gus120

J'ai telechargé zone alarm (version firewall) et j'ai suivi tes consignes. Pas de nouveau message de virus depuis. Je pense que cette fois c'est bon. Un grand merci à tous. Pour du téléchargement est ce que zone alarm et avast suffisent ? Y a-t-il des précautions à prendre ? A+

oui Lorsque je suis passé du mode sans echec au mode normal, j'ai ouvert internet pour poster mes rapports et l'ordi c'est bloqué. La page n'a pas pû s'afficher complètement et impossible de la fermer. Je ne pouvais pas non plus éteindre l'ordinateur ou le redémarrer. Un message de virus c'est affiché par avast, j'ai cliqué sur supprimer, mais ça n'allait pas mieux j'ai dû rebooter. Là j'ai un autre message d'avast qui vient de s'afficher : C:\DOCUME~1\120\LOCALS~1\Temp\AAWTMP\C318406\16429C\UERSV_0001_N68M0602NetInstaller.exe Win32:FakeAlert [Trj] Cheval de Troie Sinon je viens de lancer AD AWARE SE il affiche plusieurs objets critiques trouvés (malwares). Tiens un autre message d'avast : C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\QZSFK9CJ\installer[1].exe Win32:Spyware-gen. [Trj] Cheval de Troie et encore un C:\WINDOWS\Temp\cmdinst.exe ..... Tant que l'ordinateur est allumé il affichera des messages, j'ai t'endance à les supprimer, je sais pas si je fais bien ! a+

je ne comprends pas tout ce que je fais mais enfin, voici les rapports : Logfile of HijackThis v1.99.1 Scan saved at 12:46:43, on 03/07/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\ewido anti-spyware 4.0\guard.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\System32\devldr32.exe C:\WINDOWS\system32\cmd.exe C:\WINDOWS\system32\ftp.exe C:\WINDOWS\System32\wuauclt.exe C:\Documents and Settings\120\Mes documents\soft vgi\Antivirus\nettoyer\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1 O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotion...canner37710.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe Look2Me-Destroyer V1.0.12 Scanning for infected files..... Scan started at 03/07/2006 09:45:32 Infected! C:\WINDOWS\system32\enrql1951.dll Infected! C:\WINDOWS\system32\ojeacc.dll Infected! C:\WINDOWS\system32\l48mlel11hq.dll Infected! C:\WINDOWS\system32\dXdramp.dll Infected! C:\WINDOWS\system32\enrql1951.dll Infected! C:\WINDOWS\system32\f8l02i3mg8.dll Infected! C:\WINDOWS\system32\ir86l5ls1.dll Infected! C:\WINDOWS\system32\j4p0le7m1h.dll Infected! C:\WINDOWS\system32\jt6u07j9e.dll Infected! C:\WINDOWS\system32\ktl6l73s1.dll Infected! C:\WINDOWS\system32\ktr4l79q1.dll Infected! C:\WINDOWS\system32\lvj8091ue.dll Infected! C:\WINDOWS\system32\lvlo0933e.dll Infected! C:\WINDOWS\system32\lvnq0955e.dll Infected! C:\WINDOWS\system32\m6640gjqe6oe0.dll Infected! C:\WINDOWS\system32\mvn0l95m1.dll Infected! C:\WINDOWS\system32\q0rqla951d.dll Infected! C:\WINDOWS\system32\vka.dll Attempting to delete infected files... Attempting to delete: C:\WINDOWS\system32\enrql1951.dll C:\WINDOWS\system32\enrql1951.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\dXdramp.dll C:\WINDOWS\system32\dXdramp.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\enrql1951.dll C:\WINDOWS\system32\enrql1951.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\f8l02i3mg8.dll C:\WINDOWS\system32\f8l02i3mg8.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\ir86l5ls1.dll C:\WINDOWS\system32\ir86l5ls1.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\j4p0le7m1h.dll C:\WINDOWS\system32\j4p0le7m1h.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\jt6u07j9e.dll C:\WINDOWS\system32\jt6u07j9e.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\ktl6l73s1.dll C:\WINDOWS\system32\ktl6l73s1.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\ktr4l79q1.dll C:\WINDOWS\system32\ktr4l79q1.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\lvj8091ue.dll C:\WINDOWS\system32\lvj8091ue.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\lvlo0933e.dll C:\WINDOWS\system32\lvlo0933e.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\lvnq0955e.dll C:\WINDOWS\system32\lvnq0955e.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\m6640gjqe6oe0.dll C:\WINDOWS\system32\m6640gjqe6oe0.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\mvn0l95m1.dll C:\WINDOWS\system32\mvn0l95m1.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\q0rqla951d.dll C:\WINDOWS\system32\q0rqla951d.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\vka.dll C:\WINDOWS\system32\vka.dll Deleted successfully! Making registry repairs. Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\MS-DOS Emulation Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RunOnceEx Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Shell Extensions Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{ACF231D6-A2CD-4288-9ADB-7AD17BFCE2D6}" HKCR\Clsid\{ACF231D6-A2CD-4288-9ADB-7AD17BFCE2D6} Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{69703D49-2369-4305-BF12-BDD91C163B5B}" HKCR\Clsid\{69703D49-2369-4305-BF12-BDD91C163B5B} Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{1523A970-3742-4553-9C12-3B8B0E79EDAD}" HKCR\Clsid\{1523A970-3742-4553-9C12-3B8B0E79EDAD} Restoring Windows certificates. Replaced hosts file with default windows hosts file a+

Bonjour stonangel, Voici les rapports : Look2Me-Destroyer V1.0.12 Scanning for infected files..... Scan started at 03/07/2006 09:45:32 Infected! C:\WINDOWS\system32\enrql1951.dll Infected! C:\WINDOWS\system32\ojeacc.dll Infected! C:\WINDOWS\system32\l48mlel11hq.dll Infected! C:\WINDOWS\system32\dXdramp.dll Infected! C:\WINDOWS\system32\enrql1951.dll Infected! C:\WINDOWS\system32\f8l02i3mg8.dll Infected! C:\WINDOWS\system32\ir86l5ls1.dll Infected! C:\WINDOWS\system32\j4p0le7m1h.dll Infected! C:\WINDOWS\system32\jt6u07j9e.dll Infected! C:\WINDOWS\system32\ktl6l73s1.dll Infected! C:\WINDOWS\system32\ktr4l79q1.dll Infected! C:\WINDOWS\system32\lvj8091ue.dll Infected! C:\WINDOWS\system32\lvlo0933e.dll Infected! C:\WINDOWS\system32\lvnq0955e.dll Infected! C:\WINDOWS\system32\m6640gjqe6oe0.dll Infected! C:\WINDOWS\system32\mvn0l95m1.dll Infected! C:\WINDOWS\system32\q0rqla951d.dll Infected! C:\WINDOWS\system32\vka.dll Attempting to delete infected files... Attempting to delete: C:\WINDOWS\system32\enrql1951.dll C:\WINDOWS\system32\enrql1951.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\dXdramp.dll C:\WINDOWS\system32\dXdramp.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\enrql1951.dll C:\WINDOWS\system32\enrql1951.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\f8l02i3mg8.dll C:\WINDOWS\system32\f8l02i3mg8.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\ir86l5ls1.dll C:\WINDOWS\system32\ir86l5ls1.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\j4p0le7m1h.dll C:\WINDOWS\system32\j4p0le7m1h.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\jt6u07j9e.dll C:\WINDOWS\system32\jt6u07j9e.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\ktl6l73s1.dll C:\WINDOWS\system32\ktl6l73s1.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\ktr4l79q1.dll C:\WINDOWS\system32\ktr4l79q1.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\lvj8091ue.dll C:\WINDOWS\system32\lvj8091ue.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\lvlo0933e.dll C:\WINDOWS\system32\lvlo0933e.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\lvnq0955e.dll C:\WINDOWS\system32\lvnq0955e.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\m6640gjqe6oe0.dll C:\WINDOWS\system32\m6640gjqe6oe0.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\mvn0l95m1.dll C:\WINDOWS\system32\mvn0l95m1.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\q0rqla951d.dll C:\WINDOWS\system32\q0rqla951d.dll Deleted successfully! Attempting to delete: C:\WINDOWS\system32\vka.dll C:\WINDOWS\system32\vka.dll Deleted successfully! Making registry repairs. Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\MS-DOS Emulation Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RunOnceEx Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Shell Extensions Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{ACF231D6-A2CD-4288-9ADB-7AD17BFCE2D6}" HKCR\Clsid\{ACF231D6-A2CD-4288-9ADB-7AD17BFCE2D6} Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{69703D49-2369-4305-BF12-BDD91C163B5B}" HKCR\Clsid\{69703D49-2369-4305-BF12-BDD91C163B5B} Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{1523A970-3742-4553-9C12-3B8B0E79EDAD}" HKCR\Clsid\{1523A970-3742-4553-9C12-3B8B0E79EDAD} Restoring Windows certificates. Replaced hosts file with default windows hosts file Logfile of HijackThis v1.99.1 Scan saved at 09:52:36, on 03/07/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\System32\rfkgpwkorrxemz.exe C:\WINDOWS\System32\HIMENSYST.EXE C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\System32\devldr32.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\cmd.exe C:\Documents and Settings\120\Mes documents\soft vgi\Antivirus\nettoyer\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [FiresWallservices] rfkgpwkorrxemz.exe O4 - HKLM\..\Run: [Windows File Migration Wizard] HIMENSYST.EXE O4 - HKLM\..\RunServices: [FiresWallservices] rfkgpwkorrxemz.exe O4 - HKLM\..\RunServices: [Windows File Migration Wizard] HIMENSYST.EXE O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1 O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotion...canner37710.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe Merci d'avance.

alors le rapport dit OK Found nothing pour les deux fichiers. ...

et enfin celui de Hijackthis : Logfile of HijackThis v1.99.1 Scan saved at 19:41:15, on 30/06/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\System32\nvsvc32.exe C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\cmd.exe C:\WINDOWS\system32\ftp.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\System32\devldr32.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\120\Mes documents\soft vgi\Antivirus\nettoyer\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [FiresWallservices] rfkgpwkorrxemz.exe O4 - HKLM\..\RunServices: [FiresWallservices] rfkgpwkorrxemz.exe O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1 O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotion...canner37710.cab O20 - Winlogon Notify: Controls Folder - C:\WINDOWS\system32\itakui.dll O20 - Winlogon Notify: RunOnceEx - C:\WINDOWS\system32\ojeacc.dll (file missing) O20 - Winlogon Notify: Shell Extensions - C:\WINDOWS\system32\l48mlel11hq.dll (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe Merci encore a+

voici le rapport vundofix : VundoFix V4.2.84 Running as SYSTEM from c:\windows\system32\VundoFix.exe Checking Java version... Java version is 1.5.0.6 Scan started at 19:25:07 30/06/2006 Listing files found while scanning.... C:\WINDOWS\system32\ututv.bak1 C:\WINDOWS\system32\ututv.bak2 C:\WINDOWS\system32\ututv.ini C:\WINDOWS\system32\vtutu.dll Attempting to delete C:\WINDOWS\system32\ututv.bak1 C:\WINDOWS\system32\ututv.bak1 Has been deleted! Attempting to delete C:\WINDOWS\system32\ututv.bak2 C:\WINDOWS\system32\ututv.bak2 Has been deleted! Attempting to delete C:\WINDOWS\system32\ututv.ini C:\WINDOWS\system32\ututv.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\vtutu.dll C:\WINDOWS\system32\vtutu.dll Has been deleted! Performing Repairs to the registry. Done!

Désolé pour le doublon. C'est une erreur mon écran a beugué, j'ai appuyé 2 fois sur valider, j'ai essayé de le supprimé mais j'ai pas réussi.

Bonjour, Je n'arrive pas à me débarasser des parasites qui envahissent mon ordi. Il bug souvent et j'ai des problèmes avec ma connexion internet sans parler des fenêtres qui s'affichent d'antivirus et autres. Si quelqu'un pouvait m'aider en analysant mon rapport hijakthis que voici : Logfile of HijackThis v1.99.1 Scan saved at 10:33:18, on 29/06/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\nvsvc32.exe C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\nwnmc_2.exe C:\dfndrc_2.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\System32\devldr32.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\cmd.exe C:\WINDOWS\System32\rfkgpwkorrxemz.exe C:\Documents and Settings\120\Mes documents\soft vgi\Antivirus\nettoyer\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com O2 - BHO: (no name) - {BB24595F-B38C-49FF-90C3-085449F45884} - C:\WINDOWS\System32\vtutu.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [newname] C:\\nwnmc_2.exe O4 - HKLM\..\Run: [defender] C:\\dfndrc_2.exe O4 - HKLM\..\Run: [systemService] yarhjah.exe O4 - HKLM\..\Run: [FiresWallservices] rfkgpwkorrxemz.exe O4 - HKLM\..\RunServices: [systemService] yarhjah.exe O4 - HKLM\..\RunServices: [FiresWallservices] rfkgpwkorrxemz.exe O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1 O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotion...canner37710.cab O20 - Winlogon Notify: Applets - C:\WINDOWS\system32\fp8o03l3e.dll O20 - Winlogon Notify: RunOnceEx - C:\WINDOWS\system32\ojeacc.dll (file missing) O20 - Winlogon Notify: vtutu - C:\WINDOWS\System32\vtutu.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe Merci d'avance. gus120

Bonjour, Je n'arrive pas à me débarasser des parasites qui envahissent mon ordi. Il bug souvent et j'ai des problèmes avec ma connexion internet sans parler des fenêtres qui s'affichent d'antivirus et autres. Si quelqu'un pouvait m'aider en analysant mon rapport hijakthis que voici : Logfile of HijackThis v1.99.1 Scan saved at 10:33:18, on 29/06/2006 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\nvsvc32.exe C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\nwnmc_2.exe C:\dfndrc_2.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\WINDOWS\System32\devldr32.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\cmd.exe C:\WINDOWS\System32\rfkgpwkorrxemz.exe C:\Documents and Settings\120\Mes documents\soft vgi\Antivirus\nettoyer\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com O2 - BHO: (no name) - {BB24595F-B38C-49FF-90C3-085449F45884} - C:\WINDOWS\System32\vtutu.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [newname] C:\\nwnmc_2.exe O4 - HKLM\..\Run: [defender] C:\\dfndrc_2.exe O4 - HKLM\..\Run: [systemService] yarhjah.exe O4 - HKLM\..\Run: [FiresWallservices] rfkgpwkorrxemz.exe O4 - HKLM\..\RunServices: [systemService] yarhjah.exe O4 - HKLM\..\RunServices: [FiresWallservices] rfkgpwkorrxemz.exe O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1 O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotion...canner37710.cab O20 - Winlogon Notify: Applets - C:\WINDOWS\system32\fp8o03l3e.dll O20 - Winlogon Notify: RunOnceEx - C:\WINDOWS\system32\ojeacc.dll (file missing) O20 - Winlogon Notify: vtutu - C:\WINDOWS\System32\vtutu.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe Merci d'avance. gus120