Sujet Précédent Sujet Suivant

Grosse infection virale

Fermé
bmw-93 Messages postés 148 Date d'inscription mardi 14 août 2007 Statut Membre Dernière intervention 17 mai 2013 - 17 déc. 2008 à 21:40
darkpoet Messages postés 1654 Date d'inscription jeudi 29 mai 2008 Statut Contributeur sécurité Dernière intervention 10 mars 2014 - 17 déc. 2008 à 22:29
salut voila j'ai analyser mon rapport hijackthis et j'ai trouver plein de problèmes et de virus mais je sais comment les éliminé SVP AIDEZ MOI . voila le log


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:27:07, on 17/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\VM303_STI.EXE
C:\WINDOWS\System32\rs32net.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\fxstaller.exe
C:\Documents and Settings\All Users\Application Data\svhost.exe
C:\WINDOWS\System32\rs32net.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.start-internet.info/a2558156-stioweatre
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://fr.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*https://fr.search.yahoo.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://fr.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: VMN Toolbar - {4E7BD74F-2B8D-469E-8DA9-FD60BB9AAE33} - C:\PROGRA~1\VMNTOO~1\VMNTOO~1.DLL
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM\..\Run: [EPSON Stylus DX4800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADE.EXE /F "C:\WINDOWS\TEMP\E_S1A1.tmp" /EF "HKLM"
O4 - HKLM\..\Run: [Windows UDP Control Center] fxstaller.exe
O4 - HKLM\..\Run: [rs32net] C:\WINDOWS\System32\rs32net.exe
O4 - HKLM\..\Run: [0c2ee649] rundll32.exe "C:\WINDOWS\system32\apdlxyfu.dll",b
O4 - HKLM\..\Run: [CTEMON.EXE] "" /h
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [rs32net] C:\WINDOWS\System32\rs32net.exe
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Analyser avec LeechGet - file://C:\Program Files\LeechGet 2007\\Parser.html
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?ebd46fd86bc445f199be2c744ce32d16
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?ebd46fd86bc445f199be2c744ce32d16
O8 - Extra context menu item: Tout télécharger avec Free Download Manager - file://D:\Free Download Manager\dlall.htm
O8 - Extra context menu item: Télécharger avec Free Download Manager - file://D:\Free Download Manager\dllink.htm
O8 - Extra context menu item: Télécharger en utilisant l'assistant LeechGet - file://C:\Program Files\LeechGet 2007\\Wizard.html
O8 - Extra context menu item: Télécharger en utilisant LeechGet - file://C:\Program Files\LeechGet 2007\\AddUrl.html
O8 - Extra context menu item: Télécharger la sélection avec Free Download Manager - file://D:\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Télécharger la vidéo avec Free Download Manager - file://D:\Free Download Manager\dlfvideo.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Upload - {FD4E2FF8-973C-4A19-89BD-8E86B3CFCFE1} - D:\Free Download Manager\FUM\fumiebtn.dll
O16 - DPF: Yahoo! Pool 2 - http://origin.games.yahoo.net/games/clients/y/poti_x.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{327C305E-6A82-4F49-9D34-E18700AE82BC}: NameServer = 212.30.96.123
O23 - Service: Ares Chatroom server (AresChatServer) - Unknown owner - C:\Program Files\Ares\chatServer.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: ICF - Unknown owner - C:\WINDOWS\system32\svchost.exe:ext.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
A voir également:

3 réponses

Réponse 1 / 3
darkpoet Messages postés 1654 Date d'inscription jeudi 29 mai 2008 Statut Contributeur sécurité Dernière intervention 10 mars 2014 62
17 déc. 2008 à 21:53
bonjours pour commence faite ceci
Télécharge Toolbar-S&D (Team IDN) sur ton Bureau.
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/ToolBarSD.exe?attachauth=ANoY7cqJWPphpudyTqv7TRo5RQ3nm_Sx8JluVMO59X5E9cyE3j3LqKlmStIqiDqJdIgMJLi7MXn2nKVajQfoWuVvZZ2wIx_vkqO4k4P0K9jh-ra9jaKPXdZcoaVF2UqJZNH8ubL_42uIwh6f35xJ2GJMuzddVj2Qth1DgZ839lxEIFGkgWz3TdfvNMy-YtxfA3gqBUrj4U4LFeAPiWr3ClmjIP0t_Xs5PQ%3D%3D&attredirects=2

* Lance l'installation du programme en exécutant le fichier téléchargé.
* Double-clique maintenant sur le raccourci de Toolbar-S&D.
* Sélectionne la langue souhaitée en tapant la lettre de ton choix puis en validant avec la touche Entrée.
* Choisis maintenant l'option 1 (Recherche). Patiente jusqu'à la fin de la recherche.
* Poste le rapport généré. (C:\TB.txt)
0
Réponse 2 / 3
^^Marie^^ Messages postés 113901 Date d'inscription mardi 6 septembre 2005 Statut Membre Dernière intervention 28 août 2020 3 275
17 déc. 2008 à 22:24
bonsoir

Je colle le rapport, il est passe par la cave ;))

Faut pas s'étonner ..........


voici le rapport


-----------\\ ToolBar S&D 1.2.6 XP/Vista

Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : Intel(R) Pentium(R) 4 CPU 2.80GHz )
BIOS : Default System BIOS
USER : alpha ( Administrator )
BOOT : Normal boot
Antivirus : avast! antivirus 4.8.1229 [VPS 000000-0] 4.8.1229 (Not Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:38 Go (Free:0 Go)
D:\ (Local Disk) - NTFS - Total:38 Go (Free:7 Go)
E:\ (CD or DVD)

"C:\ToolBar SD" ( MAJ : 04-12-2008|20:40 )
Option : [1] ( 17/12/2008|22:03 )

-----------\\ Recherche de Fichiers / Dossiers ...

C:\Program Files\P2P_Torrent
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\---Yahoo.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\01net.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\1px_dark.gif
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\1px_green.gif
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\1px_white.gif
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\a.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\amazon.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\an.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\arrowB.gif
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\arrowT.gif
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\arrow_down.gif
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\arrow_red.gif
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\arrow_red2.gif
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\arrow_up.gif
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\autofill.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\avstate.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\b.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\background2.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\bgmeteo_results.gif
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\bg_pub.gif
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\bg_ttl.gif
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\bn.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\bottom.png
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\bottom_left.png
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\bottom_right.png
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\btn_close.gif
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\btn_minus.gif
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\btn_moreforecast.gif
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\c.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\canalblog.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\cn.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\COMBOSEARCH.acs
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\d.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\dictionary2.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\dn.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\downfile
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\DownloadCOM.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\dropdown.css
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\ErrorLog.txt
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\ErrorPageTemplate.css
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\f.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\flag_argentine.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\flag_australia.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\flag_brazil.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\flag_canada.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\flag_china.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\flag_france.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\flag_germany.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\flag_greece.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\flag_hongkong.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\flag_india.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\flag_indonesia.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\flag_italy.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\flag_japan.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\flag_korea.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\flag_mexico.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\flag_netherlands.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\flag_spain.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\flag_sweeden.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\flag_taiwan.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\flag_uk.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\flag_usa.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\fn.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\g.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\gaming.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\gn.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\gograph.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\graphred0.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\graphred0_5.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\graphred1.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\graphred1_5.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\graphred2.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\graphred2_5.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\graphred3.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\graphred3_5.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\graphred4.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\graphred4_5.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\graphred5.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\h.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\help.gif
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\hideremove.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\highlight.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\hn.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\h_aquarius.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\h_aries.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\h_cancer.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\h_capricorn.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\h_gemini.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\h_leo.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\h_libra.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\h_pisces.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\h_sagittarius.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\h_scorpio.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\h_taurus.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\h_virgo.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\i.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\icotemp_placeholder.gif
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\IEtab1_7d.zip
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\in.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\ipsearch.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\j.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\jn.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\k.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\kn.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\l.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\left.png
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\ln.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\loading.gif
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\login.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\logo.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\n.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\New York_NY_weather.txt
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\New York_NY_weather.txt8989125
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\new02.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\NewCfg
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\news.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\news.html
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\nn.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\o.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\on.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\p.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\pestscanimg.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\pixsy.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\pn.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\popup_off.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\popup_on.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\popup_ona.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\p_yahoo.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\p_yahoo_fr.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\q.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\qn.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\r.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\relatedlinks.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\report.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\right.png
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\rn.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\rss.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\rss.xsl
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\rss1.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\rsslib.js
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\rssmenu1_7a.zip
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\s.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\search.gif
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\search_fr.gif
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\security.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt10263671
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt10282343
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt10307406
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt10334781
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt10334875
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt10365140
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt10378546
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt10380531
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt1327281
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt1349390
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt1352343
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt1362437
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt3669781
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt3670812
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt3671046
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt3671390
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt3672343
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt3672875
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt3673734
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt3676328
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt3677109
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt3678078
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt3678593
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt3682593
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt3683093
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt3686796
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt3687343
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt3693187
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt3694531
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt3695781
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt8157937
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt8169234
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt8171250
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt8175531
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt8179968
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt8182375
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt8188500
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt8193828
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt8198125
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt8205562
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt8211843
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sinfo.txt8215093
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\siteinfo.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\slider.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\sn.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\spacer.gif
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\stars-red1.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\stars-red2.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\stars-red3.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\stars-red4.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\stars-red5.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\storage.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\t.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\tabdataV3.js
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\tablib.js
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\tabwelcome_en.html
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\tabwelcome_fr.html
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\tab_icon.png
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\technorati.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\thes_search.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\tn.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\tools.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\top.png
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\top_left.png
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\top_right.png
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\translate.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\u.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\un.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\utf8.js
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\v.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\vmlib.js
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\vmntoolbartb1501.cfg
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\vn.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\w.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\web.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\web_fr.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\wikipedia.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\wn.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\x.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\xp_close_small.gif
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\yahoo.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\yahoo_search.gif
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\YouTube.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\z.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\zn.bmp
C:\DOCUME~1\alpha\APPLIC~1\VMNToolbar\zoom.bmp
C:\Program Files\VMNToolbar
C:\Program Files\VMNToolbar\install.ico
C:\Program Files\VMNToolbar\tbuninstall.exe
C:\Program Files\VMNToolbar\toolbar.ini
C:\Program Files\VMNToolbar\uninstall.exe
C:\Program Files\VMNToolbar\vmntoolbar.dll
C:\WINDOWS\iun6002.exe

-----------\\ Extensions

(Administrateur) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(Administrateur) - {991A772A-BA13-4c1d-A9EF-F897F31DEC7D} => megaupload

(alpha) - {3112ca9c-de6d-4884-a869-9855de68056c} => google-toolbar
(alpha) - {36C13C8F-54F1-412e-8177-2E411719162D} => chrome
(alpha) - {37E4D8EA-8BDA-4831-8EA1-89053939A250} => pdfdownload
(alpha) - {635abd67-4fe9-1b23-4f01-e679fa7484c1} => ytoolbar
(alpha) - {8f8fe09b-0bd3-4470-bc1b-8cad42b8203a} => livehttpheaders
(alpha) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
(alpha) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
(alpha) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
(alpha) - {b9db16a4-6edc-47ec-a1f4-b86292ed211d} => dwhelper
(alpha) - {fce36c1e-58d8-498a-b2a5-66ad1cedebbb} => customizegoogle


-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="http://www.start-internet.info/a2558156-stioweatre"
"Search Page"="https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC"
"Search Bar"="https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://fr.yahoo.com/"
"Default_Page_URL"="https://fr.yahoo.com/"
"Default_Search_URL"="http://fr.rd.yahoo.com/customize/ie/defaults/su/msgr8/*https://fr.search.yahoo.com/"
"Search Page"="http://fr.rd.yahoo.com/customize/ie/defaults/sp/msgr8/*https://fr.search.yahoo.com/"


--------------------\\ Recherche d'autres infections

C:\WINDOWS\system32\eOqXbccf.ini
C:\WINDOWS\system32\eOqXbccf.ini2
C:\WINDOWS\system32\fccbXqOe.dll
[b]==> VUNDO <==/b

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\alpha\Atomix Virtual DJ 4.0 Full + crack
C:\DOCUME~1\alpha\crack generico
C:\DOCUME~1\alpha\Atomix Virtual DJ 4.0 Full + crack\install_virtualdj_v4.0.exe
C:\DOCUME~1\alpha\Atomix Virtual DJ 4.0 Full + crack\virtualdj.exe
C:\DOCUME~1\alpha\crack generico\emu.dll
C:\DOCUME~1\alpha\crack generico\MMxpt.dll
C:\DOCUME~1\alpha\Local Settings\Application Data\Opera\opera\profile\images\http%3A%2F%2Fwww.keygen.cc%2Ffavicon.ico
C:\DOCUME~1\alpha\Local Settings\Application Data\Opera\opera\profile\images\www.keygen.cc.idx
C:\DOCUME~1\alpha\Mes documents\PC GAME - PES - Pro Evolution Soccer 2008 - CRACK NO CD + [TEST OK] + KEYGEN
C:\DOCUME~1\alpha\Mes documents\PC GAME - PES - Pro Evolution Soccer 2008 - CRACK NO CD + [TEST OK] + KEYGEN\25_euros_par_mail.html
C:\DOCUME~1\alpha\Mes documents\PC GAME - PES - Pro Evolution Soccer 2008 - CRACK NO CD + [TEST OK] + KEYGEN\Gagner beaucoup d'argent facile avec Paypal - AderynR.doc
C:\DOCUME~1\alpha\Mes documents\PC GAME - PES - Pro Evolution Soccer 2008 - CRACK NO CD + [TEST OK] + KEYGEN\Keygen.txt
C:\DOCUME~1\alpha\Mes documents\PC GAME - PES - Pro Evolution Soccer 2008 - CRACK NO CD + [TEST OK] + KEYGEN\Readme.txt
C:\DOCUME~1\alpha\Mes documents\WINNING ELEVEN 10\Winning eleven 10 crack (active multilanguage), keygen, patch [NoCD] Tested.zip
C:\DOCUME~1\alpha\WINNING ELEVEN 10\Winning eleven 10 crack (active multilanguage), keygen, patch [NoCD] Tested.zip



1 - "C:\ToolBar SD\TB_1.txt" - 17/12/2008|22:09 - Option : [1]

-----------\\ Fin du rapport a 22:09:42,21
0
Réponse 3 / 3
darkpoet Messages postés 1654 Date d'inscription jeudi 29 mai 2008 Statut Contributeur sécurité Dernière intervention 10 mars 2014 62
17 déc. 2008 à 22:29
relancez toolbarsd et choisir l option 2 poster le rapport generer
0

Discussions similaires

Alerte Virale !!!
Juan -
bernie61 -

5 réponses
Infection ?
Tomy -
MisteryBean -

10 réponses
infection ou pas?
jpn1000 -
mcvivien2 -

5 réponses
Infection ou pas ???
karissia -
helpcenter -

1 réponse
Avast detecte une menace "infection URL:MAL"
elbreton -
cloclomaz -

36 réponses