je n'arrive pas a supprimer les virus

Bonjour,

Télécharge puis installe Hijackthis (Trend Micro).
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2

voila le rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:37:22, on 16/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.x-co-r4liie.skyblog.com/
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BM07a05734] Rundll32.exe "C:\WINDOWS\system32\rydldyfa.dll",s
O4 - HKLM\..\Run: [049364a8] rundll32.exe "C:\WINDOWS\system32\nldiwtbm.dll",b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Bash Army] C:\DOCUME~1\Rambaud\APPLIC~1\BLUEVI~1\Soapdraw.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

--
End of file - 4210 bytes

Re,

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.

Double clique sur combofix.exe afin de le lancer.

Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.

pourquoi mn pc s'est éteint ?

Il a redémarré ?

oui

J'ai résséyé & voici le rapport


ComboFix 08-04-15.8 - Rambaud 2008-04-17 13:51:52.4 - FAT32x86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.411 [GMT 2:00]
Endroit: C:\Documents and Settings\Rambaud\Mes documents\ComboFix.exe

AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\adapkeqk.dll
C:\WINDOWS\system32\aewqqtdn.dll
C:\WINDOWS\system32\ahcqvpww.dll
C:\WINDOWS\system32\aiufhbgr.dll
C:\WINDOWS\system32\aondacmd.dll
C:\WINDOWS\system32\bajbtshx.dll
C:\WINDOWS\system32\bdejbotn.dll
C:\WINDOWS\system32\bfgcumrw.dll
C:\WINDOWS\system32\bhympsun.dll
C:\WINDOWS\system32\bkxyegns.dll
C:\WINDOWS\system32\bmsocicr.dll
C:\WINDOWS\system32\bsdnbmuq.ini
C:\WINDOWS\system32\bwydegvy.ini
C:\WINDOWS\system32\cghnsqcy.dll
C:\WINDOWS\system32\CJknnnpo.ini
C:\WINDOWS\system32\CJknnnpo.ini2
C:\WINDOWS\system32\crrvbgfq.ini
C:\WINDOWS\system32\DeghkUtv.ini
C:\WINDOWS\system32\DeghkUtv.ini2
C:\WINDOWS\system32\dflnqlcx.dll
C:\WINDOWS\system32\dgfkymlx.dll
C:\WINDOWS\system32\dglsetmw.dll
C:\WINDOWS\system32\dpnfwdpe.dll
C:\WINDOWS\system32\drisemna.dll
C:\WINDOWS\system32\epkjrjne.dll
C:\WINDOWS\system32\escivurg.dll
C:\WINDOWS\system32\exjniwwm.dll
C:\WINDOWS\system32\fjvgildk.dll
C:\WINDOWS\system32\fptilvtd.dll
C:\WINDOWS\system32\garsdaxq.ini
C:\WINDOWS\system32\gdsjsuig.dll
C:\WINDOWS\system32\gofaidcg.dll
C:\WINDOWS\system32\gvfxiptp.dll
C:\WINDOWS\system32\gxejphdb.ini
C:\WINDOWS\system32\gxytonju.ini
C:\WINDOWS\system32\hjdetnkk.ini
C:\WINDOWS\system32\hncetdcw.dll
C:\WINDOWS\system32\hogpiamo.dll
C:\WINDOWS\system32\hrytwupo.dll
C:\WINDOWS\system32\htismvly.dll
C:\WINDOWS\system32\huynbreq.dll
C:\WINDOWS\system32\hwvebmpx.dll
C:\WINDOWS\system32\ikfwyfwm.ini
C:\WINDOWS\system32\ilouqofu.ini
C:\WINDOWS\system32\iptobbwh.dll
C:\WINDOWS\system32\iqfosmpg.dll
C:\WINDOWS\system32\irrlaeec.dll
C:\WINDOWS\system32\ispxnnkt.ini
C:\WINDOWS\system32\isxgupfx.dll
C:\WINDOWS\system32\itltoepv.dll
C:\WINDOWS\system32\jfdmfowl.dll
C:\WINDOWS\system32\jrdivgld.dll
C:\WINDOWS\system32\junvekfy.dll
C:\WINDOWS\system32\jysspddh.dll
C:\WINDOWS\system32\kgsgjrgh.dll
C:\WINDOWS\system32\kkklgtuq.ini
C:\WINDOWS\system32\koxufwwp.ini
C:\WINDOWS\system32\kpjsbqcb.dll
C:\WINDOWS\system32\kvupwcwe.dll
C:\WINDOWS\system32\ldoqdiph.dll
C:\WINDOWS\system32\lkeswfhc.dll
C:\WINDOWS\system32\lkiibfjy.dll
C:\WINDOWS\system32\miaxrrar.dll
C:\WINDOWS\system32\mowhjndi.dll
C:\WINDOWS\system32\ntobjedb.ini
C:\WINDOWS\system32\ogjlcvco.ini
C:\WINDOWS\system32\ohorlfct.dll
C:\WINDOWS\system32\okdoojis.dll
C:\WINDOWS\system32\okhpfuuy.dll
C:\WINDOWS\system32\ombalpdb.dll
C:\WINDOWS\system32\onuyvivk.dll
C:\WINDOWS\system32\osmsudnr.ini
C:\WINDOWS\system32\oyiukhsg.dll
C:\WINDOWS\system32\pfsnvvxg.dll
C:\WINDOWS\system32\pgxlsixq.ini
C:\WINDOWS\system32\ppekgrcy.dll
C:\WINDOWS\system32\pqqBHRqr.ini
C:\WINDOWS\system32\pqqBHRqr.ini2
C:\WINDOWS\system32\ptpixfvg.ini
C:\WINDOWS\system32\pvebssbt.dll
C:\WINDOWS\system32\PXHNmUtv.ini
C:\WINDOWS\system32\PXHNmUtv.ini2
C:\WINDOWS\system32\qcjhfull.dll
C:\WINDOWS\system32\qumbndsb.dll
C:\WINDOWS\system32\qvinqjye.dll
C:\WINDOWS\system32\qvwbenct.dll
C:\WINDOWS\system32\rbfovckf.dll
C:\WINDOWS\system32\rdjpydat.dll
C:\WINDOWS\system32\rmapiqko.dll
C:\WINDOWS\system32\rtjbgwdi.dll
C:\WINDOWS\system32\rtxxwbnr.ini
C:\WINDOWS\system32\ruopydfr.dll
C:\WINDOWS\system32\sfdwowjx.dll
C:\WINDOWS\system32\srakshuu.dll
C:\WINDOWS\system32\sYIhQqru.ini
C:\WINDOWS\system32\sYIhQqru.ini2
C:\WINDOWS\system32\tafnxjwl.dll
C:\WINDOWS\system32\tasswwyr.dll
C:\WINDOWS\system32\tcxhbovb.ini
C:\WINDOWS\system32\tdnfvmvf.dll
C:\WINDOWS\system32\tktsveog.dll
C:\WINDOWS\system32\tnsllorw.dll
C:\WINDOWS\system32\totyrhxg.dll
C:\WINDOWS\system32\toxxgcpy.dll
C:\WINDOWS\system32\twkfmlox.dll
C:\WINDOWS\system32\txuhjgyf.dll
C:\WINDOWS\system32\udrsghoq.dll
C:\WINDOWS\system32\ufoquoli.dll
C:\WINDOWS\system32\ugeteesd.dll
C:\WINDOWS\system32\uhdogkhu.ini
C:\WINDOWS\system32\utxgghog.dll
C:\WINDOWS\system32\vrvqqfin.ini
C:\WINDOWS\system32\waogenua.dll
C:\WINDOWS\system32\wcdtecnh.ini
C:\WINDOWS\system32\wcpqeydi.dll
C:\WINDOWS\system32\wlfpejkq.dll
C:\WINDOWS\system32\wnqgqiru.dll
C:\WINDOWS\system32\wrxixeyq.dll
C:\WINDOWS\system32\xblucbfb.dll
C:\WINDOWS\system32\xgscvqgs.dll
C:\WINDOWS\system32\xumnpsmf.dll
C:\WINDOWS\system32\xvpxqdtm.dll
C:\WINDOWS\system32\ytnhpvrn.dll
C:\WINDOWS\system32\ywkqcuwi.ini
C:\WINDOWS\system32\Yxxwyyxx.ini
C:\WINDOWS\system32\Yxxwyyxx.ini2
.
---- Previous Run -------
.
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\mcrh.tmp

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-17 to 2008-04-17 ))))))))))))))))))))))))))))))))))))
.

2008-04-17 13:36 . 2008-04-17 13:36 1,169 --a------ C:\WINDOWS\mozver.dat
2008-04-17 13:00 . 2008-04-17 13:00 1,524,293 ---hs---- C:\WINDOWS\system32\ktxuotoq.ini
2008-04-17 12:42 . 2008-04-17 12:42 1,524,232 ---hs---- C:\WINDOWS\system32\mbugxlmh.ini
2008-04-17 12:29 . 2008-04-17 12:34 1,524,172 ---hs---- C:\WINDOWS\system32\vuwaguts.ini
2008-04-16 23:32 . 2008-04-16 23:32 <REP> d-------- C:\Documents and Settings\Rambaud\Application Data\Talkback
2008-04-16 23:31 . 2008-04-16 23:31 0 --a------ C:\WINDOWS\nsreg.dat
2008-04-16 23:20 . 2008-04-16 23:20 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TEMP
2008-04-16 23:20 . 2007-12-10 14:53 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2008-04-16 23:20 . 2007-12-10 14:53 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2008-04-16 23:20 . 2008-02-01 12:55 42,376 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2008-04-16 23:20 . 2007-12-10 14:53 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2008-04-16 23:19 . 2008-04-16 23:20 <REP> d-------- C:\Program Files\Spyware Doctor
2008-04-16 23:19 . 2008-04-16 23:20 <REP> d-------- C:\Documents and Settings\Rambaud\Application Data\PC Tools
2008-04-16 23:12 . 2008-04-16 23:12 <REP> d-------- C:\Program Files\Norton Security Scan
2008-04-16 23:07 . 2008-04-16 23:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
2008-04-16 21:24 . 2008-04-17 11:37 1,524,304 ---hs---- C:\WINDOWS\system32\yeuoxpnm.ini
2008-04-16 21:07 . 2008-04-16 21:18 1,524,244 ---hs---- C:\WINDOWS\system32\qainmvxi.ini
2008-04-16 21:00 . 2008-04-16 21:00 <REP> d--hs---- C:\FOUND.007
2008-04-16 20:17 . 2008-04-16 21:03 1,524,244 ---hs---- C:\WINDOWS\system32\afigdjxf.ini
2008-04-16 19:23 . 2008-04-16 20:06 1,525,616 ---hs---- C:\WINDOWS\system32\mbtwidln.ini
2008-04-16 19:07 . 2008-04-16 19:07 1,525,496 ---hs---- C:\WINDOWS\system32\upxurlyw.ini
2008-04-16 18:26 . 2008-04-16 18:56 1,525,436 ---hs---- C:\WINDOWS\system32\itrpxnef.ini
2008-04-16 18:16 . 2008-04-16 18:16 1,525,204 ---hs---- C:\WINDOWS\system32\yqkgcfyu.ini
2008-04-16 16:54 . 2008-04-16 16:59 1,558,699 ---hs---- C:\WINDOWS\system32\xxgrairr.ini
2008-04-16 16:51 . 2008-04-16 16:51 1,558,579 ---hs---- C:\WINDOWS\system32\tkqcglxr.ini
2008-04-16 16:49 . 2008-04-16 16:49 95,296 --a------ C:\WINDOWS\system32\rydldyfa.dll
2008-04-16 12:31 . 2008-04-16 16:44 1,570,729 ---hs---- C:\WINDOWS\system32\rllqggvj.ini
2008-04-16 12:28 . 2008-04-16 12:28 315,712 --a------ C:\WINDOWS\system32\opnnnkJC.dll
2008-04-16 08:04 . 2008-04-16 08:04 <REP> d--hs---- C:\FOUND.006
2008-04-15 21:32 . 2008-04-15 21:32 <REP> d-------- C:\WINDOWS\Lhsp
2008-04-15 21:31 . 2008-04-15 21:31 <REP> d-------- C:\WINDOWS\speech
2008-04-15 21:30 . 2008-04-15 21:30 <REP> d-------- C:\Program Files\Seline Office
2008-04-15 21:29 . 2008-04-15 21:29 <REP> d-------- C:\Program Files\Glary Utilities
2008-04-15 21:28 . 2008-04-15 21:28 <REP> d-------- C:\Program Files\CCleaner
2008-04-15 21:23 . 2008-04-15 21:23 <REP> d-------- C:\Program Files\AxBx
2008-04-15 20:57 . 2008-04-16 12:23 1,600,557 ---hs---- C:\WINDOWS\system32\ltrihnyt.ini
2008-04-15 20:00 . 2008-04-15 20:15 1,600,257 ---hs---- C:\WINDOWS\system32\ougvhnwp.ini
2008-04-15 19:57 . 2008-04-15 19:57 315,744 --a------ C:\WINDOWS\system32\xxyywxxY.dll
2008-04-15 10:58 . 2008-04-15 10:58 <REP> d--hs---- C:\FOUND.005
2008-04-14 23:08 . 2008-04-14 23:08 708,663 ---hs---- C:\WINDOWS\system32\osmsudnr.tmp
2008-04-14 21:40 . 2008-04-14 21:40 <REP> d--hs---- C:\FOUND.004
2008-04-13 23:07 . 2008-04-13 23:07 315,808 --a------ C:\WINDOWS\system32\rqRHBqqp.dll
2008-04-13 19:50 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-04-13 19:48 . 2008-04-13 19:48 315,808 --a------ C:\WINDOWS\system32\vtUmNHXP.dll
2008-04-13 15:45 . 2008-04-13 15:45 315,808 --a------ C:\WINDOWS\system32\vtUkhgeD.dll
2008-04-13 15:21 . 2008-04-13 15:21 <REP> d-------- C:\WINDOWS\Driver Cache
2008-04-12 21:12 . 2008-04-12 21:12 <REP> d-------- C:\Program Files\Navilog1
2008-04-12 21:02 . 2008-04-12 21:02 <REP> d-------- C:\fixwareout
2008-04-12 20:55 . 2008-04-12 20:55 <REP> d-------- C:\Program Files\Trend Micro
2008-04-12 18:58 . 2008-04-17 13:32 101,129 --a------ C:\WINDOWS\BM07a05734.xml
2008-04-12 12:46 . 2008-04-12 15:11 1,494 ---hs---- C:\WINDOWS\system32\opshrgxn.ini
2008-04-12 12:22 . 2008-04-12 12:40 1,134 ---hs---- C:\WINDOWS\system32\ocqalstk.ini
2008-04-11 21:57 . 2008-04-12 12:08 894 ---hs---- C:\WINDOWS\system32\qdmboufn.ini
2008-04-11 19:31 . 2008-04-11 19:58 774 ---hs---- C:\WINDOWS\system32\uimffbrx.ini
2008-04-11 19:24 . 2008-04-11 19:25 315,776 --a------ C:\WINDOWS\system32\pmnnOEtT.dll
2008-04-10 21:54 . 2008-04-11 18:57 654 ---hs---- C:\WINDOWS\system32\iaqinurt.ini
2008-04-10 21:48 . 2008-04-10 21:48 315,600 --a------ C:\WINDOWS\system32\urqQhIYs.dll
2008-04-10 20:24 . 2008-04-10 21:54 534 ---hs---- C:\WINDOWS\system32\botehtfo.ini
2008-04-10 19:34 . 2008-04-10 19:39 354 ---hs---- C:\WINDOWS\system32\iyhmyfvu.ini
2008-04-09 21:44 . 2008-04-09 21:44 215 --a------ C:\WINDOWS\system32\MRT.INI
2008-04-09 21:35 . 2008-04-09 21:35 1,846 ---hs---- C:\WINDOWS\system32\keqjqdoc.ini
2008-04-09 20:27 . 2008-04-09 21:31 1,786 ---hs---- C:\WINDOWS\system32\tjtukwuw.ini
2008-04-09 19:19 . 2008-04-09 20:11 1,666 ---hs---- C:\WINDOWS\system32\ogjnxlat.ini
2008-04-09 19:04 . 2008-04-09 19:04 315,600 --a------ C:\WINDOWS\system32\jkkKdddc.dll
2008-04-09 13:54 . 2008-04-09 18:59 1,486 ---hs---- C:\WINDOWS\system32\efgdernp.ini
2008-04-08 22:20 . 2008-04-09 13:06 1,366 ---hs---- C:\WINDOWS\system32\pyxqcqfj.ini
2008-04-08 21:18 . 2008-04-08 22:09 1,246 ---hs---- C:\WINDOWS\system32\qdbwbehg.ini
2008-04-08 21:08 . 2008-04-08 21:08 1,014 ---hs---- C:\WINDOWS\system32\opverybe.ini
2008-04-08 19:57 . 2008-04-08 20:56 954 ---hs---- C:\WINDOWS\system32\evfclxfk.ini
2008-04-08 18:17 . 2008-04-08 18:40 774 ---hs---- C:\WINDOWS\system32\dmxrjwpm.ini
2008-04-08 18:00 . 2008-04-08 18:01 654 ---hs---- C:\WINDOWS\system32\acgnpudw.ini
2008-04-07 19:42 . 2008-04-08 17:50 594 ---hs---- C:\WINDOWS\system32\bivheend.ini
2008-04-07 19:41 . 2008-04-07 19:41 294 ---hs---- C:\WINDOWS\system32\dvpuuwnc.ini
2008-04-07 16:04 . 2006-11-29 21:22 568,790 --a------ C:\WINDOWS\photos_1280.jpg
2008-04-07 16:02 . 2008-04-07 16:02 7,168 --ahs---- C:\WINDOWS\system32\Thumbs.db
2008-04-06 20:56 . 2008-04-06 20:56 714 ---hs---- C:\WINDOWS\system32\qadhgkhi.ini
2008-04-06 19:50 . 2008-04-06 19:51 4,274 --a------ C:\WINDOWS\IFiltSet.Ini
2008-04-06 17:02 . 2008-04-06 20:51 654 ---hs---- C:\WINDOWS\system32\exjgoeim.ini
2008-04-06 16:56 . 2008-04-06 16:56 414 ---hs---- C:\WINDOWS\system32\imxyrqti.ini
2008-04-06 14:23 . 2005-06-18 00:15 1,338,368 --a------ C:\WINDOWS\system32\cSHDOCVW.DLL
2008-04-06 14:23 . 1998-06-23 23:00 209,192 --a------ C:\WINDOWS\system32\TABCTL32.OCX
2008-04-06 14:23 . 2005-09-20 18:52 203,976 --a------ C:\WINDOWS\system32\RICHTX32.OCX
2008-04-06 14:23 . 2004-03-09 16:45 152,848 --a------ C:\WINDOWS\system32\comdlg32.ocx
2008-04-06 14:23 . 2000-10-01 23:00 119,568 --a------ C:\WINDOWS\system32\VB6FR.DLL
2008-04-06 14:17 . 2008-04-06 16:47 354 ---hs---- C:\WINDOWS\system32\imunpqgv.ini
2008-04-06 12:11 . 2008-04-06 12:11 <REP> d-------- C:\Program Files\MalwareAlarm
2008-04-05 19:24 . 2008-04-07 16:04 51,200 --ahs---- C:\WINDOWS\Thumbs.db
2008-04-05 17:41 . 2008-04-05 17:41 <REP> d-------- C:\Program Files\PhotoScape
2008-04-04 20:25 . 2008-04-05 18:00 586 ---hs---- C:\WINDOWS\system32\gaounhnx.ini
2008-04-02 18:51 . 2008-03-29 19:31 75,856 --a------ C:\WINDOWS\system32\drivers\aswSP.sys
2008-04-02 18:51 . 2008-03-29 19:35 20,560 --a------ C:\WINDOWS\system32\drivers\aswFsBlk.sys
2008-04-02 00:16 . 2008-04-06 14:25 464 --a------ C:\WINDOWS\_delis32.ini
2008-04-02 00:15 . 2008-04-09 21:46 1,355 --a------ C:\WINDOWS\imsins.BAK
2008-04-01 22:57 . 2008-04-14 21:05 33 --a------ C:\WINDOWS\iltwain.ini
2008-04-01 22:56 . 2008-04-01 22:56 <REP> d-------- C:\Program Files\byLight
2008-04-01 17:49 . 2008-04-06 12:10 41 --a------ C:\WINDOWS\win.ini
2008-04-01 13:45 . 2008-04-01 13:45 <REP> d-------- C:\Documents and Settings\Rambaud\Download
2008-03-30 11:11 . 2008-03-30 11:11 26,800 --a------ C:\WINDOWS\system32\awtsPFXn.dll
2008-03-29 20:29 . 2007-10-12 02:57 195,096 --a------ C:\WINDOWS\system32\lvci1150.dll
2008-03-29 20:27 . 2008-03-29 20:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Logishrd

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-03-29 17:45 1,146,232 ----a-w C:\WINDOWS\system32\aswBoot.exe
2008-03-29 17:35 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2008-03-29 17:29 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2008-03-29 17:27 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2008-03-29 17:26 26,944 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2008-03-29 17:23 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
2008-03-26 12:01 79,864 ----a-w C:\Documents and Settings\Rambaud\Application Data\GDIPFONTCACHEV1.DAT
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys
2008-03-01 16:28 3,591,680 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-02-29 08:57 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-02-29 08:56 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-02-27 16:09 --------- d-----w C:\Program Files\Fichiers communs\LogiShrd
2008-02-27 16:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\Logitech
2008-02-22 10:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-02-20 20:35 20 ---h--w C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\dllcache\gdi32.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
2008-02-20 05:35 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-02-19 12:27 --------- d-----w C:\Program Files\JoWood
2008-02-15 05:44 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
2008-02-01 09:17 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-01-19 13:55 178 ----a-w C:\WINDOWS\Fonts\LICENSE.txt
2007-12-12 11:20 251 ----a-w C:\Program Files\wt3d.ini
2007-10-25 11:27 774,144 ----a-w C:\Program Files\RngInterstitial.dll
.

((((((((((((((((((((((((((((( snapshot@2008-04-12_18.53.53.42 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-04-17 10:58:24 12,288 ----a-w C:\WINDOWS\assembly\GAC\cli_basetypes\1.0.8.0__ce2cb7e279207b9e\cli_basetypes.dll
+ 2008-04-17 10:58:22 32,256 ----a-w C:\WINDOWS\assembly\GAC\cli_cppuhelper\1.0.11.0__ce2cb7e279207b9e\cli_cppuhelper.dll
+ 2008-04-17 10:58:24 831,488 ----a-w C:\WINDOWS\assembly\GAC\cli_types\1.1.11.0__ce2cb7e279207b9e\cli_types.dll
+ 2008-04-17 10:58:24 8,192 ----a-w C:\WINDOWS\assembly\GAC\cli_ure\1.0.11.0__ce2cb7e279207b9e\cli_ure.dll
- 2008-04-02 11:03:12 1,863,680 ----a-w C:\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\ehcm.dll
+ 2008-04-13 13:38:40 1,863,680 ----a-w C:\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\ehcm.dll
- 2008-04-02 11:03:16 868,352 ----a-w C:\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll
+ 2008-04-13 13:38:42 868,352 ----a-w C:\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll
- 2007-11-26 10:45:48 204,800 ----a-w C:\WINDOWS\assembly\GAC\ehiPlay\6.0.3000.0__31bf3856ad364e35\ehiplay.dll
+ 2008-04-13 13:38:42 204,800 ----a-w C:\WINDOWS\assembly\GAC\ehiPlay\6.0.3000.0__31bf3856ad364e35\ehiplay.dll
+ 2008-04-17 10:58:24 3,072 ----a-w C:\WINDOWS\assembly\GAC\policy.1.0.cli_basetypes\8.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_basetypes.dll
+ 2008-04-17 10:58:24 3,072 ----a-w C:\WINDOWS\assembly\GAC\policy.1.0.cli_cppuhelper\11.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_cppuhelper.dll
+ 2008-04-17 10:58:24 3,072 ----a-w C:\WINDOWS\assembly\GAC\policy.1.0.cli_ure\11.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_ure.dll
+ 2008-04-17 10:58:24 3,072 ----a-w C:\WINDOWS\assembly\GAC\policy.1.1.cli_types\11.0.0.0__ce2cb7e279207b9e\policy.1.1.cli_types.dll
+ 2008-04-17 12:01:32 2,048 --s-a-w C:\WINDOWS\bootstat.dat
+ 2006-10-09 14:12:14 235,008 ------w C:\WINDOWS\Driver Cache\i386\psisdecd.dll
+ 2006-10-09 14:18:32 178,176 ------w C:\WINDOWS\ehome\ehkeyctl.dll
+ 2006-06-09 13:02:14 2,238 ----a-r C:\WINDOWS\Installer\{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}\NewShortcut2.exe
+ 2006-06-09 13:02:14 2,238 ----a-r C:\WINDOWS\Installer\{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}\NewShortcut3.exe
+ 2006-06-09 13:02:14 2,238 ----a-r C:\WINDOWS\Installer\{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}\NewShortcut4.exe
+ 2006-06-09 13:02:14 2,238 ----a-r C:\WINDOWS\Installer\{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}\NewShortcut7.exe
+ 2006-06-09 13:02:14 2,238 ----a-r C:\WINDOWS\Installer\{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}\NewShortcut8.exe
+ 2006-06-09 13:02:14 2,238 ----a-r C:\WINDOWS\Installer\{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}\NewShortcut9.EXE
+ 2008-04-16 21:12:22 29,184 ----a-r C:\WINDOWS\Installer\{230C4A45-2586-4161-84EF-5C0D75D5B270}\Icon230C4A45.exe
+ 2008-03-16 11:37:24 2,560 ----a-r C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\cagicon.exe
+ 2008-04-17 10:59:38 1,015,808 ----a-r C:\WINDOWS\Installer\{91AC855F-9553-4158-8AFB-46384DBB776E}\soffice.exe
+ 2008-04-16 21:16:08 26,694 ----a-r C:\WINDOWS\Installer\{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}\ARPPRODUCTICON.exe
+ 2008-04-16 21:16:08 26,694 ----a-r C:\WINDOWS\Installer\{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2008-04-16 21:16:08 26,694 ----a-r C:\WINDOWS\Installer\{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
+ 2008-04-16 21:16:08 26,694 ----a-r C:\WINDOWS\Installer\{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2008-04-16 21:16:08 26,694 ----a-r C:\WINDOWS\Installer\{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
+ 2008-04-16 21:16:08 26,694 ----a-r C:\WINDOWS\Installer\{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}\UNINST_Uninstall_G_408FFBEED62349E08B232864A94D2864.exe
+ 1999-01-08 09:54:40 19,968 ----a-w C:\WINDOWS\Lhsp\Dialog\AExLxd60.dll
+ 1999-04-09 07:18:38 35,328 ----a-w C:\WINDOWS\Lhsp\Dialog\FRFgnd60.dll
+ 1999-04-09 07:18:38 176,128 ----a-w C:\WINDOWS\Lhsp\Dialog\FRFlxd60.dll
+ 1999-01-08 09:54:40 29,184 ----a-w C:\WINDOWS\Lhsp\Dialog\WexLxd60.dll
+ 1999-06-24 08:53:34 596,480 ----a-w C:\WINDOWS\Lhsp\G2P\FRFg2p60.dll
+ 1999-06-14 07:16:14 151,552 ----a-w C:\WINDOWS\Lhsp\Language\FRFCT160.dll
+ 1999-12-01 16:00:00 299,008 ----a-w C:\WINDOWS\Lhsp\System\LHSAPI30.DLL
+ 1999-04-19 10:07:58 70,656 ----a-w C:\WINDOWS\Lhsp\System\ttsdct32.dll
+ 1999-06-16 07:09:52 225,280 ----a-w C:\WINDOWS\Lhsp\System\ttsmgr32.dll
+ 1999-06-14 07:59:30 473,088 ----a-w C:\WINDOWS\Lhsp\TPP\FRFeml60.dll
+ 1999-04-19 10:06:34 62,976 ----a-w C:\WINDOWS\Lhsp\TPP\FRFtxt60.dll
+ 1999-02-23 09:51:40 27,136 ----a-w C:\WINDOWS\Lhsp\ttsFRFwr.dll
+ 1998-09-23 06:42:36 419,328 ----a-w C:\WINDOWS\Lhsp\Voice\FRFvf160.dll
+ 1998-09-23 06:42:36 424,448 ----a-w C:\WINDOWS\Lhsp\Voice\FRFvm160.dll
+ 2006-06-09 18:13:16 2,674 ----a-w C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin
+ 1999-01-12 13:19:12 248,832 ----a-w C:\WINDOWS\speech\spchtel.dll
+ 1999-01-12 13:19:12 562,176 ----a-w C:\WINDOWS\speech\speech.dll
+ 1999-01-12 13:09:36 380,928 ----a-w C:\WINDOWS\speech\vcmd.exe
+ 1999-01-12 13:19:12 156,160 ----a-w C:\WINDOWS\speech\vcmshl.dll
+ 1999-01-12 13:19:12 179,712 ----a-w C:\WINDOWS\speech\Vdict.dll
+ 1999-01-12 13:19:12 173,056 ----a-w C:\WINDOWS\speech\VText.dll
+ 1999-01-12 09:35:30 53,760 ----a-w C:\WINDOWS\speech\WrapSAPI.dll
+ 1999-01-12 13:19:12 128,000 ----a-w C:\WINDOWS\speech\Xcommand.dll
+ 1999-01-12 13:19:12 208,896 ----a-w C:\WINDOWS\speech\Xlisten.dll
+ 1999-01-12 13:19:12 203,776 ----a-w C:\WINDOWS\speech\XTel.Dll
+ 1999-01-12 13:19:12 195,584 ----a-w C:\WINDOWS\speech\Xvoice.dll
+ 2004-08-10 03:00:00 2,000 ----a-w C:\WINDOWS\system\KEYBOARD.DRV
+ 2004-08-10 03:00:00 2,032 ----a-w C:\WINDOWS\system\MOUSE.DRV
+ 2004-08-10 03:00:00 1,744 ----a-w C:\WINDOWS\system\SOUND.DRV
+ 2004-08-10 03:00:00 2,176 ----a-w C:\WINDOWS\system\VGA.DRV
+ 2004-08-10 03:00:00 1,788 ----a-w C:\WINDOWS\system32\Dcache.bin
+ 2004-08-03 21:07:58 2,944 ----a-w C:\WINDOWS\system32\dllcache\drmkaud.sys
+ 2004-08-10 03:00:00 2,000 ----a-w C:\WINDOWS\system32\dllcache\keyboard.drv
+ 2004-08-10 05:00:00 2,560 ----a-w C:\WINDOWS\system32\dllcache\lz32.dll
+ 2004-08-10 03:00:00 2,032 ----a-w C:\WINDOWS\system32\dllcache\mouse.drv
+ 2004-08-10 03:00:00 2,944 ----a-w C:\WINDOWS\system32\dllcache\null.sys
+ 2004-08-10 03:00:00 1,744 ----a-w C:\WINDOWS\system32\dllcache\sound.drv
+ 2004-08-10 03:00:00 2,176 ----a-w C:\WINDOWS\system32\dllcache\vga.drv
+ 2004-08-10 03:00:00 2,864 ----a-w C:\WINDOWS\system32\dllcache\winsock.dll
+ 2004-08-10 03:00:00 2,112 ----a-w C:\WINDOWS\system32\dllcache\winspool.exe
+ 2004-08-10 03:00:00 2,736 ----a-w C:\WINDOWS\system32\dllcache\wowdeb.exe
+ 2004-08-03 21:07:58 2,944 ----a-w C:\WINDOWS\system32\drivers\drmkaud.sys
+ 2004-08-10 03:00:00 2,944 ----a-w C:\WINDOWS\system32\drivers\null.sys
- 2008-04-10 17:22:04 271,784 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2008-04-17 11:26:12 305,216 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2004-08-10 03:00:00 2,000 ----a-w C:\WINDOWS\system32\keyboard.drv
+ 2004-08-10 03:00:00 2,560 ----a-w C:\WINDOWS\system32\lz32.dll
+ 2008-03-25 02:32:44 218,496 ----a-r C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe
+ 2008-03-24 18:21:00 2,889,088 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
+ 2008-03-24 18:21:00 218,496 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
- 2008-01-23 12:06:56 74,137 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
+ 2008-04-13 11:26:48 74,649 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
+ 2004-08-10 03:00:00 2,032 ----a-w C:\WINDOWS\system32\mouse.drv
+ 2004-08-10 03:00:00 2,656 ----a-w C:\WINDOWS\system32\netware.drv
- 2007-10-24 21:42:42 53,770 ----a-w C:\WINDOWS\system32\perfc009.dat
+ 2008-04-16 21:22:56 53,770 ----a-w C:\WINDOWS\system32\perfc009.dat
- 2007-10-24 21:42:42 64,922 ----a-w C:\WINDOWS\system32\perfc00C.dat
+ 2008-04-16 21:22:56 64,922 ----a-w C:\WINDOWS\system32\perfc00C.dat
- 2007-10-24 21:42:42 382,026 ----a-w C:\WINDOWS\system32\perfh009.dat
+ 2008-04-16 21:22:56 382,026 ----a-w C:\WINDOWS\system32\perfh009.dat
- 2007-10-24 21:42:42 447,222 ----a-w C:\WINDOWS\system32\perfh00C.dat
+ 2008-04-16 21:22:56 447,222 ----a-w C:\WINDOWS\system32\perfh00C.dat
+ 2008-04-17 10:31:08 26,080 ----a-w C:\WINDOWS\system32\Restore\rstrlog.dat
+ 2004-08-10 03:00:00 1,744 ----a-w C:\WINDOWS\system32\sound.drv
+ 2004-08-10 03:00:00 2,176 ----a-w C:\WINDOWS\system32\vga.drv
+ 2004-08-10 03:00:00 2,864 ----a-w C:\WINDOWS\system32\winsock.dll
+ 2004-08-10 03:00:00 2,112 ----a-w C:\WINDOWS\system32\winspool.exe
+ 2004-08-10 03:00:00 2,736 ----a-w C:\WINDOWS\system32\wowdeb.exe
+ 2008-04-17 12:01:40 16,384 ----a-w C:\WINDOWS\Temp\Perflib_Perfdata_1d4.dat
+ 2008-04-17 12:01:38 16,384 ----a-w C:\WINDOWS\Temp\Perflib_Perfdata_710.dat
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2E35BD99-1520-426F-80A1-19F69F4CAECE}]
2008-04-16 12:28 315712 --a------ C:\WINDOWS\system32\opnnnkJC.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}]
2008-03-30 11:11 26800 --a------ C:\WINDOWS\system32\awtsPFXn.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FB59A85B-889A-4CB9-BC07-DAFB82E14A91}]
2008-04-13 19:48 315808 --a------ C:\WINDOWS\system32\vtUmNHXP.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 05:00 15360]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
"Bash Army"="C:\DOCUME~1\Rambaud\APPLIC~1\BLUEVI~1\Soapdraw.exe" [2008-02-14 19:23 610816]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-25 13:59 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-01-19 09:43 7397376]
"ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [2008-02-01 12:55 1103240]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}"= C:\WINDOWS\system32\awtsPFXn.dll [2008-03-30 11:11 26800]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awtsPFXn]
awtsPFXn.dll 2008-03-30 11:11 26800 C:\WINDOWS\system32\awtsPFXn.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 C:\WINDOWS\system32\opnnnkJC.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]
R1 Hotkey;Hotkey;C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 11:27]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
R2 EpmPsd;Acer EPM Power Scheme Driver;C:\WINDOWS\system32\drivers\epm-psd.sys [2005-04-22 16:57]
R2 EpmShd;Acer EPM System Hardware Driver;C:\WINDOWS\system32\drivers\epm-shd.sys [2005-04-22 16:57]
S1 Wbutton;Wbutton;C:\WINDOWS\system32\drivers\Wbutton.sys []
S3 LVPrcMon;Logitech LVPrcMon Driver;C:\WINDOWS\system32\drivers\LVPrcMon.sys [2005-12-09 15:37]
S3 psdfilter;psdfilter;C:\WINDOWS\system32\Drivers\psdfilter.sys [2006-04-07 20:17]
S3 psdvdisk;psdvdisk;C:\WINDOWS\system32\Drivers\psdvdisk.sys [2006-03-08 17:10]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-04-17 12:00:02 C:\WINDOWS\Tasks\B1021B9B91858CAB.job"
- c:\docume~1\rambaud\applic~1\bluevi~1\does size thunk.exe
"2008-04-16 21:12:26 C:\WINDOWS\Tasks\Norton Security Scan.job"
- C:\Program Files\Norton Security Scan\Nss.exe
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-17 14:02:48
Windows 5.1.2600 Service Pack 2 FAT NTAPI

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
--------------------- DLLs a charg‚ sous des processus courants ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\system32\awtsPFXn.dll
.
------------------------ Other Running Processes ------------------------
.
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\EVTENG.EXE
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\S24EVMON.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASWUPDSV.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\PROGRAM FILES\FICHIERS COMMUNS\LOGISHRD\LVMVFM\LVPRCSRV.EXE
C:\ACER\EMPOWERING TECHNOLOGY\EPERFORMANCE\MEMCHECK.EXE
C:\WINDOWS\EHOME\EHRECVR.EXE
C:\WINDOWS\EHOME\EHSCHED.EXE
C:\PROGRAM FILES\GOOGLE\COMMON\GOOGLE UPDATER\GOOGLEUPDATERSERVICE.EXE
C:\WINDOWS\SYSTEM32\NVSVC32.EXE
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\REGSRVC.EXE
C:\PROGRAM FILES\SPYWARE DOCTOR\PCTSAUXS.EXE
C:\PROGRAM FILES\SPYWARE DOCTOR\PCTSSVC.EXE
C:\WINDOWS\SYSTEM32\WBEM\WMIAPSRV.EXE
C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNETWK.EXE
C:\ACER\EMPOWERING TECHNOLOGY\ELOCK\SERVICE\ELOCKSERV.EXE
C:\WINDOWS\EHOME\MCRDSVC.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\system32\imapi.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-04-17 14:05:40 - machine was rebooted [Rambaud]
ComboFix-quarantined-files.txt 2008-04-17 12:05:32
ComboFix2.txt 2008-04-12 16:54:46

Pre-Run: 30,136,762,368 octets libres
Post-Run: 30,166,319,104 octets libres
.
2008-04-09 19:46:48 --- E O F ---

On continue le ménage  

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".

Afin de lancer la recherche, clic sur"Rechercher".

Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
[#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

AIDE : Tuto en images sur MBAM

voila voila


Malwarebytes' Anti-Malware 1.11
Version de la base de données: 642

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 96992
Temps écoulé: 39 minute(s), 45 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 1
Clé(s) du Registre infectée(s): 25
Valeur(s) du Registre infectée(s): 5
Elément(s) de données du Registre infecté(s): 2
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 158

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
C:\WINDOWS\system32\awtsPFXn.dll (Trojan.Vundo) -> Unloaded module successfully.

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba4cc658-a231-4df5-bef2-bd7eee1cb16c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ba4cc658-a231-4df5-bef2-bd7eee1cb16c} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\awtspfxn (Trojan.Vundo) -> Delete on reboot.
HKEY_CLASSES_ROOT\CLSID\{d850220e-2c34-4fa6-be2e-4c52095fa982} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d850220e-2c34-4fa6-be2e-4c52095fa982} (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Tencent (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Mirar (AdWare.Mirar) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\PlayMP3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PlayMP3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\aldd (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\049364a8 (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\www.host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ADP (Rogue.Multiple) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\opnnnkjc.dll -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\opnnnkjc.dll -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Program Files\MalwareAlarm (Rogue.Malware.Alarm) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\lrkuleyb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\byelukrl.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\opnnnkJC.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\CJknnnpo.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\CJknnnpo.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\awtsPFXn.dll (Trojan.Vundo) -> Delete on reboot.
C:\WINDOWS\system32\lybbmgja.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\antjnpft.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\uplaphbh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rambaud\Local Settings\Temporary Internet Files\Content.IE5\1HLT9223\hlp[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Documents and Settings\Rambaud\Local Settings\Temporary Internet Files\Content.IE5\5I38TOQ3\index[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\MalwareAlarm0.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\MalwareAlarm1.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\Program Files\Alwil Software\Avast4\DATA\moved\MalwareAlarm3.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP142\A0031806.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP145\A0034204.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP145\A0034206.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP145\A0034237.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP145\A0034239.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP145\A0034306.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP145\A0034307.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP149\A0037691.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP149\A0038743.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP150\A0039773.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP150\A0039775.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP150\A0039783.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP150\A0039784.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP150\A0039790.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP150\A0039801.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP150\A0039802.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP150\A0039817.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP150\A0039818.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP150\A0039821.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP150\A0039826.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP150\A0039838.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP151\A0039937.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP151\A0039967.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP152\A0040013.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP152\A0040075.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP152\A0044185.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP152\A0045184.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP153\A0045271.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP153\A0045273.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP154\A0046284.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP155\A0046627.DLL (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047724.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047725.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047726.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047727.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047728.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047729.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047730.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047731.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047732.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047733.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047734.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047735.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047736.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047737.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047738.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047739.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047740.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047741.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047742.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047743.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047744.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047816.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047817.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047848.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047849.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047851.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047909.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047910.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047911.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047912.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047913.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047914.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047915.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047916.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047917.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047918.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047919.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047920.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047921.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047922.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047923.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047924.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047925.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047926.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047928.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047942.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047946.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047948.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047974.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047988.DLL (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP159\A0048135.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP159\A0048149.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\elasqfxd.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\enpipyrs.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\hmfrgsxg.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\hqrsqgdh.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\jkxkikim.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\noqyuvwv.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ocllywvf.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\tqgikbko.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\trdtjdxq.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\uhxbdrfa.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\wjijrfib.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ytylyawq.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\kqtiddtn.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\xqountbs.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\rqellbod.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ncnudteo.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\vulnoofs.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\bgfvggol.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\rscjredx.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\lfbpoeix.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\lioxryrk.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\nskhydfu.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\shedojvu.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\tydtcfgd.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\vheobsmt.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\msmvvtmg.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\wsfkhlme.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ufvldrir.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\spdwnetb.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\gxyxctam.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ipyhupxf.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ewxulxxa.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\bmtqcmvd.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\okdoojis.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\jfdmfowl.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\pvebssbt.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\kpjsbqcb.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\htismvly.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\srakshuu.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\cghnsqcy.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\wrxixeyq.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\dgfkymlx.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ahcqvpww.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\tnsllorw.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\miaxrrar.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\onuyvivk.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\lkeswfhc.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\dglsetmw.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\toxxgcpy.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\kvupwcwe.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ombalpdb.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\aewqqtdn.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\exjniwwm.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\gofaidcg.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\hncetdcw.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\rbfovckf.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ufoquoli.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Program Files\MalwareAlarm\Uninstall.exe (Rogue.Malware.Alarm) -> Quarantined and deleted successfully.
C:\Program Files\MalwareAlarm\MalwareAlarm.lic (Rogue.Malware.Alarm) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\urqQhIYs.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\jkkKdddc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.

Refais un scan Combofix.