Liloute

Voici le rapport avec VundoFix VundoFix V4.2.22 Scan started at 16:56:18 06/02/2006 Listing files found while scanning.... C:\WINDOWS\System32\gebyv.dll C:\WINDOWS\System32\vybeg.ini Attempting to delete C:\WINDOWS\System32\gebyv.dll C:\WINDOWS\System32\gebyv.dll Could not be deleted. Attempting to delete C:\WINDOWS\System32\vybeg.ini C:\WINDOWS\System32\vybeg.ini Could not be deleted. Performing Repairs to the registry. Done! et le HijackThis: Logfile of HijackThis v1.99.1 Scan saved at 17:02:56, on 06/02/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\windows\System32\smss.exe C:\windows\SYSTEM32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\windows\System32\svchost.exe C:\windows\Explorer.EXE C:\WINDOWS\system32\wincon.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\iPod\bin\iPodService.exe C:\alc.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [Anti-Virus Update Scheduler V1.39.12R] C:\alc.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - Startup: CD-MENU.LNK = ? O4 - Startup: OpenOffice.org 1.1.5.lnk = C:\Program Files\OpenOffice.org1.1.5\program\crashrep.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll O20 - Winlogon Notify: awvtt - awvtt.dll (file missing) O20 - Winlogon Notify: ddccy - C:\WINDOWS\System32\ddccy.dll (file missing) O20 - Winlogon Notify: mlljh - mlljh.dll (file missing) O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: AOL Instant Messanger (AIM) - Unknown owner - C:\WINDOWS\aim.exe (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: DirectX Graphics (dxdmain) - Unknown owner - C:\WINDOWS\System32\dxdmain.exe (file missing) O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: Defragmentation Management Handler (FAT Defragmentation) - Unknown owner - C:\WINDOWS\System32\dfrgfat32.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: inetdns (InetDns) (inetdns) - Unknown owner - C:\WINDOWS\system32\inetdns.exe (file missing) O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Enables Java Support (Java) - Unknown owner - C:\WINDOWS\System32\winjava.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Locator (Locator) - Unknown owner - C:\WINDOWS\system32\wininit.exe (file missing) O23 - Service: NetDDE Server (NetDDEsrv) - Unknown owner - C:\WINDOWS\System32\netddesrv.exe (file missing) O23 - Service: Print Spool Handler (Print Spooler) - Unknown owner - C:\WINDOWS\System32\spooler.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Monitoring (Rpcmon) - Unknown owner - C:\WINDOWS\System32\Rpcmon.exe (file missing) O23 - Service: System Manager Service (SMSC) - Unknown owner - C:\WINDOWS\smsc.exe (file missing) O23 - Service: SMSS - Unknown owner - C:\WINDOWS\smss.exe (file missing) O23 - Service: Super AOL instant messenger (supermsg) - Unknown owner - C:\windows\lsass2.exe (file missing) O23 - Service: SystemManager - Unknown owner - C:\WINDOWS\sysmanager.exe (file missing) O23 - Service: network monitoring tools (windows network) - Unknown owner - C:\WINDOWS\nvcr32.exe (file missing) O23 - Service: MS Dns Service (WinNet) - Unknown owner - C:\WINDOWS\system32\wincntrl.exe (file missing) O23 - Service: wordpad - Unknown owner - C:\WINDOWS\wordpad.exe (file missing)

Bah non je nt pas là Pas grave Donc je lui fais installer VundoFix puis elle le lancera selon tes instructions, puis je vous poste le rapport du scan + le rapport Hijackthis en fin d'aprèm Encore un grand merci

Ok, ok

Bonsoir Ok, donc on arrete les manip pour ce soir? On attend demain? Je ne lui fais donc pas faire un autre scan avec SpyBot désactivé? Encore un grand merci pour tout

Ah ok, ben je vais de ce pas lui faire désactiver Spy Bot et lui faire refaire la manip avec VundoFix & Hijackthis.... Merci d'avoir répondu Charles Ingals A tout à l'heure

Bonsoir a tous, Voici donc le rapport de VundoFix VundoFix V4.2.21 Scan started at 19:24:28 05/02/2006 Listing files found while scanning.... Some files may be listed more then once C:\windows\system32\yccdd.bak1 C:\windows\system32\yccdd.bak2 C:\windows\system32\yccdd.tmp C:\windows\system32\yccdd.ini C:\windows\system32\yccdd.ini2 C:\windows\system32\vybeg.bak1 C:\windows\system32\vybeg.bak2 C:\windows\system32\vybeg.ini C:\windows\system32\gebyv.dll C:\windows\system32\yccdd.ini2 C:\windows\system32\yccdd.bak2 C:\windows\system32\yccdd.tmp C:\windows\system32\yccdd.ini C:\windows\system32\yccdd.ini2 Attempting to delete C:\WINDOWS\qaz4.txt C:\WINDOWS\qaz4.txt Has been deleted! Attempting to delete C:\windows\system32\yccdd.bak1 C:\windows\system32\yccdd.bak1 Has been deleted! Attempting to delete C:\windows\system32\yccdd.bak2 C:\windows\system32\yccdd.bak2 Has been deleted! Attempting to delete C:\windows\system32\yccdd.tmp C:\windows\system32\yccdd.tmp Has been deleted! Attempting to delete C:\windows\system32\yccdd.ini C:\windows\system32\yccdd.ini Has been deleted! Attempting to delete C:\windows\system32\yccdd.ini2 C:\windows\system32\yccdd.ini2 Has been deleted! Attempting to delete C:\windows\system32\vybeg.bak1 C:\windows\system32\vybeg.bak1 Has been deleted! Attempting to delete C:\windows\system32\vybeg.bak2 C:\windows\system32\vybeg.bak2 Has been deleted! Attempting to delete C:\windows\system32\vybeg.ini C:\windows\system32\vybeg.ini Could not be deleted. Attempting to delete C:\windows\system32\gebyv.dll C:\windows\system32\gebyv.dll Could not be deleted. Performing Repairs to the registry. Done! et celui fait avec HijackThis, juste après: Logfile of HijackThis v1.99.1 Scan saved at 19:32:52, on 05/02/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\windows\System32\smss.exe C:\windows\SYSTEM32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\windows\System32\svchost.exe C:\WINDOWS\system32\wincon.exe C:\windows\Explorer.EXE C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O2 - BHO: ATLDistrib Object - {E65DD8E2-1005-4D44-952E-016BEDB01B62} - C:\WINDOWS\System32\gebyv.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Startup: CD-MENU.LNK = ? O4 - Startup: OpenOffice.org 1.1.5.lnk = C:\Program Files\OpenOffice.org1.1.5\program\crashrep.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll O20 - Winlogon Notify: awvtt - awvtt.dll (file missing) O20 - Winlogon Notify: ddccy - C:\WINDOWS\System32\ddccy.dll (file missing) O20 - Winlogon Notify: mlljh - mlljh.dll (file missing) O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: AOL Instant Messanger (AIM) - Unknown owner - C:\WINDOWS\aim.exe (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: DirectX Graphics (dxdmain) - Unknown owner - C:\WINDOWS\System32\dxdmain.exe (file missing) O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: Defragmentation Management Handler (FAT Defragmentation) - Unknown owner - C:\WINDOWS\System32\dfrgfat32.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: inetdns (InetDns) (inetdns) - Unknown owner - C:\WINDOWS\system32\inetdns.exe (file missing) O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Enables Java Support (Java) - Unknown owner - C:\WINDOWS\System32\winjava.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Locator (Locator) - Unknown owner - C:\WINDOWS\system32\wininit.exe (file missing) O23 - Service: NetDDE Server (NetDDEsrv) - Unknown owner - C:\WINDOWS\System32\netddesrv.exe (file missing) O23 - Service: Print Spool Handler (Print Spooler) - Unknown owner - C:\WINDOWS\System32\spooler.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Monitoring (Rpcmon) - Unknown owner - C:\WINDOWS\System32\Rpcmon.exe (file missing) O23 - Service: System Manager Service (SMSC) - Unknown owner - C:\WINDOWS\smsc.exe (file missing) O23 - Service: SMSS - Unknown owner - C:\WINDOWS\smss.exe (file missing) O23 - Service: Super AOL instant messenger (supermsg) - Unknown owner - C:\windows\lsass2.exe (file missing) O23 - Service: SystemManager - Unknown owner - C:\WINDOWS\sysmanager.exe (file missing) O23 - Service: network monitoring tools (windows network) - Unknown owner - C:\WINDOWS\nvcr32.exe (file missing) O23 - Service: MS Dns Service (WinNet) - Unknown owner - C:\WINDOWS\system32\wincntrl.exe (file missing) O23 - Service: wordpad - Unknown owner - C:\WINDOWS\wordpad.exe (file missing) Ca en est où?

Bon.... je lui ferai faire le VundoFix + un rapport HijackThis que je posterai en début de soirée, vers les 18h.... Sinon, elle m'a dit avoir eu un message du genre " plus de mémoire virtuelle".... que se passe t il encore?

C'est pas grave, tu t'es donné déjà beaucoup de mal, c'est très gentil de ta part Donc, là, je ne lui fais pas fixer ce que tu as posté en dernier?

Ah, mince lol Elle a fait l'autre fix déjà... Bon, je vais poster le dernier rapport Attends avant de te casser la tete pour rien Je suis désolée lol Voici donc: Logfile of HijackThis v1.99.1 Scan saved at 03:26:49, on 05/02/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\windows\System32\smss.exe C:\windows\SYSTEM32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\windows\System32\svchost.exe C:\WINDOWS\system32\wincon.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\windows\explorer.exe C:\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O2 - BHO: ATLDistrib Object - {E65DD8E2-1005-4D44-952E-016BEDB01B62} - C:\WINDOWS\System32\gebyv.dll O2 - BHO: (no name) - {EA32FB3B-21C9-42cc-B8EF-01A9B28EDB0D} - (no file) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Startup: CD-MENU.LNK = ? O4 - Startup: OpenOffice.org 1.1.5.lnk = C:\Program Files\OpenOffice.org1.1.5\program\crashrep.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll O20 - Winlogon Notify: awvtt - awvtt.dll (file missing) O20 - Winlogon Notify: ddccy - C:\WINDOWS\System32\ddccy.dll (file missing) O20 - Winlogon Notify: gebyv - C:\WINDOWS\System32\gebyv.dll O20 - Winlogon Notify: mlljh - mlljh.dll (file missing) O20 - Winlogon Notify: WRNotifier - C:\windows\SYSTEM32\WRLogonNTF.dll O23 - Service: AOL Instant Messanger (AIM) - Unknown owner - C:\WINDOWS\aim.exe (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: DirectX Graphics (dxdmain) - Unknown owner - C:\WINDOWS\System32\dxdmain.exe (file missing) O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: Defragmentation Management Handler (FAT Defragmentation) - Unknown owner - C:\WINDOWS\System32\dfrgfat32.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: inetdns (InetDns) (inetdns) - Unknown owner - C:\WINDOWS\system32\inetdns.exe (file missing) O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Enables Java Support (Java) - Unknown owner - C:\WINDOWS\System32\winjava.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Locator (Locator) - Unknown owner - C:\WINDOWS\system32\wininit.exe (file missing) O23 - Service: NetDDE Server (NetDDEsrv) - Unknown owner - C:\WINDOWS\System32\netddesrv.exe (file missing) O23 - Service: Print Spool Handler (Print Spooler) - Unknown owner - C:\WINDOWS\System32\spooler.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Monitoring (Rpcmon) - Unknown owner - C:\WINDOWS\System32\Rpcmon.exe (file missing) O23 - Service: System Manager Service (SMSC) - Unknown owner - C:\WINDOWS\smsc.exe (file missing) O23 - Service: SMSS - Unknown owner - C:\WINDOWS\smss.exe (file missing) O23 - Service: Super AOL instant messenger (supermsg) - Unknown owner - C:\windows\lsass2.exe (file missing) O23 - Service: SystemManager - Unknown owner - C:\WINDOWS\sysmanager.exe (file missing) O23 - Service: network monitoring tools (windows network) - Unknown owner - C:\WINDOWS\nvcr32.exe (file missing) O23 - Service: MS Dns Service (WinNet) - Unknown owner - C:\WINDOWS\system32\wincntrl.exe (file missing) O23 - Service: wordpad - Unknown owner - C:\WINDOWS\wordpad.exe (file missing)

Mais elle peut quand meme utiliser votre fix?

Bon, là elle a pu avoir Haxfix avec ma clé... mais no infection found après un scan... Voici le rapport de HijackThis après le scan fait avec Haxfix..... Logfile of HijackThis v1.99.1 Scan saved at 01:47:17, on 05/02/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\windows\System32\smss.exe C:\windows\SYSTEM32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\windows\System32\svchost.exe C:\WINDOWS\system32\wincon.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\windows\explorer.exe C:\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O2 - BHO: ATLDistrib Object - {E65DD8E2-1005-4D44-952E-016BEDB01B62} - C:\WINDOWS\System32\gebyv.dll O2 - BHO: (no name) - {EA32FB3B-21C9-42cc-B8EF-01A9B28EDB0D} - (no file) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [html32 Help System] hhs32.pif O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [Microsoft Command Line] wincmd.exe O4 - HKLM\..\Run: [Microsoft Update 32] wininit.exe O4 - HKLM\..\Run: [MS Sys Security] mswin.pif O4 - HKLM\..\Run: [MS Unix Binary] msnq3insller.exe O4 - HKLM\..\Run: [Optional Web Drivers For WIN32] phqghume.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Windows System Security] sys32.pif O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\RunServices: [Optional Web Drivers For WIN32] phqghume.exe O4 - HKLM\..\RunServices: [MS Unix Binary] msnq3insller.exe O4 - HKLM\..\RunServices: [Windows System Security] sys32.pif O4 - HKLM\..\RunServices: [Microsoft Update 32] wininit.exe O4 - HKLM\..\RunServices: [MS Sys Security] mswin.pif O4 - HKLM\..\RunServices: [Microsoft Command Line] wincmd.exe O4 - HKLM\..\RunServices: [html32 Help System] hhs32.pif O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [soes] "C:\Program Files\ioap\ouau.exe" -vt ndrv O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\RunServices: [Windows System Security] sys32.pif O4 - HKCU\..\RunServices: [MS Sys Security] mswin.pif O4 - HKCU\..\RunServices: [html32 Help System] hhs32.pif O4 - Startup: CD-MENU.LNK = ? O4 - Startup: OpenOffice.org 1.1.5.lnk = C:\Program Files\OpenOffice.org1.1.5\program\crashrep.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll O20 - Winlogon Notify: awvtt - awvtt.dll (file missing) O20 - Winlogon Notify: ddccy - C:\WINDOWS\System32\ddccy.dll (file missing) O20 - Winlogon Notify: gebyv - C:\WINDOWS\System32\gebyv.dll O20 - Winlogon Notify: mlljh - mlljh.dll (file missing) O20 - Winlogon Notify: WRNotifier - C:\windows\SYSTEM32\WRLogonNTF.dll O23 - Service: AOL Instant Messanger (AIM) - Unknown owner - C:\WINDOWS\aim.exe (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: DirectX Graphics (dxdmain) - Unknown owner - C:\WINDOWS\System32\dxdmain.exe (file missing) O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: Defragmentation Management Handler (FAT Defragmentation) - Unknown owner - C:\WINDOWS\System32\dfrgfat32.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: inetdns (InetDns) (inetdns) - Unknown owner - C:\WINDOWS\system32\inetdns.exe (file missing) O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Enables Java Support (Java) - Unknown owner - C:\WINDOWS\System32\winjava.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Locator (Locator) - Unknown owner - C:\WINDOWS\system32\wininit.exe (file missing) O23 - Service: NetDDE Server (NetDDEsrv) - Unknown owner - C:\WINDOWS\System32\netddesrv.exe (file missing) O23 - Service: Print Spool Handler (Print Spooler) - Unknown owner - C:\WINDOWS\System32\spooler.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Monitoring (Rpcmon) - Unknown owner - C:\WINDOWS\System32\Rpcmon.exe (file missing) O23 - Service: System Manager Service (SMSC) - Unknown owner - C:\WINDOWS\smsc.exe (file missing) O23 - Service: SMSS - Unknown owner - C:\WINDOWS\smss.exe (file missing) O23 - Service: Super AOL instant messenger (supermsg) - Unknown owner - C:\windows\lsass2.exe (file missing) O23 - Service: SystemManager - Unknown owner - C:\WINDOWS\sysmanager.exe (file missing) O23 - Service: network monitoring tools (windows network) - Unknown owner - C:\WINDOWS\nvcr32.exe (file missing) O23 - Service: MS Dns Service (WinNet) - Unknown owner - C:\WINDOWS\system32\wincntrl.exe (file missing) O23 - Service: wordpad - Unknown owner - C:\WINDOWS\wordpad.exe (file missing) et là, je vais lui faire faire le fix posté par Qc001..... Je vous poste le rapport dans quelques instants fait avec HijackThis....

Ok, merci

Ok.... Merci.... Mais HijackThis, elle le lance en mode sans échec ou pas?

Un énorme merci pour elle!

Certes, mais elle plante tellement qu'il lui sera sans doute impossible d'aller sur le net pour télécharger les choses dont vous m'avez donné le lien... Je ne sais pas comment elle va faire là.....

Voici donc le rapport après avoir suivi à la lettre la procédure de "nettoyage" Logfile of HijackThis v1.99.1 Scan saved at 13:21:39, on 04/02/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\windows\System32\smss.exe C:\windows\system32\csrss.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\System32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\windows\System32\svchost.exe C:\WINDOWS\System32\wdfmgr.exe C:\WINDOWS\system32\wincon.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\ioap\ouau.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O2 - BHO: ATLDistrib Object - {E65DD8E2-1005-4D44-952E-016BEDB01B62} - C:\WINDOWS\System32\gebyv.dll O2 - BHO: (no name) - {EA32FB3B-21C9-42cc-B8EF-01A9B28EDB0D} - C:\WINDOWS\System32\mlljh.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [Anti-Virus Update Scheduler V1.39.12R] C:\alc.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Compaq Service Drivers] ntsys32.exe O4 - HKLM\..\Run: [html32 Help System] hhs32.pif O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [Microsoft Command Line] wincmd.exe O4 - HKLM\..\Run: [Microsoft Update 32] wininit.exe O4 - HKLM\..\Run: [MS Sys Security] mswin.pif O4 - HKLM\..\Run: [MS Unix Binary] msnq3insller.exe O4 - HKLM\..\Run: [Optional Web Drivers For WIN32] phqghume.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Windows System Security] sys32.pif O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\RunServices: [Optional Web Drivers For WIN32] phqghume.exe O4 - HKLM\..\RunServices: [MS Unix Binary] msnq3insller.exe O4 - HKLM\..\RunServices: [Windows System Security] sys32.pif O4 - HKLM\..\RunServices: [Microsoft Update 32] wininit.exe O4 - HKLM\..\RunServices: [MS Sys Security] mswin.pif O4 - HKLM\..\RunServices: [Compaq Service Drivers] ntsys32.exe O4 - HKLM\..\RunServices: [Microsoft Command Line] wincmd.exe O4 - HKLM\..\RunServices: [html32 Help System] hhs32.pif O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [DNS] C:\Program Files\Fichiers communs\mc-58-12-0000111.exe O4 - HKCU\..\Run: [soes] "C:\Program Files\ioap\ouau.exe" -vt ndrv O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\RunServices: [Windows System Security] sys32.pif O4 - HKCU\..\RunServices: [MS Sys Security] mswin.pif O4 - HKCU\..\RunServices: [Compaq Service Drivers] ntsys32.exe O4 - HKCU\..\RunServices: [html32 Help System] hhs32.pif O4 - Startup: CD-MENU.LNK = ? O4 - Startup: OpenOffice.org 1.1.5.lnk = C:\Program Files\OpenOffice.org1.1.5\program\crashrep.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll O20 - Winlogon Notify: avpe32 - C:\windows\SYSTEM32\avpe32.dll O20 - Winlogon Notify: awvtt - awvtt.dll (file missing) O20 - Winlogon Notify: ddccy - C:\WINDOWS\System32\ddccy.dll (file missing) O20 - Winlogon Notify: gebyv - C:\WINDOWS\System32\gebyv.dll O20 - Winlogon Notify: mlljh - C:\windows\SYSTEM32\mlljh.dll O21 - SSODL: SysTray.Exbr - {6368D1FC-6F5C-4f1b-B164-E67214F678E9} - C:\WINDOWS\System32\bdbjffjo.dll O23 - Service: AOL Instant Messanger (AIM) - Unknown owner - C:\WINDOWS\aim.exe (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: DirectX Graphics (dxdmain) - Unknown owner - C:\WINDOWS\System32\dxdmain.exe (file missing) O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: Defragmentation Management Handler (FAT Defragmentation) - Unknown owner - C:\WINDOWS\System32\dfrgfat32.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: inetdns (InetDns) (inetdns) - Unknown owner - C:\WINDOWS\system32\inetdns.exe (file missing) O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Enables Java Support (Java) - Unknown owner - C:\WINDOWS\System32\winjava.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Locator (Locator) - Unknown owner - C:\WINDOWS\system32\wininit.exe (file missing) O23 - Service: NetDDE Server (NetDDEsrv) - Unknown owner - C:\WINDOWS\System32\netddesrv.exe (file missing) O23 - Service: Print Spool Handler (Print Spooler) - Unknown owner - C:\WINDOWS\System32\spooler.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Monitoring (Rpcmon) - Unknown owner - C:\WINDOWS\System32\Rpcmon.exe (file missing) O23 - Service: System Manager Service (SMSC) - Unknown owner - C:\WINDOWS\smsc.exe (file missing) O23 - Service: SMSS - Unknown owner - C:\WINDOWS\smss.exe (file missing) O23 - Service: SystemManager - Unknown owner - C:\WINDOWS\sysmanager.exe (file missing) O23 - Service: network monitoring tools (windows network) - Unknown owner - C:\WINDOWS\nvcr32.exe (file missing) O23 - Service: MS Dns Service (WinNet) - Unknown owner - C:\WINDOWS\system32\wincntrl.exe (file missing) O23 - Service: wordpad - Unknown owner - C:\WINDOWS\wordpad.exe (file missing) Pensez -vous que ma copine pourra retrouver un pc en état de marche? Parceque là, il est quasiment hs, il plante souvent, est très lent... ou le mieux serait de formater? Merci d'avance pour votre aide et vos réponses

C'est ce qu'elle a fait ... seulement, elle ne s'est pas servi du meme anti virus que vous conseillez... Donc, elle le refera de A à Z (avec Antivir) et je vous reposterai le rapport sous peu, merci pour vos réponses

Mon amie ne pouvant plus aller sur le net (pc infesté de virus, trojans et autres), je vous poste a sa place son rapport d'analyse, merci de me dire quoi cocher pour faire le ménage Logfile of HijackThis v1.99.1 Scan saved at 02:05:32, on 03/02/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\windows\System32\smss.exe C:\windows\system32\csrss.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\windows\System32\svchost.exe C:\windows\System32\svchost.exe C:\windows\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\alc.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\windows\System32\svchost.exe C:\WINDOWS\System32\wdfmgr.exe C:\WINDOWS\system32\wincon.exe C:\windows\autoclk.exe C:\WINDOWS\nvcr32.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\iPod\bin\iPodService.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\Program Files\ioap\ouau.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\WINDOWS\System32\w?auboot.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe C:\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens R3 - Default URLSearchHook is missing O2 - BHO: ATLDistrib Object - {E65DD8E2-1005-4D44-952E-016BEDB01B62} - C:\WINDOWS\System32\gebyv.dll O2 - BHO: (no name) - {EA32FB3B-21C9-42cc-B8EF-01A9B28EDB0D} - C:\WINDOWS\System32\mlljh.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [Anti-Virus Update Scheduler V1.39.12R] C:\alc.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [gimmygames] C:\windows\gimmygames.exe O4 - HKLM\..\Run: [autoclk] autoclk.exe O4 - HKLM\..\Run: [AutoUpdater] "C:\Program Files\AutoUpdate\AutoUpdate.exe" O4 - HKLM\..\Run: [bDMCon] C:\PROGRA~1\Softwin\BITDEF~1\bdmcon.exe O4 - HKLM\..\Run: [bDNewsAgent] C:\Program Files\Softwin\BitDefender8\bdnagent.exe O4 - HKLM\..\Run: [bDOESRV] C:\Program Files\Softwin\BitDefender8\bdoesrv.exe O4 - HKLM\..\Run: [bgtmb] C:\WINDOWS\bgtmb.exe O4 - HKLM\..\Run: [bJbcdxd] C:\WINDOWS\kwfybtkl.exe O4 - HKLM\..\Run: [bmfhsp] C:\Program Files\Bweuq\Njnpzks.exe O4 - HKLM\..\Run: [clfcvtj] C:\WINDOWS\System32\lhvkri.exe r O4 - HKLM\..\Run: [Compaq Service Drivers] ntsys32.exe O4 - HKLM\..\Run: [fsyelph] C:\WINDOWS\System32\yhvohss.exe r O4 - HKLM\..\Run: [FWDMON.EXE] C:\WINDOWS\System32\fwdmon.exe O4 - HKLM\..\Run: [g8r3o0uf] C:\WINDOWS\System32\g8r3o0uf.exe O4 - HKLM\..\Run: [gklcvlbjko] C:\WINDOWS\\\\\\\\\\\ O4 - HKLM\..\Run: [hoVrclaZsR] C:\WINDOWS\System32\laajnnyldsff.exe O4 - HKLM\..\Run: [html32 Help System] hhs32.pif O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [jgpqj] C:\WINDOWS\jgpqj.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [Microsoft Command Line] wincmd.exe O4 - HKLM\..\Run: [Microsoft Update 32] wininit.exe O4 - HKLM\..\Run: [MS Sys Security] mswin.pif O4 - HKLM\..\Run: [MS Unix Binary] msnq3insller.exe O4 - HKLM\..\Run: [npaxia] C:\WINDOWS\System32\okuevca.exe r O4 - HKLM\..\Run: [nt80sd1v] C:\WINDOWS\System32\nt80sd1v.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Optional Web Drivers For WIN32] phqghume.exe O4 - HKLM\..\Run: [Piolet] C:\Program Files\Piolet\Piolet.exe SILENT O4 - HKLM\..\Run: [piz.] C:\WINDOWS\exe82.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [rybyPlVmZ] C:\WINDOWS\System32\lijtwdbnrkadme.exe O4 - HKLM\..\Run: [sais] c:\program files\180searchassistant\sais.exe O4 - HKLM\..\Run: [seli] C:\WINDOWS\exe82.exe O4 - HKLM\..\Run: [sWOD] C:\WINDOWS\exe82.exe O4 - HKLM\..\Run: [system service69] C:\WINDOWS\\etb\pokapoka69.exe O4 - HKLM\..\Run: [system service72] C:\WINDOWS\\\etb\\pokapoka72.exe O4 - HKLM\..\Run: [t00ZqdCAs] C:\WINDOWS\pfiwi.exe O4 - HKLM\..\Run: [t9mg3EQ] cryadm.exe O4 - HKLM\..\Run: [Windows System Security] sys32.pif O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\RunServices: [Optional Web Drivers For WIN32] phqghume.exe O4 - HKLM\..\RunServices: [MS Unix Binary] msnq3insller.exe O4 - HKLM\..\RunServices: [Windows System Security] sys32.pif O4 - HKLM\..\RunServices: [Microsoft Update 32] wininit.exe O4 - HKLM\..\RunServices: [MS Sys Security] mswin.pif O4 - HKLM\..\RunServices: [Compaq Service Drivers] ntsys32.exe O4 - HKLM\..\RunServices: [Microsoft Command Line] wincmd.exe O4 - HKLM\..\RunServices: [hoVrclaZsR] C:\WINDOWS\System32\laajnnyldsff.exe O4 - HKLM\..\RunServices: [rybyPlVmZ] C:\WINDOWS\System32\lijtwdbnrkadme.exe O4 - HKLM\..\RunServices: [html32 Help System] hhs32.pif O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [cy5mROcni] corgntfy.exe O4 - HKCU\..\Run: [DNS] C:\Program Files\Fichiers communs\mc-58-12-0000111.exe O4 - HKCU\..\Run: [soes] "C:\Program Files\ioap\ouau.exe" -vt ndrv O4 - HKCU\..\Run: [Xluth] C:\WINDOWS\System32\w?auboot.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\RunServices: [Windows System Security] sys32.pif O4 - HKCU\..\RunServices: [MS Sys Security] mswin.pif O4 - HKCU\..\RunServices: [Compaq Service Drivers] ntsys32.exe O4 - HKCU\..\RunServices: [html32 Help System] hhs32.pif O4 - Startup: CD-MENU.LNK = ? O4 - Startup: OpenOffice.org 1.1.5.lnk = C:\Program Files\OpenOffice.org1.1.5\program\crashrep.exe O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Supervision de Photo Loader.lnk = C:\Program Files\CASIO\Photo Loader\Plauto.exe O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O16 - DPF: {00000000-0000-0000-0000-000020030000} - http://www.advnt01.com/dialer/fra_nos_med.exe O16 - DPF: {00000000-0000-0000-0000-000020040000} - http://207.234.185.217/ABoxInst_int12.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmesse...pdownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll O20 - Winlogon Notify: avpe32 - C:\windows\SYSTEM32\avpe32.dll O20 - Winlogon Notify: awvtt - awvtt.dll (file missing) O20 - Winlogon Notify: ddccy - C:\WINDOWS\System32\ddccy.dll (file missing) O20 - Winlogon Notify: gebyv - C:\WINDOWS\System32\gebyv.dll O20 - Winlogon Notify: mlljh - C:\windows\SYSTEM32\mlljh.dll O21 - SSODL: SysTray.Exbr - {6368D1FC-6F5C-4f1b-B164-E67214F678E9} - C:\WINDOWS\System32\bdbjffjo.dll O23 - Service: AOL Instant Messanger (AIM) - Unknown owner - C:\WINDOWS\aim.exe (file missing) O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: DirectX Graphics (dxdmain) - Unknown owner - C:\WINDOWS\System32\dxdmain.exe (file missing) O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: Defragmentation Management Handler (FAT Defragmentation) - Unknown owner - C:\WINDOWS\System32\dfrgfat32.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: inetdns (InetDns) (inetdns) - Unknown owner - C:\WINDOWS\system32\inetdns.exe (file missing) O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Enables Java Support (Java) - Unknown owner - C:\WINDOWS\System32\winjava.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Locator (Locator) - Unknown owner - C:\WINDOWS\system32\wininit.exe (file missing) O23 - Service: NetDDE Server (NetDDEsrv) - Unknown owner - C:\WINDOWS\System32\netddesrv.exe (file missing) O23 - Service: Print Spool Handler (Print Spooler) - Unknown owner - C:\WINDOWS\System32\spooler.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Monitoring (Rpcmon) - Unknown owner - C:\WINDOWS\System32\Rpcmon.exe (file missing) O23 - Service: System Manager Service (SMSC) - Unknown owner - C:\WINDOWS\smsc.exe (file missing) O23 - Service: SMSS - Unknown owner - C:\WINDOWS\smss.exe (file missing) O23 - Service: spool - Unknown owner - C:\WINDOWS\spoollv.exe (file missing) O23 - Service: SystemManager - Unknown owner - C:\WINDOWS\sysmanager.exe (file missing) O23 - Service: network monitoring tools (windows network) - Unknown owner - C:\WINDOWS\nvcr32.exe O23 - Service: MS Dns Service (WinNet) - Unknown owner - C:\WINDOWS\system32\wincntrl.exe (file missing) O23 - Service: wordpad - Unknown owner - C:\WINDOWS\wordpad.exe (file missing) Des scans ont été faits avec Spybot, Ewido, SmitFraudFix et AVG tourne en continue depuis. Je vous remercie par avance pour vos réponses