais la même chose avec ceux là :

C:\WINDOWS\system32\drivers\fidbox2.dat C:\WINDOWS\system32\drivers\fidbox.dat
C:\WINDOWS\dsez2752.dat

Popups incessant apres infection de virus

14 réponses

Votre réponse

Discussions similaires

Newsletters