Voir mon Rapport SVP
Pearly300
Messages postés
5
Date d'inscription
Statut
Membre
Dernière intervention
-
anthony5151 Messages postés 10927 Statut Contributeur sécurité -
anthony5151 Messages postés 10927 Statut Contributeur sécurité -
Atlhon DualCore 4200+
Mémoire : 3go DDR2
MSI Geforce DualCore 8600 GTS
Windows XP Pro
Service Pack SP3
Firefox3
IExplorer 8 b2
Connexion 20 méga
-----------------------------------------------------------
Bonjour à tous,
Voila hier je suis venue demander votre aide car pour rappel j'avais ces problèmes :
Écrit en Gros à coté de l'heure "VIRUS ALERT !"
2 disques dur complètement invisible disparu !
Tous les programmes du menu démarrer complément Disparu !
Après avoir fait plusieurs rapport et désinfection comme vous me l'avez indiquer avec :
SDFIX.exe
SmitfraudFix.exe
HijackThis.exe
Tout semblait etre résolut mais aujourd'hui je m'apercoie que c'est au niveau de Firefox3 que ca va pas ,
Connexion très lent , quand je souhaite me connecter à une page on voix le navigateur actualisé la page /Stopper/ actualisé / Stopper/ enfin bref les pages sont longue à arriver . Après quand j'éteins le pc normalement le pc redemarre et se bloque "se Fige" , il faut que je redémarre avec le bouton rapide sur le boitier pour que le pc n'enregistre pas les parametre lors de la sortie car le pc se bloquera au démarrage . C'est étrange .
Je viens de faire un netoyage et un rapport avec SDFIX que je mets à la suite de ce topic
-----------------------------------------------------------------------------------------------------------------------------------
SDFix: Version 1.114
Run by Christophe on 21/09/2008 at 15:49
Microsoft Windows XP [version 5.1.2600]
Running From: D:\DOCUME~1\CHRIST~1\Bureau\NOUVEA~1\SDFix
Safe Mode:
Checking Services:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting...
Normal Mode:
Checking Files:
Trojan Files Found:
D:\WINDOWS\SYSTEM32\WINDOW~1.EXE - Deleted
Removing Temp Files...
ADS Check:
D:\WINDOWS
No streams found.
D:\WINDOWS\system32
No streams found.
D:\WINDOWS\system32\svchost.exe
No streams found.
D:\WINDOWS\system32\ntoskrnl.exe
No streams found.
Final Check:
catchme 0.3.1253 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-21 15:57:52
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
IPC error: 2 Le fichier spécifié est introuvable.
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="D:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:08,2e,83,1b,33,67,56,f0,8b,4c,f8,4c,5d,c4,60,69,f7,43,c5,ff,d8,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,fe,dd,23,2f,76,69,a4,42,22,92,8f,dd,7e,24,5e,de,70,..
"khjeh"=hex:c7,58,52,75,cd,12,0a,8c,0f,14,52,eb,07,1f,93,f2,c7,2a,1d,23,48,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:77,42,fa,2d,c4,80,79,4d,88,0a,2f,0e,45,b2,a1,d4,4f,f0,f8,f5,69,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:11,4d,68,1f,05,b9,df,92,b9,37,b4,5d,83,ef,8c,5e,08,50,79,74,47,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:bb,bd,ca,6f,16,fd,12,f0,18,3e,f3,12,dd,56,26,ef,99,e7,70,93,22,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex:41,49,be,ab,ab,b1,04,aa,11,b2,a7,02,6a,30,37,cd,e0,cc,32,26,d7,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TDSSserv]
"start"=dword:00000001
"type"=dword:00000001
"imagepath"=str(2):"\systemroot\system32\drivers\TDSSserv.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TDSSserv\modules]
"TDSSserv"="\systemroot\system32\drivers\TDSSjcxe.sys"
"TDSSl"="\systemroot\system32\TDSSjjsm.dll"
"tdssmain"="\systemroot\system32\TDSSevri.dll"
"tdsslog"="\systemroot\system32\TDSShpue.dll"
"tdssadw"="\systemroot\system32\TDSSdqoi.dll"
"tdssserf"="\systemroot\system32\TDSShpbn.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="D:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:08,2e,83,1b,33,67,56,f0,8b,4c,f8,4c,5d,c4,60,69,f7,43,c5,ff,d8,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,fe,dd,23,2f,76,69,a4,42,22,92,8f,dd,7e,24,5e,de,70,..
"khjeh"=hex:c7,58,52,75,cd,12,0a,8c,0f,14,52,eb,07,1f,93,f2,c7,2a,1d,23,48,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:77,42,fa,2d,c4,80,79,4d,88,0a,2f,0e,45,b2,a1,d4,4f,f0,f8,f5,69,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:11,4d,68,1f,05,b9,df,92,b9,37,b4,5d,83,ef,8c,5e,08,50,79,74,47,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:bb,bd,ca,6f,16,fd,12,f0,18,3e,f3,12,dd,56,26,ef,99,e7,70,93,22,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex:41,49,be,ab,ab,b1,04,aa,11,b2,a7,02,6a,30,37,cd,e0,cc,32,26,d7,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv]
"start"=dword:00000001
"type"=dword:00000001
"imagepath"=str(2):"\systemroot\system32\drivers\TDSSserv.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv\modules]
"TDSSserv"="\systemroot\system32\drivers\TDSSjcxe.sys"
"TDSSl"="\systemroot\system32\TDSSjjsm.dll"
"tdssmain"="\systemroot\system32\TDSSevri.dll"
"tdsslog"="\systemroot\system32\TDSShpue.dll"
"tdssadw"="\systemroot\system32\TDSSdqoi.dll"
"tdssserf"="\systemroot\system32\TDSShpbn.dll"
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update]
"OfflineDetectionPending"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Download]
"LastSuccessTime"="2008-09-21 02:35:17"
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\\Program Files\\Messenger\\msmsgs.exe"="D:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"D:\\Program Files\\TVUPlayer\\TVUPlayer.exe"="D:\\Program Files\\TVUPlayer\\TVUPlayer.exe:*:Enabled:TVUPlayer Component"
"D:\\Program Files\\SopCast\\adv\\SopAdver.exe"="D:\\Program Files\\SopCast\\adv\\SopAdver.exe:*:Enabled:SopCast Adver"
"D:\\Program Files\\SopCast\\SopCast.exe"="D:\\Program Files\\SopCast\\SopCast.exe:*:Enabled:SopCast Main Application"
"X:\\Program Files\\TrackMania Sunrise\\TmSunrise.exe"="X:\\Program Files\\TrackMania Sunrise\\TmSunrise.exe:*:Enabled:TmSunrise.exe"
"D:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="D:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"D:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="D:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"D:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="D:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="D:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"X:\\Program Files\\Eidos\\Hitman Blood Money\\HitmanBloodMoney.exe"="X:\\Program Files\\Eidos\\Hitman Blood Money\\HitmanBloodMoney.exe:*:Enabled:HitmanBloodMoney.exe"
"D:\\Program Files\\uTorrent\\uTorrent.exe"="D:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"
"G:\\Program Files (x86)\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"="G:\\Program Files (x86)\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe:*:Enabled:iw3mp"
"G:\\Program Files (x86)\\Activision\\Call of Duty 4 - Modern Warfare1.6\\iw3mp.exe"="G:\\Program Files (x86)\\Activision\\Call of Duty 4 - Modern Warfare1.6\\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"D:\\WINDOWS\\system32\\PnkBstrA.exe"="D:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"D:\\WINDOWS\\system32\\PnkBstrB.exe"="D:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"G:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"="G:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM)"
"G:\\Program Files (x86)\\Activision\\Call of Duty 4 - Modern Warfare1.4\\iw3mp.exe"="G:\\Program Files (x86)\\Activision\\Call of Duty 4 - Modern Warfare1.4\\iw3mp.exe:*:Enabled:iw3mp"
"D:\\Program Files\\Internet Explorer\\iexplore.exe"="D:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"G:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Game.exe"="G:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Game.exe:*:Enabled:Tom Clancy's Rainbow Six Vegas 2"
"G:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Launcher.exe"="G:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Launcher.exe:*:Enabled:Tom Clancy's Rainbow Six Vegas 2 Update"
"G:\\Program Files\\Codemasters\\GRID\\GRID.exe"="G:\\Program Files\\Codemasters\\GRID\\GRID.exe:*:Enabled:GRID"
"D:\\Program Files\\Autodesk\\backburner\\monitor.exe"="D:\\Program Files\\Autodesk\\backburner\\monitor.exe:*:Enabled:backburner 2.3 monitor"
"D:\\Program Files\\Autodesk\\backburner\\manager.exe"="D:\\Program Files\\Autodesk\\backburner\\manager.exe:*:Enabled:backburner 2.3 manager"
"D:\\Program Files\\Autodesk\\backburner\\server.exe"="D:\\Program Files\\Autodesk\\backburner\\server.exe:*:Enabled:backburner 2.3 server"
"D:\\Program Files\\Autodesk\\3ds Max 2008\\3dsmax.exe"="D:\\Program Files\\Autodesk\\3ds Max 2008\\3dsmax.exe:*:Enabled:Autodesk 3ds Max 2008 32-bit"
"D:\\Program Files\\Bonjour\\mDNSResponder.exe"="D:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Softimage\\XSI_7.0\\Application\\bin\\XSI.exe"="C:\\Softimage\\XSI_7.0\\Application\\bin\\XSI.exe:*:Enabled:XSI"
"C:\\Program Files\\Autodesk\\3ds Max 2009\\3dsmax.exe"="C:\\Program Files\\Autodesk\\3ds Max 2009\\3dsmax.exe:*:Enabled:Autodesk 3ds Max 2009 32-bit"
"C:\\Softimage\\XSI_7.0\\Application\\bin\\XSIBATCH.exe"="C:\\Softimage\\XSI_7.0\\Application\\bin\\XSIBATCH.exe:*:Enabled:XSIBATCH"
"D:\\Softimage\\XSI_7.0\\Application\\bin\\XSI.exe"="D:\\Softimage\\XSI_7.0\\Application\\bin\\XSI.exe:*:Enabled:XSI"
"C:\\Program Files\\FlashGet\\flashget.exe"="C:\\Program Files\\FlashGet\\flashget.exe:*:Enabled:Flashget"
"D:\\Program Files\\Crazybump Beta Test\\CrazyBump.exe"="D:\\Program Files\\Crazybump Beta Test\\CrazyBump.exe:*:Enabled:CrazyBump"
"C:\\Program Files\\alienbrain\\Apache\\bin\\Apache.exe"="C:\\Program Files\\alienbrain\\Apache\\bin\\Apache.exe:*:Enabled:Apache HTTP Server"
"C:\\Program Files\\alienbrain\\Server\\NxNServer.exe"="C:\\Program Files\\alienbrain\\Server\\NxNServer.exe:*:Enabled:NXN alienbrain"
"G:\\Softimage\\XSI_7.0\\Application\\bin\\XSI.exe"="G:\\Softimage\\XSI_7.0\\Application\\bin\\XSI.exe:*:Enabled:XSI"
"D:\\Softimage\\XSI_6.0\\Application\\bin\\XSI.exe"="D:\\Softimage\\XSI_6.0\\Application\\bin\\XSI.exe:*:Enabled:XSI"
"C:\\Program Files\\Next Limit\\RealFlow4\\realflow.exe"="C:\\Program Files\\Next Limit\\RealFlow4\\realflow.exe:*:Enabled:realflow"
"G:\\Program Files\\Next Limit\\RealFlow4\\realflow.exe"="G:\\Program Files\\Next Limit\\RealFlow4\\realflow.exe:*:Enabled:realflow"
"D:\\Program Files\\WoozTalk\\WoozTalk.exe"="D:\\Program Files\\WoozTalk\\WoozTalk.exe:*:Enabled:WoozTalk Instant Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="D:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
Remaining Files:
---------------
File Backups: - D:\DOCUME~1\CHRIST~1\Bureau\NOUVEA~1\SDFix\backups\backups.zip
Files with Hidden Attributes:
Sun 31 Aug 2008 14,121 A..H. --- "D:\spm\spm-kf.bak"
Sun 13 Apr 2008 1,695,232 ..SH. --- "D:\Program Files\Messenger\msmsgs.exe"
Wed 2 Jul 2008 8 ..SHR --- "D:\WINDOWS\system32\819E9074B8.sys"
Mon 7 Jul 2008 952 A.SH. --- "D:\WINDOWS\system32\KGyGaAvL.sys"
Thu 24 Jul 2008 0 A.SH. --- "D:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Finished!
Si quelqu'un peut me dire si je suis toujours infecter
Mémoire : 3go DDR2
MSI Geforce DualCore 8600 GTS
Windows XP Pro
Service Pack SP3
Firefox3
IExplorer 8 b2
Connexion 20 méga
-----------------------------------------------------------
Bonjour à tous,
Voila hier je suis venue demander votre aide car pour rappel j'avais ces problèmes :
Écrit en Gros à coté de l'heure "VIRUS ALERT !"
2 disques dur complètement invisible disparu !
Tous les programmes du menu démarrer complément Disparu !
Après avoir fait plusieurs rapport et désinfection comme vous me l'avez indiquer avec :
SDFIX.exe
SmitfraudFix.exe
HijackThis.exe
Tout semblait etre résolut mais aujourd'hui je m'apercoie que c'est au niveau de Firefox3 que ca va pas ,
Connexion très lent , quand je souhaite me connecter à une page on voix le navigateur actualisé la page /Stopper/ actualisé / Stopper/ enfin bref les pages sont longue à arriver . Après quand j'éteins le pc normalement le pc redemarre et se bloque "se Fige" , il faut que je redémarre avec le bouton rapide sur le boitier pour que le pc n'enregistre pas les parametre lors de la sortie car le pc se bloquera au démarrage . C'est étrange .
Je viens de faire un netoyage et un rapport avec SDFIX que je mets à la suite de ce topic
-----------------------------------------------------------------------------------------------------------------------------------
SDFix: Version 1.114
Run by Christophe on 21/09/2008 at 15:49
Microsoft Windows XP [version 5.1.2600]
Running From: D:\DOCUME~1\CHRIST~1\Bureau\NOUVEA~1\SDFix
Safe Mode:
Checking Services:
Restoring Windows Registry Values
Restoring Windows Default Hosts File
Rebooting...
Normal Mode:
Checking Files:
Trojan Files Found:
D:\WINDOWS\SYSTEM32\WINDOW~1.EXE - Deleted
Removing Temp Files...
ADS Check:
D:\WINDOWS
No streams found.
D:\WINDOWS\system32
No streams found.
D:\WINDOWS\system32\svchost.exe
No streams found.
D:\WINDOWS\system32\ntoskrnl.exe
No streams found.
Final Check:
catchme 0.3.1253 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-21 15:57:52
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
IPC error: 2 Le fichier spécifié est introuvable.
scanning hidden services & system hive ...
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
"s1"=dword:2df9c43f
"s2"=dword:110480d0
"h0"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="D:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:08,2e,83,1b,33,67,56,f0,8b,4c,f8,4c,5d,c4,60,69,f7,43,c5,ff,d8,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,fe,dd,23,2f,76,69,a4,42,22,92,8f,dd,7e,24,5e,de,70,..
"khjeh"=hex:c7,58,52,75,cd,12,0a,8c,0f,14,52,eb,07,1f,93,f2,c7,2a,1d,23,48,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:77,42,fa,2d,c4,80,79,4d,88,0a,2f,0e,45,b2,a1,d4,4f,f0,f8,f5,69,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:11,4d,68,1f,05,b9,df,92,b9,37,b4,5d,83,ef,8c,5e,08,50,79,74,47,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:bb,bd,ca,6f,16,fd,12,f0,18,3e,f3,12,dd,56,26,ef,99,e7,70,93,22,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex:41,49,be,ab,ab,b1,04,aa,11,b2,a7,02,6a,30,37,cd,e0,cc,32,26,d7,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TDSSserv]
"start"=dword:00000001
"type"=dword:00000001
"imagepath"=str(2):"\systemroot\system32\drivers\TDSSserv.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TDSSserv\modules]
"TDSSserv"="\systemroot\system32\drivers\TDSSjcxe.sys"
"TDSSl"="\systemroot\system32\TDSSjjsm.dll"
"tdssmain"="\systemroot\system32\TDSSevri.dll"
"tdsslog"="\systemroot\system32\TDSShpue.dll"
"tdssadw"="\systemroot\system32\TDSSdqoi.dll"
"tdssserf"="\systemroot\system32\TDSShpbn.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="D:\Program Files\DAEMON Tools Lite\"
"h0"=dword:00000000
"khjeh"=hex:08,2e,83,1b,33,67,56,f0,8b,4c,f8,4c,5d,c4,60,69,f7,43,c5,ff,d8,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,fe,dd,23,2f,76,69,a4,42,22,92,8f,dd,7e,24,5e,de,70,..
"khjeh"=hex:c7,58,52,75,cd,12,0a,8c,0f,14,52,eb,07,1f,93,f2,c7,2a,1d,23,48,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:77,42,fa,2d,c4,80,79,4d,88,0a,2f,0e,45,b2,a1,d4,4f,f0,f8,f5,69,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
"khjeh"=hex:11,4d,68,1f,05,b9,df,92,b9,37,b4,5d,83,ef,8c,5e,08,50,79,74,47,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
"khjeh"=hex:bb,bd,ca,6f,16,fd,12,f0,18,3e,f3,12,dd,56,26,ef,99,e7,70,93,22,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
"khjeh"=hex:41,49,be,ab,ab,b1,04,aa,11,b2,a7,02,6a,30,37,cd,e0,cc,32,26,d7,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv]
"start"=dword:00000001
"type"=dword:00000001
"imagepath"=str(2):"\systemroot\system32\drivers\TDSSserv.sys"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\TDSSserv\modules]
"TDSSserv"="\systemroot\system32\drivers\TDSSjcxe.sys"
"TDSSl"="\systemroot\system32\TDSSjjsm.dll"
"tdssmain"="\systemroot\system32\TDSSevri.dll"
"tdsslog"="\systemroot\system32\TDSShpue.dll"
"tdssadw"="\systemroot\system32\TDSSdqoi.dll"
"tdssserf"="\systemroot\system32\TDSShpbn.dll"
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update]
"OfflineDetectionPending"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Download]
"LastSuccessTime"="2008-09-21 02:35:17"
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
Remaining Services:
------------------
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\\Program Files\\Messenger\\msmsgs.exe"="D:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"D:\\Program Files\\TVUPlayer\\TVUPlayer.exe"="D:\\Program Files\\TVUPlayer\\TVUPlayer.exe:*:Enabled:TVUPlayer Component"
"D:\\Program Files\\SopCast\\adv\\SopAdver.exe"="D:\\Program Files\\SopCast\\adv\\SopAdver.exe:*:Enabled:SopCast Adver"
"D:\\Program Files\\SopCast\\SopCast.exe"="D:\\Program Files\\SopCast\\SopCast.exe:*:Enabled:SopCast Main Application"
"X:\\Program Files\\TrackMania Sunrise\\TmSunrise.exe"="X:\\Program Files\\TrackMania Sunrise\\TmSunrise.exe:*:Enabled:TmSunrise.exe"
"D:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="D:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"D:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"="D:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"D:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"="D:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="D:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"X:\\Program Files\\Eidos\\Hitman Blood Money\\HitmanBloodMoney.exe"="X:\\Program Files\\Eidos\\Hitman Blood Money\\HitmanBloodMoney.exe:*:Enabled:HitmanBloodMoney.exe"
"D:\\Program Files\\uTorrent\\uTorrent.exe"="D:\\Program Files\\uTorrent\\uTorrent.exe:*:Enabled:æTorrent"
"G:\\Program Files (x86)\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"="G:\\Program Files (x86)\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe:*:Enabled:iw3mp"
"G:\\Program Files (x86)\\Activision\\Call of Duty 4 - Modern Warfare1.6\\iw3mp.exe"="G:\\Program Files (x86)\\Activision\\Call of Duty 4 - Modern Warfare1.6\\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM) "
"D:\\WINDOWS\\system32\\PnkBstrA.exe"="D:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA"
"D:\\WINDOWS\\system32\\PnkBstrB.exe"="D:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB"
"G:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe"="G:\\Program Files\\Activision\\Call of Duty 4 - Modern Warfare\\iw3mp.exe:*:Enabled:Call of Duty(R) 4 - Modern Warfare(TM)"
"G:\\Program Files (x86)\\Activision\\Call of Duty 4 - Modern Warfare1.4\\iw3mp.exe"="G:\\Program Files (x86)\\Activision\\Call of Duty 4 - Modern Warfare1.4\\iw3mp.exe:*:Enabled:iw3mp"
"D:\\Program Files\\Internet Explorer\\iexplore.exe"="D:\\Program Files\\Internet Explorer\\iexplore.exe:*:Enabled:Internet Explorer"
"G:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Game.exe"="G:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Game.exe:*:Enabled:Tom Clancy's Rainbow Six Vegas 2"
"G:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Launcher.exe"="G:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Launcher.exe:*:Enabled:Tom Clancy's Rainbow Six Vegas 2 Update"
"G:\\Program Files\\Codemasters\\GRID\\GRID.exe"="G:\\Program Files\\Codemasters\\GRID\\GRID.exe:*:Enabled:GRID"
"D:\\Program Files\\Autodesk\\backburner\\monitor.exe"="D:\\Program Files\\Autodesk\\backburner\\monitor.exe:*:Enabled:backburner 2.3 monitor"
"D:\\Program Files\\Autodesk\\backburner\\manager.exe"="D:\\Program Files\\Autodesk\\backburner\\manager.exe:*:Enabled:backburner 2.3 manager"
"D:\\Program Files\\Autodesk\\backburner\\server.exe"="D:\\Program Files\\Autodesk\\backburner\\server.exe:*:Enabled:backburner 2.3 server"
"D:\\Program Files\\Autodesk\\3ds Max 2008\\3dsmax.exe"="D:\\Program Files\\Autodesk\\3ds Max 2008\\3dsmax.exe:*:Enabled:Autodesk 3ds Max 2008 32-bit"
"D:\\Program Files\\Bonjour\\mDNSResponder.exe"="D:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\\Softimage\\XSI_7.0\\Application\\bin\\XSI.exe"="C:\\Softimage\\XSI_7.0\\Application\\bin\\XSI.exe:*:Enabled:XSI"
"C:\\Program Files\\Autodesk\\3ds Max 2009\\3dsmax.exe"="C:\\Program Files\\Autodesk\\3ds Max 2009\\3dsmax.exe:*:Enabled:Autodesk 3ds Max 2009 32-bit"
"C:\\Softimage\\XSI_7.0\\Application\\bin\\XSIBATCH.exe"="C:\\Softimage\\XSI_7.0\\Application\\bin\\XSIBATCH.exe:*:Enabled:XSIBATCH"
"D:\\Softimage\\XSI_7.0\\Application\\bin\\XSI.exe"="D:\\Softimage\\XSI_7.0\\Application\\bin\\XSI.exe:*:Enabled:XSI"
"C:\\Program Files\\FlashGet\\flashget.exe"="C:\\Program Files\\FlashGet\\flashget.exe:*:Enabled:Flashget"
"D:\\Program Files\\Crazybump Beta Test\\CrazyBump.exe"="D:\\Program Files\\Crazybump Beta Test\\CrazyBump.exe:*:Enabled:CrazyBump"
"C:\\Program Files\\alienbrain\\Apache\\bin\\Apache.exe"="C:\\Program Files\\alienbrain\\Apache\\bin\\Apache.exe:*:Enabled:Apache HTTP Server"
"C:\\Program Files\\alienbrain\\Server\\NxNServer.exe"="C:\\Program Files\\alienbrain\\Server\\NxNServer.exe:*:Enabled:NXN alienbrain"
"G:\\Softimage\\XSI_7.0\\Application\\bin\\XSI.exe"="G:\\Softimage\\XSI_7.0\\Application\\bin\\XSI.exe:*:Enabled:XSI"
"D:\\Softimage\\XSI_6.0\\Application\\bin\\XSI.exe"="D:\\Softimage\\XSI_6.0\\Application\\bin\\XSI.exe:*:Enabled:XSI"
"C:\\Program Files\\Next Limit\\RealFlow4\\realflow.exe"="C:\\Program Files\\Next Limit\\RealFlow4\\realflow.exe:*:Enabled:realflow"
"G:\\Program Files\\Next Limit\\RealFlow4\\realflow.exe"="G:\\Program Files\\Next Limit\\RealFlow4\\realflow.exe:*:Enabled:realflow"
"D:\\Program Files\\WoozTalk\\WoozTalk.exe"="D:\\Program Files\\WoozTalk\\WoozTalk.exe:*:Enabled:WoozTalk Instant Messenger"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="D:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"D:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="D:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
Remaining Files:
---------------
File Backups: - D:\DOCUME~1\CHRIST~1\Bureau\NOUVEA~1\SDFix\backups\backups.zip
Files with Hidden Attributes:
Sun 31 Aug 2008 14,121 A..H. --- "D:\spm\spm-kf.bak"
Sun 13 Apr 2008 1,695,232 ..SH. --- "D:\Program Files\Messenger\msmsgs.exe"
Wed 2 Jul 2008 8 ..SHR --- "D:\WINDOWS\system32\819E9074B8.sys"
Mon 7 Jul 2008 952 A.SH. --- "D:\WINDOWS\system32\KGyGaAvL.sys"
Thu 24 Jul 2008 0 A.SH. --- "D:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Finished!
Si quelqu'un peut me dire si je suis toujours infecter
A voir également:
- Voir mon Rapport SVP
- Voir qui regarde mon profil facebook - Guide
- Google maps voir ma maison - Guide
- Voir qui regarde mon profil instagram - Guide
- Voir message supprimé whatsapp - Guide
- Voir mot de passe wifi android - Guide
6 réponses
Bonjour,
Qui t'a indiqué d'utiliser SDFIX, SmitfraudFix et HijackThis ? Si tu as déja ouvert un sujet, merci d'y rester.
Sinon, poste un rapport hijackthis : pour cela, lance le et clique sur "Do a system scan and save a logfile".
Fais un copier-coller du rapport entier sur le forum
Qui t'a indiqué d'utiliser SDFIX, SmitfraudFix et HijackThis ? Si tu as déja ouvert un sujet, merci d'y rester.
Sinon, poste un rapport hijackthis : pour cela, lance le et clique sur "Do a system scan and save a logfile".
Fais un copier-coller du rapport entier sur le forum
C'était un sujet d'hier et en plus je suis devenue membre maintenant c'est pour cela que j'ai préférer faire un nouveau poste.
Voici le rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:55:34, on 21/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 SP3 (8.00.6001.17184)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
c:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
c:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\DCPFLICS\dcpflics.exe
D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
D:\WINDOWS\system32\sesinetd.exe
D:\WINDOWS\system32\hserver.exe
D:\PROGRA~1\cebas\ip-clamp\ipclamp.exe
D:\WINDOWS\system32\cmd.exe
D:\Program Files\Autodesk\mrstand3.6.51-max2009\bin\rayserver.exe
c:\Program Files\CDBurnerXP\NMSAccessU.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\WINDOWS\system32\PnkBstrB.exe
D:\WINDOWS\system32\PSIService.exe
D:\spm\spmdib.exe
c:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
c:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\WINDOWS\system32\atwtusb.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
D:\WINDOWS\system32\TBLMOUSE.EXE
D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
D:\Program Files\MSI\DualCoreCenter\DualCoreCenter.exe
D:\Program Files\Windows Live\Messenger\usnsvc.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEOnWoozTalk - {71E46090-7CBF-426C-BF08-EB18E9CAE6F7} - D:\Program Files\WoozTalk\extensions\IE\IEOnWoozTalk.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - D:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll
O2 - BHO: CoolIrisIEHelperObject.CoolIrisIEBHO - {AD0BAB4B-212D-45D7-9E5B-CB1579132715} - D:\Program Files\CoolIris\CoolIrisIEHelperObject.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - c:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - D:\Program Files\PicLensIE\cooliris.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - D:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - D:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [avast!] c:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WinSys2] D:\WINDOWS\system32\winsys2.exe
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [uTorrent] "D:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [AppMgr] D:\Program Files\ALPServer2\ALPSManager.exe
O4 - HKCU\..\Run: [WoozTalk] D:\Program Files\WoozTalk\wooztalk.exe
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: DualCoreCenter.lnk = D:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://D:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - D:\Program Files\PicLensIE\cooliris.dll
O9 - Extra button: CoolIris Preferences - {449DB14A-F988-4fd8-9361-F212D7B6414B} - D:\Program Files\CoolIris\CoolIrisPreferences.exe
O9 - Extra 'Tools' menuitem: CoolIris Preferences - {449DB14A-F988-4fd8-9361-F212D7B6414B} - D:\Program Files\CoolIris\CoolIrisPreferences.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - c:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - D:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - c:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - c:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - c:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DCPFLICS service (DCPFLICS) - Unknown owner - D:\Program Files\DCPFLICS\dcpflics.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HoudiniLicenseServer - Side Effects Software Inc. - D:\WINDOWS\system32\sesinetd.exe
O23 - Service: HoudiniServer - Side Effects Software Inc. - D:\WINDOWS\system32\hserver.exe
O23 - Service: IPCLAMP by cebas Computer GmbH (IPClampService) - Unknown owner - D:\PROGRA~1\cebas\ip-clamp\ipclamp.exe
O23 - Service: mental ray Standalone 3.6.51 for Max 2009(32 bit) (maxmr3651) - Unknown owner - D:\Program.exe (file missing)
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2008 32-bit 32-bit (mi-raysat_3dsMax2008_32) - Unknown owner - D:\Program Files\Autodesk\3ds Max 2008\mentalray\satellite\raysat_3dsMax2008_32server.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: NMSAccessU - Unknown owner - c:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - D:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ProtexisLicensing - Unknown owner - D:\WINDOWS\system32\PSIService.exe
O23 - Service: SPM License Server (spmd) - mental images GmbH - D:\spm\spmdib.exe
Voici le rapport :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:55:34, on 21/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 SP3 (8.00.6001.17184)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
c:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
c:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
D:\Program Files\Bonjour\mDNSResponder.exe
D:\Program Files\DCPFLICS\dcpflics.exe
D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
D:\WINDOWS\system32\sesinetd.exe
D:\WINDOWS\system32\hserver.exe
D:\PROGRA~1\cebas\ip-clamp\ipclamp.exe
D:\WINDOWS\system32\cmd.exe
D:\Program Files\Autodesk\mrstand3.6.51-max2009\bin\rayserver.exe
c:\Program Files\CDBurnerXP\NMSAccessU.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\PnkBstrA.exe
D:\WINDOWS\system32\PnkBstrB.exe
D:\WINDOWS\system32\PSIService.exe
D:\spm\spmdib.exe
c:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
c:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\RTHDCPL.EXE
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
D:\WINDOWS\system32\atwtusb.exe
D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
D:\WINDOWS\system32\TBLMOUSE.EXE
D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
D:\Program Files\MSI\DualCoreCenter\DualCoreCenter.exe
D:\Program Files\Windows Live\Messenger\usnsvc.exe
D:\WINDOWS\system32\wuauclt.exe
D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: IEOnWoozTalk - {71E46090-7CBF-426C-BF08-EB18E9CAE6F7} - D:\Program Files\WoozTalk\extensions\IE\IEOnWoozTalk.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - D:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - D:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll
O2 - BHO: CoolIrisIEHelperObject.CoolIrisIEBHO - {AD0BAB4B-212D-45D7-9E5B-CB1579132715} - D:\Program Files\CoolIris\CoolIrisIEHelperObject.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - D:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - c:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Cooliris Plug-In for Internet Explorer - {EAEE5C74-6D0D-4aca-9232-0DA4A7B866BA} - D:\Program Files\PicLensIE\cooliris.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - D:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - D:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [avast!] c:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WinSys2] D:\WINDOWS\system32\winsys2.exe
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [atwtusb] atwtusb.exe beta
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [uTorrent] "D:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [swg] D:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [AppMgr] D:\Program Files\ALPServer2\ALPSManager.exe
O4 - HKCU\..\Run: [WoozTalk] D:\Program Files\WoozTalk\wooztalk.exe
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = D:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: DualCoreCenter.lnk = D:\Program Files\MSI\DualCoreCenter\StartUpDualCoreCenter.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://D:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Liens de téléchargement avec Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Launch Cooliris - {3437D640-C91A-458f-89F5-B9095EA4C28B} - D:\Program Files\PicLensIE\cooliris.dll
O9 - Extra button: CoolIris Preferences - {449DB14A-F988-4fd8-9361-F212D7B6414B} - D:\Program Files\CoolIris\CoolIrisPreferences.exe
O9 - Extra 'Tools' menuitem: CoolIris Preferences - {449DB14A-F988-4fd8-9361-F212D7B6414B} - D:\Program Files\CoolIris\CoolIrisPreferences.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - http://liveupdate.msi.com.tw/autobios/LOnline/install.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - c:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - D:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - c:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - c:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - c:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DCPFLICS service (DCPFLICS) - Unknown owner - D:\Program Files\DCPFLICS\dcpflics.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - D:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - D:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HoudiniLicenseServer - Side Effects Software Inc. - D:\WINDOWS\system32\sesinetd.exe
O23 - Service: HoudiniServer - Side Effects Software Inc. - D:\WINDOWS\system32\hserver.exe
O23 - Service: IPCLAMP by cebas Computer GmbH (IPClampService) - Unknown owner - D:\PROGRA~1\cebas\ip-clamp\ipclamp.exe
O23 - Service: mental ray Standalone 3.6.51 for Max 2009(32 bit) (maxmr3651) - Unknown owner - D:\Program.exe (file missing)
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2008 32-bit 32-bit (mi-raysat_3dsMax2008_32) - Unknown owner - D:\Program Files\Autodesk\3ds Max 2008\mentalray\satellite\raysat_3dsMax2008_32server.exe
O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2009 32-bit 32-bit (mi-raysat_3dsMax2009_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_32server.exe
O23 - Service: NMSAccessU - Unknown owner - c:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - D:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ProtexisLicensing - Unknown owner - D:\WINDOWS\system32\PSIService.exe
O23 - Service: SPM License Server (spmd) - mental images GmbH - D:\spm\spmdib.exe
Il y a encore plusieurs infections sur ton ordinateur.
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2
* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Merci beaucoup Antony de t'occupai de mon problème.
Connais-tu un antispyware qui fonctionne en live (tout le temps) qui surveille mes promenades sur la toile ?
Pas un programme qui faut lancer de temps en temps
-----------\\ ToolBar S&D 1.2.0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ )
BIOS : Default System BIOS
USER : Christophe ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080920-0] 4.8.1229 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 114 Go Free : 3 Go
D:\ (Local Disk) - NTFS - Total : 27 Go Free : 8 Go
F:\ (CD or DVD)
G:\ (Local Disk) - NTFS - Total : 298 Go Free : 5 Go
"D:\ToolBar SD" ( MAJ : 14-09-2008|23:30 )
Option : [1] ( 21/09/2008|18:08 )
-----------\\ Recherche de Fichiers / Dossiers ...
D:\Program Files\DAEMON Tools Toolbar
D:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
D:\Program Files\DAEMON Tools Toolbar\Resources
D:\Program Files\DAEMON Tools Toolbar\uninst.exe
D:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
D:\DOCUME~1\CHRIST~1\Favoris\Torrent Search - ScrapeTorrent.com.url
-----------\\ Extensions
(Christophe) - {097d3191-e6fa-4728-9826-b533d755359d} => aios
(Christophe) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(Christophe) - {64161300-e22b-11db-8314-0800200c9a66} => speeddial
(Christophe) - {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} => imacros
(Christophe) - {dd6bfa32-1198-4217-a0e9-1acab501a6e9} => nachofoto
(Christophe) - {e1170235-2845-420c-acc3-42261a29dd46} => clipmarks
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="D:\\windows\\system32\\blank.htm"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
"Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.google.com/toolbar/ie8/sidebar.html"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="D:\\windows\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"
--------------------\\ Recherche d'autres infections
--------------------\\ ROOTKIT !!
Rootkit Tibs ! .. [HKLM\..\CurrentControlSet\Enum\Root\LEGACY_TDSSSERV]
Rootkit Tibs ! .. [HKLM\..\CurrentControlSet\Services\tdssserv]
Rootkit Tibs ! .. [HKLM\..\CurrentControlSet\Enum\Root\tdssserv]
Rootkit Tibs ! .. [HKLM\..\ControlSet001\Enum\Root\LEGACY_TDSSSERV]
Rootkit Tibs ! .. [HKLM\..\ControlSet001\Services\tdssserv]
Rootkit Tibs ! .. [HKLM\..\ControlSet001\Enum\Root\tdssserv]
Rootkit Tibs ! .. [HKLM\..\ControlSet002\Enum\Root\LEGACY_TDSSSERV]
Rootkit Tibs ! .. [HKLM\..\ControlSet002\Services\tdssserv]
Rootkit Tibs ! .. [HKLM\..\ControlSet002\Enum\Root\tdssserv]
Trojan ! .. D:\WINDOWS\system32\tdssservers.dat
Trojan ! .. D:\WINDOWS\system32\tdssinit.dll
Trojan ! .. D:\WINDOWS\system32\tdssl.dll
--------------------\\ Cracks & Keygens ..
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\Adobe DreamWeaver CS3 9.0 Keygen + activation.exe.torrent
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\Adobe Dreamweaver CS3 incl KeyGen.torrent
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\Adobe.After.Effects.CS3.FRENCH.with.crack.Good.1.torrent
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\Adobe.After.Effects.CS3.FRENCH.with.crack.Good.torrent
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\Avast AntiVirus PRO Edition v4.8.1 + Keygen works good.torrent
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\CEBAS_FINAL_FLARES_V1.5_FOR_3DSMAX_2009_32bits_&_64bits_crack.torrent
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\CEBAS_Pyrocluster_V3.5_FOR_3DSMAX_2009_32b_&_64b_crack.torrent
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\Corel© PainterT Essentials 4+Keygen-HeartBug.torrent
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\DreamWeaver CS3 Working Keygen + Activation (NEW).exe.torrent
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\RAYFIRE_v1.32_+v1.33+HELP+CRACK_FOR_3DSMAX9_&_3DSMAX2008_32b&64b.torrent
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\RAYFIRE_v1.34+HELP+CRACK_FOR_3DSMAX9_&_3DSMAX2008_32b.torrent
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\SOFTIMAGE XSI 7 LICENCE SERVER SPM KEYGEN + SPM WIN32 - WIN64-XFORCE.torrent
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\SOFTIMAGE_XSI_ADVANCED_V7.0_WITH_REAL_SPM_KEYGEN_SPM_ONLY_WINDOWS-XFORCE.torrent
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\xsi7linuxCrack.torrent
D:\DOCUME~1\CHRIST~1\Bureau\BAZARD !!!\Nouveau dossier\onyx_sb\Crack
D:\DOCUME~1\CHRIST~1\Bureau\BAZARD !!!\Nouveau dossier\onyx_sb\Crack\bamboo_60_kg.exe
D:\DOCUME~1\CHRIST~1\Bureau\BAZARD !!!\Nouveau dossier\onyx_sb\Crack\broadleaf_60_kg.exe
D:\DOCUME~1\CHRIST~1\Bureau\BAZARD !!!\Nouveau dossier\onyx_sb\Crack\conifer_60_kg.exe
D:\DOCUME~1\CHRIST~1\Bureau\BAZARD !!!\Nouveau dossier\onyx_sb\Crack\flower10_kg.exe
D:\DOCUME~1\CHRIST~1\Bureau\BAZARD !!!\Nouveau dossier\onyx_sb\Crack\install.txt
D:\DOCUME~1\CHRIST~1\Bureau\BAZARD !!!\Nouveau dossier\onyx_sb\Crack\palm.6.0_kg.exe
D:\DOCUME~1\CHRIST~1\Bureau\BAZARD !!!\Nouveau dossier\onyx_sb\Crack\treestorm_max_kg.exe
D:\DOCUME~1\CHRIST~1\Bureau\BAZARD !!!\Nouveau dossier\onyx_sb\Crack\tree_classic5.zip
D:\DOCUME~1\CHRIST~1\Favoris\CRACK KEYGEN
D:\DOCUME~1\CHRIST~1\Favoris\CRACK KEYGEN\CRACK.MS - Download polygon cruncher CRACK or SERIAL for FREE.url
D:\DOCUME~1\CHRIST~1\Favoris\CRACK KEYGEN\SERIAL.WS.url
D:\DOCUME~1\CHRIST~1\Recent\(Keygen) Macromedia Dreamweaver Mx, Flash Mx, Fireworks Mx Keygenerators.zip.lnk
D:\DOCUME~1\CHRIST~1\Recent\Adobe.Any.CS3.Keygen.rar.lnk
D:\DOCUME~1\CHRIST~1\Recent\Windows Xp Pro Sp2 - Activation Crack.zip.lnk
D:\DOCUME~1\ALLUSE~1\Documents\cebas\finalRender Shared\finalRender Scenes\user files\richard_de_souza\RDS-paint-crack-01_d.jpg
D:\DOCUME~1\ALLUSE~1\Documents\cebas\finalRender Shared\finalRender Scenes\user files\richard_de_souza\RDS-paint-crack-02_d.jpg
D:\DOCUME~1\ALLUSE~1\Documents\cebas\finalRender Shared\finalRender Scenes\user files\richard_de_souza\RDS-wall-crack-01_b.jpg
1 - "D:\ToolBar SD\TB_1.txt" - 21/09/2008|18:09 - Option : [1]
-----------\\ Fin du rapport a 18:09:12,43
Connais-tu un antispyware qui fonctionne en live (tout le temps) qui surveille mes promenades sur la toile ?
Pas un programme qui faut lancer de temps en temps
-----------\\ ToolBar S&D 1.2.0 XP/Vista
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 4200+ )
BIOS : Default System BIOS
USER : Christophe ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 080920-0] 4.8.1229 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total : 114 Go Free : 3 Go
D:\ (Local Disk) - NTFS - Total : 27 Go Free : 8 Go
F:\ (CD or DVD)
G:\ (Local Disk) - NTFS - Total : 298 Go Free : 5 Go
"D:\ToolBar SD" ( MAJ : 14-09-2008|23:30 )
Option : [1] ( 21/09/2008|18:08 )
-----------\\ Recherche de Fichiers / Dossiers ...
D:\Program Files\DAEMON Tools Toolbar
D:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
D:\Program Files\DAEMON Tools Toolbar\Resources
D:\Program Files\DAEMON Tools Toolbar\uninst.exe
D:\Program Files\DAEMON Tools Toolbar\_DTLite.xml
D:\DOCUME~1\CHRIST~1\Favoris\Torrent Search - ScrapeTorrent.com.url
-----------\\ Extensions
(Christophe) - {097d3191-e6fa-4728-9826-b533d755359d} => aios
(Christophe) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(Christophe) - {64161300-e22b-11db-8314-0800200c9a66} => speeddial
(Christophe) - {81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} => imacros
(Christophe) - {dd6bfa32-1198-4217-a0e9-1acab501a6e9} => nachofoto
(Christophe) - {e1170235-2845-420c-acc3-42261a29dd46} => clipmarks
-----------\\ [..\Internet Explorer\Main]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="D:\\windows\\system32\\blank.htm"
"Search Page"="https://www.google.com/?gws_rd=ssl"
"Default_Search_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Start Page"="https://support.microsoft.com/en-US/topic/internet-explorer-downloads-d49e1f0d-571c-9a7b-d97e-be248806ca70"
"Search Bar"="http://www.google.com/toolbar/ie8/sidebar.html"
"Url"="http://www.microsoft.com/athome/community/rss.xml"
"Url"="http://rss.msn.com/en-us/?feedoutput=rss&ocid=iehrs&unsub=true"
"Url"="http://www.microsoft.com/atwork/community/rss.xml"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome"
"Default_Search_URL"="http://www.google.com/toolbar/ie8/sidebar.html"
"Search Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch"
"Local Page"="D:\\windows\\system32\\blank.htm"
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home"
--------------------\\ Recherche d'autres infections
--------------------\\ ROOTKIT !!
Rootkit Tibs ! .. [HKLM\..\CurrentControlSet\Enum\Root\LEGACY_TDSSSERV]
Rootkit Tibs ! .. [HKLM\..\CurrentControlSet\Services\tdssserv]
Rootkit Tibs ! .. [HKLM\..\CurrentControlSet\Enum\Root\tdssserv]
Rootkit Tibs ! .. [HKLM\..\ControlSet001\Enum\Root\LEGACY_TDSSSERV]
Rootkit Tibs ! .. [HKLM\..\ControlSet001\Services\tdssserv]
Rootkit Tibs ! .. [HKLM\..\ControlSet001\Enum\Root\tdssserv]
Rootkit Tibs ! .. [HKLM\..\ControlSet002\Enum\Root\LEGACY_TDSSSERV]
Rootkit Tibs ! .. [HKLM\..\ControlSet002\Services\tdssserv]
Rootkit Tibs ! .. [HKLM\..\ControlSet002\Enum\Root\tdssserv]
Trojan ! .. D:\WINDOWS\system32\tdssservers.dat
Trojan ! .. D:\WINDOWS\system32\tdssinit.dll
Trojan ! .. D:\WINDOWS\system32\tdssl.dll
--------------------\\ Cracks & Keygens ..
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\Adobe DreamWeaver CS3 9.0 Keygen + activation.exe.torrent
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\Adobe Dreamweaver CS3 incl KeyGen.torrent
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\Adobe.After.Effects.CS3.FRENCH.with.crack.Good.1.torrent
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\Adobe.After.Effects.CS3.FRENCH.with.crack.Good.torrent
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\Avast AntiVirus PRO Edition v4.8.1 + Keygen works good.torrent
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\CEBAS_FINAL_FLARES_V1.5_FOR_3DSMAX_2009_32bits_&_64bits_crack.torrent
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\CEBAS_Pyrocluster_V3.5_FOR_3DSMAX_2009_32b_&_64b_crack.torrent
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\Corel© PainterT Essentials 4+Keygen-HeartBug.torrent
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\DreamWeaver CS3 Working Keygen + Activation (NEW).exe.torrent
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\RAYFIRE_v1.32_+v1.33+HELP+CRACK_FOR_3DSMAX9_&_3DSMAX2008_32b&64b.torrent
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\RAYFIRE_v1.34+HELP+CRACK_FOR_3DSMAX9_&_3DSMAX2008_32b.torrent
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\SOFTIMAGE XSI 7 LICENCE SERVER SPM KEYGEN + SPM WIN32 - WIN64-XFORCE.torrent
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\SOFTIMAGE_XSI_ADVANCED_V7.0_WITH_REAL_SPM_KEYGEN_SPM_ONLY_WINDOWS-XFORCE.torrent
D:\DOCUME~1\CHRIST~1\Application Data\uTorrent\xsi7linuxCrack.torrent
D:\DOCUME~1\CHRIST~1\Bureau\BAZARD !!!\Nouveau dossier\onyx_sb\Crack
D:\DOCUME~1\CHRIST~1\Bureau\BAZARD !!!\Nouveau dossier\onyx_sb\Crack\bamboo_60_kg.exe
D:\DOCUME~1\CHRIST~1\Bureau\BAZARD !!!\Nouveau dossier\onyx_sb\Crack\broadleaf_60_kg.exe
D:\DOCUME~1\CHRIST~1\Bureau\BAZARD !!!\Nouveau dossier\onyx_sb\Crack\conifer_60_kg.exe
D:\DOCUME~1\CHRIST~1\Bureau\BAZARD !!!\Nouveau dossier\onyx_sb\Crack\flower10_kg.exe
D:\DOCUME~1\CHRIST~1\Bureau\BAZARD !!!\Nouveau dossier\onyx_sb\Crack\install.txt
D:\DOCUME~1\CHRIST~1\Bureau\BAZARD !!!\Nouveau dossier\onyx_sb\Crack\palm.6.0_kg.exe
D:\DOCUME~1\CHRIST~1\Bureau\BAZARD !!!\Nouveau dossier\onyx_sb\Crack\treestorm_max_kg.exe
D:\DOCUME~1\CHRIST~1\Bureau\BAZARD !!!\Nouveau dossier\onyx_sb\Crack\tree_classic5.zip
D:\DOCUME~1\CHRIST~1\Favoris\CRACK KEYGEN
D:\DOCUME~1\CHRIST~1\Favoris\CRACK KEYGEN\CRACK.MS - Download polygon cruncher CRACK or SERIAL for FREE.url
D:\DOCUME~1\CHRIST~1\Favoris\CRACK KEYGEN\SERIAL.WS.url
D:\DOCUME~1\CHRIST~1\Recent\(Keygen) Macromedia Dreamweaver Mx, Flash Mx, Fireworks Mx Keygenerators.zip.lnk
D:\DOCUME~1\CHRIST~1\Recent\Adobe.Any.CS3.Keygen.rar.lnk
D:\DOCUME~1\CHRIST~1\Recent\Windows Xp Pro Sp2 - Activation Crack.zip.lnk
D:\DOCUME~1\ALLUSE~1\Documents\cebas\finalRender Shared\finalRender Scenes\user files\richard_de_souza\RDS-paint-crack-01_d.jpg
D:\DOCUME~1\ALLUSE~1\Documents\cebas\finalRender Shared\finalRender Scenes\user files\richard_de_souza\RDS-paint-crack-02_d.jpg
D:\DOCUME~1\ALLUSE~1\Documents\cebas\finalRender Shared\finalRender Scenes\user files\richard_de_souza\RDS-wall-crack-01_b.jpg
1 - "D:\ToolBar SD\TB_1.txt" - 21/09/2008|18:09 - Option : [1]
-----------\\ Fin du rapport a 18:09:12,43
Pour les logiciels de protection, on verra quand on aura fini la désinfection
Mais avec autant de cracks et keygens, pas étonnant que ton ordinateur soit comme ça ! Les cracks installent très souvent des infections : https://forum.malekal.com/viewtopic.php?f=33&t=893
Il faut les bannir complément... Si tu ne les supprimes pas, inutile de continuer la désinfection, les cracks et keygens réinfecteront ton ordinateur sans arrêt !
Mais avec autant de cracks et keygens, pas étonnant que ton ordinateur soit comme ça ! Les cracks installent très souvent des infections : https://forum.malekal.com/viewtopic.php?f=33&t=893
Il faut les bannir complément... Si tu ne les supprimes pas, inutile de continuer la désinfection, les cracks et keygens réinfecteront ton ordinateur sans arrêt !
