Sujet Précédent Sujet Suivant

Connexion internet 7.7 Mbits/s lente.

FrozZix14 -  
 Utilisateur anonyme -
Bonjour,je possède une connexion 7.7 Mbits/s, mais celle ci est très lente. Je dois par exemple attendre quelques minutes pour lire une vidéo sur youtube ou dailymotion.
Mon FAI est Alice.
J'ai effectuer un scan avec hijack this (donc j'ai posté le rapport plus bas) et j'aimerais que quelqu'un m'ai de lire ce rapport et a améliorer ma connexion.
Merci d'avance =).

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:05:02, on 01/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.imesh.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.imesh.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: {83ea5eb4-d8cf-4998-a244-b3702b3d01e0} - {0e10d3b2-073b-442a-8994-fc8d4be5ae38} - C:\WINDOWS\system32\mcfqqpyy.dll
O2 - BHO: ClickCatcher MSIE handler - {16664845-0E00-11D2-8059-000000000000} - C:\Program Files\Fichiers communs\ReGet Shared\Catcher.dll
O2 - BHO: BrowserCmp - {1D8282E6-BC4F-469B-AAED-7E4FF077AD93} - C:\WINDOWS\system32\iebrowserc.dll
O2 - BHO: superiorads browser optimizer - {43FC67B6-4C25-4afd-AE7A-9EF3E4587026} - C:\WINDOWS\system32\sprt_ads.dll
O2 - BHO: (no name) - {5AF256AA-1A90-4186-B4FC-F9F9531CC55D} - C:\WINDOWS\system32\awtst.dll (file missing)
O2 - BHO: dcads - {733716E1-76D2-4003-AC39-845281C0EF85} - C:\WINDOWS\system32\nsbB.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: XBTP01621 - {C66AF7F0-2CF6-48cb-9F94-04EC2504B4FC} - C:\PROGRA~1\IMESHA~1\IMESHM~1\MediaBar.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Lexmark 2200 Series] "C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe"
O4 - HKLM\..\Run: [3cc121d3] rundll32.exe "C:\WINDOWS\system32\oypkkrto.dll",b
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [spa_start] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\sprt_ads.dll" DllInit
O4 - HKLM\..\Run: [BM3ff2124f] Rundll32.exe "C:\WINDOWS\system32\qanxqubs.dll",s
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{D7D73F8F-370D-4ED8-AD9A-ADA73DF89351}: NameServer = 213.36.80.1 213.36.80.1
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
A voir également:

32 réponses

  • 1
  • 2
Réponse 1 / 32
Utilisateur anonyme
 
bon on va le forcer a partir alors !

Télécharges ComboFix à partir d'un de ces liens :

http://download.bleepingcomputer.com/sUBs/ComboFix.exe
https://forospyware.com
http://www.geekstogo.com/forum/files/file/197-combofix-by-subs/

Et important, enregistre le sur le bureau.

Avant d'utiliser ComboFix :

Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.

Une fois fait, sur ton bureau double-clic sur Combofix.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

► Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.
1
Réponse 2 / 32
Utilisateur anonyme
 
bonjour tu as plusieurs infections pour commencer va dans le panneau de configuration

cherche et desinstal

le programme "Browser optimizer dcads" et désinstaller-le sur le champs! Il te demandera une clé pour désinstaller mais ne met rien, il se désinstallera quand même! Regardez juste en-dessous tu as "Browser optimizer dcads superior", si tu le trouve desinstal le aussi dit moi quand ce seras fait
0
Réponse 3 / 32
FrozZix14
 
Tout d'abord merci d'avoir répondu aussi vite =).
J'ai fait comme tu m'a dis pour désinstaller " Browser optimizer" , mais il me met" Uninstalation code is invalid".
Que faire ??
0
Réponse 4 / 32
FrozZix14
 
Merci =) Je le fait tout de suite.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 32
FrozZix14
 
Voila le log issu du scan que tu m'a demandé, par contre aprés le scan avec combo fix, impossible d'utiliser Firefox.

ComboFix 08-03-30.5 - (FroZz!X) 2008-04-01 17:00:18.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.33.1036.18.622 [GMT 2:00]
Endroit: C:\Documents and Settings\(FroZz!X)\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
/wow section non terminée

((((((((((((((((((((((((((((( Fichiers créés 2008-03-01 to 2008-04-01 ))))))))))))))))))))))))))))))))))))
.

2008-04-01 16:29 . 2008-04-01 16:29 <REP> d-------- C:\Program Files\Sunbelt Software
2008-04-01 16:29 . 2008-04-01 16:29 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-04-01 16:29 . 2008-04-01 16:29 <REP> d----c--- C:\Documents and Settings\(FroZz!X)\Application Data\Grisoft
2008-04-01 16:29 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-03-31 16:02 . 2008-03-31 16:52 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-03-31 16:02 . 2008-03-31 16:02 1,409 --a------ C:\WINDOWS\QTFont.for
2008-03-28 14:28 . 2008-03-28 14:28 62,976 --a------ C:\WINDOWS\system32\sprt_ads.dll
2008-03-25 19:34 . 2008-03-25 19:34 <REP> d----c--- C:\Documents and Settings\(FroZz!X)\Application Data\Ahead
2008-03-24 00:58 . 2008-03-24 00:58 107,832 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2008-03-24 00:58 . 2008-03-24 00:58 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2008-03-24 00:58 . 2008-03-24 00:58 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-03-23 20:24 . 2008-03-23 20:24 <REP> d-------- C:\Program Files\mobile PhoneTools
2008-03-23 20:24 . 2008-03-23 20:24 <REP> d-------- C:\Program Files\LiveUpdate
2008-03-23 18:42 . 2008-03-23 18:42 <REP> d-------- C:\Program Files\PENTAX Optio 50
2008-03-23 18:42 . 2004-03-17 23:00 114,688 --a------ C:\WINDOWS\system32\JpegCode.dll
2008-03-23 18:42 . 2004-03-17 22:59 46,944 --a------ C:\WINDOWS\system32\drivers\CoachUsb.sys
2008-03-23 18:42 . 2004-03-17 23:00 44,256 --a------ C:\WINDOWS\system32\drivers\CoachVc.sys
2008-03-23 18:42 . 2004-03-17 22:59 16,896 --a------ C:\WINDOWS\system32\CoachDlg.dll
2008-03-23 18:42 . 2004-03-17 23:00 8,192 --a------ C:\WINDOWS\system32\CoachWrp.dll
2008-03-23 18:42 . 2004-03-17 22:59 5,632 --a------ C:\WINDOWS\system32\CoachSti.dll
2008-03-12 18:39 . 2008-03-12 18:39 127 --a------ C:\WINDOWS\system32\MRT.INI
2008-03-11 19:02 . 2008-03-11 19:02 86,592 --a--c--- C:\WINDOWS\system32\oypkkrto.dll
2008-03-11 19:02 . 2008-04-01 17:00 5,620 ---hs---- C:\WINDOWS\system32\otrkkpyo.ini
2008-03-11 18:59 . 2008-03-11 18:59 93,248 --a--c--- C:\WINDOWS\system32\mcfqqpyy.dll
2008-03-11 18:56 . 2008-03-11 18:56 90,688 --a--c--- C:\WINDOWS\system32\qanxqubs.dll
2008-03-11 18:02 . 2008-03-11 18:02 93,248 --a--c--- C:\WINDOWS\system32\wrilksjs.dll
2008-03-11 17:59 . 2008-03-11 17:59 1,315,110 ---hs---- C:\WINDOWS\system32\obkaawqf.ini
2008-03-10 17:53 . 2008-03-10 17:54 1,318,929 ---hs---- C:\WINDOWS\system32\cwbuwdnl.ini
2008-03-10 17:53 . 2008-03-10 17:53 87,616 --a--c--- C:\WINDOWS\system32\lndwubwc.dll
2008-03-10 17:50 . 2008-03-10 17:50 93,760 --a--c--- C:\WINDOWS\system32\urnyfjug.dll
2008-03-10 17:44 . 2008-03-10 17:44 89,152 --a--c--- C:\WINDOWS\system32\feltogwy.dll
2008-03-09 14:37 . 2008-03-10 17:53 1,318,869 ---hs---- C:\WINDOWS\system32\unbkapah.ini
2008-03-09 14:34 . 2008-03-09 14:34 91,200 --a--c--- C:\WINDOWS\system32\xmjqegik.dll
2008-03-09 14:28 . 2008-03-09 14:28 89,664 --a--c--- C:\WINDOWS\system32\jgyqygrs.dll
2008-03-09 13:37 . 2008-03-09 13:38 1,308,701 ---hs---- C:\WINDOWS\system32\bbypbdsn.ini
2008-03-09 13:34 . 2008-03-09 13:34 91,200 --a--c--- C:\WINDOWS\system32\kellkfue.dll
2008-03-08 13:32 . 2008-03-09 13:32 1,308,641 ---hs---- C:\WINDOWS\system32\njpmmvfw.ini
2008-03-08 13:25 . 2008-03-08 13:25 88,640 --a--c--- C:\WINDOWS\system32\sbqayykh.dll
2008-03-06 22:56 . 2008-03-08 13:11 1,307,457 ---hs---- C:\WINDOWS\system32\japleohq.ini
2008-03-06 22:53 . 2008-03-06 22:53 96,320 --a--c--- C:\WINDOWS\system32\pajtqllx.dll
2008-03-06 22:47 . 2008-03-06 22:47 92,736 --a--c--- C:\WINDOWS\system32\vlvkpxpk.dll
2008-03-05 22:57 . 2008-03-06 21:59 1,307,494 ---hs---- C:\WINDOWS\system32\jarocdqa.ini
2008-03-05 22:54 . 2008-03-05 22:54 96,832 --a--c--- C:\WINDOWS\system32\ffuiyfnx.dll
2008-03-05 22:48 . 2008-03-05 22:48 91,712 --a--c--- C:\WINDOWS\system32\wrpyejow.dll
2008-03-05 16:53 . 2008-03-05 16:53 <REP> d----c--- C:\Documents and Settings\(FroZz!X)\WINDOWS
2008-03-04 22:54 . 2008-03-04 22:54 96,832 --a--c--- C:\WINDOWS\system32\hynkshvr.dll
2008-03-04 22:51 . 2008-03-05 14:51 1,303,236 ---hs---- C:\WINDOWS\system32\gyxtmqhm.ini
2008-03-04 22:51 . 2008-03-04 22:51 89,664 --a--c--- C:\WINDOWS\system32\mhqmtxyg.dll
2008-03-04 22:46 . 2008-03-04 22:46 91,712 --a--c--- C:\WINDOWS\system32\fesfapqo.dll
2008-03-03 22:51 . 2008-03-04 22:48 512 ---hs---- C:\WINDOWS\system32\xqtpwmmn.ini
2008-03-03 22:48 . 2008-03-03 22:48 95,296 --a--c--- C:\WINDOWS\system32\beljwcpx.dll
2008-03-03 22:45 . 2008-03-03 22:45 91,712 --a--c--- C:\WINDOWS\system32\mybthbdw.dll
2008-03-02 22:54 . 2008-03-03 22:36 2,639,602 ---hs---- C:\WINDOWS\system32\malyocpi.ini
2008-03-02 22:49 . 2008-03-02 22:49 89,664 --a--c--- C:\WINDOWS\system32\lcxkfnao.dll
2008-03-02 22:46 . 2008-03-02 22:46 91,712 --a--c--- C:\WINDOWS\system32\uwpuflds.dll
2008-03-02 22:37 . 2008-03-02 22:41 <REP> d-------- C:\Program Files\YesMessenger
2008-03-02 22:37 . 2008-03-02 22:37 60 --a------ C:\WINDOWS\yesmessenger.ini
2008-03-02 21:52 . 2008-03-02 21:52 89,664 --a--c--- C:\WINDOWS\system32\bsbexosx.dll
2008-03-02 21:49 . 2008-03-02 22:51 2,500,504 ---hs---- C:\WINDOWS\system32\triembam.ini

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-01 14:55 4,456,448 ---ha-w C:\Documents and Settings\(FroZz!X)\NTUSER.DAT
2008-04-01 14:29 --------- dc----w C:\Documents and Settings\(FroZz!X)\Application Data\Grisoft
2008-03-31 19:20 --------- dc----w C:\Documents and Settings\(FroZz!X)\Application Data\gtk-2.0
2008-03-31 19:14 --------- dc----w C:\Documents and Settings\(FroZz!X)\Application Data\Adobe
2008-03-28 17:05 40,730 ----a-w C:\WINDOWS\system32\superiorads-uninst.exe
2008-03-26 12:02 --------- dc----w C:\Documents and Settings\(FroZz!X)\Application Data\OpenOffice.org2
2008-03-25 17:34 --------- dc----w C:\Documents and Settings\(FroZz!X)\Application Data\Ahead
2008-03-23 18:26 --------- dc----w C:\Documents and Settings\All Users\Application Data\BVRP Software
2008-03-23 18:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-12 16:36 181,542 --sha-w C:\WINDOWS\system32\tstwa.ini2
2008-03-11 16:41 --------- d-----w C:\Program Files\Lexmark 2200 Series
2008-03-10 20:18 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-02-28 21:54 --------- d-----w C:\Program Files\Windows Live
2008-02-28 18:03 89,664 -c--a-w C:\WINDOWS\system32\xremnyem.dll
2008-02-28 17:57 91,712 -c--a-w C:\WINDOWS\system32\xpluwauk.dll
2008-02-28 16:22 102,400 ----a-w C:\WINDOWS\DUMPaad6.tmp
2008-02-27 16:56 102,400 ----a-w C:\WINDOWS\DUMPabd0.tmp
2008-02-27 16:01 90,176 -c--a-w C:\WINDOWS\system32\rjbhtjev.dll
2008-02-27 15:55 91,712 -c--a-w C:\WINDOWS\system32\sucnsgnf.dll
2008-02-27 14:58 90,176 -c--a-w C:\WINDOWS\system32\amlcynja.dll
2008-02-25 15:20 102,400 ----a-w C:\WINDOWS\DUMP9e24.tmp
2008-02-23 13:02 89,152 -c--a-w C:\WINDOWS\system32\neejhnxa.dll
2008-02-21 13:15 --------- dcs---w C:\Documents and Settings\(FroZz!X)\Application Data\Microsoft
2008-02-21 12:03 93,760 -c--a-w C:\WINDOWS\system32\hgwgxyji.dll
2008-02-20 15:22 --------- dc----w C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
2008-02-20 15:22 --------- d-----w C:\Program Files\Free Download Manager
2008-02-20 15:16 --------- d-----w C:\Program Files\ReGetPro
2008-02-20 15:13 --------- d-----w C:\Program Files\Fichiers communs\ReGet Shared
2008-02-20 10:58 94,784 ----a-w C:\WINDOWS\system32\yrohadsf.dll
2008-02-19 11:52 --------- d-----w C:\Program Files\Microsoft Xbox 360 Accessories
2008-02-18 19:07 93,248 ----a-w C:\WINDOWS\system32\myflgwmn.dll
2008-02-18 18:37 97,344 ----a-w C:\WINDOWS\system32\suwloqcv.dll
2008-02-17 18:02 97,344 ----a-w C:\WINDOWS\system32\yyjkuxrl.dll
2008-02-16 22:16 --------- dc----w C:\Documents and Settings\(FroZz!X)\Application Data\Microgaming
2008-02-16 17:20 92,736 ----a-w C:\WINDOWS\system32\njmomuov.dll
2008-02-15 17:16 91,712 ----a-w C:\WINDOWS\system32\ucduxlhe.dll
2008-02-14 17:16 91,200 ----a-w C:\WINDOWS\system32\ydyuotbs.dll
2008-02-13 17:13 98,368 ----a-w C:\WINDOWS\system32\kaisbekp.dll
2008-02-13 16:33 --------- d-----w C:\Program Files\TEsT Box-II
2008-02-12 17:14 93,248 ----a-w C:\WINDOWS\system32\ilitkkxr.dll
2008-02-11 17:14 93,248 ----a-w C:\WINDOWS\system32\hrjevfoh.dll
2008-02-11 16:28 80,112 ----a-w C:\WINDOWS\system32\dcads-remove.exe
2008-02-10 16:09 102,400 ----a-w C:\WINDOWS\DUMPaa59.tmp
2008-02-10 11:03 93,248 ----a-w C:\WINDOWS\system32\mfbnmmjh.dll
2008-02-10 11:00 86,080 ----a-w C:\WINDOWS\system32\vykhwqxh.dll
2008-02-09 10:58 89,664 ----a-w C:\WINDOWS\system32\tsdsnaek.dll
2008-02-09 10:55 93,760 ----a-w C:\WINDOWS\system32\qpdfuipt.dll
2008-02-08 21:02 --------- d-----w C:\Program Files\Fichiers communs\Adobe Systems Shared
2008-02-08 21:01 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-08 18:33 --------- dc-h--r C:\Documents and Settings\(FroZz!X)\Application Data\SecuROM
2008-02-08 17:53 233,472 ----a-w C:\WINDOWS\system32\nsbB.dll
2008-02-08 09:36 95,808 ----a-w C:\WINDOWS\system32\kspkiekd.dll
2008-02-08 09:33 87,616 ----a-w C:\WINDOWS\system32\gxnmewgm.dll
2008-02-08 08:19 --------- dc----w C:\Documents and Settings\(FroZz!X)\Application Data\InstallShield
2008-02-03 19:10 92,736 ----a-w C:\WINDOWS\system32\fiugjevr.dll
2008-02-03 19:07 88,640 ----a-w C:\WINDOWS\system32\moekkikm.dll
2008-02-03 15:26 --------- d-----w C:\Program Files\DkZ Studio
2008-02-03 14:29 --------- d-----w C:\Program Files\BoontyGames
2008-02-03 14:29 --------- d-----w C:\Program Files\Boonty
2008-02-03 13:42 --------- d-----w C:\Program Files\SuperTuxKart
2008-02-03 13:26 --------- d-----w C:\Program Files\Freecorder
2008-02-03 13:25 737,280 ----a-w C:\WINDOWS\iun6002.exe
2008-02-03 12:34 --------- dc----w C:\Documents and Settings\(FroZz!X)\Application Data\Samsung
2008-02-03 12:22 --------- d-----w C:\Program Files\mp3DirectCut
2008-02-02 19:12 88,128 ----a-w C:\WINDOWS\system32\iiekiald.dll
2008-02-02 19:09 96,832 ----a-w C:\WINDOWS\system32\nkuaunxy.dll
2008-02-01 19:08 92,736 ----a-w C:\WINDOWS\system32\hgspwtvq.dll
2008-02-01 19:05 92,224 ----a-w C:\WINDOWS\system32\wsojrxpi.dll
2008-02-01 10:17 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-01-31 19:04 95,296 ----a-w C:\WINDOWS\system32\lrinsnwr.dll
2008-01-31 19:01 90,688 ----a-w C:\WINDOWS\system32\gedskocv.dll
2008-01-30 13:06 78,400 ----a-w C:\WINDOWS\system32\ticbnqfj.dll
2008-01-30 13:03 90,176 ----a-w C:\WINDOWS\system32\nmpghjvj.dll
2008-01-29 12:27 78,912 ----a-w C:\WINDOWS\system32\gbsibvox.dll
2008-01-29 12:24 88,640 ----a-w C:\WINDOWS\system32\hhpdofbt.dll
2008-01-28 12:28 79,936 ----a-w C:\WINDOWS\system32\kclhunoo.dll
2008-01-28 12:25 88,640 ----a-w C:\WINDOWS\system32\nkqfhoph.dll
2008-01-28 11:23 46,300 ----a-w C:\WINDOWS\system32\DcadsSocial-uninstall.exe
2008-01-27 12:27 89,152 ----a-w C:\WINDOWS\system32\outsrufi.dll
2008-01-27 12:24 78,912 ----a-w C:\WINDOWS\system32\qcnqsgct.dll
2008-01-26 11:24 89,152 ----a-w C:\WINDOWS\system32\rfbdemfd.dll
2008-01-26 11:21 78,912 ----a-w C:\WINDOWS\system32\oinecwyp.dll
2008-01-24 20:07 87,616 ----a-w C:\WINDOWS\system32\aisncyei.dll
2008-01-24 20:04 80,448 ----a-w C:\WINDOWS\system32\tsjcwqid.dll
2008-01-23 18:15 80,960 ----a-w C:\WINDOWS\system32\jqqgceig.dll
2008-01-23 18:12 87,616 ----a-w C:\WINDOWS\system32\ngoppvop.dll
2008-01-22 18:14 89,664 ----a-w C:\WINDOWS\system32\uehaiemk.dll
2008-01-22 18:11 77,376 ----a-w C:\WINDOWS\system32\tmfyrxuk.dll
2008-01-18 10:06 294,912 ------w C:\WINDOWS\system32\iebrowserc.dll
2008-01-08 18:06 24,288 ----a-w C:\WINDOWS\system32\byxyvus.dll
2008-01-07 17:53 24,288 ----a-w C:\WINDOWS\system32\cbxxyxv.dll
2008-01-06 17:28 24,288 ----a-w C:\WINDOWS\system32\byxwuvw.dll
2008-01-05 16:37 24,288 ----a-w C:\WINDOWS\system32\wvuspoo.dll
2008-01-04 16:25 24,288 ----a-w C:\WINDOWS\system32\gebxxut.dll
2007-01-04 08:56 24,192 -c--a-w C:\Documents and Settings\internity\usbsermptxp.sys
2007-01-04 08:56 22,768 -c--a-w C:\Documents and Settings\internity\usbsermpt.sys
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0e10d3b2-073b-442a-8994-fc8d4be5ae38}]
2008-03-11 18:59 93248 --a--c--- C:\WINDOWS\system32\mcfqqpyy.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{43FC67B6-4C25-4afd-AE7A-9EF3E4587026}]
2008-03-28 14:28 62976 --a------ C:\WINDOWS\system32\sprt_ads.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5AF256AA-1A90-4186-B4FC-F9F9531CC55D}]
C:\WINDOWS\system32\awtst.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{733716E1-76D2-4003-AC39-845281C0EF85}]
2008-02-08 19:53 233472 --a------ C:\WINDOWS\system32\nsbB.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-11-15 00:43 286720]
"Lexmark 2200 Series"="C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe" [2004-02-13 15:13 57344]
"3cc121d3"="C:\WINDOWS\system32\oypkkrto.dll" [2008-03-11 19:02 86592]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
"BM3ff2124f"="C:\WINDOWS\system32\qanxqubs.dll" [2008-03-11 18:56 90688]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 C:\WINDOWS\system32\awtst.dll

[HKLM\~\startupfolder\C:^Documents and Settings^(FroZz!X)^Menu Démarrer^Programmes^Démarrage^LimeWire Acceleration Patch.lnk]
path=C:\Documents and Settings\(FroZz!X)\Menu Démarrer\Programmes\Démarrage\LimeWire Acceleration Patch.lnk
backup=C:\WINDOWS\pss\LimeWire Acceleration Patch.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^(FroZz!X)^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.0.lnk]
path=C:\Documents and Settings\(FroZz!X)\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.0.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.0.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^(FroZz!X)^Menu Démarrer^Programmes^Démarrage^TestBox2.lnk]
path=C:\Documents and Settings\(FroZz!X)\Menu Démarrer\Programmes\Démarrage\TestBox2.lnk
backup=C:\WINDOWS\pss\TestBox2.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^internity^Menu Démarrer^Programmes^Démarrage^IMVU.lnk]
path=C:\Documents and Settings\internity\Menu Démarrer\Programmes\Démarrage\IMVU.lnk
backup=C:\WINDOWS\pss\IMVU.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdVantage]
--a------ 2007-06-28 16:19 880080 C:\Program Files\AdVantage\AdVantage.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2007-11-15 14:11 267048 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-10-18 12:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Piolet]
C:\Program Files\Piolet\Piolet.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-11-15 00:43 286720 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
--a------ 2008-01-30 14:11 3497984 C:\Program Files\Veoh Networks\Veoh\VeohClient.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WLSetupSvc"=3 (0x3)
"usnjsvc"=3 (0x3)
"ose"=3 (0x3)
"LexBceS"=2 (0x2)
"iPod Service"=3 (0x3)
"IDriverT"=3 (0x3)
"gusvc"=3 (0x3)
"Ati HotKey Poller"=2 (0x2)
"Apple Mobile Device"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"E:\\Valve\\Steam\\steamapps\\macdo440\\counter-strike source\\hl2.exe"=
"C:\\WINDOWS\\system32\\LEXPPS.EXE"=
"C:\\Program Files\\MultiProxy\\MProxy.exe"=
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\iMesh Applications\\iMesh\\iMesh.exe"=
"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\javaw.exe"=
"E:\\Valve\\Steam\\steamapps\\maco440\\condition zero\\hl.exe"=
"E:\\Instal Jeux\\BF2\\BF2.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:*:Disabled:Blizzard Downloader
"6112:TCP"= 6112:TCP:*:Disabled:Blizzard Downloader
"1863:TCP"= 1863:TCP: MSNmsgr.exe
"21133:TCP"= 21133:TCP:BitComet 21133 TCP
"21133:UDP"= 21133:UDP:BitComet 21133 UDP

R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys [2007-03-16 09:56]
R1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys [2007-03-16 09:56]
R2 NwSapAgent;Agent SAP;C:\WINDOWS\system32\svchost.exe [2006-03-02 14:00]
S3 AtmLane;Émulation réseau ATM;C:\WINDOWS\system32\DRIVERS\atmlane.sys [2006-03-02 14:00]
S3 genmcmnUSB;USB Scroll Mouse Driver;C:\WINDOWS\system32\DRIVERS\gflmouhid.sys []
S3 idrmkl;idrmkl;C:\DOCUME~1\INTERN~1\LOCALS~1\Temp\idrmkl.sys []
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 18:57]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 18:58]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 18:59]
S3 USB28xxBGA;USB 2870 Device;C:\WINDOWS\system32\DRIVERS\emBDA.sys [2006-08-09 10:10]
S3 USB28xxOEM;USB 28xx OEM Filter;C:\WINDOWS\system32\DRIVERS\emOEM.sys [2006-08-09 10:10]
S3 Wwbpras2;Wooweb-Pro Ras Driver Service;C:\WINDOWS\system32\DRIVERS\wwbpras2.sys []
S4 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" [2007-01-02 17:26]

*Newly Created Service* - FWDRV
*Newly Created Service* - KHIPS
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-04-01 15:00:00 C:\WINDOWS\Tasks\A3DD46A691A2F722.job"
- c:\docume~1\intern~1\applic~1\refcoo~1\userplaneq.exe
"2008-01-01 22:19:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-04-13 11:14:25 C:\WINDOWS\Tasks\SesamTVMC.job"
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-01 17:00:43
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ASFWHide]
"ImagePath"="\??\C:\DOCUME~1\INTERN~1\LOCALS~1\Temp\ASFWHide"
.
--------------------- DLLs a chargé sous des processus courants ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> C:\WINDOWS\system32\oypkkrto.dll
-> C:\WINDOWS\system32\qanxqubs.dll
.
Temps d'accomplissement: 2008-04-01 17:03:18
Pre-Run: 227,479,552 octets libres
Post-Run: 218,152,960 octets libres
.
2008-03-31 19:47:24 --- E O F ---
0
Réponse 6 / 32
Utilisateur anonyme
 
bon ton pc est gravement verolé on va passe un moment ensembles
on reviendras sur combofix plus tard

Télécharger Vundofix.exe (par Atribune) sur votre Bureau : http://www.atribune.org/ccount/click.php?id=4

pour effectuer les fix deconnect toi et ferme toutes tes applications !!

* Double-cliquer sur VundoFix.exe afin de le lancer.
* Cliquer sur le bouton Scan for Vundo.
* Lorsque le scan est complété, cliquer sur le bouton Remove Vundo.
* Une invite de commande demandera si l’on souhaite supprimer les fichiers, cliquer sur YES
* Après avoir cliqué "YES", le Bureau disparaîtra un moment lors de la suppression des fichiers.
* Une nouvelle invite de commande annoncera que le PC devra s'éteindre ("shutdown"). Cliquer sur OK , puis laisser le redémarrer.
* Le contenu du rapport est situé dans C:\vundofix.txt, poste le stp

Télécharge sur le bureau
http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe
=> Double clic sur VirtumundoBeGone.exe
=> Clic Continue ==> clic Start
=> Clic Oui
=> A la fin si Vundo est présent , le PC s’éteint et redémarre
- Si Ecran bleu et message : Erreur fatale .. pas de problème
=> Poster le rapport VBG.TXT qui est sur le bureau

0
Réponse 7 / 32
frozzix Messages postés 20 Statut Membre 1
 
Voila le résultat pour virtu mungo, en revanche, pour vundofix un écran bleu c'est affiché en me disant que si il apparaissait pour la premiere fois je devais redémarrer l'ordinateur, donc je l'ai fait, et le fichier .txt présent dans C:\ est vierge...

[04/01/2008, 18:04:07] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\(FroZz!X)\Bureau\VirtumundoBeGone.exe" )
[04/01/2008, 18:04:24] - Detected System Information:
[04/01/2008, 18:04:24] - Windows Version: 5.1.2600, Service Pack 2
[04/01/2008, 18:04:24] - Current Username: (FroZz!X) (Admin)
[04/01/2008, 18:04:24] - Windows is in NORMAL mode.
[04/01/2008, 18:04:24] - Searching for Browser Helper Objects:
[04/01/2008, 18:04:24] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
[04/01/2008, 18:04:24] - BHO 2: {0e10d3b2-073b-442a-8994-fc8d4be5ae38} ()
[04/01/2008, 18:04:24] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/01/2008, 18:04:24] - Checking for HKLM\...\Winlogon\Notify\mcfqqpyy
[04/01/2008, 18:04:24] - Key not found: HKLM\...\Winlogon\Notify\mcfqqpyy, continuing.
[04/01/2008, 18:04:24] - BHO 3: {16664845-0E00-11D2-8059-000000000000} (ClickCatcher MSIE handler)
[04/01/2008, 18:04:24] - BHO 4: {5AF256AA-1A90-4186-B4FC-F9F9531CC55D} ()
[04/01/2008, 18:04:24] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/01/2008, 18:04:24] - Checking for HKLM\...\Winlogon\Notify\awtst
[04/01/2008, 18:04:24] - Key not found: HKLM\...\Winlogon\Notify\awtst, continuing.
[04/01/2008, 18:04:24] - BHO 5: {733716E1-76D2-4003-AC39-845281C0EF85} (dcads)
[04/01/2008, 18:04:25] - BHO 6: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
[04/01/2008, 18:04:25] - BHO 7: {bf00e119-21a3-4fd1-b178-3b8537e75c92} (IeMonitorBho Class)
[04/01/2008, 18:04:25] - BHO 8: {C66AF7F0-2CF6-48cb-9F94-04EC2504B4FC} (XBTP01621 Class)
[04/01/2008, 18:04:25] - BHO 9: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} (FDMIECookiesBHO Class)
[04/01/2008, 18:04:25] - Finished Searching Browser Helper Objects
[04/01/2008, 18:04:25] - Finishing up...
[04/01/2008, 18:04:25] - Nothing found! Exiting...
0
Réponse 8 / 32
frozzix Messages postés 20 Statut Membre 1
 
Voila le rapport pour vitumundo, par contre, pour le premier logiciel le rapport est vierge...

[04/01/2008, 18:04:07] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\(FroZz!X)\Bureau\VirtumundoBeGone.exe" )
[04/01/2008, 18:04:24] - Detected System Information:
[04/01/2008, 18:04:24] - Windows Version: 5.1.2600, Service Pack 2
[04/01/2008, 18:04:24] - Current Username: (FroZz!X) (Admin)
[04/01/2008, 18:04:24] - Windows is in NORMAL mode.
[04/01/2008, 18:04:24] - Searching for Browser Helper Objects:
[04/01/2008, 18:04:24] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
[04/01/2008, 18:04:24] - BHO 2: {0e10d3b2-073b-442a-8994-fc8d4be5ae38} ()
[04/01/2008, 18:04:24] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/01/2008, 18:04:24] - Checking for HKLM\...\Winlogon\Notify\mcfqqpyy
[04/01/2008, 18:04:24] - Key not found: HKLM\...\Winlogon\Notify\mcfqqpyy, continuing.
[04/01/2008, 18:04:24] - BHO 3: {16664845-0E00-11D2-8059-000000000000} (ClickCatcher MSIE handler)
[04/01/2008, 18:04:24] - BHO 4: {5AF256AA-1A90-4186-B4FC-F9F9531CC55D} ()
[04/01/2008, 18:04:24] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/01/2008, 18:04:24] - Checking for HKLM\...\Winlogon\Notify\awtst
[04/01/2008, 18:04:24] - Key not found: HKLM\...\Winlogon\Notify\awtst, continuing.
[04/01/2008, 18:04:24] - BHO 5: {733716E1-76D2-4003-AC39-845281C0EF85} (dcads)
[04/01/2008, 18:04:25] - BHO 6: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
[04/01/2008, 18:04:25] - BHO 7: {bf00e119-21a3-4fd1-b178-3b8537e75c92} (IeMonitorBho Class)
[04/01/2008, 18:04:25] - BHO 8: {C66AF7F0-2CF6-48cb-9F94-04EC2504B4FC} (XBTP01621 Class)
[04/01/2008, 18:04:25] - BHO 9: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} (FDMIECookiesBHO Class)
[04/01/2008, 18:04:25] - Finished Searching Browser Helper Objects
[04/01/2008, 18:04:25] - Finishing up...
[04/01/2008, 18:04:25] - Nothing found! Exiting...
0
Réponse 9 / 32
frozzix Messages postés 20 Statut Membre 1
 
[04/01/2008, 18:04:07] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\(FroZz!X)\Bureau\VirtumundoBeGone.exe" )
[04/01/2008, 18:04:24] - Detected System Information:
[04/01/2008, 18:04:24] - Windows Version: 5.1.2600, Service Pack 2
[04/01/2008, 18:04:24] - Current Username: (FroZz!X) (Admin)
[04/01/2008, 18:04:24] - Windows is in NORMAL mode.
[04/01/2008, 18:04:24] - Searching for Browser Helper Objects:
[04/01/2008, 18:04:24] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Adobe PDF Reader Link Helper)
[04/01/2008, 18:04:24] - BHO 2: {0e10d3b2-073b-442a-8994-fc8d4be5ae38} ()
[04/01/2008, 18:04:24] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/01/2008, 18:04:24] - Checking for HKLM\...\Winlogon\Notify\mcfqqpyy
[04/01/2008, 18:04:24] - Key not found: HKLM\...\Winlogon\Notify\mcfqqpyy, continuing.
[04/01/2008, 18:04:24] - BHO 3: {16664845-0E00-11D2-8059-000000000000} (ClickCatcher MSIE handler)
[04/01/2008, 18:04:24] - BHO 4: {5AF256AA-1A90-4186-B4FC-F9F9531CC55D} ()
[04/01/2008, 18:04:24] - WARNING: BHO has no default name. Checking for Winlogon reference.
[04/01/2008, 18:04:24] - Checking for HKLM\...\Winlogon\Notify\awtst
[04/01/2008, 18:04:24] - Key not found: HKLM\...\Winlogon\Notify\awtst, continuing.
[04/01/2008, 18:04:24] - BHO 5: {733716E1-76D2-4003-AC39-845281C0EF85} (dcads)
[04/01/2008, 18:04:25] - BHO 6: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Programme d'aide de l'Assistant de connexion Windows Live)
[04/01/2008, 18:04:25] - BHO 7: {bf00e119-21a3-4fd1-b178-3b8537e75c92} (IeMonitorBho Class)
[04/01/2008, 18:04:25] - BHO 8: {C66AF7F0-2CF6-48cb-9F94-04EC2504B4FC} (XBTP01621 Class)
[04/01/2008, 18:04:25] - BHO 9: {CC59E0F9-7E43-44FA-9FAA-8377850BF205} (FDMIECookiesBHO Class)
[04/01/2008, 18:04:25] - Finished Searching Browser Helper Objects
[04/01/2008, 18:04:25] - Finishing up...
[04/01/2008, 18:04:25] - Nothing found! Exiting...
0
Réponse 10 / 32
Utilisateur anonyme
 
Copie le texte ci-dessous :

registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0e10d3b2-073b-442a-8994-fc8d4be5ae38}]

[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{43FC67B6-4C25-4afd-AE7A-9EF3E4587026}]

[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{5AF256AA-1A90-4186-B4FC-F9F9531CC55D}]

[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{733716E1-76D2-4003-AC39-845281C0EF85}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"3cc121d3"=-
"BM3ff2124f"=-

file::
C:\Documents and Settings\internity\usbsermpt.sys
C:\Documents and Settings\internity\usbsermptxp.sys
C:\Program Files\TEsT Box-II
C:\WINDOWS\system32\kaisbekp.dll
C:\WINDOWS\system32\tstwa.ini2
C:\WINDOWS\system32\superiorads-uninst.exe
C:\WINDOWS\yesmessenger.ini
C:\Program Files\YesMessenger
C:\WINDOWS\system32\kellkfue.dll
C:\WINDOWS\system32\wrilksjs.dll
C:\WINDOWS\system32\sprt_ads.dll
C:\WINDOWS\system32\awtst.dll
C:\WINDOWS\system32\oypkkrto.dll
C:\WINDOWS\system32\otrkkpyo.ini
C:\WINDOWS\system32\mcfqqpyy.dll
C:\WINDOWS\system32\qanxqubs.dll
C:\WINDOWS\system32\obkaawqf.ini
C:\WINDOWS\system32\cwbuwdnl.ini
C:\WINDOWS\system32\lndwubwc.dll
C:\WINDOWS\system32\urnyfjug.dll
C:\WINDOWS\system32\feltogwy.dll
C:\WINDOWS\system32\unbkapah.ini
C:\WINDOWS\system32\xmjqegik.dll
C:\WINDOWS\system32\jgyqygrs.dll
C:\WINDOWS\system32\bbypbdsn.ini
C:\WINDOWS\system32\njpmmvfw.ini
C:\WINDOWS\system32\sbqayykh.dll
C:\WINDOWS\system32\japleohq.ini
C:\WINDOWS\system32\pajtqllx.dll
C:\WINDOWS\system32\vlvkpxpk.dll
C:\WINDOWS\system32\jarocdqa.ini
C:\WINDOWS\system32\ffuiyfnx.dll
C:\WINDOWS\system32\wrpyejow.dll
C:\WINDOWS\system32\hynkshvr.dll
C:\WINDOWS\system32\gyxtmqhm.ini
C:\WINDOWS\system32\mhqmtxyg.dll
C:\WINDOWS\system32\fesfapqo.dll
C:\WINDOWS\system32\xqtpwmmn.ini
C:\WINDOWS\system32\beljwcpx.dll
C:\WINDOWS\system32\mybthbdw.dll
C:\WINDOWS\system32\malyocpi.ini
C:\WINDOWS\system32\lcxkfnao.dll
C:\WINDOWS\system32\uwpuflds.dll
C:\WINDOWS\system32\bsbexosx.dll
C:\WINDOWS\system32\triembam.ini
C:\WINDOWS\system32\xremnyem.dll
C:\WINDOWS\system32\xpluwauk.dll
C:\WINDOWS\DUMPaad6.tmp
C:\WINDOWS\DUMPabd0.tmp
C:\WINDOWS\system32\rjbhtjev.dll
C:\WINDOWS\system32\sucnsgnf.dll
C:\WINDOWS\system32\amlcynja.dll
C:\WINDOWS\DUMP9e24.tmp
C:\WINDOWS\system32\neejhnxa.dll
C:\WINDOWS\system32\hgwgxyji.dll
C:\WINDOWS\system32\yrohadsf.dll
C:\WINDOWS\system32\myflgwmn.dll
C:\WINDOWS\system32\suwloqcv.dll
C:\WINDOWS\system32\yyjkuxrl.dll
C:\WINDOWS\system32\njmomuov.dll
C:\WINDOWS\system32\ucduxlhe.dll
C:\WINDOWS\system32\ydyuotbs.dll
C:\WINDOWS\system32\ilitkkxr.dll
C:\WINDOWS\system32\hrjevfoh.dll
C:\WINDOWS\system32\dcads-remove.exe
C:\WINDOWS\DUMPaa59.tmp
C:\WINDOWS\system32\mfbnmmjh.dll
C:\WINDOWS\system32\vykhwqxh.dll
C:\WINDOWS\system32\tsdsnaek.dll
C:\WINDOWS\system32\qpdfuipt.dll
C:\WINDOWS\system32\nsbB.dll
C:\WINDOWS\system32\kspkiekd.dll
C:\WINDOWS\system32\gxnmewgm.dll
C:\WINDOWS\system32\fiugjevr.dll
C:\WINDOWS\system32\moekkikm.dll
C:\WINDOWS\system32\iiekiald.dll
C:\WINDOWS\system32\nkuaunxy.dll
C:\WINDOWS\system32\hgspwtvq.dll
C:\WINDOWS\system32\wsojrxpi.dll
C:\WINDOWS\system32\lrinsnwr.dll
C:\WINDOWS\system32\gedskocv.dll
C:\WINDOWS\system32\ticbnqfj.dll
C:\WINDOWS\system32\nmpghjvj.dll
C:\WINDOWS\system32\gbsibvox.dll
C:\WINDOWS\system32\hhpdofbt.dll
C:\WINDOWS\system32\kclhunoo.dll
C:\WINDOWS\system32\nkqfhoph.dll
C:\WINDOWS\system32\DcadsSocial-uninstall.exe
C:\WINDOWS\system32\outsrufi.dll
C:\WINDOWS\system32\qcnqsgct.dll
C:\WINDOWS\system32\rfbdemfd.dll
C:\WINDOWS\system32\oinecwyp.dll
C:\WINDOWS\system32\aisncyei.dll
C:\WINDOWS\system32\tsjcwqid.dll
C:\WINDOWS\system32\jqqgceig.dll
C:\WINDOWS\system32\ngoppvop.dll
C:\WINDOWS\system32\uehaiemk.dll
C:\WINDOWS\system32\tmfyrxuk.dll
C:\WINDOWS\system32\byxyvus.dll
C:\WINDOWS\system32\cbxxyxv.dll
C:\WINDOWS\system32\byxwuvw.dll
C:\WINDOWS\system32\wvuspoo.dll
C:\WINDOWS\system32\gebxxut.dll

Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans combofix comme ci-dessous :

http://sd-1.archive-host.com/membres/up/1366464061/CFScript.gif

Cela va relancer Combofix

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Après redémarrage, poste le contenu du rapport combofix.txt
0
Réponse 11 / 32
frozzix Messages postés 20 Statut Membre 1
 
Sa a marché, merci =) :

ComboFix 08-03-30.5 - (FroZz!X) 2008-04-01 19:49:53.2 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.646 [GMT 2:00]
Endroit: C:\Documents and Settings\(FroZz!X)\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\(FroZz!X)\Bureau\CFScript.txt
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]

FILE ::
C:\Documents and Settings\internity\usbsermpt.sys
C:\Documents and Settings\internity\usbsermptxp.sys
C:\Program Files\TEsT Box-II
C:\Program Files\YesMessenger
C:\WINDOWS\DUMP9e24.tmp
C:\WINDOWS\DUMPaa59.tmp
C:\WINDOWS\DUMPaad6.tmp
C:\WINDOWS\DUMPabd0.tmp
C:\WINDOWS\system32\aisncyei.dll
C:\WINDOWS\system32\amlcynja.dll
C:\WINDOWS\system32\awtst.dll
C:\WINDOWS\system32\bbypbdsn.ini
C:\WINDOWS\system32\beljwcpx.dll
C:\WINDOWS\system32\bsbexosx.dll
C:\WINDOWS\system32\byxwuvw.dll
C:\WINDOWS\system32\byxyvus.dll
C:\WINDOWS\system32\cbxxyxv.dll
C:\WINDOWS\system32\cwbuwdnl.ini
C:\WINDOWS\system32\dcads-remove.exe
C:\WINDOWS\system32\DcadsSocial-uninstall.exe
C:\WINDOWS\system32\feltogwy.dll
C:\WINDOWS\system32\fesfapqo.dll
C:\WINDOWS\system32\ffuiyfnx.dll
C:\WINDOWS\system32\fiugjevr.dll
C:\WINDOWS\system32\gbsibvox.dll
C:\WINDOWS\system32\gebxxut.dll
C:\WINDOWS\system32\gedskocv.dll
C:\WINDOWS\system32\gxnmewgm.dll
C:\WINDOWS\system32\gyxtmqhm.ini
C:\WINDOWS\system32\hgspwtvq.dll
C:\WINDOWS\system32\hgwgxyji.dll
C:\WINDOWS\system32\hhpdofbt.dll
C:\WINDOWS\system32\hrjevfoh.dll
C:\WINDOWS\system32\hynkshvr.dll
C:\WINDOWS\system32\iiekiald.dll
C:\WINDOWS\system32\ilitkkxr.dll
C:\WINDOWS\system32\japleohq.ini
C:\WINDOWS\system32\jarocdqa.ini
C:\WINDOWS\system32\jgyqygrs.dll
C:\WINDOWS\system32\jqqgceig.dll
C:\WINDOWS\system32\kaisbekp.dll
C:\WINDOWS\system32\kclhunoo.dll
C:\WINDOWS\system32\kellkfue.dll
C:\WINDOWS\system32\kspkiekd.dll
C:\WINDOWS\system32\lcxkfnao.dll
C:\WINDOWS\system32\lndwubwc.dll
C:\WINDOWS\system32\lrinsnwr.dll
C:\WINDOWS\system32\malyocpi.ini
C:\WINDOWS\system32\mcfqqpyy.dll
C:\WINDOWS\system32\mfbnmmjh.dll
C:\WINDOWS\system32\mhqmtxyg.dll
C:\WINDOWS\system32\moekkikm.dll
C:\WINDOWS\system32\mybthbdw.dll
C:\WINDOWS\system32\myflgwmn.dll
C:\WINDOWS\system32\neejhnxa.dll
C:\WINDOWS\system32\ngoppvop.dll
C:\WINDOWS\system32\njmomuov.dll
C:\WINDOWS\system32\njpmmvfw.ini
C:\WINDOWS\system32\nkqfhoph.dll
C:\WINDOWS\system32\nkuaunxy.dll
C:\WINDOWS\system32\nmpghjvj.dll
C:\WINDOWS\system32\nsbB.dll
C:\WINDOWS\system32\obkaawqf.ini
C:\WINDOWS\system32\oinecwyp.dll
C:\WINDOWS\system32\otrkkpyo.ini
C:\WINDOWS\system32\outsrufi.dll
C:\WINDOWS\system32\oypkkrto.dll
C:\WINDOWS\system32\pajtqllx.dll
C:\WINDOWS\system32\qanxqubs.dll
C:\WINDOWS\system32\qcnqsgct.dll
C:\WINDOWS\system32\qpdfuipt.dll
C:\WINDOWS\system32\rfbdemfd.dll
C:\WINDOWS\system32\rjbhtjev.dll
C:\WINDOWS\system32\sbqayykh.dll
C:\WINDOWS\system32\sprt_ads.dll
C:\WINDOWS\system32\sucnsgnf.dll
C:\WINDOWS\system32\superiorads-uninst.exe
C:\WINDOWS\system32\suwloqcv.dll
C:\WINDOWS\system32\ticbnqfj.dll
C:\WINDOWS\system32\tmfyrxuk.dll
C:\WINDOWS\system32\triembam.ini
C:\WINDOWS\system32\tsdsnaek.dll
C:\WINDOWS\system32\tsjcwqid.dll
C:\WINDOWS\system32\tstwa.ini2
C:\WINDOWS\system32\ucduxlhe.dll
C:\WINDOWS\system32\uehaiemk.dll
C:\WINDOWS\system32\unbkapah.ini
C:\WINDOWS\system32\urnyfjug.dll
C:\WINDOWS\system32\uwpuflds.dll
C:\WINDOWS\system32\vlvkpxpk.dll
C:\WINDOWS\system32\vykhwqxh.dll
C:\WINDOWS\system32\wrilksjs.dll
C:\WINDOWS\system32\wrpyejow.dll
C:\WINDOWS\system32\wsojrxpi.dll
C:\WINDOWS\system32\wvuspoo.dll
C:\WINDOWS\system32\xmjqegik.dll
C:\WINDOWS\system32\xpluwauk.dll
C:\WINDOWS\system32\xqtpwmmn.ini
C:\WINDOWS\system32\xremnyem.dll
C:\WINDOWS\system32\ydyuotbs.dll
C:\WINDOWS\system32\yrohadsf.dll
C:\WINDOWS\system32\yyjkuxrl.dll
C:\WINDOWS\yesmessenger.ini
.
/wow section non terminée

((((((((((((((((((((((((((((( Fichiers créés 2008-03-01 to 2008-04-01 ))))))))))))))))))))))))))))))))))))
.

2008-04-01 19:41 . 2008-04-01 19:41 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-04-01 19:41 . 2008-04-01 19:41 1,409 --a------ C:\WINDOWS\QTFont.for
2008-04-01 17:48 . 2008-04-01 17:48 <REP> d----c--- C:\VundoFix Backups
2008-04-01 17:39 . 2008-04-01 17:39 <REP> d----c--- C:\Documents and Settings\(FroZz!X)\Application Data\Megaupload
2008-04-01 16:29 . 2008-04-01 16:29 <REP> d-------- C:\Program Files\Sunbelt Software
2008-04-01 16:29 . 2008-04-01 16:29 <REP> d----c--- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-04-01 16:29 . 2008-04-01 16:29 <REP> d----c--- C:\Documents and Settings\(FroZz!X)\Application Data\Grisoft
2008-04-01 16:29 . 2007-05-30 14:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-03-28 14:28 . 2008-03-28 14:28 62,976 --------- C:\WINDOWS\system32\sprt_ads.dll
2008-03-25 19:34 . 2008-03-25 19:34 <REP> d----c--- C:\Documents and Settings\(FroZz!X)\Application Data\Ahead
2008-03-24 00:58 . 2008-03-24 00:58 107,832 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2008-03-24 00:58 . 2008-03-24 00:58 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2008-03-24 00:58 . 2008-03-24 00:58 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-03-23 20:24 . 2008-03-23 20:24 <REP> d-------- C:\Program Files\mobile PhoneTools
2008-03-23 20:24 . 2008-03-23 20:24 <REP> d-------- C:\Program Files\LiveUpdate
2008-03-23 18:42 . 2008-03-23 18:42 <REP> d-------- C:\Program Files\PENTAX Optio 50
2008-03-23 18:42 . 2004-03-17 23:00 114,688 --a------ C:\WINDOWS\system32\JpegCode.dll
2008-03-23 18:42 . 2004-03-17 22:59 46,944 --a------ C:\WINDOWS\system32\drivers\CoachUsb.sys
2008-03-23 18:42 . 2004-03-17 23:00 44,256 --a------ C:\WINDOWS\system32\drivers\CoachVc.sys
2008-03-23 18:42 . 2004-03-17 22:59 16,896 --a------ C:\WINDOWS\system32\CoachDlg.dll
2008-03-23 18:42 . 2004-03-17 23:00 8,192 --a------ C:\WINDOWS\system32\CoachWrp.dll
2008-03-23 18:42 . 2004-03-17 22:59 5,632 --a------ C:\WINDOWS\system32\CoachSti.dll
2008-03-12 18:39 . 2008-03-12 18:39 127 --a------ C:\WINDOWS\system32\MRT.INI
2008-03-11 19:02 . 2008-03-11 19:02 86,592 --a--c--- C:\WINDOWS\system32\oypkkrto.dll
2008-03-11 19:02 . 2008-04-01 19:50 5,920 ---hs---- C:\WINDOWS\system32\otrkkpyo.ini
2008-03-11 18:59 . 2008-03-11 18:59 93,248 --a--c--- C:\WINDOWS\system32\mcfqqpyy.dll
2008-03-11 18:56 . 2008-03-11 18:56 90,688 --a--c--- C:\WINDOWS\system32\qanxqubs.dll
2008-03-11 18:02 . 2008-03-11 18:02 93,248 --a--c--- C:\WINDOWS\system32\wrilksjs.dll
2008-03-11 17:59 . 2008-03-11 17:59 1,315,110 ---hs---- C:\WINDOWS\system32\obkaawqf.ini
2008-03-10 17:53 . 2008-03-10 17:54 1,318,929 ---hs---- C:\WINDOWS\system32\cwbuwdnl.ini
2008-03-10 17:53 . 2008-03-10 17:53 87,616 --a--c--- C:\WINDOWS\system32\lndwubwc.dll
2008-03-10 17:50 . 2008-03-10 17:50 93,760 --a--c--- C:\WINDOWS\system32\urnyfjug.dll
2008-03-10 17:44 . 2008-03-10 17:44 89,152 --a--c--- C:\WINDOWS\system32\feltogwy.dll
2008-03-09 14:37 . 2008-03-10 17:53 1,318,869 ---hs---- C:\WINDOWS\system32\unbkapah.ini
2008-03-09 14:34 . 2008-03-09 14:34 91,200 --a--c--- C:\WINDOWS\system32\xmjqegik.dll
2008-03-09 14:28 . 2008-03-09 14:28 89,664 --a--c--- C:\WINDOWS\system32\jgyqygrs.dll
2008-03-09 13:37 . 2008-03-09 13:38 1,308,701 ---hs---- C:\WINDOWS\system32\bbypbdsn.ini
2008-03-09 13:34 . 2008-03-09 13:34 91,200 --a--c--- C:\WINDOWS\system32\kellkfue.dll
2008-03-08 13:32 . 2008-03-09 13:32 1,308,641 ---hs---- C:\WINDOWS\system32\njpmmvfw.ini
2008-03-08 13:25 . 2008-03-08 13:25 88,640 --a--c--- C:\WINDOWS\system32\sbqayykh.dll
2008-03-06 22:56 . 2008-03-08 13:11 1,307,457 ---hs---- C:\WINDOWS\system32\japleohq.ini
2008-03-06 22:53 . 2008-03-06 22:53 96,320 --a--c--- C:\WINDOWS\system32\pajtqllx.dll
2008-03-06 22:47 . 2008-03-06 22:47 92,736 --a--c--- C:\WINDOWS\system32\vlvkpxpk.dll
2008-03-05 22:57 . 2008-03-06 21:59 1,307,494 ---hs---- C:\WINDOWS\system32\jarocdqa.ini
2008-03-05 22:54 . 2008-03-05 22:54 96,832 --a--c--- C:\WINDOWS\system32\ffuiyfnx.dll
2008-03-05 22:48 . 2008-03-05 22:48 91,712 --a--c--- C:\WINDOWS\system32\wrpyejow.dll
2008-03-05 16:53 . 2008-03-05 16:53 <REP> d----c--- C:\Documents and Settings\(FroZz!X)\WINDOWS
2008-03-04 22:54 . 2008-03-04 22:54 96,832 --a--c--- C:\WINDOWS\system32\hynkshvr.dll
2008-03-04 22:51 . 2008-03-05 14:51 1,303,236 ---hs---- C:\WINDOWS\system32\gyxtmqhm.ini
2008-03-04 22:51 . 2008-03-04 22:51 89,664 --a--c--- C:\WINDOWS\system32\mhqmtxyg.dll
2008-03-04 22:46 . 2008-03-04 22:46 91,712 --a--c--- C:\WINDOWS\system32\fesfapqo.dll
2008-03-03 22:51 . 2008-03-04 22:48 512 ---hs---- C:\WINDOWS\system32\xqtpwmmn.ini
2008-03-03 22:48 . 2008-03-03 22:48 95,296 --a--c--- C:\WINDOWS\system32\beljwcpx.dll
2008-03-03 22:45 . 2008-03-03 22:45 91,712 --a--c--- C:\WINDOWS\system32\mybthbdw.dll
2008-03-02 22:54 . 2008-03-03 22:36 2,639,602 ---hs---- C:\WINDOWS\system32\malyocpi.ini
2008-03-02 22:49 . 2008-03-02 22:49 89,664 --a--c--- C:\WINDOWS\system32\lcxkfnao.dll
2008-03-02 22:46 . 2008-03-02 22:46 91,712 --a--c--- C:\WINDOWS\system32\uwpuflds.dll
2008-03-02 22:37 . 2008-03-02 22:41 <REP> d-------- C:\Program Files\YesMessenger
2008-03-02 22:37 . 2008-03-02 22:37 60 --a------ C:\WINDOWS\yesmessenger.ini
2008-03-02 21:52 . 2008-03-02 21:52 89,664 --a--c--- C:\WINDOWS\system32\bsbexosx.dll
2008-03-02 21:49 . 2008-03-02 22:51 2,500,504 ---hs---- C:\WINDOWS\system32\triembam.ini

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-01 15:39 --------- dc----w C:\Documents and Settings\(FroZz!X)\Application Data\Megaupload
2008-04-01 14:55 4,456,448 ---ha-w C:\Documents and Settings\(FroZz!X)\NTUSER.DAT
2008-04-01 14:29 --------- dc----w C:\Documents and Settings\(FroZz!X)\Application Data\Grisoft
2008-03-31 19:20 --------- dc----w C:\Documents and Settings\(FroZz!X)\Application Data\gtk-2.0
2008-03-31 19:14 --------- dc----w C:\Documents and Settings\(FroZz!X)\Application Data\Adobe
2008-03-28 17:05 40,730 ----a-w C:\WINDOWS\system32\superiorads-uninst.exe
2008-03-26 12:02 --------- dc----w C:\Documents and Settings\(FroZz!X)\Application Data\OpenOffice.org2
2008-03-25 17:34 --------- dc----w C:\Documents and Settings\(FroZz!X)\Application Data\Ahead
2008-03-23 18:26 --------- dc----w C:\Documents and Settings\All Users\Application Data\BVRP Software
2008-03-23 18:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-03-12 16:36 181,542 --sha-w C:\WINDOWS\system32\tstwa.ini2
2008-03-11 16:41 --------- d-----w C:\Program Files\Lexmark 2200 Series
2008-03-10 20:18 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2008-02-28 21:54 --------- d-----w C:\Program Files\Windows Live
2008-02-28 18:03 89,664 -c--a-w C:\WINDOWS\system32\xremnyem.dll
2008-02-28 17:57 91,712 -c--a-w C:\WINDOWS\system32\xpluwauk.dll
2008-02-28 16:22 102,400 ----a-w C:\WINDOWS\DUMPaad6.tmp
2008-02-27 16:56 102,400 ----a-w C:\WINDOWS\DUMPabd0.tmp
2008-02-27 16:01 90,176 -c--a-w C:\WINDOWS\system32\rjbhtjev.dll
2008-02-27 15:55 91,712 -c--a-w C:\WINDOWS\system32\sucnsgnf.dll
2008-02-27 14:58 90,176 -c--a-w C:\WINDOWS\system32\amlcynja.dll
2008-02-25 15:20 102,400 ----a-w C:\WINDOWS\DUMP9e24.tmp
2008-02-23 13:02 89,152 -c--a-w C:\WINDOWS\system32\neejhnxa.dll
2008-02-21 13:15 --------- dcs---w C:\Documents and Settings\(FroZz!X)\Application Data\Microsoft
2008-02-21 12:03 93,760 -c--a-w C:\WINDOWS\system32\hgwgxyji.dll
2008-02-20 15:22 --------- dc----w C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
2008-02-20 15:22 --------- d-----w C:\Program Files\Free Download Manager
2008-02-20 15:16 --------- d-----w C:\Program Files\ReGetPro
2008-02-20 15:13 --------- d-----w C:\Program Files\Fichiers communs\ReGet Shared
2008-02-20 10:58 94,784 ----a-w C:\WINDOWS\system32\yrohadsf.dll
2008-02-19 11:52 --------- d-----w C:\Program Files\Microsoft Xbox 360 Accessories
2008-02-18 19:07 93,248 ----a-w C:\WINDOWS\system32\myflgwmn.dll
2008-02-18 18:37 97,344 ----a-w C:\WINDOWS\system32\suwloqcv.dll
2008-02-17 18:02 97,344 ----a-w C:\WINDOWS\system32\yyjkuxrl.dll
2008-02-16 22:16 --------- dc----w C:\Documents and Settings\(FroZz!X)\Application Data\Microgaming
2008-02-16 17:20 92,736 ----a-w C:\WINDOWS\system32\njmomuov.dll
2008-02-15 17:16 91,712 ----a-w C:\WINDOWS\system32\ucduxlhe.dll
2008-02-14 17:16 91,200 ----a-w C:\WINDOWS\system32\ydyuotbs.dll
2008-02-13 17:13 98,368 ----a-w C:\WINDOWS\system32\kaisbekp.dll
2008-02-13 16:33 --------- d-----w C:\Program Files\TEsT Box-II
2008-02-12 17:14 93,248 ----a-w C:\WINDOWS\system32\ilitkkxr.dll
2008-02-11 17:14 93,248 ----a-w C:\WINDOWS\system32\hrjevfoh.dll
2008-02-11 16:28 80,112 ----a-w C:\WINDOWS\system32\dcads-remove.exe
2008-02-10 16:09 102,400 ----a-w C:\WINDOWS\DUMPaa59.tmp
2008-02-10 11:03 93,248 ----a-w C:\WINDOWS\system32\mfbnmmjh.dll
2008-02-10 11:00 86,080 ----a-w C:\WINDOWS\system32\vykhwqxh.dll
2008-02-09 10:58 89,664 ----a-w C:\WINDOWS\system32\tsdsnaek.dll
2008-02-09 10:55 93,760 ----a-w C:\WINDOWS\system32\qpdfuipt.dll
2008-02-08 21:02 --------- d-----w C:\Program Files\Fichiers communs\Adobe Systems Shared
2008-02-08 21:01 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-08 18:33 --------- dc-h--r C:\Documents and Settings\(FroZz!X)\Application Data\SecuROM
2008-02-08 17:53 233,472 ----a-w C:\WINDOWS\system32\nsbB.dll
2008-02-08 09:36 95,808 ----a-w C:\WINDOWS\system32\kspkiekd.dll
2008-02-08 09:33 87,616 ----a-w C:\WINDOWS\system32\gxnmewgm.dll
2008-02-08 08:19 --------- dc----w C:\Documents and Settings\(FroZz!X)\Application Data\InstallShield
2008-02-03 19:10 92,736 ----a-w C:\WINDOWS\system32\fiugjevr.dll
2008-02-03 19:07 88,640 ----a-w C:\WINDOWS\system32\moekkikm.dll
2008-02-03 15:26 --------- d-----w C:\Program Files\DkZ Studio
2008-02-03 14:29 --------- d-----w C:\Program Files\BoontyGames
2008-02-03 14:29 --------- d-----w C:\Program Files\Boonty
2008-02-03 13:42 --------- d-----w C:\Program Files\SuperTuxKart
2008-02-03 13:26 --------- d-----w C:\Program Files\Freecorder
2008-02-03 13:25 737,280 ----a-w C:\WINDOWS\iun6002.exe
2008-02-03 12:34 --------- dc----w C:\Documents and Settings\(FroZz!X)\Application Data\Samsung
2008-02-03 12:22 --------- d-----w C:\Program Files\mp3DirectCut
2008-02-02 19:12 88,128 ----a-w C:\WINDOWS\system32\iiekiald.dll
2008-02-02 19:09 96,832 ----a-w C:\WINDOWS\system32\nkuaunxy.dll
2008-02-01 19:08 92,736 ----a-w C:\WINDOWS\system32\hgspwtvq.dll
2008-02-01 19:05 92,224 ----a-w C:\WINDOWS\system32\wsojrxpi.dll
2008-02-01 10:17 587,264 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-01-31 19:04 95,296 ----a-w C:\WINDOWS\system32\lrinsnwr.dll
2008-01-31 19:01 90,688 ----a-w C:\WINDOWS\system32\gedskocv.dll
2008-01-30 13:06 78,400 ----a-w C:\WINDOWS\system32\ticbnqfj.dll
2008-01-30 13:03 90,176 ----a-w C:\WINDOWS\system32\nmpghjvj.dll
2008-01-29 12:27 78,912 ----a-w C:\WINDOWS\system32\gbsibvox.dll
2008-01-29 12:24 88,640 ----a-w C:\WINDOWS\system32\hhpdofbt.dll
2008-01-28 12:28 79,936 ----a-w C:\WINDOWS\system32\kclhunoo.dll
2008-01-28 12:25 88,640 ----a-w C:\WINDOWS\system32\nkqfhoph.dll
2008-01-28 11:23 46,300 ----a-w C:\WINDOWS\system32\DcadsSocial-uninstall.exe
2008-01-27 12:27 89,152 ----a-w C:\WINDOWS\system32\outsrufi.dll
2008-01-27 12:24 78,912 ----a-w C:\WINDOWS\system32\qcnqsgct.dll
2008-01-26 11:24 89,152 ----a-w C:\WINDOWS\system32\rfbdemfd.dll
2008-01-26 11:21 78,912 ----a-w C:\WINDOWS\system32\oinecwyp.dll
2008-01-24 20:07 87,616 ----a-w C:\WINDOWS\system32\aisncyei.dll
2008-01-24 20:04 80,448 ----a-w C:\WINDOWS\system32\tsjcwqid.dll
2008-01-23 18:15 80,960 ----a-w C:\WINDOWS\system32\jqqgceig.dll
2008-01-23 18:12 87,616 ----a-w C:\WINDOWS\system32\ngoppvop.dll
2008-01-22 18:14 89,664 ----a-w C:\WINDOWS\system32\uehaiemk.dll
2008-01-22 18:11 77,376 ----a-w C:\WINDOWS\system32\tmfyrxuk.dll
2008-01-18 10:06 294,912 ------w C:\WINDOWS\system32\iebrowserc.dll
2008-01-08 18:06 24,288 ----a-w C:\WINDOWS\system32\byxyvus.dll
2008-01-07 17:53 24,288 ----a-w C:\WINDOWS\system32\cbxxyxv.dll
2008-01-06 17:28 24,288 ----a-w C:\WINDOWS\system32\byxwuvw.dll
2008-01-05 16:37 24,288 ----a-w C:\WINDOWS\system32\wvuspoo.dll
2008-01-04 16:25 24,288 ----a-w C:\WINDOWS\system32\gebxxut.dll
2007-01-04 08:56 24,192 -c--a-w C:\Documents and Settings\internity\usbsermptxp.sys
2007-01-04 08:56 22,768 -c--a-w C:\Documents and Settings\internity\usbsermpt.sys
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 12:34 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-11-15 00:43 286720]
"Lexmark 2200 Series"="C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe" [2004-02-13 15:13 57344]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25 6731312]
"BM3ff2124f"="C:\WINDOWS\system32\qanxqubs.dll" [2008-03-11 18:56 90688]
"3cc121d3"="C:\WINDOWS\system32\oypkkrto.dll" [2008-03-11 19:02 86592]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
Authentication Packages REG_MULTI_SZ msv1_0 C:\WINDOWS\system32\awtst.dll

[HKLM\~\startupfolder\C:^Documents and Settings^(FroZz!X)^Menu Démarrer^Programmes^Démarrage^LimeWire Acceleration Patch.lnk]
path=C:\Documents and Settings\(FroZz!X)\Menu Démarrer\Programmes\Démarrage\LimeWire Acceleration Patch.lnk
backup=C:\WINDOWS\pss\LimeWire Acceleration Patch.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^(FroZz!X)^Menu Démarrer^Programmes^Démarrage^OpenOffice.org 2.0.lnk]
path=C:\Documents and Settings\(FroZz!X)\Menu Démarrer\Programmes\Démarrage\OpenOffice.org 2.0.lnk
backup=C:\WINDOWS\pss\OpenOffice.org 2.0.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^(FroZz!X)^Menu Démarrer^Programmes^Démarrage^TestBox2.lnk]
path=C:\Documents and Settings\(FroZz!X)\Menu Démarrer\Programmes\Démarrage\TestBox2.lnk
backup=C:\WINDOWS\pss\TestBox2.lnkStartup

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Menu Démarrer^Programmes^Démarrage^Lancement rapide d'Adobe Reader.lnk]
path=C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage\Lancement rapide d'Adobe Reader.lnk
backup=C:\WINDOWS\pss\Lancement rapide d'Adobe Reader.lnkCommon Startup

[HKLM\~\startupfolder\C:^Documents and Settings^internity^Menu Démarrer^Programmes^Démarrage^IMVU.lnk]
path=C:\Documents and Settings\internity\Menu Démarrer\Programmes\Démarrage\IMVU.lnk
backup=C:\WINDOWS\pss\IMVU.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdVantage]
--a------ 2007-06-28 16:19 880080 C:\Program Files\AdVantage\AdVantage.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2007-11-15 14:11 267048 C:\Program Files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
--a------ 2007-10-18 12:34 5724184 C:\Program Files\Windows Live\Messenger\msnmsgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Piolet]
C:\Program Files\Piolet\Piolet.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-11-15 00:43 286720 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
--a------ 2008-01-30 14:11 3497984 C:\Program Files\Veoh Networks\Veoh\VeohClient.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WLSetupSvc"=3 (0x3)
"usnjsvc"=3 (0x3)
"ose"=3 (0x3)
"LexBceS"=2 (0x2)
"iPod Service"=3 (0x3)
"IDriverT"=3 (0x3)
"gusvc"=3 (0x3)
"Ati HotKey Poller"=2 (0x2)
"Apple Mobile Device"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"AntiVirusOverride"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"E:\\Valve\\Steam\\steamapps\\macdo440\\counter-strike source\\hl2.exe"=
"C:\\WINDOWS\\system32\\LEXPPS.EXE"=
"C:\\Program Files\\MultiProxy\\MProxy.exe"=
"C:\\Program Files\\Veoh Networks\\Veoh\\VeohClient.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\iMesh Applications\\iMesh\\iMesh.exe"=
"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\javaw.exe"=
"E:\\Valve\\Steam\\steamapps\\maco440\\condition zero\\hl.exe"=
"E:\\Instal Jeux\\BF2\\BF2.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3724:TCP"= 3724:TCP:*:Disabled:Blizzard Downloader
"6112:TCP"= 6112:TCP:*:Disabled:Blizzard Downloader
"1863:TCP"= 1863:TCP: MSNmsgr.exe
"21133:TCP"= 21133:TCP:BitComet 21133 TCP
"21133:UDP"= 21133:UDP:BitComet 21133 UDP

R2 NwSapAgent;Agent SAP;C:\WINDOWS\system32\svchost.exe [2006-03-02 14:00]
S3 AtmLane;Émulation réseau ATM;C:\WINDOWS\system32\DRIVERS\atmlane.sys [2006-03-02 14:00]
S3 genmcmnUSB;USB Scroll Mouse Driver;C:\WINDOWS\system32\DRIVERS\gflmouhid.sys []
S3 idrmkl;idrmkl;C:\DOCUME~1\INTERN~1\LOCALS~1\Temp\idrmkl.sys []
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM);C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 18:57]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter;C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 18:58]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers;C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 18:59]
S3 USB28xxBGA;USB 2870 Device;C:\WINDOWS\system32\DRIVERS\emBDA.sys [2006-08-09 10:10]
S3 USB28xxOEM;USB 28xx OEM Filter;C:\WINDOWS\system32\DRIVERS\emOEM.sys [2006-08-09 10:10]
S3 Wwbpras2;Wooweb-Pro Ras Driver Service;C:\WINDOWS\system32\DRIVERS\wwbpras2.sys []
S4 Boonty Games;Boonty Games;"C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" [2007-01-02 17:26]

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-04-01 17:00:00 C:\WINDOWS\Tasks\A3DD46A691A2F722.job"
- c:\docume~1\intern~1\applic~1\refcoo~1\userplaneq.exe
"2008-01-01 22:19:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-04-13 11:14:25 C:\WINDOWS\Tasks\SesamTVMC.job"
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-01 19:50:14
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ASFWHide]
"ImagePath"="\??\C:\DOCUME~1\INTERN~1\LOCALS~1\Temp\ASFWHide"
.
--------------------- DLLs a chargé sous des processus courants ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> C:\WINDOWS\system32\oypkkrto.dll
-> C:\WINDOWS\system32\qanxqubs.dll
.
Temps d'accomplissement: 2008-04-01 19:52:01
ComboFix-quarantined-files.txt 2008-04-01 17:51:59
ComboFix2.txt 2008-04-01 15:03:20
Pre-Run: 1,373,433,856 octets libres
Post-Run: 1,360,400,384 octets libres
.
2008-03-31 19:47:24 --- E O F ---
0
Réponse 12 / 32
frozzix Messages postés 20 Statut Membre 1
 
Voila =) J'ai suivis toutes tes consignes. J'attends la suite.
Si tu en a marre on peut continuer un autre jour ;-)
0
Réponse 13 / 32
Utilisateur anonyme
 
malheureusement pas totalement fait ceci

télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

Citation :

C:\Documents and Settings\internity\usbsermpt.sys
C:\Documents and Settings\internity\usbsermptxp.sys
C:\Program Files\TEsT Box-II
C:\WINDOWS\system32\kaisbekp.dll
C:\WINDOWS\system32\tstwa.ini2
C:\WINDOWS\system32\superiorads-uninst.exe
C:\WINDOWS\yesmessenger.ini
C:\Program Files\YesMessenger
C:\WINDOWS\system32\kellkfue.dll
C:\WINDOWS\system32\wrilksjs.dll
C:\WINDOWS\system32\sprt_ads.dll
C:\WINDOWS\system32\awtst.dll
C:\WINDOWS\system32\oypkkrto.dll
C:\WINDOWS\system32\otrkkpyo.ini
C:\WINDOWS\system32\mcfqqpyy.dll
C:\WINDOWS\system32\qanxqubs.dll
C:\WINDOWS\system32\obkaawqf.ini
C:\WINDOWS\system32\cwbuwdnl.ini
C:\WINDOWS\system32\lndwubwc.dll
C:\WINDOWS\system32\urnyfjug.dll
C:\WINDOWS\system32\feltogwy.dll
C:\WINDOWS\system32\unbkapah.ini
C:\WINDOWS\system32\xmjqegik.dll
C:\WINDOWS\system32\jgyqygrs.dll
C:\WINDOWS\system32\bbypbdsn.ini
C:\WINDOWS\system32\njpmmvfw.ini
C:\WINDOWS\system32\sbqayykh.dll
C:\WINDOWS\system32\japleohq.ini
C:\WINDOWS\system32\pajtqllx.dll
C:\WINDOWS\system32\vlvkpxpk.dll
C:\WINDOWS\system32\jarocdqa.ini
C:\WINDOWS\system32\ffuiyfnx.dll
C:\WINDOWS\system32\wrpyejow.dll
C:\WINDOWS\system32\hynkshvr.dll
C:\WINDOWS\system32\gyxtmqhm.ini
C:\WINDOWS\system32\mhqmtxyg.dll
C:\WINDOWS\system32\fesfapqo.dll
C:\WINDOWS\system32\xqtpwmmn.ini
C:\WINDOWS\system32\beljwcpx.dll
C:\WINDOWS\system32\mybthbdw.dll
C:\WINDOWS\system32\malyocpi.ini
C:\WINDOWS\system32\lcxkfnao.dll
C:\WINDOWS\system32\uwpuflds.dll
C:\WINDOWS\system32\bsbexosx.dll
C:\WINDOWS\system32\triembam.ini
C:\WINDOWS\system32\xremnyem.dll
C:\WINDOWS\system32\xpluwauk.dll
C:\WINDOWS\DUMPaad6.tmp
C:\WINDOWS\DUMPabd0.tmp
C:\WINDOWS\system32\rjbhtjev.dll
C:\WINDOWS\system32\sucnsgnf.dll
C:\WINDOWS\system32\amlcynja.dll
C:\WINDOWS\DUMP9e24.tmp
C:\WINDOWS\system32\neejhnxa.dll
C:\WINDOWS\system32\hgwgxyji.dll
C:\WINDOWS\system32\yrohadsf.dll
C:\WINDOWS\system32\myflgwmn.dll
C:\WINDOWS\system32\suwloqcv.dll
C:\WINDOWS\system32\yyjkuxrl.dll
C:\WINDOWS\system32\njmomuov.dll
C:\WINDOWS\system32\ucduxlhe.dll
C:\WINDOWS\system32\ydyuotbs.dll
C:\WINDOWS\system32\ilitkkxr.dll
C:\WINDOWS\system32\hrjevfoh.dll
C:\WINDOWS\system32\dcads-remove.exe
C:\WINDOWS\DUMPaa59.tmp
C:\WINDOWS\system32\mfbnmmjh.dll
C:\WINDOWS\system32\vykhwqxh.dll
C:\WINDOWS\system32\tsdsnaek.dll
C:\WINDOWS\system32\qpdfuipt.dll
C:\WINDOWS\system32\nsbB.dll
C:\WINDOWS\system32\kspkiekd.dll
C:\WINDOWS\system32\gxnmewgm.dll
C:\WINDOWS\system32\fiugjevr.dll
C:\WINDOWS\system32\moekkikm.dll
C:\WINDOWS\system32\iiekiald.dll
C:\WINDOWS\system32\nkuaunxy.dll
C:\WINDOWS\system32\hgspwtvq.dll
C:\WINDOWS\system32\wsojrxpi.dll
C:\WINDOWS\system32\lrinsnwr.dll
C:\WINDOWS\system32\gedskocv.dll
C:\WINDOWS\system32\ticbnqfj.dll
C:\WINDOWS\system32\nmpghjvj.dll
C:\WINDOWS\system32\gbsibvox.dll
C:\WINDOWS\system32\hhpdofbt.dll
C:\WINDOWS\system32\kclhunoo.dll
C:\WINDOWS\system32\nkqfhoph.dll
C:\WINDOWS\system32\DcadsSocial-uninstall.exe
C:\WINDOWS\system32\outsrufi.dll
C:\WINDOWS\system32\qcnqsgct.dll
C:\WINDOWS\system32\rfbdemfd.dll
C:\WINDOWS\system32\oinecwyp.dll
C:\WINDOWS\system32\aisncyei.dll
C:\WINDOWS\system32\tsjcwqid.dll
C:\WINDOWS\system32\jqqgceig.dll
C:\WINDOWS\system32\ngoppvop.dll
C:\WINDOWS\system32\uehaiemk.dll
C:\WINDOWS\system32\tmfyrxuk.dll
C:\WINDOWS\system32\byxyvus.dll
C:\WINDOWS\system32\cbxxyxv.dll
C:\WINDOWS\system32\byxwuvw.dll
C:\WINDOWS\system32\wvuspoo.dll
C:\WINDOWS\system32\gebxxut.dll

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
copie et colle le rapport ici
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
0
Réponse 14 / 32
frozzix Messages postés 20 Statut Membre 1
 
Voila :

C:\Documents and Settings\internity\usbsermpt.sys moved successfully.
C:\Documents and Settings\internity\usbsermptxp.sys moved successfully.
C:\Program Files\TEsT Box-II moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\kaisbekp.dll
C:\WINDOWS\system32\kaisbekp.dll NOT unregistered.
C:\WINDOWS\system32\kaisbekp.dll moved successfully.
C:\WINDOWS\system32\tstwa.ini2 moved successfully.
C:\WINDOWS\system32\superiorads-uninst.exe moved successfully.
C:\WINDOWS\yesmessenger.ini moved successfully.
C:\Program Files\YesMessenger moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\kellkfue.dll
C:\WINDOWS\system32\kellkfue.dll NOT unregistered.
C:\WINDOWS\system32\kellkfue.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\wrilksjs.dll
C:\WINDOWS\system32\wrilksjs.dll NOT unregistered.
C:\WINDOWS\system32\wrilksjs.dll moved successfully.
C:\WINDOWS\system32\sprt_ads.dll unregistered successfully.
C:\WINDOWS\system32\sprt_ads.dll moved successfully.
File/Folder C:\WINDOWS\system32\awtst.dll not found.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\oypkkrto.dll
C:\WINDOWS\system32\oypkkrto.dll NOT unregistered.
C:\WINDOWS\system32\oypkkrto.dll moved successfully.
C:\WINDOWS\system32\otrkkpyo.ini moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\mcfqqpyy.dll
C:\WINDOWS\system32\mcfqqpyy.dll NOT unregistered.
C:\WINDOWS\system32\mcfqqpyy.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\qanxqubs.dll
C:\WINDOWS\system32\qanxqubs.dll NOT unregistered.
C:\WINDOWS\system32\qanxqubs.dll moved successfully.
C:\WINDOWS\system32\obkaawqf.ini moved successfully.
C:\WINDOWS\system32\cwbuwdnl.ini moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\lndwubwc.dll
C:\WINDOWS\system32\lndwubwc.dll NOT unregistered.
C:\WINDOWS\system32\lndwubwc.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\urnyfjug.dll
C:\WINDOWS\system32\urnyfjug.dll NOT unregistered.
C:\WINDOWS\system32\urnyfjug.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\feltogwy.dll
C:\WINDOWS\system32\feltogwy.dll NOT unregistered.
C:\WINDOWS\system32\feltogwy.dll moved successfully.
C:\WINDOWS\system32\unbkapah.ini moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\xmjqegik.dll
C:\WINDOWS\system32\xmjqegik.dll NOT unregistered.
C:\WINDOWS\system32\xmjqegik.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\jgyqygrs.dll
C:\WINDOWS\system32\jgyqygrs.dll NOT unregistered.
C:\WINDOWS\system32\jgyqygrs.dll moved successfully.
C:\WINDOWS\system32\bbypbdsn.ini moved successfully.
C:\WINDOWS\system32\njpmmvfw.ini moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\sbqayykh.dll
C:\WINDOWS\system32\sbqayykh.dll NOT unregistered.
C:\WINDOWS\system32\sbqayykh.dll moved successfully.
C:\WINDOWS\system32\japleohq.ini moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\pajtqllx.dll
C:\WINDOWS\system32\pajtqllx.dll NOT unregistered.
C:\WINDOWS\system32\pajtqllx.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\vlvkpxpk.dll
C:\WINDOWS\system32\vlvkpxpk.dll NOT unregistered.
C:\WINDOWS\system32\vlvkpxpk.dll moved successfully.
C:\WINDOWS\system32\jarocdqa.ini moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\ffuiyfnx.dll
C:\WINDOWS\system32\ffuiyfnx.dll NOT unregistered.
C:\WINDOWS\system32\ffuiyfnx.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\wrpyejow.dll
C:\WINDOWS\system32\wrpyejow.dll NOT unregistered.
C:\WINDOWS\system32\wrpyejow.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\hynkshvr.dll
C:\WINDOWS\system32\hynkshvr.dll NOT unregistered.
C:\WINDOWS\system32\hynkshvr.dll moved successfully.
C:\WINDOWS\system32\gyxtmqhm.ini moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\mhqmtxyg.dll
C:\WINDOWS\system32\mhqmtxyg.dll NOT unregistered.
C:\WINDOWS\system32\mhqmtxyg.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\fesfapqo.dll
C:\WINDOWS\system32\fesfapqo.dll NOT unregistered.
C:\WINDOWS\system32\fesfapqo.dll moved successfully.
C:\WINDOWS\system32\xqtpwmmn.ini moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\beljwcpx.dll
C:\WINDOWS\system32\beljwcpx.dll NOT unregistered.
C:\WINDOWS\system32\beljwcpx.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\mybthbdw.dll
C:\WINDOWS\system32\mybthbdw.dll NOT unregistered.
C:\WINDOWS\system32\mybthbdw.dll moved successfully.
C:\WINDOWS\system32\malyocpi.ini moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\lcxkfnao.dll
C:\WINDOWS\system32\lcxkfnao.dll NOT unregistered.
C:\WINDOWS\system32\lcxkfnao.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\uwpuflds.dll
C:\WINDOWS\system32\uwpuflds.dll NOT unregistered.
C:\WINDOWS\system32\uwpuflds.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\bsbexosx.dll
C:\WINDOWS\system32\bsbexosx.dll NOT unregistered.
C:\WINDOWS\system32\bsbexosx.dll moved successfully.
C:\WINDOWS\system32\triembam.ini moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\xremnyem.dll
C:\WINDOWS\system32\xremnyem.dll NOT unregistered.
C:\WINDOWS\system32\xremnyem.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\xpluwauk.dll
C:\WINDOWS\system32\xpluwauk.dll NOT unregistered.
C:\WINDOWS\system32\xpluwauk.dll moved successfully.
C:\WINDOWS\DUMPaad6.tmp moved successfully.
C:\WINDOWS\DUMPabd0.tmp moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\rjbhtjev.dll
C:\WINDOWS\system32\rjbhtjev.dll NOT unregistered.
C:\WINDOWS\system32\rjbhtjev.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\sucnsgnf.dll
C:\WINDOWS\system32\sucnsgnf.dll NOT unregistered.
C:\WINDOWS\system32\sucnsgnf.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\amlcynja.dll
C:\WINDOWS\system32\amlcynja.dll NOT unregistered.
C:\WINDOWS\system32\amlcynja.dll moved successfully.
C:\WINDOWS\DUMP9e24.tmp moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\neejhnxa.dll
C:\WINDOWS\system32\neejhnxa.dll NOT unregistered.
C:\WINDOWS\system32\neejhnxa.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\hgwgxyji.dll
C:\WINDOWS\system32\hgwgxyji.dll NOT unregistered.
C:\WINDOWS\system32\hgwgxyji.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\yrohadsf.dll
C:\WINDOWS\system32\yrohadsf.dll NOT unregistered.
C:\WINDOWS\system32\yrohadsf.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\myflgwmn.dll
C:\WINDOWS\system32\myflgwmn.dll NOT unregistered.
C:\WINDOWS\system32\myflgwmn.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\suwloqcv.dll
C:\WINDOWS\system32\suwloqcv.dll NOT unregistered.
C:\WINDOWS\system32\suwloqcv.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\yyjkuxrl.dll
C:\WINDOWS\system32\yyjkuxrl.dll NOT unregistered.
C:\WINDOWS\system32\yyjkuxrl.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\njmomuov.dll
C:\WINDOWS\system32\njmomuov.dll NOT unregistered.
C:\WINDOWS\system32\njmomuov.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\ucduxlhe.dll
C:\WINDOWS\system32\ucduxlhe.dll NOT unregistered.
C:\WINDOWS\system32\ucduxlhe.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\ydyuotbs.dll
C:\WINDOWS\system32\ydyuotbs.dll NOT unregistered.
C:\WINDOWS\system32\ydyuotbs.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\ilitkkxr.dll
C:\WINDOWS\system32\ilitkkxr.dll NOT unregistered.
C:\WINDOWS\system32\ilitkkxr.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\hrjevfoh.dll
C:\WINDOWS\system32\hrjevfoh.dll NOT unregistered.
C:\WINDOWS\system32\hrjevfoh.dll moved successfully.
C:\WINDOWS\system32\dcads-remove.exe moved successfully.
C:\WINDOWS\DUMPaa59.tmp moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\mfbnmmjh.dll
C:\WINDOWS\system32\mfbnmmjh.dll NOT unregistered.
C:\WINDOWS\system32\mfbnmmjh.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\vykhwqxh.dll
C:\WINDOWS\system32\vykhwqxh.dll NOT unregistered.
C:\WINDOWS\system32\vykhwqxh.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\tsdsnaek.dll
C:\WINDOWS\system32\tsdsnaek.dll NOT unregistered.
C:\WINDOWS\system32\tsdsnaek.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\qpdfuipt.dll
C:\WINDOWS\system32\qpdfuipt.dll NOT unregistered.
C:\WINDOWS\system32\qpdfuipt.dll moved successfully.
C:\WINDOWS\system32\nsbB.dll unregistered successfully.
C:\WINDOWS\system32\nsbB.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\kspkiekd.dll
C:\WINDOWS\system32\kspkiekd.dll NOT unregistered.
C:\WINDOWS\system32\kspkiekd.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\gxnmewgm.dll
C:\WINDOWS\system32\gxnmewgm.dll NOT unregistered.
C:\WINDOWS\system32\gxnmewgm.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\fiugjevr.dll
C:\WINDOWS\system32\fiugjevr.dll NOT unregistered.
C:\WINDOWS\system32\fiugjevr.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\moekkikm.dll
C:\WINDOWS\system32\moekkikm.dll NOT unregistered.
C:\WINDOWS\system32\moekkikm.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\iiekiald.dll
C:\WINDOWS\system32\iiekiald.dll NOT unregistered.
C:\WINDOWS\system32\iiekiald.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\nkuaunxy.dll
C:\WINDOWS\system32\nkuaunxy.dll NOT unregistered.
C:\WINDOWS\system32\nkuaunxy.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\hgspwtvq.dll
C:\WINDOWS\system32\hgspwtvq.dll NOT unregistered.
C:\WINDOWS\system32\hgspwtvq.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\wsojrxpi.dll
C:\WINDOWS\system32\wsojrxpi.dll NOT unregistered.
C:\WINDOWS\system32\wsojrxpi.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\lrinsnwr.dll
C:\WINDOWS\system32\lrinsnwr.dll NOT unregistered.
C:\WINDOWS\system32\lrinsnwr.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\gedskocv.dll
C:\WINDOWS\system32\gedskocv.dll NOT unregistered.
C:\WINDOWS\system32\gedskocv.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\ticbnqfj.dll
C:\WINDOWS\system32\ticbnqfj.dll NOT unregistered.
C:\WINDOWS\system32\ticbnqfj.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\nmpghjvj.dll
C:\WINDOWS\system32\nmpghjvj.dll NOT unregistered.
C:\WINDOWS\system32\nmpghjvj.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\gbsibvox.dll
C:\WINDOWS\system32\gbsibvox.dll NOT unregistered.
C:\WINDOWS\system32\gbsibvox.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\hhpdofbt.dll
C:\WINDOWS\system32\hhpdofbt.dll NOT unregistered.
C:\WINDOWS\system32\hhpdofbt.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\kclhunoo.dll
C:\WINDOWS\system32\kclhunoo.dll NOT unregistered.
C:\WINDOWS\system32\kclhunoo.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\nkqfhoph.dll
C:\WINDOWS\system32\nkqfhoph.dll NOT unregistered.
C:\WINDOWS\system32\nkqfhoph.dll moved successfully.
C:\WINDOWS\system32\DcadsSocial-uninstall.exe moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\outsrufi.dll
C:\WINDOWS\system32\outsrufi.dll NOT unregistered.
C:\WINDOWS\system32\outsrufi.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\qcnqsgct.dll
C:\WINDOWS\system32\qcnqsgct.dll NOT unregistered.
C:\WINDOWS\system32\qcnqsgct.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\rfbdemfd.dll
C:\WINDOWS\system32\rfbdemfd.dll NOT unregistered.
C:\WINDOWS\system32\rfbdemfd.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\oinecwyp.dll
C:\WINDOWS\system32\oinecwyp.dll NOT unregistered.
C:\WINDOWS\system32\oinecwyp.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\aisncyei.dll
C:\WINDOWS\system32\aisncyei.dll NOT unregistered.
C:\WINDOWS\system32\aisncyei.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\tsjcwqid.dll
C:\WINDOWS\system32\tsjcwqid.dll NOT unregistered.
C:\WINDOWS\system32\tsjcwqid.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\jqqgceig.dll
C:\WINDOWS\system32\jqqgceig.dll NOT unregistered.
C:\WINDOWS\system32\jqqgceig.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\ngoppvop.dll
C:\WINDOWS\system32\ngoppvop.dll NOT unregistered.
C:\WINDOWS\system32\ngoppvop.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\uehaiemk.dll
C:\WINDOWS\system32\uehaiemk.dll NOT unregistered.
C:\WINDOWS\system32\uehaiemk.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\tmfyrxuk.dll
C:\WINDOWS\system32\tmfyrxuk.dll NOT unregistered.
C:\WINDOWS\system32\tmfyrxuk.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\byxyvus.dll
C:\WINDOWS\system32\byxyvus.dll NOT unregistered.
C:\WINDOWS\system32\byxyvus.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\cbxxyxv.dll
C:\WINDOWS\system32\cbxxyxv.dll NOT unregistered.
C:\WINDOWS\system32\cbxxyxv.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\byxwuvw.dll
C:\WINDOWS\system32\byxwuvw.dll NOT unregistered.
C:\WINDOWS\system32\byxwuvw.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\wvuspoo.dll
C:\WINDOWS\system32\wvuspoo.dll NOT unregistered.
C:\WINDOWS\system32\wvuspoo.dll moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\system32\gebxxut.dll
C:\WINDOWS\system32\gebxxut.dll NOT unregistered.
C:\WINDOWS\system32\gebxxut.dll moved successfully.

OTMoveIt2 by OldTimer - Version 1.0.21 log created on 04012008_202313
0
Réponse 15 / 32
Utilisateur anonyme
 
parfait poste un nouveau rapport hijackthis
0
Réponse 16 / 32
frozzix Messages postés 20 Statut Membre 1
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:30:35, on 01/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ClickCatcher MSIE handler - {16664845-0E00-11D2-8059-000000000000} - C:\Program Files\Fichiers communs\ReGet Shared\Catcher.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: XBTP01621 - {C66AF7F0-2CF6-48cb-9F94-04EC2504B4FC} - C:\PROGRA~1\IMESHA~1\IMESHM~1\MediaBar.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Lexmark 2200 Series] "C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [BM3ff2124f] Rundll32.exe "C:\WINDOWS\system32\qanxqubs.dll",s
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{D7D73F8F-370D-4ED8-AD9A-ADA73DF89351}: NameServer = 213.36.80.1 213.36.80.1
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
0
Réponse 17 / 32
Utilisateur anonyme
 
nouvelle ciation pour ot moveIt2 :

double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en citation ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

Citation :

C:\Program Files\Fichiers communs\ReGet Shared\Catcher.dll
C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
C:\PROGRA~1\IMESHA~1\IMESHM~1\MediaBar.dll
C:\Program Files\Free Download Manager\iefdm2.dll
C:\WINDOWS\system32\qanxqubs.dll


clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.
copie et colle le rapport ici
il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
0
Réponse 18 / 32
frozzix Messages postés 20 Statut Membre 1
 
C:\Program Files\Fichiers communs\ReGet Shared\Catcher.dll unregistered successfully.
C:\Program Files\Fichiers communs\ReGet Shared\Catcher.dll moved successfully.
C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll unregistered successfully.
C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll moved successfully.
C:\PROGRA~1\IMESHA~1\IMESHM~1\MediaBar.dll unregistered successfully.
C:\PROGRA~1\IMESHA~1\IMESHM~1\MediaBar.dll moved successfully.
C:\Program Files\Free Download Manager\iefdm2.dll unregistered successfully.
File move failed. C:\Program Files\Free Download Manager\iefdm2.dll scheduled to be moved on reboot.
File/Folder C:\WINDOWS\system32\qanxqubs.dll not found.

OTMoveIt2 by OldTimer - Version 1.0.21 log created on 04012008_211051
0
Réponse 19 / 32
Utilisateur anonyme
 
il y a toujours cette chose tenace

Ouvre le bloc-notes (click droit sur le bureau > dans l´arborescence choisie nouveau et nouveau fichier texte) et fais un copier coller de ce qui est en citation ci-dessous (copie tout d'un trait-sans les barres(X)) :

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BM3ff2124f"=-
"3cc121d3"=-

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
note : regedit 4 est sur la premiere ligne et il y a une ligne blanche a la fin
Puis click sur "fichier"/"enregistrer sous" :
dans : sur le bureau
Nom du fichier : fix.reg
Type de fichier : "tous les fichiers"
clique sur "enregistrer"

ca doit ressembler a ca une fois enrregistré :

http://img520.imageshack.us/img520/4251/screenshot005ps2.png

quitte internet et double clique sur fix.reg => tu dois obligatoirement avoir un message "voulez-vous vraiment ajouter les informations contenues dans ce fichier .reg au registre ?"
Si c'est bien le cas, clique sur "oui"

ensuite redemarre ton pc et poste un nouveau rapport hijackthis
0
Réponse 20 / 32
frozzix Messages postés 20 Statut Membre 1
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:31:47, on 01/04/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.imesh.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.imesh.com/sidebar.html?src=ssb
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Lexmark 2200 Series] "C:\Program Files\Lexmark 2200 Series\lxbvbmgr.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
0

Discussions similaires

Formaté mais pas de connexion Internet ?
VissErale -
VissErale -

4 réponses
Plus de connexion internet après formatage
***kiwi*** -
iyadh abdelmoumen -

20 réponses
format internet
hilal03 -
avion-f16 -

5 réponses
Impossible d'ouvrir certains sites (JAVA)
ELISE8000 -
titicris58 -

4 réponses
Vitesse internet Mbit/s Mo/s
koozii -
123Info -

7 réponses