Malware recurent smss.exe

moinele Messages postés 138 Statut Membre -  
moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonjour a tous,
Je suis sous Vista Edition Familiale Premium 32 bits,
mon antivirus m'annonce régulièrement être infecté par un malware (virus/vers) "smss.exe"!
J'ai fais un Ccleaner, Spybot et j'ai controlé le démarrage dans msconfig, mais rien d'anormal!
Merci de m'aider a l'éradiquer!
@+
Configuration: Windows Vista
Firefox 3.5.5

30 réponses

  • 1
  • 2
  1. servabat Messages postés 2073 Statut Membre 269
     
    salut.
    telecharge hijackthis ici, installe le et demarre le. Ensuite, appuie sur le bouton "do a system scan and save a log file". A la fin , il t'ouvrira le bloc-note avec qq chose dedans. copie colle le contenu ici dans un post.
    0
  2. moinele Messages postés 138 Statut Membre 1
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:24:44, on 07/12/2009
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18828)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\RocketDock\RocketDock.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Mail\wlmail.exe
    C:\Users\STPHAN~1\LOCALS~1\APPLIC~1\MICROS~1\sessmgr.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\EBP\GestionCommerciale14.0\Gestion.exe
    C:\Windows\system32\conime.exe
    C:\Users\Stéphane\Downloads\hijackthis-2.0.2.75917.exe
    C:\Users\STPHAN~1\AppData\Local\Temp\hijackthis-2.0.2.75917.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sernam.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F3 - REG:win.ini: load=C:\Users\STPHAN~1\LOCALS~1\APPLIC~1\MICROS~1\sessmgr.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
    O2 - BHO: PimpFish Toolbar Opcode Handler - {29C88E20-4234-41B9-A9DB-982958C95FB1} - C:\Program Files\PimpFish\PimpFish.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: FloatBar Class - {75B1A646-CDCE-4C06-B52F-84F4463B4FC8} - C:\Program Files\PimpFish\FloatBar.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Easy Gif Animator Toolbar Helper - {96372AB6-15EB-4316-B497-71C741BC548C} - C:\Program Files\Easy Gif Animator Extension\v3.2.0.0\EasyGifAnimator_Toolbar.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: iGraalBHO - {CF3C5900-BEC0-470E-AEE8-CE277C60667C} - C:\Program Files\iGraal\BHO.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O3 - Toolbar: PimpFish - {D593DE91-7B41-45C2-830E-E9A99AB142AA} - C:\Program Files\PimpFish\PimpFish.dll
    O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
    O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.2.0.0\EasyGifAnimator_Toolbar.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: iGraal Toolbar - {D01B1F7D-9D7F-46C3-8DB9-5A55819E2A7F} - C:\Program Files\iGraal\Toolbar.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
    O4 - Global Startup: Windows Live Mail (2).lnk = C:\Program Files\Windows Live\Mail\wlmail.exe
    O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: PimpFish - Saisir cette image - C:\Program Files\PimpFish\GRABPIC.HTM
    O8 - Extra context menu item: PimpFish - Saisir le fichier cible - C:\Program Files\PimpFish\GRABLINK.HTM
    O8 - Extra context menu item: PimpFish - Saisir les images auxquelles cette page est reliée - C:\Program Files\PimpFish\GRABPAGELINKS.HTM
    O8 - Extra context menu item: PimpFish - Saisir les images sur cette page - C:\Program Files\PimpFish\GRABPAGEPICS.HTM
    O8 - Extra context menu item: PimpFish - Saisir les vidéos sur cette page - C:\Program Files\PimpFish\GRABPAGEMOVIES.HTM
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: iGraal - {32893F3D-2B10-4B09-BA6A-8F20E7D33925} - C:\Program Files\iGraal\Button.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O15 - Trusted Zone: saturne.sernam.fr
    O16 - DPF: {F9726435-C558-11D6-B228-000629AEF22F} (PanelX Control) - http://saturne.sernam.fr/SATURNE/PanelXControl1.ocx
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
    O23 - Service: EBP Pervasive.SQL - Unknown owner - C:\PVSW\Bin\WGE_SRV.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: KeenfinderSrch Service - Unknown owner - C:\ProgramData\KeenfinderSrch\keenfinder136.exe (file missing)
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
    O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
    O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    0
  3. servabat Messages postés 2073 Statut Membre 269
     
    fixe la ligne :
    O23 - Service: KeenfinderSrch Service - Unknown owner - C:\ProgramData\KeenfinderSrch\keenfinder136.exe (file missing)
    ps: est-ce normal que tu est autant de toolbars et de pages de demmarages ??
    0
  4. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  5. moinele Messages postés 138 Statut Membre 1
     
    J'utilise aucune toolbar a part google j'utilise de temps en temps Explorer si nécessaire mais plus souvent Firefox !
    On peux les supprimer si il faut!
    0
  6. moinele Messages postés 138 Statut Membre 1
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 12:38:42, on 07/12/2009
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v8.00 (8.00.6001.18828)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\RocketDock\RocketDock.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Mail\wlmail.exe
    C:\Users\STPHAN~1\LOCALS~1\APPLIC~1\MICROS~1\sessmgr.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Windows\system32\conime.exe
    C:\Users\Stéphane\Downloads\hijackthis-2.0.2.75917.exe
    C:\Users\STPHAN~1\AppData\Local\Temp\hijackthis-2.0.2.75917.exe
    C:\Windows\system32\DllHost.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sernam.fr/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/...
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F3 - REG:win.ini: load=C:\Users\STPHAN~1\LOCALS~1\APPLIC~1\MICROS~1\sessmgr.exe
    O1 - Hosts: ::1 localhost
    O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
    O2 - BHO: PimpFish Toolbar Opcode Handler - {29C88E20-4234-41B9-A9DB-982958C95FB1} - C:\Program Files\PimpFish\PimpFish.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
    O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: FloatBar Class - {75B1A646-CDCE-4C06-B52F-84F4463B4FC8} - C:\Program Files\PimpFish\FloatBar.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Easy Gif Animator Toolbar Helper - {96372AB6-15EB-4316-B497-71C741BC548C} - C:\Program Files\Easy Gif Animator Extension\v3.2.0.0\EasyGifAnimator_Toolbar.dll
    O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: iGraalBHO - {CF3C5900-BEC0-470E-AEE8-CE277C60667C} - C:\Program Files\iGraal\BHO.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
    O3 - Toolbar: PimpFish - {D593DE91-7B41-45C2-830E-E9A99AB142AA} - C:\Program Files\PimpFish\PimpFish.dll
    O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
    O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
    O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.2.0.0\EasyGifAnimator_Toolbar.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: iGraal Toolbar - {D01B1F7D-9D7F-46C3-8DB9-5A55819E2A7F} - C:\Program Files\iGraal\Toolbar.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
    O4 - Global Startup: Windows Live Mail (2).lnk = C:\Program Files\Windows Live\Mail\wlmail.exe
    O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
    O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
    O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
    O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: PimpFish - Saisir cette image - C:\Program Files\PimpFish\GRABPIC.HTM
    O8 - Extra context menu item: PimpFish - Saisir le fichier cible - C:\Program Files\PimpFish\GRABLINK.HTM
    O8 - Extra context menu item: PimpFish - Saisir les images auxquelles cette page est reliée - C:\Program Files\PimpFish\GRABPAGELINKS.HTM
    O8 - Extra context menu item: PimpFish - Saisir les images sur cette page - C:\Program Files\PimpFish\GRABPAGEPICS.HTM
    O8 - Extra context menu item: PimpFish - Saisir les vidéos sur cette page - C:\Program Files\PimpFish\GRABPAGEMOVIES.HTM
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
    O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
    O9 - Extra button: iGraal - {32893F3D-2B10-4B09-BA6A-8F20E7D33925} - C:\Program Files\iGraal\Button.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O13 - Gopher Prefix:
    O15 - Trusted Zone: saturne.sernam.fr
    O16 - DPF: {F9726435-C558-11D6-B228-000629AEF22F} (PanelX Control) - http://saturne.sernam.fr/SATURNE/PanelXControl1.ocx
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
    O23 - Service: EBP Pervasive.SQL - Unknown owner - C:\PVSW\Bin\WGE_SRV.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
    O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
    O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
    O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: KeenfinderSrch Service - Unknown owner - C:\ProgramData\KeenfinderSrch\keenfinder136.exe (file missing)
    O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
    O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
    O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    0
  7. moinele Messages postés 138 Statut Membre 1
     
    Pages de demarrage sur quel navigateur?
    j'en une sur Firefox et 1 autre sur Internet explorer!
    a ma connaissance c'est tout!
    0
    1. servabat Messages postés 2073 Statut Membre 269
       
      a oui, (j'ai bu je vois triple ^^) tu n'a que http://www.sernam.fr/. masi tu a tout un tas de toolbars
      0
  8. moinele Messages postés 138 Statut Membre 1
     
    Quel serait les toolbar a désinstaller?
    0
  9. servabat Messages postés 2073 Statut Membre 269
     
    /!\ aucune toolbar n'est bonne, je te conseil donc de les supprimer toutes (sauf la google eventuellement , qui est la seule que j'ai et qui ne m'a jamains causé de problème)
    regarded le tuto malekal pour toolbar s&d ici
    0
  10. moinele Messages postés 138 Statut Membre 1
     
    en ce qui concerne mon soucie de malware cela devrait -il être OK!
    0
  11. moinele Messages postés 138 Statut Membre 1
     
    -----------\\ ToolBar S&D 1.2.9 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5550 @ 1.83GHz )
    BIOS : Ver 1.00PARTTBL
    USER : Stéphane ( Administrator )
    BOOT : Normal boot
    C:\ (Local Disk) - NTFS - Total:220 Go (Free:48 Go)
    D:\ (Local Disk) - NTFS - Total:11 Go (Free:2 Go)
    E:\ (Local Disk) - NTFS - Total:0 Go (Free:0 Go)
    F:\ (Local Disk) - NTFS - Total:111 Go (Free:103 Go)
    G:\ (CD or DVD)
    H:\ (CD or DVD)

    "C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
    Option : [1] ( 07/12/2009|13:16 )

    [ UAC => 1 ]

    -----------\\ Recherche de Fichiers / Dossiers ...

    C:\Program Files\DAEMON Tools Toolbar
    C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
    C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT
    C:\Program Files\DAEMON Tools Toolbar\Resources
    C:\Program Files\DAEMON Tools Toolbar\uninst.exe
    C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
    C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\chrome
    C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\chrome.manifest
    C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\components
    C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\install.rdf
    C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\chrome\dttoolbar.jar
    C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll
    C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.xpt
    C:\Program Files\DAEMON Tools Toolbar\Resources\about.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\as.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\as.png
    C:\Program Files\DAEMON Tools Toolbar\Resources\astro.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\b1.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\b1.png
    C:\Program Files\DAEMON Tools Toolbar\Resources\BurnImage.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\buy.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond000.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond001.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond003.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond004.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond005.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond006.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond007.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond008.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond009.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond010.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond011.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond019.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond020.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond021.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond022.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond023.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond024.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond025.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond026.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond037.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond038.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond039.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond040.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond041.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond046.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond048.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond050.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond051.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond052.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond053.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond054.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond055.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond056.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond057.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond058.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond059.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond060.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond061.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond062.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond063.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond064.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond065.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond066.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond067.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond068.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond069.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond075.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond076.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond077.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond078.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond079.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond080.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond084.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond085.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond086.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond087.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond088.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond089.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond090.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond091.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond092.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond093.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond094.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond095.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond108.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond109.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond110.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond111.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond112.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond113.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond120.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond121.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond122.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond126.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond127.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond128.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond129.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond130.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond131.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond132.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond133.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond134.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond135.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond136.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond137.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond138.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond140.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond141.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond142.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond143.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond148.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond149.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond152.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond154.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond155.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond156.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\cond157.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\d.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\d2.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\daemon.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\ds.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\dsearch.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\dt.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\DTPro.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\Dwnl.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\emulation.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\features.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\gd.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\globe.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\GrabImage.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\hb.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\hb.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\help.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\ip.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\lang.xml
    C:\Program Files\DAEMON Tools Toolbar\Resources\lingvo.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\m.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\mail.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\mailc.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_disable.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_down.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_m.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_under.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\mail_disable.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\mail_down.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\mail_m.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\mail_under.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\next.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\next_down.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\next_m.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\next_under.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\none.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\none_m.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\noW.gif
    C:\Program Files\DAEMON Tools Toolbar\Resources\op.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\pragma.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\prev.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\prev_down.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\prev_m.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\prev_under.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\prod.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\refresh.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_down.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_m.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_under.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\Rss.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\Rss1.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\rssClose.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\rssL.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\rssOpen.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\size.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\size_m.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\skins.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\spt.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\SupportRequest.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\time.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\TitleIcon.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\toolbar.xml
    C:\Program Files\DAEMON Tools Toolbar\Resources\trans.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\Trash.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_disable.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_down.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_m.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_under.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\u.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\wb.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_down.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_m.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_under.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\Weather_m42.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\Weather_m43.bmp
    C:\Program Files\DAEMON Tools Toolbar\Resources\wi.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\wi0.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\wi1.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\wi10.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\wi11.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\wi12.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\wi13.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\wi2.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\wi3.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\wi4.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\wi5.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\wi6.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\wi7.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\wi8.ico
    C:\Program Files\DAEMON Tools Toolbar\Resources\wi9.ico

    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://www.sernam.fr/"
    "Local Page"="C:\\Windows\\system32\\blank.htm"
    "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Url"="https://www.msn.com/fr-fr/actualite/"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF"
    "Default_Page_URL"="https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF"
    "Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Local Page"="C:\\Windows\\System32\\blank.htm"

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\Users\STPHAN~1\AppData\Roaming\Microsoft\Windows\Recent\[PC - Games] Grand Theft Auto GTA IV 4 Crack NoCD - Multi8 DVD1.iso.lnk
    C:\Users\STPHAN~1\AppData\Roaming\Microsoft\Windows\Recent\[PC - Games] Grand Theft Auto GTA IV 4 Crack NoCD - Multi8 DVD2.iso.lnk

    [ UAC => 1 ]

    1 - "C:\ToolBar SD\TB_1.txt" - 07/12/2009|13:18 - Option : [1]

    -----------\\ Fin du rapport a 13:18:44,53
    0
  12. moinele Messages postés 138 Statut Membre 1
     
    je viens de ravoir une alerte par mon antivirus!

    02/03/2009 17:06:11 SYSTEM 1660 Sign of "HTML:Iframe-inf" has been found in "http://cyclurba.fr/image/ISD/618/PAGE_01.HTM" file.
    02/03/2009 17:06:32 SYSTEM 1660 Sign of "HTML:Iframe-inf" has been found in "http://cyclurba.fr/image/ISD/618/PAGE_01.HTM" file.
    14/04/2009 15:54:26 SYSTEM 1656 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\Windows\System32\conime.exe (C:\Windows\System32\conime.exe) returning error, 00000005.
    30/04/2009 19:13:23 SYSTEM 1928 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\Users\Stéphane\AppData\Roaming\Skype\moinele\chatsync\57\57ddf32a95ef229d.dat (C:\Users\Stéphane\AppData\Roaming\Skype\moinele\chatsync\57\57ddf32a95ef229d.dat) returning error, 00000005.
    01/06/2009 19:26:44 SYSTEM 1716 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\Users\Stéphane\AppData\Roaming\Skype\moinele\chatsync\2b\2b537eea84e51d5d.dat (C:\Users\Stéphane\AppData\Roaming\Skype\moinele\chatsync\2b\2b537eea84e51d5d.dat) returning error, 00000005.
    22/06/2009 15:24:19 SYSTEM 1712 Sign of "VBS:Malware-gen" has been found in "H:\AUTORUN.INF" file.
    04/07/2009 08:59:25 SYSTEM 1660 Sign of "VBS:Malware-gen" has been found in "E:\AUTORUN.INF" file.
    03/09/2009 17:42:54 SYSTEM 1772 Sign of "HTML:IFrame-BX [Trj]" has been found in "http://www.bali-mondial-export.com/js/jquery.js" file.
    18/09/2009 17:34:30 SYSTEM 1680 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\Users\Stéphane\AppData\Roaming\Microsoft\Office\Recent\Desktop.LNK (C:\Users\Stéphane\AppData\Roaming\Microsoft\Office\Recent\Desktop.LNK) returning error, 00000026.
    22/10/2009 19:11:23 SYSTEM 1680 Sign of "Win32:Adware-gen [Adw]" has been found in "C:\Users\Stéphane\Downloads\eMule\Incoming\[CrackNoCD] Sherlock Holmes contre Jack l'Eventreur serial.zip\Setup.exe\Setup_02.exe\Setup_01.exe\Setup_00.exe\LINKOP~1.EXE" file.
    23/10/2009 12:04:59 SYSTEM 1720 Sign of "Win32:Downloader-CSJ [Trj]" has been found in "C:\Users\Stéphane\Downloads\eMule\Incoming\Keygen keygen Sherlock Holmes Contre Jack l'Eventreur.zip\Setup32.exe" file.
    23/10/2009 15:49:18 SYSTEM 1720 Sign of "Win32:Adware-gen [Adw]" has been found in "C:\Users\Stéphane\Downloads\eMule\Incoming\crack Sherlock Holmes contre Jack L'éventreur crack(no cd).zip\Install.exe\Setup_01.exe\Setup_00.exe\LINKOP~1.EXE" file.
    23/10/2009 15:50:53 SYSTEM 1720 Sign of "Win32:Adware-gen [Adw]" has been found in "C:\Users\Stéphane\AppData\Local\Temp\IXP002.TMP\LINKOP~1.EXE" file.
    25/10/2009 13:09:03 SYSTEM 1624 Sign of "Win32:Zlob-CXG [Trj]" has been found in "C:\Users\Stéphane\Downloads\eMule\Incoming\sherlock holmes vs jack the ripper [CrackNoCD].zip\Install.exe" file.
    16/11/2009 19:12:49 SYSTEM 1644 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\Windows\System32\conime.exe (C:\Windows\System32\conime.exe) returning error, 00000005.
    23/11/2009 13:05:39 SYSTEM 1612 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml47\smss.exe" file.
    23/11/2009 14:29:51 SYSTEM 1612 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml47\smss.exe" file.
    23/11/2009 14:57:56 SYSTEM 1612 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml47\smss.exe" file.
    23/11/2009 15:26:02 SYSTEM 1612 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml47\smss.exe" file.
    23/11/2009 15:54:05 SYSTEM 1612 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml47\smss.exe" file.
    23/11/2009 17:11:13 SYSTEM 1672 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml47\smss.exe" file.
    23/11/2009 17:39:17 SYSTEM 1672 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml47\smss.exe" file.
    24/11/2009 10:05:30 SYSTEM 1672 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml47\smss.exe" file.
    24/11/2009 10:47:36 SYSTEM 1672 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml47\smss.exe" file.
    24/11/2009 11:15:40 SYSTEM 1672 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml47\smss.exe" file.
    24/11/2009 12:25:51 SYSTEM 1672 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml47\smss.exe" file.
    24/11/2009 12:53:56 SYSTEM 1672 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml47\smss.exe" file.
    27/11/2009 19:20:54 SYSTEM 1640 Sign of "HTML:Script-inf" has been found in "https://www.hugedomains.com/domain_profile.cfm?d=lannuaireinverse&e=com" file.
    29/11/2009 13:50:02 SYSTEM 1648 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml52\smss.exe" file.
    29/11/2009 17:29:58 SYSTEM 1648 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml52\smss.exe" file.
    29/11/2009 18:12:06 SYSTEM 1648 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml52\smss.exe" file.
    30/11/2009 09:40:08 SYSTEM 1668 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml52\smss.exe" file.
    30/11/2009 10:22:15 SYSTEM 1668 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml52\smss.exe" file.
    30/11/2009 10:36:17 SYSTEM 1668 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml52\smss.exe" file.
    30/11/2009 11:04:22 SYSTEM 1668 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml52\smss.exe" file.
    30/11/2009 11:18:24 SYSTEM 1668 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml52\smss.exe" file.
    30/11/2009 11:46:29 SYSTEM 1668 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml52\smss.exe" file.
    30/11/2009 12:00:35 SYSTEM 1668 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml52\smss.exe" file.
    30/11/2009 12:17:10 SYSTEM 1668 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml53\smss.exe" file.
    30/11/2009 13:14:02 SYSTEM 1668 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml53\smss.exe" file.
    30/11/2009 15:46:25 SYSTEM 1668 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml53\smss.exe" file.
    30/11/2009 18:22:03 SYSTEM 1668 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml54\smss.exe" file.
    01/12/2009 10:21:37 SYSTEM 1680 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml54\smss.exe" file.
    01/12/2009 10:35:37 SYSTEM 1680 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml54\smss.exe" file.
    01/12/2009 13:52:10 SYSTEM 1680 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml54\smss.exe" file.
    01/12/2009 14:06:10 SYSTEM 1680 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml54\smss.exe" file.
    01/12/2009 14:08:05 SYSTEM 1680 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml54\smss.exe" file.
    02/12/2009 14:01:11 SYSTEM 1680 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml57\smss.exe" file.
    02/12/2009 16:21:32 SYSTEM 1680 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml57\smss.exe" file.
    03/12/2009 09:10:58 SYSTEM 1664 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml57\smss.exe" file.
    03/12/2009 09:53:05 SYSTEM 1664 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml57\smss.exe" file.
    06/12/2009 01:02:41 SYSTEM 1648 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml59\smss.exe" file.
    06/12/2009 01:02:52 SYSTEM 1648 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml59\smss.exe" file.
    06/12/2009 10:40:06 SYSTEM 1648 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml59\smss.exe" file.
    06/12/2009 10:40:22 SYSTEM 1648 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml59\smss.exe" file.
    06/12/2009 11:08:15 SYSTEM 1648 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml59\smss.exe" file.
    07/12/2009 08:56:32 SYSTEM 1696 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml60\smss.exe" file.
    07/12/2009 09:24:14 SYSTEM 1696 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml60\smss.exe" file.
    07/12/2009 10:20:23 SYSTEM 1696 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml60\smss.exe" file.
    07/12/2009 10:34:25 SYSTEM 1696 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml60\smss.exe" file.
    07/12/2009 10:48:27 SYSTEM 1696 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml60\smss.exe" file.
    07/12/2009 11:02:29 SYSTEM 1696 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml60\smss.exe" file.
    07/12/2009 11:16:32 SYSTEM 1696 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml60\smss.exe" file.
    07/12/2009 11:44:36 SYSTEM 1696 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml60\smss.exe" file.
    07/12/2009 12:12:40 SYSTEM 1696 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml60\smss.exe" file.
    07/12/2009 13:22:51 SYSTEM 1696 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml60\smss.exe" file.
    0
  13. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    bonjour

    ceci est néfaste...

    O23 - Service: KeenfinderSrch Service - Unknown owner - C:\ProgramData\KeenfinderSrch\keenfinder136.exe (file missing)

    1) fait l'option 2 suppression de Toolbar-S&D

    2)Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent

    ▶ Télécharge List&Kill'em et enregistre le sur ton bureau

    http://sd-1.archive-host.com/membres/up/829108531491024/List_Killem.exe

    Il ne necessite pas d'installation

    ▶double clic (clic droit "executer en tant qu'administrateur" pour Vista) pour lancer le scan

    choisis la langue puis choisis l'option 1 = Mode Recherche

    ▶laisse travailler l'outil

    à la fin du scan la fenêtre se referme seule.

    ouvre C:\List'em.txt

    ▶colle le contenu dans ta prochaine réponse
    0
  14. moinele Messages postés 138 Statut Membre 1
     
    -----------\\ ToolBar S&D 1.2.9 XP/Vista

    Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
    X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5550 @ 1.83GHz )
    BIOS : Ver 1.00PARTTBL
    USER : Stéphane ( Administrator )
    BOOT : Normal boot
    C:\ (Local Disk) - NTFS - Total:220 Go (Free:48 Go)
    D:\ (Local Disk) - NTFS - Total:11 Go (Free:2 Go)
    E:\ (Local Disk) - NTFS - Total:0 Go (Free:0 Go)
    F:\ (Local Disk) - NTFS - Total:111 Go (Free:103 Go)
    G:\ (CD or DVD)
    H:\ (CD or DVD)

    "C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
    Option : [2] ( 07/12/2009|13:51 )

    [ UAC => 1 ]

    -----------\\ SUPPRESSION

    Supprime! - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
    Supprime! - C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT
    Supprime! - C:\Program Files\DAEMON Tools Toolbar\Resources
    Supprime! - C:\Program Files\DAEMON Tools Toolbar\uninst.exe
    Supprime! - C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
    Supprime! - C:\Program Files\DAEMON Tools Toolbar

    -----------\\ Recherche de Fichiers / Dossiers ...

    -----------\\ [..\Internet Explorer\Main]

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://www.sernam.fr/"
    "Local Page"="C:\\Windows\\system32\\blank.htm"
    "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Url"="https://www.msn.com/fr-fr/actualite/"

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="https://www.msn.com/fr-fr/"
    "Default_Page_URL"="https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF"
    "Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
    "Local Page"="C:\\Windows\\System32\\blank.htm"

    --------------------\\ Recherche d'autres infections

    --------------------\\ Cracks & Keygens ..

    C:\Users\STPHAN~1\AppData\Roaming\Microsoft\Windows\Recent\[PC - Games] Grand Theft Auto GTA IV 4 Crack NoCD - Multi8 DVD1.iso.lnk
    C:\Users\STPHAN~1\AppData\Roaming\Microsoft\Windows\Recent\[PC - Games] Grand Theft Auto GTA IV 4 Crack NoCD - Multi8 DVD2.iso.lnk

    [ UAC => 1 ]

    1 - "C:\ToolBar SD\TB_1.txt" - 07/12/2009|13:18 - Option : [1]
    2 - "C:\ToolBar SD\TB_2.txt" - 07/12/2009|13:53 - Option : [2]

    -----------\\ Fin du rapport a 13:53:05,08
    0
  15. moinele Messages postés 138 Statut Membre 1
     
    "http://sd-1.archive-host.com/membres/up/829108531491024/List_Killem.exe "

    404 - Not Found
    0
  16. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    http://sd-1.archive-host.com/membres/up/829108531491024/List_Killem.zip
    0
  17. moinele Messages postés 138 Statut Membre 1
     
    il reste bloqué sur "tests rootkits..... Patience......"
    0
  18. moinele Messages postés 138 Statut Membre 1
     
    List'em by g3n-h@ckm@n 1.1.2.1

    Thx to Chiquitine29.....

    User : Stéphane (Administrateurs) # PC-DE-CHARCAST
    Update on 07/12/2009 by g3n-h@ckm@n ::::: 11:00
    Start at: 14:03:08 | 07/12/2009
    Contact : g3n-h@ckm@n sur CCM

    Intel(R) Core(TM)2 Duo CPU T5550 @ 1.83GHz
    Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
    Internet Explorer 8.0.6001.18828
    Windows Firewall Status : Disabled

    C:\ -> Disque fixe local | 220,96 Go (48,54 Go free) | NTFS
    D:\ -> Disque fixe local | 11,93 Go (2,14 Go free) [HP_RECOVERY] | NTFS
    E:\ -> Disque fixe local | 200 Mo (168,03 Mo free) | NTFS
    F:\ -> Disque fixe local | 111,59 Go (103,39 Go free) [Emeraude-Corp] | NTFS
    G:\ -> Disque CD-ROM
    H:\ -> Disque CD-ROM

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

    C:\Windows\System32\smss.exe 480
    C:\Windows\system32\csrss.exe 612
    C:\Windows\system32\wininit.exe 664
    C:\Windows\system32\csrss.exe 676
    C:\Windows\system32\services.exe 712
    C:\Windows\system32\lsass.exe 728
    C:\Windows\system32\lsm.exe 736
    C:\Windows\system32\svchost.exe 884
    C:\Windows\system32\nvvsvc.exe 952
    C:\Windows\system32\svchost.exe 980
    C:\Windows\System32\svchost.exe 1032
    C:\Windows\System32\svchost.exe 1072
    C:\Windows\System32\svchost.exe 1104
    C:\Windows\system32\svchost.exe 1120
    C:\Windows\system32\winlogon.exe 1192
    C:\Windows\system32\svchost.exe 1268
    C:\Windows\system32\SLsvc.exe 1284
    C:\Windows\system32\svchost.exe 1328
    C:\Windows\system32\svchost.exe 1452
    C:\Windows\system32\WLANExt.exe 1600
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1672
    C:\Program Files\Alwil Software\Avast4\ashServ.exe 1696
    C:\Windows\System32\spoolsv.exe 1948
    C:\Windows\system32\svchost.exe 1976
    C:\Windows\system32\rundll32.exe 348
    C:\Windows\system32\taskeng.exe 2140
    C:\Windows\system32\Dwm.exe 2260
    C:\Windows\system32\taskeng.exe 2276
    C:\Windows\Explorer.EXE 2312
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 2440
    C:\Windows\system32\svchost.exe 2460
    C:\PVSW\Bin\WGE_SRV.exe 2488
    C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe 2512
    C:\Windows\system32\svchost.exe 2664
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe 2692
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe 2752
    C:\Windows\System32\svchost.exe 2888
    C:\Windows\system32\IoctlSvc.exe 2932
    C:\Windows\System32\svchost.exe 2956
    C:\Windows\system32\svchost.exe 2984
    C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe 3000
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe 3072
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 3088
    C:\Program Files\RocketDock\RocketDock.exe 3160
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe 3168
    C:\Program Files\Skype\Phone\Skype.exe 3184
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe 3228
    C:\Program Files\Windows Live\Mail\wlmail.exe 3304
    C:\PVSW\BIN\W3dbsmgr.EXE 3328
    C:\Users\STPHAN~1\LOCALS~1\APPLIC~1\MICROS~1\sessmgr.exe 3372
    C:\Program Files\CyberLink\Shared Files\RichVideo.exe 3392
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 3424
    C:\Windows\system32\svchost.exe 3484
    C:\Windows\System32\svchost.exe 3552
    C:\Windows\system32\SearchIndexer.exe 3604
    C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe 3636
    C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe 4036
    C:\Windows\system32\wbem\unsecapp.exe 2812
    C:\Windows\system32\wbem\wmiprvse.exe 3708
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe 3180
    C:\Program Files\Skype\Plugin Manager\skypePM.exe 4364
    C:\Program Files\Windows Live\Contacts\wlcomm.exe 4988
    c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe 5244
    C:\Windows\system32\svchost.exe 5916
    C:\Program Files\Windows Media Player\wmpnetwk.exe 6128
    C:\Windows\system32\conime.exe 1276
    C:\Windows\system32\taskeng.exe 5528
    C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroTray.exe 460
    C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 1724
    C:\Program Files\Mozilla Firefox\firefox.exe 5736
    C:\Windows\system32\rundll32.exe 1116
    C:\Windows\system32\FirewallControlPanel.exe 5132
    C:\Program Files\Internet Explorer\IELowutil.exe 5828
    C:\Windows\system32\SearchProtocolHost.exe 2120
    C:\Windows\system32\SearchFilterHost.exe 4288
    C:\Program Files\WinRAR\WinRAR.exe 2636
    C:\Users\Stéphane\Desktop\List_Kill'em.exe 5564
    C:\Windows\system32\cmd.exe 5532
    C:\Windows\system32\wbem\wmiprvse.exe 3964
    C:\Users\Stéphane\AppData\Local\Temp\24.tmp\pv.exe 3740

    ======================
    Keys "Run"
    ======================

    ! REG.EXE VERSION 3.0

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    RocketDock REG_SZ "C:\Program Files\RocketDock\RocketDock.exe"
    SpybotSD TeaTimer REG_SZ C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    Skype REG_SZ "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    msnmsgr REG_SZ "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    eMuleAutoStart REG_SZ C:\Program Files\eMule\emule.exe -AutoStart

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater

    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    SynTPEnh REG_SZ C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    QuickTime Task REG_SZ "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    iTunesHelper REG_SZ "C:\Program Files\iTunes\iTunesHelper.exe"

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents
    =====================
    Other Keys
    =====================

    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System
    ConsentPromptBehaviorAdmin REG_DWORD 0x2
    ConsentPromptBehaviorUser REG_DWORD 0x1
    EnableInstallerDetection REG_DWORD 0x1
    EnableLUA REG_DWORD 0x1
    EnableSecureUIAPaths REG_DWORD 0x1
    EnableVirtualization REG_DWORD 0x1
    PromptOnSecureDesktop REG_DWORD 0x1
    ValidateAdminCodeSignatures REG_DWORD 0x0
    dontdisplaylastusername REG_DWORD 0x0
    legalnoticecaption REG_SZ
    legalnoticetext REG_SZ
    scforceoption REG_DWORD 0x0
    shutdownwithoutlogon REG_DWORD 0x1
    undockwithoutlogon REG_DWORD 0x1
    FilterAdministratorToken REG_DWORD 0x0
    EnableUIADesktopToggle REG_DWORD 0x0

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI
    ===============

    ===============
    ===============
    BHO :
    ======
    Windows Registry Editor Version 5.00

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    @=""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
    @=""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{29C88E20-4234-41B9-A9DB-982958C95FB1}]
    @="PimpFish Toolbar Opcode Handler"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
    @=""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
    @="NCO 2.0 IE BHO"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
    @="Symantec Intrusion Prevention"
    "NoExplorer"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
    @="Search Helper"
    "NoExplorer"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75B1A646-CDCE-4C06-B52F-84F4463B4FC8}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    "NoExplorer"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96372AB6-15EB-4316-B497-71C741BC548C}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
    @=""

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CF3C5900-BEC0-470E-AEE8-CE277C60667C}]
    @="iGraalBHO"
    "NoExplorer"=dword:00000001

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
    "NoExplorer"=dword:00000001

    ================
    Internet Explorer :
    ================

    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main
    Start Page REG_SZ https://www.msn.com/fr-fr/

    ! REG.EXE VERSION 3.0

    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
    Start Page REG_SZ http://www.sernam.fr/

    ========
    Services
    ========
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]

    Ndisuio : 0x3
    EapHost : 0x3
    Wlansvc : 0x2
    SharedAccess : 0x3
    windefend : 0x2
    wuauserv : 0x2
    =========

    =========================
    Environnement variables :
    =========================

    ALLUSERSPROFILE=C:\ProgramData
    APPDATA=C:\Users\St‚phane\AppData\Roaming
    choix=1
    CLASSPATH=.;C:\Program Files\Java\jre1.6.0_04\lib\ext\QTJava.zip
    CommonProgramFiles=C:\Program Files\Common Files
    COMPUTERNAME=PC-DE-CHARCAST
    ComSpec=C:\Windows\system32\cmd.exe
    FP_NO_HOST_CHECK=NO
    HOMEDRIVE=C:
    HOMEPATH=\Users\St‚phane
    LOCALAPPDATA=C:\Users\St‚phane\AppData\Local
    LOGONSERVER=\\PC-DE-CHARCAST
    NUMBER_OF_PROCESSORS=2
    OnlineServices=Services en ligne
    OS=Windows_NT
    Path=C:\Program Files\PC Connectivity Solution\;C:\PVSW\Bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\CyberLink\Power2Go\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\Borland\Common Files\BDE;C:\Program Files\QuickTime\QTSystem\
    PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    PCBRAND=Pavilion
    PLATFORM=MCD
    PROCESSOR_ARCHITECTURE=x86
    PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 13, GenuineIntel
    PROCESSOR_LEVEL=6
    PROCESSOR_REVISION=0f0d
    ProgramData=C:\ProgramData
    ProgramFiles=C:\Program Files
    PROMPT=$P$G
    PUBLIC=C:\Users\Public
    QTJAVA=C:\Program Files\Java\jre1.6.0_04\lib\ext\QTJava.zip
    RGSC=C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_0_0_0
    RGSCLauncher=C:\Program Files\Rockstar Games\Rockstar Games Social Club
    SystemDrive=C:
    SystemRoot=C:\Windows
    TEMP=C:\Users\STPHAN~1\AppData\Local\Temp
    TMP=C:\Users\STPHAN~1\AppData\Local\Temp
    USERDOMAIN=PC-de-Charcast
    USERNAME=St‚phane
    USERPART=E:
    USERPROFILE=C:\Users\St‚phane
    windir=C:\Windows

    ==========
    Programs
    ==========

    Adobe
    AGEIA Technologies
    Alwil Software
    Amara - Intro and Banner Builder
    Amara - Slide Show Builder
    AnalogX
    Apple Software Update
    AtomixMP3
    AVG
    Beneton Movie GIF
    BestPractice
    Bonjour
    Borland
    Broadcom
    Canon
    CardDetector
    CCleaner
    Circle Developement
    Codemasters
    Common Files
    Convertisseur 2006
    CSV Converter
    CyberLink
    DAEMON Tools Lite
    DebugMode
    desktop.ini
    DIFX
    DivX
    Easy GIF Animator
    Easy Gif Animator Extension
    eBay
    EBP
    eMule
    Fichiers communs
    FileZilla FTP Client
    GIF Movie Gear
    Google
    Grammatica
    GVAO Install
    Hewlett-Packard
    Hp
    HP Games
    HPQ
    iGraal
    IKEA HomePlanner
    InstallShield Installation Information
    Intel
    Internet Explorer
    iPod
    iTunes
    IVT Corporation
    Java
    jv16 PowerTools
    K-Lite Codec Pack
    KeenfinderSrch
    Lavalys
    ma-config.com
    Messenger Plus! Live
    Micro Application
    Microsoft
    Microsoft Games
    Microsoft Games for Windows - LIVE
    Microsoft Office
    Microsoft Office Outlook Connector
    Microsoft Picture It! 7
    Microsoft Silverlight
    Microsoft SQL Server Compact Edition
    Microsoft Sync Framework
    Microsoft Visual Studio
    Microsoft Visual Studio 8
    Microsoft Visual Studio 8(450)
    Microsoft Windows 7 Upgrade Advisor
    Microsoft Works
    Microsoft Works Suite 2003
    Microsoft.NET
    Middleware
    Motorola
    Movie Maker
    Mozilla Firefox
    MSBuild
    MSXML 4.0
    Nego
    Nero
    Nokia
    Nokia2
    OpenOffice.org 2.4
    Orange
    Ord-ixSofts
    OVH
    PC Connectivity Solution
    Picture Resize
    PimpFish
    Pure Motion
    QuickTime
    Realtek
    Reference Assemblies
    Resize Pictures Plus
    Rippackv3
    RocketDock
    Rockstar Games
    Safari
    Services en ligne
    ShopFactory V6
    Skype
    Sonic Foundry
    Spybot - Search & Destroy
    SWF to GIF
    SWF-AVI-GIF Converter
    Synaptics
    Trackstick Manager
    Ultralingua
    Uninstall Information
    Urban Research
    Utilitaire de configuration iPhone
    Viewpoint
    VirtualDJ
    VSO
    Web Publish
    WebSite Complete eCommerce Edition
    Windows Calendar
    Windows Collaboration
    Windows Defender
    Windows Journal
    Windows Live
    Windows Live SkyDrive
    Windows Mail
    Windows Media Player
    Windows NT
    Windows Photo Gallery
    Windows Portable Devices
    Windows Sidebar
    WindSolutions
    wings3d_1.0.1
    WinRAR
    WinTV
    Zylom Games

    ¤¤¤¤¤¤¤¤¤¤ Files/folders :

    C:\Program Files\Circle Developement
    C:\Windows\system32\MSINET.oca
    C:\Windows\System32\SET6669.tmp
    C:\Windows\System32\SET6718.tmp
    C:\Users\St‚phane\LOCAL Settings\Temp\hijackthis-2.0.2.75917.exe
    C:\Users\St‚phane\LOCAL Settings\Temp\_isBC91.exe

    ¤¤¤¤¤¤¤¤¤¤ Keys :

    =========
    Rootkits
    =========

    catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2009-12-07 14:05:02
    Windows 6.0.6002 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden services & system hive ...

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a9411ec71]
    "001ccc570099"=hex:97,da,bf,cf,7c,1d,a5,66,59,75,8d,03,21,91,d6,d4
    "0012d20c1a10"=hex:49,50,4f,44,64,b7,d3,01,17,a6,bf,85,7e,ba,46,48
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
    "s1"=dword:2df9c43f
    "s2"=dword:110480d0
    "h0"=dword:00000001

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
    "p0"="C:\Program Files\DAEMON Tools Lite\"
    "h0"=dword:00000000
    "khjeh"=hex:e2,a4,15,ba,7b,bb,85,df,eb,14,7b,71,ed,1f,bf,c5,1a,e6,f1,7e,64,..

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
    "a0"=hex:20,01,00,00,98,c6,69,b3,d8,1c,8e,df,18,57,15,7a,1c,51,40,04,be,..
    "khjeh"=hex:83,cf,d2,2a,c5,4e,89,9f,ba,73,ea,97,0c,4d,a5,e2,80,87,bf,44,66,..

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
    "khjeh"=hex:d1,2d,38,b3,b3,00,53,5e,73,e6,2a,7e,18,a1,8a,55,60,69,a6,66,3e,..

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
    "khjeh"=hex:6b,db,00,5e,1f,f4,5f,4f,4d,7a,3a,6b,3f,3f,a3,dd,aa,3f,a7,20,97,..
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000a9411ec71]
    "001ccc570099"=hex:97,da,bf,cf,7c,1d,a5,66,59,75,8d,03,21,91,d6,d4
    "0012d20c1a10"=hex:49,50,4f,44,64,b7,d3,01,17,a6,bf,85,7e,ba,46,48
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
    "p0"="C:\Program Files\DAEMON Tools Lite\"
    "h0"=dword:00000000
    "khjeh"=hex:e2,a4,15,ba,7b,bb,85,df,eb,14,7b,71,ed,1f,bf,c5,1a,e6,f1,7e,64,..

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
    "a0"=hex:20,01,00,00,98,c6,69,b3,d8,1c,8e,df,18,57,15,7a,1c,51,40,04,be,..
    "khjeh"=hex:83,cf,d2,2a,c5,4e,89,9f,ba,73,ea,97,0c,4d,a5,e2,80,87,bf,44,66,..

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
    "khjeh"=hex:d1,2d,38,b3,b3,00,53,5e,73,e6,2a,7e,18,a1,8a,55,60,69,a6,66,3e,..

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
    "khjeh"=hex:6b,db,00,5e,1f,f4,5f,4f,4d,7a,3a,6b,3f,3f,a3,dd,aa,3f,a7,20,97,..

    scanning hidden registry entries ...

    scanning hidden files ...
    0
  19. moment de grace Messages postés 29099 Date d'inscription   Statut Contributeur sécurité Dernière intervention   2 274
     
    le rapport n'est pas complet

    ca finit ainsi

    ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
    0
  20. moinele Messages postés 138 Statut Membre 1
     
    Ok je recommence!
    0
  • 1
  • 2