Popups System doctor,win antivirus etc...

Bonjour



Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
http://www.atribune.org/ccount/click.php?id=4

* Double-clique VundoFix.exe afin de le lancer.
* Lorsque l'outil se lance à nouveau, clique sur le bouton Scan for Vundo
* Clique sur le bouton Scan for Vundo.
* Lorsque le scan est complété, clique sur le bouton Remove Vundo.
* Une invite te demandera si tu veux supprimer les fichiers, clique YES
* Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
* Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown"); clique OK
* Démarre ton PC à nouveau.
* Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse.

Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".

Voila le rapport Vundo :

VundoFix V6.3.20

Checking Java version...

Java version is 1.5.0.3
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.11

Scan started at 00:09:47 29/04/2007

Listing files found while scanning....

C:\WINDOWS\system32\acuugwym.dll
C:\WINDOWS\system32\axwxihwt.dll
C:\WINDOWS\system32\cbxyayv.dll
C:\WINDOWS\system32\hggeebc.dll
C:\WINDOWS\system32\hhhkj.ini
C:\WINDOWS\system32\jkhhh.dll
C:\WINDOWS\system32\kkfpyngt.dll
C:\WINDOWS\system32\klnmp.bak1
C:\WINDOWS\system32\klnmp.bak2
C:\WINDOWS\system32\klnmp.ini
C:\WINDOWS\system32\looaxgxt.dll
C:\WINDOWS\system32\ncojvjev.dll
C:\WINDOWS\system32\pmnlk.dll
C:\WINDOWS\system32\vtsqr.dll
C:\WINDOWS\system32\wwvfaltt.exe

Beginning removal...

Attempting to delete C:\WINDOWS\system32\acuugwym.dll
C:\WINDOWS\system32\acuugwym.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\axwxihwt.dll
C:\WINDOWS\system32\axwxihwt.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\cbxyayv.dll
C:\WINDOWS\system32\cbxyayv.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\hggeebc.dll
C:\WINDOWS\system32\hggeebc.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\hhhkj.ini
C:\WINDOWS\system32\hhhkj.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\kkfpyngt.dll
C:\WINDOWS\system32\kkfpyngt.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\klnmp.bak1
C:\WINDOWS\system32\klnmp.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\system32\klnmp.bak2
C:\WINDOWS\system32\klnmp.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\klnmp.ini
C:\WINDOWS\system32\klnmp.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\ncojvjev.dll
C:\WINDOWS\system32\ncojvjev.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\pmnlk.dll
C:\WINDOWS\system32\pmnlk.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\wwvfaltt.exe
C:\WINDOWS\system32\wwvfaltt.exe Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete C:\WINDOWS\system32\cbxyayv.dll
C:\WINDOWS\system32\cbxyayv.dll Has been deleted!

Performing Repairs to the registry.
Done!

et voila le rapport HijackThis :

Logfile of HijackThis v1.99.1
Scan saved at 00:19:30, on 29/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\lclock.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
D:\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\bertrand\Bureau\Popup system\Scanner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.free.fr/search/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.ircfast.com/index.php?rvs=hompag
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.free.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {285CD8DE-4B84-4AA9-9CFD-52AEAC6E5921} - C:\WINDOWS\system32\vtsqr.dll (file missing)
O2 - BHO: (no name) - {2FB0AD5D-2153-45E9-A044-50ADAFB8671D} - C:\WINDOWS\system32\jkhhh.dll (file missing)
O2 - BHO: (no name) - {51232824-8B71-45B8-8888-A533DDDB47Cc} - C:\WINDOWS\system32\aovijjin.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9182CF1E-5F65-409C-AF23-E19D118E7F8D} - C:\WINDOWS\system32\pmnlk.dll (file missing)
O2 - BHO: (no name) - {D651AFF4-9590-424d-BD1E-8E33E090DFB3} - C:\WINDOWS\system32\boegojyc.dll
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\system32\sgsthsyt.dll",setvm
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [InfoData] rundll32.exe "C:\WINDOWS\system32\oxbxyptu.dll",realset
O4 - HKCU\..\Run: [LClock] lclock.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [A00F235A1C.exe] C:\DOCUME~1\bertrand\LOCALS~1\Temp\_A00F235A1C.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech SetPoint.lnk = D:\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O14 - IERESET.INF: START_PAGE_URL=http://home.free.fr/
O18 - Protocol: bw+0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSN Messenger\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: jkhhh - C:\WINDOWS\system32\jkhhh.dll (file missing)
O20 - Winlogon Notify: vtsqr - C:\WINDOWS\system32\vtsqr.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: __c00BC7E4 - C:\WINDOWS\system32\__c00BC7E4.dat
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Analyse HijackThis possible plz ?

Bonsoir


$$ Relance un scan HijackThis et coche les lignes ci-dessous :

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {285CD8DE-4B84-4AA9-9CFD-52AEAC6E5921} - C:\WINDOWS\system32\vtsqr.dll (file missing)
O2 - BHO: (no name) - {2FB0AD5D-2153-45E9-A044-50ADAFB8671D} - C:\WINDOWS\system32\jkhhh.dll (file missing)
O2 - BHO: (no name) - {51232824-8B71-45B8-8888-A533DDDB47Cc} - C:\WINDOWS\system32\aovijjin.dll (file missing)
O2 - BHO: (no name) - {9182CF1E-5F65-409C-AF23-E19D118E7F8D} - C:\WINDOWS\system32\pmnlk.dll (file missing)
O2 - BHO: (no name) - {D651AFF4-9590-424d-BD1E-8E33E090DFB3} - C:\WINDOWS\system32\boegojyc.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\system32\sgsthsyt.dll",setvm
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [InfoData] rundll32.exe "C:\WINDOWS\system32\oxbxyptu.dll",realset
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [A00F235A1C.exe] C:\DOCUME~1\bertrand\LOCALS~1\Temp\_A00F235A1C.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O18 - Protocol: bw+0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - D:\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {FD48BF48-F78E-4B57-BC55-2558C358E855} - D:\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: jkhhh - C:\WINDOWS\system32\jkhhh.dll (file missing)
O20 - Winlogon Notify: vtsqr - C:\WINDOWS\system32\vtsqr.dll (file missing)
O20 - Winlogon Notify: __c00BC7E4 - C:\WINDOWS\system32\__c00BC7E4.dat

Ferme toutes les fenêtres Windows, Internet explorer, Outlook,sauf le logiciel Hijackthis et clique sur « Fix checked »


$$ Double-clique VundoFix.exe afin de le lancer.
[***]Ne clique pas sur "Scan for Vundo"

Fais un clic droit dans la fenêtre blanche et clique "Add more files?"

Dans la nouvelle fenêtre qui apparait, Copie/colle le chemin du fichier suivant dans la première case (au haut):

C:\WINDOWS\system32\boegojyc.dll

Copie/colle le chemin du fichier suivant dans la seconde case (au centre):

C:\WINDOWS\system32\sgsthsyt.dll

Copie/colle le chemin du fichier suivant dans la troisiéme case (en bas):

C:\WINDOWS\system32\oxbxyptu.dll

Clique sur le bouton "Add File(s)"

Clique sur le bouton "Close Window"

Clique à nouveau sur "Remove Vundo"

Une invite te demandera si tu veux supprimer les fichiers, clique YES

Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.

Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown"); clique OK

Démarre ton PC à nouveau.

Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse.