Dokiato

Ok la je vais reboot

Réessaie stp :le rapport se trouvera ici > C:\ et il se nomme "resultat.txt" DiagHelp version v1.07.4 - http://www.malekal.com excute le 2007-05-11 à 21:06:44,53 Liste des fichiers modifies/crees dans les 24 dernieres heures... C:\pagefile.sys C:\WINDOWS\system32\wsock32.sys C:\WINDOWS\system32\wpa.dbl C:\WINDOWS\system32\settings.sfm C:\WINDOWS\system32\nvapps.xml C:\WINDOWS\system32\DVCState-{00000000-00000000-0000000F-00001102-00000004-005A1102}.dat C:\WINDOWS\system32\DVCStateBkp-{00000000-00000000-0000000F-00001102-00000004-005A1102}.dat C:\WINDOWS\system32\settingsbkup.sfm C:\WINDOWS\system32\BMXState-{00000000-00000000-0000000F-00001102-00000004-005A1102}.rfx C:\WINDOWS\system32\BMXStateBkp-{00000000-00000000-0000000F-00001102-00000004-005A1102}.rfx C:\WINDOWS\system32\BMXCtrlState-{00000000-00000000-0000000F-00001102-00000004-005A1102}.rfx C:\WINDOWS\system32\BMXBkpCtrlState-{00000000-00000000-0000000F-00001102-00000004-005A1102}.rfx C:\WINDOWS\Web\avjadrha.ini2 C:\WINDOWS\Web\avjadrha.bak2 C:\WINDOWS\Temp\Cookies\index.dat C:\WINDOWS\Temp\WGANotify.settings C:\WINDOWS\Temp\WGAErrLog.txt C:\WINDOWS\Debug\UserMode\userenv.log C:\WINDOWS\Debug\PASSWD.LOG C:\WINDOWS\Tasks\SA.DAT C:\WINDOWS\Tasks\AF62DA2791F94F9F.job C:\WINDOWS\Tasks\AppleSoftwareUpdate.job C:\WINDOWS\bootstat.dat C:\WINDOWS\SchedLgU.Txt C:\WINDOWS\CSC�000001 C:\WINDOWS\CSC�000002 C:\WINDOWS.log C:\WINDOWS\WindowsUpdate.log C:\WINDOWS\{00000000-00000000-0000000F-00001102-00000004-005A1102}.CDF C:\WINDOWS\{00000000-00000000-0000000F-00001102-00000004-005A1102}.BAK C:\WINDOWS\NeroDigital.ini C:\Documents and Settings\All Users\Start Menu\Programs\Apple Software Update.lnk C:\Documents and Settings\All Users\Start Menu\Programs\Hijackthis Version Française C:\Documents and Settings\All Users\Start Menu\Programs\Hijackthis Version Française\Hijackthis Version Française.lnk C:\Documents and Settings\All Users\Start Menu\Programs\Hijackthis Version Française\Page d'accueil de Hijackthis Version Française.lnk C:\Documents and Settings\NetworkService\NTUSER.DAT C:\Documents and Settings\NetworkService\Local Settings\desktop.ini C:\Documents and Settings\NetworkService\Cookies\index.dat C:\Documents and Settings\NetworkService\ntuser.dat.LOG C:\Documents and Settings\LocalService\NTUSER.DAT C:\Documents and Settings\LocalService\Local Settings\desktop.ini C:\Documents and Settings\LocalService\Cookies\index.dat C:\Documents and Settings\LocalService\ntuser.dat.LOG C:\Documents and Settings\Scan\NTUSER.DAT C:\Documents and Settings\Scan\NTUSER.DAT.LOG C:\Documents and Settings\Scan\Local Settings\Temp\miunst_.exe C:\Documents and Settings\Scan\Local Settings\Temp\fla2.tmp C:\Documents and Settings\Scan\Local Settings\Temp\~DF30AA.tmp C:\Documents and Settings\Scan\Local Settings\Temp\rpt-1.htm C:\Documents and Settings\Scan\Local Settings\desktop.ini C:\Documents and Settings\Scan\My Documents\NeroVision\Projet sans-titre.0003.nvc C:\Documents and Settings\Scan\Desktop\Hijackthis Version Française.lnk C:\Documents and Settings\Scan\Cookies\index.dat C:\Documents and Settings\Scan\ntuser.ini C:\Documents and Settings\Scan\Contacts\SonicRebel@hotmail.com\7BDABC66-4961-41F4-99DB-905FD307043F.WindowsLiveContact C:\Documents and Settings\Scan\Contacts\SonicRebel@hotmail.com\7148364C-DD60-4507-B809-570895A962CC.WindowsLiveContact C:\Documents and Settings\Scan\Contacts\SonicRebel@hotmail.com\32A7DF9C-6985-4928-8E3A-7898E8AAFCFE.WindowsLiveContact C:\Documents and Settings\Scan\Contacts\SonicRebel@hotmail.com\F1F9D166-0AF8-4DD9-AAC7-E5185C6D8E28.WindowsLiveContact C:\Documents and Settings\Scan\Contacts\SonicRebel@hotmail.com\F7B6B2E0-1CF7-436E-9A02-A46D745A7ED5.WindowsLiveContact C:\Documents and Settings\Scan\Contacts\SonicRebel@hotmail.com\DA0E2344-8097-4853-A919-F3C70F1258EE.WindowsLiveContact C:\Documents and Settings\Scan\Contacts\SonicRebel@hotmail.com\FDB0C05D-FB02-4E57-9F9C-3F56D820F8F0.WindowsLiveContact C:\Documents and Settings\Scan\Contacts\SonicRebel@hotmail.com\AE130951-859F-4CE9-A879-708632FF6051.WindowsLiveContact C:\Program Files\Lavalys\EVEREST Home Edition\everest.rpf C:\Program Files\Diskeeper\Diskeep.ctl C:\Program Files\Apple Software Update\Packages C:\Program Files\Apple Software Update\SoftwareUpdate.Resources C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\da.lproj C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\de.lproj C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\en.lproj C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\es.lproj C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\fi.lproj C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\fr.lproj C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\it.lproj C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\ja.lproj C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\ko.lproj C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\nb.lproj C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\nl.lproj C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\ru.lproj C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\sv.lproj C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\zh_CN.lproj C:\Program Files\Apple Software Update\SoftwareUpdate.Resources\zh_TW.lproj C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\da.lproj C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\de.lproj C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\en.lproj C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\es.lproj C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\fi.lproj C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\fr.lproj C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\it.lproj C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\ja.lproj C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\ko.lproj C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\nb.lproj C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\nl.lproj C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\ru.lproj C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\sv.lproj C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\zh_CN.lproj C:\Program Files\Apple Software Update\SoftwareUpdateFiles.Resources\zh_TW.lproj C:\Program Files\Apple Software Update\plugins C:\Program Files\MSN Messenger\ErrorResponse.xml C:\Recycled\desktop.ini C:\Recycled\INFO2 C:\vm404.log C:\Config.Msi C:\VundoFix Backups C:\VundoFix Backups\addmorefiles.txt C:\VundoFix Backups\aagrprwg.dll.bad C:\VundoFix Backups\aaheucyw.dll.bad C:\VundoFix Backups\acsoyuim.dll.bad C:\VundoFix Backups\adsjqfjf.ini.bad C:\VundoFix Backups\aijrrhuc.exe.bad C:\VundoFix Backups\auemrukr.ini.bad C:\VundoFix Backups\awlgmhpv.dll.bad C:\VundoFix Backups\awmqdxdi.dll.bad C:\VundoFix Backups\bafljihr.dll.bad C:\VundoFix Backups\bbhvwqqc.exe.bad C:\VundoFix Backups\bhtffxlh.exe.bad C:\VundoFix Backups\biyidwhx.dll.bad C:\VundoFix Backups\bmnhjddd.exe.bad C:\VundoFix Backups\boxfsdvy.ini.bad C:\VundoFix Backups\brehddkr.dll.bad C:\VundoFix Backups\bwpyvkhw.exe.bad C:\VundoFix Backups\cnksefse.dll.bad C:\VundoFix Backups\ctradjbx.dll.bad C:\VundoFix Backups\dbqycoyo.dll.bad C:\VundoFix Backups\despodbo.dll.bad C:\VundoFix Backups\dgweaube.dll.bad C:\VundoFix Backups\ebuaewgd.ini.bad C:\VundoFix Backups\eedgtxux.dll.bad C:\VundoFix Backups\eggamfin.dll.bad C:\VundoFix Backups\eieskwbp.exe.bad C:\VundoFix Backups\emldalkt.ini.bad C:\VundoFix Backups\esirxfjv.ini.bad C:\VundoFix Backups\fbqprvil.exe.bad C:\VundoFix Backups\fiywmipv.dll.bad C:\VundoFix Backups\fjcugnle.dll.bad C:\VundoFix Backups\fjfqjsda.dll.bad C:\VundoFix Backups\fkyqjehr.dll.bad C:\VundoFix Backups\flmscwgt.exe.bad C:\VundoFix Backups\fpfqpfki.dll.bad C:\VundoFix Backups\ftppyfdu.dll.bad C:\VundoFix Backups\futhtwnh.exe.bad C:\VundoFix Backups\fxcsjana.dll.bad C:\VundoFix Backups\fyceuivg.dll.bad C:\VundoFix Backups\fyiegget.dll.bad C:\VundoFix Backups\gmjldhlo.dll.bad C:\VundoFix Backups\gqjffrhn.dll.bad C:\VundoFix Backups\gwrprgaa.ini.bad C:\VundoFix Backups\heperrcp.ini.bad C:\VundoFix Backups\hhqrbsyx.ini.bad C:\VundoFix Backups\hidayiyu.dll.bad C:\VundoFix Backups\hiwfyqyl.ini.bad C:\VundoFix Backups\hkiujrkb.exe.bad C:\VundoFix Backups\hkxixbbl.dll.bad C:\VundoFix Backups\hlyeakpn.dll.bad C:\VundoFix Backups\hqnevngi.dll.bad C:\VundoFix Backups\hvkjydfp.dll.bad C:\VundoFix Backups\hwhmidji.exe.bad C:\VundoFix Backups\idatualb.dll.bad C:\VundoFix Backups\iemjsury.dll.bad C:\VundoFix Backups\ihsyswtl.dll.bad C:\VundoFix Backups\ikfpqfpf.ini.bad C:\VundoFix Backups\iogyliqu.dll.bad C:\VundoFix Backups\itnieftr.ini.bad C:\VundoFix Backups\itxsqobk.dll.bad C:\VundoFix Backups\jdbromtl.dll.bad C:\VundoFix Backups\jjvcbsup.dll.bad C:\VundoFix Backups\jmsatpae.dll.bad C:\VundoFix Backups\jxtvkcfr.exe.bad C:\VundoFix Backups\kboqsxti.ini.bad C:\VundoFix Backups\kdggvbru.ini.bad C:\VundoFix Backups\kedkmajc.dll.bad C:\VundoFix Backups\knfmlurp.dll.bad C:\VundoFix Backups\kvfavwrg.dll.bad C:\VundoFix Backups\lbbxixkh.ini.bad C:\VundoFix Backups\leuphjgk.exe.bad C:\VundoFix Backups\lptabbwh.dll.bad C:\VundoFix Backups\lvyxuirx.ini.bad C:\VundoFix Backups\lyqyfwih.dll.bad C:\VundoFix Backups\najcklyc.dll.bad C:\VundoFix Backups\ndwtrutu.dll.bad C:\VundoFix Backups\nhrffjqg.ini.bad C:\VundoFix Backups\npcykfnq.exe.bad C:\VundoFix Backups\ntpraaxp.exe.bad C:\VundoFix Backups\nweipeg.dll.bad C:\VundoFix Backups\ohbaqphj.dll.bad C:\VundoFix Backups\ookeiihv.dll.bad C:\VundoFix Backups\oqarbnaa.dll.bad C:\VundoFix Backups\oyocyqbd.ini.bad C:\VundoFix Backups\pbcsvntf.exe.bad C:\VundoFix Backups\pcrrepeh.dll.bad C:\VundoFix Backups\piuacanl.dll.bad C:\VundoFix Backups\prulmfnk.ini.bad C:\VundoFix Backups\pubfckpc.dll.bad C:\VundoFix Backups\qgexbfft.ini.bad C:\VundoFix Backups\qgkbchla.dll.bad C:\VundoFix Backups\rhejqykf.ini.bad C:\VundoFix Backups\rhijlfab.ini.bad C:\VundoFix Backups\rimgygab.exe.bad C:\VundoFix Backups\rkodupwt.dll.bad C:\VundoFix Backups\rkurmeua.dll.bad C:\VundoFix Backups\rkydrsea.exe.bad C:\VundoFix Backups\rtfeinti.dll.bad C:\VundoFix Backups\rwoaymiy.dll.bad C:\VundoFix Backups\rxmtsprb.dll.bad C:\VundoFix Backups\sbupggnu.dll.bad C:\VundoFix Backups\scysrofw.dll.bad C:\VundoFix Backups\sxrpcvew.ini.bad C:\VundoFix Backups\sytpbtar.dll.bad C:\VundoFix Backups\teggeiyf.ini.bad C:\VundoFix Backups\tffbxegq.dll.bad C:\VundoFix Backups\tfluqycq.dll.bad C:\VundoFix Backups\tiermnxw.ini.bad C:\VundoFix Backups\tkladlme.dll.bad C:\VundoFix Backups\tqrdcwpu.dll.bad C:\VundoFix Backups\tvicyfgi.dll.bad C:\VundoFix Backups\uecswfvu.dll.bad C:\VundoFix Backups\uhnvbopx.ini.bad C:\VundoFix Backups\unggpubs.ini.bad C:\VundoFix Backups\upitbwix.ini.bad C:\VundoFix Backups\upwcdrqt.ini.bad C:\VundoFix Backups\uqilygoi.ini.bad C:\VundoFix Backups\uqqjtweg.dll.bad C:\VundoFix Backups\urbvggdk.dll.bad C:\VundoFix Backups\uyiyadih.ini.bad C:\VundoFix Backups\vhiiekoo.ini.bad C:\VundoFix Backups\vimkrodt.dll.bad C:\VundoFix Backups\vipcvpxk.dll.bad C:\VundoFix Backups\vjfxrise.dll.bad C:\VundoFix Backups\vpimwyif.ini.bad C:\VundoFix Backups\vssarute.dll.bad C:\VundoFix Backups\wevcprxs.dll.bad C:\VundoFix Backups\wforsycs.ini.bad C:\VundoFix Backups\whastyes.exe.bad C:\VundoFix Backups\whnojvpo.exe.bad C:\VundoFix Backups\wiwcgiow.exe.bad C:\VundoFix Backups\wmqafytx.dll.bad C:\VundoFix Backups\wvwlgiqx.dll.bad C:\VundoFix Backups\wxnmreit.dll.bad C:\VundoFix Backups\wyyokiyb.dll.bad C:\VundoFix Backups\xghuwoeq.dll.bad C:\VundoFix Backups\xhimjrts.exe.bad C:\VundoFix Backups\xhwdiyib.ini.bad C:\VundoFix Backups\xiwbtipu.dll.bad C:\VundoFix Backups\xpobvnhu.dll.bad C:\VundoFix Backups\xqffuuvy.ini.bad C:\VundoFix Backups\xqiglwvw.ini.bad C:\VundoFix Backups\xriuxyvl.dll.bad C:\VundoFix Backups\xsmpdcqy.dll.bad C:\VundoFix Backups\xtxbdoxk.dll.bad C:\VundoFix Backups\xtyfaqmw.ini.bad C:\VundoFix Backups\xuxtgdee.ini.bad C:\VundoFix Backups\xysbrqhh.dll.bad C:\VundoFix Backups\yccnpauv.dll.bad C:\VundoFix Backups\ycsahxoi.dll.bad C:\VundoFix Backups\yfcbdkjo.dll.bad C:\VundoFix Backups\yimyaowr.ini.bad C:\VundoFix Backups\yjwhafgy.dll.bad C:\VundoFix Backups\ykyjaanp.dll.bad C:\VundoFix Backups\ylkjvxav.exe.bad C:\VundoFix Backups\yrusjmei.ini.bad C:\VundoFix Backups\yvdsfxob.dll.bad C:\VundoFix Backups\yvuuffqx.dll.bad C:\VundoFix Backups\yxaskoyr.dll.bad C:\VundoFix Backups\ahrdajva.dll.bad C:\VundoFix.txt Liste des derniers fichies modifies/crees dans windir\system32 C:\WINDOWS\System32/drivers\secdrv.sys -->2006-12-19 16:55:28 C:\WINDOWS\System32/drivers\scdemu.sys -->2006-11-06 04:28:12 C:\WINDOWS\System32/drivers\sptd.sys -->2006-10-31 17:56:10 C:\WINDOWS\System32/drivers\sptddrv1.sys -->2006-10-31 17:56:10 C:\WINDOWS\System32/drivers\nwrdr.sys -->2006-10-13 05:23:16 C:\WINDOWS\System32/drivers\MmedFilter.sys -->2006-09-06 08:30:38 C:\WINDOWS\System32/drivers\PxHelp20.sys -->2006-08-24 23:47:00 C:\WINDOWS\System32\wpa.dbl -->2007-05-11 20:54:48 C:\WINDOWS\System32\nvapps.xml -->2007-05-11 20:54:44 C:\WINDOWS\System32\wsock32.sys -->2007-05-11 20:54:42 C:\WINDOWS\System32\BMXBkpCtrlState-{00000000-00000000-0000000F-00001102-00000004-005A1102}.rfx -->2007-05-11 20:53:22 C:\WINDOWS\System32\BMXCtrlState-{00000000-00000000-0000000F-00001102-00000004-005A1102}.rfx -->2007-05-11 20:53:22 C:\WINDOWS\System32\BMXStateBkp-{00000000-00000000-0000000F-00001102-00000004-005A1102}.rfx -->2007-05-11 20:53:22 C:\WINDOWS\System32\BMXState-{00000000-00000000-0000000F-00001102-00000004-005A1102}.rfx -->2007-05-11 20:53:22 C:\WINDOWS\System32\settingsbkup.sfm -->2007-05-11 20:53:22 C:\WINDOWS\System32\DVCStateBkp-{00000000-00000000-0000000F-00001102-00000004-005A1102}.dat -->2007-05-11 20:53:22 C:\WINDOWS\System32\DVCState-{00000000-00000000-0000000F-00001102-00000004-005A1102}.dat -->2007-05-11 20:53:22 C:\WINDOWS\System32\settings.sfm -->2007-05-11 20:53:22 C:\WINDOWS\System32\docqqpoq.ini -->2007-05-10 20:35:24 C:\WINDOWS\System32\feiumdcv.ini -->2007-05-10 11:48:14 C:\WINDOWS\System32\xgcmndql.ini -->2007-05-09 06:42:38 C:\WINDOWS\System32\jupdate-1.6.0_01-b06.log -->2007-05-08 19:01:04 C:\WINDOWS\System32\mcrh.tmp -->2007-05-04 16:36:48 C:\WINDOWS\System32\spgnufsi.ini -->2007-05-04 16:14:08 C:\WINDOWS\System32\yieblrdg.ini -->2007-05-01 16:12:52 C:\WINDOWS\System32\kyvxraop.ini -->2007-04-29 18:44:12 C:\WINDOWS\System32\qifexufw.ini -->2007-04-29 18:42:38 C:\WINDOWS\System32\ilvulngr.ini -->2007-04-18 17:16:08 C:\WINDOWS\System32\ntflotau.ini2 -->2007-04-15 10:19:40 C:\WINDOWS\System32\5ZI4VzBqtz.ini -->2007-04-14 16:08:22 C:\WINDOWS\System32\camacttiv.exe -->2007-04-14 16:08:22 C:\WINDOWS\System32\sokiuecw.ini -->2007-04-12 22:54:08 C:\WINDOWS\{00000000-00000000-0000000F-00001102-00000004-005A1102}.BAK -->2007-05-11 20:55:00 C:\WINDOWS\{00000000-00000000-0000000F-00001102-00000004-005A1102}.CDF -->2007-05-11 20:55:00 C:\WINDOWS.log -->2007-05-11 20:54:38 C:\WINDOWS\bootstat.dat -->2007-05-11 20:54:14 C:\WINDOWS\WindowsUpdate.log -->2007-05-11 20:53:02 C:\WINDOWS\SchedLgU.Txt -->2007-05-11 20:53:02 C:\WINDOWS\NeroDigital.ini -->2007-05-11 10:37:42 C:\WINDOWS\ModemLog_Intel® 537 Modem.txt -->2007-05-09 21:00:02 C:\WINDOWS\LEXSTAT.INI -->2007-05-09 08:24:56 C:\WINDOWS\mozver.dat -->2007-05-08 19:02:28 C:\WINDOWS\QTFont.qfn -->2007-05-08 17:57:00 C:\WINDOWS\wmsetup.log -->2007-05-05 06:36:26 C:\WINDOWS\wiadebug.log -->2007-04-30 13:29:38 C:\WINDOWS\wiaservc.log -->2007-04-30 13:29:36 C:\WINDOWS\DPINST.LOG -->2007-04-28 17:49:02 Volume in drive C has no label. Volume Serial Number is 409E-34A0 Directory of C:\WINDOWS\system32 2004-08-04 00:56 6 144 csrss.exe 1 File(s) 6 144 bytes 0 Dir(s) 6 390 972 416 bytes free Contenu de Downloaded Program Files Volume in drive C has no label. Volume Serial Number is 409E-34A0 Directory of C:\WINDOWS\Downloaded Program Files 2004-07-06 01:32 <DIR> . 2004-07-06 01:32 <DIR> .. 2004-07-06 01:32 65 desktop.ini 2004-04-19 11:36 735 default.inf 2002-06-19 14:11 117 088 PURen-us.dll 2004-10-08 16:01 372 736 MsnPUpld.dll 2004-10-08 16:13 587 MSNPupld.inf 2002-05-31 09:20 117 328 PURfr-ca.dll 2000-01-20 15:25 1 162 Microsoft XML Parser for Java.osd 2005-08-27 13:30 5 065 swflash.inf 2004-10-15 07:59 110 592 PURfr-xx.dll 2006-04-20 15:22 69 632 USYP_0001_N76M2004NetInstaller.exe 2006-05-10 11:09 173 189 USYP_0001_N76M1005NetInstaller.exe 2006-02-07 17:16 75 776 UERSV_0001_N68M0602NetInstaller.exe 2006-05-25 06:05 <DIR> CONFLICT.1 12 File(s) 1 043 955 bytes Directory of C:\WINDOWS\Downloaded Program Files\CONFLICT.1 2006-05-25 06:05 <DIR> . 2006-05-25 06:05 <DIR> .. 0 File(s) 0 bytes Total Files Listed: 12 File(s) 1 043 955 bytes 5 Dir(s) 6 390 448 128 bytes free Recherche de rootkit! (Merci S!Ri) pe386 présent! Recherche d'infections connues Possible infection chinoise : MMAssist/Boran, l'utilisation de combofix ou boran-remover En passant merci t vremant une beast

!!!! ATTENTION !!! Le programme va maintenant lancer scan catchme. une fois le scan termine (avec le nombre de files/processes/services hidden dete ctes).. Appuyez sur la touche ENTREE du clavier pour continuer l'analyse avec DiagHelp ! !!!! ATTENTION !!! catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gme r.net Rootkit scan 2007-05-11 21:08:51 Windows 5.1.2600 Service Pack 2 FAT scanning hidden processes ... scanning hidden services ... HKLM\SYSTEM\CurrentControlSet\Services\PerfNetk HKLM\SYSTEM\CurrentControlSet\Services\PerfOSt HKLM\SYSTEM\CurrentControlSet\Services\pfcfProc HKLM\SYSTEM\CurrentControlSet\Services\poofcyAgent HKLM\SYSTEM\CurrentControlSet\Services\Processorort HKLM\SYSTEM\CurrentControlSet\Services\PSchedtedStorage HKLM\SYSTEM\CurrentControlSet\Services\ql108020 HKLM\SYSTEM\CurrentControlSet\Services\ql12400 HKLM\SYSTEM\CurrentControlSet\Services\RasManp HKLM\SYSTEM\CurrentControlSet\Services\Rasptioe HKLM\SYSTEM\CurrentControlSet\Services\Rdbssi HKLM\SYSTEM\CurrentControlSet\Services\RDPDDD HKLM\SYSTEM\CurrentControlSet\Services\redbookgr HKLM\SYSTEM\CurrentControlSet\Services\RpcLocatorstry HKLM\SYSTEM\CurrentControlSet\Services\RpcSscator HKLM\SYSTEM\CurrentControlSet\Services\RSVPs HKLM\SYSTEM\CurrentControlSet\Services\SCardSvrBranding Service 1 HKLM\SYSTEM\CurrentControlSet\Services\SCDEmuvr HKLM\SYSTEM\CurrentControlSet\Services\sdcplhrt HKLM\SYSTEM\CurrentControlSet\Services\SENSogon HKLM\SYSTEM\CurrentControlSet\Services\Serialm HKLM\SYSTEM\CurrentControlSet\Services\SimbadWDetection HKLM\SYSTEM\CurrentControlSet\Services\sisagp2 HKLM\SYSTEM\CurrentControlSet\Services\Spoolerr HKLM\SYSTEM\CurrentControlSet\Services\sptdler HKLM\SYSTEM\CurrentControlSet\Services\srtd HKLM\SYSTEM\CurrentControlSet\Services\Srvervice HKLM\SYSTEM\CurrentControlSet\Services\stisvcV HKLM\SYSTEM\CurrentControlSet\Services\SwPrvi HKLM\SYSTEM\CurrentControlSet\Services\swwdv HKLM\SYSTEM\CurrentControlSet\Services\sym_hix HKLM\SYSTEM\CurrentControlSet\Services\TapiSrvog HKLM\SYSTEM\CurrentControlSet\Services\Tcpiprv HKLM\SYSTEM\CurrentControlSet\Services\TDTCPE HKLM\SYSTEM\CurrentControlSet\Services\Themesrvice HKLM\SYSTEM\CurrentControlSet\Services\TosIder HKLM\SYSTEM\CurrentControlSet\Services\TSDDDs HKLM\SYSTEM\CurrentControlSet\Services\UdfsD HKLM\SYSTEM\CurrentControlSet\Services\UPSphost HKLM\SYSTEM\CurrentControlSet\Services\USBSTORt HKLM\SYSTEM\CurrentControlSet\Services\VgaSavev HKLM\SYSTEM\CurrentControlSet\Services\ViaIdee HKLM\SYSTEM\CurrentControlSet\Services\VSSSnap HKLM\SYSTEM\CurrentControlSet\Services\W3SVCme HKLM\SYSTEM\CurrentControlSet\Services\WDICAw HKLM\SYSTEM\CurrentControlSet\Services\winmgmtnt HKLM\SYSTEM\CurrentControlSet\Services\WmdmPmSNP Service HKLM\SYSTEM\CurrentControlSet\Services\WmimPmSN HKLM\SYSTEM\CurrentControlSet\Services\WpdUsbrv HKLM\SYSTEM\CurrentControlSet\Services\wscsvcL HKLM\SYSTEM\CurrentControlSet\Services\WZCSVCrv HKLM\SYSTEM\CurrentControlSet\Services\ad1i93ck4-255F-4F3F-9FE5-2C6DDD5F8333} scanning hidden autostart entries ... HKLM\Software\Microsoft\Windows\CurrentVersion\Run CTStartup = C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run???h????? ?s?????\?w? ?w???????w???w4???????.??w4???????4???TA?s4????????>?????w???w?????? ??\???\???????????U??w???w\???\???????8?`??????C@?\???\??????s????\??????s\????= ??A??s?=???C@?x???`|?w\?????@ Disc Detector = C:\Program Files\Creative\ShareDLL\CtNotify.exe?X????????????? ??????E?@?D?tecteur de disque? ?A???????B?e!@???@???@?? C?????E?@?????????@?B??? A????? ?A???????B???@?????P?????@?@??????????w??????????@???????????????????B??? ???????????????????????P??????r?B scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 52 hidden files: 0

Ok merci maintenant j'ai fait 1

Ca ma pris 3 sec -.- lol Ps-The command prompt has been disabled by your administrator ... j'ai jamais desactiver ca pi command on le reactive -> je sais je suis un boulet :S

D'accord ,je vais chercher une autre source voire parce que la j'arrive même plus a le lancer le telechargement avec le lien ...Et en passant ,il y a un prob qui me cause bcps (je ne peux pas utilisé mon task messenger) /cry Edit <- : Windows fatal eror /Dont send / Dr waurst ->dont send... faut jreeboot sa l'air

je fais le plus rapidement possible mais (89sur511ko à 0,9ko/s) je sais pas mais le host doit envoyer beaucoups d'info a plusieurs perssonne car c'est très lents ... Et en passant d'habitude ca me prend de 3 à 8 min redemarer mon ordi et apres le scan ,ca a pris moins d'une min . Editer <- : bon fais deux fois que je le relance et rendu à 17 % le telechargements aret...

Voila pour vindofix: VundoFix V6.3.21 Checking Java version... Scan started at 20:11:47 2007-05-11 Listing files found while scanning.... C:\WINDOWS\system32\aagrprwg.dll C:\WINDOWS\system32\aaheucyw.dll C:\WINDOWS\system32\acsoyuim.dll C:\WINDOWS\system32\adsjqfjf.ini C:\WINDOWS\system32\aijrrhuc.exe C:\WINDOWS\system32\auemrukr.ini C:\WINDOWS\system32\awlgmhpv.dll C:\WINDOWS\system32\awmqdxdi.dll C:\WINDOWS\system32\bafljihr.dll C:\WINDOWS\system32\bbhvwqqc.exe C:\WINDOWS\system32\bhtffxlh.exe C:\WINDOWS\system32\biyidwhx.dll C:\WINDOWS\system32\bmnhjddd.exe C:\WINDOWS\system32\boxfsdvy.ini C:\WINDOWS\system32\brehddkr.dll C:\WINDOWS\system32\bwpyvkhw.exe C:\WINDOWS\system32\cnksefse.dll C:\WINDOWS\system32\ctradjbx.dll C:\WINDOWS\system32\dbqycoyo.dll C:\WINDOWS\system32\despodbo.dll C:\WINDOWS\system32\dgweaube.dll C:\WINDOWS\system32\ebuaewgd.ini C:\WINDOWS\system32\eedgtxux.dll C:\WINDOWS\system32\eggamfin.dll C:\WINDOWS\system32\eieskwbp.exe C:\WINDOWS\system32\emldalkt.ini C:\WINDOWS\system32\esirxfjv.ini C:\WINDOWS\system32\fbqprvil.exe C:\WINDOWS\system32\fiywmipv.dll C:\WINDOWS\system32\fjcugnle.dll C:\WINDOWS\system32\fjfqjsda.dll C:\WINDOWS\system32\fkyqjehr.dll C:\WINDOWS\system32\flmscwgt.exe C:\WINDOWS\system32\fpfqpfki.dll C:\WINDOWS\system32\ftppyfdu.dll C:\WINDOWS\system32\futhtwnh.exe C:\WINDOWS\system32\fxcsjana.dll C:\WINDOWS\system32\fyceuivg.dll C:\WINDOWS\system32\fyiegget.dll C:\WINDOWS\system32\gmjldhlo.dll C:\WINDOWS\system32\gqjffrhn.dll C:\WINDOWS\system32\gwrprgaa.ini C:\WINDOWS\system32\heperrcp.ini C:\WINDOWS\system32\hhqrbsyx.ini C:\WINDOWS\system32\hidayiyu.dll C:\WINDOWS\system32\hiwfyqyl.ini C:\WINDOWS\system32\hkiujrkb.exe C:\WINDOWS\system32\hkxixbbl.dll C:\WINDOWS\system32\hlyeakpn.dll C:\WINDOWS\system32\hqnevngi.dll C:\WINDOWS\system32\hrlqidau.dll C:\WINDOWS\system32\hvkjydfp.dll C:\WINDOWS\system32\hwhmidji.exe C:\WINDOWS\system32\idatualb.dll C:\WINDOWS\system32\iemjsury.dll C:\WINDOWS\system32\ihsyswtl.dll C:\WINDOWS\system32\ikfpqfpf.ini C:\WINDOWS\system32\iogyliqu.dll C:\WINDOWS\system32\itnieftr.ini C:\WINDOWS\system32\itxsqobk.dll C:\WINDOWS\system32\jdbromtl.dll C:\WINDOWS\system32\jjvcbsup.dll C:\WINDOWS\system32\jmsatpae.dll C:\WINDOWS\system32\jxtvkcfr.exe C:\WINDOWS\system32\kboqsxti.ini C:\WINDOWS\system32\kdggvbru.ini C:\WINDOWS\system32\kedkmajc.dll C:\WINDOWS\system32\knfmlurp.dll C:\WINDOWS\system32\kvfavwrg.dll C:\WINDOWS\system32\lbbxixkh.ini C:\WINDOWS\system32\leuphjgk.exe C:\WINDOWS\system32\lptabbwh.dll C:\WINDOWS\system32\lvyxuirx.ini C:\WINDOWS\system32\lyqyfwih.dll C:\WINDOWS\system32\najcklyc.dll C:\WINDOWS\system32\ndwtrutu.dll C:\WINDOWS\system32\nhrffjqg.ini C:\WINDOWS\system32\nidvsofh.dll C:\WINDOWS\system32\npcykfnq.exe C:\WINDOWS\system32\ntpraaxp.exe C:\WINDOWS\system32\nweipeg.dll C:\WINDOWS\system32\ohbaqphj.dll C:\WINDOWS\system32\ookeiihv.dll C:\WINDOWS\system32\oqarbnaa.dll C:\WINDOWS\system32\oyocyqbd.ini C:\WINDOWS\system32\pbcsvntf.exe C:\WINDOWS\system32\pcrrepeh.dll C:\WINDOWS\system32\piuacanl.dll C:\WINDOWS\system32\prulmfnk.ini C:\WINDOWS\system32\pubfckpc.dll C:\WINDOWS\system32\qgexbfft.ini C:\WINDOWS\system32\qgkbchla.dll C:\WINDOWS\system32\rhejqykf.ini C:\WINDOWS\system32\rhgmjugl.dll C:\WINDOWS\system32\rhijlfab.ini C:\WINDOWS\system32\rimgygab.exe C:\WINDOWS\system32\rkodupwt.dll C:\WINDOWS\system32\rkurmeua.dll C:\WINDOWS\system32\rkydrsea.exe C:\WINDOWS\system32\rtfeinti.dll C:\WINDOWS\system32\rwoaymiy.dll C:\WINDOWS\system32\rxmtsprb.dll C:\WINDOWS\system32\sbupggnu.dll C:\WINDOWS\system32\scysrofw.dll C:\WINDOWS\system32\segowpqt.dll C:\WINDOWS\system32\smpoojsd.dll C:\WINDOWS\system32\sxrpcvew.ini C:\WINDOWS\system32\sytpbtar.dll C:\WINDOWS\system32\teggeiyf.ini C:\WINDOWS\system32\tffbxegq.dll C:\WINDOWS\system32\tfluqycq.dll C:\WINDOWS\system32\tiermnxw.ini C:\WINDOWS\system32\tkladlme.dll C:\WINDOWS\system32\tqrdcwpu.dll C:\WINDOWS\system32\tvicyfgi.dll C:\WINDOWS\system32\uecswfvu.dll C:\WINDOWS\system32\uhnvbopx.ini C:\WINDOWS\system32\unggpubs.ini C:\WINDOWS\system32\upitbwix.ini C:\WINDOWS\system32\upwcdrqt.ini C:\WINDOWS\system32\uqilygoi.ini C:\WINDOWS\system32\uqqjtweg.dll C:\WINDOWS\system32\urbvggdk.dll C:\WINDOWS\system32\uyiyadih.ini C:\WINDOWS\system32\vhiiekoo.ini C:\WINDOWS\system32\vimkrodt.dll C:\WINDOWS\system32\vipcvpxk.dll C:\WINDOWS\system32\vjfxrise.dll C:\WINDOWS\system32\vpimwyif.ini C:\WINDOWS\system32\vssarute.dll C:\WINDOWS\system32\wevcprxs.dll C:\WINDOWS\system32\wforsycs.ini C:\WINDOWS\system32\whastyes.exe C:\WINDOWS\system32\whnojvpo.exe C:\WINDOWS\system32\wiwcgiow.exe C:\WINDOWS\system32\wmqafytx.dll C:\WINDOWS\system32\wvwlgiqx.dll C:\WINDOWS\system32\wxnmreit.dll C:\WINDOWS\system32\wyyokiyb.dll C:\WINDOWS\system32\xghuwoeq.dll C:\WINDOWS\system32\xhimjrts.exe C:\WINDOWS\system32\xhwdiyib.ini C:\WINDOWS\system32\xiwbtipu.dll C:\WINDOWS\system32\xpobvnhu.dll C:\WINDOWS\system32\xqffuuvy.ini C:\WINDOWS\system32\xqiglwvw.ini C:\WINDOWS\system32\xriuxyvl.dll C:\WINDOWS\system32\xsmpdcqy.dll C:\WINDOWS\system32\xtxbdoxk.dll C:\WINDOWS\system32\xtyfaqmw.ini C:\WINDOWS\system32\xuxtgdee.ini C:\WINDOWS\system32\xysbrqhh.dll C:\WINDOWS\system32\yccnpauv.dll C:\WINDOWS\system32\ycsahxoi.dll C:\WINDOWS\system32\yfcbdkjo.dll C:\WINDOWS\system32\yimyaowr.ini C:\WINDOWS\system32\yjwhafgy.dll C:\WINDOWS\system32\ykyjaanp.dll C:\WINDOWS\system32\ylkjvxav.exe C:\WINDOWS\system32\yrusjmei.ini C:\WINDOWS\system32\yvdsfxob.dll C:\WINDOWS\system32\yvuuffqx.dll C:\WINDOWS\system32\yxaskoyr.dll C:\WINDOWS\Web\ahrdajva.dll Beginning removal... Attempting to delete C:\WINDOWS\system32\aagrprwg.dll C:\WINDOWS\system32\aagrprwg.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\aaheucyw.dll C:\WINDOWS\system32\aaheucyw.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\acsoyuim.dll C:\WINDOWS\system32\acsoyuim.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\adsjqfjf.ini C:\WINDOWS\system32\adsjqfjf.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\aijrrhuc.exe C:\WINDOWS\system32\aijrrhuc.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\auemrukr.ini C:\WINDOWS\system32\auemrukr.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\awlgmhpv.dll C:\WINDOWS\system32\awlgmhpv.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\awmqdxdi.dll C:\WINDOWS\system32\awmqdxdi.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\bafljihr.dll C:\WINDOWS\system32\bafljihr.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\bbhvwqqc.exe C:\WINDOWS\system32\bbhvwqqc.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\bhtffxlh.exe C:\WINDOWS\system32\bhtffxlh.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\biyidwhx.dll C:\WINDOWS\system32\biyidwhx.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\bmnhjddd.exe C:\WINDOWS\system32\bmnhjddd.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\boxfsdvy.ini C:\WINDOWS\system32\boxfsdvy.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\brehddkr.dll C:\WINDOWS\system32\brehddkr.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\bwpyvkhw.exe C:\WINDOWS\system32\bwpyvkhw.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\cnksefse.dll C:\WINDOWS\system32\cnksefse.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\ctradjbx.dll C:\WINDOWS\system32\ctradjbx.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\dbqycoyo.dll C:\WINDOWS\system32\dbqycoyo.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\despodbo.dll C:\WINDOWS\system32\despodbo.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\dgweaube.dll C:\WINDOWS\system32\dgweaube.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\ebuaewgd.ini C:\WINDOWS\system32\ebuaewgd.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\eedgtxux.dll C:\WINDOWS\system32\eedgtxux.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\eggamfin.dll C:\WINDOWS\system32\eggamfin.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\eieskwbp.exe C:\WINDOWS\system32\eieskwbp.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\emldalkt.ini C:\WINDOWS\system32\emldalkt.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\esirxfjv.ini C:\WINDOWS\system32\esirxfjv.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\fbqprvil.exe C:\WINDOWS\system32\fbqprvil.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\fiywmipv.dll C:\WINDOWS\system32\fiywmipv.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\fjcugnle.dll C:\WINDOWS\system32\fjcugnle.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\fjfqjsda.dll C:\WINDOWS\system32\fjfqjsda.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\fkyqjehr.dll C:\WINDOWS\system32\fkyqjehr.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\flmscwgt.exe C:\WINDOWS\system32\flmscwgt.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\fpfqpfki.dll C:\WINDOWS\system32\fpfqpfki.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\ftppyfdu.dll C:\WINDOWS\system32\ftppyfdu.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\futhtwnh.exe C:\WINDOWS\system32\futhtwnh.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\fxcsjana.dll C:\WINDOWS\system32\fxcsjana.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\fyceuivg.dll C:\WINDOWS\system32\fyceuivg.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\fyiegget.dll C:\WINDOWS\system32\fyiegget.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\gmjldhlo.dll C:\WINDOWS\system32\gmjldhlo.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\gqjffrhn.dll C:\WINDOWS\system32\gqjffrhn.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\gwrprgaa.ini C:\WINDOWS\system32\gwrprgaa.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\heperrcp.ini C:\WINDOWS\system32\heperrcp.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\hhqrbsyx.ini C:\WINDOWS\system32\hhqrbsyx.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\hidayiyu.dll C:\WINDOWS\system32\hidayiyu.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\hiwfyqyl.ini C:\WINDOWS\system32\hiwfyqyl.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\hkiujrkb.exe C:\WINDOWS\system32\hkiujrkb.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\hkxixbbl.dll C:\WINDOWS\system32\hkxixbbl.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\hlyeakpn.dll C:\WINDOWS\system32\hlyeakpn.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\hqnevngi.dll C:\WINDOWS\system32\hqnevngi.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\hvkjydfp.dll C:\WINDOWS\system32\hvkjydfp.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\hwhmidji.exe C:\WINDOWS\system32\hwhmidji.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\idatualb.dll C:\WINDOWS\system32\idatualb.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\iemjsury.dll C:\WINDOWS\system32\iemjsury.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\ihsyswtl.dll C:\WINDOWS\system32\ihsyswtl.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\ikfpqfpf.ini C:\WINDOWS\system32\ikfpqfpf.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\iogyliqu.dll C:\WINDOWS\system32\iogyliqu.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\itnieftr.ini C:\WINDOWS\system32\itnieftr.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\itxsqobk.dll C:\WINDOWS\system32\itxsqobk.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\jdbromtl.dll C:\WINDOWS\system32\jdbromtl.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\jjvcbsup.dll C:\WINDOWS\system32\jjvcbsup.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\jmsatpae.dll C:\WINDOWS\system32\jmsatpae.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\jxtvkcfr.exe C:\WINDOWS\system32\jxtvkcfr.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\kboqsxti.ini C:\WINDOWS\system32\kboqsxti.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\kdggvbru.ini C:\WINDOWS\system32\kdggvbru.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\kedkmajc.dll C:\WINDOWS\system32\kedkmajc.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\knfmlurp.dll C:\WINDOWS\system32\knfmlurp.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\kvfavwrg.dll C:\WINDOWS\system32\kvfavwrg.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\lbbxixkh.ini C:\WINDOWS\system32\lbbxixkh.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\leuphjgk.exe C:\WINDOWS\system32\leuphjgk.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\lptabbwh.dll C:\WINDOWS\system32\lptabbwh.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\lvyxuirx.ini C:\WINDOWS\system32\lvyxuirx.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\lyqyfwih.dll C:\WINDOWS\system32\lyqyfwih.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\najcklyc.dll C:\WINDOWS\system32\najcklyc.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\ndwtrutu.dll C:\WINDOWS\system32\ndwtrutu.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\nhrffjqg.ini C:\WINDOWS\system32\nhrffjqg.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\npcykfnq.exe C:\WINDOWS\system32\npcykfnq.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\ntpraaxp.exe C:\WINDOWS\system32\ntpraaxp.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\nweipeg.dll C:\WINDOWS\system32\nweipeg.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\ohbaqphj.dll C:\WINDOWS\system32\ohbaqphj.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\ookeiihv.dll C:\WINDOWS\system32\ookeiihv.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\oqarbnaa.dll C:\WINDOWS\system32\oqarbnaa.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\oyocyqbd.ini C:\WINDOWS\system32\oyocyqbd.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\pbcsvntf.exe C:\WINDOWS\system32\pbcsvntf.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\pcrrepeh.dll C:\WINDOWS\system32\pcrrepeh.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\piuacanl.dll C:\WINDOWS\system32\piuacanl.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\prulmfnk.ini C:\WINDOWS\system32\prulmfnk.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\pubfckpc.dll C:\WINDOWS\system32\pubfckpc.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\qgexbfft.ini C:\WINDOWS\system32\qgexbfft.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\qgkbchla.dll C:\WINDOWS\system32\qgkbchla.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\rhejqykf.ini C:\WINDOWS\system32\rhejqykf.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\rhijlfab.ini C:\WINDOWS\system32\rhijlfab.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\rimgygab.exe C:\WINDOWS\system32\rimgygab.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\rkodupwt.dll C:\WINDOWS\system32\rkodupwt.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\rkurmeua.dll C:\WINDOWS\system32\rkurmeua.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\rkydrsea.exe C:\WINDOWS\system32\rkydrsea.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\rtfeinti.dll C:\WINDOWS\system32\rtfeinti.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\rwoaymiy.dll C:\WINDOWS\system32\rwoaymiy.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\rxmtsprb.dll C:\WINDOWS\system32\rxmtsprb.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\sbupggnu.dll C:\WINDOWS\system32\sbupggnu.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\scysrofw.dll C:\WINDOWS\system32\scysrofw.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\sxrpcvew.ini C:\WINDOWS\system32\sxrpcvew.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\sytpbtar.dll C:\WINDOWS\system32\sytpbtar.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\teggeiyf.ini C:\WINDOWS\system32\teggeiyf.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\tffbxegq.dll C:\WINDOWS\system32\tffbxegq.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\tfluqycq.dll C:\WINDOWS\system32\tfluqycq.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\tiermnxw.ini C:\WINDOWS\system32\tiermnxw.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\tkladlme.dll C:\WINDOWS\system32\tkladlme.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\tqrdcwpu.dll C:\WINDOWS\system32\tqrdcwpu.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\tvicyfgi.dll C:\WINDOWS\system32\tvicyfgi.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\uecswfvu.dll C:\WINDOWS\system32\uecswfvu.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\uhnvbopx.ini C:\WINDOWS\system32\uhnvbopx.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\unggpubs.ini C:\WINDOWS\system32\unggpubs.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\upitbwix.ini C:\WINDOWS\system32\upitbwix.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\upwcdrqt.ini C:\WINDOWS\system32\upwcdrqt.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\uqilygoi.ini C:\WINDOWS\system32\uqilygoi.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\uqqjtweg.dll C:\WINDOWS\system32\uqqjtweg.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\urbvggdk.dll C:\WINDOWS\system32\urbvggdk.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\uyiyadih.ini C:\WINDOWS\system32\uyiyadih.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\vhiiekoo.ini C:\WINDOWS\system32\vhiiekoo.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\vimkrodt.dll C:\WINDOWS\system32\vimkrodt.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\vipcvpxk.dll C:\WINDOWS\system32\vipcvpxk.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\vjfxrise.dll C:\WINDOWS\system32\vjfxrise.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\vpimwyif.ini C:\WINDOWS\system32\vpimwyif.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\vssarute.dll C:\WINDOWS\system32\vssarute.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\wevcprxs.dll C:\WINDOWS\system32\wevcprxs.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\wforsycs.ini C:\WINDOWS\system32\wforsycs.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\whastyes.exe C:\WINDOWS\system32\whastyes.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\whnojvpo.exe C:\WINDOWS\system32\whnojvpo.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\wiwcgiow.exe C:\WINDOWS\system32\wiwcgiow.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\wmqafytx.dll C:\WINDOWS\system32\wmqafytx.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\wvwlgiqx.dll C:\WINDOWS\system32\wvwlgiqx.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\wxnmreit.dll C:\WINDOWS\system32\wxnmreit.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\wyyokiyb.dll C:\WINDOWS\system32\wyyokiyb.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\xghuwoeq.dll C:\WINDOWS\system32\xghuwoeq.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\xhimjrts.exe C:\WINDOWS\system32\xhimjrts.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\xhwdiyib.ini C:\WINDOWS\system32\xhwdiyib.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\xiwbtipu.dll C:\WINDOWS\system32\xiwbtipu.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\xpobvnhu.dll C:\WINDOWS\system32\xpobvnhu.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\xqffuuvy.ini C:\WINDOWS\system32\xqffuuvy.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\xqiglwvw.ini C:\WINDOWS\system32\xqiglwvw.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\xriuxyvl.dll C:\WINDOWS\system32\xriuxyvl.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\xsmpdcqy.dll C:\WINDOWS\system32\xsmpdcqy.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\xtxbdoxk.dll C:\WINDOWS\system32\xtxbdoxk.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\xtyfaqmw.ini C:\WINDOWS\system32\xtyfaqmw.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\xuxtgdee.ini C:\WINDOWS\system32\xuxtgdee.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\xysbrqhh.dll C:\WINDOWS\system32\xysbrqhh.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\yccnpauv.dll C:\WINDOWS\system32\yccnpauv.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\ycsahxoi.dll C:\WINDOWS\system32\ycsahxoi.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\yfcbdkjo.dll C:\WINDOWS\system32\yfcbdkjo.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\yimyaowr.ini C:\WINDOWS\system32\yimyaowr.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\yjwhafgy.dll C:\WINDOWS\system32\yjwhafgy.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\ykyjaanp.dll C:\WINDOWS\system32\ykyjaanp.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\ylkjvxav.exe C:\WINDOWS\system32\ylkjvxav.exe Has been deleted! Attempting to delete C:\WINDOWS\system32\yrusjmei.ini C:\WINDOWS\system32\yrusjmei.ini Has been deleted! Attempting to delete C:\WINDOWS\system32\yvdsfxob.dll C:\WINDOWS\system32\yvdsfxob.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\yvuuffqx.dll C:\WINDOWS\system32\yvuuffqx.dll Has been deleted! Attempting to delete C:\WINDOWS\system32\yxaskoyr.dll C:\WINDOWS\system32\yxaskoyr.dll Has been deleted! Attempting to delete C:\WINDOWS\Web\ahrdajva.dll C:\WINDOWS\Web\ahrdajva.dll Has been deleted! Performing Repairs to the registry. Done! Hijackthis: Logfile of HijackThis v1.99.1 Scan saved at 20:28:17, on 2007-05-11 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\Program Files\Diskeeper\DkService.exe C:\WINDOWS\system32\msasvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\system32\CTHELPER.EXE C:\Program Files\Creative\ShareDLL\CtNotify.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Creative\ShareDLL\MediaDet.exe F:\Programe\Ad-Aware SE Professional\Ad-Watch.exe C:\Program Files\internet explorer\iexplore.exe F:\Programe\Hijackthis\VERSION TRADUITE ORIGINALE.EXE F:\Programe\Firefox\firefox.exe C:\WINDOWS\system32\wuauclt.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.hotmail.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F3 - REG:win.ini: load=C:\WINDOWS\system32\camacttiv.exe O1 - Hosts: 66.98.148.65 auto.search.msn.com O1 - Hosts: 66.98.148.65 auto.search.msn.es O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {248AEE7B-BA53-47C1-BC59-4520A9D7C9F3} - C:\WINDOWS\Web\ahrdajva.dll (file missing) O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - F:\Programe\BitComet\tools\BitCometBHO.dll O2 - BHO: (no name) - {669F1F99-1244-4872-B690-DFC5CB4ADECb} - C:\WINDOWS\system32\hpwrrvuv.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: (no name) - {ADA2AEC6-C2A3-4C1E-833F-0BB49DDDBA85} - C:\WINDOWS\system32\hpwrrvuv.dll (file missing) O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe" O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [uaafn] C:\Program Files\Jhigk\Agyuq.exe O4 - HKLM\..\Run: [Opgbqy] C:\Program Files\Yrheswr\Pzln.exe O4 - HKLM\..\Run: [Puibx] C:\Program Files\Fdfnh\Oabl.exe O4 - HKLM\..\Run: [btqoq] C:\Program Files\Iletgu\Cbokkfy.exe O4 - HKLM\..\Run: [Fvujhs] C:\Program Files\Klwzyp\Esrjerg.exe O4 - HKLM\..\Run: [Ftlamr] C:\Program Files\Lvbfft\Wxcgel.exe O4 - HKLM\..\Run: [Exovhigi] C:\Program Files\Ndsleo\Yxffhw.exe O4 - HKLM\..\Run: [Ylvssvrk] C:\Program Files\Zyapzod\Wxqq.exe O4 - HKLM\..\Run: [Hocyfdn] C:\Program Files\Ejiijb\Eeqefzy.exe O4 - HKLM\..\Run: [Prifpf] C:\Program Files\Qlmzjo\Isbvfnu.exe O4 - HKLM\..\Run: [Cgtulag] C:\Program Files\Stmeijs\Reti.exe O4 - HKLM\..\Run: [Ykvtxfn] C:\Program Files\Ygmnvft\Ogyn.exe O4 - HKLM\..\Run: [iwqarbfu] C:\Program Files\Ksus\Goyn.exe O4 - HKLM\..\Run: [bmatvzs] C:\Program Files\Hwdbrlv\Oqrjo.exe O4 - HKLM\..\Run: [Leosofks] C:\Program Files\Awhq\Bnnqu.exe O4 - HKLM\..\Run: [Qimjhgtf] C:\Program Files\Mrpcq\Agpuyu.exe O4 - HKLM\..\Run: [Vuvvn] C:\Program Files\Rtltq\Wccfoun.exe O4 - HKLM\..\Run: [Zisury] C:\Program Files\Tgtu\Qhhkjgu.exe O4 - HKLM\..\Run: [uyvva] C:\Program Files\Yixl\Ddcxu.exe O4 - HKLM\..\Run: [Jqiil] C:\Program Files\Cjcj\Qzglfnb.exe O4 - HKLM\..\Run: [Lyngyk] C:\Program Files\Uierojs\Lqcsb.exe O4 - HKLM\..\Run: [Xudmbyb] C:\Program Files\Gbbxki\Aainsw.exe O4 - HKLM\..\Run: [Kcpsirdb] C:\Program Files\Kdfvcv\Dnteas.exe O4 - HKLM\..\Run: [bnvuwgvx] C:\Program Files\Bnmdh\Szqnd.exe O4 - HKLM\..\Run: [biciu] C:\Program Files\Fprbh\Oudgup.exe O4 - HKLM\..\Run: [Zybwdgdo] C:\Program Files\Pptncg\Ngqm.exe O4 - HKLM\..\Run: [Lxptn] C:\Program Files\Arwlddx\Lrbt.exe O4 - HKLM\..\Run: [bosvr] C:\Program Files\Crvruyi\Kuzw.exe O4 - HKLM\..\Run: [Pjahxv] C:\Program Files\Gtaiule\Xfqw.exe O4 - HKLM\..\Run: [Dvrubhab] C:\Program Files\Lqwlmp\Yslqn.exe O4 - HKLM\..\Run: [Qxkxggf] c:\Program Files\Kdilgsr\Ysauw.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG7_CC] F:\Programe\avgcc.exe /STARTUP O4 - HKLM\..\Run: [avast!] F:\Programe\Avast\ashDisp.exe O4 - HKLM\..\Run: [desktop] C:\WINDOWS\system32\desktop.exe O4 - HKLM\..\Run: [Generic Host Process] C:\WINDOWS\system32\camacttiv.exe O4 - HKLM\..\RunServices: [desktop] C:\WINDOWS\system32\desktop.exe O4 - HKLM\..\RunServices: [Generic Host Process] C:\WINDOWS\system32\camacttiv.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AWMON] "F:\Programe\Ad-Aware SE Professional\Ad-Watch.exe" O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1 O8 - Extra context menu item: Download all links using BitComet - res://F:\Programe\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://F:\Programe\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://F:\Programe\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {750A64D8-DFAA-485B-A335-F7093333FBB7} - (no file) (HKCU) O10 - Broken Internet access because of LSP provider 'xfire_lsp.dll' missing O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com/PhotoUpload/MsnPUpld.cab?10,0,910,0 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: fccyy - fccyy.dll (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner - F:\Programe\avgamsvr.exe (file missing) O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - F:\Programe\avgupsvc.exe (file missing) O23 - Service: AVG E-mail Scanner (AVGEMS) - Unknown owner - F:\Programe\avgemc.exe (file missing) O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Diskeeper\DkService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Microsoft authenticate service (MsaSvc) - Unknown owner - C:\WINDOWS\system32\msasvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: SC Test Branding Service 1 - SC Test Branding 1 - C:\Program Files\Common Files\SC Test Branding 1 Shared\Service\SCTestService1.exe O23 - Service: Windows Firewall/Internet Connection Sharing (ICS) (SharedAccess) - Unknown owner - C:\WINDOWS\C:\WINDOWS\System32\svchost.exe (file missing)

Merci,ca ne devrais pas être long 3 min je crois encore pour le scan de vundo 3 autres pour reboot .

Bonjours, je suis un nouveaux dans le monde de hijack Je voudrais s'avoir se qu'il faut garder et se qu'il ne faut pas garder ext ... Pour avoir un apercu de se qu'il faut fair avec tout ca et pouvoir avec le temps apprendre a utilisé mieux se programe ext... S.v.p aidez moi Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\Program Files\Diskeeper\DkService.exe C:\WINDOWS\system32\msasvc.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\system32\CTHELPER.EXE C:\Program Files\internet explorer\iexplore.exe C:\Program Files\Creative\ShareDLL\CtNotify.exe C:\Program Files\Creative\ShareDLL\MediaDet.exe C:\WINDOWS\system32\ctfmon.exe F:\Programe\Ad-Aware SE Professional\Ad-Watch.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\internet explorer\iexplore.exe C:\WINDOWS\explorer.exe F:\Programe\Firefox\firefox.exe F:\Programe\Hijackthis\VERSION TRADUITE ORIGINALE.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/ R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.hotmail.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F3 - REG:win.ini: load=C:\WINDOWS\system32\camacttiv.exe O1 - Hosts: 66.98.148.65 auto.search.msn.com O1 - Hosts: 66.98.148.65 auto.search.msn.es O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {248AEE7B-BA53-47C1-BC59-4520A9D7C9F3} - C:\WINDOWS\Web\ahrdajva.dll O2 - BHO: (no name) - {371EE1EF-F177-1390-7807-08525DC0E55C} - C:\WINDOWS\system32\nweipeg.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - F:\Programe\BitComet\tools\BitCometBHO.dll O2 - BHO: (no name) - {669F1F99-1244-4872-B690-DFC5CB4ADECb} - C:\WINDOWS\system32\hpwrrvuv.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: (no name) - {ADA2AEC6-C2A3-4C1E-833F-0BB49DDDBA85} - C:\WINDOWS\system32\hpwrrvuv.dll (file missing) O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll O2 - BHO: (no name) - {D651AFF4-9590-424d-BD1E-8E33E090DFB3} - C:\WINDOWS\system32\segowpqt.dll (file missing) O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\fr\msntb.dll O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe" O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER O4 - HKLM\..\Run: [uaafn] C:\Program Files\Jhigk\Agyuq.exe O4 - HKLM\..\Run: [Opgbqy] C:\Program Files\Yrheswr\Pzln.exe O4 - HKLM\..\Run: [Puibx] C:\Program Files\Fdfnh\Oabl.exe O4 - HKLM\..\Run: [btqoq] C:\Program Files\Iletgu\Cbokkfy.exe O4 - HKLM\..\Run: [Fvujhs] C:\Program Files\Klwzyp\Esrjerg.exe O4 - HKLM\..\Run: [Ftlamr] C:\Program Files\Lvbfft\Wxcgel.exe O4 - HKLM\..\Run: [Exovhigi] C:\Program Files\Ndsleo\Yxffhw.exe O4 - HKLM\..\Run: [Ylvssvrk] C:\Program Files\Zyapzod\Wxqq.exe O4 - HKLM\..\Run: [Hocyfdn] C:\Program Files\Ejiijb\Eeqefzy.exe O4 - HKLM\..\Run: [Prifpf] C:\Program Files\Qlmzjo\Isbvfnu.exe O4 - HKLM\..\Run: [Cgtulag] C:\Program Files\Stmeijs\Reti.exe O4 - HKLM\..\Run: [Ykvtxfn] C:\Program Files\Ygmnvft\Ogyn.exe O4 - HKLM\..\Run: [iwqarbfu] C:\Program Files\Ksus\Goyn.exe O4 - HKLM\..\Run: [bmatvzs] C:\Program Files\Hwdbrlv\Oqrjo.exe O4 - HKLM\..\Run: [Leosofks] C:\Program Files\Awhq\Bnnqu.exe O4 - HKLM\..\Run: [Qimjhgtf] C:\Program Files\Mrpcq\Agpuyu.exe O4 - HKLM\..\Run: [Vuvvn] C:\Program Files\Rtltq\Wccfoun.exe O4 - HKLM\..\Run: [Zisury] C:\Program Files\Tgtu\Qhhkjgu.exe O4 - HKLM\..\Run: [uyvva] C:\Program Files\Yixl\Ddcxu.exe O4 - HKLM\..\Run: [Jqiil] C:\Program Files\Cjcj\Qzglfnb.exe O4 - HKLM\..\Run: [Lyngyk] C:\Program Files\Uierojs\Lqcsb.exe O4 - HKLM\..\Run: [Xudmbyb] C:\Program Files\Gbbxki\Aainsw.exe O4 - HKLM\..\Run: [Kcpsirdb] C:\Program Files\Kdfvcv\Dnteas.exe O4 - HKLM\..\Run: [bnvuwgvx] C:\Program Files\Bnmdh\Szqnd.exe O4 - HKLM\..\Run: [biciu] C:\Program Files\Fprbh\Oudgup.exe O4 - HKLM\..\Run: [Zybwdgdo] C:\Program Files\Pptncg\Ngqm.exe O4 - HKLM\..\Run: [Lxptn] C:\Program Files\Arwlddx\Lrbt.exe O4 - HKLM\..\Run: [bosvr] C:\Program Files\Crvruyi\Kuzw.exe O4 - HKLM\..\Run: [Pjahxv] C:\Program Files\Gtaiule\Xfqw.exe O4 - HKLM\..\Run: [Dvrubhab] C:\Program Files\Lqwlmp\Yslqn.exe O4 - HKLM\..\Run: [Qxkxggf] c:\Program Files\Kdilgsr\Ysauw.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [AVG7_CC] F:\Programe\avgcc.exe /STARTUP O4 - HKLM\..\Run: [avast!] F:\Programe\Avast\ashDisp.exe O4 - HKLM\..\Run: [desktop] C:\WINDOWS\system32\desktop.exe O4 - HKLM\..\Run: [Generic Host Process] C:\WINDOWS\system32\camacttiv.exe O4 - HKLM\..\RunServices: [desktop] C:\WINDOWS\system32\desktop.exe O4 - HKLM\..\RunServices: [Generic Host Process] C:\WINDOWS\system32\camacttiv.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [AWMON] "F:\Programe\Ad-Aware SE Professional\Ad-Watch.exe" O8 - Extra context menu item: Download all links using BitComet - res://F:\Programe\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: Download all videos using BitComet - res://F:\Programe\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Download link using &BitComet - res://F:\Programe\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {750A64D8-DFAA-485B-A335-F7093333FBB7} - (no file) (HKCU) O10 - Broken Internet access because of LSP provider 'xfire_lsp.dll' missing O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com/PhotoUpload/MsnPUpld.cab?10,0,910,0 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: ahrdajva - C:\WINDOWS\Web\ahrdajva.dll O20 - Winlogon Notify: fccyy - fccyy.dll (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner - F:\Programe\avgamsvr.exe (file missing) O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - F:\Programe\avgupsvc.exe (file missing) O23 - Service: AVG E-mail Scanner (AVGEMS) - Unknown owner - F:\Programe\avgemc.exe (file missing) O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Diskeeper\DkService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: Microsoft authenticate service (MsaSvc) - Unknown owner - C:\WINDOWS\system32\msasvc.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: SC Test Branding Service 1 - SC Test Branding 1 - C:\Program Files\Common Files\SC Test Branding 1 Shared\Service\SCTestService1.exe O23 - Service: Windows Firewall/Internet Connection Sharing (ICS) (SharedAccess) - Unknown owner - C:\WINDOWS\C:\WINDOWS\System32\svchost.exe (file missing)