Supp des fichiers .exe

awatef mahdhi Messages postés 63 Statut Membre -  
awatef mahdhi Messages postés 63 Statut Membre -
Bonjour,
salut,
chaque fois que je démarre mon ordi, une fenêtre s'affiche comportant le nom d'un fichier ayant l'extension .exe dans l'emplacement c:\windows\systeme 32 .ainsi que deux options :exécuter ou annuler.comment faire svp ?est ce que je peux supprimer ces fichiers?
Configuration: Windows XP
Firefox 3.1

2 réponses

  1. Utilisateur anonyme
     
    Bonjour awatef mahdhi
    Il faudrait donner plus de precision, a quel moment s'ouvrent cette fenetre, quel est le nom exac de ce fichier; le fenetre se referme t'elle toute seule? ETC normalement, on ne supprime rien dans systeme 32, a part une infection.
    A+
    0
    1. awatef mahdhi Messages postés 63 Statut Membre
       
      salut,
      la fenetre s'ouvre aprés le demarrage de windows, une fois que les icones s'affichent sur le bureau la fenetre s'affiche elle contient les informations siuvantes:

      l'editeur n'a pas pu etre verifier voulez vous vraiment executer ce logiciel

      nom:igfxtray.exe
      editeur:inconnu
      type:application
      source:c:\windows\systeme32

      merci
      0
    2. Utilisateur anonyme > awatef mahdhi Messages postés 63 Statut Membre
       
      RE
      Regardes ici, il se pourrait que ton PC soit infecte: http://www.commentcamarche.net/contents/processus/igfxtray exe.php3
      A+
      0
    3. awatef mahdhi Messages postés 63 Statut Membre > Utilisateur anonyme
       
      bon,mon pc était infecté(spywareguard a eté installé sur mon pc)mais j'ai utilisé le malwarebytes anti-malware et spyware ne s'affiche plus et les fichiers.exe continuent a s'fficher
      j'utilise de nouveau malwarebytes anti-malware?
      0
    4. Utilisateur anonyme > awatef mahdhi Messages postés 63 Statut Membre
       
      RE
      Oui, et fais un copier/coller du rapport dans ton prochain post. Si tu as deja un rapport suite a ton scanne, postes le aussi.
      A+
      0
    5. awatef mahdhi Messages postés 63 Statut Membre > Utilisateur anonyme
       
      salut
      c'est seulement maintenant que j'ai fait le scan.le resultat est 0 element infecte
      j'ai effectué l'analyse en mode normal(pas mode sans echec)
      remarque:une fenetre s'affiche sur le bureau(en bas à droite) elle contient:
      vous etes peut etre victime d'une contrefaçon logicielle.
      cette copie de windows n'a pas pu etre validée.
      demander un logiciel microsoft original.

      voici le rapport log du malwarebytesantimalwere.:
      Malwarebytes' Anti-Malware 1.31
      Version de la base de données: 1496
      Windows 5.1.2600 Service Pack 2

      13/12/2008 13:24:32
      mbam-log-2008-12-13 (13-24-32).txt

      Type de recherche: Examen complet (C:\|D:\|E:\|)
      Eléments examinés: 85086
      Temps écoulé: 54 minute(s), 3 second(s)

      Processus mémoire infecté(s): 2
      Module(s) mémoire infecté(s): 3
      Clé(s) du Registre infectée(s): 10
      Valeur(s) du Registre infectée(s): 5
      Elément(s) de données du Registre infecté(s): 1
      Dossier(s) infecté(s): 2
      Fichier(s) infecté(s): 54

      Processus mémoire infecté(s):
      C:\Program Files\Spyware Guard 2008\spywareguard.exe (Rogue.SpywareGuard) -> Unloaded process successfully.
      C:\WINDOWS\system32\winscenter.exe (Trojan.FakeAlert) -> Unloaded process successfully.

      Module(s) mémoire infecté(s):
      C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\xvwedfdoln.dll (Trojan.FakeAlert) -> Delete on reboot.
      C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\ieModule.dll (Trojan.FakeAlert) -> Delete on reboot.
      C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\moduleie.dll (Trojan.FakeAlert) -> Delete on reboot.

      Clé(s) du Registre infectée(s):
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\spyware guard 2008 (Rogue.SpywareGuard) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Spyware Guard 2008 (Rogue.SpywareGuard) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Spyware Guard 2008 (Rogue.SpywareGuard) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\restore (Rootkit.Agent) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\spyware guard (Rogue.SpywareGuard) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{f5039f96-8239-4cd3-989e-d99ebf4c0156} (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_CLASSES_ROOT\CLSID\{3cb8ae35-0e34-4122-8c1f-2219ad4768c2} (Trojan.FakeAlert) -> Quarantined and deleted successfully.

      Valeur(s) du Registre infectée(s):
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\spywareguard (Rogue.SpywareGuard) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rs32net (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\rs32net (Trojan.Agent) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\InternetConnection (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ieModule (Trojan.FakeAlert) -> Quarantined and deleted successfully.

      Elément(s) de données du Registre infecté(s):
      HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.UserInit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\init.exe) Good: (userinit.exe) -> Quarantined and deleted successfully.

      Dossier(s) infecté(s):
      C:\Program Files\Spyware Guard 2008 (Rogue.SpywareGuard) -> Quarantined and deleted successfully.
      C:\Program Files\Spyware Guard 2008\quarantine (Rogue.SpywareGuard) -> Quarantined and deleted successfully.

      Fichier(s) infecté(s):
      C:\fiuvcw.exe (Trojan.Dropper) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Administrateur\Local Settings\Temp\BNC.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
      C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\0DEFST6V\mss32[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\GT6VWLYZ\mss32[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\41W14HQB\mss32[1].exe (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{D90562E3-400C-4735-96E6-A4ACE0A37F48}\RP9\A0003632.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{D90562E3-400C-4735-96E6-A4ACE0A37F48}\RP9\A0003643.sys (Rootkit.Agent) -> Quarantined and deleted successfully.
      C:\System Volume Information\_restore{D90562E3-400C-4735-96E6-A4ACE0A37F48}\RP9\A0003644.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\TDSSnrsr.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\TDSSriqp.dll (Trojan.TDSS) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\drivers\TDSSpaxt.sys (Trojan.TDSS) -> Quarantined and deleted successfully.
      C:\WINDOWS\Temp\BN10.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
      C:\WINDOWS\Temp\BN11.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
      C:\WINDOWS\Temp\BN2.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
      C:\WINDOWS\Temp\BN4.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
      C:\WINDOWS\Temp\BN6.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
      C:\WINDOWS\Temp\BN7.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
      C:\WINDOWS\Temp\BN8.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
      C:\WINDOWS\Temp\BN9.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
      C:\WINDOWS\Temp\BNA.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
      C:\WINDOWS\Temp\BNC.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
      C:\WINDOWS\Temp\BND.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
      C:\WINDOWS\Temp\BNE.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
      C:\WINDOWS\Temp\BNF.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
      C:\WINDOWS\Temp\eeaF.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
      C:\WINDOWS\Temp\eou1.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
      C:\WINDOWS\Temp\ypm11.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
      C:\WINDOWS\Temp\hoz1.tmp (Rootkit.Agent) -> Quarantined and deleted successfully.
      C:\Program Files\Spyware Guard 2008\conf.cfg (Rogue.SpywareGuard) -> Quarantined and deleted successfully.
      C:\Program Files\Spyware Guard 2008\mbase.vdb (Rogue.SpywareGuard) -> Quarantined and deleted successfully.
      C:\Program Files\Spyware Guard 2008\quarantine.vdb (Rogue.SpywareGuard) -> Quarantined and deleted successfully.
      C:\Program Files\Spyware Guard 2008\queue.vdb (Rogue.SpywareGuard) -> Quarantined and deleted successfully.
      C:\Program Files\Spyware Guard 2008\spywareguard.exe (Rogue.SpywareGuard) -> Quarantined and deleted successfully.
      C:\Program Files\Spyware Guard 2008\uninstall.exe (Rogue.SpywareGuard) -> Quarantined and deleted successfully.
      C:\Program Files\Spyware Guard 2008\vbase.vdb (Rogue.SpywareGuard) -> Quarantined and deleted successfully.
      C:\WINDOWS\sysexplorer.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\winscenter.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Administrateur\Local Settings\Temp\TDSSd106.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      C:\Documents and Settings\Administrateur\Local Settings\Temp\TDSSd116.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      C:\WINDOWS\reged.exe (Rogue.SpywareGuard) -> Quarantined and deleted successfully.
      C:\WINDOWS\spoolsystem.exe (Rogue.SpywareGuard) -> Quarantined and deleted successfully.
      C:\WINDOWS\sys.com (Rogue.SpywareGuard) -> Quarantined and deleted successfully.
      C:\WINDOWS\syscert.exe (Rogue.SpywareGuard) -> Quarantined and deleted successfully.
      C:\WINDOWS\vmreg.dll (Rogue.SpywareGuard) -> Quarantined and deleted successfully.
      C:\WINDOWS\Temp\BN1.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\WINDOWS\Temp\BN3.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\WINDOWS\Temp\BN5.tmp (Trojan.Agent) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Microsoft\Protect\svhost.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Microsoft\Protect\track.sys (Trojan.FakeAlert) -> Quarantined and deleted successfully.
      C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\xvwedfdoln.dll (Trojan.FakeAlert) -> Delete on reboot.
      C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\ieModule.dll (Trojan.FakeAlert) -> Delete on reboot.
      C:\Documents and Settings\All Users\Application Data\Microsoft\Internet Explorer\DLLs\moduleie.dll (Trojan.FakeAlert) -> Delete on reboot.
      C:\WINDOWS\system32\TDSSfpmp.dll (Rootkit.Agent) -> Quarantined and deleted successfully.
      C:\WINDOWS\system32\TDSStkdv.log (Trojan.TDSS) -> Quarantined and deleted successfully.





      Malwarebytes' Anti-Malware 1.31
      Version de la base de données: 1496
      Windows 5.1.2600 Service Pack 2

      19/12/2008 10:02:54
      mbam-log-2008-12-19 (10-02-54).txt

      Type de recherche: Examen rapide
      Eléments examinés: 1
      Temps écoulé: 0 second(s)

      Processus mémoire infecté(s): 0
      Module(s) mémoire infecté(s): 0
      Clé(s) du Registre infectée(s): 0
      Valeur(s) du Registre infectée(s): 0
      Elément(s) de données du Registre infecté(s): 0
      Dossier(s) infecté(s): 0
      Fichier(s) infecté(s): 0

      Processus mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Module(s) mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Clé(s) du Registre infectée(s):
      (Aucun élément nuisible détecté)

      Valeur(s) du Registre infectée(s):
      (Aucun élément nuisible détecté)

      Elément(s) de données du Registre infecté(s):
      (Aucun élément nuisible détecté)

      Dossier(s) infecté(s):
      (Aucun élément nuisible détecté)

      Fichier(s) infecté(s):
      (Aucun élément nuisible détecté)





      Malwarebytes' Anti-Malware 1.31
      Version de la base de données: 1496
      Windows 5.1.2600 Service Pack 2

      05/01/2009 19:08:48
      mbam-log-2009-01-05 (19-08-48).txt

      Type de recherche: Examen complet (C:\|D:\|E:\|)
      Eléments examinés: 109774
      Temps écoulé: 1 hour(s), 10 minute(s), 4 second(s)

      Processus mémoire infecté(s): 0
      Module(s) mémoire infecté(s): 0
      Clé(s) du Registre infectée(s): 0
      Valeur(s) du Registre infectée(s): 0
      Elément(s) de données du Registre infecté(s): 0
      Dossier(s) infecté(s): 0
      Fichier(s) infecté(s): 0

      Processus mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Module(s) mémoire infecté(s):
      (Aucun élément nuisible détecté)

      Clé(s) du Registre infectée(s):
      (Aucun élément nuisible détecté)

      Valeur(s) du Registre infectée(s):
      (Aucun élément nuisible détecté)

      Elément(s) de données du Registre infecté(s):
      (Aucun élément nuisible détecté)

      Dossier(s) infecté(s):
      (Aucun élément nuisible détecté)

      Fichier(s) infecté(s):
      (Aucun élément nuisible détecté)

      merci bien
      0
  2. Aide
     
    Ça peut servir pour la suite une fois que tu auras répondu awatef mahdhi ci-dessous (oui!) à lacharpente.

    Description de l'utilitaire Windows Installer CleanUp

    Téléchargez le package de l'utilitaire Windows Installer Cleanup maintenant.

    Ne serait-ce pas photo gallery de Hewlett-Packard pour les imprimantes HP ? ;))
    À vous suivre si j'y pense à venir et que je retrouve la page ...

    Bonjour (de 00h00mn00 à 23h59mn59) et merci
    0