Se connecter avec
S'enregistrer | Connectez-vous

malware: errorsafe... (résolu)

Dernière réponse : dans Sécurité

Bonjour à tous,

Mon PC est complètement vérollé par errorsafe, doctor, porndialer .... :fou: 
Pouvez-vous m'aider à supprimer ces malwares.

Merci d'avance pour votre aide. :jap: 
Vous troouverez les rapports hijackthis, blacklight, panda et clean!



rapport blacklight:

01/07/07 15:25:28 [Info]: BlackLight Engine 1.0.55 initialized
01/07/07 15:25:28 [Info]: OS: 5.1 build 2600 (Service Pack 2)
01/07/07 15:25:29 [Note]: 7019 4
01/07/07 15:25:29 [Note]: 7005 0
01/07/07 15:25:32 [Note]: 7006 0
01/07/07 15:25:32 [Note]: 7011 4072
01/07/07 15:25:32 [Note]: 7026 0
01/07/07 15:25:32 [Note]: 7026 0
01/07/07 15:25:37 [Note]: FSRAW library version 1.7.1021

rapport hijackthis

Logfile of HijackThis v1.99.1
Scan saved at 17:41:18, on 07/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
C:\WINDOWS\system32\ACEngSvr.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis Version Française\scanner.exe.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3FD6B99C-A275-46ea-8FD1-3D63986E51E4} - C:\WINDOWS\system32\gbeagqcg.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {7DA39570-5FD2-4f18-94B4-20730CB3F727} - C:\WINDOWS\system32\gdxgcnpa.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {BA027013-F318-4351-AE62-361976D5A3E3} - C:\WINDOWS\system32\vturr.dll
O2 - BHO: (no name) - {DCCD2E47-707A-485E-9BC7-762AE60048F7} - C:\WINDOWS\system32\khfcaya.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\system32\wvuirebv.dll",setvm
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Net4Switch] C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.6962\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [HitwarePKLite] C:\PROGRA~1\HITWAR~1\HITWAR~1.EXE
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O18 - Protocol: bw+0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: offline-8876480 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: khfcaya - C:\WINDOWS\SYSTEM32\khfcaya.dll
O20 - Winlogon Notify: vturr - C:\WINDOWS\system32\vturr.dll
O20 - Winlogon Notify: wincqt32 - C:\WINDOWS\SYSTEM32\wincqt32.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe


rapport blacklight:

01/07/07 15:25:28 [Info]: BlackLight Engine 1.0.55 initialized
01/07/07 15:25:28 [Info]: OS: 5.1 build 2600 (Service Pack 2)
01/07/07 15:25:29 [Note]: 7019 4
01/07/07 15:25:29 [Note]: 7005 0
01/07/07 15:25:32 [Note]: 7006 0
01/07/07 15:25:32 [Note]: 7011 4072
01/07/07 15:25:32 [Note]: 7026 0
01/07/07 15:25:32 [Note]: 7026 0
01/07/07 15:25:37 [Note]: FSRAW library version 1.7.1021



rapport panda:


Incident Status Location

Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\sjjwlghr.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\ipmsuseh.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\leauoetr.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\atcjljhh.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\pbrbgujo.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\gdemwtbl.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\ndidfqlr.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\devvghus.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\qbewfmnp.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\yidejlrm.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\ebcmqcin.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\aknmfmkf.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\ekojlorq.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\uvtgqlau.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\sloxbwcv.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\flbanvtd.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\nhqfmwfm.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\mkuchpgq.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\fhgibojn.exe
Adware:Adware/Maxifiles Not disinfected C:\WINDOWS\system32\unsvchosts.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\WINDOWS\system32\xykwkrlp.exe
Adware:Adware/Alexa-Toolbar Not disinfected C:\WINDOWS\system32\wnekardj.dll
Adware:Adware/Mytoolbar Not disinfected C:\WINDOWS\Temp\win8E.tmp.exe
Adware:Adware/Yazzle Not disinfected C:\WINDOWS\Temp\win96.tmp.exe
Adware:Adware/Mytoolbar Not disinfected C:\WINDOWS\Temp\win13B.tmp.exe
Adware:Adware/Yazzle Not disinfected C:\WINDOWS\Temp\win150.tmp.exe
Dialer:D ialer.IBW Not disinfected C:\WINDOWS\Temp\win1ED.tmp
Dialer:D ialer.IBW Not disinfected C:\WINDOWS\Temp\win1B2.tmp.exe
Adware:Adware/888Bar Not disinfected C:\WINDOWS\Temp\win700.tmp.exe
Adware:Adware/Yazzle Not disinfected C:\WINDOWS\Temp\win705.tmp.exe
Dialer:D ialer.IBW Not disinfected C:\WINDOWS\Temp\win72E.tmp.exe
Dialer:D ialer.IBW Not disinfected C:\WINDOWS\Temp\win752.tmp.exe
Dialer:D ialer.IBW Not disinfected C:\WINDOWS\Temp\win772.tmp.exe
Dialer:D ialer.IBW Not disinfected C:\WINDOWS\Temp\win792.tmp.exe
Dialer:D ialer.ISL Not disinfected C:\WINDOWS\Temp\winA91.tmp.exe
Dialer:D ialer.ISM Not disinfected C:\WINDOWS\Temp\iddA92.tmp.exe
Dialer:D ialer.ISM Not disinfected C:\WINDOWS\Temp\iddAA1.tmp.exe
Dialer:D ialer.ISM Not disinfected C:\WINDOWS\Temp\iddACB.tmp.exe
Dialer:D ialer.ISM Not disinfected C:\WINDOWS\Temp\iddAD4.tmp.exe
Dialer:D ialer.ISM Not disinfected C:\WINDOWS\Temp\iddB00.tmp.exe
Dialer:D ialer.ISM Not disinfected C:\WINDOWS\Temp\iddAEA.tmp.exe
Dialer:D ialer.ISM Not disinfected C:\WINDOWS\Temp\iddB7E.tmp.exe
Dialer:D ialer.ISM Not disinfected C:\WINDOWS\Temp\iddB74.tmp.exe
Dialer:D ialer.ISM Not disinfected C:\WINDOWS\Temp\iddBA3.tmp.exe
Dialer:D ialer.ISM Not disinfected C:\WINDOWS\Temp\iddB99.tmp.exe
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\LocalService\Cookies\system@2o7[1].txt
Adware:Adware/Alexa-Toolbar Not disinfected C:\Documents and Settings\Dam\Local Settings\Temp\temp.fr0A42
Adware:Adware/Mytoolbar Not disinfected C:\Documents and Settings\Dam\Local Settings\Temp\win88.tmp.exe
Adware:Adware/Maxifiles Not disinfected C:\Documents and Settings\Dam\Local Settings\Temp\b122.exe
Adware:Adware/PurityScan Not disinfected C:\Documents and Settings\Dam\Local Settings\Temp\b130.exe
Dialer:D ialer.ISL Not disinfected C:\Documents and Settings\Dam\Local Settings\Temporary Internet Files\Content.IE5\SD23GHO1\srvoow[1].exe
Potentially unwanted tool:Application/DriveCleaner Not disinfected C:\Documents and Settings\Dam\Local Settings\Temporary Internet Files\Content.IE5\E1ETWPQY\installdrivecleanerstart_fr[1].exe
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Dam\Cookies\dam@stats.drivecleaner[2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Dam\Cookies\dam@mediaplex[1].txt
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Dam\Cookies\dam@tradedoubler[2].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Dam\Cookies\dam@overture[2].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Dam\Cookies\dam@xiti[1].txt
Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Dam\Cookies\dam@fe.lea.lycos[1].txt
Spyware:Cookie/Searchportal Not disinfected C:\Documents and Settings\Dam\Cookies\dam@searchportal.information[1].txt
Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\Dam\Cookies\dam@weborama[2].txt
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Dam\Cookies\dam@adtech[2].txt
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Dam\Cookies\dam@bluestreak[2].txt
Spyware:Cookie/Tucows Not disinfected C:\Documents and Settings\Dam\Cookies\dam@tucows[1].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Dam\Cookies\dam@advertising[2].txt
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Dam\Cookies\dam@drivecleaner[2].txt
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Dam\Cookies\dam@stats1.reliablestats[1].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Dam\Cookies\dam@hitbox[2].txt
Spyware:Cookie/Reliablestats Not disinfected C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[stats1.reliablestats.com/]
Spyware:Cookie/Hbmediapro Not disinfected C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.adopt.hbmediapro.com/]
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.adtech.de/]
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.com.com/]
Spyware:Cookie/cs.sexcounter Not disinfected C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.cs.sexcounter.com/]
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.drivecleaner.com/]
Spyware:Cookie/fe.lea.lycos Not disinfected C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.fe.lea.lycos.fr/]
Spyware:Cookie/Findwhat Not disinfected C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.findwhat.com/]
Spyware:Cookie/Go Not disinfected C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.go.com/]
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.overture.com/]
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.questionmarket.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.realmedia.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.serving-sys.com/]
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.stats.drivecleaner.com/]
Spyware:Cookie/Weborama Not disinfected C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.weborama.fr/]
Spyware:Cookie/DriveCleaner Not disinfected C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.www.drivecleaner.com/]
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.xiti.com/]
Adware:Adware/Yazzle Not disinfected C:\Program Files\Fichiers communs\Yazzle1162OinUninstaller.exe
Potentially unwanted tool:Application/VSToolbar Not disinfected C:\Program Files\VSAdd-in\VSAdd-in.dll


rapport clean :

Rapport clean par Malekal_morte - http://www.malekal.com
Option 1, executee le 07/01/2007 a 18:09:29,23

*** Recherche de fichiers sur C:

*** Recherche des fichiers dans C:\WINDOWS\

*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\wincqt32.dll FOUND
C:\WINDOWS\Temp\win????.tmp.exe FOUND
C:\WINDOWS\Temp\idd*.tmp.exe FOUND

"C:\Program Files\DivX\Google\Firefox\ffinstaller.exe" FOUND
"C:\Program Files\PeDevice\" FOUND
"C:\Program Files\VSAdd-in\" FOUND
*** Fin du rapport !


Dois-je poster d'autres rapport.
Encore une fois, merci pour votre support.

Autres pages sur : malware errorsafe resolu

Lassé par la pub ? Créez un compte

Re,

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
  • Double-clique VundoFix.exe afin de le lancer
  • Clique sur le bouton Scan for Vundo
  • Lorsque le scan est complété, clique sur le bouton Remove Vundo
  • Une invite te demandera si tu veux supprimer les fichiers, clique YES
  • Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
  • Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK
  • Copie/colle le contenu du rapport situé dans C:\vundofix.txt.

    Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".
    ----------
    Télécharge KillBox d'Option^Explicit.
    Dézippe le dans un dossier ou sur ton bureau (Clique droit puis Extraire Tout).

    Selectionne le texte dans le cadre :

    Citation :
    C:\WINDOWS\system32\sjjwlghr.exe
    C:\WINDOWS\system32\ipmsuseh.exe
    C:\WINDOWS\system32\leauoetr.exe
    C:\WINDOWS\system32\atcjljhh.exe
    C:\WINDOWS\system32\pbrbgujo.exe
    C:\WINDOWS\system32\gdemwtbl.exe
    C:\WINDOWS\system32\ndidfqlr.exe
    C:\WINDOWS\system32\devvghus.exe
    C:\WINDOWS\system32\qbewfmnp.exe
    C:\WINDOWS\system32\yidejlrm.exe
    C:\WINDOWS\system32\ebcmqcin.exe
    C:\WINDOWS\system32\aknmfmkf.exe
    C:\WINDOWS\system32\ekojlorq.exe
    C:\WINDOWS\system32\uvtgqlau.exe
    C:\WINDOWS\system32\sloxbwcv.exe
    C:\WINDOWS\system32\flbanvtd.exe
    C:\WINDOWS\system32\nhqfmwfm.exe
    C:\WINDOWS\system32\mkuchpgq.exe
    C:\WINDOWS\system32\fhgibojn.exe
    C:\WINDOWS\system32\unsvchosts.exe
    C:\WINDOWS\system32\xykwkrlp.exe
    C:\WINDOWS\system32\wnekardj.dll
    C:\Program Files\Fichiers communs\Yazzle1162OinUninstaller.exe
    C:\Program Files\VSAdd-in\VSAdd-in.dll


    ---> Clique Droit puis Copier.
    ----------

    -- Ouvre Killbox.exe
    -- Choisis "Delete on reboot"
    -- Clique sur :
    - " File " -> " Paste from Clipboard "
    - " All Files "

    Pour terminer clique sur [:angeldark:3]

    Une question te sera alors posée :
    " File will be Removed on Reboot, Do you want to reboot now ? "

    -- Répond par OUI, un compte à rebours s'enclenche, ton PC va redémarrer.
    -- Après redémarrage, relance Killbox puis clique sur le menu : Files -> Logs -> Actions History Log, poste ce rapport ici.

    NOTE: Si tu reçois le message "PendingFileRenameOperations Registry Data has been removed by external process!"
    Redémarre ton PC manuellement.

    AIDE : Tuto sur KillBox (Jesses)
    ---------
  • Télécharge combofix.exe (par sUBs) sur ton Bureau
  • Double clique combofix.exe.
  • Tape sur la touche Y (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

    NOTE : Le rapport se trouve également ici : C:\Combofix.txt
    --------
    + un rapport Hijackthis

    Je suis surpris par votre réactivité, et je vous en remercie.
    Voici les rapports demandés:


    VundoFix V6.2.13

    Checking Java version...

    Sun Java not detected
    Scan started at 18:45:54 07/01/2007

    Listing files found while scanning....

    C:\WINDOWS\system32\wincqt32.dll
    C:\WINDOWS\system32\vturr.dll
    C:\WINDOWS\system32\rrutv.ini
    C:\WINDOWS\system32\rrutv.bak1
    C:\WINDOWS\system32\rrutv.bak2
    C:\WINDOWS\system32\rrutv.ini2
    C:\WINDOWS\system32\rrutv.tmp

    Beginning removal...

    Attempting to delete C:\WINDOWS\system32\wincqt32.dll
    C:\WINDOWS\system32\wincqt32.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\vturr.dll
    C:\WINDOWS\system32\vturr.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\rrutv.ini
    C:\WINDOWS\system32\rrutv.ini Has been deleted!

    Attempting to delete C:\WINDOWS\system32\rrutv.bak1
    C:\WINDOWS\system32\rrutv.bak1 Has been deleted!

    Attempting to delete C:\WINDOWS\system32\rrutv.bak2
    C:\WINDOWS\system32\rrutv.bak2 Has been deleted!

    Attempting to delete C:\WINDOWS\system32\rrutv.ini2
    C:\WINDOWS\system32\rrutv.ini2 Has been deleted!

    Attempting to delete C:\WINDOWS\system32\rrutv.tmp
    C:\WINDOWS\system32\rrutv.tmp Has been deleted!

    Performing Repairs to the registry.
    Done!


    rapport killbox:

    Pocket Killbox version 2.0.0.648
    Running on Windows XP as Dam(Administrator)
    was started @ dimanche, janvier 07, 2007, 6:55 PM

    # 1 [Delete on Reboot]
    Path = C:\WINDOWS\system32\sjjwlghr.exe


    # 2 [Delete on Reboot]
    Path = C:\WINDOWS\system32\ipmsuseh.exe


    # 3 [Delete on Reboot]
    Path = C:\WINDOWS\system32\leauoetr.exe


    # 4 [Delete on Reboot]
    Path = C:\WINDOWS\system32\atcjljhh.exe


    # 5 [Delete on Reboot]
    Path = C:\WINDOWS\system32\pbrbgujo.exe


    # 6 [Delete on Reboot]
    Path = C:\WINDOWS\system32\gdemwtbl.exe


    # 7 [Delete on Reboot]
    Path = C:\WINDOWS\system32\ndidfqlr.exe


    # 8 [Delete on Reboot]
    Path = C:\WINDOWS\system32\devvghus.exe


    # 9 [Delete on Reboot]
    Path = C:\WINDOWS\system32\qbewfmnp.exe


    # 10 [Delete on Reboot]
    Path = C:\WINDOWS\system32\yidejlrm.exe


    # 11 [Delete on Reboot]
    Path = C:\WINDOWS\system32\ebcmqcin.exe


    # 12 [Delete on Reboot]
    Path = C:\WINDOWS\system32\aknmfmkf.exe


    # 13 [Delete on Reboot]
    Path = C:\WINDOWS\system32\ekojlorq.exe


    # 14 [Delete on Reboot]
    Path = C:\WINDOWS\system32\uvtgqlau.exe


    # 15 [Delete on Reboot]
    Path = C:\WINDOWS\system32\sloxbwcv.exe


    # 16 [Delete on Reboot]
    Path = C:\WINDOWS\system32\flbanvtd.exe


    # 17 [Delete on Reboot]
    Path = C:\WINDOWS\system32\nhqfmwfm.exe


    # 18 [Delete on Reboot]
    Path = C:\WINDOWS\system32\mkuchpgq.exe


    # 19 [Delete on Reboot]
    Path = C:\WINDOWS\system32\fhgibojn.exe


    # 20 [Delete on Reboot]
    Path = C:\WINDOWS\system32\unsvchosts.exe


    # 21 [Delete on Reboot]
    Path = C:\WINDOWS\system32\xykwkrlp.exe


    # 22 [Delete on Reboot]
    Path = C:\WINDOWS\system32\wnekardj.dll


    # 23 [Delete on Reboot]
    Path = C:\Program Files\Fichiers communs\Yazzle1162OinUninstaller.exe


    # 24 [Delete on Reboot]
    Path = C:\Program Files\VSAdd-in\VSAdd-in.dll


    I Rebooted @ 6:56:00 PM
    Killbox Closed(Exit) @ 6:56:13 PM
    __________________________________________________

    Pocket Killbox version 2.0.0.648
    Running on Windows XP as Dam(Administrator)
    was started @ dimanche, janvier 07, 2007, 6:59 PM


    rapport combofix:

    Dam - 07-01-07 19:01:58,56 Service Pack 2
    ComboFix 06.11.27 - Running from: "C:\Documents and Settings\Dam\Bureau"

    (((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


    C:\Program Files\Fichiers communs\{38730CE9-07CB-1036-0927-060908060021}
    C:\Program Files\Fichiers communs\{68730CE9-07CA-1036-0927-060908060021}
    C:\Program Files\Fichiers communs\{68730CE9-07CB-1036-0927-060908060021}


    ((((((((((((((((((((((((((((((( Files Created from 2006-12-07 to 2007-01-07 ))))))))))))))))))))))))))))))))))


    2007-01-07 18:55 <REP> d-------- C:\!KillBox
    2007-01-07 18:45 <REP> d-------- C:\VundoFix Backups
    2007-01-07 17:38 81,684 --a------ C:\WINDOWS\system32\fncjuwhp.dll
    2007-01-07 15:36 <REP> d-------- C:\WINDOWS\system32\ActiveScan
    2007-01-07 15:07 81,684 --a------ C:\WINDOWS\system32\advikxyn.dll
    2007-01-07 13:08 <REP> d-------- C:\Program Files\Voyages-sncf
    2007-01-07 12:58 81,684 --a------ C:\WINDOWS\system32\xmsuadpf.dll
    2007-01-06 18:51 <REP> d--hs---- C:\FOUND.003
    2007-01-06 12:19 81,684 --a------ C:\WINDOWS\system32\cqalyamr.dll
    2007-01-05 18:01 <REP> d-------- C:\Program Files\Hijackthis Version Fran‡aise
    2007-01-05 17:58 25,600 --a------ C:\WINDOWS\system32\Borlndmm.dll
    2007-01-05 17:58 1,496,064 --a------ C:\WINDOWS\system32\cc3250mt.dll
    2007-01-05 17:58 <REP> d-------- C:\Program Files\Hitware Popup Killer Lite
    2007-01-05 17:33 81,684 --a------ C:\WINDOWS\system32\nexlxgdp.dll
    2007-01-05 17:26 <REP> d--hs---- C:\FOUND.002
    2007-01-04 22:36 81,684 --a------ C:\WINDOWS\system32\mrsrrbfg.dll
    2007-01-04 18:57 81,684 --a------ C:\WINDOWS\system32\sfofktbv.dll
    2007-01-03 19:28 81,684 --a------ C:\WINDOWS\system32\sugfqlpx.dll
    2007-01-03 19:28 118,804 --a------ C:\WINDOWS\system32\wvuirebv.dll
    2007-01-02 15:07 81,684 --a------ C:\WINDOWS\system32\agfnmmdj.dll
    2007-01-02 09:35 81,684 --a------ C:\WINDOWS\system32\esrfbvkd.dll
    2006-12-31 12:33 81,684 --a------ C:\WINDOWS\system32\vjnujbog.dll
    2006-12-30 20:45 81,684 --a------ C:\WINDOWS\system32\qfamhiir.dll
    2006-12-30 16:35 81,684 --a------ C:\WINDOWS\system32\vyuumdcm.dll
    2006-12-30 16:35 <REP> d-------- C:\Program Files\VSAdd-in
    2006-12-30 15:42 <REP> d-------- C:\Documents and Settings\Dam\Application Data\.ABC
    2006-12-30 15:40 <REP> d-------- C:\Program Files\ABC
    2006-12-30 15:39 22,541 ---hs---- C:\WINDOWS\system32\ljjkljh.dll
    2006-12-30 15:06 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
    2006-12-30 15:06 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
    2006-12-30 14:03 81,684 --a------ C:\WINDOWS\system32\jhhhgiuu.dll
    2006-12-30 12:10 81,684 --a------ C:\WINDOWS\system32\ysrxawwr.dll
    2006-12-29 23:53 81,684 --a------ C:\WINDOWS\system32\atewgriu.dll
    2006-12-29 22:41 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
    2006-12-29 22:40 <REP> d-------- C:\Program Files\Real
    2006-12-29 22:40 <REP> d-------- C:\Program Files\Fichiers communs\Real
    2006-12-29 22:40 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Real
    2006-12-29 22:28 81,684 --a------ C:\WINDOWS\system32\dkprydon.dll
    2006-12-29 21:25 <REP> d--hs---- C:\FOUND.001
    2006-12-29 12:54 <REP> d-------- C:\Documents and Settings\Dam\Application Data\AdobeUM
    2006-12-29 11:04 44,060 --a------ C:\WINDOWS\system32\gdxgcnpa.dll
    2006-12-26 17:46 98,304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
    2006-12-26 12:39 8,704 --a------ C:\WINDOWS\system32\drivers\Dot4scan.sys
    2006-12-26 12:39 324,608 --a------ C:\WINDOWS\system32\hpojwia.dll
    2006-12-26 12:39 24,064 --a------ C:\WINDOWS\system32\drivers\Dot4usb.sys
    2006-12-26 12:39 207,360 --a------ C:\WINDOWS\system32\drivers\Dot4.sys
    2006-12-26 12:39 12,928 --a------ C:\WINDOWS\system32\drivers\Dot4Prt.sys
    2006-12-24 19:47 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Logitech
    2006-12-24 19:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Logitech
    2006-12-24 19:43 118,784 -r------- C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
    2006-12-24 19:41 71,680 --a------ C:\WINDOWS\system32\drivers\LMouKE.Sys
    2006-12-24 19:41 56,064 --a------ C:\WINDOWS\system32\drivers\L8042MOU.SYS
    2006-12-24 19:41 53,248 --a------ C:\WINDOWS\system32\KemXML.dll
    2006-12-24 19:41 3,712 --a------ C:\WINDOWS\system32\drivers\LBeepKE.sys
    2006-12-24 19:41 155,648 --a------ C:\WINDOWS\system32\kemutb.dll
    2006-12-24 19:41 13,568 --a------ C:\WINDOWS\system32\drivers\L8042Kbd.SYS
    2006-12-24 19:41 126,976 --a------ C:\WINDOWS\system32\KemUtil.dll
    2006-12-24 19:41 110,592 --a------ C:\WINDOWS\system32\KemWnd.dll
    2006-12-24 19:40 94,208 --a------ C:\WINDOWS\KHALMNPR.Exe
    2006-12-24 19:40 27,264 --a------ C:\WINDOWS\system32\drivers\LHidKE.Sys
    2006-12-24 19:40 <REP> d-------- C:\Program Files\Logitech
    2006-12-24 19:40 <REP> d-------- C:\Program Files\Fichiers communs\Logitech
    2006-12-24 19:36 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
    2006-12-24 19:35 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
    2006-12-24 17:55 <REP> d-------- C:\Documents and Settings\Dam\Application Data\U3
    2006-12-23 13:16 90,112 --a------ C:\WINDOWS\system32\AVASTSS.scr
    2006-12-23 13:16 87,424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
    2006-12-23 13:16 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
    2006-12-23 13:16 666,240 --a------ C:\WINDOWS\system32\aswBoot.exe
    2006-12-23 13:16 36,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
    2006-12-23 13:16 24,560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
    2006-12-23 13:16 16,352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
    2006-12-23 11:41 <REP> d-------- C:\divx
    2006-12-22 19:01 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Media Player Classic
    2006-12-22 19:01 <REP> d-------- C:\Documents and Settings\Dam\Application Data\DivX
    2006-12-22 19:00 <REP> d-------- C:\Program Files\Media Player Classic
    2006-12-22 18:40 <REP> d-------- C:\Program Files\Mozilla Firefox
    2006-12-22 18:40 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Mozilla
    2006-12-22 18:39 109,568 --------- C:\WINDOWS\system32\pxinsi64.exe
    2006-12-22 18:39 108,544 --------- C:\WINDOWS\system32\pxcpyi64.exe
    2006-12-22 18:38 <REP> d-------- C:\Program Files\DivX
    2006-12-22 16:22 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Apple Computer
    2006-12-21 21:28 <REP> d-------- C:\WINDOWS\WBEM
    2006-12-21 21:28 <REP> d-------- C:\WINDOWS\system32\fr-fr
    2006-12-21 21:26 <REP> d--h----- C:\WINDOWS\ie7
    2006-12-21 21:25 121,856 --------- C:\WINDOWS\system32\xmllite.dll
    2006-12-21 21:24 <REP> d-------- C:\WINDOWS\network diagnostic
    2006-12-21 21:22 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
    2006-12-21 19:58 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Adobe
    2006-12-21 18:16 22,541 ---hs---- C:\WINDOWS\system32\sstqoop.dll
    2006-12-21 18:12 <REP> d--hs---- C:\FOUND.000
    2006-12-18 21:32 22,541 ---hs---- C:\WINDOWS\system32\khfcaya.dll
    2006-12-18 19:55 <REP> d-------- C:\Program Files\SpywareBlaster
    2006-12-18 19:34 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
    2006-12-18 19:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2006-12-18 19:08 <REP> d-------- C:\Program Files\a-squared Free
    2006-12-18 18:49 <REP> d-------- C:\WINDOWS\system32\appmgmt
    2006-12-17 14:31 <REP> d-------- C:\Program Files\Microsoft Works
    2006-12-17 14:30 <REP> d-------- C:\Program Files\MSBuild
    2006-12-17 14:30 <REP> d-------- C:\Program Files\Microsoft Visual Studio
    2006-12-17 14:30 <REP> d-------- C:\Program Files\Fichiers communs\DESIGNER
    2006-12-17 14:29 <REP> d-------- C:\Program Files\Microsoft.NET
    2006-12-17 14:24 <REP> d-------- C:\WINDOWS\SHELLNEW
    2006-12-17 14:24 <REP> d-------- C:\Program Files\Microsoft Office
    2006-12-17 14:23 <REP> dr-h----- C:\MSOCache
    2006-12-17 14:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2006-12-17 12:49 <REP> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
    2006-12-17 11:49 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Asus
    2006-12-17 10:06 <REP> d-------- C:\Program Files\MSXML 4.0
    2006-12-16 19:16 <REP> d-------- C:\WINDOWS\system32\PreInstall
    2006-12-16 19:11 <REP> d-------- C:\Documents and Settings\Dam\Application Data\HP
    2006-12-16 17:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\HP
    2006-12-16 17:22 <REP> d-------- C:\Program Files\Fichiers communs\Sonic Shared
    2006-12-16 17:22 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sonic
    2006-12-16 17:13 <REP> d-------- C:\Program Files\Hewlett-Packard
    2006-12-16 17:12 <REP> d-------- C:\Program Files\Fichiers communs\Hewlett-Packard
    2006-12-16 17:11 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll
    2006-12-16 17:11 69,632 --a------ C:\WINDOWS\system32\HPZipm12.exe
    2006-12-16 17:11 65,536 --a------ C:\WINDOWS\system32\HPZinw12.exe
    2006-12-16 17:11 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll
    2006-12-16 17:11 306,688 --a------ C:\WINDOWS\IsUninst.exe
    2006-12-16 17:11 282,680 --a------ C:\WINDOWS\system32\HPZidr12.dll
    2006-12-16 17:11 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll
    2006-12-16 17:08 <REP> d--h----- C:\Config.Msi
    2006-12-16 17:06 77,824 -ra------ C:\WINDOWS\system32\HPZIDS01.dll
    2006-12-16 17:06 49,664 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys
    2006-12-16 17:06 38,400 --a------ C:\WINDOWS\system32\hpz3l054.dll
    2006-12-16 17:06 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys
    2006-12-16 17:05 827,392 -ra------ C:\WINDOWS\system32\hpotiop2.dll
    2006-12-16 17:05 659,456 -ra------ C:\WINDOWS\system32\hpowiax2.dll
    2006-12-16 17:05 282,624 -ra------ C:\WINDOWS\system32\HPZc3212.dll
    2006-12-16 17:05 26,496 --a------ C:\WINDOWS\system32\drivers\USBSTOR.SYS
    2006-12-16 17:05 254,026 -ra------ C:\WINDOWS\system32\hpovst09.dll
    2006-12-16 17:05 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
    2006-12-16 17:05 21,568 -ra------ C:\WINDOWS\system32\drivers\HPZius12.sys
    2006-12-16 17:04 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
    2006-12-16 17:02 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
    2006-12-16 16:20 <REP> d-------- C:\WINDOWS\system32\SoftwareDistribution
    2006-12-16 16:08 <REP> d-------- C:\Program Files\Lavasoft
    2006-12-16 16:08 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Lavasoft
    2006-12-16 14:57 <REP> d-------- C:\Program Files\PeDevice
    2006-12-16 14:46 <REP> d-------- C:\Program Files\QuickTime
    2006-12-16 14:46 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
    2006-12-16 14:44 <REP> d-------- C:\Program Files\Alwil Software
    2006-12-16 14:43 <REP> d--hs---- C:\WINDOWS\ftpcache
    2006-12-16 14:43 <REP> d-------- C:\Program Files\Free
    2006-12-16 13:36 <REP> d-------- C:\NVIDIA
    2006-12-16 13:12 <REP> d--hs---- C:\Documents and Settings\Dam\UserData
    2006-12-16 12:54 <REP> d-------- C:\Program Files\DAEMON Tools
    2006-12-16 12:15 <REP> d-------- C:\jeux
    2006-12-16 12:12 639,224 --a------ C:\WINDOWS\system32\drivers\sptd.sys
    2006-12-15 23:58 <REP> dr-h----- C:\Documents and Settings\Dam\SendTo
    2006-12-15 23:58 <REP> dr-h----- C:\Documents and Settings\Dam\Recent
    2006-12-15 23:58 <REP> dr-h----- C:\Documents and Settings\Dam\Application Data\.
    2006-12-15 23:58 <REP> dr-h----- C:\Documents and Settings\Dam\Application Data
    2006-12-15 23:58 <REP> dr------- C:\Documents and Settings\Dam\Mes documents
    2006-12-15 23:58 <REP> dr------- C:\Documents and Settings\Dam\Menu D‚marrer
    2006-12-15 23:58 <REP> dr------- C:\Documents and Settings\Dam\Favoris
    2006-12-15 23:58 <REP> d--hs---- C:\Documents and Settings\Dam\Cookies
    2006-12-15 23:58 <REP> d--h----- C:\Documents and Settings\Dam\Voisinage r‚seau
    2006-12-15 23:58 <REP> d--h----- C:\Documents and Settings\Dam\Voisinage d'impression
    2006-12-15 23:58 <REP> d--h----- C:\Documents and Settings\Dam\ModŠles
    2006-12-15 23:58 <REP> d--h----- C:\Documents and Settings\Dam\Local Settings
    2006-12-15 23:58 <REP> d---s---- C:\Documents and Settings\Dam\Application Data\Microsoft
    2006-12-15 23:58 <REP> d-------- C:\Documents and Settings\Dam\Bureau
    2006-12-15 23:58 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Symantec
    2006-12-15 23:58 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Intel
    2006-12-15 23:58 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Identities
    2006-12-15 23:58 <REP> d-------- C:\Documents and Settings\Dam\Application Data\..
    2006-12-15 23:58 <REP> d-------- C:\Documents and Settings\Dam\..
    2006-12-15 23:58 <REP> d-------- C:\Documents and Settings\Dam\.
    2006-12-15 21:56 <REP> d-------- C:\Program Files\QuickPar
    2006-12-15 21:21 <REP> d-------- C:\Program Files\HP
    2006-12-15 21:21 <REP> d-------- C:\Program Files\Fichiers communs\HP
    2006-12-15 21:21 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Image Zone Express
    2006-12-15 21:06 <REP> d-------- C:\Program Files\WinRAR
    2006-12-15 20:57 <REP> d-------- C:\Program Files\GrabIt
    2006-12-15 19:20 <REP> d-------- C:\Program Files\adslTV
    2006-12-15 19:20 <REP> d-------- C:\Documents and Settings\Dam\Application Data\vlc
    2006-12-15 19:17 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Macromedia
    2006-12-15 19:01 186,368 --a------ C:\WINDOWS\ASUS_1600x1200_white.scr
    2006-12-15 19:01 <REP> d-------- C:\Program Files\ASUS_1600x1200_white
    2006-12-15 18:21 <REP> d-------- C:\Program Files\Google
    2006-12-15 18:21 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Google
    2006-12-15 18:21 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
    2006-12-15 18:21 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google
    2006-12-12 17:30 520,192 --a------ C:\WINDOWS\system32\DivXsm.exe
    2006-12-12 17:30 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
    2006-12-12 17:30 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
    2006-12-12 17:30 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
    2006-12-12 17:25 806,912 --a------ C:\WINDOWS\system32\divx_xx0c.dll
    2006-12-12 17:25 806,912 --a------ C:\WINDOWS\system32\divx_xx07.dll
    2006-12-12 17:25 790,528 --a------ C:\WINDOWS\system32\divx_xx11.dll
    2006-12-12 17:25 73,728 --a------ C:\WINDOWS\system32\dpl100.dll
    2006-12-12 17:25 635,486 --a------ C:\WINDOWS\system32\DivX.dll
    2006-12-12 17:25 593,920 --a------ C:\WINDOWS\system32\dpuGUI11.dll
    2006-12-12 17:25 57,344 --a------ C:\WINDOWS\system32\dpv11.dll
    2006-12-12 17:25 53,248 --a------ C:\WINDOWS\system32\dpuGUI10.dll
    2006-12-12 17:25 344,064 --a------ C:\WINDOWS\system32\dpus11.dll
    2006-12-12 17:25 294,912 --a------ C:\WINDOWS\system32\dpu11.dll
    2006-12-12 17:25 294,912 --a------ C:\WINDOWS\system32\dpu10.dll
    2006-12-12 17:25 196,608 --a------ C:\WINDOWS\system32\dtu100.dll
    2006-12-12 17:24 12,288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
    2006-12-12 17:24 118,784 --a------ C:\WINDOWS\system32\DivXCodecUpdateChecker.exe


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


    2006-12-07 05:14 2330624 --a------ C:\WINDOWS\system32\wmvcore.dll
    2006-11-08 06:07 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
    2006-11-07 21:03 6049280 --------- C:\WINDOWS\system32\ieframe.dll
    2006-11-07 21:03 50688 --------- C:\WINDOWS\system32\msfeedsbs.dll
    2006-11-07 21:03 458752 --------- C:\WINDOWS\system32\msfeeds.dll
    2006-11-07 21:03 413696 --a------ C:\WINDOWS\system32\vbscript.dll
    2006-11-07 21:03 231424 --a------ C:\WINDOWS\system32\webcheck.dll
    2006-11-07 21:03 180736 --------- C:\WINDOWS\system32\ieui.dll
    2006-11-07 21:03 156160 --a------ C:\WINDOWS\system32\msls31.dll
    2006-11-07 03:27 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll
    2006-11-07 03:27 229376 --a------ C:\WINDOWS\system32\ieaksie.dll
    2006-11-07 03:26 71680 --a------ C:\WINDOWS\system32\admparse.dll
    2006-11-07 03:26 55296 --a------ C:\WINDOWS\system32\iesetup.dll
    2006-11-07 03:26 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe
    2006-11-07 03:26 43008 --a------ C:\WINDOWS\system32\iernonce.dll
    2006-11-07 03:26 152064 --a------ C:\WINDOWS\system32\ieakeng.dll
    2006-11-07 03:26 13312 --a------ C:\WINDOWS\system32\ieudinit.exe
    2006-11-07 03:26 123904 --a------ C:\WINDOWS\system32\advpack.dll
    2006-11-07 03:25 161792 --a------ C:\WINDOWS\system32\ieakui.dll
    2006-11-04 14:14 1245696 --a------ C:\WINDOWS\system32\msxml4.dll
    2006-10-26 14:42 36160 --a------ C:\WINDOWS\system32\FM20FRA.DLL
    2006-10-26 14:10 33088 --a------ C:\WINDOWS\system32\FM20ENU.DLL
    2006-10-26 14:10 1190688 --a------ C:\WINDOWS\system32\FM20.DLL
    2006-10-26 13:45 293376 --a------ C:\WINDOWS\system32\WISPTIS.EXE
    2006-10-26 13:45 207360 --a------ C:\WINDOWS\system32\INKED.DLL
    2006-10-22 09:26 0 -rahs---- C:\MSDOS.SYS
    2006-10-22 09:26 0 -rahs---- C:\IO.SYS
    2006-10-22 09:26 0 --a------ C:\CONFIG.SYS
    2006-10-22 09:26 0 --a------ C:\AUTOEXEC.BAT
    2006-10-20 02:38 716800 --a------ C:\WINDOWS\system32\sxs.dll
    2006-10-17 12:06 78336 --a------ C:\WINDOWS\system32\ieencode.dll
    2006-10-17 12:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll
    2006-10-17 12:05 206336 --------- C:\WINDOWS\system32\WinFXDocObj.exe
    2006-10-17 12:05 105984 --a------ C:\WINDOWS\system32\url.dll
    2006-10-17 12:04 101376 --a------ C:\WINDOWS\system32\occache.dll
    2006-10-17 12:03 17408 --a------ C:\WINDOWS\system32\corpol.dll
    2006-10-17 11:58 61952 --------- C:\WINDOWS\system32\icardie.dll
    2006-10-17 11:58 12288 --------- C:\WINDOWS\system32\msfeedssync.exe
    2006-10-17 11:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll
    2006-10-17 11:57 266752 --------- C:\WINDOWS\system32\iertutil.dll
    2006-10-17 11:56 45568 --a------ C:\WINDOWS\system32\mshta.exe
    2006-10-17 11:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
    2006-10-17 11:27 380928 --------- C:\WINDOWS\system32\ieapfltr.dll
    2006-10-13 13:36 65536 --a------ C:\WINDOWS\system32\nwwks.dll
    2006-10-13 13:36 64000 --a------ C:\WINDOWS\system32\nwapi32.dll
    2006-10-13 13:36 145920 --a------ C:\WINDOWS\system32\nwprovau.dll


    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries are not shown

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "Net4Switch"="C:\\Program Files\\ASUS\\Net4Switch\\Net4Switch.exe"
    "swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.908.6962\\GoogleToolbarNotifier.exe"
    "LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"
    "HitwarePKLite"="C:\\PROGRA~1\\HITWAR~1\\HITWAR~1.EXE"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "HControl"="C:\\WINDOWS\\ATK0100\\HControl.exe"
    "ehTray"="C:\\WINDOWS\\ehome\\ehtray.exe"
    "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
    "nwiz"="nwiz.exe /install"
    "NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
    "RTHDCPL"="RTHDCPL.EXE"
    "SkyTel"="SkyTel.EXE"
    "Alcmtr"="ALCMTR.EXE"
    "PowerForPhone"="C:\\Program Files\\ASUS\\PowerForPhone\\PowerForPhone.exe"
    "ASUS Live Update"="C:\\Program Files\\ASUS\\ASUS Live Update\\ALU.exe"
    "ACMON"="C:\\Program Files\\ASUS\\Splendid\\ACMON.exe"
    "Wireless Console 2"="C:\\Program Files\\Wireless Console 2\\wcourier.exe"
    "ATKMEDIA"="C:\\Program Files\\ASUS\\ATK Media\\DMEDIA.EXE"
    "SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
    "ABLKSR"="C:\\WINDOWS\\ABLKSR\\ABLKSR.exe"
    "RemoteControl"="\"C:\\Program Files\\ASUSTeK\\ASUSDVD\\PDVDServ.exe\""
    "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
    "Power_Gear"="C:\\Program Files\\ASUS\\Power4 Gear\\BatteryLife.exe 1"
    "IntelZeroConfig"="\"C:\\Program Files\\Intel\\Wireless\\bin\\ZCfgSvc.exe\""
    "IntelWireless"="\"C:\\Program Files\\Intel\\Wireless\\Bin\\ifrmewrk.exe\" /tf Intel PROSet/Wireless"
    "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\\Program Files\\Google\\Gmail Notifier\\gnotify.exe"
    "avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
    "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE"
    @=""
    "DllRunning"="rundll32.exe \"C:\\WINDOWS\\system32\\wvuirebv.dll\",setvm"

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
    "DeskHtmlVersion"=dword:00000110
    "DeskHtmlMinorVersion"=dword:00000005
    "Settings"=dword:00000001
    "GeneralFlags"=dword:00000001

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
    "Source"="About:Home"
    "SubscribedURL"="About:Home"
    "FriendlyName"="Ma page d'accueil"
    "Flags"=dword:00000002
    "Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,02,03,00,00,00,\
    00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
    "CurrentState"=hex:04,00,00,40
    "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
    ff,ff,04,00,00,00
    "RestoredStateInfo"=hex:18,00,00,00,d2,03,00,00,23,00,00,00,1c,01,00,00,dc,00,\
    00,00,01,00,00,00

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
    "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
    "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "dontdisplaylastusername"=dword:00000000
    "legalnoticecaption"=""
    "legalnoticetext"=""
    "shutdownwithoutlogon"=dword:00000001
    "undockwithoutlogon"=dword:00000001

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
    "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
    "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
    "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
    "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

    HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\pmnnm

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

    Completion time: 07-01-07 19:03:30.25
    C:\ComboFix.txt ... 07-01-07 19:03


    et le rapport hijackthis :

    Logfile of HijackThis v1.99.1
    Scan saved at 19:05:15, on 07/01/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\ehome\mcrdsvc.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\ATK0100\HControl.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe
    C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    C:\Program Files\ASUS\Splendid\ACMON.exe
    C:\Program Files\Wireless Console 2\wcourier.exe
    C:\WINDOWS\system32\ACEngSvr.exe
    C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Google\Gmail Notifier\gnotify.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\ATK0100\ATKOSD.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
    C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Program Files\Hijackthis Version Française\scanner.exe.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {26A50432-3244-4705-BF45-866D8EBC9648} - C:\WINDOWS\system32\pmnnm.dll
    O2 - BHO: (no name) - {3FD6B99C-A275-46ea-8FD1-3D63986E51E4} - C:\WINDOWS\system32\gbeagqcg.dll (file missing)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {7DA39570-5FD2-4f18-94B4-20730CB3F727} - C:\WINDOWS\system32\gdxgcnpa.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: (no name) - {BA027013-F318-4351-AE62-361976D5A3E3} - C:\WINDOWS\system32\vturr.dll (file missing)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe
    O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
    O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\system32\wvuirebv.dll",setvm
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Net4Switch] C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.6962\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [HitwarePKLite] C:\PROGRA~1\HITWAR~1\HITWAR~1.EXE
    O4 - Global Startup: Bluetooth Manager.lnk = ?
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Logitech SetPoint.lnk = ?
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
    O18 - Protocol: bw+0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: offline-8876480 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - Winlogon Notify: pmnnm - C:\WINDOWS\system32\pmnnm.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe


    Re,

    Selectionne le texte dans le cadre :

    Citation :
    C:\WINDOWS\system32\fncjuwhp.dll
    C:\WINDOWS\system32\advikxyn.dll
    C:\WINDOWS\system32\xmsuadpf.dll
    C:\WINDOWS\system32\cqalyamr.dll
    C:\WINDOWS\system32\nexlxgdp.dll
    C:\WINDOWS\system32\mrsrrbfg.dll
    C:\WINDOWS\system32\sfofktbv.dll
    C:\WINDOWS\system32\sugfqlpx.dll
    C:\WINDOWS\system32\wvuirebv.dll
    C:\WINDOWS\system32\agfnmmdj.dll
    C:\WINDOWS\system32\esrfbvkd.dll
    C:\WINDOWS\system32\vjnujbog.dll
    C:\WINDOWS\system32\qfamhiir.dll
    C:\WINDOWS\system32\vyuumdcm.dll
    C:\WINDOWS\system32\ljjkljh.dll
    C:\WINDOWS\system32\ptpusb.dll
    C:\WINDOWS\system32\ptpusd.dll
    C:\WINDOWS\system32\jhhhgiuu.dll
    C:\WINDOWS\system32\ysrxawwr.dll
    C:\WINDOWS\system32\atewgriu.dll
    C:\WINDOWS\system32\dkprydon.dll
    C:\WINDOWS\system32\gdxgcnpa.dll
    C:\WINDOWS\system32\sstqoop.dll
    C:\WINDOWS\system32\khfcaya.dll


    ---> Clique Droit puis Copier.
    ----------

    -- Ouvre Killbox.exe
    -- Choisis "Delete on reboot"
    -- Clique sur :
    - " File " -> " Paste from Clipboard "
    - " All Files "

    Pour terminer clique sur [:angeldark:3]

    Une question te sera alors posée :
    " File will be Removed on Reboot, Do you want to reboot now ? "

    -- Répond par OUI, un compte à rebours s'enclenche, ton PC va redémarrer.
    -- Après redémarrage, relance Killbox puis clique sur le menu : Files -> Logs -> Actions History Log, poste ce rapport ici.
    + un rapport Hijackthis.

    NOTE: Si tu reçois le message "PendingFileRenameOperations Registry Data has been removed by external process!"
    Redémarre ton PC manuellement.

    AIDE : Tuto sur KillBox (Jesses)

    re,

    rapport killbox:

    Pocket Killbox version 2.0.0.648
    Running on Windows XP as Dam(Administrator)
    was started @ dimanche, janvier 07, 2007, 6:55 PM

    # 1 [Delete on Reboot]
    Path = C:\WINDOWS\system32\sjjwlghr.exe


    # 2 [Delete on Reboot]
    Path = C:\WINDOWS\system32\ipmsuseh.exe


    # 3 [Delete on Reboot]
    Path = C:\WINDOWS\system32\leauoetr.exe


    # 4 [Delete on Reboot]
    Path = C:\WINDOWS\system32\atcjljhh.exe


    # 5 [Delete on Reboot]
    Path = C:\WINDOWS\system32\pbrbgujo.exe


    # 6 [Delete on Reboot]
    Path = C:\WINDOWS\system32\gdemwtbl.exe


    # 7 [Delete on Reboot]
    Path = C:\WINDOWS\system32\ndidfqlr.exe


    # 8 [Delete on Reboot]
    Path = C:\WINDOWS\system32\devvghus.exe


    # 9 [Delete on Reboot]
    Path = C:\WINDOWS\system32\qbewfmnp.exe


    # 10 [Delete on Reboot]
    Path = C:\WINDOWS\system32\yidejlrm.exe


    # 11 [Delete on Reboot]
    Path = C:\WINDOWS\system32\ebcmqcin.exe


    # 12 [Delete on Reboot]
    Path = C:\WINDOWS\system32\aknmfmkf.exe


    # 13 [Delete on Reboot]
    Path = C:\WINDOWS\system32\ekojlorq.exe


    # 14 [Delete on Reboot]
    Path = C:\WINDOWS\system32\uvtgqlau.exe


    # 15 [Delete on Reboot]
    Path = C:\WINDOWS\system32\sloxbwcv.exe


    # 16 [Delete on Reboot]
    Path = C:\WINDOWS\system32\flbanvtd.exe


    # 17 [Delete on Reboot]
    Path = C:\WINDOWS\system32\nhqfmwfm.exe


    # 18 [Delete on Reboot]
    Path = C:\WINDOWS\system32\mkuchpgq.exe


    # 19 [Delete on Reboot]
    Path = C:\WINDOWS\system32\fhgibojn.exe


    # 20 [Delete on Reboot]
    Path = C:\WINDOWS\system32\unsvchosts.exe


    # 21 [Delete on Reboot]
    Path = C:\WINDOWS\system32\xykwkrlp.exe


    # 22 [Delete on Reboot]
    Path = C:\WINDOWS\system32\wnekardj.dll


    # 23 [Delete on Reboot]
    Path = C:\Program Files\Fichiers communs\Yazzle1162OinUninstaller.exe


    # 24 [Delete on Reboot]
    Path = C:\Program Files\VSAdd-in\VSAdd-in.dll


    I Rebooted @ 6:56:00 PM
    Killbox Closed(Exit) @ 6:56:13 PM
    __________________________________________________

    Pocket Killbox version 2.0.0.648
    Running on Windows XP as Dam(Administrator)
    was started @ dimanche, janvier 07, 2007, 6:59 PM

    Killbox Closed(Exit) @ 7:03:25 PM
    __________________________________________________

    Pocket Killbox version 2.0.0.648
    Running on Windows XP as Dam(Administrator)
    was started @ dimanche, janvier 07, 2007, 7:39 PM

    # 1 [Delete on Reboot]
    Path = C:\WINDOWS\system32\fncjuwhp.dll


    # 2 [Delete on Reboot]
    Path = C:\WINDOWS\system32\advikxyn.dll


    # 3 [Delete on Reboot]
    Path = C:\WINDOWS\system32\xmsuadpf.dll


    # 4 [Delete on Reboot]
    Path = C:\WINDOWS\system32\cqalyamr.dll


    # 5 [Delete on Reboot]
    Path = C:\WINDOWS\system32\nexlxgdp.dll


    # 6 [Delete on Reboot]
    Path = C:\WINDOWS\system32\mrsrrbfg.dll


    # 7 [Delete on Reboot]
    Path = C:\WINDOWS\system32\sfofktbv.dll


    # 8 [Delete on Reboot]
    Path = C:\WINDOWS\system32\sugfqlpx.dll


    # 9 [Delete on Reboot]
    Path = C:\WINDOWS\system32\wvuirebv.dll


    # 10 [Delete on Reboot]
    Path = C:\WINDOWS\system32\agfnmmdj.dll


    # 11 [Delete on Reboot]
    Path = C:\WINDOWS\system32\esrfbvkd.dll


    # 12 [Delete on Reboot]
    Path = C:\WINDOWS\system32\vjnujbog.dll


    # 13 [Delete on Reboot]
    Path = C:\WINDOWS\system32\qfamhiir.dll


    # 14 [Delete on Reboot]
    Path = C:\WINDOWS\system32\vyuumdcm.dll


    # 15 [Delete on Reboot]
    Path = C:\WINDOWS\system32\ljjkljh.dll


    # 16 [Delete on Reboot]
    Path = C:\WINDOWS\system32\ptpusb.dll


    # 17 [Delete on Reboot]
    Path = C:\WINDOWS\system32\ptpusd.dll


    # 18 [Delete on Reboot]
    Path = C:\WINDOWS\system32\jhhhgiuu.dll


    # 19 [Delete on Reboot]
    Path = C:\WINDOWS\system32\ysrxawwr.dll


    # 20 [Delete on Reboot]
    Path = C:\WINDOWS\system32\atewgriu.dll


    # 21 [Delete on Reboot]
    Path = C:\WINDOWS\system32\dkprydon.dll


    # 22 [Delete on Reboot]
    Path = C:\WINDOWS\system32\gdxgcnpa.dll


    # 23 [Delete on Reboot]
    Path = C:\WINDOWS\system32\sstqoop.dll


    # 24 [Delete on Reboot]
    Path = C:\WINDOWS\system32\khfcaya.dll


    I Rebooted @ 7:40:34 PM
    Killbox Closed(Exit) @ 7:40:41 PM
    __________________________________________________

    Pocket Killbox version 2.0.0.648
    Running on Windows XP as Dam(Administrator)
    was started @ dimanche, janvier 07, 2007, 7:43 PM


    rapport hijackthis:

    Logfile of HijackThis v1.99.1
    Scan saved at 19:45:37, on 07/01/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\ATK0100\HControl.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\RTHDCPL.EXE
    C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe
    C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    C:\Program Files\ASUS\Splendid\ACMON.exe
    C:\Program Files\Wireless Console 2\wcourier.exe
    C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
    C:\Program Files\Google\Gmail Notifier\gnotify.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\WINDOWS\system32\ACEngSvr.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
    C:\WINDOWS\ATK0100\ATKOSD.exe
    C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\WINDOWS\notepad.exe
    C:\Program Files\Hijackthis Version Française\scanner.exe.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/webhp?sourceid=navclient&hl=fr&ie=...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.asus.com/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {3FD6B99C-A275-46ea-8FD1-3D63986E51E4} - C:\WINDOWS\system32\gbeagqcg.dll (file missing)
    O2 - BHO: (no name) - {49BC6EAF-2977-4232-94A4-04C5D5254F9E} - C:\WINDOWS\system32\pmnnm.dll
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {7DA39570-5FD2-4f18-94B4-20730CB3F727} - C:\WINDOWS\system32\gdxgcnpa.dll (file missing)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O2 - BHO: (no name) - {BA027013-F318-4351-AE62-361976D5A3E3} - C:\WINDOWS\system32\vturr.dll (file missing)
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [PowerForPhone] C:\Program Files\ASUS\PowerForPhone\PowerForPhone.exe
    O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
    O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
    O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [ABLKSR] C:\WINDOWS\ABLKSR\ABLKSR.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
    O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
    O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\system32\wvuirebv.dll",setvm
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Net4Switch] C:\Program Files\ASUS\Net4Switch\Net4Switch.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.6962\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
    O4 - HKCU\..\Run: [HitwarePKLite] C:\PROGRA~1\HITWAR~1\HITWAR~1.EXE
    O4 - Global Startup: Bluetooth Manager.lnk = ?
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Logitech SetPoint.lnk = ?
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O11 - Options group: [INTERNATIONAL] International*
    O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
    O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
    O18 - Protocol: bw+0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw+0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw-0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw00s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw10s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw20s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw30s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw40s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw50s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw60s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw70s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw80s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bw90s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwa0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwb0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwc0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwd0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwe0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwf0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
    O18 - Protocol: bwg0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwg0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwh0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwi0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwj0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwk0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwl0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwm0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwn0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwo0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwp0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwq0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwr0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bws0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwt0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwu0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwv0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bww0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwx0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwy0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: bwz0s - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
    O18 - Protocol: offline-8876480 - {C0DFF1A9-A246-439F-BEDE-55C8693575A1} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
    O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
    O20 - Winlogon Notify: pmnnm - C:\WINDOWS\system32\pmnnm.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe


    Re,

    - Lance Hijackthis ->Do a system scan only
    ->Coche les lignes ci-dessous :

    O2 - BHO: (no name) - {3FD6B99C-A275-46ea-8FD1-3D63986E51E4} - C:\WINDOWS\system32\gbeagqcg.dll (file missing)
    O2 - BHO: (no name) - {7DA39570-5FD2-4f18-94B4-20730CB3F727} - C:\WINDOWS\system32\gdxgcnpa.dll (file missing)
    O2 - BHO: (no name) - {BA027013-F318-4351-AE62-361976D5A3E3} - C:\WINDOWS\system32\vturr.dll (file missing)
    O4 - HKLM\..\Run: [DllRunning] rundll32.exe "C:\WINDOWS\system32\wvuirebv.dll",setvm

    Clique sur Fix checked (en bas à gauche)

    Clique sur le menu Démarrer puis executer et copie/colle ceci :
    "%userprofile%\Bureau\combofix.exe" /v pmnnm
    puis clic sur OK.

    Suis les invites.

    Ne touche a rien et attends que combofix ait terminé, un rapport sera créé. Poste le rapport.

    le rapport combofix:
    Dam - 07-01-07 20:11:17,23 Service Pack 2
    ComboFix 06.11.27 - Running from: "C:\Documents and Settings\Dam\Bureau"
    Command switches used :: /v pmnnm

    (((((((((((((((((((((((((((((((((((((((((((((((( Vundo Log )))))))))))))))))))))))))))))))))))))))))))))))))))))


    C:\WINDOWS\system32\pmnnm.dll
    C:\WINDOWS\system32\mnnmp.ini
    C:\WINDOWS\system32\mnnmp.bak1


    * * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *



    ((((((((((((((((((((((((((((((( Files Created from 2006-12-07 to 2007-01-07 ))))))))))))))))))))))))))))))))))


    2007-01-07 20:10 44,060 --a------ C:\WINDOWS\system32\jkyfexwo.dll
    2007-01-07 19:27 <REP> d-------- C:\BFU
    2007-01-07 19:03 88,340 --a------ C:\WINDOWS\system32\wifbadgl.exe
    2007-01-07 19:03 81,684 --a------ C:\WINDOWS\system32\toehrhwi.dll
    2007-01-07 18:55 <REP> d-------- C:\!KillBox
    2007-01-07 18:45 <REP> d-------- C:\VundoFix Backups
    2007-01-07 15:36 <REP> d-------- C:\WINDOWS\system32\ActiveScan
    2007-01-07 13:08 <REP> d-------- C:\Program Files\Voyages-sncf
    2007-01-06 18:51 <REP> d--hs---- C:\FOUND.003
    2007-01-05 18:01 <REP> d-------- C:\Program Files\Hijackthis Version Fran‡aise
    2007-01-05 17:58 25,600 --a------ C:\WINDOWS\system32\Borlndmm.dll
    2007-01-05 17:58 1,496,064 --a------ C:\WINDOWS\system32\cc3250mt.dll
    2007-01-05 17:58 <REP> d-------- C:\Program Files\Hitware Popup Killer Lite
    2007-01-05 17:26 <REP> d--hs---- C:\FOUND.002
    2006-12-30 16:35 <REP> d-------- C:\Program Files\VSAdd-in
    2006-12-30 15:42 <REP> d-------- C:\Documents and Settings\Dam\Application Data\.ABC
    2006-12-30 15:40 <REP> d-------- C:\Program Files\ABC
    2006-12-29 22:41 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
    2006-12-29 22:40 <REP> d-------- C:\Program Files\Real
    2006-12-29 22:40 <REP> d-------- C:\Program Files\Fichiers communs\Real
    2006-12-29 22:40 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Real
    2006-12-29 21:25 <REP> d--hs---- C:\FOUND.001
    2006-12-29 12:54 <REP> d-------- C:\Documents and Settings\Dam\Application Data\AdobeUM
    2006-12-26 17:46 98,304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
    2006-12-26 12:39 8,704 --a------ C:\WINDOWS\system32\drivers\Dot4scan.sys
    2006-12-26 12:39 324,608 --a------ C:\WINDOWS\system32\hpojwia.dll
    2006-12-26 12:39 24,064 --a------ C:\WINDOWS\system32\drivers\Dot4usb.sys
    2006-12-26 12:39 207,360 --a------ C:\WINDOWS\system32\drivers\Dot4.sys
    2006-12-26 12:39 12,928 --a------ C:\WINDOWS\system32\drivers\Dot4Prt.sys
    2006-12-24 19:47 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Logitech
    2006-12-24 19:47 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Logitech
    2006-12-24 19:43 118,784 -r------- C:\WINDOWS\bwUnin-7.2.0.137-8876480SL.exe
    2006-12-24 19:41 71,680 --a------ C:\WINDOWS\system32\drivers\LMouKE.Sys
    2006-12-24 19:41 56,064 --a------ C:\WINDOWS\system32\drivers\L8042MOU.SYS
    2006-12-24 19:41 53,248 --a------ C:\WINDOWS\system32\KemXML.dll
    2006-12-24 19:41 3,712 --a------ C:\WINDOWS\system32\drivers\LBeepKE.sys
    2006-12-24 19:41 155,648 --a------ C:\WINDOWS\system32\kemutb.dll
    2006-12-24 19:41 13,568 --a------ C:\WINDOWS\system32\drivers\L8042Kbd.SYS
    2006-12-24 19:41 126,976 --a------ C:\WINDOWS\system32\KemUtil.dll
    2006-12-24 19:41 110,592 --a------ C:\WINDOWS\system32\KemWnd.dll
    2006-12-24 19:40 94,208 --a------ C:\WINDOWS\KHALMNPR.Exe
    2006-12-24 19:40 27,264 --a------ C:\WINDOWS\system32\drivers\LHidKE.Sys
    2006-12-24 19:40 <REP> d-------- C:\Program Files\Logitech
    2006-12-24 19:40 <REP> d-------- C:\Program Files\Fichiers communs\Logitech
    2006-12-24 19:36 21,504 --a------ C:\WINDOWS\system32\hidserv.dll
    2006-12-24 19:35 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys
    2006-12-24 17:55 <REP> d-------- C:\Documents and Settings\Dam\Application Data\U3
    2006-12-23 13:16 90,112 --a------ C:\WINDOWS\system32\AVASTSS.scr
    2006-12-23 13:16 87,424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
    2006-12-23 13:16 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
    2006-12-23 13:16 666,240 --a------ C:\WINDOWS\system32\aswBoot.exe
    2006-12-23 13:16 36,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
    2006-12-23 13:16 24,560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
    2006-12-23 13:16 16,352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
    2006-12-23 11:41 <REP> d-------- C:\divx
    2006-12-22 19:01 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Media Player Classic
    2006-12-22 19:01 <REP> d-------- C:\Documents and Settings\Dam\Application Data\DivX
    2006-12-22 19:00 <REP> d-------- C:\Program Files\Media Player Classic
    2006-12-22 18:40 <REP> d-------- C:\Program Files\Mozilla Firefox
    2006-12-22 18:40 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Mozilla
    2006-12-22 18:39 109,568 --------- C:\WINDOWS\system32\pxinsi64.exe
    2006-12-22 18:39 108,544 --------- C:\WINDOWS\system32\pxcpyi64.exe
    2006-12-22 18:38 <REP> d-------- C:\Program Files\DivX
    2006-12-22 16:22 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Apple Computer
    2006-12-21 21:28 <REP> d-------- C:\WINDOWS\WBEM
    2006-12-21 21:28 <REP> d-------- C:\WINDOWS\system32\fr-fr
    2006-12-21 21:26 <REP> d--h----- C:\WINDOWS\ie7
    2006-12-21 21:25 121,856 --------- C:\WINDOWS\system32\xmllite.dll
    2006-12-21 21:24 <REP> d-------- C:\WINDOWS\network diagnostic
    2006-12-21 21:22 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
    2006-12-21 19:58 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Adobe
    2006-12-21 18:12 <REP> d--hs---- C:\FOUND.000
    2006-12-18 19:55 <REP> d-------- C:\Program Files\SpywareBlaster
    2006-12-18 19:34 <REP> d-------- C:\Program Files\Spybot - Search & Destroy
    2006-12-18 19:34 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2006-12-18 19:08 <REP> d-------- C:\Program Files\a-squared Free
    2006-12-18 18:49 <REP> d-------- C:\WINDOWS\system32\appmgmt
    2006-12-17 14:31 <REP> d-------- C:\Program Files\Microsoft Works
    2006-12-17 14:30 <REP> d-------- C:\Program Files\MSBuild
    2006-12-17 14:30 <REP> d-------- C:\Program Files\Microsoft Visual Studio
    2006-12-17 14:30 <REP> d-------- C:\Program Files\Fichiers communs\DESIGNER
    2006-12-17 14:29 <REP> d-------- C:\Program Files\Microsoft.NET
    2006-12-17 14:24 <REP> d-------- C:\WINDOWS\SHELLNEW
    2006-12-17 14:24 <REP> d-------- C:\Program Files\Microsoft Office
    2006-12-17 14:23 <REP> dr-h----- C:\MSOCache
    2006-12-17 14:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2006-12-17 12:49 <REP> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
    2006-12-17 11:49 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Asus
    2006-12-17 10:06 <REP> d-------- C:\Program Files\MSXML 4.0
    2006-12-16 19:16 <REP> d-------- C:\WINDOWS\system32\PreInstall
    2006-12-16 19:11 <REP> d-------- C:\Documents and Settings\Dam\Application Data\HP
    2006-12-16 17:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\HP
    2006-12-16 17:22 <REP> d-------- C:\Program Files\Fichiers communs\Sonic Shared
    2006-12-16 17:22 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Sonic
    2006-12-16 17:13 <REP> d-------- C:\Program Files\Hewlett-Packard
    2006-12-16 17:12 <REP> d-------- C:\Program Files\Fichiers communs\Hewlett-Packard
    2006-12-16 17:11 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll
    2006-12-16 17:11 69,632 --a------ C:\WINDOWS\system32\HPZipm12.exe
    2006-12-16 17:11 65,536 --a------ C:\WINDOWS\system32\HPZinw12.exe
    2006-12-16 17:11 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll
    2006-12-16 17:11 306,688 --a------ C:\WINDOWS\IsUninst.exe
    2006-12-16 17:11 282,680 --a------ C:\WINDOWS\system32\HPZidr12.dll
    2006-12-16 17:11 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll
    2006-12-16 17:08 <REP> d--h----- C:\Config.Msi
    2006-12-16 17:06 77,824 -ra------ C:\WINDOWS\system32\HPZIDS01.dll
    2006-12-16 17:06 49,664 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys
    2006-12-16 17:06 38,400 --a------ C:\WINDOWS\system32\hpz3l054.dll
    2006-12-16 17:06 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys
    2006-12-16 17:05 827,392 -ra------ C:\WINDOWS\system32\hpotiop2.dll
    2006-12-16 17:05 659,456 -ra------ C:\WINDOWS\system32\hpowiax2.dll
    2006-12-16 17:05 282,624 -ra------ C:\WINDOWS\system32\HPZc3212.dll
    2006-12-16 17:05 26,496 --a------ C:\WINDOWS\system32\drivers\USBSTOR.SYS
    2006-12-16 17:05 254,026 -ra------ C:\WINDOWS\system32\hpovst09.dll
    2006-12-16 17:05 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
    2006-12-16 17:05 21,568 -ra------ C:\WINDOWS\system32\drivers\HPZius12.sys
    2006-12-16 17:04 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
    2006-12-16 17:02 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
    2006-12-16 16:20 <REP> d-------- C:\WINDOWS\system32\SoftwareDistribution
    2006-12-16 16:08 <REP> d-------- C:\Program Files\Lavasoft
    2006-12-16 16:08 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Lavasoft
    2006-12-16 14:57 <REP> d-------- C:\Program Files\PeDevice
    2006-12-16 14:46 <REP> d-------- C:\Program Files\QuickTime
    2006-12-16 14:46 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
    2006-12-16 14:44 <REP> d-------- C:\Program Files\Alwil Software
    2006-12-16 14:43 <REP> d--hs---- C:\WINDOWS\ftpcache
    2006-12-16 14:43 <REP> d-------- C:\Program Files\Free
    2006-12-16 13:36 <REP> d-------- C:\NVIDIA
    2006-12-16 13:12 <REP> d--hs---- C:\Documents and Settings\Dam\UserData
    2006-12-16 12:54 <REP> d-------- C:\Program Files\DAEMON Tools
    2006-12-16 12:15 <REP> d-------- C:\jeux
    2006-12-16 12:12 639,224 --a------ C:\WINDOWS\system32\drivers\sptd.sys
    2006-12-15 23:58 <REP> dr-h----- C:\Documents and Settings\Dam\SendTo
    2006-12-15 23:58 <REP> dr-h----- C:\Documents and Settings\Dam\Recent
    2006-12-15 23:58 <REP> dr-h----- C:\Documents and Settings\Dam\Application Data\.
    2006-12-15 23:58 <REP> dr-h----- C:\Documents and Settings\Dam\Application Data
    2006-12-15 23:58 <REP> dr------- C:\Documents and Settings\Dam\Mes documents
    2006-12-15 23:58 <REP> dr------- C:\Documents and Settings\Dam\Menu D‚marrer
    2006-12-15 23:58 <REP> dr------- C:\Documents and Settings\Dam\Favoris
    2006-12-15 23:58 <REP> d--hs---- C:\Documents and Settings\Dam\Cookies
    2006-12-15 23:58 <REP> d--h----- C:\Documents and Settings\Dam\Voisinage r‚seau
    2006-12-15 23:58 <REP> d--h----- C:\Documents and Settings\Dam\Voisinage d'impression
    2006-12-15 23:58 <REP> d--h----- C:\Documents and Settings\Dam\ModŠles
    2006-12-15 23:58 <REP> d--h----- C:\Documents and Settings\Dam\Local Settings
    2006-12-15 23:58 <REP> d---s---- C:\Documents and Settings\Dam\Application Data\Microsoft
    2006-12-15 23:58 <REP> d-------- C:\Documents and Settings\Dam\Bureau
    2006-12-15 23:58 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Symantec
    2006-12-15 23:58 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Intel
    2006-12-15 23:58 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Identities
    2006-12-15 23:58 <REP> d-------- C:\Documents and Settings\Dam\Application Data\..
    2006-12-15 23:58 <REP> d-------- C:\Documents and Settings\Dam\..
    2006-12-15 23:58 <REP> d-------- C:\Documents and Settings\Dam\.
    2006-12-15 21:56 <REP> d-------- C:\Program Files\QuickPar
    2006-12-15 21:21 <REP> d-------- C:\Program Files\HP
    2006-12-15 21:21 <REP> d-------- C:\Program Files\Fichiers communs\HP
    2006-12-15 21:21 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Image Zone Express
    2006-12-15 21:06 <REP> d-------- C:\Program Files\WinRAR
    2006-12-15 20:57 <REP> d-------- C:\Program Files\GrabIt
    2006-12-15 19:20 <REP> d-------- C:\Program Files\adslTV
    2006-12-15 19:20 <REP> d-------- C:\Documents and Settings\Dam\Application Data\vlc
    2006-12-15 19:17 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Macromedia
    2006-12-15 19:01 186,368 --a------ C:\WINDOWS\ASUS_1600x1200_white.scr
    2006-12-15 19:01 <REP> d-------- C:\Program Files\ASUS_1600x1200_white
    2006-12-15 18:21 <REP> d-------- C:\Program Files\Google
    2006-12-15 18:21 <REP> d-------- C:\Documents and Settings\Dam\Application Data\Google
    2006-12-15 18:21 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
    2006-12-15 18:21 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google
    2006-12-12 17:30 520,192 --a------ C:\WINDOWS\system32\DivXsm.exe
    2006-12-12 17:30 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
    2006-12-12 17:30 200,704 --a------ C:\WINDOWS\system32\ssldivx.dll
    2006-12-12 17:30 1,044,480 --a------ C:\WINDOWS\system32\libdivx.dll
    2006-12-12 17:25 806,912 --a------ C:\WINDOWS\system32\divx_xx0c.dll
    2006-12-12 17:25 806,912 --a------ C:\WINDOWS\system32\divx_xx07.dll
    2006-12-12 17:25 790,528 --a------ C:\WINDOWS\system32\divx_xx11.dll
    2006-12-12 17:25 73,728 --a------ C:\WINDOWS\system32\dpl100.dll
    2006-12-12 17:25 635,486 --a------ C:\WINDOWS\system32\DivX.dll
    2006-12-12 17:25 593,920 --a------ C:\WINDOWS\system32\dpuGUI11.dll
    2006-12-12 17:25 57,344 --a------ C:\WINDOWS\system32\dpv11.dll
    2006-12-12 17:25 53,248 --a------ C:\WINDOWS\system32\dpuGUI10.dll
    2006-12-12 17:25 344,064 --a------ C:\WINDOWS\system32\dpus11.dll
    2006-12-12 17:25 294,912 --a------ C:\WINDOWS\system32\dpu11.dll
    2006-12-12 17:25 294,912 --a------ C:\WINDOWS\system32\dpu10.dll
    2006-12-12 17:25 196,608 --a------ C:\WINDOWS\system32\dtu100.dll
    2006-12-12 17:24 12,288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
    2006-12-12 17:24 118,784 --a------ C:\WINDOWS\system32\DivXCodecUpdateChecker.exe


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


    2006-12-07 05:14 2330624 --a------ C:\WINDOWS\system32\wmvcore.dll
    2006-11-08 06:07 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
    2006-11-07 21:03 6049280 --------- C:\WINDOWS\system32\ieframe.dll
    2006-11-07 21:03 50688 --------- C:\WINDOWS\system32\msfeedsbs.dll
    2006-11-07 21:03 458752 --------- C:\WINDOWS\system32\msfeeds.dll
    2006-11-07 21:03 413696 --a------ C:\WINDOWS\system32\vbscript.dll
    2006-11-07 21:03 231424 --a------ C:\WINDOWS\system32\webcheck.dll
    2006-11-07 21:03 180736 --------- C:\WINDOWS\system32\ieui.dll
    2006-11-07 21:03 156160 --a------ C:\WINDOWS\system32\msls31.dll
    2006-11-07 03:27 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll
    2006-11-07 03:27 229376 --a------ C:\WINDOWS\system32\ieaksie.dll
    2006-11-07 03:26 71680 --a------ C:\WINDOWS\system32\admparse.dll
    2006-11-07 03:26 55296 --a------ C:\WINDOWS\system32\iesetup.dll
    2006-11-07 03:26 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe
    2006-11-07 03:26 43008 --a------ C:\WINDOWS\system32\iernonce.dll
    2006-11-07 03:26 152064 --a------ C:\WINDOWS\system32\ieakeng.dll
    2006-11-07 03:26 13312 --a------ C:\WINDOWS\system32\ieudinit.exe
    2006-11-07 03:26 123904 --a------ C:\WINDOWS\system32\advpack.dll
    2006-11-07 03:25 161792 --a------ C:\WINDOWS\system32\ieakui.dll
    2006-11-04 14:14 1245696 --a------ C:\WINDOWS\system32\msxml4.dll
    2006-10-26 14:42 36160 --a------ C:\WINDOWS\system32\FM20FRA.DLL
    2006-10-26 14:10 33088 --a------ C:\WINDOWS\system32\FM20ENU.DLL
    2006-10-26 14:10 1190688 --a------ C:\WINDOWS\system32\FM20.DLL
    2006-10-26 13:45 293376 --a------ C:\WINDOWS\system32\WISPTIS.EXE
    2006-10-26 13:45 207360 --a------ C:\WINDOWS\system32\INKED.DLL
    2006-10-22 09:26 0 -rahs---- C:\MSDOS.SYS
    2006-10-22 09:26 0 -rahs---- C:\IO.SYS
    2006-10-22 09:26 0 --a------ C:\CONFIG.SYS
    2006-10-22 09:26 0 --a------ C:\AUTOEXEC.BAT
    2006-10-20 02:38 716800 --a------ C:\WINDOWS\system32\sxs.dll
    2006-10-17 12:06 78336 --a------ C:\WINDOWS\system32\ieencode.dll
    2006-10-17 12:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll
    2006-10-17 12:05 206336 --------- C:\WINDOWS\system32\WinFXDocObj.exe
    2006-10-17 12:05 105984 --a------ C:\WINDOWS\system32\url.dll
    2006-10-17 12:04 101376 --a------ C:\WINDOWS\system32\occache.dll
    2006-10-17 12:03 17408 --a------ C:\WINDOWS\system32\corpol.dll
    2006-10-17 11:58 61952 --------- C:\WINDOWS\system32\icardie.dll
    2006-10-17 11:58 12288 --------- C:\WINDOWS\system32\msfeedssync.exe
    2006-10-17 11:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll
    2006-10-17 11:57 266752 --------- C:\WINDOWS\system32\iertutil.dll
    2006-10-17 11:56 45568 --a------ C:\WINDOWS\system32\mshta.exe
    2006-10-17 11:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
    2006-10-17 11:27 380928 --------- C:\WINDOWS\system32\ieapfltr.dll
    2006-10-13 13:36 65536 --a------ C:\WINDOWS\system32\nwwks.dll
    2006-10-13 13:36 64000 --a------ C:\WINDOWS\system32\nwapi32.dll
    2006-10-13 13:36 145920 --a------ C:\WINDOWS\system32\nwprovau.dll


    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries are not shown

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "Net4Switch"="C:\\Program Files\\ASUS\\Net4Switch\\Net4Switch.exe"
    "swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.908.6962\\GoogleToolbarNotifier.exe"
    "LDM"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"
    "HitwarePKLite"="C:\\PROGRA~1\\HITWAR~1\\HITWAR~1.EXE"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "HControl"="C:\\WINDOWS\\ATK0100\\HControl.exe"
    "ehTray"="C:\\WINDOWS\\ehome\\ehtray.exe"
    "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
    "nwiz"="nwiz.exe /install"
    "NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
    "RTHDCPL"="RTHDCPL.EXE"
    "SkyTel"="SkyTel.EXE"
    "Alcmtr"="ALCMTR.EXE"
    "PowerForPhone"="C:\\Program Files\\ASUS\\PowerForPhone\\PowerForPhone.exe"
    "ASUS Live Update"="C:\\Program Files\\ASUS\\ASUS Live Update\\ALU.exe"
    "ACMON"="C:\\Program Files\\ASUS\\Splendid\\ACMON.exe"
    "Wireless Console 2"="C:\\Program Files\\Wireless Console 2\\wcourier.exe"
    "ATKMEDIA"="C:\\Program Files\\ASUS\\ATK Media\\DMEDIA.EXE"
    "SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
    "ABLKSR"="C:\\WINDOWS\\ABLKSR\\ABLKSR.exe"
    "RemoteControl"="\"C:\\Program Files\\ASUSTeK\\ASUSDVD\\PDVDServ.exe\""
    "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe"
    "Power_Gear"="C:\\Program Files\\ASUS\\Power4 Gear\\BatteryLife.exe 1"
    "IntelZeroConfig"="\"C:\\Program Files\\Intel\\Wireless\\bin\\ZCfgSvc.exe\""
    "IntelWireless"="\"C:\\Program Files\\Intel\\Wireless\\Bin\\ifrmewrk.exe\" /tf Intel PROSet/Wireless"
    "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\\Program Files\\Google\\Gmail Notifier\\gnotify.exe"
    "avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
    "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE"
    @=""

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
    "DeskHtmlVersion"=dword:00000110
    "DeskHtmlMinorVersion"=dword:00000005
    "Settings"=dword:00000001
    "GeneralFlags"=dword:00000001

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
    "Source"="About:Home"
    "SubscribedURL"="About:Home"
    "FriendlyName"="Ma page d'accueil"
    "Flags"=dword:00000002
    "Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,02,03,00,00,00,\
    00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
    "CurrentState"=hex:04,00,00,40
    "OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
    ff,ff,04,00,00,00
    "RestoredStateInfo"=hex:18,00,00,00,d2,03,00,00,23,00,00,00,1c,01,00,00,dc,00,\
    00,00,01,00,00,00

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
    "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
    "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "dontdisplaylastusername"=dword:00000000
    "legalnoticecaption"=""
    "legalnoticetext"=""
    "shutdownwithoutlogon"=dword:00000001
    "undockwithoutlogon"=dword:00000001

    [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
    "NoDriveTypeAutoRun"=dword:00000091

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
    "PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
    "CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
    "WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
    "SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

    Completion time: 07-01-07 20:13:00.51
    C:\ComboFix2.txt ... 07-01-07 19:03
    C:\ComboFix.txt ... 07-01-07 20:13

    Re,

    Selectionne le texte dans le cadre :

    Citation :
    C:\WINDOWS\system32\jkyfexwo.dll
    C:\WINDOWS\system32\wifbadgl.exe
    C:\WINDOWS\system32\toehrhwi.dll


    ---> Clique Droit puis Copier.
    ----------

    -- Ouvre Killbox.exe
    -- Choisis "Delete on reboot"
    -- Clique sur :
    - " File " -> " Paste from Clipboard "
    - " All Files "

    Pour terminer clique sur [:angeldark:3]

    Une question te sera alors posée :
    " File will be Removed on Reboot, Do you want to reboot now ? "

    -- Répond par OUI, un compte à rebours s'enclenche, ton PC va redémarrer.
    -- Après redémarrage, relance Killbox puis clique sur le menu : Files -> Logs -> Actions History Log, poste ce rapport ici.

    NOTE: Si tu reçois le message "PendingFileRenameOperations Registry Data has been removed by external process!"
    Redémarre ton PC manuellement.

    AIDE : Tuto sur KillBox (Jesses)

    Redémarre en mode sans échec

    Ouvre le dossier clean, double-clique sur clean.cmd.
    Choisis l'option 2 puis patiente.

    Redémarre normalement

    - Le rapport clean : Poste de travail / double clic sur disque C / double-clic sur rapport_clean.txt et copier/coller le contenu ici C:\rapport_clean.txt

    rapport killbox:

    Pocket Killbox version 2.0.0.648
    Running on Windows XP as Dam(Administrator)
    was started @ dimanche, janvier 07, 2007, 6:55 PM

    # 1 [Delete on Reboot]
    Path = C:\WINDOWS\system32\sjjwlghr.exe


    # 2 [Delete on Reboot]
    Path = C:\WINDOWS\system32\ipmsuseh.exe


    # 3 [Delete on Reboot]
    Path = C:\WINDOWS\system32\leauoetr.exe


    # 4 [Delete on Reboot]
    Path = C:\WINDOWS\system32\atcjljhh.exe


    # 5 [Delete on Reboot]
    Path = C:\WINDOWS\system32\pbrbgujo.exe


    # 6 [Delete on Reboot]
    Path = C:\WINDOWS\system32\gdemwtbl.exe


    # 7 [Delete on Reboot]
    Path = C:\WINDOWS\system32\ndidfqlr.exe


    # 8 [Delete on Reboot]
    Path = C:\WINDOWS\system32\devvghus.exe


    # 9 [Delete on Reboot]
    Path = C:\WINDOWS\system32\qbewfmnp.exe


    # 10 [Delete on Reboot]
    Path = C:\WINDOWS\system32\yidejlrm.exe


    # 11 [Delete on Reboot]
    Path = C:\WINDOWS\system32\ebcmqcin.exe


    # 12 [Delete on Reboot]
    Path = C:\WINDOWS\system32\aknmfmkf.exe


    # 13 [Delete on Reboot]
    Path = C:\WINDOWS\system32\ekojlorq.exe


    # 14 [Delete on Reboot]
    Path = C:\WINDOWS\system32\uvtgqlau.exe


    # 15 [Delete on Reboot]
    Path = C:\WINDOWS\system32\sloxbwcv.exe


    # 16 [Delete on Reboot]
    Path = C:\WINDOWS\system32\flbanvtd.exe


    # 17 [Delete on Reboot]
    Path = C:\WINDOWS\system32\nhqfmwfm.exe


    # 18 [Delete on Reboot]
    Path = C:\WINDOWS\system32\mkuchpgq.exe


    # 19 [Delete on Reboot]
    Path = C:\WINDOWS\system32\fhgibojn.exe


    # 20 [Delete on Reboot]
    Path = C:\WINDOWS\system32\unsvchosts.exe


    # 21 [Delete on Reboot]
    Path = C:\WINDOWS\system32\xykwkrlp.exe


    # 22 [Delete on Reboot]
    Path = C:\WINDOWS\system32\wnekardj.dll


    # 23 [Delete on Reboot]
    Path = C:\Program Files\Fichiers communs\Yazzle1162OinUninstaller.exe


    # 24 [Delete on Reboot]
    Path = C:\Program Files\VSAdd-in\VSAdd-in.dll


    I Rebooted @ 6:56:00 PM
    Killbox Closed(Exit) @ 6:56:13 PM
    __________________________________________________

    Pocket Killbox version 2.0.0.648
    Running on Windows XP as Dam(Administrator)
    was started @ dimanche, janvier 07, 2007, 6:59 PM

    Killbox Closed(Exit) @ 7:03:25 PM
    __________________________________________________

    Pocket Killbox version 2.0.0.648
    Running on Windows XP as Dam(Administrator)
    was started @ dimanche, janvier 07, 2007, 7:39 PM

    # 1 [Delete on Reboot]
    Path = C:\WINDOWS\system32\fncjuwhp.dll


    # 2 [Delete on Reboot]
    Path = C:\WINDOWS\system32\advikxyn.dll


    # 3 [Delete on Reboot]
    Path = C:\WINDOWS\system32\xmsuadpf.dll


    # 4 [Delete on Reboot]
    Path = C:\WINDOWS\system32\cqalyamr.dll


    # 5 [Delete on Reboot]
    Path = C:\WINDOWS\system32\nexlxgdp.dll


    # 6 [Delete on Reboot]
    Path = C:\WINDOWS\system32\mrsrrbfg.dll


    # 7 [Delete on Reboot]
    Path = C:\WINDOWS\system32\sfofktbv.dll


    # 8 [Delete on Reboot]
    Path = C:\WINDOWS\system32\sugfqlpx.dll


    # 9 [Delete on Reboot]
    Path = C:\WINDOWS\system32\wvuirebv.dll


    # 10 [Delete on Reboot]
    Path = C:\WINDOWS\system32\agfnmmdj.dll


    # 11 [Delete on Reboot]
    Path = C:\WINDOWS\system32\esrfbvkd.dll


    # 12 [Delete on Reboot]
    Path = C:\WINDOWS\system32\vjnujbog.dll


    # 13 [Delete on Reboot]
    Path = C:\WINDOWS\system32\qfamhiir.dll


    # 14 [Delete on Reboot]
    Path = C:\WINDOWS\system32\vyuumdcm.dll


    # 15 [Delete on Reboot]
    Path = C:\WINDOWS\system32\ljjkljh.dll


    # 16 [Delete on Reboot]
    Path = C:\WINDOWS\system32\ptpusb.dll


    # 17 [Delete on Reboot]
    Path = C:\WINDOWS\system32\ptpusd.dll


    # 18 [Delete on Reboot]
    Path = C:\WINDOWS\system32\jhhhgiuu.dll


    # 19 [Delete on Reboot]
    Path = C:\WINDOWS\system32\ysrxawwr.dll


    # 20 [Delete on Reboot]
    Path = C:\WINDOWS\system32\atewgriu.dll


    # 21 [Delete on Reboot]
    Path = C:\WINDOWS\system32\dkprydon.dll


    # 22 [Delete on Reboot]
    Path = C:\WINDOWS\system32\gdxgcnpa.dll


    # 23 [Delete on Reboot]
    Path = C:\WINDOWS\system32\sstqoop.dll


    # 24 [Delete on Reboot]
    Path = C:\WINDOWS\system32\khfcaya.dll


    I Rebooted @ 7:40:34 PM
    Killbox Closed(Exit) @ 7:40:41 PM
    __________________________________________________

    Pocket Killbox version 2.0.0.648
    Running on Windows XP as Dam(Administrator)
    was started @ dimanche, janvier 07, 2007, 7:43 PM

    Killbox Closed(Exit) @ 7:44:54 PM
    __________________________________________________

    Pocket Killbox version 2.0.0.648
    Running on Windows XP as Dam(Administrator)
    was started @ dimanche, janvier 07, 2007, 8:33 PM

    # 1 [Delete on Reboot]
    Path = C:\WINDOWS\system32\jkyfexwo.dll


    # 2 [Delete on Reboot]
    Path = C:\WINDOWS\system32\wifbadgl.exe


    # 3 [Delete on Reboot]
    Path = C:\WINDOWS\system32\toehrhwi.dll


    I Rebooted @ 8:33:49 PM
    Killbox Closed(Exit) @ 8:33:54 PM
    __________________________________________________

    Pocket Killbox version 2.0.0.648
    Running on Windows XP as Dam(Administrator)
    was started @ dimanche, janvier 07, 2007, 8:38 PM


    et le rapport clean :

    Script execute en mode sans echec
    Rapport clean par Malekal_morte - http://www.malekal.com
    Option 2, executee le 07/01/2007 a 20:43:43,90

    Microsoft Windows XP [version 5.1.2600]

    *** Suppression de fichiers sur C:

    *** Suppression des fichiers dans C:\WINDOWS\

    *** Suppression des fichiers dans C:\WINDOWS\system32

    tentative de suppression de "C:\Program Files\DivX\Google\Firefox\ffinstaller.exe"
    tentative de suppression de "C:\Program Files\PeDevice\"
    tentative de suppression de "C:\Program Files\VSAdd-in\"

    *** Suppression des clefs du registre effectuee..
    *** Fin du rapport !

    le rapport panda:


    Incident Statut Analyse

    Spyware:Cookie/2o7 No Désinfecté C:\Documents and Settings\LocalService\Cookies\system@2o7[1].txt
    Outil indésirable:Application/Pskill.K No Désinfecté C:\Documents and Settings\Dam\Bureau\clean.zip[clean/pskill.exe]
    Outil indésirable:Application/Pskill.K No Désinfecté C:\Documents and Settings\Dam\Bureau\clean\pskill.exe
    Spyware:Cookie/DriveCleaner No Désinfecté C:\Documents and Settings\Dam\Cookies\dam@stats.drivecleaner[2].txt
    Spyware:Cookie/Mediaplex No Désinfecté C:\Documents and Settings\Dam\Cookies\dam@mediaplex[1].txt
    Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\Dam\Cookies\dam@tradedoubler[2].txt
    Spyware:Cookie/Overture No Désinfecté C:\Documents and Settings\Dam\Cookies\dam@overture[2].txt
    Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Dam\Cookies\dam@xiti[1].txt
    Spyware:Cookie/fe.lea.lycos No Désinfecté C:\Documents and Settings\Dam\Cookies\dam@fe.lea.lycos[1].txt
    Spyware:Cookie/Searchportal No Désinfecté C:\Documents and Settings\Dam\Cookies\dam@searchportal.information[1].txt
    Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\Dam\Cookies\dam@weborama[2].txt
    Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\Dam\Cookies\dam@adtech[2].txt
    Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Dam\Cookies\dam@bluestreak[2].txt
    Spyware:Cookie/Tucows No Désinfecté C:\Documents and Settings\Dam\Cookies\dam@tucows[1].txt
    Spyware:Cookie/Advertising No Désinfecté C:\Documents and Settings\Dam\Cookies\dam@advertising[2].txt
    Spyware:Cookie/DriveCleaner No Désinfecté C:\Documents and Settings\Dam\Cookies\dam@drivecleaner[2].txt
    Spyware:Cookie/Hitbox No Désinfecté C:\Documents and Settings\Dam\Cookies\dam@hitbox[2].txt
    Spyware:Cookie/Reliablestats No Désinfecté C:\Documents and Settings\Dam\Cookies\dam@stats1.reliablestats[1].txt
    Spyware:Cookie/Reliablestats No Désinfecté C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[stats1.reliablestats.com/]
    Spyware:Cookie/Hbmediapro No Désinfecté C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.adopt.hbmediapro.com/]
    Spyware:Cookie/Adtech No Désinfecté C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.adtech.de/]
    Spyware:Cookie/Com.com No Désinfecté C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.com.com/]
    Spyware:Cookie/cs.sexcounter No Désinfecté C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.cs.sexcounter.com/]
    Spyware:Cookie/DriveCleaner No Désinfecté C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.drivecleaner.com/]
    Spyware:Cookie/fe.lea.lycos No Désinfecté C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.fe.lea.lycos.fr/]
    Spyware:Cookie/Findwhat No Désinfecté C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.findwhat.com/]
    Spyware:Cookie/Go No Désinfecté C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.go.com/]
    Spyware:Cookie/Overture No Désinfecté C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.overture.com/]
    Spyware:Cookie/QuestionMarket No Désinfecté C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.questionmarket.com/]
    Spyware:Cookie/RealMedia No Désinfecté C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.realmedia.com/]
    Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.serving-sys.com/]
    Spyware:Cookie/DriveCleaner No Désinfecté C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.stats.drivecleaner.com/]
    Spyware:Cookie/Weborama No Désinfecté C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.weborama.fr/]
    Spyware:Cookie/DriveCleaner No Désinfecté C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.www.drivecleaner.com/]
    Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Dam\Application Data\Mozilla\Firefox\Profiles\fkkdc08l.default\cookies.txt[.xiti.com/]
    Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\VSAdd-in.dll
    Adware:Adware/Yazzle No Désinfecté C:\!KillBox\Yazzle1162OinUninstaller.exe
    Adware:Adware/Alexa-Toolbar No Désinfecté C:\!KillBox\wnekardj.dll
    Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\xykwkrlp.exe
    Adware:Adware/Maxifiles No Désinfecté C:\!KillBox\unsvchosts.exe
    Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\fhgibojn.exe
    Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\mkuchpgq.exe
    Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\nhqfmwfm.exe
    Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\flbanvtd.exe
    Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\sloxbwcv.exe
    Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\uvtgqlau.exe
    Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\ekojlorq.exe
    Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\aknmfmkf.exe
    Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\ebcmqcin.exe
    Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\yidejlrm.exe
    Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\qbewfmnp.exe
    Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\devvghus.exe
    Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\ndidfqlr.exe
    Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\gdemwtbl.exe
    Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\pbrbgujo.exe
    Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\atcjljhh.exe
    Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\leauoetr.exe
    Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\ipmsuseh.exe
    Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\sjjwlghr.exe
    Outil indésirable:Application/VSToolbar No Désinfecté C:\!KillBox\wifbadgl.exe

    De rien ;) 

    Edite ton premier message avec puis ajoute (Résolu) au titre.

    Dénonce ton infection (Vundo) pour faire condamner les auteurs, ça serait sympa.
    Crée un message pour faire avancer les choses sur Malware-Complaints, nous devons être le plus nombreux possibles, alors rends compte de ton infection.
    AIDE : Comment rapporter son infection sur Malware-Complaints ?

  • Consulte cette page pour éviter que ces problèmes ne réapparaissent.
  • Apprends à reconnaître les logiciels légitimes ou non en consultant cette page.

    :hello: 
    Lassé par la pub ? Créez un compte

    Créer un nouveau sujet

    • Contenus similaires :
    Tom's guide dans le monde