Aller au contenu

tycobb

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    4

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par tycobb

  1. tycobb
    voila un rapport malwayre mais bon j'ai toujours x.bat et usb_mgr qui fout le bordel... Malwarebytes' Anti-Malware 1.39 Version de la base de données: 2468 Windows 5.1.2600 Service Pack 3 21/07/2009 17:19:05 mbam-log-2009-07-21 (17-19-05).txt Type de recherche: Examen complet (C:\|) Eléments examinés: 310521 Temps écoulé: 4 hour(s), 31 minute(s), 26 second(s) Processus mémoire infecté(s): 0 Module(s) mémoire infecté(s): 0 Clé(s) du Registre infectée(s): 0 Valeur(s) du Registre infectée(s): 0 Elément(s) de données du Registre infecté(s): 0 Dossier(s) infecté(s): 0 Fichier(s) infecté(s): 0 Processus mémoire infecté(s): (Aucun élément nuisible détecté) Module(s) mémoire infecté(s): (Aucun élément nuisible détecté) Clé(s) du Registre infectée(s): (Aucun élément nuisible détecté) Valeur(s) du Registre infectée(s): (Aucun élément nuisible détecté) Elément(s) de données du Registre infecté(s): (Aucun élément nuisible détecté) Dossier(s) infecté(s): (Aucun élément nuisible détecté) Fichier(s) infecté(s): (Aucun élément nuisible détecté)
  2. tycobb
    voila le rapport merci mais je ne peux toujours pas utiliser de firewall SDFix: Version 1.240 Run by Administrateur on 20/07/2009 at 18:14 Microsoft Windows XP [version 5.1.2600] Running From: C:\SDFix Checking Services : Restoring Default Security Values Restoring Default Hosts File Rebooting Checking Files : Trojan Files Found: C:\WINDOWS\system32\i - Deleted Removing Temp Files ADS Check : Final Check : catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-07-20 18:32:04 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden services & system hive ... [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "p0"="C:\Program Files\DAEMON Tools Lite\" "h0"=dword:00000000 "khjeh"=hex:cd,9c,32,ba,d1,50,77,46,6a,fa,a2,5a,4f,58,74,94,3e,eb,1c,d8,5d,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001] "a0"=hex:20,01,00,00,02,4d,54,a4,ba,9d,7d,21,9e,a2,9e,f7,22,aa,b5,46,b4,.. "khjeh"=hex:bc,fb,89,c2,b3,82,94,38,77,32,34,cd,61,33,03,74,b7,ac,33,6b,c7,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40] "khjeh"=hex:33,35,92,1a,77,4b,37,81,d9,ad,3d,df,cc,4b,3a,ce,80,c5,5a,4a,c2,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\msqpdxserv.sys] "start"=dword:00000001 "type"=dword:00000001 "imagepath"=str(2):"\systemroot\system32\drivers\msqpdxmyqbpjxu.sys" "group"="file system" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\msqpdxserv.sys\modules] "msqpdxserv"="\\?\globalroot\systemroot\system32\drivers\msqpdxmyqbpjxu.sys" "msqpdxl"="\\?\globalroot\systemroot\system32\msqpdxxdcrvedt.dll" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg] "s1"=dword:2df9c43f "s2"=dword:110480d0 "h0"=dword:00000002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC] "h0"=dword:00000001 "hdf12"=hex:ff,1f,63,3c,91,2a,eb,b3,b8,2a,06,83,bf,2a,82,03,c0,c2,98,49,dd,.. "u0"=hex:b4,6d,90,02,04,00,00,00,ff,ff,00,00,45,43,44,38,38,36,46,31,43,.. "p0"="C:\Program Files\DAEMON Tools Lite\" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001] "hdf12"=hex:f5,be,1e,1c,a8,47,f8,e8,85,52,39,44,b7,4b,34,b8,80,ec,fd,72,5d,.. "a0"=hex:20,01,00,00,9e,14,c2,12,11,96,a6,8e,82,4a,da,02,5e,8b,f1,10,d0,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0] "hdf12"=hex:7f,48,ac,1f,df,d3,95,52,f6,48,c6,43,94,89,0e,c4,fd,c6,14,90,82,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1] "hdf12"=hex:75,d9,69,00,7a,20,f6,e4,a5,23,0e,1e,0c,29,56,46,19,16,ec,a9,38,.. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:a1,dc,de,e7,54,0f,93,7a,b1,83,c7,b1,fa,78,5c,70,2a,39,9b,e2,94,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\msqpdxserv.sys] "start"=dword:00000001 "type"=dword:00000001 "imagepath"=str(2):"\systemroot\system32\drivers\msqpdxmyqbpjxu.sys" "group"="file system" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\msqpdxserv.sys\modules] "msqpdxserv"="\\?\globalroot\systemroot\system32\drivers\msqpdxmyqbpjxu.sys" "msqpdxl"="\\?\globalroot\systemroot\system32\msqpdxxdcrvedt.dll" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC] "h0"=dword:00000001 "hdf12"=hex:ff,1f,63,3c,91,2a,eb,b3,b8,2a,06,83,bf,2a,82,03,c0,c2,98,49,dd,.. "u0"=hex:b4,6d,90,02,04,00,00,00,ff,ff,00,00,45,43,44,38,38,36,46,31,43,.. "p0"="C:\Program Files\DAEMON Tools Lite\" [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001] "hdf12"=hex:f5,be,1e,1c,a8,47,f8,e8,85,52,39,44,b7,4b,34,b8,80,ec,fd,72,5d,.. "a0"=hex:20,01,00,00,9e,14,c2,12,11,96,a6,8e,82,4a,da,02,5e,8b,f1,10,d0,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0] "hdf12"=hex:7f,48,ac,1f,df,d3,95,52,f6,48,c6,43,94,89,0e,c4,fd,c6,14,90,82,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq1] "hdf12"=hex:75,d9,69,00,7a,20,f6,e4,a5,23,0e,1e,0c,29,56,46,19,16,ec,a9,38,.. [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4] "h0"=dword:00000000 "khjeh"=hex:a1,dc,de,e7,54,0f,93,7a,b1,83,c7,b1,fa,78,5c,70,2a,39,9b,e2,94,.. scanning hidden registry entries ... [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System] "OODEFRAG10.00.00.01WORKSTATION"="B857DA681F13006D98CF0DC5B0CF473C71E891363C0537E9F1C3676F0AB8B364FEB9868C37B 661AD4AFE61104182CA63C6E0AFEF565C59D55E0C95B878CF1DAB05EB91337758699D0E14BAAC3116 B7B75DB55441A88B6434E4B22DB766F335DBEA31D075B0A43284FEBC9E127BECC74CFEBC9E127BECC 74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC79 338EDD5E5BE2F6E667A9C6AECB7A5D1407FEBC9E127BECC74C0B1C6EBC49A67F765CA7E0E86E90360 2071FF9F3591522670A6570972B5CB61539AF9126D4E9DCF107A26C724B85C457267D57D30FA99293 F0513A31FB8A5605264EB521712252BFF89B8E17C5D817BF6BC570250735E8B5FAB47EC5191DF8581 C3BB43E0EAA6F4C082C9489E40FC21DD98828DB08825F407ABAD6AA24C89F2E595B7C53CAC11A0900 93613FE98E314EE98079AD0DC383A432347078F4A61E2D10B911787A890AEBA0B4EE72C2A3A1BC888 86D95C30CB95CDE168B8918361CFC6583068BA709CC6E9A1646A117FCA4D094A0A6D30E5439612AF9 7FFD4C5795CAF38A87AD8EA9428E18E2088EBF2F9F7BE16C586B83F88B35B69BB33C054E59464AC3D 3C39D3AA0CD316A663F4A2FCD2EB9B24BA2EE3B8ED919DC26EA6AC60C25E94BBBF7FB6D6FB1F69E28 7EF85A3CDE56E1DB064E3DF7D65AC3E776574DA59F49DDA73680D98B43EB982B5A40704B0A6A88F86 3D389CBB9F7F51E0F5BD271F1D15E10AF3979A6910610DCA4CA92B22C175B28CEE60CE68FE2C28328 B9AC8F5DE15084DAE5AAC42E32E5BFF2F34AFBC97630029F2114766F001BE2FA6B15F2A6CA5FA6EEF 9AF3EAD4E9D6CA0CF8204E89305B1EFD158FDED27929F039AA8E416D359AC6B1FAFC0AAACDB8ECB23 0BFD946E78F89F7B6E532727632E8028697F7836AF608F3234CC4196ED6455E5156E5AFBCF2A51D3D 4233C41691778A53CB39E9F792260C2AB3715C440C0E4C73B2FCC2371AEEB466BEA5028A6F932DBEA 455CB3EEE128176A294A67688C6429766E0440EA039CF076FC0A863F85B9C5A34A8B076F2774A4A31 E8BA11CC180A0A7AD9A24E93750A61D811679FB005F1475B187A3FA8B159A73E8860AB5702C769043 AD91C4EFBAECEDF2A3124A43B7A8D8383288B93D2059592C6C2BB4BB9E285AD7E041F064D3FE589E6 6D4B93C1A1C24F270A674006D73B5E1F284BBD951678F6BDADF0D62564CB0A917BA816BA33A174929 6498281C3350D6D20A1218811BA0CC468C5748C0F52F886F30F867B48151F7CA9CB8218B9552AACBA 122D3B25B5F24D0DAB30C56D3F187AF981E58EF26D98EC49C0B69E1C8CB541D27FA012AF6836AAE54 2A35206EF6C41C4690FBBE8F99EF8C26691288332E1A8EE84FA772EDA8EB96F2E65FE68723B2FC051 5234C59DC5499EED0C2ABECCF9A68" "OODEFRAG11.00.00.01WORKSTATION"="EE3935D80ACC36715C0276DA43800E5FDBB22BD922C63324AF34A4B573E83F0F7DC28A629BF 44D09FA8590C384FEB2D19CFBB9D593B4509B5530B23037386D6BEB4235CCFE57AE515D4181284B04 0967D0D3E2A800AC5AAB152E48E4D5D780A1B9DCE32231170FC72ADEEC400E46075A68095CD8F81B2 86CC8C1C9C39B0950C6C78C4DE2D5ED6A9DEB5B78B8E893E79AB73D5DDDB204D62AAD54A136F4A37A A1DE9C2B8033257DB992094FB11D4D2BFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CF EBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A9C6AECB7A5D1407A6 A0AC4980AC7933C038D530D6EB3452E1ECFE7A53042FF1B11CD9FEAB66E6B8D5EA4508193333D8FA9 D1E118325973E7FB2233A74DAEA236A800EFDF54B1E4E29700179BC39C7DDAD3BB642A4BE052E4B3C 144AFEE8ACC0EFD379D9ADE34D3C25DD70948FB07F0065AD20103FF384BAC52716FB9BCEB69EE0DB6 55428484D9DA2C0042CB64C6938DAEE8C01E5AE785E22F7C326EBCC61D70DC5ED3534358A4AB08FFD 964C5FA6C278DB859C1F7CD6D44B138722024C96CA7B1E8646110905E312A2F4B25CE46C1F5E36E76 FE310A9205AC3A34CE3D5571965DBF4D67248504BBD34535DE7F684115EA4618AA2BD8F0623B72D88 0E1A342AB654D1B9001C9629DC67D87B64D94A23832EF4023E80BB8EA9820C3B6EEBD72793C20C44D 5CD12674EBF9774BAEF319D85C07DEE0B767307251A7C4D6940FA7DCF4664D1055013B6A525F6B347 423D945630246D54E08F018258912DD4B4EDDF7564F1C190B47F0929E331295C7F0759182E691F58A 681D1E17B2DCCFB861445C1829C7670354F16532DD548BCF63E06235622A848D0491219A70A229E99 E3E727ECA4D590AC8D59D1944688259E23758327F4B14A8DFE9F30E0B3256D73E9444AD21ACB5299D A1108133A66BE0E89C777005EE7F82DCA9BE2938C551340441E8448E24689236CC18B053C612D83DB E173262D7AE1A86BE9A18DC733A7CDA67AE24339377C8E8AB028AAAB7C04DF18EB9D44859F8618B43 49201EF45BB1058A4299FAA95E8498F6A5B283BBFCC26CED1D3E7DF0F5D390C680E036015519E34AA CA1D98DCFDE1EE3D5987EFB6850124C3A481080651EE6AB79E90C82FDFB1AADDF160398B5F8DA93D8 5B2A6F09DBDD33552661D44BFBDDF968606B0A5D22A3ED3FCED96A3A6235AC07DFB0D027A4B295FD5 D0138FFAD18E3EB927EF0F098B0669FB348EAC5E9F2C640F16270276BF863ED9DD31B047762CAB619 93205D47AAD393500D23108A1DE05BA9BCA0DDC55E0913F8E93F2E09E022158E8F8247EC374A8A286 E8BD95EDC847B986A1416FE641DC1748AA28F561EF23B081198E4056ADDAF0DEA9E7716C5012F4392 CC2E37544E92BD43A242776E8F9AF" scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" "C:\\WINDOWS\\system32\\PnkBstrA.exe"="C:\\WINDOWS\\system32\\PnkBstrA.exe:*:Enabled:PnkBstrA" "C:\\WINDOWS\\system32\\PnkBstrB.exe"="C:\\WINDOWS\\system32\\PnkBstrB.exe:*:Enabled:PnkBstrB" "C:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Game.exe"="C:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Game.exe:*:Enabled:Tom Clancy's Rainbow Six Vegas 2" "C:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Launcher.exe"="C:\\Program Files\\Ubisoft\\Tom Clancy's Rainbow Six Vegas 2\\Binaries\\R6Vegas2_Launcher.exe:*:Enabled:Tom Clancy's Rainbow Six Vegas 2 Update" "C:\\Program Files\\Deep Silver\\Sacred 2 - Fallen Angel\\system\\s2gs.exe"="C:\\Program Files\\Deep Silver\\Sacred 2 - Fallen Angel\\system\\s2gs.exe:*:Enabled:Sacred 2 Game Server" "C:\\Program Files\\Deep Silver\\Sacred 2 - Fallen Angel\\system\\sacred2.exe"="C:\\Program Files\\Deep Silver\\Sacred 2 - Fallen Angel\\system\\sacred2.exe:*:Enabled:Sacred 2" "C:\\Program Files\\Sierra\\SWAT 4\\ContentExpansion\\System\\Swat4X.exe"="C:\\Program Files\\Sierra\\SWAT 4\\ContentExpansion\\System\\Swat4X.exe:*:Enabled:SWAT 4 - The Stetchkov Syndicate" "C:\\Program Files\\Sierra\\SWAT 4\\ContentExpansion\\System\\Swat4XDedicatedServer.exe"="C:\\Program Files\\Sierra\\SWAT 4\\ContentExpansion\\System\\Swat4XDedicatedServer.exe:*:Enabled:SWAT 4 - The Stetchkov Syndicate Dedicated Server" "C:\\Program Files\\DNA\\btdna.exe"="C:\\Program Files\\DNA\\btdna.exe:*:Enabled:DNA" "C:\\Program Files\\BitTorrent\\bittorrent.exe"="C:\\Program Files\\BitTorrent\\bittorrent.exe:*:Enabled:BitTorrent" "C:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe"="C:\\Program Files\\EA GAMES\\Battlefield 2\\BF2.exe:*:Enabled:Battlefield 2" "C:\\freetool\\TFPTools3_0\\TFPTools.exe"="C:\\freetool\\TFPTools3_0\\TFPTools.exe:*:Enabled:TFPTools" "C:\\freetool\\TFPTools3_0\\VLC\\vlc.exe"="C:\\freetool\\TFPTools3_0\\VLC\\vlc.exe:*:Enabled:VLC media player" "C:\\Program Files\\VirtualDJ\\virtualdj.exe"="C:\\Program Files\\VirtualDJ\\virtualdj.exe:*:Enabled:VirtualDJ" "C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule" "C:\\Program Files\\Hamachi\\hamachi.exe"="C:\\Program Files\\Hamachi\\hamachi.exe:*:Enabled:Hamachi Client" "C:\\Program Files\\Left 4 Dead\\left4dead.exe"="C:\\Program Files\\Left 4 Dead\\left4dead.exe:*:Enabled:left4dead" "C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype" "%windir%"="msdrv32.exe" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)" Remaining Files : File Backups: - C:\SDFix\backups\backups.zip Files with Hidden Attributes : Wed 15 Jul 2009 80,896 ..SHR --- "C:\WINDOWS\usb_mgr.exe" Mon 26 Jan 2009 1,740,632 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe" Mon 26 Jan 2009 5,365,592 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" Thu 5 Mar 2009 2,260,480 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" Thu 16 Oct 2008 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak" Tue 19 Sep 2006 304,736 A..H. --- "C:\Program Files\Canon\MP Navigator 3.0\Maint.exe" Mon 25 Apr 2005 61,440 A..H. --- "C:\Program Files\Canon\MP Navigator 3.0\uinstrsc.dll" Fri 25 Jan 2008 1,732,608 A..H. --- "C:\avant windows ultimate\raptoredown\villa\Binaries\3DSexVilla2-053.001.exe" Fri 25 Jan 2008 135,168 A..H. --- "C:\avant windows ultimate\raptoredown\villa\Binaries\Configurator010275.dll" Fri 25 Jan 2008 5,120 A..H. --- "C:\avant windows ultimate\raptoredown\villa\Binaries\Configurator010275.DE.dll" Fri 25 Jan 2008 5,632 A..H. --- "C:\avant windows ultimate\raptoredown\villa\Binaries\Configurator010275.EN.dll" Fri 8 Feb 2008 65,536 A..H. --- "C:\avant windows ultimate\raptoredown\villa\Binaries\fc3DSexVilla.dll" Tue 18 Mar 2003 499,712 A..H. --- "C:\avant windows ultimate\raptoredown\villa\Binaries\msvcp71.dll" Fri 21 Feb 2003 348,160 A..H. --- "C:\avant windows ultimate\raptoredown\villa\Binaries\msvcr71.dll" Fri 14 Dec 2007 53,248 A..H. --- "C:\avant windows ultimate\raptoredown\villa\Binaries\ogg.dll" Fri 14 Dec 2007 413,696 A..H. --- "C:\avant windows ultimate\raptoredown\villa\Binaries\OpenAL32.dll" Fri 25 Jan 2008 159,744 A..H. --- "C:\avant windows ultimate\raptoredown\villa\Binaries\ThriXXX010218PNG.dll" Fri 25 Jan 2008 106,496 A..H. --- "C:\avant windows ultimate\raptoredown\villa\Binaries\ThriXXX010275FG.dll" Fri 25 Jan 2008 159,744 A..H. --- "C:\avant windows ultimate\raptoredown\villa\Binaries\ThriXXX017010JP2.dll" Fri 25 Jan 2008 16,896 A..H. --- "C:\avant windows ultimate\raptoredown\villa\Binaries\ThriXXX010275SOUNDOPENAL.dll" Fri 25 Jan 2008 2,260,992 A..H. --- "C:\avant windows ultimate\raptoredown\villa\Binaries\ThriXXX010275.dll" Fri 25 Jan 2008 192,512 A..H. --- "C:\avant windows ultimate\raptoredown\villa\Binaries\ThriXXX010275Base.dll" Fri 25 Jan 2008 57,344 A..H. --- "C:\avant windows ultimate\raptoredown\villa\Binaries\ThriXXX010275SOUNDDX3.dll" Fri 25 Jan 2008 106,496 A..H. --- "C:\avant windows ultimate\raptoredown\villa\Binaries\ThriXXX010275SOUNDDX8.dll" Fri 2 May 2008 105,314 A..H. --- "C:\avant windows ultimate\raptoredown\villa\Binaries\Uninstall-3DSexVilla2-Everlust-053.001.exe" Fri 14 Dec 2007 1,200,128 A..H. --- "C:\avant windows ultimate\raptoredown\villa\Binaries\vorbis.dll" Fri 14 Dec 2007 77,824 A..H. --- "C:\avant windows ultimate\raptoredown\villa\Binaries\vorbisfile.dll" Thu 30 Oct 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp" Sat 4 Jul 2009 4,791 ...HR --- "C:\Documents and Settings\Administrateur\Application Data\SecuROM\UserData\securom_v7_01.bak" Mon 17 Oct 2005 0 A..H. --- "C:\avant windows ultimate\raptoredown\Games\Directlinks\SnkvCC\SNKvsCapcom.2007.mugem.PCGAME-by-Rasta-www.thegenius.us\SvC Ultimate Mugen 2007 3rd Battle Edition v2.0\chars\yashiro ultrarox\readme\images\Sav2F9.tmp" Finished!
  3. tycobb
    Bonjour, j'ai un soucis car des que je met un firewall quelconque , ma connection internet ne se fait plus car dans le journal j'ai une pletore de chose qui se connectent a mon ordinateur. quelqu'un a une idée , j'ai l'impression d'avoir tout fait , scan complet avec antivir en normal et sans echec , ,spyware avec malwayre et avg anti spyware , puis smitfraud enfin j'ai fait le maximum mais la ca me depasse. je poste un rapport hijackthis au cas ou quelqu'un arrive a comprendre mon malheur; voila merci. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:33:45, on 20/07/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.20861) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\msdrv32.exe C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\oodtray.exe C:\WINDOWS\usb_mgr.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DNA\btdna.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\WINDOWS\system32\oodag.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Fichiers communs\Logishrd\KHAL2\KHALMNPR.EXE C:\WINDOWS\system32\wscntfy.exe C:\avant windows ultimate\raptoredown\Games\Directlinks\Directlinks\HiJackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O1 - Hosts: ::1 localhost O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FICHIE~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Fichiers communs\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files\Fichiers communs\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [universal Serial Bus device] usb_mgr.exe O4 - HKLM\..\Run: [Microsoft Driver Setup] C:\WINDOWS\msdrv32.exe O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall Pro\feedback.exe" /dump:os_startup O4 - HKLM\..\RunOnce: [WIAWizardMenu] RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [bitTorrent DNA] "C:\Program Files\DNA\btdna.exe" O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKLM\..\Policies\Explorer\Run: [Microsoft Driver Setup] C:\WINDOWS\msdrv32.exe O4 - HKUS\S-1-5-19\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [LocalService] C:\Documents and Settings\LocalService\LocalService.exe /i (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [LocalService] C:\Documents and Settings\LocalService\LocalService.exe /i (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_2] regsvr32 /s /n /i:U shell32 (User 'Default user') O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe O9 - Extra button: Réglage rapide de Outpost Firewall Pro - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Program Files\Agnitum\Outpost Firewall Pro\ie_bar.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Indexing Service (CiSvc) - Unknown owner - C:\WINDOWS\system32\cisvc.exe (file missing) O23 - Service: Service Google Update (gupdate1c9b5799bfda472) (gupdate1c9b5799bfda472) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Fichiers communs\Logishrd\Bluetooth\LBTServ.exe O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
  4. tycobb
    bonjour je pense avoir un mauvais virus , en effet , j'ai dans les actifs "usb_mgr" qui n'arrette pas de faire bipper mon firewall et ca me le reconnait dans l'antivirus mais impossible a enlever...j'ai fait beaucoup de chose mais mes connaissances s'arrettent la. quelqu'un peut m'aider svp merci
×
×
  • Créer...