wil

pas de nouveau pour moi?

voici le rapport de vunofix VundoFix V6.1.5 Checking Java version... Scan started at 21:27:43 20/09/2006 Listing files found while scanning.... F:\WINDOWS\system32\awvtq.dll F:\WINDOWS\system32\qtvwa.ini F:\WINDOWS\system32\qtvwa.bak1 F:\WINDOWS\system32\qtvwa.bak2 F:\WINDOWS\system32\qtvwa.ini2 F:\WINDOWS\system32\qtvwa.tmp F:\WINDOWS\system32\rqrpmlm.dll F:\WINDOWS\system32\winghy32.dll F:\Program Files\Fichiers communs\{6884983B-081F-1036-1114-030311130021}\services.dll Beginning removal... Attempting to delete F:\WINDOWS\system32\awvtq.dll F:\WINDOWS\system32\awvtq.dll Could not be deleted. Attempting to delete F:\WINDOWS\system32\qtvwa.ini F:\WINDOWS\system32\qtvwa.ini Has been deleted! Attempting to delete F:\WINDOWS\system32\qtvwa.bak1 F:\WINDOWS\system32\qtvwa.bak1 Has been deleted! Attempting to delete F:\WINDOWS\system32\qtvwa.bak2 F:\WINDOWS\system32\qtvwa.bak2 Has been deleted! Attempting to delete F:\WINDOWS\system32\qtvwa.ini2 F:\WINDOWS\system32\qtvwa.ini2 Has been deleted! Attempting to delete F:\WINDOWS\system32\qtvwa.tmp F:\WINDOWS\system32\qtvwa.tmp Has been deleted! Attempting to delete F:\WINDOWS\system32\rqrpmlm.dll F:\WINDOWS\system32\rqrpmlm.dll Has been deleted! Attempting to delete F:\WINDOWS\system32\winghy32.dll F:\WINDOWS\system32\winghy32.dll Has been deleted! Attempting to delete F:\Program Files\Fichiers communs\{6884983B-081F-1036-1114-030311130021}\services.dll F:\Program Files\Fichiers communs\{6884983B-081F-1036-1114-030311130021}\services.dll Has been deleted! Performing Repairs to the registry. Done! VundoFix V6.1.5 Checking Java version... Scan started at 21:41:15 20/09/2006 Listing files found while scanning.... F:\WINDOWS\system32\awvtq.dll Beginning removal... Attempting to delete F:\WINDOWS\system32\awvtq.dll F:\WINDOWS\system32\awvtq.dll Has been deleted! Performing Repairs to the registry. Done! et le nouveau de HijackThis Logfile of HijackThis v1.99.1 Scan saved at 21:56:12, on 20/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: F:\WINDOWS\System32\smss.exe F:\WINDOWS\SYSTEM32\winlogon.exe F:\WINDOWS\system32\services.exe F:\WINDOWS\system32\lsass.exe F:\WINDOWS\System32\Ati2evxx.exe F:\WINDOWS\system32\svchost.exe F:\WINDOWS\System32\svchost.exe F:\WINDOWS\system32\spoolsv.exe F:\Program Files\ewido anti-spyware 4.0\guard.exe F:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exe F:\WINDOWS\System32\svchost.exe F:\WINDOWS\SYSTEM32\Ati2evxx.exe F:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe F:\WINDOWS\Explorer.EXE F:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe F:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe F:\Program Files\Trend Micro\Internet Security 14\pccguide.exe F:\Program Files\NETGEAR\WG311TSU\Utility\Gear311T.exe F:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe F:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe F:\WINDOWS\system32\sstray.exe F:\Program Files\SlySoft\CloneCD\CloneCDTray.exe F:\Program Files\Messenger\msmsgs.exe F:\PROGRA~1\ICROSO~1.NET\wowexec.exe F:\WINDOWS\system32\ctfmon.exe F:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe F:\Program Files\Internet Explorer\iexplore.exe F:\Documents and Settings\wil\Bureau\scanner.exe.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - (no file) O2 - BHO: (no name) - {a43385f0-7113-496d-96d7-b9b550e3fcca} - (no file) O2 - BHO: (no name) - {B7672BAF-E9A3-49B6-86B2-C81719A18A4C} - F:\WINDOWS\system32\qyqpqogu.dll O2 - BHO: (no name) - {E3DB76F8-9BBD-44E8-9265-B73930A54994} - F:\WINDOWS\system32\awvtq.dll (file missing) O4 - HKLM\..\Run: [pccguide.exe] "F:\Program Files\Trend Micro\Internet Security 14\pccguide.exe" O4 - HKLM\..\Run: [AS00_Gear311T] "F:\Program Files\NETGEAR\WG311TSU\Utility\Gear311T.exe" -hide O4 - HKLM\..\Run: [ATIPTA] "F:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [spySweeper] "F:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray O4 - HKLM\..\Run: [Windows AdControl] F:\Program Files\Windows AdControl\WinAdCtl.exe O4 - HKLM\..\Run: [webrebates] "F:\Program Files\WebRebates4\webrebates.exe" O4 - HKLM\..\Run: [Vaderetro Outlook] "F:\PROGRA~1\GOTOSO~1\VADERE~1\VrMoRegister.exe -s" O4 - HKLM\..\Run: [Vade Retro Outlook Express] "F:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" O4 - HKLM\..\Run: [ultimate Defender] F:\Program Files\Ultimate Defender\App.exe O4 - HKLM\..\Run: [RunDLL] "rundll32.exe" "F:\WINDOWS\System32\bridge.dll",Load O4 - HKLM\..\Run: [PinnacleDriverCheck] F:\WINDOWS\System32\PSDrvCheck.exe O4 - HKLM\..\Run: [nForce Tray Options] "sstray.exe" /r O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [KAVPersonal50] F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize O4 - HKLM\..\Run: [e6546c78.exe] F:\WINDOWS\system32\e6546c78.exe O4 - HKLM\..\Run: [Demon] F:\PROGRA~1\MESSAG~1\Demon.exe O4 - HKLM\..\Run: [CloneCDTray] "F:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKCU\..\Run: [MSMSGS] "F:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Rsbo] "F:\PROGRA~1\ICROSO~1.NET\wowexec.exe" -vt yazb O4 - HKCU\..\Run: [MyTotalSearch Email Plugin] F:\PROGRA~1\MYTOTA~1\bar\1.bin\mtsoemon.exe O4 - HKCU\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\ctfmon.exe O4 - Startup: .protected O4 - Global Startup: .protected O4 - Global Startup: MyTotalSearch Email Plugin.lnk = F:\Program Files\MyTotalSearch\bar\1.bin\MTSOEMON.EXE O14 - IERESET.INF: START_PAGE_URL=http://freebox.free.fr/ O17 - HKLM\System\CCS\Services\Tcpip\..\{93C37B5E-AF51-4DA5-9C5E-932E690D669A}: NameServer = 212.94.174.85,212.94.174.86 O20 - Winlogon Notify: WRNotifier - F:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: Ati HotKey Poller - Unknown owner - F:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - F:\WINDOWS\system32\ati2sgag.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - F:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - F:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exe O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - F:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - F:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

voici le log Logfile of HijackThis v1.99.1 Scan saved at 21:20:38, on 20/09/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: F:\WINDOWS\System32\smss.exe F:\WINDOWS\SYSTEM32\winlogon.exe F:\WINDOWS\system32\services.exe F:\WINDOWS\system32\lsass.exe F:\WINDOWS\System32\Ati2evxx.exe F:\WINDOWS\system32\svchost.exe F:\WINDOWS\System32\svchost.exe F:\WINDOWS\system32\spoolsv.exe F:\WINDOWS\SYSTEM32\Ati2evxx.exe F:\WINDOWS\Explorer.EXE F:\Program Files\ewido anti-spyware 4.0\guard.exe F:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exe F:\WINDOWS\System32\svchost.exe F:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe F:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe F:\Program Files\Trend Micro\Internet Security 14\pccguide.exe F:\Program Files\NETGEAR\WG311TSU\Utility\Gear311T.exe F:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe F:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe F:\Program Files\Internet Explorer\iexplore.exe F:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe F:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe F:\WINDOWS\system32\sstray.exe F:\Program Files\SlySoft\CloneCD\CloneCDTray.exe F:\Program Files\Messenger\msmsgs.exe F:\PROGRA~1\ICROSO~1.NET\wowexec.exe F:\WINDOWS\system32\ctfmon.exe F:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe F:\Program Files\Webroot\Spy Sweeper\SSU.EXE F:\Program Files\Outlook Express\msimn.exe F:\Documents and Settings\wil\Bureau\scanner.exe.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C60FAF2} - (no file) O2 - BHO: (no name) - {a43385f0-7113-496d-96d7-b9b550e3fcca} - (no file) O2 - BHO: (no name) - {B7672BAF-E9A3-49B6-86B2-C81719A18A4C} - F:\WINDOWS\system32\qyqpqogu.dll O2 - BHO: (no name) - {E3DB76F8-9BBD-44E8-9265-B73930A54994} - F:\WINDOWS\system32\awvtq.dll O4 - HKLM\..\Run: [pccguide.exe] "F:\Program Files\Trend Micro\Internet Security 14\pccguide.exe" O4 - HKLM\..\Run: [AS00_Gear311T] "F:\Program Files\NETGEAR\WG311TSU\Utility\Gear311T.exe" -hide O4 - HKLM\..\Run: [ATIPTA] "F:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [spySweeper] "F:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe" /startintray O4 - HKLM\..\Run: [Windows AdControl] F:\Program Files\Windows AdControl\WinAdCtl.exe O4 - HKLM\..\Run: [webrebates] "F:\Program Files\WebRebates4\webrebates.exe" O4 - HKLM\..\Run: [Vaderetro Outlook] "F:\PROGRA~1\GOTOSO~1\VADERE~1\VrMoRegister.exe -s" O4 - HKLM\..\Run: [Vade Retro Outlook Express] "F:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" O4 - HKLM\..\Run: [ultimate Defender] F:\Program Files\Ultimate Defender\App.exe O4 - HKLM\..\Run: [RunDLL] "rundll32.exe" "F:\WINDOWS\System32\bridge.dll",Load O4 - HKLM\..\Run: [PinnacleDriverCheck] F:\WINDOWS\System32\PSDrvCheck.exe O4 - HKLM\..\Run: [nForce Tray Options] "sstray.exe" /r O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [KAVPersonal50] F:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe /minimize O4 - HKLM\..\Run: [e6546c78.exe] F:\WINDOWS\system32\e6546c78.exe O4 - HKLM\..\Run: [Demon] F:\PROGRA~1\MESSAG~1\Demon.exe O4 - HKLM\..\Run: [CloneCDTray] "F:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s O4 - HKCU\..\Run: [MSMSGS] "F:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Rsbo] "F:\PROGRA~1\ICROSO~1.NET\wowexec.exe" -vt yazb O4 - HKCU\..\Run: [MyTotalSearch Email Plugin] F:\PROGRA~1\MYTOTA~1\bar\1.bin\mtsoemon.exe O4 - HKCU\..\Run: [CTFMON.EXE] F:\WINDOWS\system32\ctfmon.exe O4 - Startup: .protected O4 - Global Startup: .protected O4 - Global Startup: MyTotalSearch Email Plugin.lnk = F:\Program Files\MyTotalSearch\bar\1.bin\MTSOEMON.EXE O14 - IERESET.INF: START_PAGE_URL=http://freebox.free.fr/ O17 - HKLM\System\CCS\Services\Tcpip\..\{93C37B5E-AF51-4DA5-9C5E-932E690D669A}: NameServer = 212.94.174.85,212.94.174.86 O20 - Winlogon Notify: awvtq - F:\WINDOWS\system32\awvtq.dll O20 - Winlogon Notify: winghy32 - F:\WINDOWS\SYSTEM32\winghy32.dll O20 - Winlogon Notify: WRNotifier - F:\WINDOWS\SYSTEM32\WRLogonNTF.dll O23 - Service: Ati HotKey Poller - Unknown owner - F:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - F:\WINDOWS\system32\ati2sgag.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - F:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - F:\PROGRA~1\TRENDM~1\INTERN~2\PcCtlCom.exe O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - F:\PROGRA~1\TRENDM~1\INTERN~2\Tmntsrv.exe O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~2\TmPfw.exe O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~2\tmproxy.exe O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - F:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

bonjour à tous. Je me tourne vers vous sur les conseils d'un ami car je suis à bout d'idées... voila mon probleme: j'ai chopé une saleté sur mon ordinateur et je n'arrive pas à passer en mode sans echec pour pouvoir lancer hjt. J'ai essayé la touche f8 au démarrage et j'obtiens un écran noir avec sans echec ds les coins et rien d'autre pas d'icons et je n'ai la main sur rien. J'ai essayé avec msconfig mais la je n'ai pas l'onglet boot.ini .... lorsque je passe les différent logiciels d'eradication sur mon ordi en mode normal tous se passe bien j'arrive à enlever les malwares mais biensur ils reviennent peu de temps apres. J'ai pccillin 14 et j'ai souvent comme message ds une petite fenetre "il programma sara' terminato" et j'ai en plus des pages internet qui s'ouvrent toutes seul... Merci pour votre aide.