Sujet Précédent Sujet Suivant

Malware recurent smss.exe

Fermé
moinele Messages postés 136 Date d'inscription jeudi 30 décembre 2004 Statut Membre Dernière intervention 5 janvier 2015 - 7 déc. 2009 à 12:13
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 - 8 déc. 2009 à 12:06
Bonjour a tous,
Je suis sous Vista Edition Familiale Premium 32 bits,
mon antivirus m'annonce régulièrement être infecté par un malware (virus/vers) "smss.exe"!
J'ai fais un Ccleaner, Spybot et j'ai controlé le démarrage dans msconfig, mais rien d'anormal!
Merci de m'aider a l'éradiquer!
@+
A voir également:

30 réponses

  • 1
  • 2
Réponse 1 / 30
Utilisateur anonyme
7 déc. 2009 à 12:16
Voir ce topic : https://forums.commentcamarche.net/forum/affich-996061-trojan-smss-exe
0
Réponse 2 / 30
servabat Messages postés 1881 Date d'inscription jeudi 2 octobre 2008 Statut Membre Dernière intervention 17 septembre 2012 269
7 déc. 2009 à 12:19
salut.
telecharge hijackthis ici, installe le et demarre le. Ensuite, appuie sur le bouton "do a system scan and save a log file". A la fin , il t'ouvrira le bloc-note avec qq chose dedans. copie colle le contenu ici dans un post.
0
Réponse 3 / 30
moinele Messages postés 136 Date d'inscription jeudi 30 décembre 2004 Statut Membre Dernière intervention 5 janvier 2015 1
7 déc. 2009 à 12:25
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:24:44, on 07/12/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Users\STPHAN~1\LOCALS~1\APPLIC~1\MICROS~1\sessmgr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\EBP\GestionCommerciale14.0\Gestion.exe
C:\Windows\system32\conime.exe
C:\Users\Stéphane\Downloads\hijackthis-2.0.2.75917.exe
C:\Users\STPHAN~1\AppData\Local\Temp\hijackthis-2.0.2.75917.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sernam.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F3 - REG:win.ini: load=C:\Users\STPHAN~1\LOCALS~1\APPLIC~1\MICROS~1\sessmgr.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: PimpFish Toolbar Opcode Handler - {29C88E20-4234-41B9-A9DB-982958C95FB1} - C:\Program Files\PimpFish\PimpFish.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: FloatBar Class - {75B1A646-CDCE-4C06-B52F-84F4463B4FC8} - C:\Program Files\PimpFish\FloatBar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Gif Animator Toolbar Helper - {96372AB6-15EB-4316-B497-71C741BC548C} - C:\Program Files\Easy Gif Animator Extension\v3.2.0.0\EasyGifAnimator_Toolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: iGraalBHO - {CF3C5900-BEC0-470E-AEE8-CE277C60667C} - C:\Program Files\iGraal\BHO.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: PimpFish - {D593DE91-7B41-45C2-830E-E9A99AB142AA} - C:\Program Files\PimpFish\PimpFish.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.2.0.0\EasyGifAnimator_Toolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: iGraal Toolbar - {D01B1F7D-9D7F-46C3-8DB9-5A55819E2A7F} - C:\Program Files\iGraal\Toolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Global Startup: Windows Live Mail (2).lnk = C:\Program Files\Windows Live\Mail\wlmail.exe
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: PimpFish - Saisir cette image - C:\Program Files\PimpFish\GRABPIC.HTM
O8 - Extra context menu item: PimpFish - Saisir le fichier cible - C:\Program Files\PimpFish\GRABLINK.HTM
O8 - Extra context menu item: PimpFish - Saisir les images auxquelles cette page est reliée - C:\Program Files\PimpFish\GRABPAGELINKS.HTM
O8 - Extra context menu item: PimpFish - Saisir les images sur cette page - C:\Program Files\PimpFish\GRABPAGEPICS.HTM
O8 - Extra context menu item: PimpFish - Saisir les vidéos sur cette page - C:\Program Files\PimpFish\GRABPAGEMOVIES.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: iGraal - {32893F3D-2B10-4B09-BA6A-8F20E7D33925} - C:\Program Files\iGraal\Button.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: saturne.sernam.fr
O16 - DPF: {F9726435-C558-11D6-B228-000629AEF22F} (PanelX Control) - http://saturne.sernam.fr/SATURNE/PanelXControl1.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: EBP Pervasive.SQL - Unknown owner - C:\PVSW\Bin\WGE_SRV.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KeenfinderSrch Service - Unknown owner - C:\ProgramData\KeenfinderSrch\keenfinder136.exe (file missing)
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
0
Réponse 4 / 30
servabat Messages postés 1881 Date d'inscription jeudi 2 octobre 2008 Statut Membre Dernière intervention 17 septembre 2012 269
7 déc. 2009 à 12:33
fixe la ligne :
O23 - Service: KeenfinderSrch Service - Unknown owner - C:\ProgramData\KeenfinderSrch\keenfinder136.exe (file missing)
ps: est-ce normal que tu est autant de toolbars et de pages de demmarages ??
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 30
moinele Messages postés 136 Date d'inscription jeudi 30 décembre 2004 Statut Membre Dernière intervention 5 janvier 2015 1
7 déc. 2009 à 12:36
J'utilise aucune toolbar a part google j'utilise de temps en temps Explorer si nécessaire mais plus souvent Firefox !
On peux les supprimer si il faut!
0
Réponse 6 / 30
moinele Messages postés 136 Date d'inscription jeudi 30 décembre 2004 Statut Membre Dernière intervention 5 janvier 2015 1
7 déc. 2009 à 12:38
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:38:42, on 07/12/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Users\STPHAN~1\LOCALS~1\APPLIC~1\MICROS~1\sessmgr.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\conime.exe
C:\Users\Stéphane\Downloads\hijackthis-2.0.2.75917.exe
C:\Users\STPHAN~1\AppData\Local\Temp\hijackthis-2.0.2.75917.exe
C:\Windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sernam.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F3 - REG:win.ini: load=C:\Users\STPHAN~1\LOCALS~1\APPLIC~1\MICROS~1\sessmgr.exe
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ContributeBHO Class - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O2 - BHO: PimpFish Toolbar Opcode Handler - {29C88E20-4234-41B9-A9DB-982958C95FB1} - C:\Program Files\PimpFish\PimpFish.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: FloatBar Class - {75B1A646-CDCE-4C06-B52F-84F4463B4FC8} - C:\Program Files\PimpFish\FloatBar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Easy Gif Animator Toolbar Helper - {96372AB6-15EB-4316-B497-71C741BC548C} - C:\Program Files\Easy Gif Animator Extension\v3.2.0.0\EasyGifAnimator_Toolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: iGraalBHO - {CF3C5900-BEC0-470E-AEE8-CE277C60667C} - C:\Program Files\iGraal\BHO.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: PimpFish - {D593DE91-7B41-45C2-830E-E9A99AB142AA} - C:\Program Files\PimpFish\PimpFish.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.2.0.0\EasyGifAnimator_Toolbar.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: iGraal Toolbar - {D01B1F7D-9D7F-46C3-8DB9-5A55819E2A7F} - C:\Program Files\iGraal\Toolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - Global Startup: Windows Live Mail (2).lnk = C:\Program Files\Windows Live\Mail\wlmail.exe
O8 - Extra context menu item: Ajouter au fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: PimpFish - Saisir cette image - C:\Program Files\PimpFish\GRABPIC.HTM
O8 - Extra context menu item: PimpFish - Saisir le fichier cible - C:\Program Files\PimpFish\GRABLINK.HTM
O8 - Extra context menu item: PimpFish - Saisir les images auxquelles cette page est reliée - C:\Program Files\PimpFish\GRABPAGELINKS.HTM
O8 - Extra context menu item: PimpFish - Saisir les images sur cette page - C:\Program Files\PimpFish\GRABPAGEPICS.HTM
O8 - Extra context menu item: PimpFish - Saisir les vidéos sur cette page - C:\Program Files\PimpFish\GRABPAGEMOVIES.HTM
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: iGraal - {32893F3D-2B10-4B09-BA6A-8F20E7D33925} - C:\Program Files\iGraal\Button.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O15 - Trusted Zone: saturne.sernam.fr
O16 - DPF: {F9726435-C558-11D6-B228-000629AEF22F} (PanelX Control) - http://saturne.sernam.fr/SATURNE/PanelXControl1.ocx
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Version Cue CS3 {fr_FR} (Adobe Version Cue CS3) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: EBP Pervasive.SQL - Unknown owner - C:\PVSW\Bin\WGE_SRV.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KeenfinderSrch Service - Unknown owner - C:\ProgramData\KeenfinderSrch\keenfinder136.exe (file missing)
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: QuickPlay Background Capture Service (QBCS) (QPCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe
O23 - Service: QuickPlay Task Scheduler (QTS) (QPSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Unknown owner - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxLiveShare9.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
0
Réponse 7 / 30
moinele Messages postés 136 Date d'inscription jeudi 30 décembre 2004 Statut Membre Dernière intervention 5 janvier 2015 1
7 déc. 2009 à 12:47
Pages de demarrage sur quel navigateur?
j'en une sur Firefox et 1 autre sur Internet explorer!
a ma connaissance c'est tout!
0
servabat Messages postés 1881 Date d'inscription jeudi 2 octobre 2008 Statut Membre Dernière intervention 17 septembre 2012 269
7 déc. 2009 à 12:53
a oui, (j'ai bu je vois triple ^^) tu n'a que http://www.sernam.fr/. masi tu a tout un tas de toolbars
0
Réponse 8 / 30
moinele Messages postés 136 Date d'inscription jeudi 30 décembre 2004 Statut Membre Dernière intervention 5 janvier 2015 1
7 déc. 2009 à 12:55
Quel serait les toolbar a désinstaller?
0
Réponse 9 / 30
servabat Messages postés 1881 Date d'inscription jeudi 2 octobre 2008 Statut Membre Dernière intervention 17 septembre 2012 269
7 déc. 2009 à 13:09
/!\ aucune toolbar n'est bonne, je te conseil donc de les supprimer toutes (sauf la google eventuellement , qui est la seule que j'ai et qui ne m'a jamains causé de problème)
regarded le tuto malekal pour toolbar s&d ici
0
Réponse 10 / 30
moinele Messages postés 136 Date d'inscription jeudi 30 décembre 2004 Statut Membre Dernière intervention 5 janvier 2015 1
7 déc. 2009 à 13:13
en ce qui concerne mon soucie de malware cela devrait -il être OK!
0
Réponse 11 / 30
moinele Messages postés 136 Date d'inscription jeudi 30 décembre 2004 Statut Membre Dernière intervention 5 janvier 2015 1
7 déc. 2009 à 13:25
-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5550 @ 1.83GHz )
BIOS : Ver 1.00PARTTBL
USER : Stéphane ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:220 Go (Free:48 Go)
D:\ (Local Disk) - NTFS - Total:11 Go (Free:2 Go)
E:\ (Local Disk) - NTFS - Total:0 Go (Free:0 Go)
F:\ (Local Disk) - NTFS - Total:111 Go (Free:103 Go)
G:\ (CD or DVD)
H:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [1] ( 07/12/2009|13:16 )

[ UAC => 1 ]

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\DAEMON Tools Toolbar
C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT
C:\Program Files\DAEMON Tools Toolbar\Resources
C:\Program Files\DAEMON Tools Toolbar\uninst.exe
C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\chrome
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\chrome.manifest
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\components
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\install.rdf
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\chrome\dttoolbar.jar
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.dll
C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT\components\DTToolbarFF.xpt
C:\Program Files\DAEMON Tools Toolbar\Resources\about.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\as.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\as.png
C:\Program Files\DAEMON Tools Toolbar\Resources\astro.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\b1.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\b1.png
C:\Program Files\DAEMON Tools Toolbar\Resources\BurnImage.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\buy.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\cond000.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond001.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond003.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond004.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond005.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond006.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond007.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond008.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond009.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond010.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond011.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond019.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond020.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond021.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond022.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond023.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond024.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond025.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond026.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond037.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond038.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond039.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond040.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond041.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond046.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond048.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond050.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond051.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond052.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond053.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond054.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond055.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond056.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond057.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond058.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond059.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond060.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond061.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond062.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond063.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond064.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond065.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond066.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond067.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond068.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond069.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond075.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond076.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond077.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond078.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond079.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond080.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond084.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond085.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond086.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond087.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond088.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond089.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond090.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond091.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond092.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond093.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond094.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond095.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond108.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond109.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond110.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond111.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond112.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond113.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond120.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond121.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond122.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond126.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond127.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond128.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond129.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond130.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond131.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond132.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond133.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond134.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond135.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond136.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond137.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond138.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond140.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond141.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond142.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond143.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond148.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond149.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond152.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond154.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond155.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond156.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\cond157.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\d.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\d2.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\daemon.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\ds.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\dsearch.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\dt.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\DTPro.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\Dwnl.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\emulation.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\features.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\gd.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\globe.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\GrabImage.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\hb.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\hb.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\help.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\ip.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\lang.xml
C:\Program Files\DAEMON Tools Toolbar\Resources\lingvo.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\m.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\mail.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_disable.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mailc_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_disable.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\mail_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\next.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\next_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\next_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\next_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\none.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\none_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\noW.gif
C:\Program Files\DAEMON Tools Toolbar\Resources\op.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\pragma.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\prev.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prev_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prev_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prev_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\prod.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\refresh_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Rss.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\Rss1.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\rssClose.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\rssL.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\rssOpen.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\size.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\size_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\skins.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\spt.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\SupportRequest.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\time.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\TitleIcon.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\toolbar.xml
C:\Program Files\DAEMON Tools Toolbar\Resources\trans.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_disable.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Trash_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\u.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wb.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtClose_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_down.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_m.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wBtText_under.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Weather_m42.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\Weather_m43.bmp
C:\Program Files\DAEMON Tools Toolbar\Resources\wi.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi0.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi1.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi10.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi11.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi12.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi13.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi2.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi3.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi4.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi5.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi6.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi7.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi8.ico
C:\Program Files\DAEMON Tools Toolbar\Resources\wi9.ico

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.sernam.fr/"
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF"
"Default_Page_URL"="https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\Windows\\System32\\blank.htm"


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\STPHAN~1\AppData\Roaming\Microsoft\Windows\Recent\[PC - Games] Grand Theft Auto GTA IV 4 Crack NoCD - Multi8 DVD1.iso.lnk
C:\Users\STPHAN~1\AppData\Roaming\Microsoft\Windows\Recent\[PC - Games] Grand Theft Auto GTA IV 4 Crack NoCD - Multi8 DVD2.iso.lnk


[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 07/12/2009|13:18 - Option : [1]

-----------\\ Fin du rapport a 13:18:44,53
0
Réponse 12 / 30
moinele Messages postés 136 Date d'inscription jeudi 30 décembre 2004 Statut Membre Dernière intervention 5 janvier 2015 1
7 déc. 2009 à 13:35
je viens de ravoir une alerte par mon antivirus!


02/03/2009 17:06:11 SYSTEM 1660 Sign of "HTML:Iframe-inf" has been found in "http://cyclurba.fr/image/ISD/618/PAGE_01.HTM" file.
02/03/2009 17:06:32 SYSTEM 1660 Sign of "HTML:Iframe-inf" has been found in "http://cyclurba.fr/image/ISD/618/PAGE_01.HTM" file.
14/04/2009 15:54:26 SYSTEM 1656 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\Windows\System32\conime.exe (C:\Windows\System32\conime.exe) returning error, 00000005.
30/04/2009 19:13:23 SYSTEM 1928 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\Users\Stéphane\AppData\Roaming\Skype\moinele\chatsync\57\57ddf32a95ef229d.dat (C:\Users\Stéphane\AppData\Roaming\Skype\moinele\chatsync\57\57ddf32a95ef229d.dat) returning error, 00000005.
01/06/2009 19:26:44 SYSTEM 1716 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\Users\Stéphane\AppData\Roaming\Skype\moinele\chatsync\2b\2b537eea84e51d5d.dat (C:\Users\Stéphane\AppData\Roaming\Skype\moinele\chatsync\2b\2b537eea84e51d5d.dat) returning error, 00000005.
22/06/2009 15:24:19 SYSTEM 1712 Sign of "VBS:Malware-gen" has been found in "H:\AUTORUN.INF" file.
04/07/2009 08:59:25 SYSTEM 1660 Sign of "VBS:Malware-gen" has been found in "E:\AUTORUN.INF" file.
03/09/2009 17:42:54 SYSTEM 1772 Sign of "HTML:IFrame-BX [Trj]" has been found in "http://www.bali-mondial-export.com/js/jquery.js" file.
18/09/2009 17:34:30 SYSTEM 1680 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\Users\Stéphane\AppData\Roaming\Microsoft\Office\Recent\Desktop.LNK (C:\Users\Stéphane\AppData\Roaming\Microsoft\Office\Recent\Desktop.LNK) returning error, 00000026.
22/10/2009 19:11:23 SYSTEM 1680 Sign of "Win32:Adware-gen [Adw]" has been found in "C:\Users\Stéphane\Downloads\eMule\Incoming\[CrackNoCD] Sherlock Holmes contre Jack l'Eventreur serial.zip\Setup.exe\Setup_02.exe\Setup_01.exe\Setup_00.exe\LINKOP~1.EXE" file.
23/10/2009 12:04:59 SYSTEM 1720 Sign of "Win32:Downloader-CSJ [Trj]" has been found in "C:\Users\Stéphane\Downloads\eMule\Incoming\Keygen keygen Sherlock Holmes Contre Jack l'Eventreur.zip\Setup32.exe" file.
23/10/2009 15:49:18 SYSTEM 1720 Sign of "Win32:Adware-gen [Adw]" has been found in "C:\Users\Stéphane\Downloads\eMule\Incoming\crack Sherlock Holmes contre Jack L'éventreur crack(no cd).zip\Install.exe\Setup_01.exe\Setup_00.exe\LINKOP~1.EXE" file.
23/10/2009 15:50:53 SYSTEM 1720 Sign of "Win32:Adware-gen [Adw]" has been found in "C:\Users\Stéphane\AppData\Local\Temp\IXP002.TMP\LINKOP~1.EXE" file.
25/10/2009 13:09:03 SYSTEM 1624 Sign of "Win32:Zlob-CXG [Trj]" has been found in "C:\Users\Stéphane\Downloads\eMule\Incoming\sherlock holmes vs jack the ripper [CrackNoCD].zip\Install.exe" file.
16/11/2009 19:12:49 SYSTEM 1644 AAVM - scanning warning: x_AavmCheckFileDirectEx [UNI]: C:\Windows\System32\conime.exe (C:\Windows\System32\conime.exe) returning error, 00000005.
23/11/2009 13:05:39 SYSTEM 1612 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml47\smss.exe" file.
23/11/2009 14:29:51 SYSTEM 1612 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml47\smss.exe" file.
23/11/2009 14:57:56 SYSTEM 1612 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml47\smss.exe" file.
23/11/2009 15:26:02 SYSTEM 1612 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml47\smss.exe" file.
23/11/2009 15:54:05 SYSTEM 1612 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml47\smss.exe" file.
23/11/2009 17:11:13 SYSTEM 1672 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml47\smss.exe" file.
23/11/2009 17:39:17 SYSTEM 1672 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml47\smss.exe" file.
24/11/2009 10:05:30 SYSTEM 1672 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml47\smss.exe" file.
24/11/2009 10:47:36 SYSTEM 1672 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml47\smss.exe" file.
24/11/2009 11:15:40 SYSTEM 1672 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml47\smss.exe" file.
24/11/2009 12:25:51 SYSTEM 1672 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml47\smss.exe" file.
24/11/2009 12:53:56 SYSTEM 1672 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml47\smss.exe" file.
27/11/2009 19:20:54 SYSTEM 1640 Sign of "HTML:Script-inf" has been found in "https://www.hugedomains.com/domain_profile.cfm?d=lannuaireinverse&e=com" file.
29/11/2009 13:50:02 SYSTEM 1648 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml52\smss.exe" file.
29/11/2009 17:29:58 SYSTEM 1648 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml52\smss.exe" file.
29/11/2009 18:12:06 SYSTEM 1648 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml52\smss.exe" file.
30/11/2009 09:40:08 SYSTEM 1668 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml52\smss.exe" file.
30/11/2009 10:22:15 SYSTEM 1668 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml52\smss.exe" file.
30/11/2009 10:36:17 SYSTEM 1668 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml52\smss.exe" file.
30/11/2009 11:04:22 SYSTEM 1668 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml52\smss.exe" file.
30/11/2009 11:18:24 SYSTEM 1668 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml52\smss.exe" file.
30/11/2009 11:46:29 SYSTEM 1668 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml52\smss.exe" file.
30/11/2009 12:00:35 SYSTEM 1668 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml52\smss.exe" file.
30/11/2009 12:17:10 SYSTEM 1668 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml53\smss.exe" file.
30/11/2009 13:14:02 SYSTEM 1668 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml53\smss.exe" file.
30/11/2009 15:46:25 SYSTEM 1668 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml53\smss.exe" file.
30/11/2009 18:22:03 SYSTEM 1668 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml54\smss.exe" file.
01/12/2009 10:21:37 SYSTEM 1680 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml54\smss.exe" file.
01/12/2009 10:35:37 SYSTEM 1680 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml54\smss.exe" file.
01/12/2009 13:52:10 SYSTEM 1680 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml54\smss.exe" file.
01/12/2009 14:06:10 SYSTEM 1680 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml54\smss.exe" file.
01/12/2009 14:08:05 SYSTEM 1680 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml54\smss.exe" file.
02/12/2009 14:01:11 SYSTEM 1680 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml57\smss.exe" file.
02/12/2009 16:21:32 SYSTEM 1680 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml57\smss.exe" file.
03/12/2009 09:10:58 SYSTEM 1664 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml57\smss.exe" file.
03/12/2009 09:53:05 SYSTEM 1664 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml57\smss.exe" file.
06/12/2009 01:02:41 SYSTEM 1648 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml59\smss.exe" file.
06/12/2009 01:02:52 SYSTEM 1648 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml59\smss.exe" file.
06/12/2009 10:40:06 SYSTEM 1648 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml59\smss.exe" file.
06/12/2009 10:40:22 SYSTEM 1648 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml59\smss.exe" file.
06/12/2009 11:08:15 SYSTEM 1648 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml59\smss.exe" file.
07/12/2009 08:56:32 SYSTEM 1696 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml60\smss.exe" file.
07/12/2009 09:24:14 SYSTEM 1696 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml60\smss.exe" file.
07/12/2009 10:20:23 SYSTEM 1696 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml60\smss.exe" file.
07/12/2009 10:34:25 SYSTEM 1696 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml60\smss.exe" file.
07/12/2009 10:48:27 SYSTEM 1696 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml60\smss.exe" file.
07/12/2009 11:02:29 SYSTEM 1696 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml60\smss.exe" file.
07/12/2009 11:16:32 SYSTEM 1696 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml60\smss.exe" file.
07/12/2009 11:44:36 SYSTEM 1696 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml60\smss.exe" file.
07/12/2009 12:12:40 SYSTEM 1696 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml60\smss.exe" file.
07/12/2009 13:22:51 SYSTEM 1696 Sign of "Win32:Malware-gen" has been found in "C:\Users\Stéphane\AppData\Local\Temp\~temp\aiunml60\smss.exe" file.
0
Réponse 13 / 30
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 274
7 déc. 2009 à 13:45
bonjour

ceci est néfaste...

O23 - Service: KeenfinderSrch Service - Unknown owner - C:\ProgramData\KeenfinderSrch\keenfinder136.exe (file missing)

1) fait l'option 2 suppression de Toolbar-S&D

2)Desactive ton antivirus le temps de la manip ainsi que ton parefeu si présent

▶ Télécharge List&Kill'em et enregistre le sur ton bureau

http://sd-1.archive-host.com/membres/up/829108531491024/List_Killem.exe

Il ne necessite pas d'installation

▶double clic (clic droit "executer en tant qu'administrateur" pour Vista) pour lancer le scan

choisis la langue puis choisis l'option 1 = Mode Recherche

▶laisse travailler l'outil

à la fin du scan la fenêtre se referme seule.

ouvre C:\List'em.txt

▶colle le contenu dans ta prochaine réponse
0
Réponse 14 / 30
moinele Messages postés 136 Date d'inscription jeudi 30 décembre 2004 Statut Membre Dernière intervention 5 janvier 2015 1
7 déc. 2009 à 13:54
-----------\\ ToolBar S&D 1.2.9 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6002 ) Service Pack 2
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU T5550 @ 1.83GHz )
BIOS : Ver 1.00PARTTBL
USER : Stéphane ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:220 Go (Free:48 Go)
D:\ (Local Disk) - NTFS - Total:11 Go (Free:2 Go)
E:\ (Local Disk) - NTFS - Total:0 Go (Free:0 Go)
F:\ (Local Disk) - NTFS - Total:111 Go (Free:103 Go)
G:\ (CD or DVD)
H:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 22-08-2009|18:42 )
Option : [2] ( 07/12/2009|13:51 )

[ UAC => 1 ]

-----------\\ SUPPRESSION

Supprime! - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
Supprime! - C:\Program Files\DAEMON Tools Toolbar\FirefoxDTT
Supprime! - C:\Program Files\DAEMON Tools Toolbar\Resources
Supprime! - C:\Program Files\DAEMON Tools Toolbar\uninst.exe
Supprime! - C:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
Supprime! - C:\Program Files\DAEMON Tools Toolbar

-----------\\ Recherche de Fichiers / Dossiers ...


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.sernam.fr/"
"Local Page"="C:\\Windows\\system32\\blank.htm"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Url"="https://www.msn.com/fr-fr/actualite/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.msn.com/fr-fr/"
"Default_Page_URL"="https://www.msn.com/fr-fr?cobrand=hp-notebook.msn.com&ocid=HPDHP&pc=HPNTDF"
"Default_Search_URL"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Local Page"="C:\\Windows\\System32\\blank.htm"


--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\STPHAN~1\AppData\Roaming\Microsoft\Windows\Recent\[PC - Games] Grand Theft Auto GTA IV 4 Crack NoCD - Multi8 DVD1.iso.lnk
C:\Users\STPHAN~1\AppData\Roaming\Microsoft\Windows\Recent\[PC - Games] Grand Theft Auto GTA IV 4 Crack NoCD - Multi8 DVD2.iso.lnk


[ UAC => 1 ]


1 - "C:\ToolBar SD\TB_1.txt" - 07/12/2009|13:18 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 07/12/2009|13:53 - Option : [2]

-----------\\ Fin du rapport a 13:53:05,08
0
Réponse 15 / 30
moinele Messages postés 136 Date d'inscription jeudi 30 décembre 2004 Statut Membre Dernière intervention 5 janvier 2015 1
7 déc. 2009 à 13:58
"http://sd-1.archive-host.com/membres/up/829108531491024/List_Killem.exe "

404 - Not Found
0
Réponse 16 / 30
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 274
7 déc. 2009 à 14:00
http://sd-1.archive-host.com/membres/up/829108531491024/List_Killem.zip
0
Réponse 17 / 30
moinele Messages postés 136 Date d'inscription jeudi 30 décembre 2004 Statut Membre Dernière intervention 5 janvier 2015 1
7 déc. 2009 à 14:18
il reste bloqué sur "tests rootkits..... Patience......"
0
Réponse 18 / 30
moinele Messages postés 136 Date d'inscription jeudi 30 décembre 2004 Statut Membre Dernière intervention 5 janvier 2015 1
7 déc. 2009 à 14:33
List'em by g3n-h@ckm@n 1.1.2.1

Thx to Chiquitine29.....

User : Stéphane (Administrateurs) # PC-DE-CHARCAST
Update on 07/12/2009 by g3n-h@ckm@n ::::: 11:00
Start at: 14:03:08 | 07/12/2009
Contact : g3n-h@ckm@n sur CCM

Intel(R) Core(TM)2 Duo CPU T5550 @ 1.83GHz
Microsoft® Windows Vista™ Édition Familiale Premium (6.0.6002 32-bit) # Service Pack 2
Internet Explorer 8.0.6001.18828
Windows Firewall Status : Disabled

C:\ -> Disque fixe local | 220,96 Go (48,54 Go free) | NTFS
D:\ -> Disque fixe local | 11,93 Go (2,14 Go free) [HP_RECOVERY] | NTFS
E:\ -> Disque fixe local | 200 Mo (168,03 Mo free) | NTFS
F:\ -> Disque fixe local | 111,59 Go (103,39 Go free) [Emeraude-Corp] | NTFS
G:\ -> Disque CD-ROM
H:\ -> Disque CD-ROM

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes running

C:\Windows\System32\smss.exe 480
C:\Windows\system32\csrss.exe 612
C:\Windows\system32\wininit.exe 664
C:\Windows\system32\csrss.exe 676
C:\Windows\system32\services.exe 712
C:\Windows\system32\lsass.exe 728
C:\Windows\system32\lsm.exe 736
C:\Windows\system32\svchost.exe 884
C:\Windows\system32\nvvsvc.exe 952
C:\Windows\system32\svchost.exe 980
C:\Windows\System32\svchost.exe 1032
C:\Windows\System32\svchost.exe 1072
C:\Windows\System32\svchost.exe 1104
C:\Windows\system32\svchost.exe 1120
C:\Windows\system32\winlogon.exe 1192
C:\Windows\system32\svchost.exe 1268
C:\Windows\system32\SLsvc.exe 1284
C:\Windows\system32\svchost.exe 1328
C:\Windows\system32\svchost.exe 1452
C:\Windows\system32\WLANExt.exe 1600
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe 1672
C:\Program Files\Alwil Software\Avast4\ashServ.exe 1696
C:\Windows\System32\spoolsv.exe 1948
C:\Windows\system32\svchost.exe 1976
C:\Windows\system32\rundll32.exe 348
C:\Windows\system32\taskeng.exe 2140
C:\Windows\system32\Dwm.exe 2260
C:\Windows\system32\taskeng.exe 2276
C:\Windows\Explorer.EXE 2312
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 2440
C:\Windows\system32\svchost.exe 2460
C:\PVSW\Bin\WGE_SRV.exe 2488
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe 2512
C:\Windows\system32\svchost.exe 2664
C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe 2692
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe 2752
C:\Windows\System32\svchost.exe 2888
C:\Windows\system32\IoctlSvc.exe 2932
C:\Windows\System32\svchost.exe 2956
C:\Windows\system32\svchost.exe 2984
C:\Program Files\HP\QuickPlay\Kernel\TV\QPCapSvc.exe 3000
C:\Program Files\Alwil Software\Avast4\ashDisp.exe 3072
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 3088
C:\Program Files\RocketDock\RocketDock.exe 3160
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe 3168
C:\Program Files\Skype\Phone\Skype.exe 3184
C:\Program Files\Windows Live\Messenger\msnmsgr.exe 3228
C:\Program Files\Windows Live\Mail\wlmail.exe 3304
C:\PVSW\BIN\W3dbsmgr.EXE 3328
C:\Users\STPHAN~1\LOCALS~1\APPLIC~1\MICROS~1\sessmgr.exe 3372
C:\Program Files\CyberLink\Shared Files\RichVideo.exe 3392
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe 3424
C:\Windows\system32\svchost.exe 3484
C:\Windows\System32\svchost.exe 3552
C:\Windows\system32\SearchIndexer.exe 3604
C:\Program Files\Hewlett-Packard\Shared\hpqWmiEx.exe 3636
C:\Program Files\HP\QuickPlay\Kernel\TV\QPSched.exe 4036
C:\Windows\system32\wbem\unsecapp.exe 2812
C:\Windows\system32\wbem\wmiprvse.exe 3708
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe 3180
C:\Program Files\Skype\Plugin Manager\skypePM.exe 4364
C:\Program Files\Windows Live\Contacts\wlcomm.exe 4988
c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe 5244
C:\Windows\system32\svchost.exe 5916
C:\Program Files\Windows Media Player\wmpnetwk.exe 6128
C:\Windows\system32\conime.exe 1276
C:\Windows\system32\taskeng.exe 5528
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroTray.exe 460
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe 1724
C:\Program Files\Mozilla Firefox\firefox.exe 5736
C:\Windows\system32\rundll32.exe 1116
C:\Windows\system32\FirewallControlPanel.exe 5132
C:\Program Files\Internet Explorer\IELowutil.exe 5828
C:\Windows\system32\SearchProtocolHost.exe 2120
C:\Windows\system32\SearchFilterHost.exe 4288
C:\Program Files\WinRAR\WinRAR.exe 2636
C:\Users\Stéphane\Desktop\List_Kill'em.exe 5564
C:\Windows\system32\cmd.exe 5532
C:\Windows\system32\wbem\wmiprvse.exe 3964
C:\Users\Stéphane\AppData\Local\Temp\24.tmp\pv.exe 3740

======================
Keys "Run"
======================

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
RocketDock REG_SZ "C:\Program Files\RocketDock\RocketDock.exe"
SpybotSD TeaTimer REG_SZ C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
Skype REG_SZ "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
msnmsgr REG_SZ "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
eMuleAutoStart REG_SZ C:\Program Files\eMule\emule.exe -AutoStart

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\AdobeUpdater

! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
SynTPEnh REG_SZ C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
QuickTime Task REG_SZ "C:\Program Files\QuickTime\QTTask.exe" -atboottime
iTunesHelper REG_SZ "C:\Program Files\iTunes\iTunesHelper.exe"

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents
=====================
Other Keys
=====================

! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System
ConsentPromptBehaviorAdmin REG_DWORD 0x2
ConsentPromptBehaviorUser REG_DWORD 0x1
EnableInstallerDetection REG_DWORD 0x1
EnableLUA REG_DWORD 0x1
EnableSecureUIAPaths REG_DWORD 0x1
EnableVirtualization REG_DWORD 0x1
PromptOnSecureDesktop REG_DWORD 0x1
ValidateAdminCodeSignatures REG_DWORD 0x0
dontdisplaylastusername REG_DWORD 0x0
legalnoticecaption REG_SZ
legalnoticetext REG_SZ
scforceoption REG_DWORD 0x0
shutdownwithoutlogon REG_DWORD 0x1
undockwithoutlogon REG_DWORD 0x1
FilterAdministratorToken REG_DWORD 0x0
EnableUIADesktopToggle REG_DWORD 0x0

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System\UIPI
===============

===============
===============
BHO :
======
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}]
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{29C88E20-4234-41B9-A9DB-982958C95FB1}]
@="PimpFish Toolbar Opcode Handler"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
@="NCO 2.0 IE BHO"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
@="Symantec Intrusion Prevention"
"NoExplorer"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
@="Search Helper"
"NoExplorer"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75B1A646-CDCE-4C06-B52F-84F4463B4FC8}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
"NoExplorer"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96372AB6-15EB-4316-B497-71C741BC548C}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
@=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CF3C5900-BEC0-470E-AEE8-CE277C60667C}]
@="iGraalBHO"
"NoExplorer"=dword:00000001

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
"NoExplorer"=dword:00000001


================
Internet Explorer :
================

! REG.EXE VERSION 3.0

HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main
Start Page REG_SZ https://www.msn.com/fr-fr/


! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
Start Page REG_SZ http://www.sernam.fr/


========
Services
========
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services]

Ndisuio : 0x3
EapHost : 0x3
Wlansvc : 0x2
SharedAccess : 0x3
windefend : 0x2
wuauserv : 0x2
=========

=========================
Environnement variables :
=========================

ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\St‚phane\AppData\Roaming
choix=1
CLASSPATH=.;C:\Program Files\Java\jre1.6.0_04\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=PC-DE-CHARCAST
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\St‚phane
LOCALAPPDATA=C:\Users\St‚phane\AppData\Local
LOGONSERVER=\\PC-DE-CHARCAST
NUMBER_OF_PROCESSORS=2
OnlineServices=Services en ligne
OS=Windows_NT
Path=C:\Program Files\PC Connectivity Solution\;C:\PVSW\Bin;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Program Files\CyberLink\Power2Go\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\Borland\Common Files\BDE;C:\Program Files\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PCBRAND=Pavilion
PLATFORM=MCD
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 15 Stepping 13, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f0d
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
QTJAVA=C:\Program Files\Java\jre1.6.0_04\lib\ext\QTJava.zip
RGSC=C:\Program Files\Rockstar Games\Rockstar Games Social Club\1_0_0_0
RGSCLauncher=C:\Program Files\Rockstar Games\Rockstar Games Social Club
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\STPHAN~1\AppData\Local\Temp
TMP=C:\Users\STPHAN~1\AppData\Local\Temp
USERDOMAIN=PC-de-Charcast
USERNAME=St‚phane
USERPART=E:
USERPROFILE=C:\Users\St‚phane
windir=C:\Windows

==========
Programs
==========

Adobe
AGEIA Technologies
Alwil Software
Amara - Intro and Banner Builder
Amara - Slide Show Builder
AnalogX
Apple Software Update
AtomixMP3
AVG
Beneton Movie GIF
BestPractice
Bonjour
Borland
Broadcom
Canon
CardDetector
CCleaner
Circle Developement
Codemasters
Common Files
Convertisseur 2006
CSV Converter
CyberLink
DAEMON Tools Lite
DebugMode
desktop.ini
DIFX
DivX
Easy GIF Animator
Easy Gif Animator Extension
eBay
EBP
eMule
Fichiers communs
FileZilla FTP Client
GIF Movie Gear
Google
Grammatica
GVAO Install
Hewlett-Packard
Hp
HP Games
HPQ
iGraal
IKEA HomePlanner
InstallShield Installation Information
Intel
Internet Explorer
iPod
iTunes
IVT Corporation
Java
jv16 PowerTools
K-Lite Codec Pack
KeenfinderSrch
Lavalys
ma-config.com
Messenger Plus! Live
Micro Application
Microsoft
Microsoft Games
Microsoft Games for Windows - LIVE
Microsoft Office
Microsoft Office Outlook Connector
Microsoft Picture It! 7
Microsoft Silverlight
Microsoft SQL Server Compact Edition
Microsoft Sync Framework
Microsoft Visual Studio
Microsoft Visual Studio 8
Microsoft Visual Studio 8(450)
Microsoft Windows 7 Upgrade Advisor
Microsoft Works
Microsoft Works Suite 2003
Microsoft.NET
Middleware
Motorola
Movie Maker
Mozilla Firefox
MSBuild
MSXML 4.0
Nego
Nero
Nokia
Nokia2
OpenOffice.org 2.4
Orange
Ord-ixSofts
OVH
PC Connectivity Solution
Picture Resize
PimpFish
Pure Motion
QuickTime
Realtek
Reference Assemblies
Resize Pictures Plus
Rippackv3
RocketDock
Rockstar Games
Safari
Services en ligne
ShopFactory V6
Skype
Sonic Foundry
Spybot - Search & Destroy
SWF to GIF
SWF-AVI-GIF Converter
Synaptics
Trackstick Manager
Ultralingua
Uninstall Information
Urban Research
Utilitaire de configuration iPhone
Viewpoint
VirtualDJ
VSO
Web Publish
WebSite Complete eCommerce Edition
Windows Calendar
Windows Collaboration
Windows Defender
Windows Journal
Windows Live
Windows Live SkyDrive
Windows Mail
Windows Media Player
Windows NT
Windows Photo Gallery
Windows Portable Devices
Windows Sidebar
WindSolutions
wings3d_1.0.1
WinRAR
WinTV
Zylom Games

¤¤¤¤¤¤¤¤¤¤ Files/folders :

C:\Program Files\Circle Developement
C:\Windows\system32\MSINET.oca
C:\Windows\System32\SET6669.tmp
C:\Windows\System32\SET6718.tmp
C:\Users\St‚phane\LOCAL Settings\Temp\hijackthis-2.0.2.75917.exe
C:\Users\St‚phane\LOCAL Settings\Temp\_isBC91.exe

¤¤¤¤¤¤¤¤¤¤ Keys :


=========
Rootkits
=========

catchme 0.3.1398.3 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-12-07 14:05:02
Windows 6.0.6002 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\000a9411ec71]
"001ccc570099"=hex:97,da,bf,cf,7c,1d,a5,66,59,75,8d,03,21,91,d6,d4
"0012d20c1a10"=hex:49,50,4f,44,64,b7,d3,01,17,a6,bf,85,7e,ba,46,48
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:e2,a4,15,ba,7b,bb,85,df,eb,14,7b,71,ed,1f,bf,c5,1a,e6,f1,7e,64,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,98,c6,69,b3,d8,1c,8e,df,18,57,15,7a,1c,51,40,04,be,..
"khjeh"=hex:83,cf,d2,2a,c5,4e,89,9f,ba,73,ea,97,0c,4d,a5,e2,80,87,bf,44,66,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:d1,2d,38,b3,b3,00,53,5e,73,e6,2a,7e,18,a1,8a,55,60,69,a6,66,3e,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:6b,db,00,5e,1f,f4,5f,4f,4d,7a,3a,6b,3f,3f,a3,dd,aa,3f,a7,20,97,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\000a9411ec71]
"001ccc570099"=hex:97,da,bf,cf,7c,1d,a5,66,59,75,8d,03,21,91,d6,d4
"0012d20c1a10"=hex:49,50,4f,44,64,b7,d3,01,17,a6,bf,85,7e,ba,46,48
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:e2,a4,15,ba,7b,bb,85,df,eb,14,7b,71,ed,1f,bf,c5,1a,e6,f1,7e,64,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,98,c6,69,b3,d8,1c,8e,df,18,57,15,7a,1c,51,40,04,be,..
"khjeh"=hex:83,cf,d2,2a,c5,4e,89,9f,ba,73,ea,97,0c,4d,a5,e2,80,87,bf,44,66,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:d1,2d,38,b3,b3,00,53,5e,73,e6,2a,7e,18,a1,8a,55,60,69,a6,66,3e,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:6b,db,00,5e,1f,f4,5f,4f,4d,7a,3a,6b,3f,3f,a3,dd,aa,3f,a7,20,97,..

scanning hidden registry entries ...

scanning hidden files ...
0
Réponse 19 / 30
moment de grace Messages postés 29042 Date d'inscription samedi 6 décembre 2008 Statut Contributeur sécurité Dernière intervention 18 juillet 2013 2 274
7 déc. 2009 à 14:38
le rapport n'est pas complet

ca finit ainsi


¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤( EOF )¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
0
Réponse 20 / 30
moinele Messages postés 136 Date d'inscription jeudi 30 décembre 2004 Statut Membre Dernière intervention 5 janvier 2015 1
7 déc. 2009 à 14:41
Ok je recommence!
0

Discussions similaires

Comment supprimer tor.jack sur Android
sabinelouisonbruno -
akaloupile -

4 réponses
Win64:Malware-gen
ptb35 -
MisteryBean -

3 réponses
win32:malware-gen bloqué par avast
ikkual -
Utilisateur anonyme -

69 réponses
Problème de malware
jbijp -
MisteryBean -

1 réponse
Pc infecté ? Analyse de Gridinsoft
slimocb -
bazfile -

7 réponses