5 trojan.win32.monder.gen et 3 trojan generic
bilibob78
Messages postés
86
Statut
Membre
-
bilibob78 Messages postés 86 Statut Membre -
bilibob78 Messages postés 86 Statut Membre -
Bonjour,
J'ai un petit problème de virus, je suis pris avec 5 trojan.win32.monder.gen et 3 trojan generic...
Quelqu'un peu m'aider s'il vous Plait!!! Cela serait vraiment aprécié.
J'ai un petit problème de virus, je suis pris avec 5 trojan.win32.monder.gen et 3 trojan generic...
Quelqu'un peu m'aider s'il vous Plait!!! Cela serait vraiment aprécié.
A voir également:
- 5 trojan.win32.monder.gen et 3 trojan generic
- Ai suite 3 - Télécharger - Optimisation
- Picasa 3 - Télécharger - Albums photo
- Photorecit 3 - Télécharger - Visionnage & Diaporama
- Kyle xy saison 5 ✓ - Forum Cinéma / Télé
- Trojan remover - Télécharger - Antivirus & Antimalwares
14 réponses
Salut,
Win32.Monder, c' est un variant de Vundo !
-----
Télécharge, installe et mets à jour Malwarebytes Anti-Malwares …
http://forum.telecharger.01net.com/microhebdo/6/tuto-securite/tuto-malwaresbytes-anti-malware-352008/messages-1.html puis, lance un scan COMPLET et poste le rapport.
PS : si MalwareByte's a détecté des infections, clique sur Afficher les résultats,
puis sur Supprimer la sélection.
-----
Ensuite, fais un scan HijackThis :
http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/hijackthis-version-install-sujet_199100_1.htm ... et poste le rapport.
Win32.Monder, c' est un variant de Vundo !
-----
Télécharge, installe et mets à jour Malwarebytes Anti-Malwares …
http://forum.telecharger.01net.com/microhebdo/6/tuto-securite/tuto-malwaresbytes-anti-malware-352008/messages-1.html puis, lance un scan COMPLET et poste le rapport.
PS : si MalwareByte's a détecté des infections, clique sur Afficher les résultats,
puis sur Supprimer la sélection.
-----
Ensuite, fais un scan HijackThis :
http://forum.telecharger.01net.com/forum/high-tech/PRODUITS/Questions-techniques/hijackthis-version-install-sujet_199100_1.htm ... et poste le rapport.
voilà le rapport de malaware...
Malwarebytes' Anti-Malware 1.39
Version de la base de données: 2507
Windows 6.0.6001 Service Pack 1
2009-07-26 18:49:36
mbam-log-2009-07-26 (18-49-36).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 276735
Temps écoulé: 1 hour(s), 19 minute(s), 14 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\Users\Alex\documents\cs non-steam hack\SSW4.8\SSW4.8.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\Users\Alex\documents\cs non-steam hack\SSWv5.0\SSWv5.0.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\Users\Alex\documents\cs non-steam hack\wallhack\SSWv4.7.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
Et puis celui de hijackthis...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:00:51, on 2009-07-26
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.ca
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.dealsplus.com/karmaloop-coupons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~2.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; GTB6; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; MEGAUPLOAD 3.0; .NET CLR 3.5.30729; .NET CLR 3.0.30618; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"http://www.spineworld.com/s?method=register"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldfr-ca.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://128.210.72.31/activex/AxisCamControl.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Malwarebytes' Anti-Malware 1.39
Version de la base de données: 2507
Windows 6.0.6001 Service Pack 1
2009-07-26 18:49:36
mbam-log-2009-07-26 (18-49-36).txt
Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 276735
Temps écoulé: 1 hour(s), 19 minute(s), 14 second(s)
Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 1
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 3
Processus mémoire infecté(s):
(Aucun élément nuisible détecté)
Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)
Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.
Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)
Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)
Dossier(s) infecté(s):
(Aucun élément nuisible détecté)
Fichier(s) infecté(s):
c:\Users\Alex\documents\cs non-steam hack\SSW4.8\SSW4.8.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\Users\Alex\documents\cs non-steam hack\SSWv5.0\SSWv5.0.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
c:\Users\Alex\documents\cs non-steam hack\wallhack\SSWv4.7.exe (Spyware.OnlineGames) -> Quarantined and deleted successfully.
Et puis celui de hijackthis...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:00:51, on 2009-07-26
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Dell\DellDock\DellDock.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10b.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.google.ca
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.dealsplus.com/karmaloop-coupons
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer fourni par Dell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [WeatherEye] C:\Program Files\MétéoMédia\MétéoÉclair\WeatherEye.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\Windows\System32\Adobe\SHOCKW~1\SWHELP~2.EXE -Update -1103472 -"Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/4.0; GTB6; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) ; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; MEGAUPLOAD 3.0; .NET CLR 3.5.30729; .NET CLR 3.0.30618; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)" -"http://www.spineworld.com/s?method=register"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: Dell Dock.lnk = C:\Program Files\Dell\DellDock\DellDock.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer au périphérique &Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Envoyer l'&image au périphérique Bluetooth... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/VistaMSNPUpldfr-ca.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-CA/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://128.210.72.31/activex/AxisCamControl.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,C:\PROGRA~1\KASPER~1\KASPER~1.0\r3hook.dll
O20 - Winlogon Notify: GoToAssist - C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dock Login Service (DockLoginService) - Stardock Corporation - C:\Program Files\Dell\DellDock\DockLogin.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.7.801.7324 (GoogleDesktopManager-010708-104812) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: GoToAssist - Citrix Online, a division of Citrix Systems, Inc. - C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Salut,
(si ce n’ est déjà fait) Télécharge CCleaner :
http://www.filehippo.com/download_ccleaner.html
("Download Latest Version", sur la droite) et laisse-toi guider.
A un moment, il te sera demandé de cocher :
"Ajouter la barre d' outils Yahoo". Refuse et …
Laisse-le s’ installer tel que …
-------
Redémarre le PC en mode sans échec ...
https://www.pcastuces.com/pratique/windows/mode_sans_echec/page2.html
(méthode F8 de préférence)
--------------------------------------------
Tu n' auras pas accès à Internet pendant le "mode sans échec".
Aussi, copie/colle la procédure dans un fichier texte (word) et mets-la
sur le "bureau" pour l' avoir à ta disposition.
--------------------------------------------
Ferme toutes les fenêtres et applications.
Relance HijackThis et clique sur > Do a system scan only puis, coche
les cases devant les lignes qui suivent (et uniquement ces lignes), si tjrs présentes :
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
Ensuite, clique sur > Fix checked et valide par "Yes". Referme HijackThis.
Rends-toi dans Démarrer > Poste de travail > Panneau de config. > Programmes et fonctionnalités et
supprimes, si tu le trouves :
Megaupload
Puis, va dans > Démarrer > Poste de travail > C:\ > Program Files
et supprime le(s) programme(s) en gras, ci-dessous, si tu le(s) trouves.
Megaupload <--
Lance CCleaner ...
Clique sur > Analyser > Nettoyer, puis sur OK dans la fenêtre qui s' affiche.
(re)Lance le nettoyage et (re)confirme par OK.
Redémarre le PC en mode normal ...
Télécharge Toolbar S&D (Team IDN) sur ton Bureau : https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
Lance l'installation du programme en exécutant le fichier téléchargé.
Double-clique maintenant sur le raccourci de Toolbar-S&D.
Sélectionne la langue de ton choix puis, valide avec la touche "Entrée".
Ensuite, choisis l'option 1 (Recherche).
Patiente jusqu'à la fin de la recherche.
Le contenu du rapport est situé dans : C:\TB.txt
Poste-le.
---
Enfin, fais ce scan en ligne : http://www.bitdefender.fr/scan_fr/scan8/ie.html
Clique sur J' accepte > Démarrer l' analyse, etc ...
Une fois le scan achevé, sauvegarde le rapport et poste-le.
Tuto : https://forum.pcastuces.com/default.asp
---
PS : désactive tes protections résidentes, notamment celle de Kaspersky le temps du scan ...
-----
A propos de ta version d' Adobe Reader (9.0) qui est susceptible de contenir des failles de sécurité :
installe la toute dernière version : http://www.secuser.com/vulnerabilite/2009/090429-adobe-reader.htm
http://www.secuser.com/faq/securite/#faille_securite
---
Par ailleurs, concernant les toolbars, je t' invite à lire ce qui suit :
https://forum.malekal.com/viewtopic.php?f=45&t=6173
(si ce n’ est déjà fait) Télécharge CCleaner :
http://www.filehippo.com/download_ccleaner.html
("Download Latest Version", sur la droite) et laisse-toi guider.
A un moment, il te sera demandé de cocher :
"Ajouter la barre d' outils Yahoo". Refuse et …
Laisse-le s’ installer tel que …
-------
Redémarre le PC en mode sans échec ...
https://www.pcastuces.com/pratique/windows/mode_sans_echec/page2.html
(méthode F8 de préférence)
--------------------------------------------
Tu n' auras pas accès à Internet pendant le "mode sans échec".
Aussi, copie/colle la procédure dans un fichier texte (word) et mets-la
sur le "bureau" pour l' avoir à ta disposition.
--------------------------------------------
Ferme toutes les fenêtres et applications.
Relance HijackThis et clique sur > Do a system scan only puis, coche
les cases devant les lignes qui suivent (et uniquement ces lignes), si tjrs présentes :
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
Ensuite, clique sur > Fix checked et valide par "Yes". Referme HijackThis.
Rends-toi dans Démarrer > Poste de travail > Panneau de config. > Programmes et fonctionnalités et
supprimes, si tu le trouves :
Megaupload
Puis, va dans > Démarrer > Poste de travail > C:\ > Program Files
et supprime le(s) programme(s) en gras, ci-dessous, si tu le(s) trouves.
Megaupload <--
Lance CCleaner ...
Clique sur > Analyser > Nettoyer, puis sur OK dans la fenêtre qui s' affiche.
(re)Lance le nettoyage et (re)confirme par OK.
Redémarre le PC en mode normal ...
Télécharge Toolbar S&D (Team IDN) sur ton Bureau : https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
Lance l'installation du programme en exécutant le fichier téléchargé.
Double-clique maintenant sur le raccourci de Toolbar-S&D.
Sélectionne la langue de ton choix puis, valide avec la touche "Entrée".
Ensuite, choisis l'option 1 (Recherche).
Patiente jusqu'à la fin de la recherche.
Le contenu du rapport est situé dans : C:\TB.txt
Poste-le.
---
Enfin, fais ce scan en ligne : http://www.bitdefender.fr/scan_fr/scan8/ie.html
Clique sur J' accepte > Démarrer l' analyse, etc ...
Une fois le scan achevé, sauvegarde le rapport et poste-le.
Tuto : https://forum.pcastuces.com/default.asp
---
PS : désactive tes protections résidentes, notamment celle de Kaspersky le temps du scan ...
-----
A propos de ta version d' Adobe Reader (9.0) qui est susceptible de contenir des failles de sécurité :
installe la toute dernière version : http://www.secuser.com/vulnerabilite/2009/090429-adobe-reader.htm
http://www.secuser.com/faq/securite/#faille_securite
---
Par ailleurs, concernant les toolbars, je t' invite à lire ce qui suit :
https://forum.malekal.com/viewtopic.php?f=45&t=6173
-----------\\ ToolBar S&D 1.2.8 XP/Vista
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A13
USER : Alex ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Anti-Virus 7.0.0.125 (Activated)
C:\ (Local Disk) - NTFS - Total:220 Go (Free:126 Go)
D:\ (Local Disk) - NTFS - Total:9 Go (Free:5 Go)
E:\ (CD or DVD)
G:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 2009-07-27|20:14 )
[ UAC => 1 ]
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.dealsplus.com/karmaloop-coupons"
"Default_Page_URL"="https://www.google.ca"
"Url"="https://www.msn.com/fr-fr/actualite/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\Windows\\System32\\blank.htm"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\Users\Alex\Music\Bishop Lamont - Pope Mobile\01-pope_mobile_intro_heaven_ft._bilal_&_rev._keep_it_crackin_(produced_by_dr._dre).mp3
C:\Users\Alex\Music\EminemTheDayAfterRelapse\Eminem - The Day After Relapse\01 - Eminem - Crack a Bottle (feat. Dr. Dre & 50 Cent) [Extended].mp3
C:\Users\Alex\Music\EminemTheDayAfterRelapse\Eminem - The Day After Relapse\10 - Eminem - Crack a Bottle Remix (feat. Ca$his and Bobby Creek).mp3
C:\Users\Alex\Music\Ghostface Killah - 2006 - Fishscale\Ghostface Killah - 2006 - Fishscale\09-ghostface_killah-columbus_exchange_(skit)-crack_spot.mp3
C:\Users\Alex\Music\Jay-Z - Vol.1 - In My Lifetime - 1997\Jay-Z - Vol.1 - In My Lifetime - 1997\97\12-jay-z-rap_game-_crack_game-rec.mp3
C:\Users\Alex\Music\Notorious B.I.G - Greatest hits\Notorious_B.I.G.-Greatest_Hits-2007-\Notorious_B.I.G.-Greatest_Hits-2007-\09-ten_crack_commandments.mp3
[ UAC => 1 ]
1 - "C:\ToolBar SD\TB_1.txt" - 2009-07-27|20:15 - Option : [1]
-----------\\ Fin du rapport a 20:15:37,98
Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5750 @ 2.00GHz )
BIOS : Phoenix ROM BIOS PLUS Version 1.10 A13
USER : Alex ( Administrator )
BOOT : Normal boot
Antivirus : Kaspersky Anti-Virus 7.0.0.125 (Activated)
C:\ (Local Disk) - NTFS - Total:220 Go (Free:126 Go)
D:\ (Local Disk) - NTFS - Total:9 Go (Free:5 Go)
E:\ (CD or DVD)
G:\ (CD or DVD)
"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [1] ( 2009-07-27|20:14 )
[ UAC => 1 ]
-----------\\ Recherche de Fichiers / Dossiers ...
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.dealsplus.com/karmaloop-coupons"
"Default_Page_URL"="https://www.google.ca"
"Url"="https://www.msn.com/fr-fr/actualite/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\Windows\\System32\\blank.htm"
--------------------\\ Recherche d'autres infections
--------------------\\ Cracks & Keygens ..
C:\Users\Alex\Music\Bishop Lamont - Pope Mobile\01-pope_mobile_intro_heaven_ft._bilal_&_rev._keep_it_crackin_(produced_by_dr._dre).mp3
C:\Users\Alex\Music\EminemTheDayAfterRelapse\Eminem - The Day After Relapse\01 - Eminem - Crack a Bottle (feat. Dr. Dre & 50 Cent) [Extended].mp3
C:\Users\Alex\Music\EminemTheDayAfterRelapse\Eminem - The Day After Relapse\10 - Eminem - Crack a Bottle Remix (feat. Ca$his and Bobby Creek).mp3
C:\Users\Alex\Music\Ghostface Killah - 2006 - Fishscale\Ghostface Killah - 2006 - Fishscale\09-ghostface_killah-columbus_exchange_(skit)-crack_spot.mp3
C:\Users\Alex\Music\Jay-Z - Vol.1 - In My Lifetime - 1997\Jay-Z - Vol.1 - In My Lifetime - 1997\97\12-jay-z-rap_game-_crack_game-rec.mp3
C:\Users\Alex\Music\Notorious B.I.G - Greatest hits\Notorious_B.I.G.-Greatest_Hits-2007-\Notorious_B.I.G.-Greatest_Hits-2007-\09-ten_crack_commandments.mp3
[ UAC => 1 ]
1 - "C:\ToolBar SD\TB_1.txt" - 2009-07-27|20:15 - Option : [1]
-----------\\ Fin du rapport a 20:15:37,98
Voici le scan de bitdefender
BitDefender Online Scanner
Scan report generated at: Mon, Jul 27, 2009 - 21:46:32
Scan path: C:\;D:\;E:\;G:\;
Statistics
Time
01:13:46
Files
406823
Folders
23705
Boot Sectors
0
Archives
2549
Packed Files
31761
Results
Identified Viruses
5
Infected Files
9
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
9
Engines Info
Virus Definitions
3850199
Engine build
AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)
Scan plugins
17
Archive plugins
44
Unpack plugins
7
E-mail plugins
6
System plugins
4
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Users\Alex\Documents\CS non-steam hack\BaDBoYv5_www.cs16-hacks.de.tl\BaDBoYv5\BaDBoYv5.exe
Infected with: Trojan.Generic.1012384
C:\Users\Alex\Documents\CS non-steam hack\BaDBoYv5_www.cs16-hacks.de.tl\BaDBoYv5\BaDBoYv5.exe
Deleted
C:\Users\Alex\Documents\CS non-steam hack\SSWv5.0\SSWv5.0.dll
Infected with: Worm.Generic.37831
C:\Users\Alex\Documents\CS non-steam hack\SSWv5.0\SSWv5.0.dll
Deleted
C:\Users\Alex\Documents\CS non-steam hack\wallhack\SSWv4.7.dll
Infected with: Worm.Generic.37788
C:\Users\Alex\Documents\CS non-steam hack\wallhack\SSWv4.7.dll
Deleted
C:\Users\Alex\Documents\CS non-steam hack\xqz_hack_1.44\xqz hack 1.44\Xqz hack 1.44.exe
Infected with: Backdoor.Generic.114806
C:\Users\Alex\Documents\CS non-steam hack\xqz_hack_1.44\xqz hack 1.44\Xqz hack 1.44.exe
Deleted
C:\Users\Alex\Documents\LimeWire\Saved\Kid Cudi - Day 'N' Nite.zip=>Kid Cudi - Day 'N' Nite/Kid Cudi - Day 'N' Nite.mp3.exe
Infected with: Trojan.Generic.1854064
C:\Users\Alex\Documents\LimeWire\Saved\Kid Cudi - Day 'N' Nite.zip=>Kid Cudi - Day 'N' Nite/Kid Cudi - Day 'N' Nite.mp3.exe
Deleted
C:\Users\Alex\Documents\LimeWire\Saved\Kid Cudi - Day 'N' Nite.zip
Updated
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>SSWv5.0\SSWv5.0.dll
Infected with: Worm.Generic.37831
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>SSWv5.0\SSWv5.0.dll
Deleted
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar
Update failed
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>wallhack\SSWv4.7.dll
Infected with: Worm.Generic.37788
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>wallhack\SSWv4.7.dll
Deleted
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar
Update failed
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>xqz_hack_1.44\xqz hack 1.44\Xqz hack 1.44.exe
Infected with: Backdoor.Generic.114806
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>xqz_hack_1.44\xqz hack 1.44\Xqz hack 1.44.exe
Deleted
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar
Update failed
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>BaDBoYv5_www.cs16-hacks.de.tl\BaDBoYv5\BaDBoYv5.exe
Infected with: Trojan.Generic.1012384
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>BaDBoYv5_www.cs16-hacks.de.tl\BaDBoYv5\BaDBoYv5.exe
Deleted
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar
Update failed
BitDefender Online Scanner
Scan report generated at: Mon, Jul 27, 2009 - 21:46:32
Scan path: C:\;D:\;E:\;G:\;
Statistics
Time
01:13:46
Files
406823
Folders
23705
Boot Sectors
0
Archives
2549
Packed Files
31761
Results
Identified Viruses
5
Infected Files
9
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
9
Engines Info
Virus Definitions
3850199
Engine build
AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)
Scan plugins
17
Archive plugins
44
Unpack plugins
7
E-mail plugins
6
System plugins
4
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Users\Alex\Documents\CS non-steam hack\BaDBoYv5_www.cs16-hacks.de.tl\BaDBoYv5\BaDBoYv5.exe
Infected with: Trojan.Generic.1012384
C:\Users\Alex\Documents\CS non-steam hack\BaDBoYv5_www.cs16-hacks.de.tl\BaDBoYv5\BaDBoYv5.exe
Deleted
C:\Users\Alex\Documents\CS non-steam hack\SSWv5.0\SSWv5.0.dll
Infected with: Worm.Generic.37831
C:\Users\Alex\Documents\CS non-steam hack\SSWv5.0\SSWv5.0.dll
Deleted
C:\Users\Alex\Documents\CS non-steam hack\wallhack\SSWv4.7.dll
Infected with: Worm.Generic.37788
C:\Users\Alex\Documents\CS non-steam hack\wallhack\SSWv4.7.dll
Deleted
C:\Users\Alex\Documents\CS non-steam hack\xqz_hack_1.44\xqz hack 1.44\Xqz hack 1.44.exe
Infected with: Backdoor.Generic.114806
C:\Users\Alex\Documents\CS non-steam hack\xqz_hack_1.44\xqz hack 1.44\Xqz hack 1.44.exe
Deleted
C:\Users\Alex\Documents\LimeWire\Saved\Kid Cudi - Day 'N' Nite.zip=>Kid Cudi - Day 'N' Nite/Kid Cudi - Day 'N' Nite.mp3.exe
Infected with: Trojan.Generic.1854064
C:\Users\Alex\Documents\LimeWire\Saved\Kid Cudi - Day 'N' Nite.zip=>Kid Cudi - Day 'N' Nite/Kid Cudi - Day 'N' Nite.mp3.exe
Deleted
C:\Users\Alex\Documents\LimeWire\Saved\Kid Cudi - Day 'N' Nite.zip
Updated
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>SSWv5.0\SSWv5.0.dll
Infected with: Worm.Generic.37831
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>SSWv5.0\SSWv5.0.dll
Deleted
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar
Update failed
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>wallhack\SSWv4.7.dll
Infected with: Worm.Generic.37788
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>wallhack\SSWv4.7.dll
Deleted
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar
Update failed
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>xqz_hack_1.44\xqz hack 1.44\Xqz hack 1.44.exe
Infected with: Backdoor.Generic.114806
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>xqz_hack_1.44\xqz hack 1.44\Xqz hack 1.44.exe
Deleted
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar
Update failed
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>BaDBoYv5_www.cs16-hacks.de.tl\BaDBoYv5\BaDBoYv5.exe
Infected with: Trojan.Generic.1012384
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>BaDBoYv5_www.cs16-hacks.de.tl\BaDBoYv5\BaDBoYv5.exe
Deleted
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar
Update failed
Salut,
"À voir le rapport de Bit defender... il y en reste une coupe à éliminer! "
Non, pas tant que cela ...
Relance un scan BitDefender et poste le rapport.
-----
"--------------------\\ Cracks & Keygens ..
C:\Users\Alex\Music\Bishop Lamont - Pope Mobile\01-pope_mobile_intro_heaven_ft._bilal_&_rev._keep_it_crackin_(produced_by_dr._dre).mp3
C:\Users\Alex\Music\EminemTheDayAfterRelapse\Eminem - The Day After Relapse\01 - Eminem - Crack a Bottle (feat. Dr. Dre & 50 Cent) [Extended].mp3
C:\Users\Alex\Music\EminemTheDayAfterRelapse\Eminem - The Day After Relapse\10 - Eminem - Crack a Bottle Remix (feat. Ca$his and Bobby Creek).mp3
C:\Users\Alex\Music\Ghostface Killah - 2006 - Fishscale\Ghostface Killah - 2006 - Fishscale\09-ghostface_killah-columbus_exchange_(skit)-crack_spot.mp3
C:\Users\Alex\Music\Jay-Z - Vol.1 - In My Lifetime - 1997\Jay-Z - Vol.1 - In My Lifetime - 1997\97\12-jay-z-rap_game-_crack_game-rec.mp3
C:\Users\Alex\Music\Notorious B.I.G - Greatest hits\Notorious_B.I.G.-Greatest_Hits-2007-\Notorious_B.I.G.-Greatest_Hits-2007-\09-ten_crack_commandments.mp3 "
A lire à propos des cracks : https://forum.malekal.com/viewtopic.php?t=893&start=
et aussi : https://forum.zebulon.fr/topic/93281-pr%C3%A9vention-le-crack-dans-toute-sa-splendeur/
---
"À voir le rapport de Bit defender... il y en reste une coupe à éliminer! "
Non, pas tant que cela ...
Relance un scan BitDefender et poste le rapport.
-----
"--------------------\\ Cracks & Keygens ..
C:\Users\Alex\Music\Bishop Lamont - Pope Mobile\01-pope_mobile_intro_heaven_ft._bilal_&_rev._keep_it_crackin_(produced_by_dr._dre).mp3
C:\Users\Alex\Music\EminemTheDayAfterRelapse\Eminem - The Day After Relapse\01 - Eminem - Crack a Bottle (feat. Dr. Dre & 50 Cent) [Extended].mp3
C:\Users\Alex\Music\EminemTheDayAfterRelapse\Eminem - The Day After Relapse\10 - Eminem - Crack a Bottle Remix (feat. Ca$his and Bobby Creek).mp3
C:\Users\Alex\Music\Ghostface Killah - 2006 - Fishscale\Ghostface Killah - 2006 - Fishscale\09-ghostface_killah-columbus_exchange_(skit)-crack_spot.mp3
C:\Users\Alex\Music\Jay-Z - Vol.1 - In My Lifetime - 1997\Jay-Z - Vol.1 - In My Lifetime - 1997\97\12-jay-z-rap_game-_crack_game-rec.mp3
C:\Users\Alex\Music\Notorious B.I.G - Greatest hits\Notorious_B.I.G.-Greatest_Hits-2007-\Notorious_B.I.G.-Greatest_Hits-2007-\09-ten_crack_commandments.mp3 "
A lire à propos des cracks : https://forum.malekal.com/viewtopic.php?t=893&start=
et aussi : https://forum.zebulon.fr/topic/93281-pr%C3%A9vention-le-crack-dans-toute-sa-splendeur/
---
Voici mon rapport de Bitdefender...dois-je deleter les fichiers en gras manuellement...(cracks)
BitDefender Online Scanner
Scan report generated at: Tue, Jul 28, 2009 - 19:04:20
Scan path: C:\;D:\;E:\;G:\;
Statistics
Time
01:14:40
Files
410675
Folders
23715
Boot Sectors
0
Archives
2551
Packed Files
31853
Results
Identified Viruses
4
Infected Files
4
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
4
Engines Info
Virus Definitions
3869281
Engine build
AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)
Scan plugins
17
Archive plugins
45
Unpack plugins
7
E-mail plugins
6
System plugins
4
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>SSWv5.0\SSWv5.0.dll
Infected with: Worm.Generic.37831
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>SSWv5.0\SSWv5.0.dll
Deleted
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar
Update failed
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>wallhack\SSWv4.7.dll
Infected with: Worm.Generic.37788
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>wallhack\SSWv4.7.dll
Deleted
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar
Update failed
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>xqz_hack_1.44\xqz hack 1.44\Xqz hack 1.44.exe
Infected with: Backdoor.Generic.114806
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>xqz_hack_1.44\xqz hack 1.44\Xqz hack 1.44.exe
Deleted
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar
Update failed
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>BaDBoYv5_www.cs16-hacks.de.tl\BaDBoYv5\BaDBoYv5.exe
Infected with: Trojan.Generic.1012384
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>BaDBoYv5_www.cs16-hacks.de.tl\BaDBoYv5\BaDBoYv5.exe
Deleted
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar
Update failed
BitDefender Online Scanner
Scan report generated at: Tue, Jul 28, 2009 - 19:04:20
Scan path: C:\;D:\;E:\;G:\;
Statistics
Time
01:14:40
Files
410675
Folders
23715
Boot Sectors
0
Archives
2551
Packed Files
31853
Results
Identified Viruses
4
Infected Files
4
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
4
Engines Info
Virus Definitions
3869281
Engine build
AVCORE v1.7 (build 8314.19) (i386) (Sep 29 2008 17:19:14)
Scan plugins
17
Archive plugins
45
Unpack plugins
7
E-mail plugins
6
System plugins
4
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>SSWv5.0\SSWv5.0.dll
Infected with: Worm.Generic.37831
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>SSWv5.0\SSWv5.0.dll
Deleted
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar
Update failed
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>wallhack\SSWv4.7.dll
Infected with: Worm.Generic.37788
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>wallhack\SSWv4.7.dll
Deleted
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar
Update failed
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>xqz_hack_1.44\xqz hack 1.44\Xqz hack 1.44.exe
Infected with: Backdoor.Generic.114806
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>xqz_hack_1.44\xqz hack 1.44\Xqz hack 1.44.exe
Deleted
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar
Update failed
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>BaDBoYv5_www.cs16-hacks.de.tl\BaDBoYv5\BaDBoYv5.exe
Infected with: Trojan.Generic.1012384
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar=>BaDBoYv5_www.cs16-hacks.de.tl\BaDBoYv5\BaDBoYv5.exe
Deleted
C:\Users\Alex\Downloads\Fichier WinRar\cs_non_steam_hack_pack.rar
Update failed
Salut,
Si tu as pris connaissance des liens que j' ai mis et que tu es convaincu des problèmes que cela peut
engendrer, alors, tu sais ce qu' il te reste à faire pour ces cracks !
---
Un autre scan en ligne ...
Lance un scan Nod32 : https://www.eset.com/
(il faut utiliser Internet Explorer) …
- coche toutes les cases à chaque fois, et lorsque c'est terminé, poste le rapport :
- C:\Program Files\EsetOnlineScanner\log.txt <--
Si tu as pris connaissance des liens que j' ai mis et que tu es convaincu des problèmes que cela peut
engendrer, alors, tu sais ce qu' il te reste à faire pour ces cracks !
---
Un autre scan en ligne ...
Lance un scan Nod32 : https://www.eset.com/
(il faut utiliser Internet Explorer) …
- coche toutes les cases à chaque fois, et lorsque c'est terminé, poste le rapport :
- C:\Program Files\EsetOnlineScanner\log.txt <--
voici ce qu'il y avait dans log.txt
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
et voici ce que la fenetre du scan disait:
C:\Downloads\FamilyFeudSetup-dm[1].exe Win32/Adware.Trymedia application cleaned by deleting - quarantined
C:\Users\Alex\Documents\CS non-steam hack\SSW4.8\SSW4.8.dll a variant of Win32/Conficker.X worm cleaned by deleting - quarantined
C:\Users\Alex\Downloads\AutoClick.exe Win32/TrojanClicker.Agent.NFX trojan cleaned by deleting - quarantined
C:\Users\Public\Downloads\FamilyFeudSetup-dm[1].exe Win32/Adware.Trymedia application cleaned by deleting - quarantined
ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
et voici ce que la fenetre du scan disait:
C:\Downloads\FamilyFeudSetup-dm[1].exe Win32/Adware.Trymedia application cleaned by deleting - quarantined
C:\Users\Alex\Documents\CS non-steam hack\SSW4.8\SSW4.8.dll a variant of Win32/Conficker.X worm cleaned by deleting - quarantined
C:\Users\Alex\Downloads\AutoClick.exe Win32/TrojanClicker.Agent.NFX trojan cleaned by deleting - quarantined
C:\Users\Public\Downloads\FamilyFeudSetup-dm[1].exe Win32/Adware.Trymedia application cleaned by deleting - quarantined
