Votre question

je n'arrive pas a supprimer les virus

Tags :
  • Acer
  • Sécurité
Dernière réponse : dans Sécurité et virus
14 Avril 2008 15:46:25

bonjour, j'ai des virus sur mon pc & je n'arive pas a les supprimer.

Autres pages sur : arrive supprimer virus

16 Avril 2008 19:42:22

voila le rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:37:22, on 16/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.x-co-r4liie.skyblog.com/
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BM07a05734] Rundll32.exe "C:\WINDOWS\system32\rydldyfa.dll",s
O4 - HKLM\..\Run: [049364a8] rundll32.exe "C:\WINDOWS\system32\nldiwtbm.dll",b
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Bash Army] C:\DOCUME~1\Rambaud\APPLIC~1\BLUEVI~1\Soapdraw.exe
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: eLock Service (eLockService) - - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:\Program Files\WinPcap\rpcapd.exe (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

--
End of file - 4210 bytes
Contenus similaires
a b 8 Sécurité
16 Avril 2008 20:12:52

Re,

[#ff0000]Désactive tes protections résidentes (antivirus, Spybot...) ![/#f]

  • Télécharge Combofix ([#ff0000]sUBs[/#f]) sur ton Bureau.
  • Double clique sur combofix.exe afin de le lancer.
  • Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
    16 Avril 2008 21:30:35

    pourquoi mn pc s'est éteint ?
    a b 8 Sécurité
    16 Avril 2008 21:59:15

    Il a redémarré ?
    17 Avril 2008 14:08:21

    J'ai résséyé & voici le rapport


    ComboFix 08-04-15.8 - Rambaud 2008-04-17 13:51:52.4 - FAT32x86
    Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.411 [GMT 2:00]
    Endroit: C:\Documents and Settings\Rambaud\Mes documents\ComboFix.exe

    AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\cookies.ini
    C:\WINDOWS\pskt.ini
    C:\WINDOWS\system32\adapkeqk.dll
    C:\WINDOWS\system32\aewqqtdn.dll
    C:\WINDOWS\system32\ahcqvpww.dll
    C:\WINDOWS\system32\aiufhbgr.dll
    C:\WINDOWS\system32\aondacmd.dll
    C:\WINDOWS\system32\bajbtshx.dll
    C:\WINDOWS\system32\bdejbotn.dll
    C:\WINDOWS\system32\bfgcumrw.dll
    C:\WINDOWS\system32\bhympsun.dll
    C:\WINDOWS\system32\bkxyegns.dll
    C:\WINDOWS\system32\bmsocicr.dll
    C:\WINDOWS\system32\bsdnbmuq.ini
    C:\WINDOWS\system32\bwydegvy.ini
    C:\WINDOWS\system32\cghnsqcy.dll
    C:\WINDOWS\system32\CJknnnpo.ini
    C:\WINDOWS\system32\CJknnnpo.ini2
    C:\WINDOWS\system32\crrvbgfq.ini
    C:\WINDOWS\system32\DeghkUtv.ini
    C:\WINDOWS\system32\DeghkUtv.ini2
    C:\WINDOWS\system32\dflnqlcx.dll
    C:\WINDOWS\system32\dgfkymlx.dll
    C:\WINDOWS\system32\dglsetmw.dll
    C:\WINDOWS\system32\dpnfwdpe.dll
    C:\WINDOWS\system32\drisemna.dll
    C:\WINDOWS\system32\epkjrjne.dll
    C:\WINDOWS\system32\escivurg.dll
    C:\WINDOWS\system32\exjniwwm.dll
    C:\WINDOWS\system32\fjvgildk.dll
    C:\WINDOWS\system32\fptilvtd.dll
    C:\WINDOWS\system32\garsdaxq.ini
    C:\WINDOWS\system32\gdsjsuig.dll
    C:\WINDOWS\system32\gofaidcg.dll
    C:\WINDOWS\system32\gvfxiptp.dll
    C:\WINDOWS\system32\gxejphdb.ini
    C:\WINDOWS\system32\gxytonju.ini
    C:\WINDOWS\system32\hjdetnkk.ini
    C:\WINDOWS\system32\hncetdcw.dll
    C:\WINDOWS\system32\hogpiamo.dll
    C:\WINDOWS\system32\hrytwupo.dll
    C:\WINDOWS\system32\htismvly.dll
    C:\WINDOWS\system32\huynbreq.dll
    C:\WINDOWS\system32\hwvebmpx.dll
    C:\WINDOWS\system32\ikfwyfwm.ini
    C:\WINDOWS\system32\ilouqofu.ini
    C:\WINDOWS\system32\iptobbwh.dll
    C:\WINDOWS\system32\iqfosmpg.dll
    C:\WINDOWS\system32\irrlaeec.dll
    C:\WINDOWS\system32\ispxnnkt.ini
    C:\WINDOWS\system32\isxgupfx.dll
    C:\WINDOWS\system32\itltoepv.dll
    C:\WINDOWS\system32\jfdmfowl.dll
    C:\WINDOWS\system32\jrdivgld.dll
    C:\WINDOWS\system32\junvekfy.dll
    C:\WINDOWS\system32\jysspddh.dll
    C:\WINDOWS\system32\kgsgjrgh.dll
    C:\WINDOWS\system32\kkklgtuq.ini
    C:\WINDOWS\system32\koxufwwp.ini
    C:\WINDOWS\system32\kpjsbqcb.dll
    C:\WINDOWS\system32\kvupwcwe.dll
    C:\WINDOWS\system32\ldoqdiph.dll
    C:\WINDOWS\system32\lkeswfhc.dll
    C:\WINDOWS\system32\lkiibfjy.dll
    C:\WINDOWS\system32\miaxrrar.dll
    C:\WINDOWS\system32\mowhjndi.dll
    C:\WINDOWS\system32\ntobjedb.ini
    C:\WINDOWS\system32\ogjlcvco.ini
    C:\WINDOWS\system32\ohorlfct.dll
    C:\WINDOWS\system32\okdoojis.dll
    C:\WINDOWS\system32\okhpfuuy.dll
    C:\WINDOWS\system32\ombalpdb.dll
    C:\WINDOWS\system32\onuyvivk.dll
    C:\WINDOWS\system32\osmsudnr.ini
    C:\WINDOWS\system32\oyiukhsg.dll
    C:\WINDOWS\system32\pfsnvvxg.dll
    C:\WINDOWS\system32\pgxlsixq.ini
    C:\WINDOWS\system32\ppekgrcy.dll
    C:\WINDOWS\system32\pqqBHRqr.ini
    C:\WINDOWS\system32\pqqBHRqr.ini2
    C:\WINDOWS\system32\ptpixfvg.ini
    C:\WINDOWS\system32\pvebssbt.dll
    C:\WINDOWS\system32\PXHNmUtv.ini
    C:\WINDOWS\system32\PXHNmUtv.ini2
    C:\WINDOWS\system32\qcjhfull.dll
    C:\WINDOWS\system32\qumbndsb.dll
    C:\WINDOWS\system32\qvinqjye.dll
    C:\WINDOWS\system32\qvwbenct.dll
    C:\WINDOWS\system32\rbfovckf.dll
    C:\WINDOWS\system32\rdjpydat.dll
    C:\WINDOWS\system32\rmapiqko.dll
    C:\WINDOWS\system32\rtjbgwdi.dll
    C:\WINDOWS\system32\rtxxwbnr.ini
    C:\WINDOWS\system32\ruopydfr.dll
    C:\WINDOWS\system32\sfdwowjx.dll
    C:\WINDOWS\system32\srakshuu.dll
    C:\WINDOWS\system32\sYIhQqru.ini
    C:\WINDOWS\system32\sYIhQqru.ini2
    C:\WINDOWS\system32\tafnxjwl.dll
    C:\WINDOWS\system32\tasswwyr.dll
    C:\WINDOWS\system32\tcxhbovb.ini
    C:\WINDOWS\system32\tdnfvmvf.dll
    C:\WINDOWS\system32\tktsveog.dll
    C:\WINDOWS\system32\tnsllorw.dll
    C:\WINDOWS\system32\totyrhxg.dll
    C:\WINDOWS\system32\toxxgcpy.dll
    C:\WINDOWS\system32\twkfmlox.dll
    C:\WINDOWS\system32\txuhjgyf.dll
    C:\WINDOWS\system32\udrsghoq.dll
    C:\WINDOWS\system32\ufoquoli.dll
    C:\WINDOWS\system32\ugeteesd.dll
    C:\WINDOWS\system32\uhdogkhu.ini
    C:\WINDOWS\system32\utxgghog.dll
    C:\WINDOWS\system32\vrvqqfin.ini
    C:\WINDOWS\system32\waogenua.dll
    C:\WINDOWS\system32\wcdtecnh.ini
    C:\WINDOWS\system32\wcpqeydi.dll
    C:\WINDOWS\system32\wlfpejkq.dll
    C:\WINDOWS\system32\wnqgqiru.dll
    C:\WINDOWS\system32\wrxixeyq.dll
    C:\WINDOWS\system32\xblucbfb.dll
    C:\WINDOWS\system32\xgscvqgs.dll
    C:\WINDOWS\system32\xumnpsmf.dll
    C:\WINDOWS\system32\xvpxqdtm.dll
    C:\WINDOWS\system32\ytnhpvrn.dll
    C:\WINDOWS\system32\ywkqcuwi.ini
    C:\WINDOWS\system32\Yxxwyyxx.ini
    C:\WINDOWS\system32\Yxxwyyxx.ini2
    .
    ---- Previous Run -------
    .
    C:\WINDOWS\cookies.ini
    C:\WINDOWS\pskt.ini
    C:\WINDOWS\system32\mcrh.tmp

    .
    ((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-03-17 to 2008-04-17 ))))))))))))))))))))))))))))))))))))
    .

    2008-04-17 13:36 . 2008-04-17 13:36 1,169 --a------ C:\WINDOWS\mozver.dat
    2008-04-17 13:00 . 2008-04-17 13:00 1,524,293 ---hs---- C:\WINDOWS\system32\ktxuotoq.ini
    2008-04-17 12:42 . 2008-04-17 12:42 1,524,232 ---hs---- C:\WINDOWS\system32\mbugxlmh.ini
    2008-04-17 12:29 . 2008-04-17 12:34 1,524,172 ---hs---- C:\WINDOWS\system32\vuwaguts.ini
    2008-04-16 23:32 . 2008-04-16 23:32 <REP> d-------- C:\Documents and Settings\Rambaud\Application Data\Talkback
    2008-04-16 23:31 . 2008-04-16 23:31 0 --a------ C:\WINDOWS\nsreg.dat
    2008-04-16 23:20 . 2008-04-16 23:20 <REP> d-------- C:\Documents and Settings\All Users\Application Data\TEMP
    2008-04-16 23:20 . 2007-12-10 14:53 81,288 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
    2008-04-16 23:20 . 2007-12-10 14:53 66,952 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
    2008-04-16 23:20 . 2008-02-01 12:55 42,376 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
    2008-04-16 23:20 . 2007-12-10 14:53 29,576 --a------ C:\WINDOWS\system32\drivers\kcom.sys
    2008-04-16 23:19 . 2008-04-16 23:20 <REP> d-------- C:\Program Files\Spyware Doctor
    2008-04-16 23:19 . 2008-04-16 23:20 <REP> d-------- C:\Documents and Settings\Rambaud\Application Data\PC Tools
    2008-04-16 23:12 . 2008-04-16 23:12 <REP> d-------- C:\Program Files\Norton Security Scan
    2008-04-16 23:07 . 2008-04-16 23:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Google Updater
    2008-04-16 21:24 . 2008-04-17 11:37 1,524,304 ---hs---- C:\WINDOWS\system32\yeuoxpnm.ini
    2008-04-16 21:07 . 2008-04-16 21:18 1,524,244 ---hs---- C:\WINDOWS\system32\qainmvxi.ini
    2008-04-16 21:00 . 2008-04-16 21:00 <REP> d--hs---- C:\FOUND.007
    2008-04-16 20:17 . 2008-04-16 21:03 1,524,244 ---hs---- C:\WINDOWS\system32\afigdjxf.ini
    2008-04-16 19:23 . 2008-04-16 20:06 1,525,616 ---hs---- C:\WINDOWS\system32\mbtwidln.ini
    2008-04-16 19:07 . 2008-04-16 19:07 1,525,496 ---hs---- C:\WINDOWS\system32\upxurlyw.ini
    2008-04-16 18:26 . 2008-04-16 18:56 1,525,436 ---hs---- C:\WINDOWS\system32\itrpxnef.ini
    2008-04-16 18:16 . 2008-04-16 18:16 1,525,204 ---hs---- C:\WINDOWS\system32\yqkgcfyu.ini
    2008-04-16 16:54 . 2008-04-16 16:59 1,558,699 ---hs---- C:\WINDOWS\system32\xxgrairr.ini
    2008-04-16 16:51 . 2008-04-16 16:51 1,558,579 ---hs---- C:\WINDOWS\system32\tkqcglxr.ini
    2008-04-16 16:49 . 2008-04-16 16:49 95,296 --a------ C:\WINDOWS\system32\rydldyfa.dll
    2008-04-16 12:31 . 2008-04-16 16:44 1,570,729 ---hs---- C:\WINDOWS\system32\rllqggvj.ini
    2008-04-16 12:28 . 2008-04-16 12:28 315,712 --a------ C:\WINDOWS\system32\opnnnkJC.dll
    2008-04-16 08:04 . 2008-04-16 08:04 <REP> d--hs---- C:\FOUND.006
    2008-04-15 21:32 . 2008-04-15 21:32 <REP> d-------- C:\WINDOWS\Lhsp
    2008-04-15 21:31 . 2008-04-15 21:31 <REP> d-------- C:\WINDOWS\speech
    2008-04-15 21:30 . 2008-04-15 21:30 <REP> d-------- C:\Program Files\Seline Office
    2008-04-15 21:29 . 2008-04-15 21:29 <REP> d-------- C:\Program Files\Glary Utilities
    2008-04-15 21:28 . 2008-04-15 21:28 <REP> d-------- C:\Program Files\CCleaner
    2008-04-15 21:23 . 2008-04-15 21:23 <REP> d-------- C:\Program Files\AxBx
    2008-04-15 20:57 . 2008-04-16 12:23 1,600,557 ---hs---- C:\WINDOWS\system32\ltrihnyt.ini
    2008-04-15 20:00 . 2008-04-15 20:15 1,600,257 ---hs---- C:\WINDOWS\system32\ougvhnwp.ini
    2008-04-15 19:57 . 2008-04-15 19:57 315,744 --a------ C:\WINDOWS\system32\xxyywxxY.dll
    2008-04-15 10:58 . 2008-04-15 10:58 <REP> d--hs---- C:\FOUND.005
    2008-04-14 23:08 . 2008-04-14 23:08 708,663 ---hs---- C:\WINDOWS\system32\osmsudnr.tmp
    2008-04-14 21:40 . 2008-04-14 21:40 <REP> d--hs---- C:\FOUND.004
    2008-04-13 23:07 . 2008-04-13 23:07 315,808 --a------ C:\WINDOWS\system32\rqRHBqqp.dll
    2008-04-13 19:50 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
    2008-04-13 19:48 . 2008-04-13 19:48 315,808 --a------ C:\WINDOWS\system32\vtUmNHXP.dll
    2008-04-13 15:45 . 2008-04-13 15:45 315,808 --a------ C:\WINDOWS\system32\vtUkhgeD.dll
    2008-04-13 15:21 . 2008-04-13 15:21 <REP> d-------- C:\WINDOWS\Driver Cache
    2008-04-12 21:12 . 2008-04-12 21:12 <REP> d-------- C:\Program Files\Navilog1
    2008-04-12 21:02 . 2008-04-12 21:02 <REP> d-------- C:\fixwareout
    2008-04-12 20:55 . 2008-04-12 20:55 <REP> d-------- C:\Program Files\Trend Micro
    2008-04-12 18:58 . 2008-04-17 13:32 101,129 --a------ C:\WINDOWS\BM07a05734.xml
    2008-04-12 12:46 . 2008-04-12 15:11 1,494 ---hs---- C:\WINDOWS\system32\opshrgxn.ini
    2008-04-12 12:22 . 2008-04-12 12:40 1,134 ---hs---- C:\WINDOWS\system32\ocqalstk.ini
    2008-04-11 21:57 . 2008-04-12 12:08 894 ---hs---- C:\WINDOWS\system32\qdmboufn.ini
    2008-04-11 19:31 . 2008-04-11 19:58 774 ---hs---- C:\WINDOWS\system32\uimffbrx.ini
    2008-04-11 19:24 . 2008-04-11 19:25 315,776 --a------ C:\WINDOWS\system32\pmnnOEtT.dll
    2008-04-10 21:54 . 2008-04-11 18:57 654 ---hs---- C:\WINDOWS\system32\iaqinurt.ini
    2008-04-10 21:48 . 2008-04-10 21:48 315,600 --a------ C:\WINDOWS\system32\urqQhIYs.dll
    2008-04-10 20:24 . 2008-04-10 21:54 534 ---hs---- C:\WINDOWS\system32\botehtfo.ini
    2008-04-10 19:34 . 2008-04-10 19:39 354 ---hs---- C:\WINDOWS\system32\iyhmyfvu.ini
    2008-04-09 21:44 . 2008-04-09 21:44 215 --a------ C:\WINDOWS\system32\MRT.INI
    2008-04-09 21:35 . 2008-04-09 21:35 1,846 ---hs---- C:\WINDOWS\system32\keqjqdoc.ini
    2008-04-09 20:27 . 2008-04-09 21:31 1,786 ---hs---- C:\WINDOWS\system32\tjtukwuw.ini
    2008-04-09 19:19 . 2008-04-09 20:11 1,666 ---hs---- C:\WINDOWS\system32\ogjnxlat.ini
    2008-04-09 19:04 . 2008-04-09 19:04 315,600 --a------ C:\WINDOWS\system32\jkkKdddc.dll
    2008-04-09 13:54 . 2008-04-09 18:59 1,486 ---hs---- C:\WINDOWS\system32\efgdernp.ini
    2008-04-08 22:20 . 2008-04-09 13:06 1,366 ---hs---- C:\WINDOWS\system32\pyxqcqfj.ini
    2008-04-08 21:18 . 2008-04-08 22:09 1,246 ---hs---- C:\WINDOWS\system32\qdbwbehg.ini
    2008-04-08 21:08 . 2008-04-08 21:08 1,014 ---hs---- C:\WINDOWS\system32\opverybe.ini
    2008-04-08 19:57 . 2008-04-08 20:56 954 ---hs---- C:\WINDOWS\system32\evfclxfk.ini
    2008-04-08 18:17 . 2008-04-08 18:40 774 ---hs---- C:\WINDOWS\system32\dmxrjwpm.ini
    2008-04-08 18:00 . 2008-04-08 18:01 654 ---hs---- C:\WINDOWS\system32\acgnpudw.ini
    2008-04-07 19:42 . 2008-04-08 17:50 594 ---hs---- C:\WINDOWS\system32\bivheend.ini
    2008-04-07 19:41 . 2008-04-07 19:41 294 ---hs---- C:\WINDOWS\system32\dvpuuwnc.ini
    2008-04-07 16:04 . 2006-11-29 21:22 568,790 --a------ C:\WINDOWS\photos_1280.jpg
    2008-04-07 16:02 . 2008-04-07 16:02 7,168 --ahs---- C:\WINDOWS\system32\Thumbs.db
    2008-04-06 20:56 . 2008-04-06 20:56 714 ---hs---- C:\WINDOWS\system32\qadhgkhi.ini
    2008-04-06 19:50 . 2008-04-06 19:51 4,274 --a------ C:\WINDOWS\IFiltSet.Ini
    2008-04-06 17:02 . 2008-04-06 20:51 654 ---hs---- C:\WINDOWS\system32\exjgoeim.ini
    2008-04-06 16:56 . 2008-04-06 16:56 414 ---hs---- C:\WINDOWS\system32\imxyrqti.ini
    2008-04-06 14:23 . 2005-06-18 00:15 1,338,368 --a------ C:\WINDOWS\system32\cSHDOCVW.DLL
    2008-04-06 14:23 . 1998-06-23 23:00 209,192 --a------ C:\WINDOWS\system32\TABCTL32.OCX
    2008-04-06 14:23 . 2005-09-20 18:52 203,976 --a------ C:\WINDOWS\system32\RICHTX32.OCX
    2008-04-06 14:23 . 2004-03-09 16:45 152,848 --a------ C:\WINDOWS\system32\comdlg32.ocx
    2008-04-06 14:23 . 2000-10-01 23:00 119,568 --a------ C:\WINDOWS\system32\VB6FR.DLL
    2008-04-06 14:17 . 2008-04-06 16:47 354 ---hs---- C:\WINDOWS\system32\imunpqgv.ini
    2008-04-06 12:11 . 2008-04-06 12:11 <REP> d-------- C:\Program Files\MalwareAlarm
    2008-04-05 19:24 . 2008-04-07 16:04 51,200 --ahs---- C:\WINDOWS\Thumbs.db
    2008-04-05 17:41 . 2008-04-05 17:41 <REP> d-------- C:\Program Files\PhotoScape
    2008-04-04 20:25 . 2008-04-05 18:00 586 ---hs---- C:\WINDOWS\system32\gaounhnx.ini
    2008-04-02 18:51 . 2008-03-29 19:31 75,856 --a------ C:\WINDOWS\system32\drivers\aswSP.sys
    2008-04-02 18:51 . 2008-03-29 19:35 20,560 --a------ C:\WINDOWS\system32\drivers\aswFsBlk.sys
    2008-04-02 00:16 . 2008-04-06 14:25 464 --a------ C:\WINDOWS\_delis32.ini
    2008-04-02 00:15 . 2008-04-09 21:46 1,355 --a------ C:\WINDOWS\imsins.BAK
    2008-04-01 22:57 . 2008-04-14 21:05 33 --a------ C:\WINDOWS\iltwain.ini
    2008-04-01 22:56 . 2008-04-01 22:56 <REP> d-------- C:\Program Files\byLight
    2008-04-01 17:49 . 2008-04-06 12:10 41 --a------ C:\WINDOWS\win.ini
    2008-04-01 13:45 . 2008-04-01 13:45 <REP> d-------- C:\Documents and Settings\Rambaud\Download
    2008-03-30 11:11 . 2008-03-30 11:11 26,800 --a------ C:\WINDOWS\system32\awtsPFXn.dll
    2008-03-29 20:29 . 2007-10-12 02:57 195,096 --a------ C:\WINDOWS\system32\lvci1150.dll
    2008-03-29 20:27 . 2008-03-29 20:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Logishrd

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-03-29 17:45 1,146,232 ----a-w C:\WINDOWS\system32\aswBoot.exe
    2008-03-29 17:35 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
    2008-03-29 17:29 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
    2008-03-29 17:27 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
    2008-03-29 17:26 26,944 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
    2008-03-29 17:23 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
    2008-03-26 12:01 79,864 ----a-w C:\Documents and Settings\Rambaud\Application Data\GDIPFONTCACHEV1.DAT
    2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\win32k.sys
    2008-03-20 08:09 1,845,376 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys
    2008-03-01 16:28 3,591,680 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
    2008-02-29 08:57 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
    2008-02-29 08:56 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
    2008-02-27 16:09 --------- d-----w C:\Program Files\Fichiers communs\LogiShrd
    2008-02-27 16:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\Logitech
    2008-02-22 10:00 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
    2008-02-20 20:35 20 ---h--w C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT
    2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
    2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\dllcache\gdi32.dll
    2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
    2008-02-20 05:35 45,568 ----a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
    2008-02-20 05:35 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
    2008-02-19 12:27 --------- d-----w C:\Program Files\JoWood
    2008-02-15 05:44 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
    2008-02-01 09:17 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
    2008-01-19 13:55 178 ----a-w C:\WINDOWS\Fonts\LICENSE.txt
    2007-12-12 11:20 251 ----a-w C:\Program Files\wt3d.ini
    2007-10-25 11:27 774,144 ----a-w C:\Program Files\RngInterstitial.dll
    .

    ((((((((((((((((((((((((((((( snapshot@2008-04-12_18.53.53.42 )))))))))))))))))))))))))))))))))))))))))
    .
    + 2008-04-17 10:58:24 12,288 ----a-w C:\WINDOWS\assembly\GAC\cli_basetypes\1.0.8.0__ce2cb7e279207b9e\cli_basetypes.dll
    + 2008-04-17 10:58:22 32,256 ----a-w C:\WINDOWS\assembly\GAC\cli_cppuhelper\1.0.11.0__ce2cb7e279207b9e\cli_cppuhelper.dll
    + 2008-04-17 10:58:24 831,488 ----a-w C:\WINDOWS\assembly\GAC\cli_types\1.1.11.0__ce2cb7e279207b9e\cli_types.dll
    + 2008-04-17 10:58:24 8,192 ----a-w C:\WINDOWS\assembly\GAC\cli_ure\1.0.11.0__ce2cb7e279207b9e\cli_ure.dll
    - 2008-04-02 11:03:12 1,863,680 ----a-w C:\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\ehcm.dll
    + 2008-04-13 13:38:40 1,863,680 ----a-w C:\WINDOWS\assembly\GAC\EhCM\6.0.3000.0__31bf3856ad364e35\ehcm.dll
    - 2008-04-02 11:03:16 868,352 ----a-w C:\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll
    + 2008-04-13 13:38:42 868,352 ----a-w C:\WINDOWS\assembly\GAC\ehepg\6.0.3000.0__31bf3856ad364e35\ehepg.dll
    - 2007-11-26 10:45:48 204,800 ----a-w C:\WINDOWS\assembly\GAC\ehiPlay\6.0.3000.0__31bf3856ad364e35\ehiplay.dll
    + 2008-04-13 13:38:42 204,800 ----a-w C:\WINDOWS\assembly\GAC\ehiPlay\6.0.3000.0__31bf3856ad364e35\ehiplay.dll
    + 2008-04-17 10:58:24 3,072 ----a-w C:\WINDOWS\assembly\GAC\policy.1.0.cli_basetypes\8.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_basetypes.dll
    + 2008-04-17 10:58:24 3,072 ----a-w C:\WINDOWS\assembly\GAC\policy.1.0.cli_cppuhelper\11.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_cppuhelper.dll
    + 2008-04-17 10:58:24 3,072 ----a-w C:\WINDOWS\assembly\GAC\policy.1.0.cli_ure\11.0.0.0__ce2cb7e279207b9e\policy.1.0.cli_ure.dll
    + 2008-04-17 10:58:24 3,072 ----a-w C:\WINDOWS\assembly\GAC\policy.1.1.cli_types\11.0.0.0__ce2cb7e279207b9e\policy.1.1.cli_types.dll
    + 2008-04-17 12:01:32 2,048 --s-a-w C:\WINDOWS\bootstat.dat
    + 2006-10-09 14:12:14 235,008 ------w C:\WINDOWS\Driver Cache\i386\psisdecd.dll
    + 2006-10-09 14:18:32 178,176 ------w C:\WINDOWS\ehome\ehkeyctl.dll
    + 2006-06-09 13:02:14 2,238 ----a-r C:\WINDOWS\Installer\{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}\NewShortcut2.exe
    + 2006-06-09 13:02:14 2,238 ----a-r C:\WINDOWS\Installer\{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}\NewShortcut3.exe
    + 2006-06-09 13:02:14 2,238 ----a-r C:\WINDOWS\Installer\{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}\NewShortcut4.exe
    + 2006-06-09 13:02:14 2,238 ----a-r C:\WINDOWS\Installer\{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}\NewShortcut7.exe
    + 2006-06-09 13:02:14 2,238 ----a-r C:\WINDOWS\Installer\{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}\NewShortcut8.exe
    + 2006-06-09 13:02:14 2,238 ----a-r C:\WINDOWS\Installer\{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}\NewShortcut9.EXE
    + 2008-04-16 21:12:22 29,184 ----a-r C:\WINDOWS\Installer\{230C4A45-2586-4161-84EF-5C0D75D5B270}\Icon230C4A45.exe
    + 2008-03-16 11:37:24 2,560 ----a-r C:\WINDOWS\Installer\{9028040C-6000-11D3-8CFE-0050048383C9}\cagicon.exe
    + 2008-04-17 10:59:38 1,015,808 ----a-r C:\WINDOWS\Installer\{91AC855F-9553-4158-8AFB-46384DBB776E}\soffice.exe
    + 2008-04-16 21:16:08 26,694 ----a-r C:\WINDOWS\Installer\{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}\ARPPRODUCTICON.exe
    + 2008-04-16 21:16:08 26,694 ----a-r C:\WINDOWS\Installer\{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}\googleearth.exe_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
    + 2008-04-16 21:16:08 26,694 ----a-r C:\WINDOWS\Installer\{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}\googleearth.exe1_407B9B5CDAC54F44A756B57CAB4E6A8B.exe
    + 2008-04-16 21:16:08 26,694 ----a-r C:\WINDOWS\Installer\{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}\ShortcutDX_EB071909B9884F8CBF3D6115D4ADEE5E.exe
    + 2008-04-16 21:16:08 26,694 ----a-r C:\WINDOWS\Installer\{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}\ShortcutOGL_EB071909B9884F8CBF3D6115D4ADEE5E.exe
    + 2008-04-16 21:16:08 26,694 ----a-r C:\WINDOWS\Installer\{97C0EA4A-1A0B-4C53-ACEB-49984DA79C90}\UNINST_Uninstall_G_408FFBEED62349E08B232864A94D2864.exe
    + 1999-01-08 09:54:40 19,968 ----a-w C:\WINDOWS\Lhsp\Dialog\AExLxd60.dll
    + 1999-04-09 07:18:38 35,328 ----a-w C:\WINDOWS\Lhsp\Dialog\FRFgnd60.dll
    + 1999-04-09 07:18:38 176,128 ----a-w C:\WINDOWS\Lhsp\Dialog\FRFlxd60.dll
    + 1999-01-08 09:54:40 29,184 ----a-w C:\WINDOWS\Lhsp\Dialog\WexLxd60.dll
    + 1999-06-24 08:53:34 596,480 ----a-w C:\WINDOWS\Lhsp\G2P\FRFg2p60.dll
    + 1999-06-14 07:16:14 151,552 ----a-w C:\WINDOWS\Lhsp\Language\FRFCT160.dll
    + 1999-12-01 16:00:00 299,008 ----a-w C:\WINDOWS\Lhsp\System\LHSAPI30.DLL
    + 1999-04-19 10:07:58 70,656 ----a-w C:\WINDOWS\Lhsp\System\ttsdct32.dll
    + 1999-06-16 07:09:52 225,280 ----a-w C:\WINDOWS\Lhsp\System\ttsmgr32.dll
    + 1999-06-14 07:59:30 473,088 ----a-w C:\WINDOWS\Lhsp\TPP\FRFeml60.dll
    + 1999-04-19 10:06:34 62,976 ----a-w C:\WINDOWS\Lhsp\TPP\FRFtxt60.dll
    + 1999-02-23 09:51:40 27,136 ----a-w C:\WINDOWS\Lhsp\ttsFRFwr.dll
    + 1998-09-23 06:42:36 419,328 ----a-w C:\WINDOWS\Lhsp\Voice\FRFvf160.dll
    + 1998-09-23 06:42:36 424,448 ----a-w C:\WINDOWS\Lhsp\Voice\FRFvm160.dll
    + 2006-06-09 18:13:16 2,674 ----a-w C:\WINDOWS\pchealth\helpctr\PackageStore\SkuStore.bin
    + 1999-01-12 13:19:12 248,832 ----a-w C:\WINDOWS\speech\spchtel.dll
    + 1999-01-12 13:19:12 562,176 ----a-w C:\WINDOWS\speech\speech.dll
    + 1999-01-12 13:09:36 380,928 ----a-w C:\WINDOWS\speech\vcmd.exe
    + 1999-01-12 13:19:12 156,160 ----a-w C:\WINDOWS\speech\vcmshl.dll
    + 1999-01-12 13:19:12 179,712 ----a-w C:\WINDOWS\speech\Vdict.dll
    + 1999-01-12 13:19:12 173,056 ----a-w C:\WINDOWS\speech\VText.dll
    + 1999-01-12 09:35:30 53,760 ----a-w C:\WINDOWS\speech\WrapSAPI.dll
    + 1999-01-12 13:19:12 128,000 ----a-w C:\WINDOWS\speech\Xcommand.dll
    + 1999-01-12 13:19:12 208,896 ----a-w C:\WINDOWS\speech\Xlisten.dll
    + 1999-01-12 13:19:12 203,776 ----a-w C:\WINDOWS\speech\XTel.Dll
    + 1999-01-12 13:19:12 195,584 ----a-w C:\WINDOWS\speech\Xvoice.dll
    + 2004-08-10 03:00:00 2,000 ----a-w C:\WINDOWS\system\KEYBOARD.DRV
    + 2004-08-10 03:00:00 2,032 ----a-w C:\WINDOWS\system\MOUSE.DRV
    + 2004-08-10 03:00:00 1,744 ----a-w C:\WINDOWS\system\SOUND.DRV
    + 2004-08-10 03:00:00 2,176 ----a-w C:\WINDOWS\system\VGA.DRV
    + 2004-08-10 03:00:00 1,788 ----a-w C:\WINDOWS\system32\Dcache.bin
    + 2004-08-03 21:07:58 2,944 ----a-w C:\WINDOWS\system32\dllcache\drmkaud.sys
    + 2004-08-10 03:00:00 2,000 ----a-w C:\WINDOWS\system32\dllcache\keyboard.drv
    + 2004-08-10 05:00:00 2,560 ----a-w C:\WINDOWS\system32\dllcache\lz32.dll
    + 2004-08-10 03:00:00 2,032 ----a-w C:\WINDOWS\system32\dllcache\mouse.drv
    + 2004-08-10 03:00:00 2,944 ----a-w C:\WINDOWS\system32\dllcache\null.sys
    + 2004-08-10 03:00:00 1,744 ----a-w C:\WINDOWS\system32\dllcache\sound.drv
    + 2004-08-10 03:00:00 2,176 ----a-w C:\WINDOWS\system32\dllcache\vga.drv
    + 2004-08-10 03:00:00 2,864 ----a-w C:\WINDOWS\system32\dllcache\winsock.dll
    + 2004-08-10 03:00:00 2,112 ----a-w C:\WINDOWS\system32\dllcache\winspool.exe
    + 2004-08-10 03:00:00 2,736 ----a-w C:\WINDOWS\system32\dllcache\wowdeb.exe
    + 2004-08-03 21:07:58 2,944 ----a-w C:\WINDOWS\system32\drivers\drmkaud.sys
    + 2004-08-10 03:00:00 2,944 ----a-w C:\WINDOWS\system32\drivers\null.sys
    - 2008-04-10 17:22:04 271,784 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
    + 2008-04-17 11:26:12 305,216 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
    + 2004-08-10 03:00:00 2,000 ----a-w C:\WINDOWS\system32\keyboard.drv
    + 2004-08-10 03:00:00 2,560 ----a-w C:\WINDOWS\system32\lz32.dll
    + 2008-03-25 02:32:44 218,496 ----a-r C:\WINDOWS\system32\Macromed\Flash\FlashUtil9f.exe
    + 2008-03-24 18:21:00 2,889,088 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
    + 2008-03-24 18:21:00 218,496 ----a-w C:\WINDOWS\system32\Macromed\Flash\NPSWF32_FlashUtil.exe
    - 2008-01-23 12:06:56 74,137 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    + 2008-04-13 11:26:48 74,649 ----a-w C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
    + 2004-08-10 03:00:00 2,032 ----a-w C:\WINDOWS\system32\mouse.drv
    + 2004-08-10 03:00:00 2,656 ----a-w C:\WINDOWS\system32\netware.drv
    - 2007-10-24 21:42:42 53,770 ----a-w C:\WINDOWS\system32\perfc009.dat
    + 2008-04-16 21:22:56 53,770 ----a-w C:\WINDOWS\system32\perfc009.dat
    - 2007-10-24 21:42:42 64,922 ----a-w C:\WINDOWS\system32\perfc00C.dat
    + 2008-04-16 21:22:56 64,922 ----a-w C:\WINDOWS\system32\perfc00C.dat
    - 2007-10-24 21:42:42 382,026 ----a-w C:\WINDOWS\system32\perfh009.dat
    + 2008-04-16 21:22:56 382,026 ----a-w C:\WINDOWS\system32\perfh009.dat
    - 2007-10-24 21:42:42 447,222 ----a-w C:\WINDOWS\system32\perfh00C.dat
    + 2008-04-16 21:22:56 447,222 ----a-w C:\WINDOWS\system32\perfh00C.dat
    + 2008-04-17 10:31:08 26,080 ----a-w C:\WINDOWS\system32\Restore\rstrlog.dat
    + 2004-08-10 03:00:00 1,744 ----a-w C:\WINDOWS\system32\sound.drv
    + 2004-08-10 03:00:00 2,176 ----a-w C:\WINDOWS\system32\vga.drv
    + 2004-08-10 03:00:00 2,864 ----a-w C:\WINDOWS\system32\winsock.dll
    + 2004-08-10 03:00:00 2,112 ----a-w C:\WINDOWS\system32\winspool.exe
    + 2004-08-10 03:00:00 2,736 ----a-w C:\WINDOWS\system32\wowdeb.exe
    + 2008-04-17 12:01:40 16,384 ----a-w C:\WINDOWS\Temp\Perflib_Perfdata_1d4.dat
    + 2008-04-17 12:01:38 16,384 ----a-w C:\WINDOWS\Temp\Perflib_Perfdata_710.dat
    .
    -- Snapshot reset to current date --
    .
    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    REGEDIT4
    *Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{2E35BD99-1520-426F-80A1-19F69F4CAECE}]
    2008-04-16 12:28 315712 --a------ C:\WINDOWS\system32\opnnnkJC.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}]
    2008-03-30 11:11 26800 --a------ C:\WINDOWS\system32\awtsPFXn.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{FB59A85B-889A-4CB9-BC07-DAFB82E14A91}]
    2008-04-13 19:48 315808 --a------ C:\WINDOWS\system32\vtUmNHXP.dll

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 05:00 15360]
    "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 11:34 5724184]
    "Bash Army"="C:\DOCUME~1\Rambaud\APPLIC~1\BLUEVI~1\Soapdraw.exe" [2008-02-14 19:23 610816]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-25 13:59 68856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-01-19 09:43 7397376]
    "ISTray"="C:\Program Files\Spyware Doctor\pctsTray.exe" [2008-02-01 12:55 1103240]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

    [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
    "{6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C}"= C:\WINDOWS\system32\awtsPFXn.dll [2008-03-30 11:11 26800]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\awtsPFXn]
    awtsPFXn.dll 2008-03-30 11:11 26800 C:\WINDOWS\system32\awtsPFXn.dll

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Authentication Packages REG_MULTI_SZ msv1_0 C:\WINDOWS\system32\opnnnkJC.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
    "DisableMonitoring"=dword:00000001

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\LimeWire\\LimeWire.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
    "C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
    "C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=

    R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 19:31]
    R1 Hotkey;Hotkey;C:\WINDOWS\system32\drivers\Hotkey.sys [2003-04-28 11:27]
    R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 19:35]
    R2 EpmPsd;Acer EPM Power Scheme Driver;C:\WINDOWS\system32\drivers\epm-psd.sys [2005-04-22 16:57]
    R2 EpmShd;Acer EPM System Hardware Driver;C:\WINDOWS\system32\drivers\epm-shd.sys [2005-04-22 16:57]
    S1 Wbutton;Wbutton;C:\WINDOWS\system32\drivers\Wbutton.sys []
    S3 LVPrcMon;Logitech LVPrcMon Driver;C:\WINDOWS\system32\drivers\LVPrcMon.sys [2005-12-09 15:37]
    S3 psdfilter;psdfilter;C:\WINDOWS\system32\Drivers\psdfilter.sys [2006-04-07 20:17]
    S3 psdvdisk;psdvdisk;C:\WINDOWS\system32\Drivers\psdvdisk.sys [2006-03-08 17:10]
    S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 22:58]
    S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 23:08]

    .
    Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
    "2008-04-17 12:00:02 C:\WINDOWS\Tasks\B1021B9B91858CAB.job"
    - c:\docume~1\rambaud\applic~1\bluevi~1\does size thunk.exe
    "2008-04-16 21:12:26 C:\WINDOWS\Tasks\Norton Security Scan.job"
    - C:\Program Files\Norton Security Scan\Nss.exe
    .
    **************************************************************************

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-04-17 14:02:48
    Windows 5.1.2600 Service Pack 2 FAT NTAPI

    Balayage processus cach‚s ...

    Balayage cach‚ autostart entries ...

    Balayage des fichiers cach‚s ...

    Scan termin‚ avec succŠs
    Les fichiers cach‚s: 0

    **************************************************************************
    .
    --------------------- DLLs a charg‚ sous des processus courants ---------------------

    PROCESS: C:\WINDOWS\system32\winlogon.exe
    -> C:\WINDOWS\system32\awtsPFXn.dll
    .
    ------------------------ Other Running Processes ------------------------
    .
    C:\PROGRAM FILES\INTEL\WIRELESS\BIN\EVTENG.EXE
    C:\PROGRAM FILES\INTEL\WIRELESS\BIN\S24EVMON.EXE
    C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASWUPDSV.EXE
    C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
    C:\PROGRAM FILES\FICHIERS COMMUNS\LOGISHRD\LVMVFM\LVPRCSRV.EXE
    C:\ACER\EMPOWERING TECHNOLOGY\EPERFORMANCE\MEMCHECK.EXE
    C:\WINDOWS\EHOME\EHRECVR.EXE
    C:\WINDOWS\EHOME\EHSCHED.EXE
    C:\PROGRAM FILES\GOOGLE\COMMON\GOOGLE UPDATER\GOOGLEUPDATERSERVICE.EXE
    C:\WINDOWS\SYSTEM32\NVSVC32.EXE
    C:\PROGRAM FILES\INTEL\WIRELESS\BIN\REGSRVC.EXE
    C:\PROGRAM FILES\SPYWARE DOCTOR\PCTSAUXS.EXE
    C:\PROGRAM FILES\SPYWARE DOCTOR\PCTSSVC.EXE
    C:\WINDOWS\SYSTEM32\WBEM\WMIAPSRV.EXE
    C:\PROGRAM FILES\WINDOWS MEDIA PLAYER\WMPNETWK.EXE
    C:\ACER\EMPOWERING TECHNOLOGY\ELOCK\SERVICE\ELOCKSERV.EXE
    C:\WINDOWS\EHOME\MCRDSVC.EXE
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\Program Files\Google\Google Updater\GoogleUpdater.exe
    C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
    C:\WINDOWS\system32\imapi.exe
    .
    **************************************************************************
    .
    Temps d'accomplissement: 2008-04-17 14:05:40 - machine was rebooted [Rambaud]
    ComboFix-quarantined-files.txt 2008-04-17 12:05:32
    ComboFix2.txt 2008-04-12 16:54:46

    Pre-Run: 30,136,762,368 octets libres
    Post-Run: 30,166,319,104 octets libres
    .
    2008-04-09 19:46:48 --- E O F ---
    a b 8 Sécurité
    17 Avril 2008 18:20:54

    On continue le ménage :) 

    Télécharge MalwareByte's Anti-Malware sur ton Bureau.
    Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

    Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
    AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :
    -- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
    -- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
    [#ff0000]REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.[/#f]

    AIDE : Tuto en images sur MBAM
    17 Avril 2008 19:27:04

    voila voila


    Malwarebytes' Anti-Malware 1.11
    Version de la base de données: 642

    Type de recherche: Examen complet (C:\|D:\|)
    Eléments examinés: 96992
    Temps écoulé: 39 minute(s), 45 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 1
    Clé(s) du Registre infectée(s): 25
    Valeur(s) du Registre infectée(s): 5
    Elément(s) de données du Registre infecté(s): 2
    Dossier(s) infecté(s): 1
    Fichier(s) infecté(s): 158

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    C:\WINDOWS\system32\awtsPFXn.dll (Trojan.Vundo) -> Unloaded module successfully.

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba4cc658-a231-4df5-bef2-bd7eee1cb16c} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{ba4cc658-a231-4df5-bef2-bd7eee1cb16c} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\awtspfxn (Trojan.Vundo) -> Delete on reboot.
    HKEY_CLASSES_ROOT\CLSID\{d850220e-2c34-4fa6-be2e-4c52095fa982} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d850220e-2c34-4fa6-be2e-4c52095fa982} (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Tencent (Adware.Agent) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Mirar (AdWare.Mirar) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\PlayMP3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PlayMP3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\jkwslist (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\aldd (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affltid (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Juan (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\FCOVM (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\RemoveRP (Trojan.Vundo) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\049364a8 (Trojan.Vundo) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo) -> Delete on reboot.
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\www.host-domain-lookup.com (Malware.Trace) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ADP (Rogue.Multiple) -> Quarantined and deleted successfully.

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\LSA\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\opnnnkjc.dll -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages (Trojan.Vundo) -> Data: c:\windows\system32\opnnnkjc.dll -> Quarantined and deleted successfully.

    Dossier(s) infecté(s):
    C:\Program Files\MalwareAlarm (Rogue.Malware.Alarm) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\lrkuleyb.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\byelukrl.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\opnnnkJC.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\CJknnnpo.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\CJknnnpo.ini2 (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\awtsPFXn.dll (Trojan.Vundo) -> Delete on reboot.
    C:\WINDOWS\system32\lybbmgja.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\antjnpft.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\uplaphbh.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Rambaud\Local Settings\Temporary Internet Files\Content.IE5\1HLT9223\hlp[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Documents and Settings\Rambaud\Local Settings\Temporary Internet Files\Content.IE5\5I38TOQ3\index[1] (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\MalwareAlarm0.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\MalwareAlarm1.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
    C:\Program Files\Alwil Software\Avast4\DATA\moved\MalwareAlarm3.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP142\A0031806.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP145\A0034204.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP145\A0034206.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP145\A0034237.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP145\A0034239.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP145\A0034306.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP145\A0034307.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP149\A0037691.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP149\A0038743.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP150\A0039773.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP150\A0039775.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP150\A0039783.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP150\A0039784.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP150\A0039790.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP150\A0039801.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP150\A0039802.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP150\A0039817.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP150\A0039818.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP150\A0039821.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP150\A0039826.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP150\A0039838.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP151\A0039937.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP151\A0039967.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP152\A0040013.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP152\A0040075.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP152\A0044185.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP152\A0045184.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP153\A0045271.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP153\A0045273.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP154\A0046284.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP155\A0046627.DLL (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047724.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047725.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047726.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047727.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047728.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047729.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047730.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047731.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047732.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047733.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047734.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047735.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047736.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047737.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047738.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047739.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047740.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047741.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047742.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047743.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP156\A0047744.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047816.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047817.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047848.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047849.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047851.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047909.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047910.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047911.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047912.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047913.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047914.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047915.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047916.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047917.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047918.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047919.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047920.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047921.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047922.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047923.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047924.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047925.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047926.dll (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047928.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047942.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047946.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047948.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047974.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP158\A0047988.DLL (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP159\A0048135.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\system volume information\_restore{7D0A09CF-FCEC-40B1-949D-E158943906CC}\RP159\A0048149.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\elasqfxd.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\enpipyrs.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\hmfrgsxg.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\hqrsqgdh.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\jkxkikim.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\noqyuvwv.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\ocllywvf.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\tqgikbko.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\trdtjdxq.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\uhxbdrfa.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\wjijrfib.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\ytylyawq.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\kqtiddtn.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\xqountbs.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\rqellbod.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\ncnudteo.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\vulnoofs.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\bgfvggol.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\rscjredx.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\lfbpoeix.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\lioxryrk.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\nskhydfu.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\shedojvu.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\tydtcfgd.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\vheobsmt.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\msmvvtmg.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\wsfkhlme.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\ufvldrir.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\spdwnetb.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\gxyxctam.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\ipyhupxf.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\ewxulxxa.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\bmtqcmvd.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\okdoojis.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\jfdmfowl.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\pvebssbt.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\kpjsbqcb.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\htismvly.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\srakshuu.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\cghnsqcy.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\wrxixeyq.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\dgfkymlx.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\ahcqvpww.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\tnsllorw.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\miaxrrar.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\onuyvivk.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\lkeswfhc.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\dglsetmw.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\toxxgcpy.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\kvupwcwe.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\ombalpdb.dll.vir (Trojan.AVKiller) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\aewqqtdn.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\exjniwwm.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\gofaidcg.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\hncetdcw.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\rbfovckf.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\QooBox\Quarantine\C\WINDOWS\system32\ufoquoli.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\Program Files\MalwareAlarm\Uninstall.exe (Rogue.Malware.Alarm) -> Quarantined and deleted successfully.
    C:\Program Files\MalwareAlarm\MalwareAlarm.lic (Rogue.Malware.Alarm) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\urqQhIYs.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\jkkKdddc.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
    a b 8 Sécurité
    17 Avril 2008 19:52:06

    Refais un scan Combofix.
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS