Rapport suite à antivirus2009
Mast3r
Messages postés
17
Statut
Membre
-
anthony5151 Messages postés 10927 Statut Contributeur sécurité -
anthony5151 Messages postés 10927 Statut Contributeur sécurité -
Bonjour,
J'ai eu le problème d'antivirus2009 qui apparait en me disant que je suis infecté,etc etc..
Et puis j'ai fais une recherche sur google puis j'ai trouver ce topic:
http://www.commentcamarche.net/forum/affich 9343819 probleme de virus appele antivirus 2009 quot
J'ai fais ce qu'il a dit sur ce topic puis j'ai eu ce rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:26:26, on 16/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\Apps\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Apps\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\notepad.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/spresults.aspx
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.update.microsoft.com/windowsupdate/v6/default.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0d292daf-4e33-4c4f-8d8b-c1e28567c75a} - C:\WINDOWS\system32\mureleni.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar Beta - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [Mode Load Mpeg Less] C:\Documents and Settings\All Users\Application Data\two setup mode load\Title Grey.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [CPMdb089696] Rundll32.exe "C:\WINDOWS\system32\saneziwa.dll",a
O4 - HKLM\..\Run: [sopojewohu] Rundll32.exe "C:\WINDOWS\system32\wegureju.dll",s
O4 - HKLM\..\RunOnce: [SpybotDeletingA5235] command /c del "c:\windows\system32\duhosana.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2903] cmd /c del "c:\windows\system32\duhosana.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7969] command /c del "C:\WINDOWS\system32\wegureju.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4249] cmd /c del "C:\WINDOWS\system32\wegureju.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1762] command /c del "C:\WINDOWS\system32\zotujage.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7962] cmd /c del "C:\WINDOWS\system32\zotujage.dll_old"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BEND BASE] C:\DOCUME~1\Owner\APPLIC~1\01TICK~1\ARMY HTM.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingB7952] command /c del "c:\windows\system32\duhosana.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3018] cmd /c del "c:\windows\system32\duhosana.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4067] command /c del "C:\WINDOWS\system32\wegureju.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6266] cmd /c del "C:\WINDOWS\system32\wegureju.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1186] command /c del "C:\WINDOWS\system32\zotujage.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9628] cmd /c del "C:\WINDOWS\system32\zotujage.dll_old"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O20 - AppInit_DLLs: c:\windows\system32\minasuvo.dll c:\progra~1\kasper~1\kasper~1\mzvkbd.dll c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll C:\WINDOWS\system32\zateduta.dll c:\windows\system32\saneziwa.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\saneziwa.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\saneziwa.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\Apps\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\Apps\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
--
End of file - 8920 bytes
Et puis j'ai utiliser SDFIX en mode échec
Et puis j'ai eu ce rapport:
[b]SDFix: Version 1.240 /b
Run by Owner on 16/12/2008 at 15:21
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services /b:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files /b:
No Trojan Files Found
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat - Contains Links to Malware Sites! - Deleted
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat - Contains Links to Malware Sites! - Deleted
Removing Temp Files
[b]ADS Check /b:
[b]Final Check /b:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-16 15:30:58
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
C:\WINDOWS\KB955839.log 4354 bytes
C:\WINDOWS\KB956802.log 3657 bytes
C:\WINDOWS\LastGood
C:\WINDOWS\LastGood\INF
C:\WINDOWS\LastGood\INF\oem11.inf 0 bytes
C:\WINDOWS\LastGood\INF\oem11.PNF 0 bytes
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 6
[b]Remaining Services /b:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL 9.0"
"C:\\Program Files\\CyberLink\\PowerCinema\\PowerCinema.exe"="C:\\Program Files\\CyberLink\\PowerCinema\\PowerCinema.exe:*:Enabled:PowerCinema"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Apps\\Powercinema\\PowerCinema.exe"="C:\\Apps\\Powercinema\\PowerCinema.exe:*:Enabled:PowerCinema"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\WINDOWS\\explorer.exe"="C:\\WINDOWS\\explorer.exe:*:Enabled:Explorer"
"C:\\Program Files\\Java\\jre6\\bin\\jqs.exe"="C:\\Program Files\\Java\\jre6\\bin\\jqs.exe:*:Enabled:jqs"
"C:\\WINDOWS\\system32\\wbem\\wmiprvse.exe"="C:\\WINDOWS\\system32\\wbem\\wmiprvse.exe:*:Enabled:wmiprvse"
"C:\\WINDOWS\\system32\\winlogon.exe"="C:\\WINDOWS\\system32\\winlogon.exe:*:Enabled:winlogon"
"C:\\WINDOWS\\system32\\logonui.exe"="C:\\WINDOWS\\system32\\logonui.exe:*:Enabled:logonui"
"C:\\Apps\\Powercinema\\PCMService.exe"="C:\\Apps\\Powercinema\\PCMService.exe:*:Enabled:PCMService"
"C:\\Program Files\\AnalogX\\Proxy\\proxy.exe"="C:\\Program Files\\AnalogX\\Proxy\\proxy.exe:*:Disabled:proxy"
"C:\\Documents and Settings\\Owner\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe"="C:\\Documents and Settings\\Owner\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe:*:Enabled:GoogleUpdate"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL 9.0"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[b]Remaining Files /b:
[b]Files with Hidden Attributes /b:
Tue 31 May 2005 54,384 A..H. --- "C:\Program Files\AOL 9.0\aolphx.exe"
Tue 31 May 2005 156,784 A..H. --- "C:\Program Files\AOL 9.0\aoltray.exe"
Tue 31 May 2005 31,344 A..H. --- "C:\Program Files\AOL 9.0\RBM.exe"
Mon 7 Jul 2008 1,429,840 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon 7 Jul 2008 4,891,472 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Mon 7 Jul 2008 2,156,368 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Tue 9 Dec 2008 88,753 A.SH. --- "C:\WINDOWS\system32\dezepimo.dll"
Tue 9 Dec 2008 62,976 A.SH. --- "C:\WINDOWS\system32\disuboka.dll.tmp"
Tue 9 Dec 2008 62,976 A.SH. --- "C:\WINDOWS\system32\duluyadu.dll.tmp"
Tue 9 Dec 2008 2,626 ..SH. --- "C:\WINDOWS\system32\fidetiga.dll"
Thu 11 Dec 2008 2,628 ..SH. --- "C:\WINDOWS\system32\fipovage.dll"
Tue 16 Dec 2008 65,611 A.SH. --- "C:\WINDOWS\system32\fovativu.dll"
Fri 12 Dec 2008 2,628 ..SH. --- "C:\WINDOWS\system32\hatugepe.dll"
Thu 11 Dec 2008 2,627 ..SH. --- "C:\WINDOWS\system32\hisakite.dll"
Tue 9 Dec 2008 62,976 A.SH. --- "C:\WINDOWS\system32\holusifo.dll.tmp"
Sat 13 Dec 2008 2,629 ..SH. --- "C:\WINDOWS\system32\karobivi.dll"
Wed 10 Dec 2008 2,628 ..SH. --- "C:\WINDOWS\system32\keyutova.dll"
Sun 14 Dec 2008 2,626 ..SH. --- "C:\WINDOWS\system32\kuyamija.dll"
Thu 11 Dec 2008 66 ..SH. --- "C:\WINDOWS\system32\limeruyi.dll"
Sun 14 Dec 2008 2,628 ..SH. --- "C:\WINDOWS\system32\lulilupa.dll"
Wed 10 Dec 2008 66 ..SH. --- "C:\WINDOWS\system32\mepavuhi.dll"
Tue 16 Sep 2008 65,611 A.SH. --- "C:\WINDOWS\system32\mureleni.dll"
Mon 15 Dec 2008 2,628 ..SH. --- "C:\WINDOWS\system32\nizebude.dll"
Tue 9 Dec 2008 2,628 ..SH. --- "C:\WINDOWS\system32\nizukipu.dll"
Fri 12 Dec 2008 2,628 ..SH. --- "C:\WINDOWS\system32\nofeyeje.dll"
Wed 10 Dec 2008 2,628 ..SH. --- "C:\WINDOWS\system32\paloyihi.dll"
Thu 11 Dec 2008 2,628 ..SH. --- "C:\WINDOWS\system32\pihimuha.dll"
Wed 10 Dec 2008 2,627 ..SH. --- "C:\WINDOWS\system32\reditiha.dll"
Tue 16 Dec 2008 95,455 A.SH. --- "C:\WINDOWS\system32\saneziwa.dll"
Mon 15 Dec 2008 2,628 ..SH. --- "C:\WINDOWS\system32\vidutade.dll"
Wed 10 Dec 2008 2,628 ..SH. --- "C:\WINDOWS\system32\vugukibo.dll"
Tue 16 Sep 2008 65,611 A.SH. --- "C:\WINDOWS\system32\zateduta.dll"
Wed 10 Dec 2008 2,626 ..SH. --- "C:\WINDOWS\system32\zowuziwa.dll"
Mon 8 Dec 2008 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Mon 8 Dec 2008 4,348 A..H. --- "C:\Documents and Settings\Owner\Mes documents\Ma musique\Sauvegarde de la licence\drmv1key.bak"
Mon 8 Dec 2008 20 A..H. --- "C:\Documents and Settings\Owner\Mes documents\Ma musique\Sauvegarde de la licence\drmv1lic.bak"
Mon 8 Dec 2008 400 A.SH. --- "C:\Documents and Settings\Owner\Mes documents\Ma musique\Sauvegarde de la licence\drmv2key.bak"
[b]Finished!/b
Et sa n'a rien changer,le net est trop lent encore =(
Et maintenant y'a des pages qui s'ouvrent sur le navigateur avec ces adresses:http://findoutbiz.net/rdr2.php?sid=6623f37615c97a153a2c33d6da338764
https://www.hugedomains.com/domain_profile.cfm?d=smooki&e=com
Est-ce que c'est des sites malveillants?
Aidez moi svp :[
Pour préciser après l'analyse de SDFIX en mode sans échec ,le truc antivirus 2009 n'apparais plus,mais il y'a des autres sites qui apparait maintenant: comme speed downloading..
Et le net est très lent...
J'espère qu'une personne pourra m'aider
J'ai eu le problème d'antivirus2009 qui apparait en me disant que je suis infecté,etc etc..
Et puis j'ai fais une recherche sur google puis j'ai trouver ce topic:
http://www.commentcamarche.net/forum/affich 9343819 probleme de virus appele antivirus 2009 quot
J'ai fais ce qu'il a dit sur ce topic puis j'ai eu ce rapport:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:26:26, on 16/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
c:\Apps\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Java\jre6\bin\jqs.exe
c:\Apps\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\notepad.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?fdr=lc&toHttps=1&redig=FA6AD360E0BE4C719380F8C470A3D3A8
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.bing.com/spresults.aspx
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.update.microsoft.com/windowsupdate/v6/default.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0d292daf-4e33-4c4f-8d8b-c1e28567c75a} - C:\WINDOWS\system32\mureleni.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\ievkbd.dll
O2 - BHO: Click-to-Call BHO - {5C255C8A-E604-49b4-9D64-90988571CECB} - C:\Program Files\Windows Live\Messenger\wlchtc.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Beta - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Windows Live Toolbar Beta - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [Mode Load Mpeg Less] C:\Documents and Settings\All Users\Application Data\two setup mode load\Title Grey.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe"
O4 - HKLM\..\Run: [CPMdb089696] Rundll32.exe "C:\WINDOWS\system32\saneziwa.dll",a
O4 - HKLM\..\Run: [sopojewohu] Rundll32.exe "C:\WINDOWS\system32\wegureju.dll",s
O4 - HKLM\..\RunOnce: [SpybotDeletingA5235] command /c del "c:\windows\system32\duhosana.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC2903] cmd /c del "c:\windows\system32\duhosana.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA7969] command /c del "C:\WINDOWS\system32\wegureju.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC4249] cmd /c del "C:\WINDOWS\system32\wegureju.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingA1762] command /c del "C:\WINDOWS\system32\zotujage.dll_old"
O4 - HKLM\..\RunOnce: [SpybotDeletingC7962] cmd /c del "C:\WINDOWS\system32\zotujage.dll_old"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [BEND BASE] C:\DOCUME~1\Owner\APPLIC~1\01TICK~1\ARMY HTM.exe
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Owner\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\RunOnce: [SpybotDeletingB7952] command /c del "c:\windows\system32\duhosana.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD3018] cmd /c del "c:\windows\system32\duhosana.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB4067] command /c del "C:\WINDOWS\system32\wegureju.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD6266] cmd /c del "C:\WINDOWS\system32\wegureju.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingB1186] command /c del "C:\WINDOWS\system32\zotujage.dll_old"
O4 - HKCU\..\RunOnce: [SpybotDeletingD9628] cmd /c del "C:\WINDOWS\system32\zotujage.dll_old"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: Statistiques de la protection du trafic Internet - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\SCIEPlgn.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O20 - AppInit_DLLs: c:\windows\system32\minasuvo.dll c:\progra~1\kasper~1\kasper~1\mzvkbd.dll c:\progra~1\kasper~1\kasper~1\mzvkbd3.dll C:\WINDOWS\system32\zateduta.dll c:\windows\system32\saneziwa.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\saneziwa.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\saneziwa.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2009\avp.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\Apps\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\Apps\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
--
End of file - 8920 bytes
Et puis j'ai utiliser SDFIX en mode échec
Et puis j'ai eu ce rapport:
[b]SDFix: Version 1.240 /b
Run by Owner on 16/12/2008 at 15:21
Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix
[b]Checking Services /b:
Restoring Default Security Values
Restoring Default Hosts File
Rebooting
[b]Checking Files /b:
No Trojan Files Found
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat - Contains Links to Malware Sites! - Deleted
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat - Contains Links to Malware Sites! - Deleted
Removing Temp Files
[b]ADS Check /b:
[b]Final Check /b:
catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-16 15:30:58
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services & system hive ...
scanning hidden registry entries ...
scanning hidden files ...
C:\WINDOWS\KB955839.log 4354 bytes
C:\WINDOWS\KB956802.log 3657 bytes
C:\WINDOWS\LastGood
C:\WINDOWS\LastGood\INF
C:\WINDOWS\LastGood\INF\oem11.inf 0 bytes
C:\WINDOWS\LastGood\INF\oem11.PNF 0 bytes
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 6
[b]Remaining Services /b:
Authorized Application Key Export:
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL 9.0"
"C:\\Program Files\\CyberLink\\PowerCinema\\PowerCinema.exe"="C:\\Program Files\\CyberLink\\PowerCinema\\PowerCinema.exe:*:Enabled:PowerCinema"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Apps\\Powercinema\\PowerCinema.exe"="C:\\Apps\\Powercinema\\PowerCinema.exe:*:Enabled:PowerCinema"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\LimeWire\\LimeWire.exe"="C:\\Program Files\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\WINDOWS\\explorer.exe"="C:\\WINDOWS\\explorer.exe:*:Enabled:Explorer"
"C:\\Program Files\\Java\\jre6\\bin\\jqs.exe"="C:\\Program Files\\Java\\jre6\\bin\\jqs.exe:*:Enabled:jqs"
"C:\\WINDOWS\\system32\\wbem\\wmiprvse.exe"="C:\\WINDOWS\\system32\\wbem\\wmiprvse.exe:*:Enabled:wmiprvse"
"C:\\WINDOWS\\system32\\winlogon.exe"="C:\\WINDOWS\\system32\\winlogon.exe:*:Enabled:winlogon"
"C:\\WINDOWS\\system32\\logonui.exe"="C:\\WINDOWS\\system32\\logonui.exe:*:Enabled:logonui"
"C:\\Apps\\Powercinema\\PCMService.exe"="C:\\Apps\\Powercinema\\PCMService.exe:*:Enabled:PCMService"
"C:\\Program Files\\AnalogX\\Proxy\\proxy.exe"="C:\\Program Files\\AnalogX\\Proxy\\proxy.exe:*:Disabled:proxy"
"C:\\Documents and Settings\\Owner\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe"="C:\\Documents and Settings\\Owner\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe:*:Enabled:GoogleUpdate"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLacsd.exe:*:Enabled:AOL"
"C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe"="C:\\Program Files\\Fichiers communs\\AOL\\ACS\\AOLDial.exe:*:Enabled:AOL"
"C:\\Program Files\\AOL 9.0\\waol.exe"="C:\\Program Files\\AOL 9.0\\waol.exe:*:Enabled:AOL 9.0"
"C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"="C:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe:*:Enabled:Windows Live Call"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
[b]Remaining Files /b:
[b]Files with Hidden Attributes /b:
Tue 31 May 2005 54,384 A..H. --- "C:\Program Files\AOL 9.0\aolphx.exe"
Tue 31 May 2005 156,784 A..H. --- "C:\Program Files\AOL 9.0\aoltray.exe"
Tue 31 May 2005 31,344 A..H. --- "C:\Program Files\AOL 9.0\RBM.exe"
Mon 7 Jul 2008 1,429,840 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"
Mon 7 Jul 2008 4,891,472 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe"
Mon 7 Jul 2008 2,156,368 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
Tue 9 Dec 2008 88,753 A.SH. --- "C:\WINDOWS\system32\dezepimo.dll"
Tue 9 Dec 2008 62,976 A.SH. --- "C:\WINDOWS\system32\disuboka.dll.tmp"
Tue 9 Dec 2008 62,976 A.SH. --- "C:\WINDOWS\system32\duluyadu.dll.tmp"
Tue 9 Dec 2008 2,626 ..SH. --- "C:\WINDOWS\system32\fidetiga.dll"
Thu 11 Dec 2008 2,628 ..SH. --- "C:\WINDOWS\system32\fipovage.dll"
Tue 16 Dec 2008 65,611 A.SH. --- "C:\WINDOWS\system32\fovativu.dll"
Fri 12 Dec 2008 2,628 ..SH. --- "C:\WINDOWS\system32\hatugepe.dll"
Thu 11 Dec 2008 2,627 ..SH. --- "C:\WINDOWS\system32\hisakite.dll"
Tue 9 Dec 2008 62,976 A.SH. --- "C:\WINDOWS\system32\holusifo.dll.tmp"
Sat 13 Dec 2008 2,629 ..SH. --- "C:\WINDOWS\system32\karobivi.dll"
Wed 10 Dec 2008 2,628 ..SH. --- "C:\WINDOWS\system32\keyutova.dll"
Sun 14 Dec 2008 2,626 ..SH. --- "C:\WINDOWS\system32\kuyamija.dll"
Thu 11 Dec 2008 66 ..SH. --- "C:\WINDOWS\system32\limeruyi.dll"
Sun 14 Dec 2008 2,628 ..SH. --- "C:\WINDOWS\system32\lulilupa.dll"
Wed 10 Dec 2008 66 ..SH. --- "C:\WINDOWS\system32\mepavuhi.dll"
Tue 16 Sep 2008 65,611 A.SH. --- "C:\WINDOWS\system32\mureleni.dll"
Mon 15 Dec 2008 2,628 ..SH. --- "C:\WINDOWS\system32\nizebude.dll"
Tue 9 Dec 2008 2,628 ..SH. --- "C:\WINDOWS\system32\nizukipu.dll"
Fri 12 Dec 2008 2,628 ..SH. --- "C:\WINDOWS\system32\nofeyeje.dll"
Wed 10 Dec 2008 2,628 ..SH. --- "C:\WINDOWS\system32\paloyihi.dll"
Thu 11 Dec 2008 2,628 ..SH. --- "C:\WINDOWS\system32\pihimuha.dll"
Wed 10 Dec 2008 2,627 ..SH. --- "C:\WINDOWS\system32\reditiha.dll"
Tue 16 Dec 2008 95,455 A.SH. --- "C:\WINDOWS\system32\saneziwa.dll"
Mon 15 Dec 2008 2,628 ..SH. --- "C:\WINDOWS\system32\vidutade.dll"
Wed 10 Dec 2008 2,628 ..SH. --- "C:\WINDOWS\system32\vugukibo.dll"
Tue 16 Sep 2008 65,611 A.SH. --- "C:\WINDOWS\system32\zateduta.dll"
Wed 10 Dec 2008 2,626 ..SH. --- "C:\WINDOWS\system32\zowuziwa.dll"
Mon 8 Dec 2008 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Mon 8 Dec 2008 4,348 A..H. --- "C:\Documents and Settings\Owner\Mes documents\Ma musique\Sauvegarde de la licence\drmv1key.bak"
Mon 8 Dec 2008 20 A..H. --- "C:\Documents and Settings\Owner\Mes documents\Ma musique\Sauvegarde de la licence\drmv1lic.bak"
Mon 8 Dec 2008 400 A.SH. --- "C:\Documents and Settings\Owner\Mes documents\Ma musique\Sauvegarde de la licence\drmv2key.bak"
[b]Finished!/b
Et sa n'a rien changer,le net est trop lent encore =(
Et maintenant y'a des pages qui s'ouvrent sur le navigateur avec ces adresses:http://findoutbiz.net/rdr2.php?sid=6623f37615c97a153a2c33d6da338764
https://www.hugedomains.com/domain_profile.cfm?d=smooki&e=com
Est-ce que c'est des sites malveillants?
Aidez moi svp :[
Pour préciser après l'analyse de SDFIX en mode sans échec ,le truc antivirus 2009 n'apparais plus,mais il y'a des autres sites qui apparait maintenant: comme speed downloading..
Et le net est très lent...
J'espère qu'une personne pourra m'aider
Configuration: Windows XP Firefox 3.0.4
A voir également:
- Rapport suite à antivirus2009
- Rapport de stage - Guide
- Rapport de crash windows - Guide
- Impression rapport de stage ✓ - Forum Word
- Modifier rapport d'échelle pdf xchange viewer ✓ - Forum PDF
- Exemple de thème de rapport de stage en ressources humaines - Forum Réseau
1 réponse
Bonsoir,
Il y a plusieurs infections sur ton PC, il va falloir utiliser plusieurs programmes pour désinfecter, merci de revenir jusqu'au bout (même si les symptomes disparaissent).
On commence par le plus facile :
- Désactive ton antivirus.
- Télécharge Lop S&D sur ton Bureau : https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
- Double-clique dessus pour lancer l'installation
- Double-clique sur le raccourci Lop S&D présent sur ton Bureau
- Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche)
- Patiente jusqu'à la fin du scan
- Poste le rapport généré
- Réactive ton antivirus
Tutoriel pour t’aider : http://www.malekal.com//tutorial_Lop_SD.php
Il y a plusieurs infections sur ton PC, il va falloir utiliser plusieurs programmes pour désinfecter, merci de revenir jusqu'au bout (même si les symptomes disparaissent).
On commence par le plus facile :
- Désactive ton antivirus.
- Télécharge Lop S&D sur ton Bureau : https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
- Double-clique dessus pour lancer l'installation
- Double-clique sur le raccourci Lop S&D présent sur ton Bureau
- Sélectionne la langue souhaitée, puis choisis l'option 1 (Recherche)
- Patiente jusqu'à la fin du scan
- Poste le rapport généré
- Réactive ton antivirus
Tutoriel pour t’aider : http://www.malekal.com//tutorial_Lop_SD.php
