elbleuets

Pas besoin de poster les rapport ,J'ai résolue a 100 % Merci pour ton aide se fut très très apprécier .

Problème résolu merci de ton aide

Ok je vais faire les scan avec zozo et ensuite gmer mais pour ce qui est de malaware il mes impossible de demarer aucun nouveau programme anivirus ou anti....... je vais faire les manip puis on verra .

GMER 1.0.15.14972 - http://www.gmer.net Rootkit scan 2009-07-03 12:33:23 Windows 5.1.2600 Service Pack 3 ---- System - GMER 1.0.15 ---- SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwCreateKey [0xF763C87E] SSDT spwt.sys ZwEnumerateKey [0xF73F9CA4] SSDT spwt.sys ZwEnumerateValueKey [0xF73FA032] SSDT spwt.sys ZwOpenKey [0xF73DB0C0] SSDT spwt.sys ZwQueryKey [0xF73FA10A] SSDT spwt.sys ZwQueryValueKey [0xF73F9F8A] SSDT Lbd.sys (Boot Driver/Lavasoft AB) ZwSetValueKey [0xF763CBFE] INT 0x62 ? 867DBBF8 INT 0x63 ? 86561E98 INT 0x73 ? 867DBBF8 INT 0x82 ? 867DBBF8 INT 0x83 ? 867DBBF8 INT 0xB1 ? 86770F00 INT 0xB1 ? 86770F00 INT 0xB4 ? 86561E98 Code 864433B8 ZwFlushInstructionCache Code 8644A68E IofCallDriver Code 8644D106 IofCompleteRequest ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!IofCallDriver 804EE130 5 Bytes JMP 8644A693 .text ntkrnlpa.exe!IofCompleteRequest 804EE1C0 5 Bytes JMP 8644D10B PAGE ntkrnlpa.exe!ZwFlushInstructionCache 805ABEC4 5 Bytes JMP 864433BC ? spwt.sys Le fichier spécifié est introuvable. ! .text USBPORT.SYS!DllUnload F61D58AC 5 Bytes JMP 86561478 ? C:\WINDOWS\system32\Drivers\mchInjDrv.sys Le fichier spécifié est introuvable. ! ---- User code sections - GMER 1.0.15 ---- .text C:\WINDOWS\system32\svchost.exe[272] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00DB0001 .text C:\Program Files\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe[316] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00EF0001 .text C:\Program Files\Java\jre6\bin\jqs.exe[448] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00D10001 .text C:\WINDOWS\system32\nvsvc32.exe[488] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 00930001 .text C:\WINDOWS\system32\PnkBstrA.exe[500] kernel32.dll!LoadLibraryExW + C4 7C801BB9 4 Bytes CALL 012C0001 .text ... ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F73DC042] spwt.sys IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F73DC13E] spwt.sys IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F73DC0C0] spwt.sys IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F73DC800] spwt.sys IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F73DC6D6] spwt.sys IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F73EBE9C] spwt.sys ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 867DA1F8 Device \FileSystem\Fastfat \FatCdrom 8541E1F8 Device \FileSystem\Udfs \UdfsCdRom 866DC1F8 Device \FileSystem\Udfs \UdfsDisk 866DC1F8 Device \Driver\PCI_PNP6734 \Device\00000042 spwt.sys Device \Driver\PCI_PNP6734 \Device\00000042 spwt.sys Device \Driver\PCI_PNP6734 \Device\00000043 spwt.sys Device \Driver\PCI_PNP6734 \Device\00000043 spwt.sys Device \Driver\sptd \Device\1879865484 spwt.sys Device \Driver\usbohci \Device\USBPDO-0 865601F8 Device \Driver\usbehci \Device\USBPDO-1 865541F8 Device \Driver\NetBT \Device\NetBT_Tcpip_{E84102EB-FEE4-4EE3-A9DD-D766E3EAF1E1} 8550A1F8 Device \Driver\Ftdisk \Device\HarddiskVolume1 867DC1F8 Device \Driver\Ftdisk \Device\HarddiskVolume2 867DC1F8 Device \Driver\Cdrom \Device\CdRom0 865481F8 Device \Driver\nvatabus \Device\00000065 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \Driver\sptd \Device\1880021734 spwt.sys Device \Driver\Ftdisk \Device\HarddiskVolume3 867DC1F8 Device \Driver\Cdrom \Device\CdRom1 865481F8 Device \Driver\nvatabus \Device\00000066 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \Driver\nvatabus \Device\00000068 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \Driver\NetBT \Device\NetBt_Wins_Export 8550A1F8 Device \Driver\NetBT \Device\NetbiosSmb 8550A1F8 Device \Driver\nvatabus \Device\0000006a sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \Driver\usbohci \Device\USBFDO-0 865601F8 Device \Driver\nvatabus \Device\NvAta0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \Driver\usbehci \Device\USBFDO-1 865541F8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 854491F8 Device \Driver\nvatabus \Device\NvAta1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \FileSystem\MRxSmb \Device\LanmanRedirector 854491F8 Device \Driver\nvatabus \Device\NvAta2 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \Driver\Ftdisk \Device\FtControl 867DC1F8 Device \Driver\a6nxfbdc \Device\Scsi\a6nxfbdc1 864A51F8 Device \Driver\a6nxfbdc \Device\Scsi\a6nxfbdc1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \Driver\a6nxfbdc \Device\Scsi\a6nxfbdc1Port3Path0Target0Lun0 864A51F8 Device \Driver\a6nxfbdc \Device\Scsi\a6nxfbdc1Port3Path0Target0Lun0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \Driver\antl8j2e \Device\Scsi\antl8j2e1Port4Path0Target0Lun0 8649C1F8 Device \Driver\antl8j2e \Device\Scsi\antl8j2e1Port4Path0Target0Lun0 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \Driver\antl8j2e \Device\Scsi\antl8j2e1 8649C1F8 Device \Driver\antl8j2e \Device\Scsi\antl8j2e1 sfsync02.sys (StarForce Protection Synchronization Driver/Protection Technology) Device \FileSystem\Fastfat \Fat 8541E1F8 AttachedDevice \FileSystem\Fastfat \Fat fltmgr.sys (Microsoft Filesystem Filter Manager/Microsoft Corporation) Device \FileSystem\Cdfs \Cdfs 854231F8 ---- Services - GMER 1.0.15 ---- Service C:\WINDOWS\system32\drivers\MSIVXlplaqydlmndxjnaevaiqkukqggkernku.sys (*** hidden *** ) [sYSTEM] MSIVXserv.sys <-- ROOTKIT !!! ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\MSIVXserv.sys Reg HKLM\SYSTEM\CurrentControlSet\Services\MSIVXserv.sys@start 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\MSIVXserv.sys@type 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\MSIVXserv.sys@imagepath \systemroot\system32\drivers\MSIVXlplaqydlmndxjnaevaiqkukqggkernku.sys Reg HKLM\SYSTEM\CurrentControlSet\Services\MSIVXserv.sys@group file system Reg HKLM\SYSTEM\CurrentControlSet\Services\MSIVXserv.sys\modules Reg HKLM\SYSTEM\CurrentControlSet\Services\MSIVXserv.sys\modules@MSIVXserv \\?\globalroot\systemroot\system32\drivers\MSIVXlplaqydlmndxjnaevaiqkukqggkernku.sys Reg HKLM\SYSTEM\CurrentControlSet\Services\MSIVXserv.sys\modules@MSIVXl \\?\globalroot\systemroot\system32\MSIVXsfoxwnxsaqjsernbsnwvmiupjwopjjvo.dll Reg HKLM\SYSTEM\CurrentControlSet\Services\MSIVXserv.sys\modules@MSIVXclk \\?\globalroot\systemroot\system32\MSIVXupghavuujmsbcuthchocjltauliwpwon.dll Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 2 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xD9 0x98 0x73 0x8C ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x3D 0xD0 0xFD 0x51 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xD2 0xF0 0x2D 0xDD ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xB4 0x6D 0x90 0x02 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x80 0xD6 0x0B 0x78 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x38 0x8C 0xF2 0xD7 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xDE 0x6C 0x51 0x16 ... Reg HKLM\SYSTEM\ControlSet003\Services\MSIVXserv.sys Reg HKLM\SYSTEM\ControlSet003\Services\MSIVXserv.sys@start 1 Reg HKLM\SYSTEM\ControlSet003\Services\MSIVXserv.sys@type 1 Reg HKLM\SYSTEM\ControlSet003\Services\MSIVXserv.sys@imagepath \systemroot\system32\drivers\MSIVXlplaqydlmndxjnaevaiqkukqggkernku.sys Reg HKLM\SYSTEM\ControlSet003\Services\MSIVXserv.sys@group file system Reg HKLM\SYSTEM\ControlSet003\Services\MSIVXserv.sys\modules Reg HKLM\SYSTEM\ControlSet003\Services\MSIVXserv.sys\modules@MSIVXserv \\?\globalroot\systemroot\system32\drivers\MSIVXlplaqydlmndxjnaevaiqkukqggkernku.sys Reg HKLM\SYSTEM\ControlSet003\Services\MSIVXserv.sys\modules@MSIVXl \\?\globalroot\systemroot\system32\MSIVXsfoxwnxsaqjsernbsnwvmiupjwopjjvo.dll Reg HKLM\SYSTEM\ControlSet003\Services\MSIVXserv.sys\modules@MSIVXclk \\?\globalroot\systemroot\system32\MSIVXupghavuujmsbcuthchocjltauliwpwon.dll Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@p0 C:\Program Files\Alcohol Soft\Alcohol 120\ Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@h0 1 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04@ujdew 0xD9 0x98 0x73 0x8C ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001@ujdew 0x3D 0xD0 0xFD 0x51 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04\00000001\jdgg40@ujdew 0xD2 0xF0 0x2D 0xDD ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@u0 0xB4 0x6D 0x90 0x02 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x80 0xD6 0x0B 0x78 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x38 0x8C 0xF2 0xD7 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xDE 0x6C 0x51 0x16 ... ---- Files - GMER 1.0.15 ---- File C:\WINDOWS\system32\MSIVXcount 4 bytes File C:\WINDOWS\system32\MSIVXsfoxwnxsaqjsernbsnwvmiupjwopjjvo.dll 23552 bytes executable File C:\WINDOWS\system32\MSIVXupghavuujmsbcuthchocjltauliwpwon.dll 54272 bytes executable File C:\WINDOWS\system32\drivers\MSIVXlplaqydlmndxjnaevaiqkukqggkernku.sys 77824 bytes executable <-- ROOTKIT !!! ---- EOF - GMER 1.0.15 ----

ok je fait le scan

humm pas beaucoup de reponse !

Bonjour a vous tous. Merci a l'avance pour toute l'aide dont les membres de cette communauté vont m'offrir. Voici le problème , j'ai attraper soit un virus ou un trojan dont je ne suis pas capable, ni d'identifier et encore moins d'enrayer . Voici les troubles que me procure cette belle infection. Quand je fait des recherche sur google, une fois sur deux il me redirige vers des site de marketing ex: http://petekelsey.typepad.com/the_dirt/2006/12/index.html je ne suis incapable d'installer de nouveau programme antivirus ou même hijacthis. Présentement j"ai adaware et c'est le seul qui fonctionne.j'ai fait un analyse en mode sans échec en désactivant la restauration du système , j'ai trouver 2 trojan que j'ai enrayer mais mon problème persiste. Config: AMD Athlon 64 Processor 4000+ window XP gf 8800 voici ce que j'ai trouver et mis en quarantaine avec adawar Quarantined items: Description: C:\Documents and Settings\hugo\Local Settings\Temp\IXP000.TMP\settings.exe Family Name: Win32.Trojan.VB Clean status: Success Item ID: 557587 Family ID: 1458 Description: C:\Documents and Settings\hugo\Local Settings\Temp\IXP001.TMP\settings.exe Family Name: Win32.Trojan.VB Clean status: Success Item ID: 557587 Family ID: 1458 Description: C:\Documents and Settings\hugo\Local Settings\Temp\IXP002.TMP\settings.exe Family Name: Win32.Trojan.VB Clean status: Success Item ID: 557587 Family ID: 1458

Merci a tous !! j'ai finalement utilise roboform

Précision EX:Quand tu remplie un formulaire et quil te demande non pas une fois mais deux fois d'inscrire ton adresse email!!

Bonjour a vous tous Bon je me lance avec ma première question.Avant quand je naviguait sur le net je pouvait utiliser le bouton centrale de ma souris(en appuyant dessus) pour effectuer un deplacement de haut en bas et de gauche a droite.Pour je ne sait quel raison rien se passe . 2e question est til possible d'avoir un racourci (ctrl+a)qui me permeterait d.afficher immediatement mon adresse email qui est assez longue merci. Merci a l'avance pour les reponse.