Votre question

[résolu] Grand merci a Angeldark

Tags :
  • Internet Explorer
  • Sécurité
Dernière réponse : dans Sécurité et virus
9 Septembre 2007 18:01:56

Salut me promenant sur le forum j'ai vu qu'il y avait un logiciel pour voir les virus (et comme je sais que j'en ais) donc je voudrais que vous m'aiderais pour les illiminer

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:12:40, on 09/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE
C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe
C:\Program Files\Pack Securite\Common\FSMA32.EXE
C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe
C:\Program Files\Pack Securite\Common\FSMB32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Pack Securite\Common\FCH32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Pack Securite\Common\FAMEH32.EXE
C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe
C:\Program Files\Pack Securite\Anti-Virus\fsrw.exe
C:\Program Files\Pack Securite\FSPC\fspc.exe
C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Pack Securite\Common\FSM32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\PACKSE~1\ANTI-S~1\fsaw.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Pack Securite\FSGUI\fsguidll.exe
C:\Program Files\QuickTime\qttask.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe
C:\Program Files\Photo Manager\Monitor.exe
C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Antipub\antipub.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\HP_Propriétaire\Bureau\HiJackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.simagri.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Securite\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [wgdnhx] c:\windows\system32\wgdnhx.exe wgdnhx
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [GPLv3] rundll32.exe "C:\WINDOWS\system32\bwdyfcoc.dll",realset
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-2044850274-2775824881-3087413449-1010\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (User 'Eric')
O4 - HKUS\S-1-5-21-2044850274-2775824881-3087413449-1010\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Eric')
O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Pack Securite.lnk = C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe
O4 - Global Startup: Photo Manager Monitor.lnk = ?
O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\Pack Securite\Anti-Spyware\blockpopups.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/virtools.downloa...
O23 - Service: Pack Securite (BackWeb Plug-in - 361343) - BackWeb Technologies Inc. - C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: dns cache reader (DNSCacheReader) - Unknown owner - C:\WINDOWS\system32\j8261532.exe (file missing)
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\nfamrlpb.exe (file missing)
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program Files\Pack Securite\FSPC\fshttps\fshttps.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O24 - Desktop Component 0: (no name) - http://idata.over-blog.com/0/00/32/63/fevrier/tres/sama...
O24 - Desktop Component 1: (no name) - http://nn99.free.fr/miniZ/nsx14.jpg
O24 - Desktop Component 2: (no name) - http://www.simagri.com/images/map/fond.gif

--
End of file - 11860 bytes

c'est grave? il y a beaucoup de manip a faire ?

Merci

Autres pages sur : resolu grand merci angeldark

a b 8 Sécurité
9 Septembre 2007 18:04:02

Un bonjour, une explication, un merci, un rapport complet ?
9 Septembre 2007 18:16:51

up j'ai fait se que tu ma demander
Contenus similaires
a b 8 Sécurité
9 Septembre 2007 18:22:51

Re,

Télécharge Navilog1.exe (IL-MAFIOSO)
Enregistre-le sur ton Bureau.
Lance l'installation en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)

Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
[#ff0000]! N'utilise pas l'option 2, 3 et 4 sans notre accord ![/#f]
Patiente jusqu'à l'apparition de ce message :
"*** Analyse Termine le ..... ***"
Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste-nous son contenu de cette manière :

-> Edition / Sélectionner tout
-> Edition / Copier
-> Clique-Droit / Coller dans ta réponse


NOTE : Le rapport se trouve également ici : C:\fixnavi.txt
9 Septembre 2007 18:35:00

Il m'effectue un scan c'est normal ?
9 Septembre 2007 18:46:41

Search Navipromo version 3.0.1 commencé le 09/09/2007 à 18:29:41,82

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!

Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 08.09.2007 a 21h00 by IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11


*** Recherche Programmes installes ***


MessengerSkinner


*** Recherche dossiers dans C:\WINDOWS ***



*** Recherche dossiers dans C:\Program Files ***

C:\Program Files\MessengerSkinner trouvé !


*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***




*** Recherche dossiers dans C:\Documents and Settings\HP_Propri‚taire\Application Data ***


*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
http://www.f-secure.com/blacklight/blacklight_help.html

Fichier(s) caché(s) dans C:\WINDOWS\system32 :

c:\WINDOWS\system32\fkzndthv.dat
C:\windows\system32\fkzndthv.exe
c:\WINDOWS\system32\fkzndthv_nav.dat
c:\WINDOWS\system32\fkzndthv_navps.dat
c:\WINDOWS\system32\fkzndthv.dat
C:\windows\system32\fkzndthv.exe
c:\WINDOWS\system32\fkzndthv_nav.dat
c:\WINDOWS\system32\fkzndthv_navps.dat

Processus caché(s) dans C:\WINDOWS\system32 :

C:\windows\system32\fkzndthv.exe
C:\windows\system32\fkzndthv.exe


*** Recherche avec GenericNaviSearch ***
!!! Tous Ces résultats peuvent révéler des fichiers légitimes !!!
!!! A verifier impérativement avant toute suppression manuelle !!!

* Scan C:\WINDOWS\system32 *

Fichiers trouvés :

wgdnhx.exe trouvé !
wgdnhx.dat trouvé !
wgdnhx_nav.dat trouvé !
wgdnhx_navps.dat trouvé !

Fichiers suspects :

Aucun Fichier suspect trouvé !



*** Recherche fichiers ***


C:\WINDOWS\pack.epk trouvé !
C:\WINDOWS\system32\nvs2.inf trouvé !


*** Recherche cles registre ***

HKEY_CURRENT_USER\Software\Lanconfig trouvé !


*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche fichiers connus:
C:\WINDOWS\system32\abadd.ini2 trouvé ! infection Vundo possible non traité par cet outil !
C:\WINDOWS\system32\gjkkj.ini2 trouvé ! infection Vundo possible non traité par cet outil !
C:\WINDOWS\system32\gjkkj.bak1 trouvé ! infection Vundo possible non traité par cet outil !
C:\WINDOWS\system32\abadd.bak2 trouvé ! infection Vundo possible non traité par cet outil !
C:\WINDOWS\system32\gjkkj.bak2 trouvé ! infection Vundo possible non traité par cet outil !

2)Recherche Heuristique :
*
C:\WINDOWS\system32\fkzndthv.dat trouvé !
C:\WINDOWS\system32\wgdnhx.dat trouvé !
C:\WINDOWS\system32\cnpbvybe.exe trouvé !
C:\WINDOWS\system32\drlhfeoe.exe trouvé !
C:\WINDOWS\system32\hoxfdepy.exe trouvé !
C:\WINDOWS\system32\ibataddr.exe trouvé !
C:\WINDOWS\system32\jbhxpiwp.exe trouvé !
C:\WINDOWS\system32\kcgatnag.exe trouvé !
C:\WINDOWS\system32\ocimylqe.exe trouvé !
C:\WINDOWS\system32\oqworagp.exe trouvé !
C:\WINDOWS\system32\oxtrhprj.exe trouvé !
C:\WINDOWS\system32\rwsdjelh.exe trouvé !
C:\WINDOWS\system32\symjvaqx.exe trouvé !
C:\WINDOWS\system32\uxwulldi.exe trouvé !
C:\WINDOWS\system32\vtnkoljq.exe trouvé !
C:\WINDOWS\system32\wovgqolq.exe trouvé !





3)Recherche Certificats :

Certificat Egroup trouvé !


*** Analyse Terminé le 09/09/2007 à 18:44:43,07 ***
9 Septembre 2007 18:55:35

la manip qui reste a faire est-elle longue ?
a b 8 Sécurité
9 Septembre 2007 19:35:58

Un petit peu de temps.

Double clique sur le raccourci de Navilog1 présent sur ton Bureau.
Suis les instructions. Choisis ensuite l'option 2 puis valide.
Laisse toi guider et réponds aux questions éventuelles.

L'utilitaire va t'informer qu'il va redémarrer l'ordinateur.
[#ff0000]**Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts**[/#f]
Appuie maintenant sur une touche, comme demandé.
(si ton PC ne redémarre pas automatiquement, fais-le manuellement)

Patiente jusqu'à l'apparition de ce message :
"*** Nettoyage Termine le ..... ***"

Le Bloc-notes va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver.
Referme le Bloc-notes. Ton bureau va maintenant réapparaître.

NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.

Poste le rapport sauvegardé auparavant (C:\cleannavi.txt)
Ainsi qu'un nouveau rapport Hijackthis.
10 Septembre 2007 17:33:10

ceci ne me fait perdre aucune donné ? (ordinateur usage familiale ... un probléme et je suis mort ...^^)
a b 8 Sécurité
10 Septembre 2007 18:41:27

Non ;) 
10 Septembre 2007 19:34:26

Angeldark a dit :
Un petit peu de temps.

Double clique sur le raccourci de Navilog1 présent sur ton Bureau.
Suis les instructions. Choisis ensuite l'option 2 puis valide.
Laisse toi guider et réponds aux questions éventuelles.

L'utilitaire va t'informer qu'il va redémarrer l'ordinateur.
[#ff0000]**Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts**[/#f]
Appuie maintenant sur une touche, comme demandé.
(si ton PC ne redémarre pas automatiquement, fais-le manuellement)

Patiente jusqu'à l'apparition de ce message :
"*** Nettoyage Termine le ..... ***"

Le Bloc-notes va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver.
Referme le Bloc-notes. Ton bureau va maintenant réapparaître.

NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.

Poste le rapport sauvegardé auparavant (C:\cleannavi.txt)
Ainsi qu'un nouveau rapport Hijackthis.



J'ai fait se que tu ma di mais quand je clique sur l'option 2 l'ecran noir se coupe normal ?
10 Septembre 2007 19:36:00

quand je clique sur l'option 2 l'écran noir se coupe c'est normal ?
a b 8 Sécurité
10 Septembre 2007 20:03:35

Le fix travaille toujours ?
11 Septembre 2007 18:05:21

message du logiciel

Le Fix va être interrompu
a b 8 Sécurité
11 Septembre 2007 18:11:51

Comprends pas.

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
  • Double-clique VundoFix.exe afin de le lancer
  • Clique sur le bouton Scan for Vundo
  • Lorsque le scan est complété, clique sur le bouton Remove Vundo
  • Une invite te demandera si tu veux supprimer les fichiers, clique YES
  • Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
  • Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK
  • Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse
    Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".
    11 Septembre 2007 18:35:12


    VundoFix V6.5.8

    Checking Java version...

    Java version is 1.5.0.10

    Scan started at 18:16:47 11/09/2007

    Listing files found while scanning....

    C:\windows\system32\abeldvyb.exe
    C:\windows\system32\abhnhpkb.ini
    C:\windows\system32\acxrwaqc.exe
    C:\windows\system32\afnwiscv.exe
    C:\windows\system32\agqgnmqh.exe
    C:\windows\system32\ahkdauni.exe
    C:\windows\system32\ahuklpha.exe
    C:\windows\system32\aiartnqs.exe
    C:\windows\system32\ainlprer.exe
    C:\windows\system32\ajkshjcu.dll
    C:\windows\system32\ajlwksam.exe
    C:\windows\system32\alffjgrk.dll
    C:\windows\system32\alikaoqx.exe
    C:\windows\system32\anjndasv.ini
    C:\windows\system32\apduwhsl.exe
    C:\windows\system32\aqwkqevv.dll
    C:\windows\system32\argjdidg.exe
    C:\windows\system32\auhffhem.exe
    C:\windows\system32\aupyqpnf.exe
    C:\windows\system32\avkdwlpd.dll
    C:\windows\system32\aymvpklf.exe
    C:\windows\system32\bbitrcem.ini
    C:\windows\system32\bbjjwylg.exe
    C:\windows\system32\bbkktvud.exe
    C:\windows\system32\bevmrdiw.exe
    C:\WINDOWS\system32\bfhutixh.dll
    C:\windows\system32\bgqmdsmp.dll
    C:\windows\system32\bhjhgkem.exe
    C:\windows\system32\biomlsgw.exe
    C:\windows\system32\bkphnhba.dll
    C:\windows\system32\bqndljyx.exe
    C:\windows\system32\brxgonlk.exe
    C:\windows\system32\bvbloldq.dll
    C:\windows\system32\bvggbvup.exe
    C:\WINDOWS\system32\bwdyfcoc.dll
    C:\windows\system32\bykhlbeq.ini
    C:\windows\system32\byorhmwh.ini
    C:\windows\system32\cbtewrwy.exe
    C:\windows\system32\ccnsvgpr.exe
    C:\windows\system32\ccsjkdqx.dll
    C:\windows\system32\cdbdjgvr.ini
    C:\windows\system32\cefslkie.dll
    C:\windows\system32\cjgpyfqd.dll
    C:\windows\system32\cjtaorny.exe
    C:\windows\system32\cnjywbht.exe
    C:\windows\system32\cntxeqnn.dll
    C:\windows\system32\cocfydwb.ini
    C:\windows\system32\cofqfhsm.exe
    C:\windows\system32\cqcrphdv.dll
    C:\windows\system32\cqevbxum.exe
    C:\WINDOWS\system32\crumohim.dll
    C:\windows\system32\csbyohhv.exe
    C:\windows\system32\ctbxamln.exe
    C:\windows\system32\cuokmuyh.exe
    C:\windows\system32\dcawqvqq.dll
    C:\WINDOWS\system32\ddaba.dll
    C:\windows\system32\diaacomj.exe
    C:\windows\system32\dimpmiai.ini
    C:\windows\system32\dkfeyusu.exe
    C:\windows\system32\dmhfyfeq.exe
    C:\windows\system32\dohvsjlv.dll
    C:\windows\system32\doonacsp.dll
    C:\windows\system32\dplwdkva.ini
    C:\windows\system32\dprqipgf.ini
    C:\windows\system32\duyumcwg.exe
    C:\windows\system32\dviptqgu.exe
    C:\windows\system32\dxtnytlj.exe
    C:\windows\system32\dyjckyci.dll
    C:\windows\system32\ehassldk.exe
    C:\windows\system32\eixijeel.exe
    C:\windows\system32\ejyxpvyu.dll
    C:\windows\system32\emklkqgy.ini
    C:\windows\system32\epgpgser.exe
    C:\windows\system32\eqemyapk.exe
    C:\windows\system32\etjeljwx.exe
    C:\windows\system32\eucglitp.exe
    C:\windows\system32\eunrtjeg.ini
    C:\windows\system32\ewlqvoix.exe
    C:\windows\system32\eyujbjpn.exe
    C:\windows\system32\fbhelmuh.dll
    C:\windows\system32\fbvteqmd.exe
    C:\windows\system32\fgpiqrpd.dll
    C:\windows\system32\figyqdeg.dll
    C:\windows\system32\fmevcool.dll
    C:\windows\system32\fqespkdj.dll
    C:\windows\system32\fwdkyavx.exe
    C:\windows\system32\fwjkbvfh.exe
    C:\windows\system32\fycstkbs.exe
    C:\windows\system32\fylmynbf.dll
    C:\windows\system32\gblfdkum.exe
    C:\windows\system32\geikldvb.exe
    C:\windows\system32\gejtrnue.dll
    C:\windows\system32\ghimobgj.dll
    C:\windows\system32\gifqanvt.exe
    C:\windows\system32\gjkkj.bak1
    C:\windows\system32\gjkkj.bak2
    C:\windows\system32\gjkkj.ini
    C:\windows\system32\gjkkj.ini2
    C:\windows\system32\gjkkj.tmp
    C:\windows\system32\gjkvytap.dll
    C:\windows\system32\glglvbiw.exe
    C:\windows\system32\gmcilfpm.exe
    C:\windows\system32\gplhqrua.exe
    C:\windows\system32\gplovcwe.exe
    C:\windows\system32\gqdapafu.exe
    C:\windows\system32\gwjibdos.exe
    C:\windows\system32\gyrvdfvu.dll
    C:\windows\system32\hachsjcm.dll
    C:\windows\system32\himqwmrp.ini
    C:\windows\system32\hjqakvtg.exe
    C:\windows\system32\hkjdbkpd.exe
    C:\windows\system32\hkkgpbgk.exe
    C:\windows\system32\hslioiij.exe
    C:\windows\system32\hsxloqgh.exe
    C:\windows\system32\humlehbf.ini
    C:\windows\system32\huxysbhb.dll
    C:\windows\system32\hvfhlxbl.exe
    C:\windows\system32\hwmhroyb.dll
    C:\windows\system32\hxaoudct.dll
    C:\windows\system32\hxljhifk.exe
    C:\windows\system32\iaimpmid.dll
    C:\windows\system32\icykcjyd.ini
    C:\windows\system32\iifhawon.dll
    C:\windows\system32\ijsbnlur.exe
    C:\windows\system32\ijycujse.exe
    C:\windows\system32\imwgdhwk.dll
    C:\windows\system32\inihvpbe.exe
    C:\windows\system32\inyjfoqs.exe
    C:\windows\system32\iqlqbvgp.dll
    C:\windows\system32\ithupohm.exe
    C:\windows\system32\iwutltol.dll
    C:\WINDOWS\system32\iwwidyhj.dll
    C:\windows\system32\jajcvdpx.ini
    C:\windows\system32\jdkpseqf.ini
    C:\windows\system32\jeemkgfy.exe
    C:\windows\system32\jehhgyur.dll
    C:\windows\system32\jfrmedpp.ini
    C:\windows\system32\jgbomihg.ini
    C:\WINDOWS\system32\jkkjg.dll
    C:\WINDOWS\system32\jkkjhed.dll
    C:\windows\system32\jkrrklan.exe
    C:\windows\system32\jmndaico.exe
    C:\windows\system32\jnulylwv.exe
    C:\windows\system32\jnxpdgto.ini
    C:\windows\system32\jnycpuib.exe
    C:\windows\system32\juenhxet.dll
    C:\windows\system32\jwsvyvwy.exe
    C:\windows\system32\jygprwkm.exe
    C:\windows\system32\jyolrvsu.ini
    C:\windows\system32\kambgdyc.exe
    C:\windows\system32\kdixtecp.exe
    C:\windows\system32\kecudiyb.exe
    C:\windows\system32\kgdvqrya.exe
    C:\windows\system32\kofxduhi.dll
    C:\windows\system32\kqhcpuir.exe
    C:\windows\system32\kqntnfnr.exe
    C:\windows\system32\krgjffla.ini
    C:\windows\system32\kscnigjw.dll
    C:\windows\system32\kwukfjvc.exe
    C:\windows\system32\lakxemjw.dll
    C:\windows\system32\ldgholki.exe
    C:\windows\system32\leyiisja.exe
    C:\windows\system32\lfmcajaj.exe
    C:\windows\system32\lgsxcaxq.dll
    C:\windows\system32\lixudagy.ini
    C:\windows\system32\ljqptncq.exe
    C:\windows\system32\lkgapvit.dll
    C:\windows\system32\lnwplpay.dll
    C:\windows\system32\lotltuwi.ini
    C:\windows\system32\lprossil.exe
    C:\windows\system32\lqnainqh.exe
    C:\windows\system32\lrhlnshc.exe
    C:\windows\system32\lruidbex.dll
    C:\windows\system32\lrycegir.ini
    C:\windows\system32\ltbigcna.exe
    C:\windows\system32\ltbmtaym.exe
    C:\windows\system32\lwdflbjl.exe
    C:\windows\system32\mamkiygs.exe
    C:\windows\system32\manwwick.exe
    C:\windows\system32\mbumqlsa.exe
    C:\windows\system32\mcjbmout.exe
    C:\windows\system32\mclhowlt.ini
    C:\windows\system32\mdhfwnjr.exe
    C:\windows\system32\meaxgdeq.exe
    C:\windows\system32\mecrtibb.dll
    C:\windows\system32\mgtlrsra.dll
    C:\windows\system32\mjskites.exe
    C:\windows\system32\mmtjdrdu.exe
    C:\windows\system32\mnwtcpki.exe
    C:\windows\system32\mnxtgjxk.exe
    C:\windows\system32\mpbhabeg.exe
    C:\windows\system32\mwbxqnot.exe
    C:\windows\system32\mwisfjxi.dll
    C:\windows\system32\naljehqd.dll
    C:\windows\system32\ncfwrxtq.exe
    C:\windows\system32\ncuudiwh.exe
    C:\windows\system32\nfhewfwt.exe
    C:\windows\system32\ngbrcltq.dll
    C:\windows\system32\ngkmdolr.exe
    C:\windows\system32\nhrwcnvv.exe
    C:\windows\system32\nlmfkyis.exe
    C:\windows\system32\nmekfmon.exe
    C:\WINDOWS\system32\nnnmjge.dll
    C:\windows\system32\nnpprmod.dll
    C:\windows\system32\nowahfii.ini
    C:\windows\system32\nrnvhluy.dll
    C:\windows\system32\nwatvcsk.exe
    C:\WINDOWS\system32\obaapymx.dll
    C:\windows\system32\ocykvgpr.exe
    C:\windows\system32\oednrrdo.exe
    C:\windows\system32\ogmmlxla.dll
    C:\windows\system32\okxmlebj.exe
    C:\windows\system32\ookucalu.exe
    C:\windows\system32\opeynbuv.exe
    C:\windows\system32\oprymlqp.exe
    C:\windows\system32\osidwupv.ini
    C:\windows\system32\otgdpxnj.dll
    C:\windows\system32\oucoubwe.exe
    C:\windows\system32\ouosymbv.exe
    C:\windows\system32\owedwgfv.exe
    C:\windows\system32\pavxmjgw.exe
    C:\windows\system32\pcileynx.exe
    C:\windows\system32\pfospmwc.exe
    C:\windows\system32\pfrsfgoa.dll
    C:\windows\system32\pgeyngnb.exe
    C:\windows\system32\pglwhjqv.exe
    C:\windows\system32\pgvbqlqi.ini
    C:\windows\system32\pifwegmp.ini
    C:\windows\system32\pilebagk.exe
    C:\windows\system32\pkcbpstn.exe
    C:\windows\system32\pmgewfip.dll
    C:\windows\system32\ppdemrfj.dll
    C:\windows\system32\prmwqmih.dll
    C:\windows\system32\pscanood.ini
    C:\windows\system32\qaqcumiq.dll
    C:\windows\system32\qarrkfwv.exe
    C:\windows\system32\qdlolbvb.ini
    C:\windows\system32\qeblhkyb.dll
    C:\windows\system32\qeipnmwl.exe
    C:\windows\system32\qimucqaq.ini
    C:\windows\system32\qissusfv.exe
    C:\windows\system32\qkmjinul.exe
    C:\windows\system32\qommkif.dll
    C:\windows\system32\qoycqovb.dll
    C:\windows\system32\qqvqwacd.ini
    C:\windows\system32\qrabrdop.dll
    C:\windows\system32\qtlcrbgn.ini
    C:\windows\system32\qvdcifne.exe
    C:\windows\system32\qxacxsgl.ini
    C:\windows\system32\rbqlqrug.exe
    C:\WINDOWS\system32\rbvwgdmy.dll
    C:\windows\system32\rhxvivcq.exe
    C:\windows\system32\rigecyrl.dll
    C:\windows\system32\roamtxef.dll
    C:\windows\system32\rppqoiro.exe
    C:\windows\system32\rqugwnhj.exe
    C:\windows\system32\rrwqdflh.dll
    C:\windows\system32\rucglhxe.exe
    C:\windows\system32\rvgjdbdc.dll
    C:\windows\system32\rxpltfek.dll
    C:\windows\system32\ryamkygs.exe
    C:\windows\system32\sahmomss.exe
    C:\windows\system32\scduyqoc.exe
    C:\windows\system32\sgrrvqij.dll
    C:\windows\system32\shslptef.exe
    C:\windows\system32\sjjhwqmv.ini
    C:\windows\system32\sjltypou.dll
    C:\windows\system32\sngyvgku.exe
    C:\windows\system32\snuttfnt.exe
    C:\windows\system32\sqogwtjr.exe
    C:\windows\system32\swmdshar.exe
    C:\windows\system32\tbsdhkpi.exe
    C:\windows\system32\tcadshrv.exe
    C:\windows\system32\tdetnfip.exe
    C:\windows\system32\texhneuj.ini
    C:\windows\system32\tfxobuhf.exe
    C:\windows\system32\tivpagkl.ini
    C:\windows\system32\tkaelfrp.exe
    C:\windows\system32\tlwohlcm.dll
    C:\windows\system32\toiktnir.exe
    C:\windows\system32\tpqclctk.exe
    C:\windows\system32\truqcdqm.exe
    C:\windows\system32\trwbdpqi.exe
    C:\windows\system32\tsnioben.exe
    C:\windows\system32\tujoqxpi.exe
    C:\windows\system32\tuvuuss.dll
    C:\windows\system32\twfhtuus.exe
    C:\windows\system32\twnvnbbg.exe
    C:\windows\system32\ucoqpena.dll
    C:\windows\system32\ufblymfj.exe
    C:\windows\system32\ufkwdoxr.exe
    C:\windows\system32\ufmafnjj.exe
    C:\WINDOWS\system32\ukcyrhhf.dll
    C:\windows\system32\unslncte.exe
    C:\windows\system32\upqhaold.exe
    C:\windows\system32\uqbhnwoa.exe
    C:\WINDOWS\system32\uqsbcrhp.dll
    C:\windows\system32\urllqjkl.exe
    C:\windows\system32\usorbwae.dll
    C:\windows\system32\usvrloyj.dll
    C:\windows\system32\uyvpxyje.ini
    C:\windows\system32\vaqufsjq.exe
    C:\windows\system32\vaspfund.exe
    C:\windows\system32\vbohbgvb.exe
    C:\windows\system32\vbuqwqxp.exe
    C:\windows\system32\vdjlqwgx.dll
    C:\windows\system32\vexqqkum.exe
    C:\windows\system32\vkuimyxd.exe
    C:\windows\system32\vlmludik.exe
    C:\windows\system32\vmqwhjjs.dll
    C:\windows\system32\vnyadhcq.exe
    C:\windows\system32\vposmehj.exe
    C:\windows\system32\vpuwdiso.dll
    C:\windows\system32\vreutixn.exe
    C:\windows\system32\vsadnjna.dll
    C:\windows\system32\vuqqbnwm.exe
    C:\windows\system32\vveqkwqa.ini
    C:\windows\system32\wbcytcew.exe
    C:\windows\system32\wfbfcfsq.dll
    C:\windows\system32\wgbspody.ini
    C:\windows\system32\wjgincsk.ini
    C:\windows\system32\wjmexkal.ini
    C:\windows\system32\wkoxaqts.dll
    C:\windows\system32\wkqteuig.exe
    C:\windows\system32\wluiweju.exe
    C:\windows\system32\wowntasq.exe
    C:\windows\system32\wpmvixjk.exe
    C:\windows\system32\wqaglcey.exe
    C:\windows\system32\wqwilhqv.exe
    C:\windows\system32\wumjglmb.exe
    C:\windows\system32\wwospbiw.exe
    C:\windows\system32\wytudvfq.dll
    C:\windows\system32\xbhrnhvl.exe
    C:\windows\system32\xcsikqmy.dll
    C:\WINDOWS\system32\xfyecrvv.dll
    C:\windows\system32\xggthjhi.exe
    C:\windows\system32\xgjvwupk.exe
    C:\windows\system32\xgwqljdv.ini
    C:\WINDOWS\system32\xgyhqnmn.dll
    C:\windows\system32\xiepknax.exe
    C:\windows\system32\xjfjpyhl.dll
    C:\windows\system32\xjyiohgi.exe
    C:\windows\system32\xloddpki.exe
    C:\windows\system32\xmmowsjd.exe
    C:\windows\system32\xnkgnjrf.exe
    C:\windows\system32\xpdvcjaj.dll
    C:\windows\system32\xqdkjscc.ini
    C:\windows\system32\xxydgqmu.exe
    C:\windows\system32\yaplpwnl.ini
    C:\windows\system32\ydopsbgw.dll
    C:\windows\system32\yepniiaa.exe
    C:\windows\system32\yfaalqqv.exe
    C:\windows\system32\ygaduxil.dll
    C:\windows\system32\ygqklkme.dll
    C:\windows\system32\ykfcblgx.dll
    C:\windows\system32\ylmqugep.exe
    C:\windows\system32\ymihokfn.exe
    C:\windows\system32\ymqkiscx.ini
    C:\windows\system32\yoadeaby.exe
    C:\windows\system32\yrgmktqt.dll
    C:\windows\system32\yrysongk.exe
    C:\windows\system32\ysaobhrx.exe
    C:\windows\system32\ywfgaqwn.exe
    C:\windows\system32\yyyhcfal.dll

    Beginning removal...

    Attempting to delete C:\windows\system32\abeldvyb.exe
    C:\windows\system32\abeldvyb.exe Has been deleted!

    Attempting to delete C:\windows\system32\abhnhpkb.ini
    C:\windows\system32\abhnhpkb.ini Has been deleted!

    Attempting to delete C:\windows\system32\acxrwaqc.exe
    C:\windows\system32\acxrwaqc.exe Has been deleted!

    Attempting to delete C:\windows\system32\afnwiscv.exe
    C:\windows\system32\afnwiscv.exe Has been deleted!

    Attempting to delete C:\windows\system32\agqgnmqh.exe
    C:\windows\system32\agqgnmqh.exe Has been deleted!

    Attempting to delete C:\windows\system32\ahkdauni.exe
    C:\windows\system32\ahkdauni.exe Has been deleted!

    Attempting to delete C:\windows\system32\ahuklpha.exe
    C:\windows\system32\ahuklpha.exe Has been deleted!

    Attempting to delete C:\windows\system32\aiartnqs.exe
    C:\windows\system32\aiartnqs.exe Has been deleted!

    Attempting to delete C:\windows\system32\ainlprer.exe
    C:\windows\system32\ainlprer.exe Has been deleted!

    Attempting to delete C:\windows\system32\ajkshjcu.dll
    C:\windows\system32\ajkshjcu.dll Has been deleted!

    Attempting to delete C:\windows\system32\ajlwksam.exe
    C:\windows\system32\ajlwksam.exe Has been deleted!

    Attempting to delete C:\windows\system32\alffjgrk.dll
    C:\windows\system32\alffjgrk.dll Has been deleted!

    Attempting to delete C:\windows\system32\alikaoqx.exe
    C:\windows\system32\alikaoqx.exe Has been deleted!

    Attempting to delete C:\windows\system32\anjndasv.ini
    C:\windows\system32\anjndasv.ini Has been deleted!

    Attempting to delete C:\windows\system32\apduwhsl.exe
    C:\windows\system32\apduwhsl.exe Has been deleted!

    Attempting to delete C:\windows\system32\aqwkqevv.dll
    C:\windows\system32\aqwkqevv.dll Has been deleted!

    Attempting to delete C:\windows\system32\argjdidg.exe
    C:\windows\system32\argjdidg.exe Has been deleted!

    Attempting to delete C:\windows\system32\auhffhem.exe
    C:\windows\system32\auhffhem.exe Has been deleted!

    Attempting to delete C:\windows\system32\aupyqpnf.exe
    C:\windows\system32\aupyqpnf.exe Has been deleted!

    Attempting to delete C:\windows\system32\avkdwlpd.dll
    C:\windows\system32\avkdwlpd.dll Has been deleted!

    Attempting to delete C:\windows\system32\aymvpklf.exe
    C:\windows\system32\aymvpklf.exe Has been deleted!

    Attempting to delete C:\windows\system32\bbitrcem.ini
    C:\windows\system32\bbitrcem.ini Has been deleted!

    Attempting to delete C:\windows\system32\bbjjwylg.exe
    C:\windows\system32\bbjjwylg.exe Has been deleted!

    Attempting to delete C:\windows\system32\bbkktvud.exe
    C:\windows\system32\bbkktvud.exe Has been deleted!

    Attempting to delete C:\windows\system32\bevmrdiw.exe
    C:\windows\system32\bevmrdiw.exe Has been deleted!

    Attempting to delete C:\windows\system32\bgqmdsmp.dll
    C:\windows\system32\bgqmdsmp.dll Has been deleted!

    Attempting to delete C:\windows\system32\bhjhgkem.exe
    C:\windows\system32\bhjhgkem.exe Has been deleted!

    Attempting to delete C:\windows\system32\biomlsgw.exe
    C:\windows\system32\biomlsgw.exe Has been deleted!

    Attempting to delete C:\windows\system32\bkphnhba.dll
    C:\windows\system32\bkphnhba.dll Has been deleted!

    Attempting to delete C:\windows\system32\bqndljyx.exe
    C:\windows\system32\bqndljyx.exe Has been deleted!

    Attempting to delete C:\windows\system32\brxgonlk.exe
    C:\windows\system32\brxgonlk.exe Has been deleted!

    Attempting to delete C:\windows\system32\bvbloldq.dll
    C:\windows\system32\bvbloldq.dll Has been deleted!

    Attempting to delete C:\windows\system32\bvggbvup.exe
    C:\windows\system32\bvggbvup.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\bwdyfcoc.dll
    C:\WINDOWS\system32\bwdyfcoc.dll Has been deleted!

    Attempting to delete C:\windows\system32\bykhlbeq.ini
    C:\windows\system32\bykhlbeq.ini Has been deleted!

    Attempting to delete C:\windows\system32\byorhmwh.ini
    C:\windows\system32\byorhmwh.ini Has been deleted!

    Attempting to delete C:\windows\system32\cbtewrwy.exe
    C:\windows\system32\cbtewrwy.exe Has been deleted!

    Attempting to delete C:\windows\system32\ccnsvgpr.exe
    C:\windows\system32\ccnsvgpr.exe Has been deleted!

    Attempting to delete C:\windows\system32\ccsjkdqx.dll
    C:\windows\system32\ccsjkdqx.dll Has been deleted!

    Attempting to delete C:\windows\system32\cdbdjgvr.ini
    C:\windows\system32\cdbdjgvr.ini Has been deleted!

    Attempting to delete C:\windows\system32\cefslkie.dll
    C:\windows\system32\cefslkie.dll Has been deleted!

    Attempting to delete C:\windows\system32\cjgpyfqd.dll
    C:\windows\system32\cjgpyfqd.dll Has been deleted!

    Attempting to delete C:\windows\system32\cjtaorny.exe
    C:\windows\system32\cjtaorny.exe Has been deleted!

    Attempting to delete C:\windows\system32\cnjywbht.exe
    C:\windows\system32\cnjywbht.exe Has been deleted!

    Attempting to delete C:\windows\system32\cntxeqnn.dll
    C:\windows\system32\cntxeqnn.dll Has been deleted!

    Attempting to delete C:\windows\system32\cocfydwb.ini
    C:\windows\system32\cocfydwb.ini Has been deleted!

    Attempting to delete C:\windows\system32\cofqfhsm.exe
    C:\windows\system32\cofqfhsm.exe Has been deleted!

    Attempting to delete C:\windows\system32\cqcrphdv.dll
    C:\windows\system32\cqcrphdv.dll Has been deleted!

    Attempting to delete C:\windows\system32\cqevbxum.exe
    C:\windows\system32\cqevbxum.exe Has been deleted!

    Attempting to delete C:\WINDOWS\system32\crumohim.dll
    C:\WINDOWS\system32\crumohim.dll Has been deleted!

    Attempting to delete C:\windows\system32\csbyohhv.exe
    C:\windows\system32\csbyohhv.exe Has been deleted!

    Attempting to delete C:\windows\system32\ctbxamln.exe
    C:\windows\system32\ctbxamln.exe Has been deleted!

    Attempting to delete C:\windows\system32\cuokmuyh.exe
    C:\windows\system32\cuokmuyh.exe Has been deleted!

    Attempting to delete C:\windows\system32\dcawqvqq.dll
    C:\windows\system32\dcawqvqq.dll Has been deleted!

    Attempting to delete C:\windows\system32\diaacomj.exe
    C:\windows\system32\diaacomj.exe Has been deleted!

    Attempting to delete C:\windows\system32\dimpmiai.ini
    C:\windows\system32\dimpmiai.ini Has been deleted!

    Attempting to delete C:\windows\system32\dkfeyusu.exe
    C:\windows\system32\dkfeyusu.exe Has been deleted!

    Attempting to delete C:\windows\system32\dmhfyfeq.exe
    C:\windows\system32\dmhfyfeq.exe Has been deleted!

    Attempting to delete C:\windows\system32\dohvsjlv.dll
    C:\windows\system32\dohvsjlv.dll Has been deleted!

    Attempting to delete C:\windows\system32\doonacsp.dll
    C:\windows\system32\doonacsp.dll Has been deleted!

    Attempting to delete C:\windows\system32\dplwdkva.ini
    C:\windows\system32\dplwdkva.ini Has been deleted!

    Attempting to delete C:\windows\system32\dprqipgf.ini
    C:\windows\system32\dprqipgf.ini Has been deleted!

    Attempting to delete C:\windows\system32\duyumcwg.exe
    C:\windows\system32\duyumcwg.exe Has been deleted!

    Attempting to delete C:\windows\system32\dviptqgu.exe
    C:\windows\system32\dviptqgu.exe Has been deleted!

    Attempting to delete C:\windows\system32\dxtnytlj.exe
    C:\windows\system32\dxtnytlj.exe Has been deleted!

    Attempting to delete C:\windows\system32\dyjckyci.dll
    C:\windows\system32\dyjckyci.dll Has been deleted!

    Attempting to delete C:\windows\system32\ehassldk.exe
    C:\windows\system32\ehassldk.exe Has been deleted!

    Attempting to delete C:\windows\system32\eixijeel.exe
    C:\windows\system32\eixijeel.exe Has been deleted!

    Attempting to delete C:\windows\system32\ejyxpvyu.dll
    C:\windows\system32\ejyxpvyu.dll Has been deleted!

    Attempting to delete C:\windows\system32\emklkqgy.ini
    C:\windows\system32\emklkqgy.ini Has been deleted!

    Attempting to delete C:\windows\system32\epgpgser.exe
    C:\windows\system32\epgpgser.exe Has been deleted!

    Attempting to delete C:\windows\system32\eqemyapk.exe
    C:\windows\system32\eqemyapk.exe Has been deleted!

    Attempting to delete C:\windows\system32\etjeljwx.exe
    C:\windows\system32\etjeljwx.exe Has been deleted!

    Attempting to delete C:\windows\system32\eucglitp.exe
    C:\windows\system32\eucglitp.exe Has been deleted!

    Attempting to delete C:\windows\system32\eunrtjeg.ini
    C:\windows\system32\eunrtjeg.ini Has been deleted!

    Attempting to delete C:\windows\system32\ewlqvoix.exe
    C:\windows\system32\ewlqvoix.exe Has been deleted!

    Attempting to delete C:\windows\system32\eyujbjpn.exe
    C:\windows\system32\eyujbjpn.exe Has been deleted!

    Attempting to delete C:\windows\system32\fbhelmuh.dll
    C:\windows\system32\fbhelmuh.dll Has been deleted!

    Attempting to delete C:\windows\system32\fbvteqmd.exe
    C:\windows\system32\fbvteqmd.exe Has been deleted!

    Attempting to delete C:\windows\system32\fgpiqrpd.dll
    C:\windows\system32\fgpiqrpd.dll Has been deleted!

    Attempting to delete C:\windows\system32\figyqdeg.dll
    C:\windows\system32\figyqdeg.dll Has been deleted!

    Attempting to delete C:\windows\system32\fmevcool.dll
    C:\windows\system32\fmevcool.dll Has been deleted!

    Attempting to delete C:\windows\system32\fqespkdj.dll
    C:\windows\system32\fqespkdj.dll Has been deleted!

    Attempting to delete C:\windows\system32\fwdkyavx.exe
    C:\windows\system32\fwdkyavx.exe Has been deleted!

    Attempting to delete C:\windows\system32\fwjkbvfh.exe
    C:\windows\system32\fwjkbvfh.exe Has been deleted!

    Attempting to delete C:\windows\system32\fycstkbs.exe
    C:\windows\system32\fycstkbs.exe Has been deleted!

    Attempting to delete C:\windows\system32\fylmynbf.dll
    C:\windows\system32\fylmynbf.dll Has been deleted!

    Attempting to delete C:\windows\system32\gblfdkum.exe
    C:\windows\system32\gblfdkum.exe Has been deleted!

    Attempting to delete C:\windows\system32\geikldvb.exe
    C:\windows\system32\geikldvb.exe Has been deleted!

    Attempting to delete C:\windows\system32\gejtrnue.dll
    C:\windows\system32\gejtrnue.dll Has been deleted!

    Attempting to delete C:\windows\system32\ghimobgj.dll
    C:\windows\system32\ghimobgj.dll Has been deleted!

    Attempting to delete C:\windows\system32\gifqanvt.exe
    C:\windows\system32\gifqanvt.exe Has been deleted!

    Attempting to delete C:\windows\system32\gjkkj.bak1
    C:\windows\system32\gjkkj.bak1 Has been deleted!

    Attempting to delete C:\windows\system32\gjkkj.bak2
    C:\windows\system32\gjkkj.bak2 Has been deleted!

    Attempting to delete C:\windows\system32\gjkkj.ini
    C:\windows\system32\gjkkj.ini Has been deleted!

    Attempting to delete C:\windows\system32\gjkkj.ini2
    C:\windows\system32\gjkkj.ini2 Has been deleted!

    Attempting to delete C:\windows\system32\gjkkj.tmp
    C:\windows\system32\gjkkj.tmp Has been deleted!

    Attempting to delete C:\windows\system32\gjkvytap.dll
    C:\windows\system32\gjkvytap.dll Has been deleted!

    Attempting to delete C:\windows\system32\glglvbiw.exe
    C:\windows\system32\glglvbiw.exe Has been deleted!

    Attempting to delete C:\windows\system32\gmcilfpm.exe
    C:\windows\system32\gmcilfpm.exe Has been deleted!

    Attempting to delete C:\windows\system32\gplhqrua.exe
    C:\windows\system32\gplhqrua.exe Has been deleted!

    Attempting to delete C:\windows\system32\gplovcwe.exe
    C:\windows\system32\gplovcwe.exe Has been deleted!

    Attempting to delete C:\windows\system32\gqdapafu.exe
    C:\windows\system32\gqdapafu.exe Has been deleted!

    Attempting to delete C:\windows\system32\gwjibdos.exe
    C:\windows\system32\gwjibdos.exe Has been deleted!

    Attempting to delete C:\windows\system32\gyrvdfvu.dll
    C:\windows\system32\gyrvdfvu.dll Has been deleted!

    Attempting to delete C:\windows\system32\hachsjcm.dll
    C:\windows\system32\hachsjcm.dll Has been deleted!

    Attempting to delete C:\windows\system32\himqwmrp.ini
    C:\windows\system32\himqwmrp.ini Has been deleted!

    Attempting to delete C:\windows\system32\hjqakvtg.exe
    C:\windows\system32\hjqakvtg.exe Has been deleted!

    Attempting to delete C:\windows\system32\hkjdbkpd.exe
    C:\windows\system32\hkjdbkpd.exe Has been deleted!

    Attempting to delete C:\windows\system32\hkkgpbgk.exe
    C:\windows\system32\hkkgpbgk.exe Has been deleted!

    Attempting to delete C:\windows\system32\hslioiij.exe
    C:\windows\system32\hslioiij.exe Has been deleted!

    Attempting to delete C:\windows\system32\hsxloqgh.exe
    C:\windows\system32\hsxloqgh.exe Has been deleted!

    Attempting to delete C:\windows\system32\humlehbf.ini
    C:\windows\system32\humlehbf.ini Has been deleted!

    Attempting to delete C:\windows\system32\huxysbhb.dll
    C:\windows\system32\huxysbhb.dll Has been deleted!

    Attempting to delete C:\windows\system32\hvfhlxbl.exe
    C:\windows\system32\hvfhlxbl.exe Has been deleted!

    Attempting to delete C:\windows\system32\hwmhroyb.dll
    C:\windows\system32\hwmhroyb.dll Has been deleted!

    Attempting to delete C:\windows\system32\hxaoudct.dll
    C:\windows\system32\hxaoudct.dll Has been deleted!

    Attempting to delete C:\windows\system32\hxljhifk.exe
    C:\windows\system32\hxljhifk.exe Has been deleted!

    Attempting to delete C:\windows\system32\iaimpmid.dll
    C:\windows\system32\iaimpmid.dll Has been deleted!

    Attempting to delete C:\windows\system32\icykcjyd.ini
    C:\windows\system32\icykcjyd.ini Has been deleted!

    Attempting to delete C:\windows\system32\iifhawon.dll
    C:\windows\system32\iifhawon.dll Has been deleted!

    Attempting to delete C:\windows\system32\ijsbnlur.exe
    C:\windows\system32\ijsbnlur.exe Has been deleted!

    Attempting to delete C:\windows\system32\ijycujse.exe
    C:\windows\system32\ijycujse.exe Has been deleted!

    Attempting to delete C:\windows\system32\imwgdhwk.dll
    C:\windows\system32\imwgdhwk.dll Has been deleted!

    Attempting to delete C:\windows\system32\inihvpbe.exe
    C:\windows\system32\inihvpbe.exe Has been deleted!

    Attempting to delete C:\windows\system32\inyjfoqs.exe
    C:\windows\system32\inyjfoqs.exe Has been deleted!

    Attempting to delete C:\windows\system32\iqlqbvgp.dll
    C:\windows\system32\iqlqbvgp.dll Has been deleted!

    Attempting to delete C:\windows\system32\ithupohm.exe
    C:\windows\system32\ithupohm.exe Has been deleted!

    Attempting to delete C:\windows\system32\iwutltol.dll
    C:\windows\system32\iwutltol.dll Has been deleted!

    Attempting to delete C:\windows\system32\jajcvdpx.ini
    C:\windows\system32\jajcvdpx.ini Has been deleted!

    Attempting to delete C:\windows\system32\jdkpseqf.ini
    C:\windows\system32\jdkpseqf.ini Has been deleted!

    Attempting to delete C:\windows\system32\jeemkgfy.exe
    C:\windows\system32\jeemkgfy.exe Has been deleted!

    Attempting to delete C:\windows\system32\jehhgyur.dll
    C:\windows\system32\jehhgyur.dll Has been deleted!

    Attempting to delete C:\windows\system32\jfrmedpp.ini
    C:\windows\system32\jfrmedpp.ini Has been deleted!

    Attempting to delete C:\windows\system32\jgbomihg.ini
    C:\windows\system32\jgbomihg.ini Has been deleted!

    Attempting to delete C:\WINDOWS\system32\jkkjg.dll
    C:\WINDOWS\system32\jkkjg.dll Has been deleted!

    Attempting to delete C:\WINDOWS\system32\jkkjhed.dll
    C:\WINDOWS\system32\jkkjhed.dll Has been deleted!

    Attempting to delete C:\windows\system32\jkrrklan.exe
    C:\windows\system32\jkrrklan.exe Has been deleted!

    Attempting to delete C:\windows\system32\jmndaico.exe
    C:\windows\system32\jmndaico.exe Has been deleted!

    Attempting to delete C:\windows\system32\jnulylwv.exe
    C:\windows\system32\jnulylwv.exe Has been deleted!

    Attempting to delete C:\windows\system32\jnxpdgto.ini
    C:\windows\system32\jnxpdgto.ini Has been deleted!

    Attempting to delete C:\windows\system32\jnycpuib.exe
    C:\windows\system32\jnycpuib.exe Has been deleted!

    Attempting to delete C:\windows\system32\juenhxet.dll
    C:\windows\system32\juenhxet.dll Has been deleted!

    Attempting to delete C:\windows\system32\jwsvyvwy.exe
    C:\windows\system32\jwsvyvwy.exe Has been deleted!

    Attempting to delete C:\windows\system32\jygprwkm.exe
    C:\windows\system32\jygprwkm.exe Has been deleted!

    Attempting to delete C:\windows\system32\jyolrvsu.ini
    C:\windows\system32\jyolrvsu.ini Has been deleted!

    Attempting to delete C:\windows\system32\kambgdyc.exe
    C:\windows\system32\kambgdyc.exe Has been deleted!

    Attempting to delete C:\windows\system32\kdixtecp.exe
    C:\windows\system32\kdixtecp.exe Has been deleted!

    Attempting to delete C:\windows\system32\kecudiyb.exe
    C:\windows\system32\kecudiyb.exe Has been deleted!

    Attempting to delete C:\windows\system32\kgdvqrya.exe
    C:\windows\system32\kgdvqrya.exe Has been deleted!

    Attempting to delete C:\windows\system32\kofxduhi.dll
    C:\windows\system32\kofxduhi.dll Has been deleted!

    Attempting to delete C:\windows\system32\kqhcpuir.exe
    C:\windows\system32\kqhcpuir.exe Has been deleted!

    Attempting to delete C:\windows\system32\kqntnfnr.exe
    C:\windows\system32\kqntnfnr.exe Has been deleted!

    Attempting to delete C:\windows\system32\krgjffla.ini
    C:\windows\system32\krgjffla.ini Has been deleted!

    Attempting to delete C:\windows\system32\kscnigjw.dll
    C:\windows\system32\kscnigjw.dll Has been deleted!

    Attempting to delete C:\windows\system32\kwukfjvc.exe
    C:\windows\system32\kwukfjvc.exe Has been deleted!

    Attempting to delete C:\windows\system32\lakxemjw.dll
    C:\windows\system32\lakxemjw.dll Has been deleted!

    Attempting to delete C:\windows\system32\ldgholki.exe
    C:\windows\system32\ldgholki.exe Has been deleted!

    Attempting to delete C:\windows\system32\leyiisja.exe
    C:\windows\system32\leyiisja.exe Has been deleted!

    Attempting to delete C:\windows\system32\lfmcajaj.exe
    C:\windows\system32\lfmcajaj.exe Has been deleted!

    Attempting to delete C:\windows\system32\lgsxcaxq.dll
    C:\windows\system32\lgsxcaxq.dll Has been deleted!

    Attempting to delete C:\windows\system32\lixudagy.ini
    C:\windows\system32\lixudagy.ini Has been deleted!

    Attempting to delete C:\windows\system32\ljqptncq.exe
    C:\windows\system32\ljqptncq.exe Has been deleted!

    Attempting to delete C:\windows\system32\lkgapvit.dll
    C:\windows\system32\lkgapvit.dll Has been deleted!

    Attempting to delete C:\windows\system32\lnwplpay.dll
    C:\windows\system32\lnwplpay.dll Has been deleted!

    Attempting to delete C:\windows\system32\lotltuwi.ini
    C:\windows\system32\lotltuwi.ini Has been deleted!

    Attempting to delete C:\windows\system32\lprossil.exe
    C:\windows\system32\lprossil.exe Has been deleted!

    Attempting to delete C:\windows\system32\lqnainqh.exe
    C:\windows\system32\lqnainqh.exe Has been deleted!

    Attempting to delete C:\windows\system32\lrhlnshc.exe
    C:\windows\system32\lrhlnshc.exe Has been deleted!

    Attempting to delete C:\windows\system32\lruidbex.dll
    C:\windows\system32\lruidbex.dll Has been deleted!

    Attempting to delete C:\windows\system32\lrycegir.ini
    C:\windows\system32\lrycegir.ini Has been deleted!

    Attempting to delete C:\windows\system32\ltbigcna.exe
    C:\windows\system32\ltbigcna.exe Has been deleted!

    Attempting to delete C:\windows\system32\ltbmtaym.exe
    C:\windows\system32\ltbmtaym.exe Has been deleted!

    Attempting to delete C:\windows\system32\lwdflbjl.exe
    C:\windows\system32\lwdflbjl.exe Has been deleted!

    Attempting to delete C:\windows\system32\mamkiygs.exe
    C:\windows\system32\mamkiygs.exe Has been deleted!

    Attempting to delete C:\windows\system32\manwwick.exe
    C:\windows\system32\manwwick.exe Has been deleted!

    Attempting to delete C:\windows\system32\mbumqlsa.exe
    C:\windows\system32\mbumqlsa.exe Has been deleted!

    Attempting to delete C:\windows\system32\mcjbmout.exe
    C:\windows\system32\mcjbmout.exe Has been deleted!

    Attempting to delete C:\windows\system32\mclhowlt.ini
    C:\windows\system32\mclhowlt.ini Has been deleted!

    Attempting to delete C:\windows\system32\mdhfwnjr.exe
    C:\windows\system32\mdhfwnjr.exe Has been deleted!

    Attempting to delete C:\windows\system32\meaxgdeq.exe
    C:\windows\system32\meaxgdeq.exe Has been deleted!

    Attempting to delete C:\windows\system32\mecrtibb.dll
    C:\windows\system32\mecrtibb.dll Has been deleted!

    Attempting to delete C:\windows\system32\mgtlrsra.dll
    C:\windows\system32\mgtlrsra.dll Has been deleted!

    Attempting to delete C:\windows\system32\mjskites.exe
    C:\windows\system32\mjskites.exe Has been deleted!

    Attempting to delete C:\windows\system32\mmtjdrdu.exe
    C:\windows\system32\mmtjdrdu.exe Has been deleted!

    Attempting to delete C:\windows\system32\mnwtcpki.exe
    C:\windows\system32\mnwtcpki.exe Has been deleted!

    Attempting to delete C:\windows\system32\mnxtgjxk.exe
    C:\windows\system32\mnxtgjxk.exe Has been deleted!

    Attempting to delete C:\windows\system32\mpbhabeg.exe
    C:\windows\system32\mpbhabeg.exe Has been deleted!

    Attempting to delete C:\windows\system32\mwbxqnot.exe
    C:\windows\system32\mwbxqnot.exe Has been deleted!

    Attempting to delete C:\windows\system32\mwisfjxi.dll
    C:\windows\system32\mwisfjxi.dll Has been deleted!

    Attempting to delete C:\windows\system32\naljehqd.dll
    C:\windows\system32\naljehqd.dll Has been deleted!

    Attempting to delete C:\windows\system32\ncfwrxtq.exe
    C:\windows\system32\ncfwrxtq.exe Has been deleted!

    Attempting to delete C:\windows\system32\ncuudiwh.exe
    C:\windows\system32\ncuudiwh.exe Has been deleted!

    Attempting to delete C:\windows\system32\nfhewfwt.exe
    C:\windows\system32\nfhewfwt.exe Has been deleted!

    Attempting to delete C:\windows\system32\ngbrcltq.dll
    C:\windows\system32\ngbrcltq.dll Has been deleted!

    Attempting to delete C:\windows\system32\ngkmdolr.exe
    C:\windows\system32\ngkmdolr.exe Has been deleted!

    Attempting to delete C:\windows\system32\nhrwcnvv.exe
    C:\windows\system32\nhrwcnvv.exe Has been deleted!

    Attempting to delete C:\windows\system32\nlmfkyis.exe
    C:\windows\system32\nlmfkyis.exe Has been deleted!

    Attempting to delete C:\windows\system32\nmekfmon.exe
    C:\windows\system32\nmekfmon.exe Has been deleted!

    Attempting to delete C:\windows\system32\nnpprmod.dll
    C:\windows\system32\nnpprmod.dll Has been deleted!

    Attempting to delete C:\windows\system32\nowahfii.ini
    C:\windows\system32\nowahfii.ini Has been deleted!

    Attempting to delete C:\windows\system32\nrnvhluy.dll
    C:\windows\system32\nrnvhluy.dll Has been deleted!

    Attempting to delete C:\windows\system32\nwatvcsk.exe
    C:\windows\system32\nwatvcsk.exe Has been deleted!

    Attempting to delete C:\windows\system32\ocykvgpr.exe
    C:\windows\system32\ocykvgpr.exe Has been deleted!

    Attempting to delete C:\windows\system32\oednrrdo.exe
    C:\windows\system32\oednrrdo.exe Has been deleted!

    Attempting to delete C:\windows\system32\ogmmlxla.dll
    C:\windows\system32\ogmmlxla.dll Has been deleted!

    Attempting to delete C:\windows\system32\okxmlebj.exe
    C:\windows\system32\okxmlebj.exe Has been deleted!

    Attempting to delete C:\windows\system32\ookucalu.exe
    C:\windows\system32\ookucalu.exe Has been deleted!

    Attempting to delete C:\windows\system32\opeynbuv.exe
    C:\windows\system32\opeynbuv.exe Has been deleted!

    Attempting to delete C:\windows\system32\oprymlqp.exe
    C:\windows\system32\oprymlqp.exe Has been deleted!

    Attempting to delete C:\windows\system32\osidwupv.ini
    C:\windows\system32\osidwupv.ini Has been deleted!

    Attempting to delete C:\windows\system32\otgdpxnj.dll
    C:\windows\system32\otgdpxnj.dll Has been deleted!

    Attempting to delete C:\windows\system32\oucoubwe.exe
    C:\windows\system32\oucoubwe.exe Has been deleted!

    Attempting to delete C:\windows\system32\ouosymbv.exe
    C:\windows\system32\ouosymbv.exe Has been deleted!

    Attempting to delete C:\windows\system32\owedwgfv.exe
    C:\windows\system32\owedwgfv.exe Has been deleted!

    Attempting to delete C:\windows\system32\pavxmjgw.exe
    C:\windows\system32\pavxmjgw.exe Has been deleted!

    Attempting to delete C:\windows\system32\pcileynx.exe
    C:\windows\system32\pcileynx.exe Has been deleted!

    Attempting to delete C:\windows\system32\pfospmwc.exe
    C:\windows\system32\pfospmwc.exe Has been deleted!

    Attempting to delete C:\windows\system32\pfrsfgoa.dll
    C:\windows\system32\pfrsfgoa.dll Has been deleted!

    Attempting to delete C:\windows\system32\pgeyngnb.exe
    C:\windows\system32\pgeyngnb.exe Has been deleted!

    Attempting to delete C:\windows\system32\pglwhjqv.exe
    C:\windows\system32\pglwhjqv.exe Has been deleted!

    Attempting to delete C:\windows\system32\pgvbqlqi.ini
    C:\windows\system32\pgvbqlqi.ini Has been deleted!

    Attempting to delete C:\windows\system32\pifwegmp.ini
    C:\windows\system32\pifwegmp.ini Has been deleted!

    Attempting to delete C:\windows\system32\pilebagk.exe
    C:\windows\system32\pilebagk.exe Has been deleted!

    Attempting to delete C:\windows\system32\pkcbpstn.exe
    C:\windows\system32\pkcbpstn.exe Has been deleted!

    Attempting to delete C:\windows\system32\pmgewfip.dll
    C:\windows\system32\pmgewfip.dll Has been deleted!

    Attempting to delete C:\windows\system32\ppdemrfj.dll
    C:\windows\system32\ppdemrfj.dll Has been deleted!

    Attempting to delete C:\windows\system32\prmwqmih.dll
    C:\windows\system32\prmwqmih.dll Has been deleted!

    Attempting to delete C:\windows\system32\pscanood.ini
    C:\windows\system32\pscanood.ini Has been deleted!

    Attempting to delete C:\windows\system32\qaqcumiq.dll
    C:\windows\system32\qaqcumiq.dll Has been deleted!

    Attempting to delete C:\windows\system32\qarrkfwv.exe
    C:\windows\system32\qarrkfwv.exe Has been deleted!

    Attempting to delete C:\windows\system32\qdlolbvb.ini
    C:\windows\system32\qdlolbvb.ini Has been deleted!

    Attempting to delete C:\windows\system32\qeblhkyb.dll
    C:\windows\system32\qeblhkyb.dll Has been deleted!

    Attempting to delete C:\windows\system32\qeipnmwl.exe
    C:\windows\system32\qeipnmwl.exe Has been deleted!

    Attempting to delete C:\windows\system32\qimucqaq.ini
    C:\windows\system32\qimucqaq.ini Has been deleted!

    Attempting to delete C:\windows\system32\qissusfv.exe
    C:\windows\system32\qissusfv.exe Has been deleted!

    Attempting to delete C:\windows\system32\qkmjinul.exe
    C:\windows\system32\qkmjinul.exe Has been deleted!

    Attempting to delete C:\windows\system32\qommkif.dll
    C:\windows\system32\qommkif.dll Has been deleted!

    Attempting to delete C:\windows\system32\qoycqovb.dll
    C:\windows\system32\qoycqovb.dll Has been deleted!

    Attempting to delete C:\windows\system32\qqvqwacd.ini
    C:\windows\system32\qqvqwacd.ini Has been deleted!

    Attempting to delete C:\windows\system32\qrabrdop.dll
    C:\windows\system32\qrabrdop.dll Has been deleted!

    Attempting to delete C:\windows\system32\qtlcrbgn.ini
    C:\windows\system32\qtlcrbgn.ini Has been deleted!

    Attempting to delete C:\windows\system32\qvdcifne.exe
    C:\windows\system32\qvdcifne.exe Has been deleted!

    Attempting to delete C:\windows\system32\qxacxsgl.ini
    C:\windows\system32\qxacxsgl.ini Has been deleted!

    Attempting to delete C:\windows\system32\rbqlqrug.exe
    C:\windows\system32\rbqlqrug.exe Has been deleted!

    Attempting to delete C:\windows\system32\rhxvivcq.exe
    C:\windows\system32\rhxvivcq.exe Has been deleted!

    Attempting to delete C:\windows\system32\rigecyrl.dll
    C:\windows\system32\rigecyrl.dll Has been deleted!

    Attempting to delete C:\windows\system32\roamtxef.dll
    C:\windows\system32\roamtxef.dll Has been deleted!

    Attempting to delete C:\windows\system32\rppqoiro.exe
    C:\windows\system32\rppqoiro.exe Has been deleted!

    Attempting to delete C:\windows\system32\rqugwnhj.exe
    C:\windows\system32\rqugwnhj.exe Has been deleted!

    Attempting to delete C:\windows\system32\rrwqdflh.dll
    C:\windows\system32\rrwqdflh.dll Has been deleted!

    Attempting to delete C:\windows\system32\rucglhxe.exe
    C:\windows\system32\rucglhxe.exe Has been deleted!

    Attempting to delete C:\windows\system32\rvgjdbdc.dll
    C:\windows\system32\rvgjdbdc.dll Has been deleted!

    Attempting to delete C:\windows\system32\rxpltfek.dll
    C:\windows\system32\rxpltfek.dll Has been deleted!

    Attempting to delete C:\windows\system32\ryamkygs.exe
    C:\windows\system32\ryamkygs.exe Has been deleted!

    Attempting to delete C:\windows\system32\sahmomss.exe
    C:\windows\system32\sahmomss.exe Has been deleted!

    Attempting to delete C:\windows\system32\scduyqoc.exe
    C:\windows\system32\scduyqoc.exe Has been deleted!

    Attempting to delete C:\windows\system32\sgrrvqij.dll
    C:\windows\system32\sgrrvqij.dll Has been deleted!

    Attempting to delete C:\windows\system32\shslptef.exe
    C:\windows\system32\shslptef.exe Has been deleted!

    Attempting to delete C:\windows\system32\sjjhwqmv.ini
    C:\windows\system32\sjjhwqmv.ini Has been deleted!

    Attempting to delete C:\windows\system32\sjltypou.dll
    C:\windows\system32\sjltypou.dll Has been deleted!

    Attempting to delete C:\windows\system32\sngyvgku.exe
    C:\windows\system32\sngyvgku.exe Has been deleted!

    Attempting to delete C:\windows\system32\snuttfnt.exe
    C:\windows\system32\snuttfnt.exe Has been deleted!

    Attempting to delete C:\windows\system32\sqogwtjr.exe
    C:\windows\system32\sqogwtjr.exe Has been deleted!

    Attempting to delete C:\windows\system32\swmdshar.exe
    C:\windows\system32\swmdshar.exe Has been deleted!

    Attempting to delete C:\windows\system32\tbsdhkpi.exe
    C:\windows\system32\tbsdhkpi.exe Has been deleted!

    Attempting to delete C:\windows\system32\tcadshrv.exe
    C:\windows\system32\tcadshrv.exe Has been deleted!

    Attempting to delete C:\windows\system32\tdetnfip.exe
    C:\windows\system32\tdetnfip.exe Has been deleted!

    Attempting to delete C:\windows\system32\texhneuj.ini
    C:\windows\system32\texhneuj.ini Has been deleted!

    Attempting to delete C:\windows\system32\tfxobuhf.exe
    C:\windows\system32\tfxobuhf.exe Has been deleted!

    Attempting to delete C:\windows\system32\tivpagkl.ini
    C:\windows\system32\tivpagkl.ini Has been deleted!

    Attempting to delete C:\windows\system32\tkaelfrp.exe
    C:\windows\system32\tkaelfrp.exe Has been deleted!

    Attempting to delete C:\windows\system32\tlwohlcm.dll
    C:\windows\system32\tlwohlcm.dll Has been deleted!

    Attempting to delete C:\windows\system32\toiktnir.exe
    C:\windows\system32\toiktnir.exe Has been deleted!

    Attempting to delete C:\windows\system32\tpqclctk.exe
    C:\windows\system32\tpqclctk.exe Has been deleted!

    Attempting to delete C:\windows\system32\truqcdqm.exe
    C:\windows\system32\truqcdqm.exe Has been deleted!

    Attempting to delete C:\windows\system32\trwbdpqi.exe
    C:\windows\system32\trwbdpqi.exe Has been deleted!

    Attempting to delete C:\windows\system32\tsnioben.exe
    C:\windows\system32\tsnioben.exe Has been deleted!

    Attempting to delete C:\windows\system32\tujoqxpi.exe
    C:\windows\system32\tujoqxpi.exe Has been deleted!

    Attempting to delete C:\windows\system32\tuvuuss.dll
    C:\windows\system32\tuvuuss.dll Has been deleted!

    Attempting to delete C:\windows\system32\twfhtuus.exe
    C:\windows\system32\twfhtuus.exe Has been deleted!

    Attempting to delete C:\windows\system32\twnvnbbg.exe
    C:\windows\system32\twnvnbbg.exe Has been deleted!

    Attempting to delete C:\windows\system32\ucoqpena.dll
    C:\windows\system32\ucoqpena.dll Has been deleted!

    Attempting to delete C:\windows\system32\ufblymfj.exe
    C:\windows\system32\ufblymfj.exe Has been deleted!

    Attempting to delete C:\windows\system32\ufkwdoxr.exe
    C:\windows\system32\ufkwdoxr.exe Has been deleted!

    Attempting to delete C:\windows\system32\ufmafnjj.exe
    C:\windows\system32\ufmafnjj.exe Has been deleted!

    Attempting to delete C:\windows\system32\unslncte.exe
    C:\windows\system32\unslncte.exe Has been deleted!

    Attempting to delete C:\windows\system32\upqhaold.exe
    C:\windows\system32\upqhaold.exe Has been deleted!

    Attempting to delete C:\windows\system32\uqbhnwoa.exe
    C:\windows\system32\uqbhnwoa.exe Has been deleted!

    Attempting to delete C:\windows\system32\urllqjkl.exe
    C:\windows\system32\urllqjkl.exe Has been deleted!

    Attempting to delete C:\windows\system32\usorbwae.dll
    C:\windows\system32\usorbwae.dll Has been deleted!

    Attempting to delete C:\windows\system32\usvrloyj.dll
    C:\windows\system32\usvrloyj.dll Has been deleted!

    Attempting to delete C:\windows\system32\uyvpxyje.ini
    C:\windows\system32\uyvpxyje.ini Has been deleted!

    Attempting to delete C:\windows\system32\vaqufsjq.exe
    C:\windows\system32\vaqufsjq.exe Has been deleted!

    Attempting to delete C:\windows\system32\vaspfund.exe
    C:\windows\system32\vaspfund.exe Has been deleted!

    Attempting to delete C:\windows\system32\vbohbgvb.exe
    C:\windows\system32\vbohbgvb.exe Has been deleted!

    Attempting to delete C:\windows\system32\vbuqwqxp.exe
    C:\windows\system32\vbuqwqxp.exe Has been deleted!

    Attempting to delete C:\windows\system32\vdjlqwgx.dll
    C:\windows\system32\vdjlqwgx.dll Has been deleted!

    Attempting to delete C:\windows\system32\vexqqkum.exe
    C:\windows\system32\vexqqkum.exe Has been deleted!

    Attempting to delete C:\windows\system32\vkuimyxd.exe
    C:\windows\system32\vkuimyxd.exe Has been deleted!

    Attempting to delete C:\windows\system32\vlmludik.exe
    C:\windows\system32\vlmludik.exe Has been deleted!

    Attempting to delete C:\windows\system32\vmqwhjjs.dll
    C:\windows\system32\vmqwhjjs.dll Has been deleted!

    Attempting to delete C:\windows\system32\vnyadhcq.exe
    C:\windows\system32\vnyadhcq.exe Has been deleted!

    Attempting to delete C:\windows\system32\vposmehj.exe
    C:\windows\system32\vposmehj.exe Has been deleted!

    Attempting to delete C:\windows\system32\vpuwdiso.dll
    C:\windows\system32\vpuwdiso.dll Has been deleted!

    Attempting to delete C:\windows\system32\vreutixn.exe
    C:\windows\system32\vreutixn.exe Has been deleted!

    Attempting to delete C:\windows\system32\vsadnjna.dll
    C:\windows\system32\vsadnjna.dll Has been deleted!

    Attempting to delete C:\windows\system32\vuqqbnwm.exe
    C:\windows\system32\vuqqbnwm.exe Has been deleted!

    Attempting to delete C:\windows\system32\vveqkwqa.ini
    C:\windows\system32\vveqkwqa.ini Has been deleted!

    Attempting to delete C:\windows\system32\wbcytcew.exe
    C:\windows\system32\wbcytcew.exe Has been deleted!

    Attempting to delete C:\windows\system32\wfbfcfsq.dll
    C:\windows\system32\wfbfcfsq.dll Has been deleted!

    Attempting to delete C:\windows\system32\wgbspody.ini
    C:\windows\system32\wgbspody.ini Has been deleted!

    Attempting to delete C:\windows\system32\wjgincsk.ini
    C:\windows\system32\wjgincsk.ini Has been deleted!

    Attempting to delete C:\windows\system32\wjmexkal.ini
    C:\windows\system32\wjmexkal.ini Has been deleted!

    Attempting to delete C:\windows\system32\wkoxaqts.dll
    C:\windows\system32\wkoxaqts.dll Has been deleted!

    Attempting to delete C:\windows\system32\wkqteuig.exe
    C:\windows\system32\wkqteuig.exe Has been deleted!

    Attempting to delete C:\windows\system32\wluiweju.exe
    C:\windows\system32\wluiweju.exe Has been deleted!

    Attempting to delete C:\windows\system32\wowntasq.exe
    C:\windows\system32\wowntasq.exe Has been deleted!

    Attempting to delete C:\windows\system32\wpmvixjk.exe
    C:\windows\system32\wpmvixjk.exe Has been deleted!

    Attempting to delete C:\windows\system32\wqaglcey.exe
    C:\windows\system32\wqaglcey.exe Has been deleted!

    Attempting to delete C:\windows\system32\wqwilhqv.exe
    C:\windows\system32\wqwilhqv.exe Has been deleted!

    Attempting to delete C:\windows\system32\wumjglmb.exe
    C:\windows\system32\wumjglmb.exe Has been deleted!

    Attempting to delete C:\windows\system32\wwospbiw.exe
    C:\windows\system32\wwospbiw.exe Has been deleted!

    Attempting to delete C:\windows\system32\wytudvfq.dll
    C:\windows\system32\wytudvfq.dll Has been deleted!

    Attempting to delete C:\windows\system32\xbhrnhvl.exe
    C:\windows\system32\xbhrnhvl.exe Has been deleted!

    Attempting to delete C:\windows\system32\xcsikqmy.dll
    C:\windows\system32\xcsikqmy.dll Has been deleted!

    Attempting to delete C:\windows\system32\xggthjhi.exe
    C:\windows\system32\xggthjhi.exe Has been deleted!

    Attempting to delete C:\windows\system32\xgjvwupk.exe
    C:\windows\system32\xgjvwupk.exe Has been deleted!

    Attempting to delete C:\windows\system32\xgwqljdv.ini
    C:\windows\system32\xgwqljdv.ini Has been deleted!

    Attempting to delete C:\WINDOWS\system32\xgyhqnmn.dll
    C:\WINDOWS\system32\xgyhqnmn.dll Has been deleted!

    Attempting to delete C:\windows\system32\xiepknax.exe
    C:\windows\system32\xiepknax.exe Has been deleted!

    Attempting to delete C:\windows\system32\xjfjpyhl.dll
    C:\windows\system32\xjfjpyhl.dll Has been deleted!

    Attempting to delete C:\windows\system32\xjyiohgi.exe
    C:\windows\system32\xjyiohgi.exe Has been deleted!

    Attempting to delete C:\windows\system32\xloddpki.exe
    C:\windows\system32\xloddpki.exe Has been deleted!

    Attempting to delete C:\windows\system32\xmmowsjd.exe
    C:\windows\system32\xmmowsjd.exe Has been deleted!

    Attempting to delete C:\windows\system32\xnkgnjrf.exe
    C:\windows\system32\xnkgnjrf.exe Has been deleted!

    Attempting to delete C:\windows\system32\xpdvcjaj.dll
    C:\windows\system32\xpdvcjaj.dll Has been deleted!

    Attempting to delete C:\windows\system32\xqdkjscc.ini
    C:\windows\system32\xqdkjscc.ini Has been deleted!

    Attempting to delete C:\windows\system32\xxydgqmu.exe
    C:\windows\system32\xxydgqmu.exe Has been deleted!

    Attempting to delete C:\windows\system32\yaplpwnl.ini
    C:\windows\system32\yaplpwnl.ini Has been deleted!

    Attempting to delete C:\windows\system32\ydopsbgw.dll
    C:\windows\system32\ydopsbgw.dll Has been deleted!

    Attempting to delete C:\windows\system32\yepniiaa.exe
    C:\windows\system32\yepniiaa.exe Has been deleted!

    Attempting to delete C:\windows\system32\yfaalqqv.exe
    C:\windows\system32\yfaalqqv.exe Has been deleted!

    Attempting to delete C:\windows\system32\ygaduxil.dll
    C:\windows\system32\ygaduxil.dll Has been deleted!

    Attempting to delete C:\windows\system32\ygqklkme.dll
    C:\windows\system32\ygqklkme.dll Has been deleted!

    Attempting to delete C:\windows\system32\ykfcblgx.dll
    C:\windows\system32\ykfcblgx.dll Has been deleted!

    Attempting to delete C:\windows\system32\ylmqugep.exe
    C:\windows\system32\ylmqugep.exe Has been deleted!

    Attempting to delete C:\windows\system32\ymihokfn.exe
    C:\windows\system32\ymihokfn.exe Has been deleted!

    Attempting to delete C:\windows\system32\ymqkiscx.ini
    C:\windows\system32\ymqkiscx.ini Has been deleted!

    Attempting to delete C:\windows\system32\yoadeaby.exe
    C:\windows\system32\yoadeaby.exe Has been deleted!

    Attempting to delete C:\windows\system32\yrgmktqt.dll
    C:\windows\system32\yrgmktqt.dll Has been deleted!

    Attempting to delete C:\windows\system32\yrysongk.exe
    C:\windows\system32\yrysongk.exe Has been deleted!

    Attempting to delete C:\windows\system32\ysaobhrx.exe
    C:\windows\system32\ysaobhrx.exe Has been deleted!

    Attempting to delete C:\windows\system32\ywfgaqwn.exe
    C:\windows\system32\ywfgaqwn.exe Has been deleted!

    Attempting to delete C:\windows\system32\yyyhcfal.dll
    C:\windows\system32\yyyhcfal.dll Has been deleted!

    Performing Repairs to the registry.
    Done!


    je vais faire deux message sinon ...
    11 Septembre 2007 18:37:59

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:36:57, on 11/09/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
    C:\WINDOWS\system32\CTsvcCDA.EXE
    C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
    C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE
    C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe
    C:\Program Files\Pack Securite\Common\FSMA32.EXE
    C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe
    C:\Program Files\Pack Securite\Common\FSMB32.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Pack Securite\Common\FCH32.EXE
    C:\Program Files\Pack Securite\Common\FAMEH32.EXE
    C:\Program Files\Pack Securite\Anti-Virus\fsrw.exe
    C:\Program Files\Pack Securite\FSPC\fspc.exe
    C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
    C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\windows\system\hpsysdrv.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Pack Securite\Common\FSM32.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\PACKSE~1\ANTI-S~1\fsaw.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\ALCXMNTR.EXE
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\Program Files\Pack Securite\FSGUI\fsguidll.exe
    C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
    C:\WINDOWS\system32\LVComS.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\PROGRA~1\MI3AA1~1\rapimgr.exe
    C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe
    C:\Program Files\Photo Manager\Monitor.exe
    C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\aMSN\bin\wish.exe
    C:\Documents and Settings\HP_Propriétaire\Bureau\HiJackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.simagri.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: (no name) - {03253F08-A2C1-449F-9DD1-7E17E58BB22f} - C:\WINDOWS\system32\huxysbhb.dll (file missing)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {28C88D5B-58B5-4E64-B7FA-0F34BA0B6DFA} - C:\WINDOWS\system32\jkkjg.dll (file missing)
    O2 - BHO: (no name) - {39EBDB86-A370-4377-B38B-B14B5E6CEE78} - C:\WINDOWS\system32\ddaba.dll (file missing)
    O2 - BHO: (no name) - {5A86E3CE-07AA-4591-A5E9-15F12F4BA879} - C:\WINDOWS\system32\huxysbhb.dll (file missing)
    O2 - BHO: (no name) - {6B220A79-E786-4A4D-B9BE-26C99F90A9B5} - C:\WINDOWS\system32\huxysbhb.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: (no name) - {894F6D13-E904-45B0-B6C9-603A739D63D4} - C:\WINDOWS\system32\huxysbhb.dll (file missing)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: (no name) - {92F1CA4D-F7AB-4A76-98F5-05A6588FA427} - C:\WINDOWS\system32\huxysbhb.dll (file missing)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: (no name) - {E5E1B05C-EF37-4CE5-9F65-0A95FF5ED31B} - C:\WINDOWS\system32\ieencpde.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
    O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Securite\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [wgdnhx] c:\windows\system32\wgdnhx.exe wgdnhx
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
    O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Pack Securite.lnk = C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe
    O4 - Global Startup: Photo Manager Monitor.lnk = ?
    O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\Pack Securite\Anti-Spyware\blockpopups.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
    O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
    O9 - Extra 'Tools' menuitem: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
    O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/virtools.downloa...
    O20 - Winlogon Notify: ddaba - C:\WINDOWS\system32\ddaba.dll (file missing)
    O20 - Winlogon Notify: nnnmjge - nnnmjge.dll (file missing)
    O23 - Service: Pack Securite (BackWeb Plug-in - 361343) - BackWeb Technologies Inc. - C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
    O23 - Service: dns cache reader (DNSCacheReader) - Unknown owner - C:\WINDOWS\system32\j8261532.exe (file missing)
    O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\nfamrlpb.exe (file missing)
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program Files\Pack Securite\FSPC\fshttps\fshttps.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O24 - Desktop Component 0: (no name) - http://idata.over-blog.com/0/00/32/63/fevrier/tres/sama...
    O24 - Desktop Component 1: (no name) - http://nn99.free.fr/miniZ/nsx14.jpg
    O24 - Desktop Component 2: (no name) - http://www.simagri.com/images/map/fond.gif

    --
    End of file - 13203 bytes
    a b 8 Sécurité
    11 Septembre 2007 18:41:33

    Il a fait un bon ménage.

  • Télécharge combofix.exe (par sUBs) sur ton Bureau.
  • Double clique combofix.exe.
  • Tape sur la touche 1 (Yes) pour démarrer le scan.
  • Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

    NOTE : Le rapport se trouve également ici : C:\Combofix.txt
    11 Septembre 2007 18:45:27

    aucune perde de systéme car j'ai vu restauration du systéme ???
    a b 8 Sécurité
    11 Septembre 2007 18:48:21

    Non. Il fait une sauvegarde.
    11 Septembre 2007 19:11:32

    ComboFix 07-09-10.6 - "HP_Propri‚taire" 2007-09-11 18:49:24.2 - NTFSx86
    Microsoft Windows XP dition familiale 5.1.2600.2.1252.1.1036.18.100 [GMT 2:00]
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\DOCUME~1\CHRIST~1\APPLIC~1\macromedia\Flash Player\#SharedObjects\X9SCZ9S9\www.broadcaster.com
    C:\DOCUME~1\CHRIST~1\APPLIC~1\macromedia\Flash Player\#SharedObjects\X9SCZ9S9\www.broadcaster.com\played_list.sol
    C:\DOCUME~1\CHRIST~1\APPLIC~1\macromedia\Flash Player\#SharedObjects\X9SCZ9S9\www.broadcaster.com\video_queue.sol
    C:\DOCUME~1\CHRIST~1\APPLIC~1\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
    C:\DOCUME~1\CHRIST~1\APPLIC~1\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
    C:\DOCUME~1\Eric\APPLIC~1\macromedia\Flash Player\#SharedObjects\BZVJT2VM\www.broadcaster.com
    C:\DOCUME~1\Eric\APPLIC~1\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
    C:\DOCUME~1\Eric\APPLIC~1\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
    C:\DOCUME~1\Julie\APPLIC~1\macromedia\Flash Player\#SharedObjects\2CEWS3KP\www.broadcaster.com
    C:\DOCUME~1\Julie\APPLIC~1\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
    C:\DOCUME~1\Julie\APPLIC~1\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
    C:\DOCUME~1\Julie\APPLIC~1\MessengerSkinner
    C:\DOCUME~1\Julie\APPLIC~1\MessengerSkinner\Userdata\defaultPack.cab
    C:\DOCUME~1\Julie\APPLIC~1\MessengerSkinner\Userdata\languages.xml
    C:\DOCUME~1\Julie\APPLIC~1\MessengerSkinner\Userdata\languages_v2.xml
    C:\Program Files\messengerskinner
    C:\Program Files\messengerskinner\download\defaultPack.cab
    C:\Program Files\messengerskinner\MessengerSkinner.exe
    C:\Program Files\messengerskinner\MessengerSkinner.url
    C:\Program Files\messengerskinner\MessengerSkinnerDll.dll
    C:\Program Files\messengerskinner\resources\appconfig.xml
    C:\Program Files\messengerskinner\resources\btn.rgn
    C:\Program Files\messengerskinner\resources\btnBnr.rgn
    C:\Program Files\messengerskinner\resources\btnIn.rgn
    C:\Program Files\messengerskinner\resources\btnInNormal.bmp
    C:\Program Files\messengerskinner\resources\btnInOver.bmp
    C:\Program Files\messengerskinner\resources\btnNormal.bmp
    C:\Program Files\messengerskinner\resources\btnNormal.gif
    C:\Program Files\messengerskinner\resources\btnNormalBnr.bmp
    C:\Program Files\messengerskinner\resources\btnNormalBnr.gif
    C:\Program Files\messengerskinner\resources\btnOver.bmp
    C:\Program Files\messengerskinner\resources\btnOver.gif
    C:\Program Files\messengerskinner\resources\btnOverBnr.bmp
    C:\Program Files\messengerskinner\resources\btnOverBnr.gif
    C:\Program Files\messengerskinner\resources\languages.xml
    C:\Program Files\messengerskinner\resources\languages_v2.xml
    C:\Program Files\messengerskinner\uninst.exe
    C:\WINDOWS\cookies.ini
    C:\WINDOWS\pack.epk
    C:\WINDOWS\system32\fkzndthv.dat
    C:\WINDOWS\system32\fkzndthv.exe
    C:\WINDOWS\system32\fkzndthv_nav.dat
    C:\WINDOWS\system32\fkzndthv_navps.dat
    C:\WINDOWS\system32\jehhieci.dll
    C:\WINDOWS\system32\nvs2.inf
    C:\WINDOWS\system32\oemobqvn.dll
    C:\WINDOWS\system32\tfvnumom.dll
    C:\WINDOWS\system32\wgdnhx.dat
    C:\WINDOWS\system32\wgdnhx.exe
    C:\WINDOWS\system32\wgdnhx_nav.dat
    C:\WINDOWS\system32\wgdnhx_navps.dat
    D:\Autorun.inf


    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


    -------\LEGACY_DNSCACHEREADER
    -------\LEGACY_DOMAINSERVICE
    -------\DNSCacheReader
    -------\DomainService


    ((((((((((((((((((((((((((((( Fichiers créés 2007-08-11 to 2007-09-11 ))))))))))))))))))))))))))))))))))))
    .

    2007-09-11 18:43 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2007-09-11 18:16 <REP> d-------- C:\VundoFix Backups
    2007-09-10 18:59 53,248 --a------ C:\WINDOWS\system32\Process.exe
    2007-09-09 18:27 <REP> d-------- C:\Program Files\Navilog1
    2007-09-09 16:43 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
    2007-09-09 08:35 <REP> d-------- C:\DOCUME~1\Eric\APPLIC~1\Real
    2007-09-08 12:53 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
    2007-09-08 12:51 <REP> d-------- C:\Program Files\Fichiers communs\Real
    2007-09-08 12:21 <REP> d-------- C:\Program Files\aMSN
    2007-09-07 19:24 <REP> d-------- C:\Program Files\Ma‹do Production
    2007-09-07 19:06 <REP> d-------- C:\Program Files\Antipub
    2007-09-04 13:34 <REP> d-------- C:\visioowriter
    2007-09-01 11:56 <REP> d-------- C:\Program Files\Vstep
    2007-08-28 09:43 304,161 --------- C:\WINDOWS\system32\vtnkoljq.exe
    2007-08-23 19:51 45 ---h----- C:\WINDOWS\dhp_2726.dat
    2007-08-23 18:20 438,151 --a------ C:\WINDOWS\Revolution Script CZ Uninstaller.exe
    2007-08-16 18:44 <REP> d--h----- C:\WINDOWS\PIF
    2007-08-16 18:43 <REP> d-------- C:\Program Files\ma-config.com
    2007-08-15 21:51 <REP> d-------- C:\DOCUME~1\CHRIST~1\APPLIC~1\teamspeak2

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-09-11 17:48 --------- d-------- C:\Program Files\eMule
    2007-09-09 18:25 --------- d-------- C:\Program Files\EA Games
    2007-09-08 12:51 --------- d-------- C:\Program Files\real
    2007-09-07 18:49 --------- d-------- C:\Program Files\MSN Messenger
    2007-09-02 11:17 --------- d-------- C:\DOCUME~1\Julie\APPLIC~1\MSN Pictures Displayer
    2007-09-01 17:35 --------- d-------- C:\Program Files\Xolox
    2007-08-31 11:19 --------- d-------- C:\Program Files\Xfire
    2007-08-23 19:51 --------- d-------- C:\Program Files\PhotoFiltre Studio
    2007-08-06 09:39 --------- d-------- C:\Program Files\Teamspeak2_RC2
    2007-07-28 19:48 --------- d-------- C:\Program Files\TrackMania Nations ESWC
    2007-07-24 17:52 --------- d-------- C:\Program Files\HardwareDetection
    2007-07-17 12:55 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\VUG
    2007-07-17 12:52 --------- d--h----- C:\Program Files\InstallShield Installation Information
    2007-07-17 12:50 --------- d-------- C:\Program Files\Fichiers communs\Vivendi Universal
    2007-07-11 17:29 --------- d-------- C:\Program Files\Microsoft Games
    2007-06-13 15:22 1037312 --a------ C:\WINDOWS\explorer.exe
    2005-05-12 07:36 12288 --a------ C:\WINDOWS\Fonts\RandFont.dll
    --------- C:\Program Files\Maïdo Production
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{03253F08-A2C1-449F-9DD1-7E17E58BB22f}]
    C:\WINDOWS\system32\huxysbhb.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{28C88D5B-58B5-4E64-B7FA-0F34BA0B6DFA}]
    C:\WINDOWS\system32\jkkjg.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{39EBDB86-A370-4377-B38B-B14B5E6CEE78}]
    C:\WINDOWS\system32\ddaba.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5A86E3CE-07AA-4591-A5E9-15F12F4BA879}]
    C:\WINDOWS\system32\huxysbhb.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6B220A79-E786-4A4D-B9BE-26C99F90A9B5}]
    C:\WINDOWS\system32\huxysbhb.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{894F6D13-E904-45B0-B6C9-603A739D63D4}]
    C:\WINDOWS\system32\huxysbhb.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{92F1CA4D-F7AB-4A76-98F5-05A6588FA427}]
    C:\WINDOWS\system32\huxysbhb.dll

    [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E5E1B05C-EF37-4CE5-9F65-0A95FF5ED31B}]
    2007-07-19 20:58 19023 --a------ C:\WINDOWS\system32\ieencpde.dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" [2006-11-09 16:07]
    "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 18:04]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-08-02 17:30]
    "nwiz"="nwiz.exe" [2005-08-02 17:30 C:\WINDOWS\system32\nwiz.exe]
    "HPHUPD08"="c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 08:35]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2005-05-05 01:21]
    "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 22:43]
    "PCDrProfiler"="" []
    "Reminder"="C:\Windows\Creator\Remind_XP.exe" [2004-12-14 02:23]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPwuSchd2.exe" [2005-05-12 07:12]
    "F-Secure Manager"="C:\Program Files\Pack Securite\Common\FSM32.exe" [2005-05-09 09:05]
    "F-Secure TNB"="C:\Program Files\Pack Securite\TNB\TNBUtil.exe" [2005-06-02 15:05]
    "F-Secure Startup Wizard"="C:\Program Files\Pack Securite\FSGUI\FSSW.exe" [2005-09-05 15:00]
    "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-02-12 16:57]
    "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-02-12 16:59]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-01-03 01:12]
    "KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 17:44]
    "AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 22:47 C:\WINDOWS\ALCXMNTR.EXE]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-08 12:51]
    "ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-28 00:50]
    "ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-28 00:50]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Shareaza"="C:\Program Files\Shareaza\Shareaza.exe" [2007-02-05 04:05]
    "Creative Detector"="C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 19:23]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 20:00]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-06 19:41]
    "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55]
    "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-06-26 21:45]
    "Steam"="c:\program files\valve\steam\steam.exe" [2007-06-28 10:02]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ddaba]
    C:\WINDOWS\system32\ddaba.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\nnnmjge]
    nnnmjge.dll

    R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys
    R2 BackWeb Plug-in - 361343;Pack Securite;C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
    R2 F-Secure Filter;F-Secure File System Filter;\??\C:\Program Files\Pack Securite\Anti-Virus\Win2K\FSfilter.sys
    R2 F-Secure Gatekeeper;F-Secure Gatekeeper;\??\C:\Program Files\Pack Securite\Anti-Virus\Win2K\FSgk.sys
    R2 F-Secure Recognizer;F-Secure File System Recognizer;\??\C:\Program Files\Pack Securite\Anti-Virus\Win2K\FSrec.sys
    R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys
    R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe"
    S3 driverhardwarev2;driverhardwarev2;\??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2007-09-10 18:00:00 C:\WINDOWS\Tasks\HPpromotions journeysoftware.job"
    "2007-09-11 15:04:44 C:\WINDOWS\Tasks\Scheduled scanning task.job"
    "2005-01-02 23:28:53 C:\WINDOWS\Tasks\Symantec NetDetect.job"
    - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
    .
    **************************************************************************

    catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-09-11 18:59:03
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    **************************************************************************
    .
    Completion time: 2007-09-11 19:03:17 - machine was rebooted
    C:\ComboFix-quarantined-files.txt ... 2007-09-11 19:02
    .
    --- E O F ---
    a b 8 Sécurité
    11 Septembre 2007 19:16:56

    Re,

    Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :

    File::
    C:\WINDOWS\system32\huxysbhb.dll
    C:\WINDOWS\system32\jkkjg.dll
    C:\WINDOWS\system32\ddaba.dll
    C:\WINDOWS\system32\huxysbhb.dll
    C:\WINDOWS\system32\huxysbhb.dll
    C:\WINDOWS\system32\huxysbhb.dll
    C:\WINDOWS\system32\huxysbhb.dll
    C:\WINDOWS\system32\ddaba.dll
    C:\WINDOWS\system32\vtnkoljq.exe

    Registry::
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{03253F08-A2C1-449F-9DD1-7E17E58BB22f}]
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{28C88D5B-58B5-4E64-B7FA-0F34BA0B6DFA}]
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{39EBDB86-A370-4377-B38B-B14B5E6CEE78}]
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5A86E3CE-07AA-4591-A5E9-15F12F4BA879}]
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{894F6D13-E904-45B0-B6C9-603A739D63D4}]
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{6B220A79-E786-4A4D-B9BE-26C99F90A9B5}]
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{92F1CA4D-F7AB-4A76-98F5-05A6588FA427}]
    [-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E5E1B05C-EF37-4CE5-9F65-0A95FF5ED31B}]
    [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ddaba]
    [-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\nnnmjge]


    Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
    Sauvegarde ce fichier sous le nom de CFScript.txt.

    Glisse maintenant le fichier ComboFix-Do.txt dans Combofix.exe comme ci-dessous :


    Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
    [#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
    11 Septembre 2007 19:50:11

    ComboFix 07-09-10.6 - "HP_Propri‚taire" 2007-09-11 19:26:52.3 - NTFSx86
    Microsoft Windows XP dition familiale 5.1.2600.2.1252.1.1036.18.157 [GMT 2:00]
    Command switches used :: C:\Documents and Settings\HP_Propri‚taire\Bureau\CFScript.txt
    * Created a new restore point

    FILE::
    C:\WINDOWS\system32\huxysbhb.dll
    .

    ((((((((((((((((((((((((((((( Fichiers créés 2007-08-11 to 2007-09-11 ))))))))))))))))))))))))))))))))))))
    .

    2007-09-11 18:43 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2007-09-11 18:16 <REP> d-------- C:\VundoFix Backups
    2007-09-10 18:59 53,248 --a------ C:\WINDOWS\system32\Process.exe
    2007-09-09 18:27 <REP> d-------- C:\Program Files\Navilog1
    2007-09-09 16:43 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
    2007-09-09 08:35 <REP> d-------- C:\DOCUME~1\Eric\APPLIC~1\Real
    2007-09-08 12:53 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
    2007-09-08 12:51 <REP> d-------- C:\Program Files\Fichiers communs\Real
    2007-09-08 12:21 <REP> d-------- C:\Program Files\aMSN
    2007-09-07 19:24 <REP> d-------- C:\Program Files\Ma‹do Production
    2007-09-07 19:06 <REP> d-------- C:\Program Files\Antipub
    2007-09-04 13:34 <REP> d-------- C:\visioowriter
    2007-09-01 11:56 <REP> d-------- C:\Program Files\Vstep
    2007-08-28 09:43 304,161 --------- C:\WINDOWS\system32\vtnkoljq.exe
    2007-08-23 19:51 45 ---h----- C:\WINDOWS\dhp_2726.dat
    2007-08-23 18:20 438,151 --a------ C:\WINDOWS\Revolution Script CZ Uninstaller.exe
    2007-08-16 18:44 <REP> d--h----- C:\WINDOWS\PIF
    2007-08-16 18:43 <REP> d-------- C:\Program Files\ma-config.com
    2007-08-15 21:51 <REP> d-------- C:\DOCUME~1\CHRIST~1\APPLIC~1\teamspeak2

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-09-11 17:48 --------- d-------- C:\Program Files\eMule
    2007-09-09 18:25 --------- d-------- C:\Program Files\EA Games
    2007-09-08 12:51 --------- d-------- C:\Program Files\real
    2007-09-07 18:49 --------- d-------- C:\Program Files\MSN Messenger
    2007-09-02 11:17 --------- d-------- C:\DOCUME~1\Julie\APPLIC~1\MSN Pictures Displayer
    2007-09-01 17:35 --------- d-------- C:\Program Files\Xolox
    2007-08-31 11:19 --------- d-------- C:\Program Files\Xfire
    2007-08-23 19:51 --------- d-------- C:\Program Files\PhotoFiltre Studio
    2007-08-06 09:39 --------- d-------- C:\Program Files\Teamspeak2_RC2
    2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\dllcache\cdm.dll
    2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
    2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
    2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\dllcache\wuapi.dll
    2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
    2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\dllcache\wuauclt.exe
    2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
    2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
    2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\dllcache\wucltui.dll
    2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
    2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\dllcache\wuweb.dll
    2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
    2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\dllcache\wuaueng.dll
    2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll
    2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\dllcache\wups.dll
    2007-07-28 19:48 --------- d-------- C:\Program Files\TrackMania Nations ESWC
    2007-07-27 20:30 377876 --a------ C:\WINDOWS\system32\eewlhsbe.dll
    2007-07-24 17:52 --------- d-------- C:\Program Files\HardwareDetection
    2007-07-23 12:51 350241 --a------ C:\WINDOWS\system32\drlhfeoe.exe
    2007-07-21 10:23 350241 --a------ C:\WINDOWS\system32\ibataddr.exe
    2007-07-20 10:23 350241 --a------ C:\WINDOWS\system32\jbhxpiwp.exe
    2007-07-19 20:58 19023 --a------ C:\WINDOWS\system32\ieencpde.dll
    2007-07-19 10:20 350241 --a------ C:\WINDOWS\system32\uxwulldi.exe
    2007-07-19 08:58 3583488 --a------ C:\WINDOWS\system32\dllcache\mshtml.dll
    2007-07-18 10:21 350241 --a------ C:\WINDOWS\system32\kcgatnag.exe
    2007-07-17 12:55 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\VUG
    2007-07-17 12:52 --------- d--h----- C:\Program Files\InstallShield Installation Information
    2007-07-17 12:50 --------- d-------- C:\Program Files\Fichiers communs\Vivendi Universal
    2007-07-15 09:53 350241 --------- C:\WINDOWS\system32\ocimylqe.exe
    2007-07-15 09:47 350241 --------- C:\WINDOWS\system32\oqworagp.exe
    2007-07-14 12:53 350241 --------- C:\WINDOWS\system32\wovgqolq.exe
    2007-07-13 08:29 350241 --------- C:\WINDOWS\system32\hoxfdepy.exe
    2007-07-13 01:30 765952 --a------ C:\WINDOWS\system32\dllcache\vgx.dll
    2007-07-12 17:34 350241 --------- C:\WINDOWS\system32\cnpbvybe.exe
    2007-07-12 16:20 350241 --------- C:\WINDOWS\system32\rwsdjelh.exe
    2007-07-11 18:26 350241 --------- C:\WINDOWS\system32\oxtrhprj.exe
    2007-07-11 17:29 --------- d-------- C:\Program Files\Microsoft Games
    2007-07-10 17:21 350241 --------- C:\WINDOWS\system32\symjvaqx.exe
    2007-06-29 11:59 318976 --a------ C:\WINDOWS\system32\dllcache\unregmp2.exe
    2007-06-27 15:24 823808 --a------ C:\WINDOWS\system32\dllcache\wininet.dll
    2007-06-27 15:24 671232 --a------ C:\WINDOWS\system32\dllcache\mstime.dll
    2007-06-27 15:24 477696 --a------ C:\WINDOWS\system32\dllcache\mshtmled.dll
    2007-06-27 15:24 232960 --a------ C:\WINDOWS\system32\dllcache\webcheck.dll
    2007-06-27 15:24 193024 --a------ C:\WINDOWS\system32\dllcache\msrating.dll
    2007-06-27 15:24 1152000 --a------ C:\WINDOWS\system32\dllcache\urlmon.dll
    2007-06-27 15:24 105984 --a------ C:\WINDOWS\system32\dllcache\url.dll
    2007-06-27 15:24 102400 --a------ C:\WINDOWS\system32\dllcache\occache.dll
    2007-06-27 15:23 6058496 --------- C:\WINDOWS\system32\dllcache\ieframe.dll
    2007-06-27 15:23 52224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    2007-06-27 15:23 459264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll
    2007-06-27 15:23 44544 --a------ C:\WINDOWS\system32\dllcache\iernonce.dll
    2007-06-27 15:23 27648 --a------ C:\WINDOWS\system32\dllcache\jsproxy.dll
    2007-06-27 15:23 267776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll
    2007-06-27 15:22 384512 --a------ C:\WINDOWS\system32\dllcache\iedkcs32.dll
    2007-06-27 15:22 383488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll
    2007-06-27 15:22 230400 --a------ C:\WINDOWS\system32\dllcache\ieaksie.dll
    2007-06-27 15:22 153088 --a------ C:\WINDOWS\system32\dllcache\ieakeng.dll
    2007-06-27 15:22 132608 --a------ C:\WINDOWS\system32\dllcache\extmgr.dll
    2007-06-27 15:22 124928 --a------ C:\WINDOWS\system32\dllcache\advpack.dll
    2007-06-27 10:28 625152 --a------ C:\WINDOWS\system32\dllcache\iexplore.exe
    2007-06-27 10:27 63488 --a------ C:\WINDOWS\system32\dllcache\ie4uinit.exe
    2007-06-27 10:27 13824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe
    2007-06-27 09:00 161792 --a------ C:\WINDOWS\system32\dllcache\ieakui.dll
    2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
    2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\dllcache\msxml3.dll
    2007-06-19 15:32 282112 --a------ C:\WINDOWS\system32\gdi32.dll
    2007-06-19 15:32 282112 --a------ C:\WINDOWS\system32\dllcache\gdi32.dll
    2007-06-13 15:22 1037312 --a------ C:\WINDOWS\system32\dllcache\explorer.exe
    2007-06-13 15:22 1037312 --a------ C:\WINDOWS\explorer.exe
    2007-06-11 23:51 10834944 --a------ C:\WINDOWS\system32\dllcache\wmp.dll
    2005-05-12 07:36 12288 --a------ C:\WINDOWS\Fonts\RandFont.dll
    --------- C:\Program Files\Maïdo Production
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" [2006-11-09 16:07]
    "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 18:04]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-08-02 17:30]
    "nwiz"="nwiz.exe" [2005-08-02 17:30 C:\WINDOWS\system32\nwiz.exe]
    "HPHUPD08"="c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 08:35]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2005-05-05 01:21]
    "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 22:43]
    "PCDrProfiler"="" []
    "Reminder"="C:\Windows\Creator\Remind_XP.exe" [2004-12-14 02:23]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPwuSchd2.exe" [2005-05-12 07:12]
    "F-Secure Manager"="C:\Program Files\Pack Securite\Common\FSM32.exe" [2005-05-09 09:05]
    "F-Secure TNB"="C:\Program Files\Pack Securite\TNB\TNBUtil.exe" [2005-06-02 15:05]
    "F-Secure Startup Wizard"="C:\Program Files\Pack Securite\FSGUI\FSSW.exe" [2005-09-05 15:00]
    "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-02-12 16:57]
    "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-02-12 16:59]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-01-03 01:12]
    "KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 17:44]
    "AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 22:47 C:\WINDOWS\ALCXMNTR.EXE]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-08 12:51]
    "ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-28 00:50]
    "ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-28 00:50]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Shareaza"="C:\Program Files\Shareaza\Shareaza.exe" [2007-02-05 04:05]
    "Creative Detector"="C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 19:23]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 20:00]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-06 19:41]
    "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55]
    "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-06-26 21:45]
    "Steam"="c:\program files\valve\steam\steam.exe" [2007-06-28 10:02]

    R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys
    R2 BackWeb Plug-in - 361343;Pack Securite;C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
    R2 F-Secure Filter;F-Secure File System Filter;\??\C:\Program Files\Pack Securite\Anti-Virus\Win2K\FSfilter.sys
    R2 F-Secure Gatekeeper;F-Secure Gatekeeper;\??\C:\Program Files\Pack Securite\Anti-Virus\Win2K\FSgk.sys
    R2 F-Secure Recognizer;F-Secure File System Recognizer;\??\C:\Program Files\Pack Securite\Anti-Virus\Win2K\FSrec.sys
    R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys
    R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe"
    S3 driverhardwarev2;driverhardwarev2;\??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2007-09-10 18:00:00 C:\WINDOWS\Tasks\HPpromotions journeysoftware.job"
    "2007-09-11 15:04:44 C:\WINDOWS\Tasks\Scheduled scanning task.job"
    "2005-01-02 23:28:53 C:\WINDOWS\Tasks\Symantec NetDetect.job"
    - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
    .
    **************************************************************************

    catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-09-11 19:29:57
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-09-11 19:30:40
    C:\ComboFix-quarantined-files.txt ... 2007-09-11 19:30
    C:\ComboFix2.txt ... 2007-09-11 19:03
    .
    --- E O F ---
    11 Septembre 2007 19:50:43

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:50:36, on 11/09/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
    C:\WINDOWS\system32\CTsvcCDA.EXE
    C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
    C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe
    C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE
    C:\Program Files\Pack Securite\Common\FSMA32.EXE
    C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe
    C:\Program Files\Pack Securite\Common\FSMB32.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Pack Securite\Common\FCH32.EXE
    C:\Program Files\Pack Securite\Common\FAMEH32.EXE
    C:\Program Files\Pack Securite\Anti-Virus\fsrw.exe
    C:\Program Files\Pack Securite\FSPC\fspc.exe
    C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe
    C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\windows\system\hpsysdrv.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    C:\Program Files\Pack Securite\Common\FSM32.EXE
    C:\PROGRA~1\PACKSE~1\ANTI-S~1\fsaw.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\Pack Securite\FSGUI\fsguidll.exe
    C:\WINDOWS\ALCXMNTR.EXE
    C:\WINDOWS\system32\LVComS.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe
    C:\Program Files\Photo Manager\Monitor.exe
    C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
    C:\PROGRA~1\MI3AA1~1\rapimgr.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\HP_Propriétaire\Bureau\HiJackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.simagri.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
    O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Securite\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
    O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Pack Securite.lnk = C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe
    O4 - Global Startup: Photo Manager Monitor.lnk = ?
    O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\Pack Securite\Anti-Spyware\blockpopups.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
    O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
    O9 - Extra 'Tools' menuitem: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
    O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/virtools.downloa...
    O23 - Service: Pack Securite (BackWeb Plug-in - 361343) - BackWeb Technologies Inc. - C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program Files\Pack Securite\FSPC\fshttps\fshttps.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O24 - Desktop Component 0: (no name) - http://idata.over-blog.com/0/00/32/63/fevrier/tres/sama...
    O24 - Desktop Component 1: (no name) - http://nn99.free.fr/miniZ/nsx14.jpg
    O24 - Desktop Component 2: (no name) - http://www.simagri.com/images/map/fond.gif

    --
    End of file - 11836 bytes
    a b 8 Sécurité
    11 Septembre 2007 19:54:27

    Refais un scan Navilog1 option 1 stp.
    11 Septembre 2007 20:08:45

    Search Navipromo version 3.0.1 commencé le 11/09/2007 à 19:59:26,15

    !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
    !!! Poster ce rapport sur le forum pour le faire analyser !!!
    !!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!

    Fix lancé depuis C:\Program Files\navilog1
    Mise a jour le 08.09.2007 a 21h00 by IL-MAFIOSO


    Microsoft Windows XP [version 5.1.2600]
    Internet Explorer : 7.0.5730.11


    *** Recherche Programmes installes ***




    *** Recherche dossiers dans C:\WINDOWS ***



    *** Recherche dossiers dans C:\Program Files ***



    *** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***




    *** Recherche dossiers dans C:\Documents and Settings\HP_Propri‚taire\Application Data ***


    *** Recherche avec BlackLight Engine/F-secure ***
    BlackLight Engine est un produit de F-secure, pour + d'infos :
    http://www.f-secure.com/blacklight/blacklight_help.html


    F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR
    ======================================

    Copyright 2005-2006 F-Secure Corporation. All rights reserved.
    This is a beta version. It will expire on 1st of October, 2007.
    Version information: 2.2.1064.

    [+] Started on 09/11/07 at 19:59:27.
    [+] Initializing ...
    [+] Starting scan, press Ctrl-C to abort.
    [+] Scanning for hidden items .........................................................................................
    [+] Scan complete.
    [+] Summary: 0 hidden item(s) found, 0 scheduled for renaming.
    [+] Exited on 09/11/07 at 20:07:49 (return code = 0).


    *** Recherche avec GenericNaviSearch ***
    !!! Tous Ces résultats peuvent révéler des fichiers légitimes !!!
    !!! A verifier impérativement avant toute suppression manuelle !!!

    * Scan C:\WINDOWS\system32 *

    Fichiers trouvés :

    Aucun Fichier trouvé !

    Fichiers suspects :

    Aucun Fichier suspect trouvé !



    *** Recherche fichiers ***




    *** Recherche cles registre ***



    *** Module de Recherche complémentaire ***
    (Recherche fichiers spécifiques)

    1)Recherche fichiers connus:
    C:\WINDOWS\system32\abadd.ini2 trouvé ! infection Vundo possible non traité par cet outil !
    C:\WINDOWS\system32\abadd.bak2 trouvé ! infection Vundo possible non traité par cet outil !

    2)Recherche Heuristique :
    *
    C:\WINDOWS\system32\cnpbvybe.exe trouvé !
    C:\WINDOWS\system32\drlhfeoe.exe trouvé !
    C:\WINDOWS\system32\hoxfdepy.exe trouvé !
    C:\WINDOWS\system32\ibataddr.exe trouvé !
    C:\WINDOWS\system32\jbhxpiwp.exe trouvé !
    C:\WINDOWS\system32\kcgatnag.exe trouvé !
    C:\WINDOWS\system32\ocimylqe.exe trouvé !
    C:\WINDOWS\system32\oqworagp.exe trouvé !
    C:\WINDOWS\system32\oxtrhprj.exe trouvé !
    C:\WINDOWS\system32\rwsdjelh.exe trouvé !
    C:\WINDOWS\system32\symjvaqx.exe trouvé !
    C:\WINDOWS\system32\uxwulldi.exe trouvé !
    C:\WINDOWS\system32\vtnkoljq.exe trouvé !
    C:\WINDOWS\system32\wovgqolq.exe trouvé !





    3)Recherche Certificats :

    Certificat Egroup absent !


    *** Analyse Terminé le 11/09/2007 à 20:08:07,70 ***
    a b 8 Sécurité
    11 Septembre 2007 20:12:26

    Re,

    Utilise ce script :

    File::
    C:\WINDOWS\system32\cnpbvybe.exe
    C:\WINDOWS\system32\drlhfeoe.exe
    C:\WINDOWS\system32\hoxfdepy.exe
    C:\WINDOWS\system32\ibataddr.exe
    C:\WINDOWS\system32\jbhxpiwp.exe
    C:\WINDOWS\system32\kcgatnag.exe
    C:\WINDOWS\system32\ocimylqe.exe
    C:\WINDOWS\system32\oqworagp.exe
    C:\WINDOWS\system32\oxtrhprj.exe
    C:\WINDOWS\system32\rwsdjelh.exe
    C:\WINDOWS\system32\symjvaqx.exe
    C:\WINDOWS\system32\uxwulldi.exe
    C:\WINDOWS\system32\vtnkoljq.exe
    C:\WINDOWS\system32\wovgqolq.exe
    11 Septembre 2007 20:14:51

    je fait quoi avec ??? lol
    a b 8 Sécurité
    11 Septembre 2007 20:18:56

    Un script pour Combofix ;) 
    11 Septembre 2007 20:26:52

    ComboFix 07-09-10.6 - "HP_Propri‚taire" 2007-09-11 20:22:03.4 - NTFSx86
    Microsoft Windows XP dition familiale 5.1.2600.2.1252.1.1036.18.180 [GMT 2:00]
    Command switches used :: C:\Documents and Settings\HP_Propri‚taire\Bureau\CFScript.txt
    * Created a new restore point

    FILE::
    C:\WINDOWS\system32\cnpbvybe.exe
    C:\WINDOWS\system32\drlhfeoe.exe
    C:\WINDOWS\system32\hoxfdepy.exe
    C:\WINDOWS\system32\ibataddr.exe
    C:\WINDOWS\system32\jbhxpiwp.exe
    C:\WINDOWS\system32\kcgatnag.exe
    C:\WINDOWS\system32\ocimylqe.exe
    C:\WINDOWS\system32\oqworagp.exe
    C:\WINDOWS\system32\oxtrhprj.exe
    C:\WINDOWS\system32\rwsdjelh.exe
    C:\WINDOWS\system32\symjvaqx.exe
    C:\WINDOWS\system32\uxwulldi.exe
    C:\WINDOWS\system32\vtnkoljq.exe
    C:\WINDOWS\system32\wovgqolq.exe
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\WINDOWS\system32\cnpbvybe.exe
    C:\WINDOWS\system32\drlhfeoe.exe
    C:\WINDOWS\system32\hoxfdepy.exe
    C:\WINDOWS\system32\ibataddr.exe
    C:\WINDOWS\system32\jbhxpiwp.exe
    C:\WINDOWS\system32\kcgatnag.exe
    C:\WINDOWS\system32\ocimylqe.exe
    C:\WINDOWS\system32\oqworagp.exe
    C:\WINDOWS\system32\oxtrhprj.exe
    C:\WINDOWS\system32\rwsdjelh.exe
    C:\WINDOWS\system32\symjvaqx.exe
    C:\WINDOWS\system32\uxwulldi.exe
    C:\WINDOWS\system32\vtnkoljq.exe
    C:\WINDOWS\system32\wovgqolq.exe


    ((((((((((((((((((((((((((((( Fichiers créés 2007-08-11 to 2007-09-11 ))))))))))))))))))))))))))))))))))))
    .

    2007-09-11 18:43 51,200 --a------ C:\WINDOWS\NirCmd.exe
    2007-09-11 18:16 <REP> d-------- C:\VundoFix Backups
    2007-09-10 18:59 53,248 --a------ C:\WINDOWS\system32\Process.exe
    2007-09-09 18:27 <REP> d-------- C:\Program Files\Navilog1
    2007-09-09 16:43 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZip
    2007-09-09 08:35 <REP> d-------- C:\DOCUME~1\Eric\APPLIC~1\Real
    2007-09-08 12:53 <REP> d-------- C:\Program Files\Fichiers communs\xing shared
    2007-09-08 12:51 <REP> d-------- C:\Program Files\Fichiers communs\Real
    2007-09-08 12:21 <REP> d-------- C:\Program Files\aMSN
    2007-09-07 19:24 <REP> d-------- C:\Program Files\Ma‹do Production
    2007-09-07 19:06 <REP> d-------- C:\Program Files\Antipub
    2007-09-04 13:34 <REP> d-------- C:\visioowriter
    2007-09-01 11:56 <REP> d-------- C:\Program Files\Vstep
    2007-08-23 19:51 45 ---h----- C:\WINDOWS\dhp_2726.dat
    2007-08-23 18:20 438,151 --a------ C:\WINDOWS\Revolution Script CZ Uninstaller.exe
    2007-08-16 18:44 <REP> d--h----- C:\WINDOWS\PIF
    2007-08-16 18:43 <REP> d-------- C:\Program Files\ma-config.com
    2007-08-15 21:51 <REP> d-------- C:\DOCUME~1\CHRIST~1\APPLIC~1\teamspeak2

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2007-09-11 17:48 --------- d-------- C:\Program Files\eMule
    2007-09-09 18:25 --------- d-------- C:\Program Files\EA Games
    2007-09-08 12:51 --------- d-------- C:\Program Files\real
    2007-09-07 18:49 --------- d-------- C:\Program Files\MSN Messenger
    2007-09-02 11:17 --------- d-------- C:\DOCUME~1\Julie\APPLIC~1\MSN Pictures Displayer
    2007-09-01 17:35 --------- d-------- C:\Program Files\Xolox
    2007-08-31 11:19 --------- d-------- C:\Program Files\Xfire
    2007-08-23 19:51 --------- d-------- C:\Program Files\PhotoFiltre Studio
    2007-08-06 09:39 --------- d-------- C:\Program Files\Teamspeak2_RC2
    2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\dllcache\cdm.dll
    2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
    2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
    2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\dllcache\wuapi.dll
    2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
    2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\dllcache\wuauclt.exe
    2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
    2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
    2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\dllcache\wucltui.dll
    2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
    2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\dllcache\wuweb.dll
    2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
    2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\dllcache\wuaueng.dll
    2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll
    2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\dllcache\wups.dll
    2007-07-28 19:48 --------- d-------- C:\Program Files\TrackMania Nations ESWC
    2007-07-27 20:30 377876 --a------ C:\WINDOWS\system32\eewlhsbe.dll
    2007-07-24 17:52 --------- d-------- C:\Program Files\HardwareDetection
    2007-07-19 20:58 19023 --a------ C:\WINDOWS\system32\ieencpde.dll
    2007-07-19 08:58 3583488 --a------ C:\WINDOWS\system32\dllcache\mshtml.dll
    2007-07-17 12:55 --------- d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\VUG
    2007-07-17 12:52 --------- d--h----- C:\Program Files\InstallShield Installation Information
    2007-07-17 12:50 --------- d-------- C:\Program Files\Fichiers communs\Vivendi Universal
    2007-07-13 01:30 765952 --a------ C:\WINDOWS\system32\dllcache\vgx.dll
    2007-07-11 17:29 --------- d-------- C:\Program Files\Microsoft Games
    2007-06-29 11:59 318976 --a------ C:\WINDOWS\system32\dllcache\unregmp2.exe
    2007-06-27 15:24 823808 --a------ C:\WINDOWS\system32\dllcache\wininet.dll
    2007-06-27 15:24 671232 --a------ C:\WINDOWS\system32\dllcache\mstime.dll
    2007-06-27 15:24 477696 --a------ C:\WINDOWS\system32\dllcache\mshtmled.dll
    2007-06-27 15:24 232960 --a------ C:\WINDOWS\system32\dllcache\webcheck.dll
    2007-06-27 15:24 193024 --a------ C:\WINDOWS\system32\dllcache\msrating.dll
    2007-06-27 15:24 1152000 --a------ C:\WINDOWS\system32\dllcache\urlmon.dll
    2007-06-27 15:24 105984 --a------ C:\WINDOWS\system32\dllcache\url.dll
    2007-06-27 15:24 102400 --a------ C:\WINDOWS\system32\dllcache\occache.dll
    2007-06-27 15:23 6058496 --------- C:\WINDOWS\system32\dllcache\ieframe.dll
    2007-06-27 15:23 52224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
    2007-06-27 15:23 459264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll
    2007-06-27 15:23 44544 --a------ C:\WINDOWS\system32\dllcache\iernonce.dll
    2007-06-27 15:23 27648 --a------ C:\WINDOWS\system32\dllcache\jsproxy.dll
    2007-06-27 15:23 267776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll
    2007-06-27 15:22 384512 --a------ C:\WINDOWS\system32\dllcache\iedkcs32.dll
    2007-06-27 15:22 383488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll
    2007-06-27 15:22 230400 --a------ C:\WINDOWS\system32\dllcache\ieaksie.dll
    2007-06-27 15:22 153088 --a------ C:\WINDOWS\system32\dllcache\ieakeng.dll
    2007-06-27 15:22 132608 --a------ C:\WINDOWS\system32\dllcache\extmgr.dll
    2007-06-27 15:22 124928 --a------ C:\WINDOWS\system32\dllcache\advpack.dll
    2007-06-27 10:28 625152 --a------ C:\WINDOWS\system32\dllcache\iexplore.exe
    2007-06-27 10:27 63488 --a------ C:\WINDOWS\system32\dllcache\ie4uinit.exe
    2007-06-27 10:27 13824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe
    2007-06-27 09:00 161792 --a------ C:\WINDOWS\system32\dllcache\ieakui.dll
    2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
    2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\dllcache\msxml3.dll
    2007-06-19 15:32 282112 --a------ C:\WINDOWS\system32\gdi32.dll
    2007-06-19 15:32 282112 --a------ C:\WINDOWS\system32\dllcache\gdi32.dll
    2007-06-13 15:22 1037312 --a------ C:\WINDOWS\system32\dllcache\explorer.exe
    2007-06-13 15:22 1037312 --a------ C:\WINDOWS\explorer.exe
    2007-06-11 23:51 10834944 --a------ C:\WINDOWS\system32\dllcache\wmp.dll
    2005-05-12 07:36 12288 --a------ C:\WINDOWS\Fonts\RandFont.dll
    --------- C:\Program Files\Maïdo Production
    .

    ((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe" [2006-11-09 16:07]
    "hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 18:04]
    "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-08-02 17:30]
    "nwiz"="nwiz.exe" [2005-08-02 17:30 C:\WINDOWS\system32\nwiz.exe]
    "HPHUPD08"="c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 08:35]
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2005-05-05 01:21]
    "Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 22:43]
    "PCDrProfiler"="" []
    "Reminder"="C:\Windows\Creator\Remind_XP.exe" [2004-12-14 02:23]
    "HP Software Update"="C:\Program Files\HP\HP Software Update\HPwuSchd2.exe" [2005-05-12 07:12]
    "F-Secure Manager"="C:\Program Files\Pack Securite\Common\FSM32.exe" [2005-05-09 09:05]
    "F-Secure TNB"="C:\Program Files\Pack Securite\TNB\TNBUtil.exe" [2005-06-02 15:05]
    "F-Secure Startup Wizard"="C:\Program Files\Pack Securite\FSGUI\FSSW.exe" [2005-09-05 15:00]
    "LogitechVideoRepair"="C:\Program Files\Logitech\Video\ISStart.exe" [2004-02-12 16:57]
    "LogitechVideoTray"="C:\Program Files\Logitech\Video\LogiTray.exe" [2004-02-12 16:59]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-01-03 01:12]
    "KBD"="C:\HP\KBD\KBD.EXE" [2005-02-02 17:44]
    "AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 22:47 C:\WINDOWS\ALCXMNTR.EXE]
    "TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-09-08 12:51]
    "ISUSPM Startup"="C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-28 00:50]
    "ISUSScheduler"="C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" [2004-07-28 00:50]

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "Shareaza"="C:\Program Files\Shareaza\Shareaza.exe" [2007-02-05 04:05]
    "Creative Detector"="C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" [2004-12-02 19:23]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 20:00]
    "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-06 19:41]
    "MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55]
    "H/PC Connection Agent"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe" [2006-06-26 21:45]
    "Steam"="c:\program files\valve\steam\steam.exe" [2007-06-28 10:02]

    R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys
    R2 BackWeb Plug-in - 361343;Pack Securite;C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
    R2 F-Secure Filter;F-Secure File System Filter;\??\C:\Program Files\Pack Securite\Anti-Virus\Win2K\FSfilter.sys
    R2 F-Secure Gatekeeper;F-Secure Gatekeeper;\??\C:\Program Files\Pack Securite\Anti-Virus\Win2K\FSgk.sys
    R2 F-Secure Recognizer;F-Secure File System Recognizer;\??\C:\Program Files\Pack Securite\Anti-Virus\Win2K\FSrec.sys
    R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys
    R3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
    S3 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe"
    S3 driverhardwarev2;driverhardwarev2;\??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys

    .
    Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
    "2007-09-11 18:00:00 C:\WINDOWS\Tasks\HPpromotions journeysoftware.job"
    - C:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe
    "2007-09-11 15:04:44 C:\WINDOWS\Tasks\Scheduled scanning task.job"
    "2005-01-02 23:28:53 C:\WINDOWS\Tasks\Symantec NetDetect.job"
    - C:\Program Files\Symantec\LiveUpdate\NDETECT.EXE
    .
    **************************************************************************

    catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2007-09-11 20:24:57
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2007-09-11 20:25:28
    C:\ComboFix-quarantined-files.txt ... 2007-09-11 20:25
    C:\ComboFix2.txt ... 2007-09-11 19:30
    C:\ComboFix3.txt ... 2007-09-11 19:03
    .
    --- E O F ---
    a b 8 Sécurité
    11 Septembre 2007 20:56:45

    Tu up après 20 minutes ?! J'ai une vie je te signale.
    Reposte un rapport Hijackthis.
    11 Septembre 2007 21:04:19

    Je sais que tu as une vie heureusement ...
    Je savez pas que 20 min seulement c'est écouler désoler


    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 21:03:22, on 11/09/2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
    C:\WINDOWS\system32\CTsvcCDA.EXE
    C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
    C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe
    C:\Program Files\Pack Securite\Anti-Virus\FSGK32.EXE
    C:\Program Files\Pack Securite\Common\FSMA32.EXE
    C:\Program Files\Pack Securite\Anti-Virus\fssm32.exe
    C:\Program Files\Pack Securite\Common\FSMB32.EXE
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Pack Securite\Common\FCH32.EXE
    C:\Program Files\Pack Securite\Common\FAMEH32.EXE
    C:\Program Files\Pack Securite\Anti-Virus\fsrw.exe
    C:\Program Files\Pack Securite\FSPC\fspc.exe
    C:\Program Files\Pack Securite\Anti-Virus\fsav32.exe
    C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
    C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
    C:\windows\system\hpsysdrv.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    C:\Program Files\Pack Securite\Common\FSM32.EXE
    C:\PROGRA~1\PACKSE~1\ANTI-S~1\fsaw.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\HP\KBD\KBD.EXE
    C:\Program Files\Pack Securite\FSGUI\fsguidll.exe
    C:\WINDOWS\ALCXMNTR.EXE
    C:\WINDOWS\system32\LVComS.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe
    C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Microsoft ActiveSync\wcescomm.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe
    C:\Program Files\Photo Manager\Monitor.exe
    C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
    C:\PROGRA~1\MI3AA1~1\rapimgr.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\notepad.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\HP_Propriétaire\Bureau\HiJackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.simagri.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
    O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
    O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
    O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Pack Securite\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Pack Securite\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Pack Securite\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
    O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start
    O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
    O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
    O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - Startup: MSN Pictures Displayer.lnk = C:\Program Files\MSN Pictures Displayer\MSN Pictures Displayer.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Pack Securite.lnk = C:\Program Files\Pack Securite\backweb\361343\Program\fspex.exe
    O4 - Global Startup: Photo Manager Monitor.lnk = ?
    O8 - Extra context menu item: &Bloquer cette fenêtre publicitaire - C:\Program Files\Pack Securite\Anti-Spyware\blockpopups.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
    O9 - Extra button: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
    O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
    O9 - Extra 'Tools' menuitem: Filtre Web - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Program Files\Pack Securite\FSPC\fspcmsie.dll
    O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
    O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Pack Securite\Anti-Spyware\ieshield.dll
    O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
    O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai.net/f/532/6712/5m/virtools.downloa...
    O23 - Service: Pack Securite (BackWeb Plug-in - 361343) - BackWeb Technologies Inc. - C:\PROGRA~1\PACKSE~1\backweb\361343\Program\SERVIC~1.EXE
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\Pack Securite\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Pack Securite\backweb\361343\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Pack Securite\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Program Files\Pack Securite\FSPC\fshttps\fshttps.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\Pack Securite\Common\FSMA32.EXE
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O24 - Desktop Component 0: (no name) - http://idata.over-blog.com/0/00/32/63/fevrier/tres/sama...
    O24 - Desktop Component 1: (no name) - http://nn99.free.fr/miniZ/nsx14.jpg
    O24 - Desktop Component 2: (no name) - http://www.simagri.com/images/map/fond.gif

    --
    End of file - 11802 bytes
    a b 8 Sécurité
    11 Septembre 2007 21:08:25

    C'est mieux ?
    11 Septembre 2007 21:13:02

    écoute j'ai pus de pub

    apres a toi de me dire si c'est fini lol
    jsuis pas spécialiste (plus tard edute en informatique
    a b 8 Sécurité
    11 Septembre 2007 21:15:02

    C'est ok pour moi.
    11 Septembre 2007 21:17:29

    OK, ben merci et bonne continuations
    Tom's guide dans le monde
    • Allemagne
    • Italie
    • Irlande
    • Royaume Uni
    • Etats Unis
    Suivre Tom's Guide
    Inscrivez-vous à la Newsletter
    • ajouter à twitter
    • ajouter à facebook
    • ajouter un flux RSS