Sujet Précédent Sujet Suivant

Tdssadw.dll

Fermé
setric - 2 sept. 2008 à 20:49
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 - 3 sept. 2008 à 11:59
Bonjour,
Depuis deux jours, chaque fois que j'ouvre WinXP ou n'importe quel programme, j'ai une fenêtre qui s'ouvre qui mentionne: '' L'application ou la DLL:C:\windows\sytem32±tdssadw.dll n'est pas une image windows valide. Vérifier à l'aide de votre disquette d'installation.''
J'ai vérifiez sur l'ensemble de l'ordinateur mais je n'ai rien trouvez avec tdssadw.dll.
La dite fenêtre s'ouvre pour tout programme que j'ouvre, j'acc`de au programme mais je dois toujours passé par cette fenêtre.
Aussi, dans IE7, lorsque j'ouvre une autre fenêtre, j'ai un avertssement: Insecure Internet activity. Threat of virus attack et il essaie de m'envoyer à ''kvmsecure''.
Voici mon rapport HijackThis, ca devrais aider mais je n'y comprend rien.
Logfile of HijackThis v1.99.1
Scan saved at 07:02:13, on 2008-09-02
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
E:\Logiciels Entretien\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
E:\Logiciels Entretien\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Adobe\Acrobat 6.0\Acrobat\Acrobat.exe
C:\WINDOWS\system32\WISPTIS.EXE
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.microsoft.com/fr-fr/security/?rtc=1
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - F:\Logiciels Utilités\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - D:\LogicielsMédia\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: QXK Olive - {26027218-80B3-40FA-9FA1-70FD56AA5328} - C:\WINDOWS\rodqgpvldbv.dll
O2 - BHO: (no name) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - F:\Logiciels Utilités\TechSmith\SnagIt 8\SnagItIEAddin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: (no name) - {51D81DD5-55B7-497F-95DB-D356429BB54E} - (no file)
O3 - Toolbar: (no name) - {5AA2BA46-9913-4dc7-9620-69AB0FA17AE7} - (no file)
O3 - Toolbar: (no name) - {5371FF76-9602-4029-9626-BE8CD757EB36} - (no file)
O4 - HKLM\..\Run: [AVP] "E:\Logiciels Entretien\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [Bluetooth Connection Assistant] LBTWIZ.EXE -silent
O4 - HKLM\..\Run: [HPUsageTracking] "C:\Program Files\HP\HP UT\bin\hppusg.exe" "C:\Program Files\HP\HP UT\"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe /autorun
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [zBrowser Launcher] "C:\Program Files\Logitech\iTouch\iTouch.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] "C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe"
O4 - HKLM\..\Run: [NBKeyScan] "D:\LogicielsMédia\Nero 8\Nero BackItUp\NBKeyScan.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] "C:\Program Files\Logitech\QuickCam\ISStart.exe"
O4 - HKLM\..\Run: [iTunesHelper] "D:\LogicielsMédia\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [TomcatStartup 2.5] C:\Program Files\Hewlett-Packard\Toolbox\hpbpsttp.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Eraser] E:\Logiciels Entretien\Eraser\eraser.exe -hide
O4 - HKCU\..\RunOnce: [NeroHomeFirstStart] "C:\Program Files\Fichiers communs\Nero\Lib\NMFirstStart.exe"
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll
O9 - Extra button: Statistiques d’Anti-Virus Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - E:\Logiciels Entretien\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - D:\LogicielsMédia\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: (no name) - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.dwnldietool.com/redirect.php (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware - {9034A523-D068-4BE8-A284-9DF278BE776E} - http://www.dwnldietool.com/redirect.php (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\bonjour\mdnsnsp.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-3/MyFunCardsFWBInitialSetup1.0.1.0.cab
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - https://www.systemrequirementslab.com/cyri
O16 - DPF: {4D054067-DE3A-48F9-B19B-BCD229B9AE8D} (PrinterHelpEtcActiveX Control) - http://www.samsungdp.com/printerhelp/ActiveX/DrPrinter.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - https://www.eset.com/
O16 - DPF: {814EA0DA-E0D9-4AA4-833C-A1A6D38E79E9} (DASWebDownload Class) - http://das.microsoft.com/activate/cab/x86/i486/NTANSI/retail/DASAct.cab
O16 - DPF: {B7D07999-2ADB-4AEB-997E-F61CB7B2E2CD} (TSEasyInstallX Control) - http://www.trendsecure.com/easy_install/_activex/fr-CA/TSEasyInstallX.CAB
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WINDOW~4\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FICHIE~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: LBTWlgn - c:\program files\fichiers communs\logishrd\bluetooth\LBTWlgn.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - E:\Logiciels Entretien\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r (file missing)
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: DVDneXtCOPYService - DVD neXt COPY - D:\LogicielsMédia\DVDneXtCOPY2\DVDneXtCOPY Virtual Drive\DVDneXtCOPYService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Windows CardSpace (idsvc) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (file missing)
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - D:\LogicielsMédia\Nero 8\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\hpzipm12.exe
O23 - Service: SUGE1 Status Monitor Service (SM_SUGE1_FUService) - Unknown owner - C:\Program.exe (file missing)

De l'aide svp
Setric

3 réponses

Réponse 1 / 3
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
2 sept. 2008 à 21:05
Salut,

* Télécharge SDFix (par Andy Manchesta) et sauvegarde-le sur ton bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

* Double-clique sur SDFix.exe et choisis Install pour l'extraire dans son dossier sur le bureau.
* Redémarre le PC en mode sans échec :
https://www.malekal.com/demarrer-windows-mode-sans-echec/
* Choisis ton compte.

Déroule la liste des instructions ci-dessous :
* Ouvre le dossier SDFix qui vient d'être créé sur le bureau et double-clique sur RunThis.bat pour lancer le script.
* Appuie sur Y pour commencer le nettoyage.
* Quand il te le demandera, appuie sur une touche pour redémarrer le PC.
* Ton système sera plus long à redémarrer car l'outil va continuer à s'exécuter et supprimer des fichiers.
* Après le chargement du bureau, l'outil aura terminé et affichera Finished.
* Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton bureau.
* Le rapport SDFix s'ouvrira et il sera enregistré dans le dossier SDFix sous le nom Report.txt.
* Enfin, copie/colle le rapport du fichier Report.txt.
0
setric
3 sept. 2008 à 03:40
Destrio5, Bonjour et merci.
Malgré qu'encore maintenant je ne sache ce qui m'as frappé, tu m'as fourni les outils pour l'effacer de mon ordi, enfin, plus rien n'apparait.
Et ce lien www.malekal.com, un bijou pour moi!
Devrais-je garder le program SDfix?
encore merci|
0
Réponse 2 / 3
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
3 sept. 2008 à 04:20
Malekal est un très bon site.

tdssadw.dll fait partie d'un rootkit à la mode en moment et SDFix le supprime. Peux-tu poster le rapport ?

Je te conseille de faire un scan avec MBAM, de supprimer tout ce qu'il trouve et de poster le rapport généré :
http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.htm
0
setric
3 sept. 2008 à 05:19
Destrio5
Voici le rapport SDFix

[b]SDFix: Version 1.220 [/b]
Run by Administrateur on 2008-09-02 at 20:22

Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


[b]Checking Files [/b]:

Trojan Files Found:

C:\WINDOWS\EAXF.EXE - Deleted
C:\WINDOWS\rodqgpvldbv.dll - Deleted
C:\WINDOWS\system32\drivers\tdssserv.sys - Deleted
C:\WINDOWS\system32\tdssadw.dll - Deleted
C:\WINDOWS\system32\tdssl.dll - Deleted
C:\WINDOWS\system32\tdsslog.dll - Deleted
C:\WINDOWS\system32\tdssmain.dll - Deleted
C:\WINDOWS\system32\tdssservers.dat - Deleted





Removing Temp Files

[b]ADS Check [/b]:



[b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-02 20:39:01
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TDSSserv]
"start"=dword:00000001
"type"=dword:00000001
"imagepath"=str(2):"\systemroot\system32\drivers\TDSSserv.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv]
"start"=dword:00000001
"type"=dword:00000001
"imagepath"=str(2):"\systemroot\system32\drivers\TDSSserv.sys"

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:000000e8
"TracesSuccessful"=dword:00000010

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services [/b]:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"E:\\Logiciels Entretien\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe"="E:\\Logiciels Entretien\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe:*:Enabled:Kaspersky Anti-Virus"
"D:\\LogicielsM‚dia\\Azureus\\Azureus.exe"="D:\\LogicielsM‚dia\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"D:\\LogicielsM‚dia\\Nero 8\\Nero Home\\NeroHome.exe"="D:\\LogicielsM‚dia\\Nero 8\\Nero Home\\NeroHome.exe:*:Enabled:Nero Home"
"C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\French\\setup.exe"="C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\French\\setup.exe:*:Enabled:Programme d'installation de Kaspersky Anti-Virus 7.0"
"E:\\Logiciels Entretien\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"="E:\\Logiciels Entretien\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe:*:Enabled:Kaspersky Anti-Virus"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\\LogicielsM‚dia\\BitTorrent\\bittorrent.exe"="D:\\LogicielsM‚dia\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"D:\\LogicielsM‚dia\\iTunes\\iTunes.exe"="D:\\LogicielsM‚dia\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"D:\\LogicielsM‚dia\\Skype\\Phone\\Skype.exe"="D:\\LogicielsM‚dia\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Hewlett-Packard\\Toolbox\\jre\\bin\\javaw.exe"="C:\\Program Files\\Hewlett-Packard\\Toolbox\\jre\\bin\\javaw.exe:*:Enabled:javaw"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

[b]Remaining Files [/b]:


File Backups: - C:\SDFix\backups\backups.zip

[b]Files with Hidden Attributes [/b]:

Sat 31 May 2008 0 A..H. --- "C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\tw7.tmp"
Tue 22 Jan 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Tue 2 Sep 2008 65,536 A..H. --- "C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Microsoft\Outlook\~Outlook.pst.tmp"

[b]Finished![/b]

Voici le rapport MBAM-scan rapide [est-ce un anti-spyware comme spybot]+[est-ce convivial a AV et/ou autre spyware]
Malwarebytes' Anti-Malware 1.26
Version de la base de données: 1106
Windows 5.1.2600 Service Pack 3

2008-09-02 23:15:18
mbam-log-2008-09-02 (23-15-13).txt

Type de recherche: Examen rapide
Eléments examinés: 73407
Temps écoulé: 7 minute(s), 22 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 13
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 36
Fichier(s) infecté(s): 69

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5aa2ba46-9913-4dc7-9620-69ab0fa17ae7} (Adware.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\Utilisateur\Application Data\alot (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_0 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_1 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_10 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_11 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_2 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_3 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_4 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_5 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_6 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_7 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_8 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_9 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\configurator (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\products (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_0 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_0\images (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_1 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_1\images (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_2 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_2\images (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_3 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_3\images (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_5 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_5\images (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_6 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_6\images (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared\images (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\TimerManager (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\ToolbarSearch (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Updater (Adware.BHO) -> No action taken.

Fichier(s) infecté(s):
C:\Documents and Settings\Chantal\Application Data\alot\toolbar.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_0\Button_0.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_0\Button_0.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_1\Button_1.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_1\Button_1.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_10\Button_10.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_10\Button_10.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_11\Button_11.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_11\Button_11.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_2\Button_2.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_2\Button_2.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_3\Button_3.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_3\Button_3.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_4\Button_4.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_4\Button_4.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_5\Button_5.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_5\Button_5.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_6\Button_6.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_6\Button_6.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_7\Button_7.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_7\Button_7.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_8\Button_8.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_8\Button_8.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_9\Button_9.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_9\Button_9.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\configurator\configurator.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\configurator\configurator.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\products\products.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\products\products.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_0\images\alot_icon_35x16.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_1\images\alot_search_24x16.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_2\images\default_282_alot_map_widget_default.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_3\images\default_244_alot_maps_tools.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\cloudy.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\default_283_alot_maps_weather.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\foggy.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\IMG4CB.tmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\mcloud.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\nclear.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\ncloudy.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\nfoggy.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\nmcloud.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\npcloud.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\nshower.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\pcloud.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\rain.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\shower.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\tstorm.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_5\images\default_225_alot_maps_mrkt_maps.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_6\images\default_452_alot_mrkt_180.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared\domains.dat (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared\images\alot_brand.png (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared\images\spinner.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared\images\widget_bottom.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared\images\widget_btnclose0.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared\images\widget_btnclose1.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared\images\widget_btnmin0.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared\images\widget_btnmin1.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared\images\widget_caption.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared\images\widget_error_bg.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared\images\widget_error_close.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared\images\widget_error_icon.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\TimerManager\TimerManager.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\TimerManager\TimerManager.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\ToolbarSearch\ToolbarSearch.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\ToolbarSearch\ToolbarSearch.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Updater\Updater.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Updater\Updater.xml.backup (Adware.BHO) -> No action taken.
C:\WINDOWS\system32\tdssserf.dll (Trojan.Agent) -> No action taken.

Dois-je garder SDFix - kaspersky me demande de faire quelques chose avec ces ''trajan''
Comment enlever MyWebSearch..
Merci encore
0
setric
3 sept. 2008 à 05:19
Destrio5
Voici le rapport SDFix

[b]SDFix: Version 1.220 [/b]
Run by Administrateur on 2008-09-02 at 20:22

Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


[b]Checking Files [/b]:

Trojan Files Found:

C:\WINDOWS\EAXF.EXE - Deleted
C:\WINDOWS\rodqgpvldbv.dll - Deleted
C:\WINDOWS\system32\drivers\tdssserv.sys - Deleted
C:\WINDOWS\system32\tdssadw.dll - Deleted
C:\WINDOWS\system32\tdssl.dll - Deleted
C:\WINDOWS\system32\tdsslog.dll - Deleted
C:\WINDOWS\system32\tdssmain.dll - Deleted
C:\WINDOWS\system32\tdssservers.dat - Deleted





Removing Temp Files

[b]ADS Check [/b]:



[b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-02 20:39:01
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TDSSserv]
"start"=dword:00000001
"type"=dword:00000001
"imagepath"=str(2):"\systemroot\system32\drivers\TDSSserv.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv]
"start"=dword:00000001
"type"=dword:00000001
"imagepath"=str(2):"\systemroot\system32\drivers\TDSSserv.sys"

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
"TracesProcessed"=dword:000000e8
"TracesSuccessful"=dword:00000010

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


[b]Remaining Services [/b]:




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"E:\\Logiciels Entretien\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe"="E:\\Logiciels Entretien\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe:*:Enabled:Kaspersky Anti-Virus"
"D:\\LogicielsM‚dia\\Azureus\\Azureus.exe"="D:\\LogicielsM‚dia\\Azureus\\Azureus.exe:*:Enabled:Azureus"
"D:\\LogicielsM‚dia\\Nero 8\\Nero Home\\NeroHome.exe"="D:\\LogicielsM‚dia\\Nero 8\\Nero Home\\NeroHome.exe:*:Enabled:Nero Home"
"C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\French\\setup.exe"="C:\\Documents and Settings\\All Users\\Application Data\\Kaspersky Lab Setup Files\\Kaspersky Anti-Virus 7.0.1.325\\French\\setup.exe:*:Enabled:Programme d'installation de Kaspersky Anti-Virus 7.0"
"E:\\Logiciels Entretien\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe"="E:\\Logiciels Entretien\\Kaspersky Lab\\Kaspersky Anti-Virus 7.0\\avp.exe:*:Enabled:Kaspersky Anti-Virus"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"D:\\LogicielsM‚dia\\BitTorrent\\bittorrent.exe"="D:\\LogicielsM‚dia\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent"
"D:\\LogicielsM‚dia\\iTunes\\iTunes.exe"="D:\\LogicielsM‚dia\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"D:\\LogicielsM‚dia\\Skype\\Phone\\Skype.exe"="D:\\LogicielsM‚dia\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Program Files\\Hewlett-Packard\\Toolbox\\jre\\bin\\javaw.exe"="C:\\Program Files\\Hewlett-Packard\\Toolbox\\jre\\bin\\javaw.exe:*:Enabled:javaw"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"

[b]Remaining Files [/b]:


File Backups: - C:\SDFix\backups\backups.zip

[b]Files with Hidden Attributes [/b]:

Sat 31 May 2008 0 A..H. --- "C:\Documents and Settings\All Users\Application Data\Kaspersky Lab\tw7.tmp"
Tue 22 Jan 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Tue 2 Sep 2008 65,536 A..H. --- "C:\Documents and Settings\Utilisateur\Local Settings\Application Data\Microsoft\Outlook\~Outlook.pst.tmp"

[b]Finished![/b]

Voici le rapport MBAM-scan rapide [est-ce un anti-spyware comme spybot]+[est-ce convivial a AV et/ou autre spyware]
Malwarebytes' Anti-Malware 1.26
Version de la base de données: 1106
Windows 5.1.2600 Service Pack 3

2008-09-02 23:15:18
mbam-log-2008-09-02 (23-15-13).txt

Type de recherche: Examen rapide
Eléments examinés: 73407
Temps écoulé: 7 minute(s), 22 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 13
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 36
Fichier(s) infecté(s): 69

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> No action taken.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5aa2ba46-9913-4dc7-9620-69ab0fa17ae7} (Adware.BHO) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> No action taken.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\Documents and Settings\Utilisateur\Application Data\alot (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_0 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_1 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_10 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_11 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_2 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_3 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_4 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_5 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_6 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_7 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_8 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_9 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\configurator (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\products (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_0 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_0\images (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_1 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_1\images (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_2 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_2\images (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_3 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_3\images (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_5 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_5\images (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_6 (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_6\images (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared\images (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\TimerManager (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\ToolbarSearch (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Updater (Adware.BHO) -> No action taken.

Fichier(s) infecté(s):
C:\Documents and Settings\Chantal\Application Data\alot\toolbar.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_0\Button_0.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_0\Button_0.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_1\Button_1.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_1\Button_1.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_10\Button_10.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_10\Button_10.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_11\Button_11.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_11\Button_11.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_2\Button_2.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_2\Button_2.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_3\Button_3.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_3\Button_3.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_4\Button_4.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_4\Button_4.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_5\Button_5.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_5\Button_5.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_6\Button_6.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_6\Button_6.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_7\Button_7.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_7\Button_7.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_8\Button_8.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_8\Button_8.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_9\Button_9.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Button_9\Button_9.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\configurator\configurator.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\configurator\configurator.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\products\products.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\products\products.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_0\images\alot_icon_35x16.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_1\images\alot_search_24x16.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_2\images\default_282_alot_map_widget_default.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_3\images\default_244_alot_maps_tools.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\cloudy.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\default_283_alot_maps_weather.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\foggy.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\IMG4CB.tmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\mcloud.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\nclear.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\ncloudy.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\nfoggy.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\nmcloud.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\npcloud.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\nshower.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\pcloud.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\rain.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\shower.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_4\images\tstorm.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_5\images\default_225_alot_maps_mrkt_maps.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Button_6\images\default_452_alot_mrkt_180.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared\domains.dat (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared\images\alot_brand.png (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared\images\spinner.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared\images\widget_bottom.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared\images\widget_btnclose0.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared\images\widget_btnclose1.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared\images\widget_btnmin0.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared\images\widget_btnmin1.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared\images\widget_caption.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared\images\widget_error_bg.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared\images\widget_error_close.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Resources\Shared\images\widget_error_icon.bmp (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\TimerManager\TimerManager.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\TimerManager\TimerManager.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\ToolbarSearch\ToolbarSearch.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\ToolbarSearch\ToolbarSearch.xml.backup (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Updater\Updater.xml (Adware.BHO) -> No action taken.
C:\Documents and Settings\Chantal\Application Data\alot\Updater\Updater.xml.backup (Adware.BHO) -> No action taken.
C:\WINDOWS\system32\tdssserf.dll (Trojan.Agent) -> No action taken.

Dois-je garder SDFix - kaspersky me demande de faire quelques chose avec ces ''trajan''
Comment enlever MyWebSearch..
Merci encore
0
Réponse 3 / 3
Destrio5 Messages postés 85985 Date d'inscription dimanche 11 juillet 2010 Statut Modérateur Dernière intervention 17 février 2023 10 290
3 sept. 2008 à 11:59
Tu peux supprimer SDFix.

Tu peux cliquer sur Supprimer la sélection pour MBAM.
0