Sujet Précédent Sujet Suivant

Virus Win32:Trojan-gen. {Other}

danicrome Messages postés 19 Date d'inscription   Statut Membre Dernière intervention   -  
plopus Messages postés 6113 Statut Contributeur sécurité -
Bonjour,

J'ai plusieurs fois lancés des scan d'avast, mais ce virus revient à chaque fois.

J'en peux plus au secours !!!! lol !!
A voir également:

33 réponses

Précédent
  • 1
  • 2
Réponse 21 / 33
danicrome Messages postés 19 Date d'inscription   Statut Membre Dernière intervention  
 
Je n'ai pas eu de rapport pour msnfix, mais il n'a indiqué aucune infection.


Voici le rapport de TB :

-----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2250 @ 1.73GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A08
USER : Dani ( Administrator )
BOOT : Fail-safe boot
Antivirus : (Not Activated)
Firewall : (Not Activated)
C:\ (Local Disk) - NTFS - Total:105 Go (Free:15 Go)
E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
G:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
H:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
I:\ (CD or DVD) - CDFS - Total:1 Go (Free:0 Go)
J:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
X:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 22/01/2009|21:45 )

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\BitLord\BitLord.exe
Supprime! - C:\Program Files\BitLord\BitLord.url
Supprime! - C:\Program Files\BitLord\BitLord.xml
Supprime! - C:\Program Files\BitLord\Downloads
Supprime! - C:\Program Files\BitLord\Downloads.xml
Supprime! - C:\Program Files\BitLord\lang
Supprime! - C:\Program Files\BitLord\License.txt
Supprime! - C:\Program Files\BitLord\rules
Supprime! - C:\Program Files\BitLord\Torrents
Supprime! - C:\Program Files\BitLord\uninst.exe
Supprime! - C:\DOCUME~1\Dani\Bureau\BitLord.lnk
Supprime! - C:\WINDOWS\Prefetch\BITLORD.EXE-00346D1D.pf
Supprime! - C:\DOCUME~1\Dani\MENUDM~1\PROGRA~1\BitLord
Supprime! - C:\Program Files\BitLord

-----------\\ Recherche de Fichiers / Dossiers ...

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"SearchMigratedDefaultURL"="https://www.google.com/webhp?gws_rd=ssl{searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
"Default_Search_URL"="http://www.google.com/toolbar/ie8/sidebar.html"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/"
"Home_Page"="https://www.dell.com/fr-fr?c=fr&l=fr&s=gen&redirect=1"
"Help_Page"="http://support.euro.dell.com/segment.asp?country=FR&language=FR"

--------------------\\ Recherche d'autres infections

--------------------\\ ROOTKIT !!

Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV]
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv]
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv]

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Dani\Bureau\Nouveau dossier\alcohol 120%\crack.exe
C:\DOCUME~1\Dani\Bureau\Nouveau dossier\nero 7\keygen.exe
C:\DOCUME~1\Dani\Bureau\Nouveau dossier\nero 7\Nero_712_KeyGen_Only-ORiON.rar
C:\DOCUME~1\Dani\Favoris\cours de cracking
C:\DOCUME~1\Dani\Favoris\crack wep
C:\DOCUME~1\Dani\Favoris\cracks and serials
C:\DOCUME~1\Dani\Favoris\I-Hacked.com Taking Advantage Of Technology - Cracking Wifi with BackTrack.url
C:\DOCUME~1\Dani\Favoris\cours de cracking\Attila Warez Hack - E-Zines Cracking - Shmeitcorp.url
C:\DOCUME~1\Dani\Favoris\cours de cracking\Attila Warez Hack - E-Zines Cracking.url
C:\DOCUME~1\Dani\Favoris\crack wep\Tuto fr tutoriaux francophone.url
C:\DOCUME~1\Dani\Favoris\cracks and serials\Serials & keys - unlocks the world.url
C:\DOCUME~1\Dani\Favoris\hacking\aircrack ptw — la mont pagnotte familly.url
C:\DOCUME~1\Dani\Favoris\hacking\aircrack ptw.url
C:\DOCUME~1\Dani\Favoris\hacking\Aircrack-ng, aireplay-ng, airodump-ng, Tutorial crack cle wep.url
C:\DOCUME~1\Dani\Favoris\hacking\AIRCRACK-PTW le wifi debian linux download aircrack-ptw,telecharger aircrack-ptw, airodump, aireplay (suite aircrack-ng).url
C:\DOCUME~1\Dani\Favoris\hacking\Crackpark.org - Votre portail d’infomations sur le thème cracks serials. Ce site est en vente!.url
C:\DOCUME~1\Dani\Mes documents\EBP.Comptes.Bancaires.2006.v6.0.1.34.FR.Incl-Crack.rar
C:\DOCUME~1\Dani\Mes documents\guitare\Guitar Pro 5.2 (Win)\Keygen.exe
C:\DOCUME~1\Dani\Mes documents\guitare\Tablature\F\Faith No More - Crack Hitler.gp3
C:\DOCUME~1\Dani\Mes documents\guitare\Tablature\L\Limp Bizkit - Crack Addict.gp4
C:\DOCUME~1\Dani\Mes documents\guitare\Tablature\P\Pixies - Crackity Jones.gp3
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys
C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\AsianDynasties
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD1
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD2
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD3
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Lisez-Moi.txt
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\WarChiefs
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\AsianDynasties\AsianDinasties.iso
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD1\AOE III DISC 1.iso
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD2\AOE III DISC 2.bin
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD2\AOE III DISC 2.cue
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD3\AOE III DISC 3.bin
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD3\AOE III DISC 3.cue
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AoE III Cd Keys.txt
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_AsianDynasties
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_WarChiefs
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.105.919.3236
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.107.803.3365
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.105.919.3236\age3.exe
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.105.919.3236\Lisez-moi.txt
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.107.803.3365\age3.exe
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.107.803.3365\Lisez-moi.txt
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_AsianDynasties\age3y.exe
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_WarChiefs\age3x.exe
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_WarChiefs\mgspidx.dll
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\WarChiefs\WarChiefs.iso
C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Football Manager 2008 (PC) + crack
C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK
C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK\HATRED
C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK\HATRED.rar
C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK\HATRED\fm.exe
C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK\HATRED\hatred.exe
C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Football Manager 2008 (PC) + crack\fm.exe
C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS CD1.daa
C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS CD2.daa
C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS CD3.daa
C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS CD4.daa
C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS.txt
C:\DOCUME~1\Dani\Mes documents\Ma musique\HIP HOP\Kanye West - Late Registration (2005) - Rap [www.torrentazos.com]\08. Kanye West - Crack Music (ft.The Game) - www.torrentazos.com.mp3
C:\DOCUME~1\Dani\Mes documents\Ma musique\Rap français - albums\Alibi Montana - T'as Ma Parole\02. Le Monde A Crack'.mp3
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0.tar.gz
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw.exe
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw_win32.rar
C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR
C:\DOCUME~1\Dani\Mes documents\programmes\acd see\Crack
C:\DOCUME~1\Dani\Mes documents\programmes\acd see\Crack\FFF.NFO
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\aircrack-ptw-lib.c
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\aircrack-ptw-lib.h
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\aircrack-ptw.c
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\attacksim.c
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\Makefile
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\README
C:\DOCUME~1\Dani\Mes documents\programmes\src\aircrack-ptw-lib.c
C:\DOCUME~1\Dani\Mes documents\programmes\src\aircrack-ptw-lib.h
C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\Keygen
C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\Patch FR
C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\winamp531_pro.exe
C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\Keygen\KeyMaker.exe
C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\Patch FR\french_translated.exe

1 - "C:\ToolBar SD\TB_1.txt" - 22/01/2009|21:50 - Option : [2]

-----------\\ Fin du rapport a 21:50:01,56


Le rapport de lopR :

--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Genuine Intel(R) CPU T2250 @ 1.73GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A08
USER : Dani ( Administrator )
BOOT : Fail-safe boot
Antivirus : (Not Activated)
Firewall : (Not Activated)
C:\ (Local Disk) - NTFS - Total:105 Go (Free:15 Go)
E:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
G:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
H:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
I:\ (CD or DVD) - CDFS - Total:1 Go (Free:0 Go)
J:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
X:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [2] ( 22/01/2009|21:54 )

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION

Supprime! - C:\Program Files\Circle Developement

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listing des dossiers dans APPLIC~1

[05/09/2006|18:00] C:\DOCUME~1\ADMINI~1\APPLIC~1\ATI
[05/09/2006|17:53] C:\DOCUME~1\ADMINI~1\APPLIC~1\Corel
[15/09/2008|22:18] C:\DOCUME~1\ADMINI~1\APPLIC~1\Grisoft
[14/09/2006|21:01] C:\DOCUME~1\ADMINI~1\APPLIC~1\GTek
[01/09/2005|06:25] C:\DOCUME~1\ADMINI~1\APPLIC~1\Identities
[05/09/2006|17:49] C:\DOCUME~1\ADMINI~1\APPLIC~1\Intel
[15/09/2008|21:41] C:\DOCUME~1\ADMINI~1\APPLIC~1\Microsoft
[05/09/2006|17:56] C:\DOCUME~1\ADMINI~1\APPLIC~1\Symantec

[29/09/2008|15:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{4F0BAFD2-4250-4D62-9237-E4C5E88071D9}
[29/09/2008|15:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\{B33CBE2B-A739-401D-A5E0-041195C4A17B}
[05/09/2006|17:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[08/10/2008|21:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Age of Empires 3
[28/07/2007|16:19] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[28/07/2007|16:20] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[29/09/2008|15:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\EBP
[20/01/2009|20:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
[06/07/2007|21:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[16/12/2007|17:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
[05/09/2006|17:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\InstallShield
[05/09/2006|17:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Intel
[16/09/2008|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[05/09/2006|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee
[05/09/2006|17:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com
[14/09/2006|19:11] C:\DOCUME~1\ALLUSE~1\APPLIC~1\McAfee.com Personal Firewall
[21/09/2008|22:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
[18/08/2008|18:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MGS
[18/08/2008|17:44] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microgaming
[02/06/2008|02:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[10/12/2008|03:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help
[09/09/2006|11:06] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Otto
[05/09/2006|17:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec
[18/09/2007|00:10] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Tenebril
[25/12/2007|13:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TomTom
[23/12/2006|11:35] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[17/10/2007|17:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!

[11/02/2007|22:13] C:\DOCUME~1\Dani\APPLIC~1\ACD Systems
[10/02/2008|15:57] C:\DOCUME~1\Dani\APPLIC~1\Adobe
[25/09/2006|20:51] C:\DOCUME~1\Dani\APPLIC~1\AdobeUM
[21/05/2007|19:59] C:\DOCUME~1\Dani\APPLIC~1\Ahead
[28/07/2007|16:21] C:\DOCUME~1\Dani\APPLIC~1\Apple Computer
[05/09/2006|18:00] C:\DOCUME~1\Dani\APPLIC~1\ATI
[18/10/2006|21:04] C:\DOCUME~1\Dani\APPLIC~1\Corel Photo Album
[29/09/2008|15:16] C:\DOCUME~1\Dani\APPLIC~1\EBP
[10/01/2007|18:39] C:\DOCUME~1\Dani\APPLIC~1\FotoWire
[31/10/2006|23:10] C:\DOCUME~1\Dani\APPLIC~1\Google
[06/07/2007|21:52] C:\DOCUME~1\Dani\APPLIC~1\Grisoft
[14/09/2006|21:01] C:\DOCUME~1\Dani\APPLIC~1\Gtek
[16/12/2007|16:44] C:\DOCUME~1\Dani\APPLIC~1\HP
[17/09/2007|00:52] C:\DOCUME~1\Dani\APPLIC~1\ICQ
[01/09/2005|06:25] C:\DOCUME~1\Dani\APPLIC~1\Identities
[17/09/2007|00:45] C:\DOCUME~1\Dani\APPLIC~1\InstallShield
[05/09/2006|17:49] C:\DOCUME~1\Dani\APPLIC~1\Intel
[18/12/2006|19:15] C:\DOCUME~1\Dani\APPLIC~1\Leadertech
[14/09/2006|20:14] C:\DOCUME~1\Dani\APPLIC~1\Macromedia
[16/09/2008|17:56] C:\DOCUME~1\Dani\APPLIC~1\Malwarebytes
[08/09/2006|18:39] C:\DOCUME~1\Dani\APPLIC~1\McAfee.com Personal Firewall
[06/02/2008|22:38] C:\DOCUME~1\Dani\APPLIC~1\Microsoft
[28/08/2008|17:26] C:\DOCUME~1\Dani\APPLIC~1\Mozilla
[11/10/2008|17:36] C:\DOCUME~1\Dani\APPLIC~1\My Games
[09/09/2006|11:06] C:\DOCUME~1\Dani\APPLIC~1\Otto
[17/09/2007|20:11] C:\DOCUME~1\Dani\APPLIC~1\Samsung
[25/06/2007|14:29] C:\DOCUME~1\Dani\APPLIC~1\Screenshot Sender
[26/07/2008|12:26] C:\DOCUME~1\Dani\APPLIC~1\SecuROM
[18/12/2006|19:15] C:\DOCUME~1\Dani\APPLIC~1\Sonic
[23/12/2007|14:53] C:\DOCUME~1\Dani\APPLIC~1\Sports Interactive
[29/10/2006|19:14] C:\DOCUME~1\Dani\APPLIC~1\Sun
[05/09/2006|17:56] C:\DOCUME~1\Dani\APPLIC~1\Symantec
[26/10/2007|11:53] C:\DOCUME~1\Dani\APPLIC~1\Talkback
[28/10/2006|15:37] C:\DOCUME~1\Dani\APPLIC~1\Winamp
[21/11/2008|22:39] C:\DOCUME~1\Dani\APPLIC~1\X-Projects

[05/09/2006|18:00] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ATI
[05/09/2006|17:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Corel
[14/09/2006|21:01] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Gtek
[01/09/2005|06:25] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities
[05/09/2006|17:49] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Intel
[05/09/2006|17:47] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[05/09/2006|17:56] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec

[09/09/2006|10:40] C:\DOCUME~1\LOCALS~1\APPLIC~1\McAfee.com Personal Firewall
[01/09/2005|06:05] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[09/09/2006|11:16] C:\DOCUME~1\NETWOR~1\APPLIC~1\Intel
[18/09/2007|00:04] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[05/09/2006|18:00] C:\DOCUME~1\Suzy\APPLIC~1\ATI
[05/09/2006|17:53] C:\DOCUME~1\Suzy\APPLIC~1\Corel
[01/11/2006|16:46] C:\DOCUME~1\Suzy\APPLIC~1\Google
[22/04/2008|20:29] C:\DOCUME~1\Suzy\APPLIC~1\Grisoft
[14/09/2006|21:01] C:\DOCUME~1\Suzy\APPLIC~1\Gtek
[01/09/2005|06:25] C:\DOCUME~1\Suzy\APPLIC~1\Identities
[05/09/2006|17:49] C:\DOCUME~1\Suzy\APPLIC~1\Intel
[14/09/2006|19:18] C:\DOCUME~1\Suzy\APPLIC~1\Macromedia
[09/09/2006|11:16] C:\DOCUME~1\Suzy\APPLIC~1\McAfee.com Personal Firewall
[29/11/2006|20:50] C:\DOCUME~1\Suzy\APPLIC~1\Microsoft
[29/10/2006|14:36] C:\DOCUME~1\Suzy\APPLIC~1\Sun
[05/09/2006|17:56] C:\DOCUME~1\Suzy\APPLIC~1\Symantec
[22/04/2008|20:29] C:\DOCUME~1\Suzy\APPLIC~1\Tenebril
[01/06/2007|18:53] C:\DOCUME~1\Suzy\APPLIC~1\Winamp

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[17/01/2009 22:23][--a------] C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[22/01/2009 21:34][--ah-----] C:\WINDOWS\tasks\SA.DAT
[10/08/2004 12:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[05/09/2006|17:50] C:\Program Files\Adobe
[09/09/2006|23:36] C:\Program Files\alcohol 120
[09/09/2006|23:37] C:\Program Files\Alcohol Soft
[14/09/2006|19:52] C:\Program Files\Alwil Software
[13/09/2007|22:15] C:\Program Files\Apple Software Update
[05/09/2006|17:47] C:\Program Files\ATI Technologies
[30/07/2007|22:50] C:\Program Files\Automate unDRM
[30/07/2008|23:47] C:\Program Files\BAE
[05/09/2006|17:47] C:\Program Files\Broadcom
[10/01/2009|01:40] C:\Program Files\bwin
[18/06/2007|18:16] C:\Program Files\CamStudio
[07/07/2007|08:17] C:\Program Files\CCleaner
[03/07/2007|19:16] C:\Program Files\CEDP Stealer 6.0 for Messenger
[28/10/2006|16:19] C:\Program Files\Cole2k Media Toolbar
[01/09/2005|06:13] C:\Program Files\ComPlus Applications
[05/09/2006|17:44] C:\Program Files\CONEXANT
[18/10/2006|21:11] C:\Program Files\Corel
[05/09/2006|17:52] C:\Program Files\Corel Corporation
[05/09/2006|17:49] C:\Program Files\Creative
[05/09/2006|17:49] C:\Program Files\CyberLink
[05/09/2006|17:47] C:\Program Files\Dell
[13/06/2007|18:53] C:\Program Files\Dial-Messenger
[05/09/2006|17:48] C:\Program Files\Digital Line Detect
[10/01/2007|18:41] C:\Program Files\directx
[10/04/2007|20:09] C:\Program Files\eBay
[29/09/2008|15:15] C:\Program Files\EBP
[05/01/2009|01:53] C:\Program Files\eMule
[13/01/2009|22:31] C:\Program Files\Everest Poker
[01/11/2006|16:26] C:\Program Files\FairUse Wizard 2
[22/01/2009|20:25] C:\Program Files\Fichiers communs
[11/11/2007|12:39] C:\Program Files\Firaxis Games
[04/01/2008|21:18] C:\Program Files\FM Modifier 2.2
[01/11/2006|16:28] C:\Program Files\Free Audio Pack
[13/01/2009|22:30] C:\Program Files\Full Tilt Poker
[01/09/2005|06:27] C:\Program Files\GemMasterFrench
[17/09/2007|23:54] C:\Program Files\GhostSurf 2006 Platinum
[20/01/2009|20:54] C:\Program Files\Google
[06/07/2007|21:52] C:\Program Files\Grisoft
[10/11/2008|15:57] C:\Program Files\Guitar Pro 5
[16/12/2007|17:02] C:\Program Files\Hewlett-Packard
[16/12/2007|17:05] C:\Program Files\HP
[17/09/2007|00:52] C:\Program Files\ICQ6
[28/10/2006|16:22] C:\Program Files\Illustrate
[10/01/2009|02:32] C:\Program Files\InstallShield Installation Information
[05/09/2006|17:48] C:\Program Files\Intel
[05/09/2006|17:49] C:\Program Files\Intel, Inc
[10/12/2008|03:08] C:\Program Files\Internet Explorer
[10/01/2009|01:49] C:\Program Files\Java
[10/01/2007|18:39] C:\Program Files\Logitech
[21/01/2009|20:06] C:\Program Files\Malwarebytes' Anti-Malware
[23/07/2008|21:00] C:\Program Files\Maxis
[24/11/2008|18:33] C:\Program Files\Messenger
[14/08/2008|21:15] C:\Program Files\Messenger Plus! Live
[18/06/2007|18:21] C:\Program Files\MessengerDiscovery
[14/02/2008|22:34] C:\Program Files\Microsoft ActiveSync
[07/02/2008|19:18] C:\Program Files\Microsoft CAPICOM 2.1.0.2
[01/09/2005|06:18] C:\Program Files\microsoft frontpage
[08/10/2008|21:23] C:\Program Files\Microsoft Games
[25/12/2007|12:37] C:\Program Files\Microsoft Office
[10/07/2008|02:07] C:\Program Files\Microsoft SQL Server
[25/12/2007|14:58] C:\Program Files\Microsoft Visual Studio
[17/09/2007|23:59] C:\Program Files\Microsoft Visual Studio 8
[10/09/2008|22:22] C:\Program Files\Microsoft Works
[17/09/2007|23:54] C:\Program Files\Microsoft.NET
[05/09/2006|17:48] C:\Program Files\Modem Helper
[24/11/2008|18:26] C:\Program Files\Movie Maker
[22/01/2009|21:51] C:\Program Files\Mozilla Firefox
[29/10/2007|14:04] C:\Program Files\mozilla.org
[01/09/2005|06:12] C:\Program Files\MSN
[01/09/2005|06:12] C:\Program Files\MSN Gaming Zone
[25/11/2008|19:02] C:\Program Files\MSN Messenger
[04/02/2007|23:30] C:\Program Files\MSN Reaper
[17/11/2006|20:05] C:\Program Files\MSXML 4.0
[18/09/2007|00:03] C:\Program Files\MSXML 6.0
[11/04/2007|22:01] C:\Program Files\nerazzurri.net
[21/05/2007|19:37] C:\Program Files\Nero
[24/11/2008|18:22] C:\Program Files\NetMeeting
[05/09/2006|17:48] C:\Program Files\NetWaiting
[17/09/2007|01:35] C:\Program Files\No-IP
[01/09/2005|06:13] C:\Program Files\Online Services
[24/11/2008|18:22] C:\Program Files\Outlook Express
[15/10/2006|20:07] C:\Program Files\Phantom EFX
[06/02/2008|22:41] C:\Program Files\PhotoFiltre
[29/10/2008|00:03] C:\Program Files\Picasa2
[14/01/2008|21:15] C:\Program Files\Plaxo
[23/07/2008|19:14] C:\Program Files\Pollux Gamelabs
[09/09/2006|23:24] C:\Program Files\PowerArchiver
[07/04/2008|14:44] C:\Program Files\QuickTime
[10/01/2007|18:38] C:\Program Files\Real
[07/07/2007|08:14] C:\Program Files\RegCleaner
[17/09/2007|20:05] C:\Program Files\Samsung
[01/07/2008|23:07] C:\Program Files\Secrets du Jeu
[10/05/2008|12:27] C:\Program Files\SEGA
[01/09/2005|06:15] C:\Program Files\Services en ligne
[05/09/2006|17:44] C:\Program Files\Sigmatel
[28/10/2006|16:10] C:\Program Files\SLD Codec Pack
[05/09/2006|17:51] C:\Program Files\Sonic
[23/12/2007|14:52] C:\Program Files\Sports Interactive
[11/09/2007|22:11] C:\Program Files\SuperScan
[05/09/2006|17:56] C:\Program Files\Symantec
[05/09/2006|17:46] C:\Program Files\Synaptics
[11/09/2007|19:15] C:\Program Files\The Cleaner
[31/12/2007|17:33] C:\Program Files\TomTom HOME
[01/09/2005|06:25] C:\Program Files\Uninstall Information
[17/12/2006|20:44] C:\Program Files\VideoEgg
[05/10/2006|21:30] C:\Program Files\VideoLAN
[10/01/2009|02:19] C:\Program Files\WinamaxPoker
[28/10/2006|15:37] C:\Program Files\Winamp
[10/06/2007|21:57] C:\Program Files\Windows Live
[27/10/2008|23:14] C:\Program Files\Windows Live Safety Center
[10/01/2007|18:38] C:\Program Files\Windows Media Components
[31/12/2007|13:48] C:\Program Files\Windows Media Connect 2
[24/11/2008|18:22] C:\Program Files\Windows Media Player
[24/11/2008|18:22] C:\Program Files\Windows NT
[01/09/2005|06:12] C:\Program Files\Windows Plus
[01/09/2005|06:15] C:\Program Files\WindowsUpdate
[01/09/2005|06:18] C:\Program Files\xerox
[17/10/2007|17:23] C:\Program Files\Yahoo!
[23/12/2007|12:24] C:\Program Files\Zero G Registry

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[21/10/2007|19:36] C:\Program Files\Fichiers communs\ACD Systems
[05/09/2006|17:50] C:\Program Files\Fichiers communs\Adobe
[21/05/2007|19:39] C:\Program Files\Fichiers communs\Ahead
[28/07/2007|16:19] C:\Program Files\Fichiers communs\Apple
[29/09/2008|15:15] C:\Program Files\Fichiers communs\Borland Shared
[25/12/2007|14:58] C:\Program Files\Fichiers communs\DESIGNER
[29/09/2008|15:15] C:\Program Files\Fichiers communs\EBP
[10/01/2007|18:39] C:\Program Files\Fichiers communs\FotoWire
[16/12/2007|17:01] C:\Program Files\Fichiers communs\Hewlett-Packard
[16/12/2007|17:05] C:\Program Files\Fichiers communs\HP
[24/11/2006|23:12] C:\Program Files\Fichiers communs\InstallShield
[05/09/2006|17:39] C:\Program Files\Fichiers communs\Java
[10/01/2007|18:40] C:\Program Files\Fichiers communs\Logitech
[08/10/2008|21:50] C:\Program Files\Fichiers communs\Microsoft Games
[28/08/2008|23:11] C:\Program Files\Fichiers communs\Microsoft Shared
[01/09/2005|06:15] C:\Program Files\Fichiers communs\MSSoap
[01/09/2005|06:08] C:\Program Files\Fichiers communs\ODBC
[10/01/2007|18:38] C:\Program Files\Fichiers communs\Real
[01/09/2005|06:15] C:\Program Files\Fichiers communs\Services
[05/09/2006|17:51] C:\Program Files\Fichiers communs\Sonic Shared
[01/09/2005|06:08] C:\Program Files\Fichiers communs\SpeechEngines
[24/09/2006|19:43] C:\Program Files\Fichiers communs\Symantec Shared
[24/11/2008|18:22] C:\Program Files\Fichiers communs\System
[05/09/2006|17:50] C:\Program Files\Fichiers communs\TiVo Shared

--------------------\\ Process

( 16 Processes )

... OK !

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-22 21:56:24
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 99

--------------------\\ Recherche d'autres infections

--------------------\\ ROOTKIT !!

Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV]
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv]
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv]

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Dani\Bureau\Nouveau dossier\alcohol 120%\crack.exe
C:\DOCUME~1\Dani\Bureau\Nouveau dossier\nero 7\keygen.exe
C:\DOCUME~1\Dani\Bureau\Nouveau dossier\nero 7\Nero_712_KeyGen_Only-ORiON.rar
C:\DOCUME~1\Dani\Favoris\cours de cracking
C:\DOCUME~1\Dani\Favoris\crack wep
C:\DOCUME~1\Dani\Favoris\cracks and serials
C:\DOCUME~1\Dani\Favoris\I-Hacked.com Taking Advantage Of Technology - Cracking Wifi with BackTrack.url
C:\DOCUME~1\Dani\Favoris\cours de cracking\Attila Warez Hack - E-Zines Cracking - Shmeitcorp.url
C:\DOCUME~1\Dani\Favoris\cours de cracking\Attila Warez Hack - E-Zines Cracking.url
C:\DOCUME~1\Dani\Favoris\crack wep\Tuto fr tutoriaux francophone.url
C:\DOCUME~1\Dani\Favoris\cracks and serials\Serials & keys - unlocks the world.url
C:\DOCUME~1\Dani\Favoris\hacking\aircrack ptw — la mont pagnotte familly.url
C:\DOCUME~1\Dani\Favoris\hacking\aircrack ptw.url
C:\DOCUME~1\Dani\Favoris\hacking\Aircrack-ng, aireplay-ng, airodump-ng, Tutorial crack cle wep.url
C:\DOCUME~1\Dani\Favoris\hacking\AIRCRACK-PTW le wifi debian linux download aircrack-ptw,telecharger aircrack-ptw, airodump, aireplay (suite aircrack-ng).url
C:\DOCUME~1\Dani\Favoris\hacking\Crackpark.org - Votre portail d’infomations sur le thème cracks serials. Ce site est en vente!.url
C:\DOCUME~1\Dani\Mes documents\EBP.Comptes.Bancaires.2006.v6.0.1.34.FR.Incl-Crack.rar
C:\DOCUME~1\Dani\Mes documents\guitare\Guitar Pro 5.2 (Win)\Keygen.exe
C:\DOCUME~1\Dani\Mes documents\guitare\Tablature\F\Faith No More - Crack Hitler.gp3
C:\DOCUME~1\Dani\Mes documents\guitare\Tablature\L\Limp Bizkit - Crack Addict.gp4
C:\DOCUME~1\Dani\Mes documents\guitare\Tablature\P\Pixies - Crackity Jones.gp3
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys
C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\AsianDynasties
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD1
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD2
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD3
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Lisez-Moi.txt
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\WarChiefs
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\AsianDynasties\AsianDinasties.iso
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD1\AOE III DISC 1.iso
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD2\AOE III DISC 2.bin
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD2\AOE III DISC 2.cue
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD3\AOE III DISC 3.bin
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD3\AOE III DISC 3.cue
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AoE III Cd Keys.txt
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_AsianDynasties
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_WarChiefs
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.105.919.3236
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.107.803.3365
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.105.919.3236\age3.exe
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.105.919.3236\Lisez-moi.txt
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.107.803.3365\age3.exe
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.107.803.3365\Lisez-moi.txt
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_AsianDynasties\age3y.exe
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_WarChiefs\age3x.exe
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_WarChiefs\mgspidx.dll
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\WarChiefs\WarChiefs.iso
C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Football Manager 2008 (PC) + crack
C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK
C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK\HATRED
C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK\HATRED.rar
C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK\HATRED\fm.exe
C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK\HATRED\hatred.exe
C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Football Manager 2008 (PC) + crack\fm.exe
C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS CD1.daa
C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS CD2.daa
C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS CD3.daa
C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS CD4.daa
C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS.txt
C:\DOCUME~1\Dani\Mes documents\Ma musique\HIP HOP\Kanye West - Late Registration (2005) - Rap [www.torrentazos.com]\08. Kanye West - Crack Music (ft.The Game) - www.torrentazos.com.mp3
C:\DOCUME~1\Dani\Mes documents\Ma musique\Rap français - albums\Alibi Montana - T'as Ma Parole\02. Le Monde A Crack'.mp3
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0.tar.gz
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw.exe
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw_win32.rar
C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR
C:\DOCUME~1\Dani\Mes documents\programmes\acd see\Crack
C:\DOCUME~1\Dani\Mes documents\programmes\acd see\Crack\FFF.NFO
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\aircrack-ptw-lib.c
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\aircrack-ptw-lib.h
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\aircrack-ptw.c
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\attacksim.c
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\Makefile
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\README
C:\DOCUME~1\Dani\Mes documents\programmes\src\aircrack-ptw-lib.c
C:\DOCUME~1\Dani\Mes documents\programmes\src\aircrack-ptw-lib.h
C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\Keygen
C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\Patch FR
C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\winamp531_pro.exe
C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\Keygen\KeyMaker.exe
C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\Patch FR\french_translated.exe

[F:6][D:3]-> C:\DOCUME~1\Dani\LOCALS~1\Temp
[F:23][D:0]-> C:\DOCUME~1\Dani\Cookies
[F:63][D:4]-> C:\DOCUME~1\Dani\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 22/01/2009|21:58 - Option : [2]

--------------------\\ Fin du rapport a 21:58:02


et le rapport de hijackthis :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:07:45, on 22/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PVSW\Bin\WGE_SRV.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\PVSW\BIN\W3dbsmgr.EXE
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Creative\Mixer\CTSVolFE.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Dani\Bureau\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=5060905
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://127.0.0.1:4664/first_usage&s=MQ-vaq6YtqM1DocvPPgF6YSkQOg
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareBlock Class - {0A87E45F-537A-40B4-B812-E2544C21A09F} - C:\Program Files\GhostSurf 2006 Platinum\SCActiveBlock.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O9 - Extra 'Tools' menuitem: &Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by126w.bay126.mail.live.com/mail/resources/MsnPUpld.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://bellerock.microgaming.com/freeplayfrench/FlashAX2.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: EBP Pervasive.SQL - Unknown owner - C:\PVSW\Bin\WGE_SRV.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
0
Réponse 22 / 33
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
re

supprime tout sa des fichiers et autres bizarre:

C:\DOCUME~1\Dani\Bureau\Nouveau dossier\alcohol 120%\crack.exe
C:\DOCUME~1\Dani\Bureau\Nouveau dossier\nero 7\keygen.exe
C:\DOCUME~1\Dani\Bureau\Nouveau dossier\nero 7\Nero_712_KeyGen_Only-ORiON.rar
C:\DOCUME~1\Dani\Favoris\cours de cracking
C:\DOCUME~1\Dani\Favoris\crack wep
C:\DOCUME~1\Dani\Favoris\cracks and serials
C:\DOCUME~1\Dani\Favoris\I-Hacked.com Taking Advantage Of Technology - Cracking Wifi with BackTrack.url
C:\DOCUME~1\Dani\Favoris\cours de cracking\Attila Warez Hack - E-Zines Cracking - Shmeitcorp.url
C:\DOCUME~1\Dani\Favoris\cours de cracking\Attila Warez Hack - E-Zines Cracking.url
C:\DOCUME~1\Dani\Favoris\crack wep\Tuto fr tutoriaux francophone.url
C:\DOCUME~1\Dani\Favoris\cracks and serials\Serials & keys - unlocks the world.url
C:\DOCUME~1\Dani\Favoris\hacking\aircrack ptw — la mont pagnotte familly.url
C:\DOCUME~1\Dani\Favoris\hacking\aircrack ptw.url
C:\DOCUME~1\Dani\Favoris\hacking\Aircrack-ng, aireplay-ng, airodump-ng, Tutorial crack cle wep.url
C:\DOCUME~1\Dani\Favoris\hacking\AIRCRACK-PTW le wifi debian linux download aircrack-ptw,telecharger aircrack-ptw, airodump, aireplay (suite aircrack-ng).url
C:\DOCUME~1\Dani\Favoris\hacking\Crackpark.org - Votre portail d’infomations sur le thème cracks serials. Ce site est en vente!.url
C:\DOCUME~1\Dani\Mes documents\EBP.Comptes.Bancaires.2006.v6.0.1.34.FR.Incl-Crack.rar
C:\DOCUME~1\Dani\Mes documents\guitare\Guitar Pro 5.2 (Win)\Keygen.exe
C:\DOCUME~1\Dani\Mes documents\guitare\Tablature\F\Faith No More - Crack Hitler.gp3
C:\DOCUME~1\Dani\Mes documents\guitare\Tablature\L\Limp Bizkit - Crack Addict.gp4
C:\DOCUME~1\Dani\Mes documents\guitare\Tablature\P\Pixies - Crackity Jones.gp3
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys
C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\AsianDynasties
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD1
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD2
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD3
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Lisez-Moi.txt
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\WarChiefs
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\AsianDynasties\AsianDinasties.iso
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD1\AOE III DISC 1.iso
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD2\AOE III DISC 2.bin
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD2\AOE III DISC 2.cue
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD3\AOE III DISC 3.bin
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\CD3\AOE III DISC 3.cue
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AoE III Cd Keys.txt
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_AsianDynasties
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_WarChiefs
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.105.919.3236
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.107.803.3365
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.105.919.3236\age3.exe
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.105.919.3236\Lisez-moi.txt
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.107.803.3365\age3.exe
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\AgeOfEmpiresIII_NoCD\age3.exe v4.107.803.3365\Lisez-moi.txt
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_AsianDynasties\age3y.exe
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_WarChiefs\age3x.exe
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\Crack and keys Age Of Empires III + Warchiefs & Asian Expansion\CRACK_NoCD_WarChiefs\mgspidx.dll
C:\DOCUME~1\Dani\Mes documents\jeux\AGE.OF.EMPIRES.III.FRENCH+Warchieps+AsianDynasties+Crack+Keys\WarChiefs\WarChiefs.iso
C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Football Manager 2008 (PC) + crack
C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK
C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK\HATRED
C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK\HATRED.rar
C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK\HATRED\fm.exe
C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Fm2008\Football Manager 2008 - CRACK\HATRED\hatred.exe
C:\DOCUME~1\Dani\Mes documents\jeux\FM 2008\Football Manager 2008 (PC) + crack\fm.exe
C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS CD1.daa
C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS CD2.daa
C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS CD3.daa
C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS CD4.daa
C:\DOCUME~1\Dani\Mes documents\jeux\RISE.OF.NATIONS.RISE.OF.LEGENDS-NoCd Crack\RISE.OF.NATIONS.RISE.OF.LEGENDS.txt
C:\DOCUME~1\Dani\Mes documents\Ma musique\HIP HOP\Kanye West - Late Registration (2005) - Rap [www.torrentazos.com]\08. Kanye West - Crack Music (ft.The Game) - www.torrentazos.com.mp3
C:\DOCUME~1\Dani\Mes documents\Ma musique\Rap français - albums\Alibi Montana - T'as Ma Parole\02. Le Monde A Crack'.mp3
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0.tar.gz
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw.exe
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw_win32.rar
C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR
C:\DOCUME~1\Dani\Mes documents\programmes\acd see\Crack
C:\DOCUME~1\Dani\Mes documents\programmes\acd see\Crack\FFF.NFO
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\aircrack-ptw-lib.c
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\aircrack-ptw-lib.h
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\aircrack-ptw.c
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\attacksim.c
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\Makefile
C:\DOCUME~1\Dani\Mes documents\programmes\aircrack-ptw-1.0.0\README
C:\DOCUME~1\Dani\Mes documents\programmes\src\aircrack-ptw-lib.c
C:\DOCUME~1\Dani\Mes documents\programmes\src\aircrack-ptw-lib.h
C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\Keygen
C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\Patch FR
C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\winamp531_pro.exe
C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\Keygen\KeyMaker.exe
C:\DOCUME~1\Dani\Mes documents\programmes\WinAmp.Pro.v5.3.1.Incl-Keygen.et.Patch.FR\Patch FR\french_translated.exe

puis fait SDfix et poste le rapport tu as le telechargement et le tuto dans ce lien
https://www.malekal.com/slenfbot-still-an-other-irc-bot/

Lit bien l'explication et poste le rapport puis après reposte un hijackthis
0
Réponse 23 / 33
danicrome Messages postés 19 Date d'inscription   Statut Membre Dernière intervention  
 
Rapport SDFIX :

[b]SDFix: Version 1.240 [/b]
Run by Dani on 22/01/2009 at 23:04

Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:

Restoring Default Security Values
Restoring Default Hosts File

Rebooting

[b]Checking Files [/b]:

No Trojan Files Found

Removing Temp Files

[b]ADS Check [/b]:

[b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-01-22 23:30:42
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\BTHPORT\Parameters\Keys\000272b36fad]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\a347scsi\Config\jdgg40]
"ujdew"=hex:20,02,00,00,3b,1a,bb,6b,c9,27,97,e7,07,7a,1b,db,01,0a,46,3a,43,..
"ljej40"=hex:75,1f,4c,e0,a8,27,0d,af,e6,46,51,4e,d7,4e,b6,ab,75,3b,95,67,fc,..
"ljej41"=hex:89,1f,4c,e0,d0,27,0d,af,e7,46,50,4e,d6,4e,b6,ab,75,3b,95,67,4c,..
"ljej42"=hex:89,1f,4c,e0,d0,27,0d,af,e7,46,50,4e,d6,4e,b6,ab,75,3b,95,67,4c,..
"ljej43"=hex:89,1f,4c,e0,d0,27,0d,af,e7,46,50,4e,d6,4e,b6,ab,75,3b,95,67,4c,..
"ljej44"=hex:89,1f,4c,e0,d0,27,0d,af,e7,46,50,4e,d6,4e,b6,ab,75,3b,95,67,4c,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\a347scsi\Config\jdgg41]
"ujdew"=hex:20,02,00,00,3b,1a,bb,6b,4f,ba,59,22,07,7a,1b,db,cb,1a,46,3a,43,..
"ljej40"=hex:73,1e,4c,e0,b8,26,0d,af,e6,46,51,4e,d7,4e,b6,ab,75,3b,95,67,c2,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\a347scsi\Config\jdgg42]
"ujdew"=hex:20,02,00,00,3b,1a,bb,6b,cd,34,6a,7c,07,7a,1b,db,cb,1a,46,3a,43,..
"ljej40"=hex:73,1e,4c,e0,b8,26,0d,af,e6,46,51,4e,d7,4e,b6,ab,75,3b,95,67,a0,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\a347scsi\Config\jdgg43]
"ujdew"=hex:20,02,00,00,3b,1a,bb,6b,97,3e,78,09,07,7a,1b,db,23,0a,46,3a,43,..
"ljej40"=hex:57,1f,4c,e0,a8,27,0d,af,e6,46,51,4e,d7,4e,b6,ab,75,3b,95,67,2f,..
"ljej41"=hex:89,1f,4c,e0,d0,27,0d,af,e7,46,50,4e,d6,4e,b6,ab,75,3b,95,67,4c,..
"ljej42"=hex:89,1f,4c,e0,d0,27,0d,af,e7,46,50,4e,d6,4e,b6,ab,75,3b,95,67,4c,..
"ljej43"=hex:89,1f,4c,e0,d0,27,0d,af,e7,46,50,4e,d6,4e,b6,ab,75,3b,95,67,4c,..
"ljej44"=hex:89,1f,4c,e0,d0,27,0d,af,e7,46,50,4e,d6,4e,b6,ab,75,3b,95,67,4c,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\a347scsi\Config\jdgg44]
"ujdew"=hex:20,02,00,00,2c,1a,bb,6b,60,2b,41,88,7c,2e,af,8b,73,91,eb,01,4c,..
"ljej40"=hex:cb,a1,e9,d8,c3,72,b9,ff,4b,cd,fc,75,d8,cc,ac,86,e0,3a,f6,03,0a,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000272b36fad]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\BTHPORT\Parameters\Keys\000272b36fad]

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{E9F81423-211E-46B6-9AE0-38568BC5CF6F}]
"DisplayName"="Alcohol 120% (Trial Version)"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:00000209

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

[b]Remaining Services [/b]:

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\BitLord\\BitLord.exe"="C:\\Program Files\\BitLord\\BitLord.exe:*:Enabled:BitLord"
"C:\\Python25\\pythonw.exe"="C:\\Python25\\pythonw.exe:*:Enabled:pythonw"
"C:\\Program Files\\ICQ6\\ICQ.exe"="C:\\Program Files\\ICQ6\\ICQ.exe:*:Enabled:ICQ6"
"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"="C:\\Program Files\\Yahoo!\\Messenger\\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe"="C:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe:*:Enabled:Football Manager 2008"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\\PVSW\\Bin\\w3dbsmgr.exe"="C:\\PVSW\\Bin\\w3dbsmgr.exe:*:Enabled:Database Service Manager"
"C:\\Program Files\\EBP\\Paye13.0\\WinPaye.exe"="C:\\Program Files\\EBP\\Paye13.0\\WinPaye.exe:*:Enabled:Paye"
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"="C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4"
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords.exe"="C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords.exe:*:Enabled:Sid Meier's Civilization 4 Warlords"
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords_PitBoss.exe"="C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Warlords\\Civ4Warlords_PitBoss.exe:*:Enabled:Sid Meier's Civilization 4 Pitboss"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Alwil Software\\Avast4\\ashServ.exe"="C:\\Program Files\\Alwil Software\\Avast4\\ashServ.exe:*:Enabled:ashServ"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msncall.exe"="C:\\Program Files\\MSN Messenger\\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone)"
"C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe"="C:\\Program Files\\Microsoft ActiveSync\\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe"="C:\\Program Files\\Microsoft ActiveSync\\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\\PVSW\\Bin\\w3dbsmgr.exe"="C:\\PVSW\\Bin\\w3dbsmgr.exe:*:Enabled:Database Service Manager"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[b]Remaining Files [/b]:

[b]Files with Hidden Attributes [/b]:

Tue 28 Oct 2008 6,108,728 A..H. --- "C:\Program Files\Picasa2\setup.exe"
Wed 18 Oct 2006 88 ..SHR --- "C:\WINDOWS\system32\0DB961A707.sys"
Tue 13 Jan 2009 1,334,171 ..SH. --- "C:\WINDOWS\system32\ivumises.tmp"
Wed 18 Oct 2006 3,766 A.SH. --- "C:\WINDOWS\system32\KGyGaAvL.sys"
Wed 21 Jan 2009 2,724 ..SH. --- "C:\WINDOWS\system32\zunubodu.exe"
Sat 9 Sep 2006 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Wed 9 Jan 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv02.tmp"
Sat 9 Sep 2006 4,348 A.SH. --- "C:\Documents and Settings\Dani\Mes documents\Ma musique\Sauvegarde de la licence\drmv1key.bak"
Sun 22 Jul 2007 11,115 A.SH. --- "C:\Documents and Settings\Dani\Mes documents\Ma musique\Sauvegarde de la licence\drmv2key.bak"

[b]Finished![/b]
0
Réponse 24 / 33
danicrome Messages postés 19 Date d'inscription   Statut Membre Dernière intervention  
 
rapport hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:40:12, on 22/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PVSW\Bin\WGE_SRV.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\PVSW\BIN\W3dbsmgr.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Creative\Mixer\CTSVolFE.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Dani\Bureau\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Page_URL = www.google.fr/ig/dell?hl=fr&client=dell-row&channel=fr&ibd=5060905
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://127.0.0.1:4664/first_usage&s=MQ-vaq6YtqM1DocvPPgF6YSkQOg
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareBlock Class - {0A87E45F-537A-40B4-B812-E2544C21A09F} - C:\Program Files\GhostSurf 2006 Platinum\SCActiveBlock.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [CTSVolFE.exe] "C:\Program Files\Creative\Mixer\CTSVolFE.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O9 - Extra 'Tools' menuitem: &Messenger Addon - {FB5F1911-F110-11d2-BB9E-00C04F795683} - http://messenger.ipfox.com (file missing)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by126w.bay126.mail.live.com/mail/resources/MsnPUpld.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Object) - https://bellerock.microgaming.com/freeplayfrench/FlashAX2.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: EBP Pervasive.SQL - Unknown owner - C:\PVSW\Bin\WGE_SRV.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 33
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
relance hijackthis choisit do a scan only et coche les cases a gauches des lignes :

R3 - Default URLSearchHook is missing
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/v1018/flashax.cab

puis clic sur fix checked

ensuite

telecharge GMER ici

https://www.01net.com/telecharger/windows/Utilitaire/optimiseurs_et_tests/fiches/33654.html

lance le puis selectionne tous tes disques C et D...puis clic sur scan cela peut durer un moment et toutes les lignes rouges à la fin tu clic droit dessus et tu les supprimes mais avant de les supprimes copie les et colle les ici stp
0
Réponse 26 / 33
danicrome Messages postés 19 Date d'inscription   Statut Membre Dernière intervention  
 
J'ai lancé GMER mais aucune ligne n'apparait en rouge.

C'est bon signe ça normalement?
0
Réponse 27 / 33
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
oui si tu as pas de ligne en rouge c'est bon, mais tu as bien reclic sur scan après l'ouverture et selectionné tout tes disques si oui c'est bon (le scan dur au moins 10min en general)

puis après conseil :

essaye ceci

desactive antivirus et antispyware puis tu va telechargé simtfraudfix, il est detecté a tort :

clic http://www.malekal.com/tutorial_SmitFraudfix.php le telechargement et le tuto et dedans, tu dois lancer simtfraud faire l'option 1 et poste le rapport stp
0
Réponse 28 / 33
danicrome Messages postés 19 Date d'inscription   Statut Membre Dernière intervention  
 
Voici le rapport

SmitFraudFix v2.391

Rapport fait à 18:36:46,84, 24/01/2009
Executé à partir de C:\Documents and Settings\Dani\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PVSW\Bin\WGE_SRV.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PVSW\BIN\W3dbsmgr.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Creative\Mixer\CTSVolFE.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BitLord\BitLord.exe
C:\Documents and Settings\Dani\Bureau\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\wscntfy.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Dani

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Dani\LOCALS~1\Temp

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Dani\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Dani\Favoris

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"

»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» RK

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Intel(R) PRO/Wireless 3945ABG Network Connection - Miniport d'ordonnancement de paquets
DNS Server Search Order: 212.27.40.241
DNS Server Search Order: 212.27.40.240

HKLM\SYSTEM\CCS\Services\Tcpip\..\{A3B24CD1-81DB-41BD-B3AB-C56C4D0E2F59}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\..\{A3B24CD1-81DB-41BD-B3AB-C56C4D0E2F59}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS3\Services\Tcpip\..\{A3B24CD1-81DB-41BD-B3AB-C56C4D0E2F59}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin
0
Réponse 29 / 33
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
il te reste encore un rootkit assez mechant

Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV]
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv]
Rootkit Tibs ! .. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv]

refait une analyse RAPIDE avec malwarebyte et poste le rapport stp
0
Réponse 30 / 33
danicrome Messages postés 19 Date d'inscription   Statut Membre Dernière intervention  
 
En sans échec?
0
Réponse 31 / 33
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
oui fait la en sans echec
0
Réponse 32 / 33
danicrome Messages postés 19 Date d'inscription   Statut Membre Dernière intervention  
 
Malwarebytes' Anti-Malware 1.33
Version de la base de données: 1675
Windows 5.1.2600 Service Pack 3

24/01/2009 19:22:17
mbam-log-2009-01-24 (19-22-10).txt

Type de recherche: Examen rapide
Eléments examinés: 60125
Temps écoulé: 13 minute(s), 48 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 1

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\svchost.MSNFix (Heuristics.Reserved.Word.Exploit) -> No action taken.
0
Réponse 33 / 33
plopus Messages postés 6113 Statut Contributeur sécurité 293
 
ok as tu supprimer l'infection trouvées par malwarebyte ?

bon ecoute la jsuis pas assez calé, je pense qu'il faut que quelqu'un te fasse un script de desinfection avec sa :

:driver
Legacy_PACKET
Legacy_TDSSSERV
Service_TDSSserv

:reg
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_TDSSSERV]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\TDSSserv]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\Shell\AutoRun\command
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
\Shell\AutoRun\command
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
\Shell\AutoRun\command

et d'autres je pense

jvé demander
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Problème avec "PUADIManager:Win32/OfferCore
Knaki -
bazfile -

3 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses