Sujet Précédent Sujet Suivant

Plusieurs fenetre ouvre besoin d'aide s.v.p

laigre2002 Messages postés 76 Statut Membre -  
 Utilisateur anonyme -
Bonjour, Quand j'ouvre mon internet j'ai plusieurs fenetre qui rouvre sans arret . j'aurais besoin d'aide pour m'en débarasser y a tu quelqu'un qui serais aimable pour m'aider étape par étape s.v.p. merci à l'avance
En passant c sur mon ordi portative
A voir également:

20 réponses

Réponse 1 / 20
Utilisateur anonyme
 
bonjour :

Désactive le contrôle des comptes utilisateurs (tu le réactiveras après ta désinfection):

- Vas dans "Démarrer" puis Panneau de configuration.
- Double Clique sur l'icône Comptes d'utilisateurs et sur Activer ou désactiver le contrôle des comptes d'utilisateurs.
- Clique sur Continuer.
- Décoche la case Utiliser le contrôle des comptes d'utilisateurs pour vous aider à protéger votre ordinateur.
- Valide par OK et redémarre.

Tuto

ensuite :

Salut,

commences par ceci pour voir ce qu'il en est,avoir un diagnostic précis et donc repérer les infections possibles et les neutraliser:

Télécharges et installes le logiciel de diagnostic :

ici Hijackthis
ou ici Hijackthis
ou ici Hijackthis

ou renommé

1- Cliques sur le setup pour lancer l'installe : laisses toi guider et ne modifies pas les paramètres d'installation .
A la fin de l'installe , le prg ce lance automatiquement : fermes le en cliquant sur la croix rouge .
Au final, tu dois avoir un raccourci sur ton bureau et aussi un cheminement comme :
"C:\ program files\Trend Micro\HijackThis\HijackThis.exe " .

tuto pour utilisation :(merci balltrap34)
Regardes ici, c'est parfaitement expliqué en images ,

( Ne fixes encore AUCUNE ligne de ton plein gré, cela pourrait empêcher ton PC de fonctionner correctement )

2- !! Déconnectes toi et fermes toute tes applications en cours !!

Cliques sur le raccourci du bureau pour lancer le prg :
fais un scan HijackThis en cliquant sur : "Do a system scan and save a logfile"

--->copies-colles le rapport généré pour analyse
0
Réponse 2 / 20
laigre2002 Messages postés 76 Statut Membre
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:57:10, on 2009-03-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\windows\system32\MalwareKiller.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Blubster\Blubster.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Blubster\BGCheck.exe
C:\Program Files\BigFix\BigFix.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\Owner\My Documents\RCA Detective\RCADetective.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NVideoSupport Class - {15C3F151-CC22-4146-8F73-05D0CD987982} - C:\WINDOWS\system32nvideo.dll
O2 - BHO: (no name) - {51f06041-dc34-4fda-816c-635459ae7edb} - C:\WINDOWS\system32\dudeheru.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Quick Access Toolbar - {1813785D-9CFB-45A0-9CBC-3E84F7A8471F} - C:\WINDOWS\system32GSearchTB.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Easy Dock] C:\Documents and Settings\Owner\My Documents\RCA easyRip\EZDock.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [MalwareKiller.exe] C:\windows\system32\MalwareKiller.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [Blubster] C:\Program Files\Blubster\Blubster.exe SILENT
O4 - HKLM\..\Run: [zakozevuje] Rundll32.exe "C:\WINDOWS\system32\hewurevi.dll",s
O4 - HKLM\..\Run: [8c44b7fc] rundll32.exe "C:\WINDOWS\system32\yalohiba.dll",b
O4 - HKLM\..\Run: [CPM8f778460] Rundll32.exe "C:\WINDOWS\system32\fahokipa.dll",a
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RCA Detective.lnk = C:\Documents and Settings\Owner\My Documents\RCA Detective\RCADetective.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Owner\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {21BB8360-F943-447E-98F3-3C22345375A7} (CPlayFirstChocolatierControl Object) - http://games.bigfishgames.com/en_chocolatier/online/ChocolatierWeb.1.0.0.13.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {775879E2-7309-4619-BB02-AADE41F4B690} (CPlayFirstdreamControl Object) - http://www.playfirst.com/play/game/dreamchronicles/dreamweb.1.0.0.9.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\lewowesa.dll c:\windows\system32\fulefoze.dll c:\windows\system32\fahokipa.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\fahokipa.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\fahokipa.dll
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
0
Réponse 3 / 20
laigre2002 Messages postés 76 Statut Membre
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:57:10, on 2009-03-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\windows\system32\MalwareKiller.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Blubster\Blubster.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Blubster\BGCheck.exe
C:\Program Files\BigFix\BigFix.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\Owner\My Documents\RCA Detective\RCADetective.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NVideoSupport Class - {15C3F151-CC22-4146-8F73-05D0CD987982} - C:\WINDOWS\system32nvideo.dll
O2 - BHO: (no name) - {51f06041-dc34-4fda-816c-635459ae7edb} - C:\WINDOWS\system32\dudeheru.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Quick Access Toolbar - {1813785D-9CFB-45A0-9CBC-3E84F7A8471F} - C:\WINDOWS\system32GSearchTB.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Easy Dock] C:\Documents and Settings\Owner\My Documents\RCA easyRip\EZDock.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [MalwareKiller.exe] C:\windows\system32\MalwareKiller.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [Blubster] C:\Program Files\Blubster\Blubster.exe SILENT
O4 - HKLM\..\Run: [zakozevuje] Rundll32.exe "C:\WINDOWS\system32\hewurevi.dll",s
O4 - HKLM\..\Run: [8c44b7fc] rundll32.exe "C:\WINDOWS\system32\yalohiba.dll",b
O4 - HKLM\..\Run: [CPM8f778460] Rundll32.exe "C:\WINDOWS\system32\fahokipa.dll",a
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RCA Detective.lnk = C:\Documents and Settings\Owner\My Documents\RCA Detective\RCADetective.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Owner\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {21BB8360-F943-447E-98F3-3C22345375A7} (CPlayFirstChocolatierControl Object) - http://games.bigfishgames.com/en_chocolatier/online/ChocolatierWeb.1.0.0.13.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {775879E2-7309-4619-BB02-AADE41F4B690} (CPlayFirstdreamControl Object) - http://www.playfirst.com/play/game/dreamchronicles/dreamweb.1.0.0.9.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\lewowesa.dll c:\windows\system32\fulefoze.dll c:\windows\system32\fahokipa.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\fahokipa.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\fahokipa.dll
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
0
Réponse 4 / 20
laigre2002 Messages postés 76 Statut Membre
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:57:10, on 2009-03-24
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
C:\windows\system32\MalwareKiller.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Blubster\Blubster.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Blubster\BGCheck.exe
C:\Program Files\BigFix\BigFix.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Documents and Settings\Owner\My Documents\RCA Detective\RCADetective.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: NVideoSupport Class - {15C3F151-CC22-4146-8F73-05D0CD987982} - C:\WINDOWS\system32nvideo.dll
O2 - BHO: (no name) - {51f06041-dc34-4fda-816c-635459ae7edb} - C:\WINDOWS\system32\dudeheru.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Quick Access Toolbar - {1813785D-9CFB-45A0-9CBC-3E84F7A8471F} - C:\WINDOWS\system32GSearchTB.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Easy Dock] C:\Documents and Settings\Owner\My Documents\RCA easyRip\EZDock.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
O4 - HKLM\..\Run: [MalwareKiller.exe] C:\windows\system32\MalwareKiller.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe
O4 - HKLM\..\Run: [Blubster] C:\Program Files\Blubster\Blubster.exe SILENT
O4 - HKLM\..\Run: [zakozevuje] Rundll32.exe "C:\WINDOWS\system32\hewurevi.dll",s
O4 - HKLM\..\Run: [8c44b7fc] rundll32.exe "C:\WINDOWS\system32\yalohiba.dll",b
O4 - HKLM\..\Run: [CPM8f778460] Rundll32.exe "C:\WINDOWS\system32\fahokipa.dll",a
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: RCA Detective.lnk = C:\Documents and Settings\Owner\My Documents\RCA Detective\RCADetective.exe
O4 - Global Startup: BigFix.lnk = C:\Program Files\BigFix\BigFix.exe
O4 - Global Startup: Cisco Systems VPN Client.lnk = C:\Program Files\Cisco Systems\VPN Client\vpngui.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: HP Clipbook - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart Select - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Owner\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {21BB8360-F943-447E-98F3-3C22345375A7} (CPlayFirstChocolatierControl Object) - http://games.bigfishgames.com/en_chocolatier/online/ChocolatierWeb.1.0.0.13.cab
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} - http://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/resources/MSNPUpld.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {775879E2-7309-4619-BB02-AADE41F4B690} (CPlayFirstdreamControl Object) - http://www.playfirst.com/play/game/dreamchronicles/dreamweb.1.0.0.9.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} - http://download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\lewowesa.dll c:\windows\system32\fulefoze.dll c:\windows\system32\fahokipa.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\fahokipa.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\fahokipa.dll
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 20
Utilisateur anonyme
 

______________________________________________________________________________________
>Ce logiciel n'est à utiliser que prescrit par un helper qualifié et formé à l'outil.<
>>>>>>>Ne pas utiliser en dehors de ce cas de figure : dangereux!<<<<<<<<
======================================================================================

Lors de son exécution,

ComboFix va vérifier si la Console de récupération Microsoft Windows est installée. Avec des infections comme celles d'aujourd'hui, il est fortement conseillé de l'avoir pré-installée sur votre PC avant toute suppression de nuisibles.
Elle vous permettra de démarrer dans un mode spécial, de récupération (réparation), qui nous permet de vous aider plus facilement si jamais votre ordinateur rencontre un problème après une tentative de nettoyage.

Suivez les invites pour permettre à ComboFix de télécharger et installer la Console de récupération Microsoft Windows

et lorsque cela vous est demandé, acceptez le Contrat de Licence Utilisateur Final pour installer la Console de récupération Microsoft Windows.

Sous XP

Sous Vista

**Note importante: Si la Console de récupération Microsoft Windows est déjà installée, ComboFix continuera ses procédures de suppression de nuisibles.

A Lire , Impératif !!!!

Télécharges Combofix :

Et important, enregistre le sous <>souligne"moi.exe"</souligne> sur le bureau.

Avant d'utiliser ComboFix :

? Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.
? Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent gêner fortement la procédure de recherche et de nettoyage de l'outil.

Une fois fait, sur ton bureau double-clic sur "moi.exe"

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.
<gras>
/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redémarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

? Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

? Reviens sur le forum, et

copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

0
Réponse 6 / 20
laigre2002 Messages postés 76 Statut Membre
 
merci pour ton aide et excuse moi je te l'ai envoyer 3 fois . tu me me laisser savoir ma prochaine étape s.v.p
0
Réponse 7 / 20
Utilisateur anonyme
 
http://www.commentcamarche.net/forum/affich 11674937 plusieurs fenetre ouvre besoin d aide s v p?#5
0
Réponse 8 / 20
laigre2002 Messages postés 76 Statut Membre
 
ComboFix 09-03-22.01 - Owner 2009-03-24 1:36:08.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.2.1033.18.502.180 [GMT -4:00]
Running from: c:\documents and settings\Owner\Desktop\moi.exe.exe
AV: ESET NOD32 antivirus system 2.70 *On-access scanning disabled* (Updated)
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\resycled
c:\windows\system32\404Fix.exe
c:\windows\system32\abiholay.ini
c:\windows\system32\dumphive.exe
c:\windows\system32\edoreyaw.ini
c:\windows\system32\IEDFix.C.exe
c:\windows\system32\IEDFix.exe
c:\windows\system32\ihifepel.ini
c:\windows\system32\iteyalil.ini
c:\windows\system32\lewowesa.dll
c:\windows\system32\o4Patch.exe
c:\windows\system32\opejajah.ini
c:\windows\system32\SrchSTS.exe
c:\windows\system32\tmp.reg
c:\windows\system32\usopuyaz.ini
c:\windows\system32\VACFix.exe
c:\windows\system32\VCCLSID.exe
c:\windows\system32\WS2Fix.exe
D:\resycled

.
((((((((((((((((((((((((( Files Created from 2009-02-24 to 2009-03-24 )))))))))))))))))))))))))))))))
.

2009-03-24 01:33 . 2009-03-24 01:33 <DIR> d-------- C:\32788R22FWJFW
2009-03-20 10:54 . 2009-03-20 10:54 <DIR> d-------- c:\documents and settings\NetworkService\Application Data\HPAppData
2009-03-14 22:13 . 2009-03-14 22:14 <DIR> d-------- c:\program files\James Patterson Women's Murder Club - A Darker Shade of Grey
2009-03-12 21:47 . 2009-03-12 22:07 <DIR> d-------- c:\documents and settings\Owner\Application Data\RobinsonCrusoe
2009-03-10 21:12 . 2009-03-10 21:12 <DIR> d-------- c:\documents and settings\All Users\Application Data\HoverBee Studios
2009-03-08 22:18 . 2009-03-08 22:18 <DIR> d-------- c:\documents and settings\Owner\Application Data\BrandX Games
2009-03-08 18:54 . 2009-03-08 18:54 <DIR> d-------- c:\documents and settings\Owner\Application Data\SerpentOfIsis
2009-02-24 23:31 . 2009-02-24 23:31 <DIR> d-------- c:\program files\Unwell Mel
2009-02-24 22:10 . 2009-02-24 22:10 <DIR> d-------- c:\windows\Unwell Mel

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-24 05:40 --------- d-----w c:\program files\Blubster
2009-03-24 02:36 88,064 --sha-w c:\windows\system32\fahokipa.dll
2009-03-24 02:36 79,872 --sha-w c:\windows\system32\yalohiba.dll
2009-03-23 15:23 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-03-22 16:09 88,064 --sha-w c:\windows\system32\zezesuhe.dll
2009-03-21 17:18 88,064 --sha-w c:\windows\system32\siveraja.dll
2009-03-21 17:18 79,872 --sha-w c:\windows\system32\hajajepo.dll
2009-03-20 01:54 88,064 --sha-w c:\windows\system32\wihuwere.dll
2009-03-19 12:58 88,064 --sha-w c:\windows\system32\hafedeku.dll
2009-03-15 22:00 --------- d-----w c:\documents and settings\Owner\Application Data\Flood Light Games
2009-03-15 22:00 --------- d-----w c:\documents and settings\All Users\Application Data\Flood Light Games
2009-03-15 22:00 --------- d-----w c:\documents and settings\All Users\Application Data\BigFishGamesCache
2009-02-25 02:22 --------- d-----w c:\documents and settings\Owner\Application Data\Azureus
2009-02-25 01:57 --------- d-----w c:\program files\Azureus
2009-02-23 23:59 --------- d-----w c:\documents and settings\All Users\Application Data\Big Fish Games Vancouver
2009-02-03 16:27 --------- d-----w c:\program files\Top Ten Solitaire
2008-06-24 03:29 0 ----a-w c:\program files\temp01
2006-10-27 21:42 774,144 -c--a-w c:\program files\RngInterstitial.dll
2006-10-11 18:07 282 -c--a-w c:\documents and settings\Owner\Application Data\wklnhst.dat
1601-01-01 00:12 47,616 --sha-w c:\windows\system32\dudeheru.dll
1601-01-01 00:12 47,616 --sha-w c:\windows\system32\hewurevi.dll
.

((((((((((((((((((((((((((((( snapshot@2008-11-12_20.26.43.97 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-11-24 00:51:29 231,258 ----a-w c:\windows\Blubster_Toolbar_Uninstaller_1200.exe
- 2005-02-16 20:15:20 401,408 ----a-w c:\windows\Downloaded Program Files\isusweb.dll
+ 2006-09-11 09:40:36 484,272 ----a-w c:\windows\Downloaded Program Files\isusweb.dll
- 2005-10-21 01:02:28 163,328 ----a-w c:\windows\ERDNT\Hiv-backup\ERDNT.EXE
+ 2005-10-21 00:02:28 163,328 ----a-w c:\windows\ERDNT\Hiv-backup\ERDNT.EXE
- 2005-10-21 01:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE
+ 2005-10-21 00:02:28 163,328 ----a-w c:\windows\ERDNT\subs\ERDNT.EXE
+ 2008-12-09 16:33:48 25,214 ----a-r c:\windows\Installer\{EB3DF81F-5E70-4722-9D99-C1FC3EEF4DE1}\MediaManager8.exe_8E832933A07340209FB8DBADC480B69B.exe
+ 2008-12-09 16:33:48 25,214 ----a-r c:\windows\Installer\{EB3DF81F-5E70-4722-9D99-C1FC3EEF4DE1}\NewShortcut24_8E832933A07340209FB8DBADC480B69B_1.exe
+ 2008-12-09 16:33:48 25,214 ----a-r c:\windows\Installer\{EB3DF81F-5E70-4722-9D99-C1FC3EEF4DE1}\NewShortcut33_8E832933A07340209FB8DBADC480B69B.exe
+ 2008-12-09 16:33:48 3,638 ----a-r c:\windows\Installer\{EB3DF81F-5E70-4722-9D99-C1FC3EEF4DE1}\NewShortcut38_8E832933A07340209FB8DBADC480B69B.exe
+ 2008-12-09 16:33:48 25,214 ----a-r c:\windows\Installer\{EB3DF81F-5E70-4722-9D99-C1FC3EEF4DE1}\NewShortcut4_8E832933A07340209FB8DBADC480B69B.exe
+ 2008-12-09 16:22:06 69,632 ----a-r c:\windows\Installer\{F4B35ADF-B630-4DCC-BDD7-FFC04A5C7C51}\DesktopMgr.exe
+ 2008-12-09 16:22:06 26,694 ----a-r c:\windows\Installer\{F4B35ADF-B630-4DCC-BDD7-FFC04A5C7C51}\NewShortcut12_C6ABA3677F944B9FBB00F060701B0B5A.exe
+ 2008-12-09 16:22:06 26,694 ----a-r c:\windows\Installer\{F4B35ADF-B630-4DCC-BDD7-FFC04A5C7C51}\NewShortcut3_C6ABA3677F944B9FBB00F060701B0B5A.exe
+ 2008-12-09 16:22:06 26,694 ----a-r c:\windows\Installer\{F4B35ADF-B630-4DCC-BDD7-FFC04A5C7C51}\NewShortcut4_C6ABA3677F944B9FBB00F060701B0B5A.exe
+ 2008-12-09 16:22:06 26,694 ----a-r c:\windows\Installer\{F4B35ADF-B630-4DCC-BDD7-FFC04A5C7C51}\NewShortcut5_C6ABA3677F944B9FBB00F060701B0B5A.exe
+ 2008-12-09 16:22:06 26,694 ----a-r c:\windows\Installer\{F4B35ADF-B630-4DCC-BDD7-FFC04A5C7C51}\NewShortcut6_C6ABA3677F944B9FBB00F060701B0B5A.exe
+ 2008-12-09 16:22:06 26,694 ----a-r c:\windows\Installer\{F4B35ADF-B630-4DCC-BDD7-FFC04A5C7C51}\NewShortcut600_C6ABA3677F944B9FBB00F060701B0B5A.exe
+ 2008-11-15 04:09:00 574,464 ----a-w c:\windows\Mushroom Age\uninstall.exe
- 2007-06-02 20:42:28 451,072 ----a-w c:\windows\Mystery Case Files Huntsville\uninstall.exe
+ 2008-11-16 20:15:50 451,072 ----a-w c:\windows\Mystery Case Files Huntsville\uninstall.exe
- 2007-06-02 20:43:11 451,072 ----a-w c:\windows\Mystery Case Files Prime Suspects\uninstall.exe
+ 2008-12-06 17:00:59 451,072 ----a-w c:\windows\Mystery Case Files Prime Suspects\uninstall.exe
- 2000-08-31 13:00:00 28,672 ----a-w c:\windows\NIRCMD.exe
+ 2000-08-31 12:00:00 29,696 ----a-w c:\windows\NIRCMD.exe
- 2000-08-31 13:00:00 161,792 ----a-w c:\windows\SWREG.exe
+ 2000-08-31 12:00:00 161,792 ----a-w c:\windows\SWREG.exe
- 2005-09-07 16:37:16 16,384 -c--a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
+ 2009-03-20 19:56:01 16,384 -c--a-w c:\windows\system32\config\systemprofile\Cookies\index.dat
- 2005-09-07 16:37:16 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2009-03-20 19:56:01 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2005-09-07 16:38:05 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2009-03-20 19:56:01 32,768 -c--a-w c:\windows\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-11-13 01:52:48 410,976 ----a-w c:\windows\system32\deploytk.dll
+ 2008-11-15 04:19:15 27,904 ----a-w c:\windows\system32\drivers\ndisprot.sys
+ 2007-01-18 15:24:58 26,496 ----a-r c:\windows\system32\drivers\RimSerial.sys
- 2008-10-03 16:10:22 235,168 ----a-w c:\windows\system32\FNTCACHE.DAT
+ 2009-01-07 02:23:51 235,168 ----a-w c:\windows\system32\FNTCACHE.DAT
- 2005-03-04 16:06:58 49,248 -c--a-w c:\windows\system32\java.exe
+ 2008-11-13 01:52:48 144,792 ----a-w c:\windows\system32\java.exe
- 2005-03-04 16:07:06 49,250 -c--a-w c:\windows\system32\javaw.exe
+ 2008-11-13 01:52:49 144,792 ----a-w c:\windows\system32\javaw.exe
- 2005-03-04 17:36:48 127,078 -c--a-w c:\windows\system32\javaws.exe
+ 2008-11-13 01:52:49 148,888 ----a-w c:\windows\system32\javaws.exe
- 2000-08-21 14:00:00 1,388,544 -c--a-r c:\windows\system32\msvbvm60.dll
+ 2008-09-05 08:09:06 1,376,528 -c----w c:\windows\system32\msvbvm60.dll
+ 2005-09-08 06:03:50 1,330,888 ----a-w c:\windows\system32\msxml6.dll
+ 2005-09-08 06:03:50 86,728 ----a-w c:\windows\system32\msxml6r.dll
- 2008-11-12 01:41:25 53,806 ----a-w c:\windows\system32\perfc009.dat
+ 2009-03-24 04:34:52 54,120 ----a-w c:\windows\system32\perfc009.dat
- 2008-11-12 01:41:25 383,452 ----a-w c:\windows\system32\perfh009.dat
+ 2009-03-24 04:34:52 383,998 ----a-w c:\windows\system32\perfh009.dat
+ 2007-01-18 15:24:58 26,496 ----a-r c:\windows\system32\ReinstallBackups\[u]0/u016\DriverFiles\RimSerial.sys
+ 1999-02-19 13:54:26 40,960 ----a-w c:\windows\system32\SSubTmr6.dll
+ 1999-03-26 05:00:00 101,888 ----a-w c:\windows\system32\Vb6stkit.dll
+ 2000-03-21 05:55:50 118,784 ----a-w c:\windows\system32\vbalNCSM6.dll
+ 2009-03-24 05:42:07 16,384 ----atw c:\windows\temp\Perflib_Perfdata_284.dat
+ 2009-02-25 02:10:16 574,464 ----a-w c:\windows\Unwell Mel\uninstall.exe
+ 2006-12-02 03:56:00 96,256 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.ATL_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_cbb27474\ATL80.dll
+ 2006-12-02 03:54:32 479,232 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcm80.dll
+ 2006-12-02 03:54:34 548,864 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcp80.dll
+ 2006-12-02 03:54:32 626,688 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\msvcr80.dll
+ 2006-12-02 05:25:52 1,101,824 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80.dll
+ 2006-12-02 05:25:56 1,093,120 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfc80u.dll
+ 2006-12-02 05:25:58 69,632 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80.dll
+ 2006-12-02 05:26:00 57,856 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\mfcm80u.dll
+ 2006-12-02 05:08:00 40,960 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHS.dll
+ 2006-12-02 05:08:00 45,056 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80CHT.dll
+ 2006-12-02 05:08:00 65,536 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80DEU.dll
+ 2006-12-02 05:08:00 57,344 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ENU.dll
+ 2006-12-02 05:08:00 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ESP.dll
+ 2006-12-02 05:08:00 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80FRA.dll
+ 2006-12-02 05:08:00 61,440 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80ITA.dll
+ 2006-12-02 05:08:00 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80JPN.dll
+ 2006-12-02 05:08:00 49,152 ----a-w c:\windows\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\mfc80KOR.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{51f06041-dc34-4fda-816c-635459ae7edb}]
47616 --ahs---- c:\windows\system32\dudeheru.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-04 15360]
"SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-11-12 1576176]
"msnmsgr"="c:\program files\MSN Messenger\msnmsgr.exe" [2007-01-19 5674352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPLpr"="c:\program files\Synaptics\SynTP\SynTPLpr.exe" [2004-11-04 98394]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2004-11-04 688218]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2002-09-14 212992]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2004-12-24 155648]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2004-12-24 118784]
"nod32kui"="c:\program files\Eset\nod32kui.exe" [2007-01-25 949376]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2007-03-11 49152]
"Easy Dock"="c:\documents and settings\Owner\My Documents\RCA easyRip\EZDock.exe" [2008-07-29 532480]
"SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]
"PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 30248]
"IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-29 46632]
"PPort11reminder"="c:\program files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 255528]
"BrMfcWnd"="c:\program files\Brother\Brmfcmon\BrMfcWnd.exe" [2007-03-23 663552]
"ControlCenter3"="c:\program files\Brother\ControlCenter3\brctrcen.exe" [2007-01-26 65536]
"MalwareKiller.exe"="c:\windows\system32\MalwareKiller.exe" [2008-11-11 57344]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-12 136600]
"Blubster"="c:\program files\Blubster\Blubster.exe" [2008-11-10 1343488]
"zakozevuje"="c:\windows\system32\hewurevi.dll" [ 47616]
"8c44b7fc"="c:\windows\system32\yalohiba.dll" [2009-03-23 79872]
"CPM8f778460"="c:\windows\system32\fahokipa.dll" [2009-03-23 88064]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360]

c:\documents and settings\Owner\Start Menu\Programs\Startup\
RCA Detective.lnk - c:\documents and settings\Owner\My Documents\RCA Detective\RCADetective.exe [2008-08-19 1069056]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
BigFix.lnk - c:\program files\BigFix\BigFix.exe [2005-09-07 1742384]
Cisco Systems VPN Client.lnk - c:\program files\Cisco Systems\VPN Client\vpngui.exe [2006-09-12 1421328]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2007-03-11 210520]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\SharedTaskScheduler]
"{EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4}"= "c:\windows\system32\fahokipa.dll" [2009-03-23 88064]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-20 77824]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"SSODL"= {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\fahokipa.dll [2009-03-23 88064]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-11-12 23:50 352256 c:\program files\SUPERAntiSpyware\SASWINLO.DLL

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\system32\lewowesa.dll c:\windows\system32\fahokipa.dll
"LoadAppInit_DLLs"=1 (0x1)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Notification Packages REG_MULTI_SZ scecli c:\windows\system32\lewowesa.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DXM6Patch_981116]
--a------ 1998-11-30 19:04 497376 c:\windows\p_981116.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"c:\\Program Files\\MSN Messenger\\livecall.exe"=
"c:\\Program Files\\Blubster\\Blubster.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\Program Files\\SUPERAntiSpyware\\SUPERANTISPYWARE.EXE"=
"c:\\Program Files\\Eset\\nod32krn.exe"=
"c:\\WINDOWS\\explorer.exe"=

R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2007-01-25 15424]
R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2006-10-10 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2007-02-27 55024]
R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2006-02-16 4096]
S3 Ndisprot;ArcNet NDIS Protocol Driver;c:\windows\system32\drivers\ndisprot.sys [2008-11-15 27904]
S3 vpnva;Cisco AnyConnect VPN Virtual Miniport Adapter for Windows;c:\windows\system32\DRIVERS\vpnva.sys --> c:\windows\system32\DRIVERS\vpnva.sys [?]

--- Other Services/Drivers In Memory ---

*Deregistered* - ALG
*Deregistered* - AudioSrv
*Deregistered* - BITS
*Deregistered* - Browser
*Deregistered* - CryptSvc
*Deregistered* - CVPND
*Deregistered* - DcomLaunch
*Deregistered* - Dhcp
*Deregistered* - Dnscache
*Deregistered* - ERSvc
*Deregistered* - EventSystem
*Deregistered* - FastUserSwitchingCompatibility
*Deregistered* - helpsvc
*Deregistered* - hpqcxs08
*Deregistered* - hpqddsvc
*Deregistered* - ImapiService
*Deregistered* - JavaQuickStarterService
*Deregistered* - lanmanserver
*Deregistered* - lanmanworkstation
*Deregistered* - LmHosts
*Deregistered* - Net Driver HPZ12
*Deregistered* - Netman
*Deregistered* - Nla
*Deregistered* - NOD32krn
*Deregistered* - Pml Driver HPZ12
*Deregistered* - PolicyAgent
*Deregistered* - PrismXL
*Deregistered* - ProtectedStorage
*Deregistered* - RasMan
*Deregistered* - RpcSs
*Deregistered* - SamSs
*Deregistered* - Schedule
*Deregistered* - seclogon
*Deregistered* - SENS
*Deregistered* - SharedAccess
*Deregistered* - ShellHWDetection
*Deregistered* - Spooler
*Deregistered* - srservice
*Deregistered* - SSDPSRV
*Deregistered* - stisvc
*Deregistered* - TapiSrv
*Deregistered* - TermService
*Deregistered* - Themes
*Deregistered* - TrkWks
*Deregistered* - W32Time
*Deregistered* - WebClient
*Deregistered* - winmgmt
*Deregistered* - wscsvc
*Deregistered* - wuauserv
*Deregistered* - WudfSvc
*Deregistered* - WZCSVC

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2ab23800-cb46-11db-8a72-00e0b8923486}]
\Shell\AutoRun\command - setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4a6ad740-6e55-11dd-8cfb-00e0b8923486}]
\Shell\AutoRun\command - F:\rcaeasyrip_setup.exe
\Shell\install\command - F:\rcaeasyrip_setup.exe
\Shell\usermanualEnglish\command - F:\rcaeasyrip_setup.exe /pdf_English
\Shell\usermanualFrench\command - F:\rcaeasyrip_setup.exe /pdf_French
\Shell\usermanualSpanish\command - F:\rcaeasyrip_setup.exe /pdf_Spanish
.
.
------- Supplementary Scan -------
.
uInternet Connection Wizard,ShellNext = iexplore
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
IE: {{d9288080-1baa-4bc4-9cf8-a92d743db949} - c:\documents and settings\Owner\Start Menu\Programs\IMVU\Run IMVU.lnk
LSP: c:\windows\system32\imon.dll
DPF: {21BB8360-F943-447E-98F3-3C22345375A7} - hxxp://games.bigfishgames.com/en_chocolatier/online/ChocolatierWeb.1.0.0.13.cab
DPF: {775879E2-7309-4619-BB02-AADE41F4B690} - hxxp://www.playfirst.com/play/game/dreamchronicles/dreamweb.1.0.0.9.cab
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-24 01:42:27
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1224)
c:\program files\SUPERAntiSpyware\SASWINLO.DLL

- - - - - - - > 'lsass.exe'(1280)
c:\windows\system32\imon.dll
c:\program files\Eset\pr_imon.dll
.
------------------------ Other Running Processes ------------------------
.
c:\program files\Cisco Systems\VPN Client\cvpnd.exe
c:\program files\Java\jre6\bin\jqs.exe
c:\program files\Eset\nod32krn.exe
c:\program files\Common Files\New Boundary\PrismXL\PRISMXL.SYS
c:\windows\system32\wscntfy.exe
c:\windows\system32\rundll32.exe
c:\program files\Brother\ControlCenter3\BrccMCtl.exe
c:\progra~1\BigFix\BigFix.exe
c:\program files\Blubster\BGCheck.exe
c:\program files\Brother\Brmfcmon\BrMfcMon.exe
c:\documents and settings\Owner\My Documents\RCA EasyRip\EZPlayerbase.exe
.
**************************************************************************
.
Completion time: 2009-03-24 1:51:52 - machine was rebooted
ComboFix-quarantined-files.txt 2009-03-24 05:51:05
ComboFix2.txt 2008-11-13 01:27:37

Pre-Run: 24 666 091 520 bytes free
Post-Run: 24,858,017,792 bytes free

333
0
Réponse 9 / 20
laigre2002 Messages postés 76 Statut Membre
 
voici le rappord prochaine etape s.v.p
0
Réponse 10 / 20
Utilisateur anonyme
 
Imprime ces instructions car il faudra fermer toutes les fenêtres et applications lors de l'installation et de l'analyse.

Télécharges :
Malwarebytes ou :
Malwarebytes

* Installe le ( choisis bien "francais" ; ne modifie pas les paramètres d'installe ) et mets le à jour .

(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharge le ici : COMCTL32.OCX

* Potasses le Tuto pour te familiariser avec le prg :

( cela dis, il est très simple d'utilisation ).

relance malwarebytes en suivant scrupuleusement ces consignes :

! Déconnecte toi et ferme toutes applications en cours !

* Lance Malwarebyte's .

Fais un examen dit "Complet" .

--> Laisse le programme travailler ( et ne rien faire d'autre avec le PC durant le scan ).
--> à la fin tu cliques sur "résultat" .
--> Vérifie que tous les objets infectés soient validés, puis clique sur " suppression " .

Note : si il faut redémarrer ton PC pour finir le nettoyage, fais le !

Poste le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date)

0
Réponse 11 / 20
laigre2002 Messages postés 76 Statut Membre
 
j ai encore beaucoup de fenetre quie rouvre quand je me bloque a internet tout des fenetre (about blank) a peux pres 10 a 15 page sans arret a l aide je suis envahi
0
Réponse 12 / 20
Utilisateur anonyme
 
et bien fais ce que je te demande stp
0
Réponse 13 / 20
laigre2002 Messages postés 76 Statut Membre
 
je ne suis pas capable de telegarger malwarebytes a la page que tu m as sugerer a tu un autre site s.v.p la page ne veux pas ouvrir
0
Réponse 14 / 20
Utilisateur anonyme
 
Essaies ICI
0
laigre2002 Messages postés 76 Statut Membre
 
bonjour, merci j ai donwloder le ficher (cijREKYbwx.zip) peut tu me dire si c bien lui que je devais de prendre .
Quand je le rouvre c (mbam-setup.exe) j ai tu le bon
0
Réponse 15 / 20
Utilisateur anonyme
 
oui ok c'est le bon tu peux effectuer la démarche demandée :)
0
laigre2002 Messages postés 76 Statut Membre
 
Rebonjour,voici le rapportMalwarebytes' Anti-Malware 1.34
Database version: 1749
Windows 5.1.2600 Service Pack 2

2009-03-24 20:12:00
mbam-log-2009-03-24 (20-11-37).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 126992
Time elapsed: 39 minute(s), 35 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 6
Registry Keys Infected: 14
Registry Values Infected: 6
Registry Data Items Infected: 4
Folders Infected: 0
Files Infected: 19

Memory Processes Infected:
C:\WINDOWS\system32\MalwareKiller.exe (Trojan.FakeAlert) -> No action taken.

Memory Modules Infected:
C:\WINDOWS\system32\yalohiba.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\jomotewa.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\dudeheru.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\bukatake.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\hewurevi.dll (Trojan.Vundo.H) -> No action taken.
c:\WINDOWS\system32\fahokipa.dll (Trojan.Vundo.H) -> No action taken.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51f06041-dc34-4fda-816c-635459ae7edb} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{51f06041-dc34-4fda-816c-635459ae7edb} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{51f06041-dc34-4fda-816c-635459ae7edb} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\nvideo.nvideosupport (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\nvideo.nvideosupport.1 (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{f8fb8ac9-3fcf-41b4-aad5-5f1050cd1679} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{41ec1928-7982-4e1f-b181-8e43b5e0c3f2} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{b3359986-1385-406e-ba70-3fafb2d9807c} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{a90b6b7a-4a14-4b62-92d2-0ffeb5c007b8} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\ubervid (Trojan.DNSChanger) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\8c44b7fc (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\zakozevuje (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpm8f778460 (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\malwarekiller.exe (Trojan.FakeAlert) -> No action taken.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\bukatake.dll -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\bukatake.dll -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.13 85.255.112.98 1.2.3.4 -> No action taken.
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Tcpip\Parameters\Interfaces\{e94e3918-573c-42f1-b2d6-6bd7e8ebc558}\DhcpNameServer (Trojan.DNSChanger) -> Data: 85.255.112.13 85.255.112.98 1.2.3.4 -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\jomotewa.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\awetomoj.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\yalohiba.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\abiholay.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\hewurevi.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\bukatake.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\dudeheru.dll (Trojan.Vundo.H) -> No action taken.
c:\WINDOWS\system32\fahokipa.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\MalwareKiller.exe (Trojan.FakeAlert) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\lewowesa.dll.vir (Trojan.Vundo.H) -> No action taken.
C:\System Volume Information\_restore{8669F2A9-13D9-43DE-AA07-AF3F40FA061C}\RP532\A0117831.exe (Trojan.Vundo.H) -> No action taken.
C:\System Volume Information\_restore{8669F2A9-13D9-43DE-AA07-AF3F40FA061C}\RP535\A0121010.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32GSearchTB.dll (Trojan.BHO) -> No action taken.
C:\WINDOWS\system32nvideo.dll (Trojan.BHO) -> No action taken.
C:\WINDOWS\system32\hafedeku.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\zezesuhe.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\siveraja.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\wihuwere.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\hajajepo.dll (Trojan.Vundo) -> No action taken.
0
Réponse 16 / 20
Utilisateur anonyme
 
tu ne l'as pas mis à jour !!

tu n'as rien supprimé !!!

0
laigre2002 Messages postés 76 Statut Membre
 
excuse moi je n'ai pas pu ca me disais erreur vous n'etes pas connecter a internet ou votre firewall vous bloque j'ai fermer mon firewall mais pas succès rien a faire pour le update . pourais tu l' updaté pour moi et je vais recommencer s.v.p ca va pas bien avec c ordi quand les fenetre commence a entrer je ne peux pas faire rien , ca serais très apprécier merci encore pour ta patience
0
Réponse 17 / 20
Utilisateur anonyme
 
non je ne peux pas le mettre à jour pour toi essaie en mode sans echec :

Comment aller en Mode sans échec
1) Redémarres ton ordi
2) Tapote la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip"
3) Tu verras un écran avec options de démarrage apparaître
4) Choisis la deuxieme option : Sans Échec avec prise en charge réseau, et valide avec "Entrée"
5) Choisis ton compte habituel, et non Administrateur (si besoin ... )
(attention : pas de connexion possible en mode sans échec , donc copies ou imprimes bien la manipe pour éviter les erreurs ...)
0
laigre2002 Messages postés 76 Statut Membre
 
merci ok j'essaie je te revien tu es super
0
laigre2002 Messages postés 76 Statut Membre
 
ne fonction pas non plus tu as d'autre suggestion pour moi s.v.p un gars décourager de son ordi lollll
0
Réponse 18 / 20
laigre2002 Messages postés 76 Statut Membre
 
Malwarebytes' Anti-Malware 1.34
Database version: 1893
Windows 5.1.2600 Service Pack 2

2009-03-24 22:52:46
mbam-log-2009-03-24 (22-52-29).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 131600
Time elapsed: 40 minute(s), 3 second(s)

Memory Processes Infected: 1
Memory Modules Infected: 4
Registry Keys Infected: 14
Registry Values Infected: 6
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 19

Memory Processes Infected:
C:\WINDOWS\system32\MalwareKiller.exe (Trojan.FakeAlert) -> No action taken.

Memory Modules Infected:
C:\WINDOWS\system32\jomotewa.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\dudeheru.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\hewurevi.dll (Trojan.Vundo.H) -> No action taken.
c:\WINDOWS\system32\bukatake.dll (Trojan.Vundo.H) -> No action taken.

Registry Keys Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51f06041-dc34-4fda-816c-635459ae7edb} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{51f06041-dc34-4fda-816c-635459ae7edb} (Trojan.Vundo.H) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{51f06041-dc34-4fda-816c-635459ae7edb} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> No action taken.
HKEY_CLASSES_ROOT\nvideo.nvideosupport (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\nvideo.nvideosupport.1 (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{f8fb8ac9-3fcf-41b4-aad5-5f1050cd1679} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{41ec1928-7982-4e1f-b181-8e43b5e0c3f2} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\TypeLib\{b3359986-1385-406e-ba70-3fafb2d9807c} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\Interface\{a90b6b7a-4a14-4b62-92d2-0ffeb5c007b8} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\ubervid (Trojan.DNSChanger) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> No action taken.

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\8c44b7fc (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\zakozevuje (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cpm8f778460 (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{ec43e3fd-5c60-46a6-97d7-e0b85dbdd6c4} (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ssodl (Trojan.Vundo.H) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\malwarekiller.exe (Trojan.FakeAlert) -> No action taken.

Registry Data Items Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: c:\windows\system32\bukatake.dll -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.Vundo.H) -> Data: system32\bukatake.dll -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> No action taken.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\system32\jomotewa.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\awetomoj.ini (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\hewurevi.dll (Trojan.Vundo.H) -> No action taken.
c:\WINDOWS\system32\bukatake.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\dudeheru.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\MalwareKiller.exe (Trojan.FakeAlert) -> No action taken.
C:\Qoobox\Quarantine\C\WINDOWS\system32\lewowesa.dll.vir (Trojan.Vundo.H) -> No action taken.
C:\System Volume Information\_restore{8669F2A9-13D9-43DE-AA07-AF3F40FA061C}\RP532\A0117831.exe (Trojan.Vundo.H) -> No action taken.
C:\System Volume Information\_restore{8669F2A9-13D9-43DE-AA07-AF3F40FA061C}\RP535\A0121010.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32GSearchTB.dll (Trojan.BHO) -> No action taken.
C:\WINDOWS\system32nvideo.dll (Trojan.BHO) -> No action taken.
C:\WINDOWS\two222222.exe (Adware.ISM) -> No action taken.
C:\WINDOWS\four444444.exe (Trojan.Dropper) -> No action taken.
C:\WINDOWS\system32\fahokipa.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\hafedeku.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\hajajepo.dll (Trojan.Vundo) -> No action taken.
C:\WINDOWS\system32\zezesuhe.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\siveraja.dll (Trojan.Vundo.H) -> No action taken.
C:\WINDOWS\system32\wihuwere.dll (Trojan.Vundo.H) -> No action taken.

voici le rapport, j ai finalement reussi la mise a jour. peut tu me laisser savoir le prochaine etape
0
Réponse 19 / 20
laigre2002 Messages postés 76 Statut Membre
 
mon probleme persiste quelqu'un pourrais m'aider a le résoude s.v.p.
0
Réponse 20 / 20
Utilisateur anonyme
 
tu ne lis pas les directives !!!

il t'etais demandé de supprimer tout ce qu'il trouvait et de me remettre le rapport apres suppression (éecrit en gras en plus !)

:)
0

Discussions similaires

Clavier ouvre raccourcis
angellee -
Clemence -

11 réponses
Les liens s'ouvrent dans un nouvel onglet
morganesque__ -
Geo -

15 réponses
[Sujet Groupé] Accès impossible à MarketPlace/Facebook
AnaChris59 -
decottttt -

45 réponses
Problème de clavier, des fenêtre s'ouvrent !!
Lyon691D -
tanteelise -

5 réponses
Afficher deux fenêtres côte à côte
ptitchinoise -
pistouri -

11 réponses